def fork(self, project_id=None, mount_point=None, mount_label=None): # this shows the form and handles the submission security.require_authenticated() if not c.app.forkable: raise exc.HTTPNotFound from_repo = c.app.repo ThreadLocalORMSession.flush_all() ThreadLocalORMSession.close_all() from_project = c.project to_project = M.Project.query.get(_id=ObjectId(project_id)) mount_label = mount_label or '%s - %s' % ( c.project.name, c.app.config.options.mount_label) mount_point = (mount_point or from_project.shortname) if request.method != 'POST' or not mount_point: return dict(from_repo=from_repo, user_project=c.user.private_project(), mount_point=mount_point, mount_label=mount_label) else: with h.push_config(c, project=to_project): if not to_project.database_configured: to_project.configure_project(is_user_project=True) security.require(security.has_access(to_project, 'admin')) try: to_project.install_app( ep_name=from_repo.tool_name, mount_point=mount_point, mount_label=mount_label, cloned_from_project_id=from_project._id, cloned_from_repo_id=from_repo._id) redirect(to_project.url() + mount_point + '/') except exc.HTTPRedirection: raise except Exception, ex: flash(str(ex), 'error') redirect(request.referer)
def pwd_expired_change(self, **kw): require_authenticated() return_to = kw.get("return_to") kw = F.password_change_form.to_python(kw, None) ap = plugin.AuthenticationProvider.get(request) try: expired_username = session.get("expired-username") expired_user = M.User.query.get(username=expired_username) if expired_username else None ap.set_password(expired_user or c.user, kw["oldpw"], kw["pw"]) expired_user.set_tool_data("allura", pwd_reset_preserve_session=session.id) expired_user.set_tool_data("AuthPasswordReset", hash="", hash_expiry="") # Clear password reset token except wexc.HTTPUnauthorized: flash("Incorrect password", "error") redirect(tg.url("/auth/pwd_expired", dict(return_to=return_to))) flash("Password changed") session.pop("pwd-expired", None) session["username"] = session.get("expired-username") session.pop("expired-username", None) session.save() h.auditlog_user("Password reset (via expiration process)") if return_to and return_to != request.url: redirect(return_to) else: redirect("/")
def pwd_expired_change(self, **kw): require_authenticated() return_to = kw.get('return_to') kw = F.password_change_form.to_python(kw, None) ap = plugin.AuthenticationProvider.get(request) try: expired_username = session.get('expired-username') expired_user = M.User.query.get( username=expired_username) if expired_username else None ap.set_password(expired_user or c.user, kw['oldpw'], kw['pw']) expired_user.set_tool_data('allura', pwd_reset_preserve_session=session.id) expired_user.set_tool_data( 'AuthPasswordReset', hash='', hash_expiry='') # Clear password reset token except wexc.HTTPUnauthorized: flash('Incorrect password', 'error') redirect(tg.url('/auth/pwd_expired', dict(return_to=return_to))) flash('Password changed') session.pop('pwd-expired', None) session['username'] = session.get('expired-username') session.pop('expired-username', None) session.save() h.auditlog_user('Password reset (via expiration process)') if return_to and return_to != request.url: redirect(return_to) else: redirect('/')
def follow(self, follow, **kw): activity_enabled = config.get('activitystream.enabled', False) activity_enabled = request.cookies.get('activitystream.enabled', activity_enabled) activity_enabled = asbool(activity_enabled) if not activity_enabled: raise exc.HTTPNotFound() require_authenticated() followee = c.project if c.project.is_user_project: followee = c.project.user_project_of if c.user == followee: return dict(success=False, message='Cannot follow yourself') try: if follow: g.director.connect(c.user, followee) else: g.director.disconnect(c.user, followee) except Exception as e: log.exception('Unexpected error following user') return dict(success=False, message='Unexpected error: %s' % e) return dict(success=True, message=W.follow_toggle.success_message(follow), following=follow)
