def identity_loader_session():
"""Load the identity from the session."""
try:
identity = Identity(
session['identity.id'], session['identity.auth_type'])
if current_app.config.get('ENABLE_SUPERPOWERS_FOR_EVERYONE', False):
egroups = get_egroups_roles_relations()
identity.provides = set(egroups['data-preservation-admins'])
else:
identity.provides = session['identity.provides']
return identity
except KeyError:
return None
def reset_password():
"""GET /reset-password: choose new password
"""
# get password-reset entry
f = (PasswordResetRequest.key == request.args.get('key'),
User.email == request.args.get('email'))
r = PasswordResetRequest.query.filter(*f).first()
# return error response if link doesn't exist or wrong email
if r == None or r.user.email != request.args['email']:
return render_template('/auth/reset-password-error.html'), 400
# expired if older than 1 day
delta = datetime.datetime.utcnow() - r.create_ts
if delta.days > 0:
db.session.delete(r)
db.session.flush()
return render_template('/auth/reset-password-error.html'), 400
# handle form
form = ResetPasswordForm()
if form.validate_on_submit():
# save new password
u = r.user
u.password = generate_password_hash(form.password.data)
db.session.add(u)
# login user
login_user(u, remember=True)
identity_changed.send(current_app._get_current_object(),
identity=Identity(u.id))
# delete password reset
db.session.delete(r)
db.session.flush()
return render_template('/auth/reset-password-followup.html')
return render_template('/auth/reset-password.html', form=form)
def post(self):
arg = self.parser.parse_args()
user = User_model.query.filter_by(username=arg.ID).first()
error = None
if user is None:
error = 'ID is not exist.'
elif not check_password_hash(user.password, arg.pwd):
error = 'Incorrect password.'
if error is None:
identity_changed.send(current_app._get_current_object(), identity=Identity(user.id))
login_user(user)
return {"msg": error,
"user": {
"username": user.username,
"name": user.name
}}
return {
"msg": error,
"user": None
}
def login():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
user = User.query.filter_by(user_name=username,
user_pass=password).one_or_none()
if username == '':
flash('请输入用户名')
return render_template('login.html')
elif password == '':
flash('请输入密码')
return render_template('login.html')
elif user is not None:
login_user(user, remember=True)
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.user_id))
return redirect(url_for('pagecs'))
else:
flash('用户名或密码不正确')
return render_template('login.html')
db.session.close()
return render_template('login.html')
def login():
# login page
if current_user.is_authenticated:
return redirect(url_for('auth.account'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is None or not user.check_password(form.password.data):
flash('Invalid username or password', 'warning')
return redirect(url_for('auth.login'))
flash('Successful login.', 'info')
login_user(user, remember=form.remember_me.data)
next = request.args.get('next')
if not is_safe_url(next):
return abort(400)
if user.role == 'admin':
identity_changed.send(
current_app._get_current_object(),
identity=Identity(user.id)
)
return redirect(next or url_for('main.index'))
return render_template('auth/login.html', title='Sign In', form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('start_page'))
form = LoginForm()
if form.validate_on_submit():
print('name: {}, password: {}, remember me: {}'.format(
form.username.data, form.password.data, form.remember_me.data))
user = Person.nodes.get_or_none(name=form.username.data)
if user is None or not user.check_password(form.password.data):
flash('Неправильный логин или пароль!!!')
