Ejemplo n.º 1
0
Archivo: pm.py Proyecto: peremen/noah3k
def send_mail(from_id, to_id, title, body):
    sender_info = user.get_user(from_id)
    receiver_info = user.get_user(to_id)
    if not sender_info[0]:
        return (False, _('INVALID_SENDER'))
    if not receiver_info[0]:
        return (False, _('INVALID_RECEIVER'))
    if title.strip() == '':
        return (False, _('EMPTY_TITLE'))
    if body.strip() == '':
        return (False, _('EMPTY_BODY'))

    t = db.transaction()
    try:
        db.insert('Mails', mSenderSerial = from_id,
                mReceiverSerial = to_id,
                mSenderId = sender_info[1].uId,
                mSenderNick = sender_info[1].uNick,
                mDatetime = web.SQLLiteral('NOW()'),
                mTitle = title,
                mContent = body)
    except:
        t.rollback()
        return (False, _('DATABASE_ERROR'))
    else:
        t.commit()
    return (True, _('SUCCESS'))
Ejemplo n.º 2
0
def team_accept_invite_request():
	params = utils.flat_multi(request.form)
	_user = user.get_user().first()
	if not user.in_team(_user):
		raise WebException("You must be in a team!")
	_team = get_team(tid=_user.tid).first()
	tid = _team.tid
	if _user.uid != _team.owner:
		raise WebException("You must be the captain of your team to rescind invitations!")
	if _team.finalized:
		raise WebException("This team is finalized.")

	if len(_team.get_members()) >= utils.get_config("team_size"):
		raise WebException("Your team is full.")

	uid = params.get("uid")
	_user2 = user.get_user(uid=uid).first()
	if user.in_team(_user2):
		raise WebException("This user is already in a team!")

	invitation = TeamInvitations.query.filter_by(rtype=1, frid=_user2.uid, toid=tid).first()
	if invitation is None:
		raise WebException("Invitation doesn't exist.")

	with app.app_context():
		_user2 = Users.query.filter_by(uid=_user2.uid).first()
		_user2.tid = tid
		db.session.delete(invitation)
		invitation2 = TeamInvitations.query.filter_by(rtype=0, frid=tid, toid=_user2.uid).first()
		if invitation2 is not None:
			db.session.delete(invitation2)
		db.session.commit()
		db.session.close()

	return { "success": 1, "message": "Success!" }
Ejemplo n.º 3
0
    def modify_post(self, current_uid = -1):
        user_id = current_uid
        usr = user.get_user(user_id)[1]

        data = web.input(profile_image = {})
        if data.newpass1 and not user.verify_password(user_id, data.oldpass):
            return util.render().error(error_message=_('INVALID_PASSWORD'), help_context='error')
        if data.newpass1 != data.newpass2:
            return util.render().error(error_message = _('PASSWORD_DO_NOT_MATCH'), help_context='error')
        if len(data.newpass1) > 0 and len(data.newpass1) < 6:
            return util.render().error(error_message = _('PASSWORD_TOO_SHORT'), help_context='error')
        if len(data.newpass1) == 0:
            password = data.oldpass
        else:
            password = data.newpass1
        nick = data.nick
        email = data.email
        homepage = data.homepage
        sig = data.sig
        introduction = data.introduction
        language = data.language
        theme = data.theme
        user_info = user.get_user(user_id)
        change_lang = False
        if language != user_info[1].language:
            change_lang = True
        profile_image = data.profile_image.value
        delete_profile_image = data.has_key('delete_profile_image')

        ret = user.modify_user(user_id, locals())
        if change_lang:
            web.ctx.session.lang = language
        raise web.seeother(util.link('/+u'))
Ejemplo n.º 4
0
def query_show(query_id):
    query = g.conn.session.query(Query).filter(Query.id == query_id).one()
    can_edit = get_user() is not None and get_user().id == query.user_id
    is_starred = False
    if get_user():
        is_starred = g.conn.session.query(func.count(Star.id))\
            .filter(Star.user_id == get_user().id)\
            .filter(Star.query_id == query_id).scalar() == 1
    jsvars = {
        'query_id': query.id,
        'can_edit': can_edit,
        'is_starred': is_starred,
        'published': query.published
    }

    if query.latest_rev and query.latest_rev.latest_run_id:
        jsvars['qrun_id'] = query.latest_rev.latest_run_id

    return render_template(
        "query/view.html",
        user=get_user(),
        query=query,
        jsvars=jsvars,
        latest_rev=query.latest_rev
    )
Ejemplo n.º 5
0
def team_invite():
	params = utils.flat_multi(request.form)
	_user = user.get_user().first()
	_team = get_team(tid=_user.tid).first()
	if _user.uid != _team.owner:
		raise WebException("You must be the captain of your team to invite members!")
	if _team.finalized:
		raise WebException("This team is finalized.")

	new_member = params.get("new_member")
	if new_member is None:
		raise WebException("Please provide a username!")
	_user2 = user.get_user(username_lower=new_member.lower()).first()
	if _user2 is None:
		raise WebException("User doesn't exist!")
	if _user2.tid > 0:
		raise WebException("This user is already a part of a team!")

	if _team.get_pending_invitations(toid=_user2.uid) is not None:
		raise WebException("You've already invited this member!")

