Ejemplo n.º 1
0
 def get(self, login_id, key):
     session_user.add_message(
         'notice',
         "Please choose a new password to complete the reset request."
     )
     self.assign_form()
     self.render_template()
Ejemplo n.º 2
0
 def auth_post(self, action=None, objid=None, session_key=None):
     CrudBase.auth_post(self, action, objid, session_key)
     if self.action == self.DELETE:
         # prevent self-deletion
         if objid == session_user.id:
             session_user.add_message('error', 'You cannot delete your own user account')
             abort(403)
Ejemplo n.º 3
0
 def process_args(self):  # noqa
     had_strict_arg_failure = False
     for argname, processor, required, takes_list, list_item_invalidates, \
             strict, show_msg, custom_msg, pass_as in self._processors:
         is_invalid = False
         pass_as = pass_as or argname
         argval = self.calling_args.get(argname, None)
         try:
             if isinstance(argval, list):
                 if takes_list is False:
                     raise formencode.Invalid('multiple values not allowed', argval, None)
                 if takes_list is None:
                     self.calling_args[pass_as] = argval = argval[0]
             elif takes_list:
                 self.calling_args[pass_as] = argval = tolist(argval)
             if pass_as != argname:
                 # catches a couple cases where a replacement doesn't
                 # already happen above
                 self.calling_args[pass_as] = argval
                 # delete the old value if it exists
                 if argname in self.calling_args:
                     del self.calling_args[argname]
             if processor:
                 if takes_list:
                     processor = formencode.ForEach(processor)
                 try:
                     if required:
                         processor = formencode.All(formencode.validators.NotEmpty, processor)
                     processed_val = processor.to_python(argval)
                 except formencode.Invalid as e:
                     """ do a second round of processing for list values """
                     if not takes_list or not e.error_list or list_item_invalidates:
                         raise
                     """ only remove the bad values, keep the good ones """
                     new_list = []
                     for index, error in enumerate(e.error_list):
                         if error is None:
                             new_list.append(argval[index])
                     # revalidate for conversion and required
                     processed_val = processor.to_python(new_list)
                 self.calling_args[pass_as] = processed_val
         except formencode.Invalid as e:
             is_invalid = True
             if self.strict_args or strict:
                 had_strict_arg_failure = True
             self.invalid_arg_keys.append(argname)
             if show_msg:
                 invalid_msg = '%s: %s' % (argname, custom_msg or str(e))
                 user.add_message('error', invalid_msg)
         try:
             if is_invalid or self.calling_args[pass_as] is None or \
                     self.calling_args[pass_as] == '':
                 del self.calling_args[pass_as]
         except KeyError:
             pass
     if len(self.invalid_arg_keys) > 0:
         log.debug('%s had bad args: %s', self.__class__.__name__, self.invalid_arg_keys)
     if had_strict_arg_failure:
         raise BadRequest('strict arg failure w/ invalid keys: %s' % self.invalid_arg_keys)
Ejemplo n.º 4
0
 def process_args(self):  # noqa
     had_strict_arg_failure = False
     for argname, processor, required, takes_list, list_item_invalidates, \
             strict, show_msg, custom_msg, pass_as in self._processors:
         is_invalid = False
         pass_as = pass_as or argname
         argval = self.calling_args.get(argname, None)
         try:
             if isinstance(argval, list):
                 if takes_list is False:
                     raise formencode.Invalid('multiple values not allowed', argval, None)
                 if takes_list is None:
                     self.calling_args[pass_as] = argval = argval[0]
             elif takes_list:
                 self.calling_args[pass_as] = argval = tolist(argval)
             if pass_as != argname:
                 # catches a couple cases where a replacement doesn't
                 # already happen above
                 self.calling_args[pass_as] = argval
                 # delete the old value if it exists
                 if argname in self.calling_args:
                     del self.calling_args[argname]
             if processor:
                 if takes_list:
                     processor = formencode.ForEach(processor)
                 try:
                     if required:
                         processor = formencode.All(formencode.validators.NotEmpty, processor)
                     processed_val = processor.to_python(argval)
                 except formencode.Invalid as e:
                     """ do a second round of processing for list values """
                     if not takes_list or not e.error_list or list_item_invalidates:
                         raise
                     """ only remove the bad values, keep the good ones """
                     new_list = []
                     for index, error in enumerate(e.error_list):
                         if error is None:
                             new_list.append(argval[index])
                     # revalidate for conversion and required
                     processed_val = processor.to_python(new_list)
                 self.calling_args[pass_as] = processed_val
         except formencode.Invalid as e:
             is_invalid = True
             if self.strict_args or strict:
                 had_strict_arg_failure = True
             self.invalid_arg_keys.append(argname)
             if show_msg:
                 invalid_msg = '%s: %s' % (argname, custom_msg or str(e))
                 user.add_message('error', invalid_msg)
         try:
             if is_invalid or self.calling_args[pass_as] is None or \
                     self.calling_args[pass_as] == '':
                 del self.calling_args[pass_as]
         except KeyError:
             pass
     if len(self.invalid_arg_keys) > 0:
         log.debug('%s had bad args: %s', self.__class__.__name__, self.invalid_arg_keys)
     if had_strict_arg_failure:
         raise BadRequest('strict arg failure w/ invalid keys: %s' % self.invalid_arg_keys)
Ejemplo n.º 5
0
 def delete_record(self):
     try:
         CommonCrudBase.delete_record(self)
     except IntegrityError:
         session_user.add_message(
             'warning',
             'could not delete, the {0} is in use'.format(self.objname)
         )
         redirect(url_for(self.endpoint, action='manage', session_key=self.session_key))
Ejemplo n.º 6
0
 def form_on_valid(self):
     formvals = self.form.get_values()
     # assigned groups and permissions stay the same for profile submissions
     formvals['assigned_groups'] = self.objinst.group_ids
     formvals['approved_permissions'], formvals['denied_permissions'] = \
         self.objinst.assigned_permission_ids
     formvals['pass_reset_ok'] = False
     orm_User.edit(self.objid, **formvals)
     session_user.add_message('notice', 'profile updated succesfully')
Ejemplo n.º 7
0
 def send_email_notifications(self):
     if self.form.elements.email_notify.value:
         if self.action == self.ADD:
             email_sent = send_new_user_email(self.form_resulting_entity)
         elif self.form.elements.password.value:
             email_sent = send_change_password_email(self.form_resulting_entity)
         if (self.action == self.ADD or self.form.elements.password.value) and not email_sent:
             session_user.add_message(
                 'error',
                 'An error occurred while sending the user notification email.'
             )
Ejemplo n.º 8
0
    def post(self):
        if self.form.is_valid():
            orm_User.get(session_user.id).update_password(self.form.elements.password.value)
            session_user.reset_required = False
            session_user.add_message('notice', 'Your password has been changed successfully.')
            url = after_login_url() if rg.request.url == url_for('auth:ChangePassword') \
                else rg.request.url
            redirect(url)
        elif self.form.is_submitted():
            # form was submitted, but invalid
            self.form.assign_user_errors()