return redirect(url_for('login'))
login_user(user, form.remember_me.data)
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
next_page = request.args.get('next')
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for('start_page')
return redirect(next_page)
return render_template('login.html', title='Sign In', form=form)
def create_account():
"""GET|POST /create-account: create account form handler
"""
form = CreateAccountForm()
if form.validate_on_submit():
# add user to database
u = User(email=form.email.data,
password=generate_password_hash(form.password.data))
db.session.add(u)
db.session.flush()
# send verification email
send_verification_email(u)
# login user
login_user(u, remember=True)
identity_changed.send(current_app._get_current_object(),
identity=Identity(u.id))
return redirect(request.args.get('next') or url_for('content.home'))
return render_template('/auth/create-account.html', form=form)
def process_login(username, password, remember=False, flash_=True):
try:
user = User.objects().get(username=username, deleted=None)
if not user.check_password(password):
raise InvalidLoginError()
except (User.DoesNotExist, InvalidLoginError):
login = Login()
login.visitor = g.visitor
login.username = username
login.successful = False
login.save()
if flash_:
flash('Login information incorrect', 'error')
return False
login_user(user, remember=remember)
identity_changed.send(current_app._get_current_object(),
identity=Identity(str(user.id)))
login = Login()
login.visitor = g.visitor
login.user = user
login.successful = True
login.save()
user.sessions.append(login)
user.save()
current_app.logger.info('User login successful: %s - Log: %s' %
(user.id, login.id))
if flash_:
flash('Login successful! Welcome, %s!' % user, 'success')
return True
def login():
if current_user.is_authenticated:
return redirect(url_for('user.index'))
form = LoginForm()
if form.validate_on_submit():
number = form.number.data
password = form.password.data
remember = form.remember.data
user = User.query.filter(User.number == number).first()
if user:
if number == user.number and user.validate_password(password):
login_user(user, remember)
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
flash('登录成功', 'success')
return redirect(
request.args.get('next') or url_for('user.index'))
flash('密码错误', 'warning')
return redirect(url_for('.login'))
flash('用户名错误', 'warning')
return redirect(url_for('.login'))
return render_template('auth/login.html', form=form)
def login_user(user, remember=None):
"""Perform the login routine.
If *SECURITY_TRACKABLE* is used, make sure you commit changes after this
request (i.e. ``app.security.datastore.commit()``).
:param user: The user to login
:param remember: Flag specifying if the remember cookie should be set.
Defaults to ``False``
"""
if remember is None:
remember = config_value("DEFAULT_REMEMBER_ME")
if not _login_user(user, remember): # pragma: no cover
return False
if _security.trackable:
remote_addr = request.remote_addr or None # make sure it is None
old_current_login, new_current_login = (
user.current_login_at,
_security.datetime_factory(),
)
old_current_ip, new_current_ip = user.current_login_ip, remote_addr
user.last_login_at = old_current_login or new_current_login
user.current_login_at = new_current_login
user.last_login_ip = old_current_ip
user.current_login_ip = new_current_ip
user.login_count = user.login_count + 1 if user.login_count else 1
_datastore.put(user)
session["fs_cc"] = "set"
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
return True
def login():
""" """
if current_user.is_authenticated:
return redirect(url_for('home'))
form = LoginForm()
# Validate Login
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
# Login and validate the user.
if user is not None and user.password is not None \
and user.verify_password(form.password.data):
login_user(user, remember=False)
current_user.authenticated = True
current_user.logged_in = True
session['user_id'] = current_user.id
# Tell Flask-Principal the identity changed
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
# update the database
db.session.add(current_user)
db.session.commit()
flash('Logged in successfully.')
# if user is a user direct to userdashboard
if current_user.has_roles("user"):
return redirect(url_for('user_dashboard', user=current_user))
# if user is a driver direct to driver dashboard
if current_user.has_roles("driver"):
return redirect(
url_for('driver_dashboard', driver=current_user))
else:
flash('Invalid username or passowrd')
return redirect(url_for('login'))
return render_template('login.html', title='Sign In', form=form)
def user_signin(user=None):
form = LoginForm(request.form)
if not current_user.is_anonymous:
if form.type.data == 'json':
return jsonify({'result': 'error', 'message': 'Already logged!'})
return render_template(
'user/logout.html',
title='Logout',
name=current_user.name,
next=url_for('user_signin'),
)
if request.method == 'POST':
if form.validate():
login_user(form.user, remember=form.remember.data)
identity_changed.send(app, identity=Identity(form.user.id))
if form.type.data == 'json':
return jsonify({'result': 'ok'})
flash('Successfully logged in as {0}'.format(form.user.name))
return redirect(get_next())
else:
if form.type.data == 'json':
return jsonify({
'result': 'error',
'message': 'Invalid email or password!'