	req = TeamInvitations(0, _team.tid, _user2.uid)
	with app.app_context():
		db.session.add(req)
		db.session.commit()
		db.session.close()

	return { "success": 1, "message": "Success!" }
Ejemplo n.º 6
0
def new_query():
    if get_user() is None:
        return redirect("/login?next=/query/new")
    query = Query()
    query.user = get_user()
    g.conn.session.add(query)
    g.conn.session.commit()
    return redirect(url_for('query_show', query_id=query.id))
Ejemplo n.º 7
0
    def modify_get(self, current_uid = -1):
        user_id = current_uid
        usr = user.get_user(user_id)[1]

        referer = util.link('/+u')
        return util.render().myinfo_edit(user = user.get_user(user_id)[1],
                user_id = user_id,
                title = _('Edit My Information'),
                board_desc = _('Edit My Information'),
                referer = web.ctx.env.get('HTTP_REFERER', referer),
                help_context = 'myinfo')
Ejemplo n.º 8
0
def star_query():
    if get_user() is None:
        return "Unauthorized access", 403
    query = g.conn.session.query(Query).get(request.form['query_id'])
    if query:
        star = Star()
        star.user = get_user()
        star.query = query
        g.conn.session.add(star)
        g.conn.session.commit()
        return ""
    else:
        return "Query not found", 404
Ejemplo n.º 9
0
def unstar_query():
    if get_user() is None:
        return "Unauthorized access", 403
    query = g.conn.session.query(Query).get(request.form['query_id'])
    if query:
        star = g.conn.session.query(Star)\
            .filter(Star.query_id == request.form['query_id'])\
            .filter(Star.user_id == get_user().id)\
            .one()
        g.conn.session.delete(star)
        g.conn.session.commit()
        return ""
    else:
        return "Query not found", 404
Ejemplo n.º 10
0
def ideas(request):
    # Optional parameters: sort="user" | "rating" | "date"
    user = get_user(request)
    session = DBSession()
    project = request.context
    # Create list of ideas with User's rating added:
    if user:
        idea_query = session.query(Idea, AggregateRating, UserRating)\
            .outerjoin(AggregateRating, (AggregateRating.idea_id==Idea.id))\
            .outerjoin(UserRating, (Idea.id==UserRating.idea_id) & (UserRating.user_id==user.id))\
            .join(User, (Idea.author_id==User.id))\
            .filter(Idea.project_id == project.id)
    else:
         # Just fill third column with Nones.
        idea_query = session.query(Idea, AggregateRating, UserRating)\
            .outerjoin(AggregateRating, (AggregateRating.idea_id==Idea.id))\
            .outerjoin(UserRating, (UserRating.idea_id==0))\
            .join(User, (Idea.author_id==User.id))\
            .filter(Idea.project_id == project.id)
            
    
    sort = request.params.get('sort', 'rating') 
    if sort == 'user':
        # Use Python to sort, so we sort Anonymous posts properly.
        pass
    elif sort == 'rating':
        # Use Python to sort, so we can use our total_rating algorithm..
        pass
    elif sort == 'date':
        idea_query = idea_query.order_by(Idea.creation_time.desc()) # Most recent first
    else:
        logging.warn('Unrecognized sort: ' + str(sort))
    
    idea_data = idea_query.all()
    # Do python sorting.
    if sort == 'user':
        idea_data.sort(key=lambda el:el[0].author.first_name + ' ' + el[0].author.last_name if not el[0].anonymous else 'Anonymous')
    elif sort == 'rating':
        if project.rating_type == 'like/love':
            idea_data.sort(key=lambda el: el[0].aggregate_rating.total_rating if el[0].aggregate_rating else 0, reverse=True)
        else:
            idea_data.sort(key=lambda el: el[0].aggregate_rating.average_stars if el[0].aggregate_rating else 0, reverse=True)
    
    # Turn it all into dicts for our templating engine.
    for i in range(len(idea_data)):
        idea, aggregate_rating, rating = idea_data[i]
        idea_data[i] = idea_dict(request, idea, rating, aggregate_rating, include_comments=True)
        
    
    # Idea.user_rating will be used to determine the initial state of the Like/Love/Stars
    return template_permissions(request, {
        'project' : project, 
        'creator' : user_dict(request, project.creator),
        'project_id' : project.id,
        'idea_data': idea_data, 
        'user' : user_dict(request, user), 
        'ideas_count': len(idea_data), 
        'people_count': 1,
        'sort' : sort
    })
Ejemplo n.º 11
0
def update_association(user_id, client_id, refresh_token_str):
    client = get_client(client_id)
    user = get_user(user_id)
    logging.warn('update_associations 1: ' + str(refresh_token_str))
    refresh_token = get_token(client_id, client.secret, refresh_token_str)
    #always check to see if it is confidential or not.
    #it shouldn't be if it's using update_association, but you never know
    #and it's good to have a log message to possible alert the admin that
    #this is going on.
    if client.type.lower() != 'confidential':
        raise ConfidentailError('Client ' + client_id + \
                                ' is not a confidentail client')

    db = DB()
    try:
        key = 'client_association_' + str(user.id)
        if db.contains(key):
            association = db.get(key)
            if client.id in association.clients:
                logging.warn('update_associations 2: ' + str(association.clients[client.id]))
                old_refresh = get_token(client.id, client.secret, association.clients[client.id])
                delete_token(old_refresh.access_token)
                delete_token(old_refresh.code)
                association.clients[client.id] = refresh_token.code
                logging.warn('update_associations 3: ' + str(refresh_token.code) + ', ' + str(association.clients[client.id]))
                db.update(key, association)
                db.commit()
    #except Exception, e:
    #    logging.error('update_associations: ' + str(e))
    #    db.abort()
    finally:
        db.close()

    return False
Ejemplo n.º 12
0
def create(request):
    user = get_user(request)
    
