def create_user(): form = CreateUserForm() if form.validate_on_submit(): user = User(form.data['email'], form.data['password']) user.realname = form.data['realname'] user.florlp_name = form.data['florlp_name'] user.type = form.data.get('type') user.street = form.data['street'] user.housenumber = form.data['housenumber'] user.zipcode = form.data['zipcode'] user.city = form.data['city'] if not form.data['verified']: verify = EmailVerification.verify(user) db.session.add(verify) send_mail( _("Email verification mail subject"), render_template("user/verify_mail.txt", user=user, verify=verify, _external=True), [user.email] ) else: user.verified = True if form.data['activate']: user.active = True db.session.add(user) db.session.commit() init_user_boxes(user, current_app.config.get('COUCH_DB_URL')) flash(_('User created', email=user.email), 'success') return redirect(url_for('admin.user_list')) return render_template('admin/create_user.html', form=form)
def copy_file(box_name, id, rev, user_id): user = current_user if user_id == str(current_user.id): user_id = None else: if not current_user.is_consultant: raise Forbidden() user = User.by_id(user_id) filename = request.form.get('filename', False) if (not filename): flash(_("copy not possible"), 'error') return redirect( url_for("boxes.files", box_name=box_name, user_id=user_id)) customer_id = request.form.get('boxes', False) if customer_id: customer = User.by_id(customer_id) user = current_user couch_box = get_couch_box_db(user, 'file') target_box_name = get_couch_box_db(customer, 'download') else: customer = current_user user = User.by_id(user_id) couch_box = get_couch_box_db(user, 'upload') target_box_name = get_couch_box_db(customer, 'file') user_couch = CouchFileBox(current_app.config.get('COUCH_DB_URL'), couch_box) user_couch.copy(id, filename, target_box_name=target_box_name) flash(_("file copied"), 'success') return redirect(url_for("boxes.files", box_name=box_name, user_id=user_id))
def copy_file(box_name, id, rev, user_id): user = current_user if user_id == str(current_user.id): user_id = None else: if not current_user.is_consultant: raise Forbidden() user = User.by_id(user_id) filename = request.form.get('filename', False) if (not filename): flash(_("copy not possible"), 'error') return redirect(url_for("boxes.files", box_name=box_name, user_id=user_id)) customer_id = request.form.get('boxes', False) if customer_id: customer = User.by_id(customer_id) user = current_user couch_box = get_couch_box_db(user, 'file') target_box_name = get_couch_box_db(customer, 'download') else: customer = current_user user = User.by_id(user_id) couch_box = get_couch_box_db(user, 'upload') target_box_name = get_couch_box_db(customer, 'file') user_couch = CouchFileBox(current_app.config.get('COUCH_DB_URL'), couch_box) user_couch.copy(id, filename, target_box_name=target_box_name) flash(_("file copied"), 'success') return redirect(url_for("boxes.files", box_name=box_name, user_id=user_id))
def new(): form = NewUserForm() form.federal_state.choices = [] form.federal_state.choices.append(('', _('Please select'))) for state in current_app.config['FEDERAL_STATES']: form.federal_state.choices.append(state) form.title.choices = current_app.config['SALUTATIONS'] form.type.choices = [] # add choice wich account types are possible if current_app.config['FEATURE_CUSTOMER_USERS']: form.type.choices.append((User.Type.CUSTOMER, _('customer'))) if current_app.config['FEATURE_CONSULTANT_USERS']: form.type.choices.append((User.Type.CONSULTANT, _('consultant'))) form.type.choices.append((User.Type.SERVICE_PROVIDER, _('service_provider'))) if form.validate_on_submit(): user = User(form.data['email'], form.data['password']) user.set_user_data(form.data) user.type = form.data.get('type') # no use type will be active automatically all must be activated by an admin user.active = False # send verifycation mail to check user email verify = EmailVerification.verify(user) db.session.add(user) db.session.add(verify) db.session.commit() send_mail( _("Email verification mail subject"), render_template( "user/verify_mail.txt", user=user, verify=verify, _external=True ), [user.email] ) couch_url = current_app.config.get('COUCH_DB_URL') if user.is_service_provider or user.is_customer: # create couch document and area boxes # and initialize security init_user_boxes(user, couch_url) return redirect(url_for(".verify_wait", id=user.id)) return render_template( "user/new.html", form=form, customer_id=User.Type.CUSTOMER, service_provider_id=User.Type.SERVICE_PROVIDER, )
def new(): form = NewUserForm() if form.validate_on_submit(): florlp_session = False user_type = form.data['type'] layers = [(current_app.config.get('USER_READONLY_LAYER'), current_app.config['USER_READONLY_LAYER_TITLE']), (current_app.config.get('USER_WORKON_LAYER'), current_app.config['USER_WORKON_LAYER_TITLE'])] if user_type == User.Type.CUSTOMER: try: florlp_session = create_florlp_session(form.data['florlp_name'], form.data['florlp_password']) except FLOrlpUnauthenticated: flash(_('Invalid florlp username/password'), 'error') return render_template("user/new.html", form=form) user = User(form.data['email'], form.data['password']) user.realname = form.data['realname'] user.florlp_name = form.data['florlp_name'] user.type = form.data.get('type') user.street = form.data['street'] user.housenumber = form.data['housenumber'] user.zipcode = form.data['zipcode'] user.city = form.data['city'] user.active = user_type == User.Type.CUSTOMER verify = EmailVerification.verify(user) db.session.add(user) db.session.add(verify) db.session.commit() send_mail( _("Email verification mail subject"), render_template("user/verify_mail.txt", user=user, verify=verify, _external=True), [user.email] ) couch_url = current_app.config.get('COUCH_DB_URL') if user.is_service_provider or user.is_customer: # create couch document and area boxes # and initialize security init_user_boxes(user, couch_url) if florlp_session: couch = CouchDBBox(couch_url, '%s_%s' % (SystemConfig.AREA_BOX_NAME, user.id)) try: schema, feature_collection = latest_flursteuck_features(florlp_session) finally: remove_florlp_session(florlp_session) feature_collection = transform_geojson(from_srs=current_app.config.get('FLORLP_SHP_SRS'), to_srs=3857, geojson=feature_collection) for layer, title in layers: couch.store_layer_schema(layer, schema, title=title) couch.store_features(layer, feature_collection['features']) if user.is_service_provider: couch = CouchDBBox(couch_url, '%s_%s' % (SystemConfig.AREA_BOX_NAME, user.id)) couch.store_layer_schema(current_app.config['USER_WORKON_LAYER'], florlp.base_schema(), title=current_app.config['USER_WORKON_LAYER_TITLE']) return redirect(url_for(".verify_wait", id=user.id)) return render_template("user/new.html", form=form, customer_id=User.Type.CUSTOMER)
def check_auth(username, password): user = User.by_email(username) if user and user.check_password(password) and user.active: g.user = user return True else: return False
def files(box_name, user_id=None): form = UploadForm() user = current_user if user_id: if not current_user.is_consultant: raise Forbidden() user = User.by_id(user_id) couch_box = get_couch_box_db(user, box_name) couch = CouchFileBox(current_app.config.get('COUCH_DB_URL'), couch_box) if form.validate_on_submit(): file = request.files['file'] overwrite = True if request.form.get('overwrite') == 'true' else False if file: data = get_file_information(file) if data: couch.store_file(data, overwrite=overwrite) flash(_('upload success'), 'success') else: flash(_('file type not allowed'), 'error') files = couch.all_files() for f in files: f['download_link'] = couchid_to_authproxy_url(f['id'], couch_box=couch_box) return render_template("boxes/%s.html" % box_name, form=form, user=user, files=files, box_name=box_name, user_id=user_id)