})
return render_template(
'user/signin.html',
title='Sign in',
form=form,
next=get_next(),
)
def conduct_call(
client,
resource,
url_for,
method,
params,
body=None,
expected_code=200,
headers=None,
raw_body=None,
):
""" Conducts a call to a Flask endpoint. """
params = add_csrf_param(client, params)
final_url = url_for(resource, **params)
headers = headers or {}
headers.update({"Content-Type": "application/json"})
if body is not None:
body = json.dumps(body)
if raw_body is not None:
body = raw_body
# Required for anonymous calls to not exception.
g.identity = Identity(None, "none")
rv = client.open(final_url, method=method, data=body, headers=headers)
msg = "%s %s: got %s expected: %s | %s" % (
method,
final_url,
rv.status_code,
expected_code,
rv.data,
)
assert rv.status_code == expected_code, msg
return rv
def login():
form = LoginForm()
if current_user.is_authenticated:
return redirect('/admin')
if request.method == 'POST':
# print(form.validate_on_submit())
# print(bcrypt.generate_password_hash(p).decode('utf-8'))
if form.validate_on_submit():
u = form.username.data
p = form.password.data
# user = User.query.filter(User.username==u,User.password==p)
user = User.query.filter_by(username=form.username.data).one()
login_user(user, remember=form.remember.data)
m = identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
# print(u,p,m)
flash('Logged in successfully')
# next = request.args.get('next')
# if not is_safe_url(next):
# return abort(400)
# return redirect(next or url_for('index'))
return redirect('/admin')
return render_template('admin/login.html', form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('index'))
form = LoginForm()
# Check the form data
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is None or not user.check_password(form.password.data):
flash('Invalid username or password')
# log information
app.logger.info('"%s" logged in failed', form.username.data)
return redirect(url_for('login'))
identity_changed.send(current_app._get_current_object(), identity=Identity(user.id))
login_user(user, remember=form.remember_me.data)
#log information
app.logger.info('"%s" logged in successfully', user.username)
next_page = request.args.get('next')
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for('index')
return redirect(next_page)
return render_template('user/login.html',title='Login',form=form)
def login():
# A hypothetical login form that uses Flask-WTF
form = LoginForm()
# Validate form input
if form.validate_on_submit():
# Retrieve the user from the hypothetical datastore
user = User.query.filter_by(login=form.login.data).first()
# Compare passwords (use password hashing production)
if form.password.data == user.password:
# Keep the user info in the session using Flask-Login
login_user(user)
# Tell Flask-Principal the identity changed
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
return redirect(request.args.get('next') or '/')
return render_template('authorization/login.html',
form=form,
current_user=current_user)
def login():
# A hypothetical login form that uses Flask-WTF
# form = LoginForm()
# Validate form input
if request.method == 'POST':
username = request.form.get('user_id')
password = request.form.get('user_password')
#if form.validate_on_submit():
# Retrieve the user from the hypothetical datastore
user = UserDao.get_user(username)
# Compare passwords (use password hashing production)
if password == user.password:
# Keep the user info in the session using Flask-Login
login_user(user)
# Tell Flask-Principal the identity changed
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
return redirect(url_for('auth.protected'))
return '''''
def register_admin():
form = RegisterAdminForm()
if form.validate_on_submit():
number = form.number.data
name = form.name.data
dept_id = form.dept_id.data
role_id = form.role_id.data
phone = form.phone.data
password = form.password.data
user = User(number=number,
name=name,
dept_id=dept_id,
role_id=role_id,
phone=phone)
user.set_password(password)
db.session.add(user)
db.session.commit()
login_user(user)
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
flash('注册成功,已登录', 'success')
return redirect(url_for('user.index'))
return render_template('auth/register_admin.html', form=form)
def login():
'''
超级用户登录界面
'''
form = SuperLoginForm()
# 验证输入的信息
if form.validate_on_submit():
try:
user = models.User.objects.get(username=form.username.data)
except models.User.DoesNotExist:
user = None
if user and user.verify_password(form.password.data):