    if 'project_key' in request.params:
        # User submitted a project.
        # TODO: Validation.
        try: 
            new_project = request.context.newProject(
                title=request.params['project_title'],
                key=request.params['project_key'],
                description=request.params['project_description'],
                url_name=request.params['project_url'],
                creator_id=user.id)
                
            participation = Participation(user=user, project=new_project)
            session = DBSession()
            session.add(participation)
            session.flush()
            note.new_project(request, new_project, user)
        except IntegrityError:
            # url_name collision.
            raise HTTPBadRequest(explanation="Sorry! That URL has already been taken!")
        return HTTPFound(location=request.root.project_url(new_project)+'/invite')
    else:
        return {'user' : user_dict(request, user)}
Ejemplo n.º 13
0
def show_userpage(request):
    session = DBSession()
    
    other_user = request.context
        
    current_user = get_user(request)
    shared_projects = []
    for project in current_user.projects:
        if project in other_user.projects:
            shared_projects += [project]
    
    project_data = []
    for project in shared_projects:
        data = {}
        data['title'] = project.title
        # How many ideas and comments other_user has posted to this project.
        data['idea_count'] = project.ideas.filter(Idea.author==other_user).count()
        data['comment_count'] = project.comments.filter(Comment.author==other_user).count()
        data['url'] = request.root.project_url(project)
        project_data += [data]

    return {
        'first_name' : other_user.first_name, 
        'last_name' : other_user.last_name, 
        'profile_picture' : other_user.profile_picture,
        'user' : current_user,
        'shared_project_count' : len(project_data),
        'projects' : project_data
    }
Ejemplo n.º 14
0
def create_access_token_from_user_pass(client_id, client_secret, user_id, password, scope):
    client = None
    if client_id != None:
        client = get_client(client_id)
    else:
        # create a client object from username and password
        client = Client(user_id, user_id, password, None)
        # make client_secret equal the password
        # saving me from having to change anything below
        client_secret = password

    user = get_user(user_id)

    db = DB()

    try:
        if client != None and user != None and client.secret == client_secret and user.password == password:
            token = AccessToken(client.id, user.id, scope=scope)
            while db.contains(token.code):
                token = AccessToken(client.id, user.id, scope=scope)

            db.put(token.code, token)
            db.commit()

            return token.code
    except Exception, e:
        logging.error("".join(["create_access_token_from_user_pass: ", str(e)]))
        db.abort()
Ejemplo n.º 15
0
def api_run_query():
    if get_user() is None:
        return "Authentication required", 401
    text = request.form['text']
    query = g.conn.session.query(Query).filter(Query.id == request.form['query_id']).one()

    if query.latest_rev and query.latest_rev.latest_run:
        result = worker.run_query.AsyncResult(query.latest_rev.latest_run.task_id)
        if not result.ready():
            result.revoke(terminate=True)
            query.latest_rev.latest_run.status = QueryRun.STATUS_SUPERSEDED
            g.conn.session.add(query.latest_rev.latest_run)
            g.conn.session.commit()

    query_rev = QueryRevision(query_id=query.id, text=text)
    query.latest_rev = query_rev

    # XXX (phuedx, 2014/08/08): This deviates from the pre-existing
    # QueryRevision interface, but I'm not confident that SQLAlchemy would
    # invalidate a cached result for a relationship if a property changed.
    query_run = QueryRun()
    query_run.rev = query_rev
    query_run.status = QueryRun.STATUS_QUEUED

    g.conn.session.add(query_run)
    g.conn.session.add(query)
    g.conn.session.commit()
    query_rev.latest_run = query_run
    query_run.task_id = worker.run_query.delay(query_run.id).task_id
    g.conn.session.add(query_rev)
    g.conn.session.add(query_run)
    g.conn.session.commit()
    return json.dumps({
        'qrun_id': query_run.id
    })
Ejemplo n.º 16
0
def display_project_people(request):
    cur_user = get_user(request)
    session = DBSession()
        
    project = request.context
    
    participants = session.query(Participation, User).outerjoin(User).filter(Participation.project == project).all()
    people_data = []
    email_data = []
    for participant, user in participants:
        person_data = {}
        if user:
            person_data['first_name'] = user.first_name
            person_data['last_name'] = user.last_name
            person_data['profile_url'] = request.root.user_url(user)
            person_data['invite_accepted'] = participant.access_time is not None
            person_data['profile_picture'] = user.profile_picture
            people_data += [person_data]
        else:
            email_data += [participant.user_email]
    
    # Sort by first last name
    people_data.sort(key=lambda user: user['first_name'] + u' ' + user['last_name'])
    
    
    return template_permissions(request, {
        'people' : people_data,
        'invited_emails' : email_data,
        'project_id' : project.id,
        'project' : project, 
        'creator' : user_dict(request, project.creator),
        'user' : user_dict(request, cur_user), 
        'ideas_count': project.ideas.count(), 
        'people_count': len(active_users(project)),
    })
Ejemplo n.º 17
0
def user_mgr():
    if session.get("user") == "admin":
        users = user.get_user()
        # print users
        return render_template("/user_mgr.html", users=users)
    else:
        return redirect("/index")
Ejemplo n.º 18
0
def present_main():
	# check for a cookie, if present, then extract value
	username = login_check()
	if (username == None):
		print "main: can't identify user...redirecting to signup"
		bottle.redirect("/login")
	
	connection = pymongo.Connection(connection_string, safe=True)
	me = user.get_user(connection, username)
	friends = me['friends']
	friends_requests = me['friends_requests']
	challenges_ids = me['challenges']
	challenges = []
	for challenge_id in challenges_ids:
		challenges.append(achievement.find_achievement_by_id(connection, challenge_id))
	
	achievements_ids = me['achievements']
	achievements = []
	for achievement_id in achievements_ids:
		challenges.append(achievement.find_achievement_by_id(connection, achievement_id))
		
	return bottle.template("main", 
						{'username':username, 
						  'friends':friends,
						  'friends_requests':friends_requests,
						  'challenges':challenges,
						  'achievements':achievements,
						})
Ejemplo n.º 19
0
def team_accept_invite():
	params = utils.flat_multi(request.form)
	_user = user.get_user().first()
	if user.in_team(_user):
		raise WebException("You're already in a team!")

