def validate(self):
rv = super(PermissionForm, self).validate()
if not rv:
return False
if not valid_username(self.name.data):
self.name.errors.append("Name contains invalid characters")
return False
existing = Permission.get(name=self.name.data, allusers=True)
if existing and existing.id != self.edit_id:
self.name.errors.append(
"A global permission with that name already exists")
return False
if self.context.data == self.edit_user.userid:
existing = Permission.get(name=self.name.data, user=self.edit_user)
else:
org = Organization.get(userid=self.context.data)
if org:
existing = Permission.get(name=self.name.data, org=org)
else:
existing = None
if existing and existing.id != self.edit_id:
self.name.errors.append(
"You have another permission with the same name")
return False
return True
def validate_name(self, field):
if not valid_username(field.data):
raise wtforms.ValidationError("Name contains invalid characters.")
existing = ResourceAction.query.filter_by(name=field.data, resource=self.edit_resource).first()
if existing and existing.id != self.edit_id:
raise wtforms.ValidationError("An action with that name already exists for this resource")
def validate_name(self, field):
if not valid_username(field.data):
raise wtforms.ValidationError("Name contains invalid characters.")
existing = self.edit_resource.get_action(field.data)
if existing and existing.id != self.edit_id:
raise wtforms.ValidationError("An action with that name already exists for this resource")
def validate_name(self, field):
if not valid_username(field.data):
raise wtf.ValidationError("Name contains invalid characters.")
existing = ResourceAction.query.filter_by(name=field.data, resource=self.edit_resource).first()
if existing and existing.id != self.edit_id:
raise wtf.ValidationError("An action with that name already exists for this resource")
def validate(self):
rv = super(PermissionForm, self).validate()
if not rv:
return False
if not valid_username(self.name.data):
self.name.errors.append("Name contains invalid characters")
return False
existing = Permission.query.filter_by(name=self.name.data, allusers=True).first()
if existing and existing.id != self.edit_id:
self.name.errors.append("A global permission with that name already exists")
return False
if self.context.data == g.user.userid:
existing = Permission.query.filter_by(name=self.name.data, user=g.user).first()
else:
org = Organization.query.filter_by(userid=self.context.data).first()
if org:
existing = Permission.query.filter_by(name=self.name.data, org=org).first()
else:
existing = None
if existing and existing.id != self.edit_id:
self.name.errors.append("You have another permission with the same name")
return False
return True
def validate_username(self, field):
if field.data in RESERVED_USERNAMES:
raise wtf.ValidationError, "That name is reserved"
if not valid_username(field.data):
raise wtf.ValidationError(u"Invalid characters in name. Names must be made of ‘a-z’, ‘0-9’ and ‘-’, without trailing dashes")
existing = User.query.filter_by(username=field.data).first()
if existing is not None:
raise wtf.ValidationError("That username is taken")
def validate_name(self, field):
if not valid_username(field.data):
raise wtforms.ValidationError("Name contains invalid characters.")
existing = self.edit_resource.get_action(field.data)
if existing and existing.id != self.edit_id:
raise wtforms.ValidationError(
"An action with that name already exists for this resource")
def validate_username(self, field):
if field.data in current_app.config['RESERVED_USERNAMES']:
raise wtforms.ValidationError, "This name is reserved"
if not valid_username(field.data):
raise wtforms.ValidationError(u"Invalid characters in name. Names must be made of ‘a-z’, ‘0-9’ and ‘-’, without trailing dashes")
existing = User.get(username=field.data)
if existing is not None:
raise wtforms.ValidationError("This username is taken")
def validate_username(self, field):
if field.data in current_app.config['RESERVED_USERNAMES']:
raise wtforms.ValidationError, "That name is reserved"
if not valid_username(field.data):
raise wtforms.ValidationError(u"Invalid characters in name. Names must be made of ‘a-z’, ‘0-9’ and ‘-’, without trailing dashes")
existing = User.get(username=field.data)
if existing is not None:
raise wtforms.ValidationError("That username is taken")
def validate_name(self, field):
if not valid_username(field.data):
raise wtforms.ValidationError("Name contains invalid characters.")