        self.default()
Ejemplo n.º 9
0
    def post(self, login_id, key):
        if self.form.is_valid():
            self.user.update_password(self.form.elements.password.value)
            session_user.add_message('notice', 'Your password has been reset successfully.')

            # at this point, the user has been verified, and we can setup the user
            # session and kill the reset
            load_session_user(self.user)
            self.user.kill_reset_key()

            # redirect as if this was a login
            url = after_login_url()
            redirect(url)
        elif self.form.is_submitted():
            # form was submitted, but invalid
            self.form.assign_user_errors()
        self.assign_form()
        self.render_template()
Ejemplo n.º 10
0
    def post(self):
        if self.form.is_valid():
            user = orm_User.validate(
                self.form.els.login_id.value,
                self.form.els.password.value
            )
            if user:
                if user.inactive:
                    session_user.add_message('error', 'That user is inactive.')
                else:
                    load_session_user(user)
                    log.application('user %s logged in; session id: %s; remote_ip: %s',
                                    user.login_id, rg.session.id, rg.request.remote_addr)
                    session_user.add_message('notice', 'You logged in successfully!')
                    if user.reset_required:
                        url = url_for('auth:ChangePassword')
                    else:
                        url = after_login_url()
                    redirect(url)
            else:
                log.application('user login failed; user login: %s; session id: %s; remote_ip: %s',
                                self.form.elements.login_id.value, rg.session.id,
                                rg.request.remote_addr)
                session_user.add_message('error', 'Login failed!  Please try again.')
        elif self.form.is_submitted():
            # form was submitted, but invalid
            self.form.assign_user_errors()

        self.default()
Ejemplo n.º 11
0
    def post(self):
        if self.form.is_valid():
            em_address = self.form.elements.email_address.value
            user_obj = orm_User.reset_password(em_address)
            if user_obj:
                if send_reset_password_email(user_obj):
                    session_user.add_message(
                        'notice',
                        'An email with a link to reset your password has been sent.'
                    )
                else:
                    session_user.add_message(
                        'error',
                        'An error occurred while sending the notification email. Your '
                        'password has not been reset.'
                    )
                url = current_url(root_only=True)
                redirect(url)
            else:
                session_user.add_message(
                    'error',
                    'Did not find a user with email address: %s' % em_address
                )
        elif self.form.is_submitted():
            # form was submitted, but invalid
            self.form.assign_user_errors()

        self.default()
Ejemplo n.º 12
0
    def post(self):
        if self.form.is_cancel():
            user.add_message('notice',
                             'form submission cancelled, data not changed')
            self.default()
        if self.form.is_valid():
            try:
                user.add_message('notice', 'form posted succesfully')
                self.assign('result', self.form.get_values())
                return
            except Exception as e:
                # if the form can't handle the exception, re-raise it
                if not self.form.handle_exception(e):
                    raise
        elif not self.form.is_submitted():
            # form was not submitted, nothing left to do
            return

        # form was either invalid or caught an exception, assign error
        # messages
        self.form.assign_user_errors()
        self.default()
Ejemplo n.º 13
0
 def form_on_cancel(self):
     session_user.add_message('notice', 'no changes made to your profile')
     redirect(current_url(root_only=True))
Ejemplo n.º 14
0
 def default(self):
     user.add_message('notice', 'hi')
     self.render_json({'foo1': 'bar'}, add_user_messages=False)
Ejemplo n.º 15
0
 def default(self):
     user.add_message('test', 'my message')
Ejemplo n.º 16
0
 def default(self):
     user.add_message('notice', 'hi')
     self.render_json({'foo1': 'bar'}, add_user_messages=False)
Ejemplo n.º 17
0
 def abort(self, msg='invalid reset request'):
     session_user.add_message('error', '%s, use the form below to resend reset link' % msg)
     url = url_for('auth:LostPassword')
     redirect(url)
Ejemplo n.º 18
0
 def flash_message(self, category, message):
     user.add_message(category, message)
Ejemplo n.º 19
0
 def flash_message(self, category, message):
     user.add_message(category, message)