def pwd_expired_change(self, **kw): require_authenticated() return_to = kw.get('return_to') kw = F.password_change_form.to_python(kw, None) ap = plugin.AuthenticationProvider.get(request) try: expired_username = session.get('expired-username') expired_user = M.User.query.get(username=expired_username) if expired_username else None ap.set_password(expired_user or c.user, kw['oldpw'], kw['pw']) expired_user.set_tool_data('allura', pwd_reset_preserve_session=session.id) expired_user.set_tool_data('AuthPasswordReset', hash='', hash_expiry='') # Clear password reset token except wexc.HTTPUnauthorized: flash('Incorrect password', 'error') redirect(tg.url('/auth/pwd_expired', dict(return_to=return_to))) flash('Password changed') session.pop('pwd-expired', None) session['username'] = session.get('expired-username') session.pop('expired-username', None) session.save() h.auditlog_user('Password reset (via expiration process)') if return_to and return_to != request.url: redirect(return_to) else: redirect('/')
def follow(self, follow, **kw): activity_enabled = asbool(config.get('activitystream.enabled', False)) if not activity_enabled: raise exc.HTTPNotFound() require_authenticated() followee = c.project if c.project.is_user_project: followee = c.project.user_project_of if c.user == followee: return dict( success=False, message='Cannot follow yourself') try: if follow: g.director.connect(c.user, followee) else: g.director.disconnect(c.user, followee) except Exception as e: log.exception('Unexpected error following user') return dict( success=False, message='Unexpected error: %s' % e) return dict( success=True, message=W.follow_toggle.success_message(follow), following=follow)
def fork(self, project_id=None, mount_point=None, mount_label=None): # this shows the form and handles the submission security.require_authenticated() if not c.app.forkable: raise exc.HTTPNotFound from_repo = c.app.repo ThreadLocalORMSession.flush_all() ThreadLocalORMSession.close_all() from_project = c.project to_project = M.Project.query.get(_id=ObjectId(project_id)) mount_label = mount_label or '%s - %s' % (c.project.name, c.app.config.options.mount_label) mount_point = (mount_point or from_project.shortname) if request.method != 'POST' or not mount_point: return dict(from_repo=from_repo, user_project=c.user.private_project(), mount_point=mount_point, mount_label=mount_label) else: with h.push_config(c, project=to_project): if not to_project.database_configured: to_project.configure_project(is_user_project=True) security.require(security.has_access(to_project, 'admin')) try: to_project.install_app( ep_name=from_repo.tool_name, mount_point=mount_point, mount_label=mount_label, cloned_from_project_id=from_project._id, cloned_from_repo_id=from_repo._id) redirect(to_project.url()+mount_point+'/') except exc.HTTPRedirection: raise except Exception, ex: flash(str(ex), 'error') redirect(request.referer)
def authorize(self, oauth_token=None): security.require_authenticated() rtok = M.OAuthRequestToken.query.get(api_key=oauth_token) if rtok is None: log.error('Invalid token %s', oauth_token) raise exc.HTTPForbidden rtok.user_id = c.user._id return dict(oauth_token=oauth_token, consumer=rtok.consumer_token)
def authorize(self, oauth_token=None): security.require_authenticated() rtok = M.OAuthRequestToken.query.get(api_key=oauth_token) if rtok is None: log.error("Invalid token %s", oauth_token) raise exc.HTTPForbidden rtok.user_id = c.user._id return dict(oauth_token=oauth_token, consumer=rtok.consumer_token)
def change_personal_data(self, **kw): require_authenticated() c.user.set_pref("sex", kw["sex"]) c.user.set_pref("birthdate", kw.get("birthdate")) localization = {"country": kw.get("country"), "city": kw.get("city")} c.user.set_pref("localization", localization) c.user.set_pref("timezone", kw["timezone"]) flash("Your personal data was successfully updated!") redirect(".")