	tid = params.get("tid")
	_team = get_team(tid=tid).first()
	if _team is None:
		raise WebException("Team not found.")

	if len(_team.get_members()) >= utils.get_config("team_size"):
		raise WebException("This team is full.")

	invitation = TeamInvitations.query.filter_by(rtype=0, frid=tid, toid=_user.uid).first()
	if invitation is None:
		raise WebException("Invitation doesn't exist.")

	with app.app_context():
		_user = Users.query.filter_by(uid=_user.uid).first()
		_user.tid = tid
		db.session.delete(invitation)
		invitation2 = TeamInvitations.query.filter_by(rtype=1, frid=_user.uid, toid=tid).first()
		if invitation2 is not None:
			db.session.delete(invitation2)
		db.session.add(Activity(_user.uid, 6, _team.tid, -1))
		db.session.commit()
		db.session.close()

	return { "success": 1, "message": "Success!" }
Ejemplo n.º 20
0
def create_implicit_grant_access_token(uid, client_id, redirect_uri, scope=None):
    user = get_user(uid)
    client = get_client(client_id)
    db = DB()
    try:

        # the only authentication here is to check the
        # redirect_uri is the same as the one stored
        # for the registered client
        if client.redirect_uri == redirect_uri:
            token = AccessToken(client.id, user.id, scope=scope)
            while db.contains(token.code):
                token = AccessToken(client.id, user.id, scope=scope)
            db.put(token.code, token)
            db.commit()

            return token.code
        else:
            logging.warn(
                "".join([str(client_id), " uri of ", str(client.redirect_uri), " does not match ", str(redirect_uri)])
            )

    except Exception, e:
        logging.error("".join(["create_implicit_grant_access_token: ", str(e)]))
        db.abort()
Ejemplo n.º 21
0
def project(request):
    user = get_user(request)
    session = DBSession()
    project = request.context
        
    updates = session.query(ProjectUpdate)\
        .filter(ProjectUpdate.project_id==project.id)\
        .filter(ProjectUpdate.when >= utcnow() - timedelta(days=10))\
        .order_by(ProjectUpdate.when.desc()).limit(10).all()
    
    # Update user access time:
    if user:
        part = session.query(Participation).filter(Participation.user_email==user.email).filter(Participation.project_id==project.id).first()
        if not part or not part.access_time:
            note.new_participant(request, request.context, user)  
        part.access_time = utcnow()
        session.flush()
              
    return template_permissions(request, {
        'project_id' : project.id,
        'project' : project, 
        'creator' : user_dict(request, project.creator),
        'updates' : updates,
        'ideas': project.ideas.all(), 
        'user' : user_dict(request, user), 
        'can_update' : user == project.creator,
        'ideas_count': project.ideas.count(), 
        'people_count': 1
    })
Ejemplo n.º 22
0
    def get_user(self, nick):
        """Returns a user object for the specified nick.

        @returns user.User()
        """

        return user.get_user(nick)
Ejemplo n.º 23
0
def render():
    try:
        if web.config.theme == 'default':
            return config.render[user.get_user(web.ctx.session.uid)[1].theme]
        else:
            return config.render[web.config.theme]
    except:
        return config.render[web.config.theme]
Ejemplo n.º 24
0
def activity_user():
	params = utils.flat_multi(request.args)
	if "user" not in params:
		raise WebException("Please specify a user.")
	_user = get_user(username_lower=params.get("user").lower()).first()
	if _user is None:
		raise WebException("User not found.")
	return _user.get_activity()
Ejemplo n.º 25
0
    def leave_get(self, current_uid = -1):
        user_id = current_uid
        usr = user.get_user(user_id)[1]

        default_referer = posixpath.join('/', '+u')
        return util.render().leave(board_desc = _('Leave NOAH'),
                title=_('Leave NOAH'),
                referer = web.ctx.env.get('HTTP_REFERER', default_referer),)
Ejemplo n.º 26
0
 def GET(self, username, current_uid = -1):
     user_id = user._get_uid_from_username(username)
     if user_id < 0:
         raise web.notfound(util.render().error(error_message = _('NO_SUCH_USER'), help_context='error'))
     return util.render().myinfo(user = user.get_user(user_id)[1],
             user_id = user_id,
             title = _('User Information'), board_desc = _('User Information'),
             help_context='myinfo')
Ejemplo n.º 27
0
    def GET(self, current_uid = -1):
        user_id = web.ctx.session.uid

        f = [{'type':'rss', 'path':'/+u/+favorite_rss', 'name':u'즐겨찾기 피드 (RSS)'},
             {'type':'atom', 'path':'/+u/+favorite_atom', 'name':u'즐겨찾기 피드 (Atom)'},]
        return util.render().myinfo(user = user.get_user(user_id)[1],
                user_id = user_id,
                title = _('My Information'), board_desc = _('My Information'),
                feeds = f, help_context='myinfo')
Ejemplo n.º 28
0
def fork_query(id):
    if get_user() is None:
        return redirect("/login?next=fork/{id}".format(id=id))
    query = Query()
    query.user = get_user()
    parent_query = g.conn.session.query(Query).filter(Query.id == id).one()
    query.title = parent_query.title
    query.parent_id = parent_query.id
    query.description = parent_query.description
    g.conn.session.add(query)
    g.conn.session.commit()