def search(self, query, user_token): from gbi_server.model import User user = User.by_authproxy_token(user_token) if not user: raise exceptions.Unauthorized() coverage = self.limiter.coverage(user_token) if not coverage: current_app.logger.debug("found no coverage user=%s query=%s", user, request.url) return None query.intersection(coverage, 3857) # query.ids(['072578-040-00042/000']) # f.near((7.88475, 49.859677), 4326, dist=500) # q = sql.select([parcel_table]).where(parcel_table.c.number == cleanup_id('072578-040-00042/000')) features = [] query.limit(1000) sub = query.as_sa() q = sql.select([sub.c.identifier, sql.func.st_astext(sql.func.st_transform(sub.c.geometry, '3857')).label('geometry')]) with self.engine.connect() as conn: for r in conn.execute(q): features.append({ "type": "Feature", "properties": { "id": r.identifier, }, "geometry": mapping(shapely.wkt.loads(r.geometry)), }) return features
def create(self, user_token, layer): from gbi_server.model import User user = User.by_authproxy_token(user_token) if not user: raise InvalidUserToken() result = db.session.query(WMTS, WMTS.view_coverage.transform(3857).wkt()).filter_by(name=layer).first() if result: wmts, view_coverage = result if wmts and wmts.is_public: return wkt.loads(view_coverage) if user.is_customer: couch_url = self.couchdb_url couchdb = CouchDBBox(couch_url, '%s_%s' % (SystemConfig.AREA_BOX_NAME, user.id)) geom = couchdb.layer_extent(self.geometry_layer) return optimize_geometry(geom) if geom else None elif user.is_service_provider: couch_url = self.couchdb_url couchdb = CouchDBBox(couch_url, '%s_%s' % (SystemConfig.AREA_BOX_NAME, user.id)) geom = couchdb.layer_extent() return optimize_geometry(geom) if geom else None elif user.is_admin or user.is_consultant: # permit access to everything return box(-20037508.3428, -20037508.3428, 20037508.3428, 20037508.3428) return None
def files(box_name, user_id=None): form = UploadForm() copy_form = CopyFileForm() user = current_user if user_id: if not current_user.is_consultant: raise Forbidden() user = User.by_id(user_id) couch_box = get_couch_box_db(user, box_name) couch = CouchFileBox(current_app.config.get('COUCH_DB_URL'), couch_box) if form.validate_on_submit(): file = request.files['file'] overwrite = True if request.form.get('overwrite') == 'true' else False if file: data = get_file_information(file) if data: couch.store_file(data, overwrite=overwrite) flash(_('upload success'), 'success') else: flash(_('file type not allowed'), 'error') files = couch.all_files() for f in files: f['download_link'] = couchid_to_authproxy_url(f['id'], couch_box=couch_box) return render_template("boxes/%s.html" % box_name, form=form, copy_form=copy_form, user=user, files=files, box_name=box_name, user_id=user_id)
def reset_user_password(user_id): user = User.by_id(user_id) form = RecoverSetForm() if form.validate_on_submit(): user.update_password(form.password.data) db.session.commit() flash(_('Password reset', username=user.email), 'success') return render_template('admin/reset_user_password.html', form=form, user=user)
def update_download_coverage(user_token): user = User.by_authproxy_token(user_token) if not user: json_abort(401, 'unknown user token') signals.features_updated.send(user) return jsonify({'sucess': True})
def reset_user_password(id): form = RecoverSetForm() if form.validate_on_submit(): user = User.by_id(id) user.update_password(form.password.data) db.session.commit() flash( _('Password reset', username=user.realname), 'success') return redirect(url_for('admin.user_detail', id=id)) return render_template('admin/reset_user_password.html', form=form)
def remove_user(id): user = User.by_id(id) if request.method == 'POST': email = user.email db.session.delete(user) db.session.commit() flash( _('User removed', username=email), "success") return redirect(url_for('admin.user_list')) return render_template('admin/remove_user.html', user=user)
