def get(self, login_id, key): session_user.add_message( 'notice', "Please choose a new password to complete the reset request." ) self.assign_form() self.render_template()
def auth_post(self, action=None, objid=None, session_key=None): CrudBase.auth_post(self, action, objid, session_key) if self.action == self.DELETE: # prevent self-deletion if objid == session_user.id: session_user.add_message('error', 'You cannot delete your own user account') abort(403)
def process_args(self): # noqa had_strict_arg_failure = False for argname, processor, required, takes_list, list_item_invalidates, \ strict, show_msg, custom_msg, pass_as in self._processors: is_invalid = False pass_as = pass_as or argname argval = self.calling_args.get(argname, None) try: if isinstance(argval, list): if takes_list is False: raise formencode.Invalid('multiple values not allowed', argval, None) if takes_list is None: self.calling_args[pass_as] = argval = argval[0] elif takes_list: self.calling_args[pass_as] = argval = tolist(argval) if pass_as != argname: # catches a couple cases where a replacement doesn't # already happen above self.calling_args[pass_as] = argval # delete the old value if it exists if argname in self.calling_args: del self.calling_args[argname] if processor: if takes_list: processor = formencode.ForEach(processor) try: if required: processor = formencode.All(formencode.validators.NotEmpty, processor) processed_val = processor.to_python(argval) except formencode.Invalid as e: """ do a second round of processing for list values """ if not takes_list or not e.error_list or list_item_invalidates: raise """ only remove the bad values, keep the good ones """ new_list = [] for index, error in enumerate(e.error_list): if error is None: new_list.append(argval[index]) # revalidate for conversion and required processed_val = processor.to_python(new_list) self.calling_args[pass_as] = processed_val except formencode.Invalid as e: is_invalid = True if self.strict_args or strict: had_strict_arg_failure = True self.invalid_arg_keys.append(argname) if show_msg: invalid_msg = '%s: %s' % (argname, custom_msg or str(e)) user.add_message('error', invalid_msg) try: if is_invalid or self.calling_args[pass_as] is None or \ self.calling_args[pass_as] == '': del self.calling_args[pass_as] except KeyError: pass if len(self.invalid_arg_keys) > 0: log.debug('%s had bad args: %s', self.__class__.__name__, self.invalid_arg_keys) if had_strict_arg_failure: raise BadRequest('strict arg failure w/ invalid keys: %s' % self.invalid_arg_keys)
def delete_record(self): try: CommonCrudBase.delete_record(self) except IntegrityError: session_user.add_message( 'warning', 'could not delete, the {0} is in use'.format(self.objname) ) redirect(url_for(self.endpoint, action='manage', session_key=self.session_key))
def form_on_valid(self): formvals = self.form.get_values() # assigned groups and permissions stay the same for profile submissions formvals['assigned_groups'] = self.objinst.group_ids formvals['approved_permissions'], formvals['denied_permissions'] = \ self.objinst.assigned_permission_ids formvals['pass_reset_ok'] = False orm_User.edit(self.objid, **formvals) session_user.add_message('notice', 'profile updated succesfully')
def send_email_notifications(self): if self.form.elements.email_notify.value: if self.action == self.ADD: email_sent = send_new_user_email(self.form_resulting_entity) elif self.form.elements.password.value: email_sent = send_change_password_email(self.form_resulting_entity) if (self.action == self.ADD or self.form.elements.password.value) and not email_sent: session_user.add_message( 'error', 'An error occurred while sending the user notification email.' )
def post(self): if self.form.is_valid(): orm_User.get(session_user.id).update_password(self.form.elements.password.value) session_user.reset_required = False session_user.add_message('notice', 'Your password has been changed successfully.') url = after_login_url() if rg.request.url == url_for('auth:ChangePassword') \ else rg.request.url redirect(url) elif self.form.is_submitted(): # form was submitted, but invalid self.form.assign_user_errors() self.default()
def post(self, login_id, key): if self.form.is_valid(): self.user.update_password(self.form.elements.password.value) session_user.add_message('notice', 'Your password has been reset successfully.') # at this point, the user has been verified, and we can setup the user # session and kill the reset load_session_user(self.user) self.user.kill_reset_key() # redirect as if this was a login url = after_login_url() redirect(url) elif self.form.is_submitted(): # form was submitted, but invalid self.form.assign_user_errors() self.assign_form() self.render_template()
def post(self): if self.form.is_valid(): user = orm_User.validate( self.form.els.login_id.value, self.form.els.password.value ) if user: if user.inactive: session_user.add_message('error', 'That user is inactive.') else: load_session_user(user) log.application('user %s logged in; session id: %s; remote_ip: %s', user.login_id, rg.session.id, rg.request.remote_addr) session_user.add_message('notice', 'You logged in successfully!') if user.reset_required: url = url_for('auth:ChangePassword') else: url = after_login_url() redirect(url) else: log.application('user login failed; user login: %s; session id: %s; remote_ip: %s', self.form.elements.login_id.value, rg.session.id, rg.request.remote_addr) session_user.add_message('error', 'Login failed! Please try again.') elif self.form.is_submitted(): # form was submitted, but invalid self.form.assign_user_errors() self.default()
def post(self): if self.form.is_valid(): em_address = self.form.elements.email_address.value user_obj = orm_User.reset_password(em_address) if user_obj: if send_reset_password_email(user_obj): session_user.add_message( 'notice', 'An email with a link to reset your password has been sent.' ) else: session_user.add_message( 'error', 'An error occurred while sending the notification email. Your ' 'password has not been reset.' ) url = current_url(root_only=True) redirect(url) else: session_user.add_message( 'error', 'Did not find a user with email address: %s' % em_address ) elif self.form.is_submitted(): # form was submitted, but invalid self.form.assign_user_errors() self.default()
def post(self): if self.form.is_cancel(): user.add_message('notice', 'form submission cancelled, data not changed') self.default() if self.form.is_valid(): try: user.add_message('notice', 'form posted succesfully') self.assign('result', self.form.get_values()) return except Exception as e: # if the form can't handle the exception, re-raise it if not self.form.handle_exception(e): raise elif not self.form.is_submitted(): # form was not submitted, nothing left to do return # form was either invalid or caught an exception, assign error # messages self.form.assign_user_errors() self.default()
def form_on_cancel(self): session_user.add_message('notice', 'no changes made to your profile') redirect(current_url(root_only=True))
def default(self): user.add_message('notice', 'hi') self.render_json({'foo1': 'bar'}, add_user_messages=False)
def default(self): user.add_message('test', 'my message')
def abort(self, msg='invalid reset request'): session_user.add_message('error', '%s, use the form below to resend reset link' % msg) url = url_for('auth:LostPassword') redirect(url)
def flash_message(self, category, message): user.add_message(category, message)