    query_rev = QueryRevision(query_id=query.id, text=parent_query.latest_rev.text)
    query.latest_rev = query_rev
    g.conn.session.add(query)
    g.conn.session.add(query_rev)
    g.conn.session.commit()
    return redirect(url_for('query_show', query_id=query.id))
Ejemplo n.º 29
0
def process_cookie(cookie):
	# See if they are logged in. If so display their name
	current_user = None
	if cookie is not None:
		login_id = cookies.get_id(cookie)
		if login_id == "admin":
			current_user = special_admin
		elif login_id is not None:
			current_user = user.get_user(login_id)
	return current_user
Ejemplo n.º 30
0
 def session_set(self, username):
     u = user.get_user(user._get_uid_from_username(username))
     if u[0]:
         web.ctx.session.uid = u[1].uSerial
         web.ctx.session.username = u[1].uId
         web.ctx.session.usernick = u[1].uNick
         web.ctx.session.lang = u[1].language
         return u[1]
     else:
         return None
Ejemplo n.º 31
0
def create_story(username, title, content):
    uid = user.get_user(username=username)[0]

    db = sqlite3.connect(DATABASE)
    c = db.cursor()

    query = "INSERT INTO stories VALUES (NULL, ?)"
    c.execute(query, (title,))

    # Fetch primary key of newly inserted row
    storyid = c.lastrowid

    now = int(datetime.datetime.now().strftime("%s"))
    query = "INSERT INTO updates VALUES (NULL, ?, ?, ?, ?)"
    c.execute(query, (storyid, uid, now, content,))

    db.commit()
    db.close()
Ejemplo n.º 32
0
def useredit_index():
    params = request.args if request.method == 'GET' else request.form
    username = params.get('username', '')
    if username:
        user_info = user.get_user(username)
        if user_info:
            username = user_info.get('username')
            password = user_info.get('password')
            age = user_info.get('age')
            return render_template('useredit.html',
                                   username=username,
                                   password=password,
                                   age=age)
        else:
            return render_template('useredit.html',
                                   useredit_info='username error')
    else:
        return render_template('useredit.html')
Ejemplo n.º 33
0
def login():
    if request.method == "POST":
        # User has submitted a request to login
        required_keys = ["username", "pass"]
        if not validate_form(request.form, required_keys):
            return render_template("login.html", message="Malformed request.", category="danger")

        username = request.form["username"]
        password = hashlib.sha1(request.form["pass"]).hexdigest()

        result = user.get_user(username=username)
        if result:
            if result[2] == password:
                session["username"] = username
                return redirect(url_for("index"))
            return render_template("login.html", message="Invalid password", category="danger")
        return render_template("login.html", message="Username does not exist...", add_mess="Register a new account?", category="danger")
    return render_template("login.html")
Ejemplo n.º 34
0
def update_story(username, story_id, content):
    uid = user.get_user(username=username)[0]

    db = sqlite3.connect(DATABASE)
    c = db.cursor()

    for story in user.get_stories(uid):
        if story_id in story:
            return False, "You already contributed to this story."

    query = "INSERT INTO updates VALUES (NULL, ?, ?, ?, ?)"
    now = int(datetime.datetime.now().strftime("%s"))

    c.execute(query, (story_id, uid, now, content,))
    db.commit()
    db.close()

    return True, "Story updated."
Ejemplo n.º 35
0
def editprofile():
    if "username" not in session:
        return redirect(url_for("login"))

    if request.method == "POST":
        # User has submitted a request to edit their profile
        username = session["username"]

        required_keys = ["name", "aboutme"]
        if not validate_form(request.form, required_keys):
            return render_template("editprofile.html", message="Malformed request.", category="danger")

        user.update_profile(username, request.form['name'], request.form['aboutme'])
        return redirect(url_for('profile'))

    uid = user.get_user(username=session["username"])[0]
    info = user.get_info(uid)
    return render_template("editprofile.html", info=info)
Ejemplo n.º 36
0
def modify_user():
    username = request.args.get('username', '')
    _user = user.get_user(username)
    _error = ''
    _username = ''
    _password = ''
    _age = ''
    if _user is None:
        _error = '用户信息不存在'
    else:
        _username = _user.get('username')
        _password = _user.get('password')
        _age = _user.get('age')

    return render_template('user_modify.html',
                           error=_error,
                           username=_username,
                           password=_password,
                           age=_age)
Ejemplo n.º 37
0
def login_page():
    form = LoginForm()
    if form.validate_on_submit():
        username = form.data["username"]
        user = get_user(username)
        if user is not None:
            password = form.data["password"]
            if hasher.verify(password, user.password):
                login_user(user)
                flash("Login Succesfull :)")
                next_page = request.args.get("next", url_for("home_page"))
                return redirect(next_page)
        flash("Invalid credentials.")