def edit_user(user_id): user = User.by_id(user_id) form = EditAddressForm(request.form, user) form.federal_state.choices = current_app.config['FEDERAL_STATES'] form.title.choices = current_app.config['SALUTATIONS'] if form.validate_on_submit(): user.set_user_data(form.data) db.session.commit() flash(_('User edited', username=user.email), 'success') return render_template('admin/edit_user.html', form=form, user=user)
def search_log_from_features(token, features): user = User.by_authproxy_token(token) sl = SearchLog(user=user) for f in features: g = SearchLogGeometry( identifier=f['properties']['id'], geometry='SRID=3857;' + asShape(f['geometry']).wkt, ) sl.geometries.append(g) return sl
def check_file_exists(box_name, user_id): user = current_user if user_id != str(current_user.id): if not current_user.is_consultant: raise Forbidden() user = User.by_id(user_id) couch_box = get_couch_box_db(user, box_name) couch = CouchFileBox(current_app.config.get('COUCH_DB_URL'), couch_box) existing_doc = couch.get(request.form['filename']) if existing_doc: return jsonify(existing=True) return jsonify(existing=False)
def activate_user(id): user = User.by_id(id) user.active = True db.session.commit() send_mail( _("Account activated mail subject"), render_template("user/activated_mail.txt", user=user, _external=True), [user.email] ) flash(_('User activated', email=user.email), 'success') return redirect(url_for("admin.user_detail", id=id))
def activate_user(user_id): user = User.by_id(user_id) user.verified = True user.active = True db.session.commit() send_mail( _("Account activated mail subject"), render_template("user/activated_mail.txt", user=user, _external=True), [user.email] ) flash(_('User activated %(email)s', email=user.email), 'success') return redirect(request.args.get("next") or url_for("admin.inactive_users_list"))
def delete_file(box_name, id, rev, user_id): user = current_user if user_id == str(current_user.id): user_id = None else: if not current_user.is_consultant: raise Forbidden() user = User.by_id(user_id) couch_box = get_couch_box_db(user, box_name) couch = CouchFileBox(current_app.config.get('COUCH_DB_URL'), couch_box) couch.delete(id, rev) flash(_("file deleted"), 'success') return redirect(url_for("boxes.files", box_name=box_name, user_id=user_id))
def edit_user(id): user = User.by_id(id) form = EditAddressForm(request.form, user) if form.validate_on_submit(): user.realname = form.data['realname'] user.florlp_name = form.data['florlp_name'] user.street = form.data['street'] user.housenumber = form.data['housenumber'] user.zipcode = form.data['zipcode'] user.city = form.data['city'] db.session.commit() flash( _('User edited', username=user.realname), 'success') return redirect(url_for("admin.user_detail", id=id)) return render_template('admin/edit_user.html', form=form)
def remove_user(user_id): user = User.by_id(user_id) if user == current_user: flash(_('Self-User cannot be removed', 'success')) return render_template('admin/remove_user.html', user=user) if request.method == 'POST': email = user.email db.session.delete(user) db.session.commit() flash(_('User was removed %(email)s', email=email), 'success') return redirect(request.args.get("next") or url_for("admin.inactive_users_list")) return render_template('admin/remove_user.html', user=user)
def recover(): form = RecoverRequestForm() if form.validate_on_submit(): user = User.by_email(form.data['email']) recover = EmailVerification.recover(user) db.session.add(recover) db.session.commit() send_mail( _("Password recover mail subject"), render_template("user/recover_mail.txt", user=user, recover=recover), [user.email]) return redirect(url_for(".recover_sent")) return render_template("user/recover.html", form=form)
def send_verifymail(id): user = User.by_id(id) if not user or user.verified: raise NotFound() verify = EmailVerification.verify(user) db.session.add(verify) db.session.commit() send_mail( _("Email verification mail subject"), render_template("user/verify_mail.txt", user=user, verify=verify, _external=True), [user.email] ) flash(_('email verification was sent successfully'), 'success') return redirect(url_for(".login"))
