def display(username):
user = webapp.user.get_user(username=username)
if not user:
flask.abort(http.client.NOT_FOUND)
if not webapp.user.am_admin_or_self(user):
flask.abort(http.client.FORBIDDEN)
user.pop("password", None)
user.pop("apikey", None)
user["logs"] = {"href": utils.url_for(".logs", username=user["username"])}
return utils.jsonify(utils.get_json(**user),
schema_url=utils.url_for("api_schema.user"))
def software():
result = [{
"name": s[0],
"version": s[1],
"href": s[2]
} for s in webapp.about.get_software()]
return utils.jsonify(utils.get_json(software=result),
schema_url=utils.url_for("api_schema.about_software"))
def logs(username):
user = webapp.user.get_user(username=username)
if not user:
flask.abort(http.client.NOT_FOUND)
if not webapp.user.am_admin_or_self(user):
flask.abort(http.client.FORBIDDEN)
return utils.jsonify(utils.get_json(user=get_user_basic(user),
logs=utils.get_logs(user["iuid"])),
schema_url=utils.url_for("api_schema.logs"))
def send_password_code(user, action):
"Send an email with the one-time code to the user's email address."
site = flask.current_app.config["SITE_NAME"]
message = flask_mail.Message(f"{site} user account {action}",
recipients=[user["email"]])
url = utils.url_for(".password",
username=user["username"],
code=user["password"][len("code:"):])
message.body = f"To set your password, go to {url}"
utils.mail.send(message)
def root():
"API root."
items = {
"schema": {
"root": {
"href": utils.url_for("api_schema.root")
},
"logs": {
"href": utils.url_for("api_schema.logs")
},
"user": {
"href": utils.url_for("api_schema.user")
},
"users": {
"href": utils.url_for("api_schema.users")
},
"about/software": {
"href": utils.url_for("api_schema.about_software")
}
},
"about": {
"software": {
"href": utils.url_for("api_about.software")
}
}
}
if flask.g.current_user:
items["user"] = {
"username":
flask.g.current_user["username"],
"href":
utils.url_for("api_user.display",
username=flask.g.current_user["username"])
}
if flask.g.am_admin:
items["users"] = {"href": utils.url_for("api_user.all")}
return utils.jsonify(utils.get_json(**items),
schema_url=utils.url_for("api_schema.root"))
def get_user_basic(user):
"Return the basic JSON data for a user."
return {
"username": user["username"],
"href": utils.url_for(".display", username=user["username"])
}
def all():
if not flask.g.am_admin:
flask.abort(http.client.FORBIDDEN)
users = [get_user_basic(u) for u in webapp.user.get_users()]
return utils.jsonify(utils.get_json(users=users),
schema_url=utils.url_for("api_schema.users"))
def register():
"Register a new user account."
if utils.http_GET():
return flask.render_template("user/register.html")
elif utils.http_POST():
try:
with UserSaver() as saver:
saver.set_username(flask.request.form.get("username"))
saver.set_email(flask.request.form.get("email"))
saver.set_role(constants.USER)
if flask.g.am_admin:
password = flask.request.form.get("password") or None
if password:
confirm = flask.request.form.get("confirm_password")
if password != confirm:
raise ValueError("Password differs from"
" confirmed password.")
saver.set_password(password)
saver.set_status(constants.ENABLED)
elif not flask.current_app.config["MAIL_SERVER"]:
password = flask.request.form.get("password") or None
if password:
confirm = flask.request.form.get("confirm_password")
if password != confirm:
raise ValueError("Password an confirmed password"
" not the same.")
saver.set_password(password)
else:
saver.set_password()
user = saver.doc
except ValueError as error:
return utils.error(error)
utils.get_logger().info(f"registered user {user['username']}")
# Directly enabled.
if user["status"] == constants.ENABLED:
if user["password"][:5] == "code:":
utils.get_logger().info(f"enabled user {user['username']}")
# Send code by email to user.
if flask.current_app.config["MAIL_SERVER"]:
send_password_code(user, "registration")
utils.flash_message("User account created; check your email.")
# No email server: must contact admin.
else:
utils.flash_message("User account created; contact"
" the site admin to get the password"
" setting code.")
# Directly enabled and password set. No email to anyone.
else:
utils.get_logger().info(f"enabled user {user['username']}"
" and set password")
utils.flash_message("User account created and password set.")
# Was set to 'pending'; send email to admins if email server defined.
elif flask.current_app.config["MAIL_SERVER"]:
admins = get_users(constants.ADMIN, status=constants.ENABLED)
emails = [u["email"] for u in admins]
site = flask.current_app.config["SITE_NAME"]
message = flask_mail.Message(f"{site} user account pending",
recipients=emails)
url = utils.url_for(".display", username=user["username"])
message.body = f"To enable the user account, go to {url}"
utils.mail.send(message)
utils.get_logger().info(f"pending user {user['username']}")
utils.flash_message("User account created; an email will be sent"
" when it has been enabled by the admin.")
else:
utils.get_logger().info(f"pending user {user['username']}")
utils.flash_message("User account created; admin will enable it"
" at some point. Try login later.")
return flask.redirect(flask.url_for("home"))