    x = datetime.now()
    date = x.strftime("%x")
    day_name = x.strftime("%A")
    time = x.strftime("%X")
    return render_template("login.html", form=form, date = date, day_name = day_name, time = time)
Ejemplo n.º 38
0
def query_runs_all():
    queries = g.conn.session.query(Query)\
        .join(Query.latest_rev).join(QueryRevision.latest_run)
    queries_filter = 'all'
    if request.args.get('published') == 'true':
        queries = queries.filter(Query.published)
        queries_filter = 'published'
    limit = int(
        request.args.get('limit', app.config.get('QUERY_RESULTS_PER_PAGE',
                                                 50)))
    queries, prev_link, next_link = QueriesRangeBasedPagination(
        queries, request.args.get('from'), limit, request.path,
        request.referrer, dict(request.args)).paginate()
    return render_template("query/list.html",
                           user=get_user(),
                           queries=queries,
                           prev_link=prev_link,
                           next_link=next_link,
                           queries_filter=queries_filter)
Ejemplo n.º 39
0
def register():
    if request.method == "POST":
        # User has submitted a request to register an account
        required_keys = ["username", "pass", "passconfirm", "bday"]
        if not validate_form(request.form, required_keys):
            return render_template("register.html", message="Malformed request.", category="danger")

        username = request.form["username"]
        password = request.form["pass"]
        password_confirm = request.form["passconfirm"]
        bday = request.form["bday"]

        if not username.isalnum():
            return render_template("register.html", message="Usernames must contain only alphanumeric characters.", category="danger")

        if password != password_confirm:
            return render_template("register.html", message="Passwords do not match.", category="danger")

        if len(password) < 6:
            return render_template("register.html", message="Password must be at least 6 characters in length.", category="danger")

        if password == password.lower():
            return render_template("register.html", message="Password must contain at least one capitalized letter.", category="danger")

        now = datetime.datetime.now()
        try:
            # dob should be in the format "yyyy-mm-dd"
            dob = map(int, bday.split("-"))
            assert len(dob) == 3
            dob = datetime.datetime(dob[0], dob[1], dob[2])
        except:
            return render_template("register.html", message="Invalid birthday.", category="danger")

        if int((now - dob).days / 365.25) < 13:
            return render_template("register.html", message="Users must be 13 years or older to register for an account.", category="danger")

        if user.get_user(username=username):
            return render_template("register.html", message="Username is already in use.", category="danger")

        user.add_user(username, password, bday)

        return render_template("register.html", message="Account created!", category="success")
    return render_template("register.html")
Ejemplo n.º 40
0
async def embed_single_pull(ctx):
  u = user.get_user(ctx.author.id)
  if u.primogems < 160:
    await error.embed_not_enough_primo(ctx)
    return

  if u.five_pity >= 89:
    (p, t), five, four = pull(False, True, u)
  elif u.four_pity >= 9:
    (p, t), five, four = pull(True, False, u)
  else:
    (p, t), five, four = pull(False, False, u)
  text = ""

  if five:
    color = discord.Color.gold()
    text =  prefix.fiveStarPrefix + p.name
    u.five_pity = 0
    u.four_pity = 0
  elif four:
    color = discord.Color.purple()
    text =  prefix.fourStarPrefix + p.name
    u.five_pity += 1
    u.four_pity = 0
  else:
    color = discord.Color.blue()
    text =  prefix.threeStarPrefix + p.name
    u.five_pity += 1
    u.four_pity += 1
  if t == "c":
    file = discord.File(p.URL_portrait, f"{p.URL_name}-portrait.png")
    embed = discord.Embed(title=text, color=color)
    embed.set_image(url=f"attachment://{p.URL_name}-portrait.png")
  else:
    file = discord.File(p.URL_icon, f"{p.URL_name}-icon.png")
    embed = discord.Embed(title=text, color=color)
    embed.set_image(url=f"attachment://{p.URL_name}-icon.png")
  u.primogems -= 160
  u.update_equiped_weapons()
  await commission.check_wish_complete(ctx, u, 1)
  database_mongo.save_user(u)
  asyncio.get_event_loop().create_task(display_pull(ctx, embed, file, p.rarity, True))
Ejemplo n.º 41
0
def register_page():
    form = RegistrationForm()
    if form.validate_on_submit():
        password = form.password.data
        hashed_pw = bcrypt.generate_password_hash(password).decode('utf-8')
        username = form.username.data
        email = form.email.data
        temp = get_user(username)
        db = current_app.config["db"]
        email_check = db.is_email_taken(email)
        if temp is not None or email_check is not None:
            return ("Please check your username and password!")
        else:
            phone = "" #phone is initially empty
            profile_pic = "default.jpg"
            user = User(username,hashed_pw,email,phone,profile_pic)
            #user = User(username,password,email,phone,profile_pic)
            db.add_user(user)
            return redirect(url_for('login_page'))
    return render_template('register.html', form=form)
Ejemplo n.º 42
0
def login_page():
    s_id = None
    if request.method == "GET":
        values = {"email": "", "password": ""}
        return render_template("login.html", values=values)
    else:
        email = request.form["email"]
        password = request.form["password"]
        user = get_user(email)
        if user is not None:
            if hasher.verify(password, user.password):
                login_user(user)
                return redirect(url_for("home_page"))
            else:
                flash("Incorrect password")
        else:
            flash("Incorrect email.")

        values = {"email": "", "password": ""}
        return render_template("login.html", values=values)
def create_webpage_lookup(user_id, webpage, lookup_id, filename, keywords,
                          datetime, articles):
    # get a user object or create one
    check_user = user.get_user(user_id)
    if not check_user:
        check_user = user.create_user(user_id)