if user.role == 'super_admin':
login_user(user)
user.last_login_time = datetime.datetime.now
user.save()
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.username))
return redirect(url_for('super_admin.device'))
else:
flash('该账号为普通账号,请从普通管理员入口登录!', 'warning')
flash('用户名或密码错误', 'danger')
return render_template('super_admin/login.html', form=form)
def verifica_user():
user_json = session['barzinga_user']
user = User.query().filter(User.email == user_json["email"]).get()
if not user:
# user = User(name = user_json['name'], email=user_json['email'], photo_url=user_json['picture'], money=0.0, admin=False, rfid=str(''))
user = User(name = '', email=user_json['email'], photo_url=user_json['picture'], money=0.0, admin=False, rfid=str(''))
user.put()
user_document = search.Document(
fields=[
search.TextField(name='name', value=user.name),
search.TextField(name='email', value=user.email)
])
search.Index(name='user').put(user_document)
elif not user.photo_url:
user.photo_url = user_json['picture']
user.put()
identity = Identity(user.key.id())
identity_changed.send(current_app._get_current_object(), identity=identity)
def post(self):
parser = reqparse.RequestParser()
parser.add_argument('login', type=str)
parser.add_argument('password', type=str)
parser.add_argument('totp', type=str)
# OR
parser.add_argument('api_key', type=str)
args = parser.parse_args()
if not (args.get('login') or args.get('api_key')):
abort(400, "Must provide login or api key")
# let sigil take care of the other error handling,
# just relay the message to the user
user = request_authentication(args.get('login'), args.get('password'),
args.get('totp'), args.get('api_key'))
if user.get('username'):
login = user['username']
login_user(User(login, user['provides']))
session['provides'] = user['provides']
identity_changed.send(current_app._get_current_object(),
identity=Identity(login))
return ("success", 200)
abort(401, "Could not log in")
def login():
if current_user.is_authenticated:
return redirect(url_for('public.index'))
form = LoginForm()
if form.validate_on_submit():
# get by email valida
user = User.get_by_email(form.email.data)
if user is not None and user.check_password(form.password.data):
# funcion provista por Flask-Login, el segundo parametro gestiona el "recordar"
login_user(user, remember=form.remember_me.data)
next_page = request.args.get('next', None)
if not next_page:
next_page = url_for('public.index')
app_actual = current_app._get_current_object()
identity_changed.send(app_actual, identity=Identity(user.id))
return redirect(url_for('public.index'))
else:
flash('Usuario o contraseña inválido')
return redirect(url_for('auth.login'))
# no logueado, dibujamos el login con el form vacio
return render_template('login.html', form=form)
def post(self):
if request.form.get('login_github'):
session['oauth_callback_type'] = 'login'
return github_auth.github_auth()
# return 'login_github'
form = forms.LoginForm(obj=request.form)
if form.validate():
try:
user = models.User.objects.get(username=form.username.data)
except models.User.DoesNotExist:
user = None
if user and user.verify_password(form.password.data):
login_user(user, form.remember_me.data)
user.last_login = datetime.datetime.now
user.save()
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.username))
return redirect(
request.args.get('next') or url_for('main.index'))
flash('Invalid username or password', 'danger')
return self.get(form=form)
def register():
form = RegistrationForm()
if form.validate_on_submit():
# Register an existing guest user # TODO: What about a registered user visiting the registration form?
if current_user.is_authenticated:
current_user.username = form.username.data
current_user.email = form.email.data
current_user.password = form.password.data
current_user.follow(current_user)
current_user.save()
send_confirmation_email()
return redirect(url_for('dashboard.dashboard'))
# Register a new user
else:
user = User(
email=form.email.data,
username=form.username.data,
password=form.password.data,
).save()
user.follow(user)
login_user(user.seen())
# Flask-Principal: Create an Identity object and signal that the identity has changed,
# which triggers on_identify_changed() and on_identify_loaded(). Identity() takes a unique ID.
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
return redirect(url_for('dashboard.dashboard'))
return render_template(
'auth/register.html',
title="Register",
form=form,
)
def login_user(user, remember=None):
"""Performs the login routine.