def change_personal_data(self, **kw): require_authenticated() c.user.set_pref('sex', kw['sex']) c.user.set_pref('birthdate', kw.get('birthdate')) localization = {'country': kw.get('country'), 'city': kw.get('city')} c.user.set_pref('localization', localization) c.user.set_pref('timezone', kw['timezone']) flash('Your personal data was successfully updated!') redirect('.')
def _check_security(self): require_authenticated() enable_editing = config.get('trovecategories.enableediting', 'false') if enable_editing == 'admin': with h.push_context(config.get('site_admin_project', 'allura'), neighborhood=config.get('site_admin_project_nbhd', 'Projects')): require_access(c.project, 'admin') elif enable_editing != 'true': raise HTTPForbidden()
def change_personal_data(self, **kw): require_authenticated() c.user.set_pref('sex', kw['sex']) c.user.set_pref('birthdate', kw.get('birthdate')) localization={'country':kw.get('country'), 'city':kw.get('city')} c.user.set_pref('localization', localization) c.user.set_pref('timezone', kw['timezone']) flash('Your personal data was successfully updated!') redirect('.')
def delete(self, id=None): require_authenticated() app = M.OAuthConsumerToken.query.get(_id=bson.ObjectId(id)) if app is None: flash('Invalid app ID', 'error') redirect('.') if app.user_id != c.user._id: flash('Invalid app ID', 'error') redirect('.') app.delete() flash('Application deleted') redirect('.')
def do_authorize(self, yes=None, no=None, oauth_token=None): security.require_authenticated() rtok = M.OAuthRequestToken.query.get(api_key=oauth_token) if no: rtok.delete() flash("%s NOT AUTHORIZED" % rtok.consumer_token.name, "error") redirect("/auth/oauth/") if rtok.callback == "oob": rtok.validation_pin = h.nonce(6) return dict(rtok=rtok) rtok.validation_pin = h.nonce(20) if "?" in rtok.callback: url = rtok.callback + "&" else: url = rtok.callback + "?" url += "oauth_token=%s&oauth_verifier=%s" % (rtok.api_key, rtok.validation_pin) redirect(url)
def index(self, **kw): require_authenticated() if self.category: selected_cat = self.category l = self.category.subcategories hierarchy = [] temp_cat = self.category.parent_category while temp_cat: hierarchy = [temp_cat] + hierarchy temp_cat = temp_cat.parent_category else: l = M.TroveCategory.query.find(dict(trove_parent_id=0)) selected_cat = None hierarchy = [] return dict(categories=l, selected_cat=selected_cat, hierarchy=hierarchy)
def subscribe(self, **kw): require_authenticated() forum = kw.pop('forum', []) thread = kw.pop('thread', []) objs = [] for data in forum: objs.append(dict(obj=model.Forum.query.get(shortname=data['shortname'], app_config_id=c.app.config._id), subscribed=bool(data.get('subscribed')))) for data in thread: objs.append(dict(obj=model.Thread.query.get(_id=data['id']), subscribed=bool(data.get('subscribed')))) for obj in objs: if obj['subscribed']: obj['obj'].subscriptions[str(c.user._id)] = True else: obj['obj'].subscriptions.pop(str(c.user._id), None) redirect(request.referer)
def do_authorize(self, yes=None, no=None, oauth_token=None): security.require_authenticated() rtok = M.OAuthRequestToken.query.get(api_key=oauth_token) if no: rtok.delete() flash('%s NOT AUTHORIZED' % rtok.consumer_token.name, 'error') redirect('/auth/oauth/') if rtok.callback == 'oob': rtok.validation_pin = h.nonce(6) return dict(rtok=rtok) rtok.validation_pin = h.nonce(20) if '?' in rtok.callback: url = rtok.callback + '&' else: url = rtok.callback + '?' url += 'oauth_token=%s&oauth_verifier=%s' % ( rtok.api_key, rtok.validation_pin) redirect(url)