def recover(): form = RecoverRequestForm() if form.validate_on_submit(): user = User.by_email(form.data['email']) recover = EmailVerification.recover(user) db.session.add(recover) db.session.commit() send_mail( _("Password recover mail subject"), render_template("user/recover_mail.txt", user=user, recover=recover), [user.email] ) return redirect(url_for(".recover_sent")) return render_template("user/recover.html", form=form)
def new(): form = NewUserForm() form.federal_state.choices = [] form.federal_state.choices.append(('', _('Please select'))) for state in current_app.config['FEDERAL_STATES']: form.federal_state.choices.append(state) form.title.choices = current_app.config['SALUTATIONS'] form.type.choices = [] # add choice wich account types are possible if current_app.config['FEATURE_CUSTOMER_USERS']: form.type.choices.append((User.Type.CUSTOMER, _('customer'))) if current_app.config['FEATURE_CONSULTANT_USERS']: form.type.choices.append((User.Type.CONSULTANT, _('consultant'))) form.type.choices.append( (User.Type.SERVICE_PROVIDER, _('service_provider'))) if form.validate_on_submit(): user = User(form.data['email'], form.data['password']) user.set_user_data(form.data) user.type = form.data.get('type') # no use type will be active automatically all must be activated by an admin user.active = False # send verifycation mail to check user email verify = EmailVerification.verify(user) db.session.add(user) db.session.add(verify) db.session.commit() send_mail( _("Email verification mail subject"), render_template("user/verify_mail.txt", user=user, verify=verify, _external=True), [user.email]) couch_url = current_app.config.get('COUCH_DB_URL') if user.is_service_provider or user.is_customer: # create couch document and area boxes # and initialize security init_user_boxes(user, couch_url) return redirect(url_for(".verify_wait", id=user.id)) return render_template( "user/new.html", form=form, customer_id=User.Type.CUSTOMER, service_provider_id=User.Type.SERVICE_PROVIDER, )
def send_verifymail(id): user = User.by_id(id) if not user or user.verified: raise NotFound() verify = EmailVerification.verify(user) db.session.add(verify) db.session.commit() send_mail( _("Email verification mail subject"), render_template("user/verify_mail.txt", user=user, verify=verify, _external=True), [user.email]) flash(_('email verification was sent successfully'), 'success') return redirect(url_for(".login"))
def verify(uuid): verify = EmailVerification.by_hash(uuid) if not verify or not verify.is_verify: raise NotFound() user = verify.user user.verified = True db.session.delete(verify) db.session.commit() if not user.is_customer: send_mail( _("Activate user subject"), render_template("admin/user_activate_mail.txt", user=user, _external=True), [member.email for member in User.all_admins()] ) flash(_("Email verified"), 'success') return redirect(url_for(".login"))
def logs(page=1, user_id=False): form = DownloadLogsForm() query = Log.query if user_id: user = User.by_id(user_id) query = query.filter_by(user=user) if request.method == 'POST' and form.validate(): data = request.form access_start = data.get('access_start', False) access_end = data.get('access_end', False) button_action = data.get('button-action', 'show-table') if access_start: query = query.filter(Log.time >= access_start) if access_end: query = query.filter(Log.time < access_end) query = query.order_by(desc(Log.time)) if button_action == 'show-table': results = query.paginate(page, current_app.config["USER_PER_PAGE"]) else: results = query.all() csv = log_spec_to_csv( logs=results, csv_headers=current_app.config['LOG_CSV_HEADER'] ) filename = 'geobox-access-%s.csv' % (to_user_timezone(datetime.utcnow()).strftime('%Y%m%d-%H%M%S')) resp = Response( csv, headers={ 'Content-type': 'application/octet-stream', 'Content-disposition': 'attachment; filename=%s' % filename}) return resp else: results = query.paginate(page, current_app.config["USER_PER_PAGE"]) if user_id: return render_template('admin/user_log.html', user=user, logs=results) return render_template('admin/logs.html', form=form, logs=results)