:param user: The user to login
:param remember: Flag specifying if the remember cookie should be set. Defaults to ``False``
"""
if remember is None:
remember = config_value('DEFAULT_REMEMBER_ME')
if not _login_user(user, remember): # pragma: no cover
create_login_log(user, 0)
return False
if _security.trackable:
if 'X-Forwarded-For' in request.headers:
remote_addr = request.headers.getlist(
"X-Forwarded-For")[0].rpartition(' ')[-1]
else:
remote_addr = request.remote_addr or 'untrackable'
old_current_login, new_current_login = user.current_login_at, datetime.utcnow(
)
old_current_ip, new_current_ip = user.current_login_ip, remote_addr
user.last_login_at = old_current_login or new_current_login
user.current_login_at = new_current_login
user.last_login_ip = old_current_ip or new_current_ip
user.current_login_ip = new_current_ip
user.login_count = user.login_count + 1 if user.login_count else 1
_datastore.put(user)
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
create_login_log(user, 1)
return True
def post(self):
self.reqparse.add_argument('clientId', type=str, required=True, location='json')
self.reqparse.add_argument('redirectUri', type=str, required=True, location='json')
self.reqparse.add_argument('code', type=str, required=True, location='json')
args = self.reqparse.parse_args()
# you can either discover these dynamically or simply configure them
access_token_url = current_app.config.get('PING_ACCESS_TOKEN_URL')
user_api_url = current_app.config.get('PING_USER_API_URL')
secret = current_app.config.get('PING_SECRET')
id_token, access_token = exchange_for_access_token(
args['code'],
args['redirectUri'],
args['clientId'],
secret,
access_token_url=access_token_url
)
jwks_url = current_app.config.get('PING_JWKS_URL')
validate_id_token(id_token, args['clientId'], jwks_url)
user, profile = retrieve_user(user_api_url, access_token)
roles = create_user_roles(profile)
update_user(user, profile, roles)
if not user.active:
metrics.send('login', 'counter', 1, metric_tags={'status': FAILURE_METRIC_STATUS})
return dict(message='The supplied credentials are invalid'), 403
# Tell Flask-Principal the identity changed
identity_changed.send(current_app._get_current_object(), identity=Identity(user.id))
metrics.send('login', 'counter', 1, metric_tags={'status': SUCCESS_METRIC_STATUS})
return dict(token=create_token(user))
def signup():
title = "SignUp"
next_url = request.args.get("next") or url_for(".index")
form = SignUpForm()
if form.validate_on_submit():
data = form.data
user = UserService.create(**data)
if user is not None:
login_user(user, remember=True, force=True) # This is necessary to remember the user
identity_changed.send(app, identity=Identity(user.id))
# include the username and api_token in the session
# logger.info(next_url)
resp = redirect(next_url)
# Transfer auth token to the frontend for use with api requests
# __xcred = base64.b64encode("%s:%s" % (user.id, user.get_auth_token()))
key = "%s:%s" % (user.id, user.get_auth_token())
__xcred = base64.b64encode(key.encode())
resp.set_cookie("__xcred", __xcred)
resp.set_cookie("current_user_id", value=str(user.id))
session.permanent = True
flash("Signup Successful. Welcome to Feature Request App", "Welcome!")