def index(self, **kw): require_authenticated() c.form = F.subscription_form c.revoke_access = F.oauth_revocation_form subscriptions = [] mailboxes = M.Mailbox.query.find(dict(user_id=c.user._id, is_flash=False)) mailboxes = list(mailboxes.ming_cursor) project_collection = M.Project.query.mapper.collection app_collection = M.AppConfig.query.mapper.collection projects = dict( (p._id, p) for p in project_collection.m.find(dict( _id={'$in': [mb.project_id for mb in mailboxes ]}))) app_index = dict( (ac._id, ac) for ac in app_collection.m.find(dict( _id={'$in': [mb.app_config_id for mb in mailboxes]}))) for mb in mailboxes: project = projects.get(mb.project_id, None) app_config = app_index.get(mb.app_config_id, None) if project is None: mb.m.delete() continue if app_config is None: continue title = mb.artifact_title if mb.artifact_url: title = '<a href="%s">%s</a>' % (mb.artifact_url,title) subscriptions.append(dict( _id=mb._id, project_name=project.name, mount_point=app_config.options['mount_point'], artifact_title=title, topic=mb.topic, type=mb.type, frequency=mb.frequency.unit, artifact=mb.artifact_index_id)) api_token = M.ApiToken.query.get(user_id=c.user._id) provider = plugin.AuthenticationProvider.get(request) menu = provider.account_navigation() return dict( subscriptions=subscriptions, api_token=api_token, authorized_applications=M.OAuthAccessToken.for_user(c.user), menu=menu)
def index(self, **kw): require_authenticated() if self.category: selected_cat = self.category l = self.category.subcategories hierarchy = [] temp_cat = self.category.parent_category while temp_cat: hierarchy = [temp_cat] + hierarchy temp_cat = temp_cat.parent_category else: l = M.TroveCategory.query.find(dict(trove_parent_id=0)) selected_cat = None hierarchy = [] return dict( categories=l, selected_cat=selected_cat, hierarchy=hierarchy)
def create(self, **kw): require_authenticated() name = kw.get('categoryname') upper_id = int(kw.get('uppercategory_id', 0)) upper = M.TroveCategory.query.get(trove_cat_id=upper_id) if upper_id == 0: path = name show_as_skill = True elif upper is None: flash('Invalid upper category.', "error") redirect('/categories') return else: path = upper.fullpath + " :: " + name show_as_skill = upper.show_as_skill newid = max( [el.trove_cat_id for el in M.TroveCategory.query.find()]) + 1 shortname = name.replace(" ", "_").lower() shortname = ''.join([(c if (c in digits or c in lowercase) else "_") for c in shortname]) oldcat = M.TroveCategory.query.get(shortname=shortname) if oldcat: flash('Category "%s" already exists.' % name, "error") else: category = M.TroveCategory( trove_cat_id=newid, trove_parent_id=upper_id, fullname=name, shortname=shortname, fullpath=path, show_as_skill=show_as_skill) if category: flash('Category "%s" successfully created.' % name) else: flash('An error occured while crearing the category.', "error") if upper: redirect('/categories/%s' % upper.shortname) else: redirect('/categories')
def create(self, **kw): require_authenticated() name = kw.get('categoryname') upper_id = int(kw.get('uppercategory_id', 0)) upper = M.TroveCategory.query.get(trove_cat_id=upper_id) if upper_id == 0: path = name show_as_skill = True elif upper is None: flash('Invalid upper category.', "error") redirect('/categories') return else: path = upper.fullpath + " :: " + name show_as_skill = upper.show_as_skill newid = max([el.trove_cat_id for el in M.TroveCategory.query.find()]) + 1 shortname = name.replace(" ", "_").lower() shortname = ''.join([(c if (c in digits or c in lowercase) else "_") for c in shortname]) oldcat = M.TroveCategory.query.get(shortname=shortname) if oldcat: flash('Category "%s" already exists.' % name, "error") else: category = M.TroveCategory(trove_cat_id=newid, trove_parent_id=upper_id, fullname=name, shortname=shortname, fullpath=path, show_as_skill=show_as_skill) if category: flash('Category "%s" successfully created.' % name) else: flash('An error occured while crearing the category.', "error") if upper: redirect('/categories/%s' % upper.shortname) else: redirect('/categories')