def verify(uuid): verify = EmailVerification.by_hash(uuid) if not verify or not verify.is_verify: return render_template("errors/404.html", error_msg=_('infotext verify not possible')) user = verify.user user.verified = True db.session.delete(verify) db.session.commit() send_mail( _("Activate user subject"), render_template("admin/user_activate_mail.txt", user=user, _external=True), [member.email for member in User.all_admins()]) flash(_("Email verified"), 'success') return redirect(url_for(".login"))
def log(user_token): if request.headers['content-type'] != 'application/json': json_abort(406, "request content-type not application/json") try: log_record = json.loads(request.data) except (TypeError, ValueError): json_abort(400, 'invalid JSON') try: user = User.by_authproxy_token(user_token) if not user: json_abort(401, 'unknown user token') if user.email != log_record['user']: json_abort(401, 'user token does not match user email') time = log_record['time'] action = log_record['action'] except KeyError, ex: json_abort(400, 'missing %s in log record' % ex)
def log(user_token): if request.headers["content-type"] != "application/json": json_abort(406, "request content-type not application/json") try: log_record = json.loads(request.data) except (TypeError, ValueError): json_abort(400, "invalid JSON") try: user = User.by_authproxy_token(user_token) if not user: json_abort(401, "unknown user token") if user.email != log_record["user"]: json_abort(401, "user token does not match user email") time = log_record["time"] action = log_record["action"] except KeyError, ex: json_abort(400, "missing %s in log record" % ex)
def create_user(): form = CreateUserForm() form.type.choices = [] form.federal_state.choices = current_app.config['FEDERAL_STATES'] form.title.choices = current_app.config['SALUTATIONS'] if current_app.config['FEATURE_CUSTOMER_USERS']: form.type.choices.append((User.Type.CUSTOMER, _('customer'))) form.type.choices.append((User.Type.SERVICE_PROVIDER, _('service_provider'))) if current_app.config['FEATURE_CONSULTANT_USERS']: form.type.choices.append((User.Type.CONSULTANT, _('consultant'))) form.type.choices.append((User.Type.ADMIN, _('admin'))) if form.validate_on_submit(): user = User(form.data['email'], form.data['password']) user.set_user_data(form.data) user.type = form.data.get('type') if not form.data['verified']: verify = EmailVerification.verify(user) db.session.add(verify) send_mail( _("Email verification mail subject"), render_template( "user/verify_mail.txt", user=user, verify=verify, _external=True, ), [user.email] ) else: user.verified = True if form.data['activate']: user.active = True db.session.add(user) db.session.commit() init_user_boxes(user, current_app.config.get('COUCH_DB_URL')) flash(_('User created', email=user.email), 'success') return redirect(url_for('admin.user_list')) return render_template('admin/create_user.html', form=form)
def login(): form = LoginForm() if form.validate_on_submit(): user = User.by_email(form.data['email']) if not user or not user.check_password(form.data['password']): flash(_("user or passwort is not correct"), 'error') pass # fall through elif user and not user.verified: return redirect(url_for('.verify_wait', id=user.id)) elif user and not user.active: flash(_("account not activated"), 'error') else: login_user(user) session['authproxy_token'] = user.authproxy_token user.update_last_login() db.session.commit() flash(_("Logged in successfully."), 'success') return redirect(request.args.get("next") or url_for(".home")) # else: update form with errors return render_template("user/login.html", form=form)
