Example #1
0
def change_password(token=None):
    if not token and not flask.session.get("logged_in_email"):
        return flask.redirect("/login")

    if flask.request.method == "POST":
        form_data = flask.request.form.to_dict()

        new_pass = form_data["new_pass"]
        check_pass = form_data["check_pass"]

        if token:
            staff_member = database.find("staff", token=token)
            staff_member = staff_member.next()

        else:
            old_pass = form_data["old_pass"]

            email = flask.session["logged_in_email"]
            staff_member = database.find("staff", email=email)
            staff_member = staff_member.next()

            try:
                assert sugar.check_hash(old_pass, staff_member["password"])
            except AssertionError:
                flask.flash("Wrong password.", "error")
                return

        try:
            assert sugar.check_hash(new_pass, sugar.make_hash(check_pass))
        except AssertionError:
            flask.flash("New passwords do not match.", "error")
            return {"token": token}

        try:
            assert new_pass != u""
        except AssertionError:
            flask.flash("Please enter a new password.", "error")
        else:
            session = database.get_session()

            staff_row = database.get_or_404("staff", id=staff_member.id)
            staff_schema = StaffSchema.from_flat(staff_row)

            staff_schema["password"].set(sugar.make_hash(new_pass))

            if staff_schema.validate():
                staff_row.update(staff_schema.flatten())
                session.save(staff_row)
                session.commit()

                flask.flash("Password changed sucessfuly.", "success")

                if token:
                    login_url = flask.url_for("auth.login", next=flask.url_for("meeting.home"))
                    return flask.redirect(login_url)

    return {"token": token}
Example #2
0
def capitalize_names(meeting_id):
    session = database.get_session()
    persons = database.find("person", meeting_id=str(meeting_id))
    for p in persons:
        p["personal_first_name"] = schema.common.clean_and_cap(p["personal_first_name"])

        p["personal_last_name"] = schema.common.clean_and_cap(p["personal_last_name"], is_last_name=True)
        session.save(p)
    session.commit()
Example #3
0
def update_past_mail_logs_schema(meeting_id):
    session = database.get_session()
    mail_logs = database.find("mail_log", meeting_id=str(meeting_id))
    for m in mail_logs:
        if m.get("mail_to"):
            m["mail_to_0"] = m.pop("mail_to")
            m["mail_cc_0"] = m.pop("mail_cc")
            session.save(m)
    session.commit()
Example #4
0
def reset_password():
    email_to_reset_password = flask.request.form.get("email", "")

    if flask.request.method == "POST":
        try:
            staff_member = [i for i in database.find("staff", email=email_to_reset_password)]
            assert len(staff_member) == 1
            staff_member = staff_member[0]
        except AssertionError:
            flask.flash(u"Your email does not exist in our database.", "error")
        else:
            auth_token = sugar.generate_token(email_to_reset_password)

            session = database.get_session()

            staff_row = database.get_or_404("staff", id=staff_member.id)
            staff_schema = StaffSchema.from_flat(staff_row)

            staff_schema["token"].set(auth_token)

            if staff_schema.validate():
                staff_row.update(staff_schema.flatten())
                session.save(staff_row)
                session.commit()

            app = flask.current_app
            mail = Mail(app)

            settings_url = app.config.get("HOSTNAME")
            mail_msg_link = "%s/%s/change-password" % (settings_url, auth_token)

            msg_subject = "Reset your Cites password"
            msg_sender = app.config.get("DEFAULT_MAIL_SENDER")
            msg_recipients = [email_to_reset_password]
            msg_body = str(
                "Forgot your password?\n\nCites received a request "
                "to reset the password for your account.\n"
                "If you want to reset your "
                "password, click on the link below (or copy and "
                "paste the URL into your browser):\n\n%s\n\nThis "
                "link takes you to a secure page where you can "
                "change your password.\nIf you don't want to "
                "reset your password, please ignore this "
                "message. Your password will not be reset."
                "\n\nThe Cites Team" % (mail_msg_link)
            )

            msg = Message(msg_subject, sender=msg_sender, recipients=msg_recipients, body=msg_body)

            mail.send(msg)

            flash_message = str(
                "We've sent password reset instructions to your "
                "email address. Please also check your email's "
                "spam filter."
            )
            flask.flash(flash_message, "success")
Example #5
0
def change_region_from_zero_to_None(meeting_id):
    session = database.get_session()
    persons = database.find("person", representing_region="0")

    for p in persons:
        if p["representing_region"] == "0":
            p["representing_region"] = u""
            session.save(p)

    session.commit()
Example #6
0
def generate_users(meeting_id, number_of_copies=27):
    app = flask.current_app
    user_generator = database.find("person", meeting_id=str(meeting_id))
    session = database.get_session()
    for user in user_generator:
        for i in xrange(int(number_of_copies)):
            person_row = database.new('person')
            person_row.update(user)
            session.save(person_row)
    session.commit()
Example #7
0
def login():
    login_email = flask.request.form.get("email", "").lower()
    login_password = flask.request.form.get("password", "")
    next_url = flask.request.values.get("next", flask.url_for("meeting.home"))

    if flask.request.method == "POST":
        try:
            staff_member = [i for i in database.find("staff", email=login_email)]
            assert len(staff_member) == 1
            staff_member = staff_member[0]

            assert staff_member.get("password", None)
            assert sugar.check_hash(login_password, staff_member["password"])
        except AssertionError:
            flask.flash(u"Login failed", "error")
        else:
            flask.session["logged_in_email"] = login_email
            return flask.redirect(next_url)

    return {"email": login_email, "next": next_url}
Example #8
0
def activity(meeting_id, subject, what, what_id):
    session = database.get_session()
    email = flask.session.get("logged_in_email", "")

    try:
        staff_member = [i.id for i in database.find("staff", email=email)][0]
    except IndexError:
        staff_member = None

    activity_schema = ActivitySchema.from_flat({
        "meeting_id": meeting_id,
        "staff_id": staff_member,
        "subject": subject,
        "date": datetime.now(),
        "what": what,
        "what_id": what_id,
    })
    if activity_schema.validate():
        activity_row = database.new('activity')
        activity_row.update(activity_schema.flatten())
        session.save(activity_row)
        session.commit()