def subscribe(self, **kw): require_authenticated() forum = kw.pop('forum', []) thread = kw.pop('thread', []) objs = [] for data in forum: objs.append( dict(obj=model.Forum.query.get(shortname=data['shortname'], app_config_id=c.app.config._id), subscribed=bool(data.get('subscribed')))) for data in thread: objs.append( dict(obj=model.Thread.query.get(_id=data['id']), subscribed=bool(data.get('subscribed')))) for obj in objs: if obj['subscribed']: obj['obj'].subscriptions[str(c.user._id)] = True else: obj['obj'].subscriptions.pop(str(c.user._id), None) redirect(request.referer)
def update(self, display_name=None, addr=None, new_addr=None, primary_addr=None, oid=None, new_oid=None, preferences=None, **kw): require_authenticated() if config.get('auth.method', 'local') == 'local': if display_name is None: flash("Display Name cannot be empty.",'error') redirect('.') c.user.set_pref('display_name', display_name) for i, (old_a, data) in enumerate(zip(c.user.email_addresses, addr or [])): obj = c.user.address_object(old_a) if data.get('delete') or not obj: del c.user.email_addresses[i] if obj: obj.delete() c.user.set_pref('email_address', primary_addr) if new_addr.get('claim'): if M.EmailAddress.query.get(_id=new_addr['addr'], confirmed=True): flash('Email address already claimed', 'error') else: c.user.email_addresses.append(new_addr['addr']) em = M.EmailAddress.upsert(new_addr['addr']) em.claimed_by_user_id=c.user._id em.send_verification_link() for i, (old_oid, data) in enumerate(zip(c.user.open_ids, oid or [])): obj = c.user.openid_object(old_oid) if data.get('delete') or not obj: del c.user.open_ids[i] if obj: obj.delete() for k,v in preferences.iteritems(): if k == 'results_per_page': v = int(v) c.user.set_pref(k, v) if 'email_format' in preferences: c.user.set_pref('email_format', preferences['email_format']) redirect('.')
def add_telnumber(self, **kw): require_authenticated() c.user.add_telephonenumber(kw['newnumber']) flash('Your personal contacts were successfully updated!') redirect('.')
def register(self, application_name=None, application_description=None, **kw): require_authenticated() M.OAuthConsumerToken(name=application_name, description=application_description) flash('OAuth Application registered') redirect('.')
def _check_security(self): require_authenticated()
def add_inactive_period(self, **kw): require_authenticated() c.user.add_inactive_period(kw['startdate'], kw['enddate']) flash('Your inactivity periods were successfully updated!') redirect('.')
def skype_account(self, **kw): require_authenticated() c.user.set_pref('skypeaccount', kw['skypeaccount']) flash('Your personal contacts were successfully updated!') redirect('.')
def add_webpage(self, **kw): require_authenticated() c.user.add_webpage(kw['newwebsite']) flash('Your personal contacts were successfully updated!') redirect('.')
def pwd_expired(self, **kw): require_authenticated() c.form = F.password_change_form return {'return_to': kw.get('return_to')}
def remove_inactive_period(self, **kw): require_authenticated() c.user.remove_inactive_period(kw['startdate'], kw['enddate']) flash('Your availability timeslots were successfully updated!') redirect('.')