    # create a webpage object
    webpage_id = web_page.put(webpage, filename)

    webpage_lookup = {
        "user": check_user,
        "webpage": webpage_id,
        "keywords": keywords,
        "datetime": datetime,
        "lookup_id": lookup_id,
        "articles": articles
    }

    return db.webpage_lookup.insert_one(webpage_lookup)
Ejemplo n.º 44
0
def login_page():
    form = LoginForm()
    if form.validate_on_submit():
        username = form.username.data
        temp = get_user(username)
        if temp is not None:
            #realpassword = temp.password
            user = User(username, temp.password,temp.email,temp.phone,temp.profile_pic)
            password = form.password.data

            if bcrypt.check_password_hash(temp.password,password):
                login_user(user)
                #flash("You have logged in.")
                next_page = request.args.get("next", url_for("home_page"))
                return redirect(next_page)

            else:
                return ("Wrong Password")
        else:
            return ("User can not be found")
    return render_template("login.html", form=form)
Ejemplo n.º 45
0
    def login(self):
        # Get inputs from entry boxes
        username = self.username_box.text()
        password = self.password_box.text()

        # Clear any existing errors
        self.error_label.clear()

        if username_available(username):
            self.error_label.setText("No account with that username")
            return
        else:
            user = get_user(username)
            if user.password == password:
                self.parent.sign_in(user)
            else:
                self.error_label.setText("Incorrect password")
                return

        self.reset()
        self.parent.stack.setCurrentIndex(0)
Ejemplo n.º 46
0
def login_page():
    print("login page")
    form = forms.LoginForm()
    if form.validate_on_submit():
        username = request.form["username"]
        user = usr.get_user(username)
        if user is not None:
            password = request.form["password"]
            if hasher.verify(password, user.password):
                login_user(user)
                today = datetime.today()
                db = current_app.config["db"]
                count = db.get_meal_count(today.date())
                scrape = False
                if ((today.hour > 14) and (count < 2)):
                    scrape = True
                if ((today.hour >= 0) and (count < 1)):
                    scrape = True
                if scrape:
                    current_m = current_meal.Current_Meal()
                    current_m.Itu_meal()
                    current_app.config["current_m"] = current_m
                else:
                    current_m = current_meal.Current_Meal()
                    current_m.id = db.find_meal_with_date(today.date())
                    current_m.meal(current_m.id)
                    current_m.get_food_calories()
                    current_app.config["current_m"] = current_m
                current_m = current_app.config["current_m"]
                comments, chief_comments = usr.get_comments(current_m.id)
                next_page = request.args.get(
                    "next",
                    url_for("home_page",
                            current_m=current_m,
                            comments=comments,
                            is_chief=current_user.is_admin,
                            chief_comments=chief_comments))
                return redirect(next_page)
        flash("Wrong username or password")
    return render_template("login2.html", form=form)
Ejemplo n.º 47
0
def login():
    """
    login page and login post function
    """
    if current_user.is_anonymous:
        pass
    else:
        if current_user.is_admin:
            return redirect(url_for("admin_page"))
    form = LoginForm()
    if form.validate_on_submit():
        student_id = form.data["username"]
        user = get_user(user_id=student_id)
        if user is not None:
            password = form.data["password"]
            if hasher.verify(password, user.password):
                login_user(user)
                flash("You have logged in.")
                next_page = request.args.get("next", url_for("home_page"))
                return redirect(next_page)
        flash("Invalid credentials.")
    return render_template("login.html", form=form)
Ejemplo n.º 48
0
def register():
    form = RegisterForm()
    if form.validate_on_submit():
        user = get_user(form.username.data)
        if user is None:
            if current_app.config['db'].get_user_by_email(form.email.data):
                form.email.errors.append("This email is already registered.")
            else:
                user = User(
                    None, form.username.data, form.email.data,
                    sha256(form.password.data.encode('utf-8')).hexdigest(),
                    form.public.data, _datetime.date.today())
                current_app.logger.debug(user.register_date)
                user = current_app.config['db'].register_user(user)
                login_user(user)
                next_page = request.args.get("next", url_for("index"))
                return redirect(next_page)
        else:
            form.username.errors.append("This nickname is already registered.")
        return render_template('register.html', form=form)
    form.public.data = True
    return render_template('register.html', form=form)
Ejemplo n.º 49
0
def team_create():
    params = utils.flat_multi(request.form)
    _user = user.get_user().first()
    if (_user.tid is not None and _user.tid >= 0) or get_team(
            owner=_user.uid).first() is not None:
        raise WebException("You're already in a team!")

    verify_to_schema(TeamSchema, params)
    teamname = params.get("teamname")
    school = params.get("school")

    team = Teams(teamname, school, _user.uid, _user.utype != 1)
    with app.app_context():
        db.session.add(team)
        db.session.commit()
        Users.query.filter_by(uid=_user.uid).update({"tid": team.tid})
        team_activity = UserActivity(_user.uid, 1, tid=team.tid)
        db.session.add(team_activity)
        db.session.commit()

        session["tid"] = team.tid
    return {"success": 1, "message": "Success!"}
Ejemplo n.º 50
0
def change_password():
    if not current_user.is_authenticated:
        return redirect("/")
    new1 = request.form['new1']
    new2 = request.form['new2']
    if new1 != new2:
        message = "New passwords don't match. Try again."
        return render_template("password.html", message=message)
    old = request.form['old']
    user = get_user(current_user.username)
    if pbkdf2_sha256.verify(old, user.password):
        new = pbkdf2_sha256.hash(new1)
        query = """UPDATE Users SET password = '******' WHERE username = '******'""" % (
            new, current_user.username)
        with psycopg2.connect(url) as connection:
            with connection.cursor() as cursor:
                cursor.execute(query)
                connection.commit()
                logout_user()
                return redirect("/signin")
    else:
        message = "The old password you entered is incorrect. Try again."
        return render_template("password.html", message=message)
Ejemplo n.º 51
0
def team_invite_request():
    params = utils.flat_multi(request.form)
    _user = user.get_user().first()
    if user.in_team(_user):
        raise WebException("You're already in a team!")

