def process_reset_request(token, form):
if not valid_token(token):
return page(load_content('expired.md'))
tokens = get_tokens()
rec = tokens.first(token=token)
if rec:
user = context.site.users.first(email=rec.email)
if user:
filler = dict(
username=user.username,
first_name=user.first_name,
)
if context.user.is_admin:
form.update(
dict(
new_password='******',
confirm='somenewpassword',
)
)
content = load_content('reset.md', **filler) + form.edit()
return page(content)
else:
# no user by that email!
error('invalid request')
return redirect_to('/')
else:
error('invalid reset request')
return redirect_to('/')
def create_button(self, *args, **data):
"""Create a record"""
collection = self.collection
user = collection.user
if collection.fields.validate(data):
record = collection.model(collection.fields, )
record.pop('key', None)
try:
key = record.key
except AttributeError:
key = None
if key and locate(collection, record.key) is not None:
error('That {} already exists'.format(collection.item_name))
else:
try:
# convert property to data attribute
# so it gets stored as data
record.key = record.key
except AttributeError:
# can happen when key depends on database
# auto-increment value.
pass
record.update(
dict(
created=now(),
updated=now(),
owner_id=user._id,
created_by=user._id,
updated_by=user._id,
))
self.before_insert(record)
collection.store.put(record)
self.after_insert(record)
msg = '%s added %s %s' % (user.link, collection.link,
record.link)
logger = logging.getLogger(__name__)
logger.info(msg)
log_activity(msg)
return redirect_to(collection.url)
def random(self):
for n in range(5):
choice([
lambda: success('Success %s' % n),
lambda: warning('Warning %s' % n),
lambda: error('Error %s' % n),
])()
return redirect_to('/sample/alerts')
def save_button(self, key, *a, **data):
collection = self.collection
user = collection.user
user.authorize('update', collection)
if collection.fields.validate(data):
record = locate(collection, key)
if record:
user.authorize('update', record)
record.update(collection.fields)
record.pop('key', None)
if record.key != key and locate(collection, record.key):
# record key should always be a str, even if the actual
# record.id is being used as the key.
error('That {} already exists'.format(
collection.item_name))
else:
record.updated = now()
record.updated_by = user._id
# convert property to data attribute
# so it gets stored as data
record.key = record.key
self.before_update(record)
collection.store.put(record)
self.after_update(record)
msg = '%s updated %s %s' % (user.link, collection.link,
record.link)
logger = logging.getLogger(__name__)
logger.info(msg)
log_activity(msg)
if record.key != key:
log_activity(
'%s changed %s %s to %s' %
(user.link, collection.link, key, record.key))
return redirect_to(record.url)
def login_button(self, **data):
"""login button control"""
logger = logging.getLogger(__name__)
logger.debug('login_button called')
site = zoom.system.request.site
username = data.get('username')
password = data.get('password')
remember_me = bool(data.get('remember_me'))
if username and password:
user = site.users.first(username=username, status='A')
if user:
if user.login(zoom.system.request, password, remember_me):
logger.info('user %s sucesfully logged in', username)
logger.debug(data)
if 'original_url' in data:
logger.debug('redirecting to %r', data['original_url'])
return zoom.redirect_to(data['original_url'])
return zoom.redirect_to('/')
logger.debug('failed login attempt for user %s', username)
error('incorrect username or password')
elif username:
error('password missing')
else:
error('username missing')
def reset_password(token, password, confirm):
"""reset the user password"""
if not valid_token(token):
return page(load_content('expired.md'))
elif not valid_new_password(password):
error('Invalid password ({})'.format(valid_new_password.msg))
elif password != confirm:
error('Passwords do not match')
else:
user = user_by_token(token)
if user:
user.set_password(password)
token_rec = get_tokens().delete(token=token)
return home('complete')
else:
error('Invalid request')
def reset_button(self, *args, **data):
if form.validate(data):
email = form.evaluate()['email']
if 'testco' in email:
if context.user.is_admin:
content = model.initiate_password_reset(email, fake=True)
msg = '<i>This message would be sent to user.</i><hr>'
return page(msg + content, title='Password Reset Message')
else:
error('invalid email address')
return False
err = model.initiate_password_reset(email)
if err:
error(err)
else:
return home('step2')
error('please enter a valid email address')
def login_button(self, **data):
logger = logging.getLogger(__name__)
logger.debug('login_button called')
site = self.model.site
username = data.get('username')
password = data.get('password')
remember_me = bool(data.get('remember_me'))
if username and password:
users = Users(site.db)
user = users.first(username=username, status='A')
if user:
if user.login(self.model, password, remember_me):
logger.info(
'user {!r} sucesfully logged in'.format(username))
return redirect_to('/')
logger.debug('failed login attempt for user {!r}'.format(username))
error('incorrect username or password')
elif username:
error('password missing')
else:
error('username missing')
def error(self):
error('that was bad!')
return redirect_to('/sample/alerts')