def verify(uuid): verify = EmailVerification.by_hash(uuid) if not verify or not verify.is_verify: return render_template( "errors/404.html", error_msg=_('infotext verify not possible') ) user = verify.user user.verified = True db.session.delete(verify) db.session.commit() send_mail( _("Activate user subject"), render_template("admin/user_activate_mail.txt", user=user, _external=True), [member.email for member in User.all_admins()] ) flash(_("Email verified"), 'success') return redirect(url_for(".login"))
def search(self, query, user_token): from gbi_server.model import User user = User.by_authproxy_token(user_token) if not user: raise exceptions.Unauthorized() coverage = self.limiter.coverage(user_token) if not coverage: current_app.logger.debug("found no coverage user=%s query=%s", user, request.url) return None query.intersection(coverage, 3857) # query.ids(['072578-040-00042/000']) # f.near((7.88475, 49.859677), 4326, dist=500) # q = sql.select([parcel_table]).where(parcel_table.c.number == cleanup_id('072578-040-00042/000')) features = [] query.limit(1000) sub = query.as_sa() q = sql.select([ sub.c.identifier, sql.func.st_astext(sql.func.st_transform(sub.c.geometry, '3857')).label('geometry') ]) with self.engine.connect() as conn: for r in conn.execute(q): features.append({ "type": "Feature", "properties": { "id": r.identifier, }, "geometry": mapping(shapely.wkt.loads(r.geometry)), }) return features
def create(self, user_token, layer): from gbi_server.model import User from gbi_server.model import WMTS from gbi_server.extensions import db user = User.by_authproxy_token(user_token) if not user: raise InvalidUserToken() result = db.session.query(WMTS, ST_Transform( WMTS.view_coverage, 3857)).filter_by(name=layer).first() if result: wmts, view_coverage = result if wmts and wmts.is_public: return to_shape(view_coverage) if user.is_customer: couch_url = self.couchdb_url couchdb = CouchDBBox( couch_url, '%s_%s' % (SystemConfig.AREA_BOX_NAME, user.id)) geom = couchdb.layer_extent(self.geometry_layer) return optimize_geometry(geom) if geom else None elif user.is_service_provider: couch_url = self.couchdb_url couchdb = CouchDBBox( couch_url, '%s_%s' % (SystemConfig.AREA_BOX_NAME, user.id)) geom = couchdb.layer_extent() return optimize_geometry(geom) if geom else None elif user.is_admin or user.is_consultant: # permit access to everything return box(-20037508.3428, -20037508.3428, 20037508.3428, 20037508.3428) return None
def create(self, user_token, dbname): from gbi_server.model import User user = User.by_authproxy_token(user_token) if not user: raise InvalidUserToken() if user.is_customer or user.is_service_provider: if dbname in ( '%s_%s' % (SystemConfig.AREA_BOX_NAME, user.id), '%s_%s' % (SystemConfig.CUSTOMER_BOX_NAME, user.id), ): return 'rw' if dbname in ( '%s_%s' % (SystemConfig.CONSULTANT_BOX_NAME, user.id), ): return 'r' elif user.is_admin or user.is_consultant: if dbname.startswith('%s_' % (SystemConfig.CONSULTANT_BOX_NAME, )): return 'rw' elif dbname.startswith('%s_' % (SystemConfig.CUSTOMER_BOX_NAME, )): return 'r' return 'no'
def load_user(userid): if request_for_static(): return DummyUser(userid) if request.blueprint == 'authproxy': return DummyUser(userid) return User.by_id(userid)
def user_detail(user_id): user = User.by_id(user_id) return render_template('admin/user_detail.html', user=user)
def verify_wait(id): user = User.by_id(id) if not user or user.verified: raise NotFound() return render_template("user/verify_wait.html", user_id=id)
def username_exists(form, field): if not User.by_email(field.data): raise ValidationError(_l('email does not exist.'))
def username_unique(form, field): if User.by_email(field.data): raise ValidationError(_l('email already exists.'))
def deactivate_user(user_id): user = User.by_id(user_id) user.active = False db.session.commit() flash(_('User deactivate %(email)s', email=user.email), 'success') return redirect(request.args.get("next") or url_for("admin.inactive_users_list"))