    tid = params.get("tid")
    _team = get_team(tid=tid).first()
    if _team is None:
        raise WebException("Team not found.")
    if _team.finalized:
        raise WebException("This team is finalized.")

    if _team.get_invitation_requests(frid=_user.uid) is not None:
        raise WebException("You've already requested to join this team!")

    req = TeamInvitations(1, _user.uid, _team.tid)
    with app.app_context():
        db.session.add(req)
        db.session.commit()
        db.session.close()

    return {"success": 1, "message": "Success!"}
Ejemplo n.º 52
0
def filter_stories(stories):
    """ Convert a list of stories to more usable format. Assumes all columns are present, and in order """
    filtered = []
    for story in stories:
        story_id = story[0]
        title = story[1]

        updates = []
        for update in get_updates(story_id):
            author = user.get_user(id=update[2])[1]
            updates.append({
                "author": author,
                "timestamp": datetime.datetime.fromtimestamp(update[3]).strftime("%B %d, %Y %I:%M %p"),
                "content": update[4]
            })

        filtered.append({
            "story_id": story_id,
            "title": title,
            "updates": updates
        })

    return filtered
Ejemplo n.º 53
0
    def login():
        if request.method == 'GET':
            return render_template('login.html', target = '/login', way = '登陆')
        if request.method == 'POST':
            user_name = request.form.get('username')
            password = request.form.get('password')
            user_info = get_user(user_name)
            emsg = None
            if user_info is None:
                emsg = '该用户名不存在'
            else:
                user = User(user_info)
                if user.verify_password(password):  # 校验密码
                    login_user(user)  # 创建用户 Session
                else:
                    emsg = "密码有误"

            if emsg is None:
                return redirect(request.args.get('next') or '/yukiyu/main')
 
            else:
                flash(emsg)
                return redirect('/login')
Ejemplo n.º 54
0
def login():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        error = None

        user = get_user(username)
        if user is not None:
            user_password = user[1]
            if not check_password_hash(user_password, password):
                error = 'Incorrect password, please try again.'
        else:
            error = 'User not found'

        if error is None:
            session.clear()
            session['authenticated'] = 'true'
            session['user_id'] = token_urlsafe()
            return redirect(url_for('ansible'))

        flash(error)

    return render_template('login.html')
Ejemplo n.º 55
0
def user_update():
    # 获取用户更新信息,username作为唯一标识符,且不能更新
    username = request.args.get('username', '')
    age = request.form.get('age', '')
    job = request.form.get('job', '')
    password = request.form.get('password', '')
    # 更新操作代码块
    if request.method == 'GET':
        # 用户信息回显
        user_dict = user.get_user(username)
        return render_template('user_upd.html',
                               username=username,
                               user_dict=user_dict)
    else:
        if not username or not password:
            return render_template('user_upd.html', error=u'(密码)不能为空,请重新输入')
        elif user.update_users(username=username,
                               age=age,
                               password=password,
                               job=job):
            return redirect('/user/list/')
        else:
            return "用户更新失败!"
Ejemplo n.º 56
0
def team_edit():
    params = utils.flat_multi(request.form)
    _user = user.get_user().first()
    _team = get_team(tid=_user.tid).first()
    if _user.uid != _team.owner:
        raise WebException(
            "You must be the captain of your team to edit information!")
    if _team.finalized:
        raise WebException("This team is finalized.")

    with app.app_context():
        update = {}
        if params.get("new_teamname") is not None:
            if get_team(teamname_lower=params["new_teamname"].lower()).first(
            ) is not None:
                raise WebException("This team name is taken!")
            update["teamname"] = params["new_teamname"]
            update["teamname_lower"] = params["new_teamname"].lower()
        if params.get("new_school") is not None:
            update["school"] = params["new_school"]
        _team.update_info(update)

    return {"success": 1}
Ejemplo n.º 57
0
def new_password_page():
    db = current_app.config["db"]
    error = None
    if request.method == "GET":
        values = {"old_password": "", "s_question": "", "new_password": ""}
        return render_template("new_password.html", values=values)
    else:
        old_password = request.form["old_password"]
        s_question = request.form["s_question"]
        new_password = request.form["new_password"]
        user = get_user(current_user.email)
        if hasher.verify(old_password, user.password):
            if current_user.is_student:
                if s_question == db.get_student(current_user.email)[-1]:
                    db.change_password(current_user.email,
                                       hasher.hash(new_password),
                                       current_user.is_student)
                else:
                    error = "Security question's answer is incorrect"
            else:
                if s_question == db.get_authorized(current_user.email)[-1]:
                    db.change_password(current_user.email,
                                       hasher.hash(new_password),
                                       current_user.is_student)
                else:
                    error = "Security question's answer is incorrect"
        else:
            error = "Old password is incorrect"

        if error is not None:
            flash(error)
            values = {"old_password": "", "s_question": "", "new_password": ""}
            return render_template("new_password.html", values=values)

        flash("Your password is changed")
        return redirect(url_for("profile_page"))
Ejemplo n.º 58
0
def profile_modify():
    profile = user.get_user(session['id'])
    return render_template('profile_modify.html', profile=profile)
Ejemplo n.º 59
0
def load_user(user_id):
    return get_user(user_id)
Ejemplo n.º 60
0
def user(userID):
  userData = get_user(userID, domain=request.args.get('domain'))

  return render_template('json_viewer.html', data=userData)