return resp
else:
login_error = "The username or password is invalid"
return render_template("main/signup.html", **locals())
def login():
"""Login route"""
class LoginForm(Form):
"""Login form"""
username = StringField('Username', validators=[validators.required()])
password = PasswordField('Password',
validators=[validators.required()])
form = LoginForm()
# Validate form
if form.validate_on_submit():
username = request.form['username']
password = request.form['password']
# Attempt login via api
try:
user_dict = current_app.users_api.login(username=username, \
password=password, response=True)
except ReceivedErrorResponse as e:
logger.warning('Invalid username or password')
flash('Invalid username or password')
except Exception as e:
logger.error(str(e))
flash('Sorry, but you could not log in')
else:
user = User(user_dict['id'], username, user_dict['roles'])
if login_user(user, remember=True):
# Flask-Principal
identity_changed.send(current_app._get_current_object(), \
identity=Identity(user.user_id))
# Redirect
logger.info('Logged in as %s', username)
flash('Logged in as %s' % username)
return redirect(request.args.get('next') or url_for('home'))
else:
logger.error('Sorry but you could not log in')
flash('Sorry, but you could not log in')
return render_template('login.html', url=url_for('.login'), form=form)
def login_user(user, **kwargs):
"""Perform the login routine.
If SECURITY_TRACKABLE is used, make sure you commit changes after this
request (i.e. ``app.security.datastore.commit()``).
:param user: The user to login
"""
if 'remember' in kwargs:
warnings.warn(
"Remember me support has been removed.",
DeprecationWarning
)
if not _login_user(user, False): # pragma: no cover
return False
if _security.trackable:
remote_addr = request.remote_addr or None # make sure it is None
old_current_login, new_current_login = (
user.current_login_at, _security.datetime_factory()
)
old_current_ip, new_current_ip = user.current_login_ip, remote_addr
user.last_login_at = old_current_login or new_current_login
user.current_login_at = new_current_login
user.last_login_ip = old_current_ip
user.current_login_ip = new_current_ip
user.login_count = user.login_count + 1 if user.login_count else 1
_datastore.put(user)
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
return True
def load_vocabulary(source, filename):
"""Load vocabulary items from a vocabulary source."""
assert source == "json"
records = []
identity = Identity(1)
identity.provides.add(any_user)
service = VocabulariesService()
with open(filename) as json_file:
json_array = json.load(json_file)
assert len(json_array) > 0
vocabulary_type_name = json_array[0]["type"]
vocabulary_type = VocabularyType(name=vocabulary_type_name)
db.session.add(vocabulary_type)
db.session.commit()
with click.progressbar(json_array) as bar:
for item_data in bar:
# ensure each item is of the same type
assert item_data["type"] == vocabulary_type_name
copied_data = {}
for key in item_data:
value = item_data[key]
if key != "type" and key != "id" and value is not None:
copied_data[key] = value
vocabulary_item_record = service.create(
identity=identity,
data={
"metadata": copied_data,
"vocabulary_type_id": vocabulary_type.id,
},
)
records.append(vocabulary_item_record)
return records
def post(self):
if "aad" not in current_app.config.get("ACTIVE_PROVIDERS"):
return "AzureAD is not enabled in the config. See the ACTIVE_PROVIDERS section.", 404
default_state = 'clientId,{client_id},redirectUri,{redirectUri},return_to,{return_to}'.format(
client_id=current_app.config.get('AAD_CLIENT_ID'),
redirectUri=current_app.config.get('AAD_REDIRECT_URI'),
return_to=current_app.config.get('WEB_PATH')
)
self.reqparse.add_argument('code', type=str, required=True)
self.reqparse.add_argument('id_token', type=str, required=True)
self.reqparse.add_argument('state', type=str, required=False, default=default_state)
args = self.reqparse.parse_args()
client_id = args['state'].split(',')[1]
redirect_uri = args['state'].split(',')[3]
return_to = args['state'].split(',')[5]
id_token = args['id_token']
if not validate_redirect_url(return_to):
return_to = current_app.config.get('WEB_PATH')
# fetch token public key
jwks_url = current_app.config.get('AAD_JWKS_URL')
# Validate id_token and extract username (email)
username = self.validate_id_token(id_token, client_id, jwks_url)
user = setup_user(username, '', current_app.config.get('AAD_DEFAULT_ROLE', 'View'))
# Tell Flask-Principal the identity changed
identity_changed.send(current_app._get_current_object(), identity=Identity(user.id))
login_user(user)
db.session.commit()
db.session.refresh(user)
return redirect(return_to, code=302)
def __init__(self): Identity.__init__(self, "dummy")
