Ejemplo n.º 1
0
def admin_user_management_togglelock(userId):
    check_admin_permissions()
    myUser = getUserById(userId)
    if myUser:
        myUser.load()
        myUser.locked = not myUser.locked
        log.info("[System] Lock state of '%s' was changed to: %s"
                 % (myUser.email, myUser.locked))
        db_session.merge(myUser)
        try:
            runQuery(db_session.commit)
        except Exception as e:
            log.warning("[System] SQL Alchemy Error on Admin toggle "
                        "lock: %s" % (e))
    return redirect(url_for('admin_user_management'))
Ejemplo n.º 2
0
def profile_show(do=None):
    # gravatar: https://de.gravatar.com/site/implement/images/python/
    if not session.get('logged_in'):
        abort(401)
    myUser = getUserById(session.get('userid'))
    myUser.load()
    userChanged = False
    if request.method == 'POST':
        if request.form['do'] == "pwchange":
            if myUser.checkPassword(request.form['oldpassword']):
                if checkPassword(request.form['newpassword1'],
                   request.form['newpassword2']):
                    myUser.setPassword(request.form['newpassword1'])
                    userChanged = True
            else:
                flash(gettext("Old password not correct!"), 'error')
        elif request.form['do'] == "editprofile":
            myUser.name = request.form['name']
            userChanged = True
    if userChanged:
        db_session.merge(myUser)
        try:
            runQuery(db_session.commit)
        except Exception as e:
            log.warning("[System] SQL Alchemy Error on profile show: %s"
                        % (e))
        flash(gettext("Profile changed"), 'success')

    size = 80
    gravatar_url = ("//www.gravatar.com/avatar/" +
                    hashlib.md5(myUser.email.lower()).hexdigest() +
                    "?" +
                    urllib.urlencode(
                        {'d': url_for('static',
                         filename='img/%s' % app.config['AVATARPLACEHOLDER'],
                         _external=True),
                         's': str(size)}))

    history = runQuery(History.query.filter_by(donatorId=myUser.id).all)

    return render_template('profile_show.html',
                           values=myUser,
                           userAvatar=gravatar_url,
                           history=sorted(history,
                                          key=lambda x: x.date,
                                          reverse=True))
Ejemplo n.º 3
0
def profile_verify(userId, verifyKey):
    log.info("[System] Verify userid %s" % userId)
    verifyUser = getUserById(userId)
    if not verifyUser:
        flash(gettext("User not found to verify.", 'error'))
    elif verifyUser.verify(verifyKey):
        db_session.merge(verifyUser)
        try:
            runQuery(db_session.commit)
        except Exception as e:
            log.warning("[System] SQL Alchemy Error on verify key: %s"
                        % (e))
        if verifyUser.veryfied:
            flash(gettext("Verification ok. Please log in."), 'success')
            return redirect(url_for('index'))
        else:
            flash(gettext("Verification NOT ok. Please try again."), 'error')
    return redirect(url_for('index'))
Ejemplo n.º 4
0
def hide_wish(wishId, userId):
    if not session.get('logged_in'):
        return redirect(url_for('index'))
    wish = getWishById(wishId)

    try:
        wish.hide(session.get('userid'))
        db_session.merge(wish)
        log.info("Wish %s successfully hidden by %s"
                 % (wish.id, session.get('userid')))
    except Exception as e:
        flash(gettext("Unable to hide wish"), 'error')
        log.warning("Unable to hide wish because %s" % (e))

    try:
        runQuery(db_session.commit)
    except Exception as e:
        log.warning("[Wish] SQL Alchemy Error on hide wish"
                    ": %s" % (e))

    return redirect(url_for('show_wishes', userId=userId))
Ejemplo n.º 5
0
def profile_password_reset_verify(userId, verifyKey):
    if session.get('logged_in'):
        return redirect(url_for('index'))
    log.info('[System] Password reset request (step 2/2) for user id: %s' %
             (userId))
    myUser = getUserById(userId)
    if myUser:
        myUser.load()
        if myUser.verifyKey == verifyKey:
            newPassword = ''.join(random.choice(string.ascii_letters +
                                  string.digits) for _ in range(12))
            myUser.setPassword(newPassword)
            myUser.verify(verifyKey)
            if send_email(app, myUser.email,
                          gettext("%(sitetitle)s: New Password",
                                  sitetitle=app.config['SITETITLE']),
                          gettext("<h3>Hello %(name)s</h3>Your new password "
                                  "is: <b>%(password)s</b><br>Please "
                                  "change it right after you "
                                  "<a href='%(url)s'>logged in</a>.",
                                  name=myUser.name,
                                  password=newPassword,
                                  url=url_for('profile_login',
                                              _external=True)) +
                          gettext("<br><br>Have fun and see you soon ;)"),
                          app.config['EMAILBANNER']):
                flash(gettext("Please check your mails at %(emailaddr)s",
                              emailaddr=myUser.email), 'info')
        else:
            myUser.verifyKey = ''.join(random.choice(string.ascii_letters +
                                       string.digits) for _ in range(32))
            flash(gettext("Wrong verification link. Please request a new "
                          "one."))
        db_session.merge(myUser)
        try:
            runQuery(db_session.commit)
        except Exception as e:
            log.warning("[System] SQL Alchemy Error on password reset "
                        "verify key: %s" % (e))
    return redirect(url_for('index'))
Ejemplo n.º 6
0
def profile_password_reset_request():
    if session.get('logged_in'):
        return redirect(url_for('index'))
    log.info('[System] Password reset request (step 1/2) for email: %s' %
             (request.form['email'].lower()))
    myUser = getUserByEmail(request.form['email'].lower())
    if myUser:
        myUser.load()
        myUser.verifyKey = ''.join(random.choice(string.ascii_letters +
                                   string.digits) for _ in range(32))
        db_session.merge(myUser)
        try:
            runQuery(db_session.commit)
        except Exception as e:
            log.warning("[System] SQL Alchemy Error on password "
                        "reset: %s" % (e))
        actUrl = url_for('profile_password_reset_verify',
                         userId=myUser.id,
                         verifyKey=myUser.verifyKey,
                         _external=True)
        if send_email(app, myUser.email,
                      gettext("%(sitetitle)s: Password Reset",
                              sitetitle=app.config['SITETITLE']),
                      gettext("<h3>Hello %(name)s</h3>You can reset your "
                              "password with <a href='%(url)s'>this link</a>."
                              " If you did not request this password reset, "
                              "you can just ignore it. Your current password "
                              "is still valid.</b>",
                              name=myUser.email,
                              url=actUrl) +
                      gettext("<br><br>Have fun and see you soon ;)"),
                      app.config['EMAILBANNER']):
            flash(gettext("Please check your mails at %(emailaddr)s",
                          emailaddr=myUser.email), 'info')
    else:
        flash(gettext("No user found with this email address"))
    return redirect(url_for('index'))