def needs_auth(self): require_authenticated() return ''
def remove(self, **kw): require_authenticated() cat = M.TroveCategory.query.get(trove_cat_id=int(kw['categoryid'])) if cat.trove_parent_id: parent = M.TroveCategory.query.get( trove_cat_id=cat.trove_parent_id) redirecturl = '/categories/%s' % parent.shortname else: redirecturl = '/categories' if len(cat.subcategories) > 0: m = "This category contains at least one sub-category, " m = m + "therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if len(M.User.withskill(cat)) > 0: m = "This category is used as a skill by at least a user, " m = m + "therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if M.Project.query.get(trove_root_database=cat._id): m = "This category is used as a database by at least a project, " m = m + "therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if M.Project.query.get(trove_developmentstatus=cat._id): m = "This category is used as development status by at least a " m = m + "project, therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if M.Project.query.get(trove_audience=cat._id): m = "This category is used as intended audience by at least a " m = m + "project, therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if M.Project.query.get(trove_license=cat._id): m = "This category is used as a license by at least a " m = m + "project, therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if M.Project.query.get(trove_os=cat._id): m = "This category is used as operating system by at least a " m = m + "project, therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if M.Project.query.get(trove_language=cat._id): m = "This category is used as programming language by at least a " m = m + "project, therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if M.Project.query.get(trove_topic=cat._id): m = "This category is used as a topic by at least a " m = m + "project, therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if M.Project.query.get(trove_natlanguage=cat._id): m = "This category is used as a natural language by at least a " m = m + "project, therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if M.Project.query.get(trove_environment=cat._id): m = "This category is used as an environment by at least a " m = m + "project, therefore it can't be removed." flash(m, "error") redirect(redirecturl) return M.TroveCategory.delete(cat) flash('Category removed.') redirect(redirecturl)
def remove_social_network(self, **kw): require_authenticated() c.user.remove_socialnetwork(kw['socialnetwork'], kw['account']) flash('Your personal contacts were successfully updated!') redirect('.')
def remove_timeslot(self, **kw): require_authenticated() c.user.remove_timeslot(kw['weekday'], kw['starttime'], kw['endtime']) flash('Your availability timeslots were successfully updated!') redirect('.')
def remove_webpage(self, **kw): require_authenticated() c.user.remove_webpage(kw['oldvalue']) flash('Your personal contacts were successfully updated!') redirect('.')
def index(self, **kw): require_authenticated() c.form = F.oauth_application_form return dict(apps=M.OAuthConsumerToken.for_user(c.user))
def remove(self, **kw): require_authenticated() cat = M.TroveCategory.query.get(trove_cat_id=int(kw['categoryid'])) if cat.trove_parent_id: parent=M.TroveCategory.query.get(trove_cat_id=cat.trove_parent_id) redirecturl = '/categories/%s' % parent.shortname else: redirecturl = '/categories' if len(cat.subcategories) > 0: m = "This category contains at least one sub-category, " m = m + "therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if len(M.User.withskill(cat)) > 0: m = "This category is used as a skill by at least a user, " m = m + "therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if M.Project.query.get(trove_root_database=cat._id): m = "This category is used as a database by at least a project, " m = m + "therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if M.Project.query.get(trove_developmentstatus=cat._id): m = "This category is used as development status by at least a " m = m + "project, therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if M.Project.query.get(trove_audience=cat._id): m = "This category is used as intended audience by at least a " m = m + "project, therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if M.Project.query.get(trove_license=cat._id): m = "This category is used as a license by at least a " m = m + "project, therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if M.Project.query.get(trove_os=cat._id): m = "This category is used as operating system by at least a " m = m + "project, therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if M.Project.query.get(trove_language=cat._id): m = "This category is used as programming language by at least a " m = m + "project, therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if M.Project.query.get(trove_topic=cat._id): m = "This category is used as a topic by at least a " m = m + "project, therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if M.Project.query.get(trove_natlanguage=cat._id): m = "This category is used as a natural language by at least a " m = m + "project, therefore it can't be removed." flash(m, "error") redirect(redirecturl) return if M.Project.query.get(trove_environment=cat._id): m = "This category is used as an environment by at least a " m = m + "project, therefore it can't be removed." flash(m, "error") redirect(redirecturl) return M.TroveCategory.delete(cat) flash('Category removed.') redirect(redirecturl)