if field.data in resource_registry:
raise wtforms.ValidationError("This name is reserved for internal use")
existing = Resource.query.filter_by(name=field.data).first()
if existing and existing.id != self.edit_id:
raise wtforms.ValidationError("A resource with that name already exists")
def valid_name(self, value):
if not valid_username(value):
return False
existing = Organization.get(name=value)
if existing and existing.id != self.id:
return False
existing = User.query.filter_by(username=value).first() # Avoid User.get to skip status check
if existing:
return False
return True
def valid_name(self, value):
if not valid_username(value):
return False
existing = Organization.get(name=value)
if existing and existing.id != self.id:
return False
existing = User.query.filter_by(username=value).first() # Avoid User.get to skip status check
if existing:
return False
return True
def validate_username(self, field):
if field.data in RESERVED_USERNAMES:
raise wtf.ValidationError, "That name is reserved"
if not valid_username(field.data):
raise wtf.ValidationError(
u"Invalid characters in name. Names must be made of ‘a-z’, ‘0-9’ and ‘-’, without trailing dashes"
)
existing = User.query.filter_by(username=field.data).first()
if existing is not None:
raise wtf.ValidationError("That username is taken")
def validate_name(self, field):
if not valid_username(field.data):
raise wtf.ValidationError("Name contains invalid characters.")
if field.data in resource_registry:
raise wtf.ValidationError("This name is reserved for internal use")
existing = Resource.query.filter_by(name=field.data).first()
if existing and existing.id != self.edit_id:
raise wtf.ValidationError("A resource with that name already exists")
def validate_name(self, field):
if not valid_username(field.data):
raise wtforms.ValidationError("Invalid characters in name")
if field.data in current_app.config['RESERVED_USERNAMES']:
raise wtforms.ValidationError("That name is reserved")
existing = User.get(username=field.data)
if existing is not None:
raise wtforms.ValidationError("That name is taken")
existing = Organization.get(name=field.data)
if existing is not None and existing.id != self.edit_id:
raise wtforms.ValidationError("That name is taken")
def validate_username(self, field):
if not valid_username(field.data):
raise wtf.ValidationError, "Invalid characters in username"
if field.data in RESERVED_USERNAMES:
raise wtf.ValidationError, "That name is reserved"
existing = User.query.filter_by(username=field.data).first()
if existing is not None and existing.id != self.edit_obj.id:
raise wtf.ValidationError, "That username is taken"
existing = Organization.query.filter_by(name=field.data).first()
if existing is not None:
raise wtf.ValidationError, "That username is taken"
def config_external_id(service, service_name, user, userid, username, fullname,
avatar, access_token, secret, token_type, next_url):
session['avatar_url'] = avatar
extid = UserExternalId.query.filter_by(service=service,
userid=userid).first()
session['userid_external'] = {
'service': service,
'userid': userid,
'username': username
}
if extid is not None:
extid.oauth_token = access_token
extid.oauth_token_secret = secret
extid.oauth_token_type = token_type
extid.username = username # For twitter: update username if it changed
login_internal(extid.user)
db.session.commit()
flash('You have logged in as %s via %s' % (username, service_name),
'success')
if not extid.user.is_profile_complete():
return url_for('profile_new', next=next_url)
else:
return
else:
if user:
flash(
'You have logged in as %s via %s. This id has been linked to your existing account'
% (username, service_name), 'success')
else:
flash(
'You have logged in as %s via %s. This is your first time here'
% (username, service_name), 'success')
# If caller wants this id connected to an existing user, do it.
if not user:
user = register_internal(None, fullname, None)
extid = UserExternalId(user=user,
service=service,
userid=userid,
username=username,
oauth_token=access_token,
oauth_token_secret=secret,
oauth_token_type=token_type)
# If the service provided a username that is valid for Lastuser and not already in use, assign
# it to this user
if valid_username(username):
if User.query.filter_by(username=username).first() is None:
user.username = username
db.session.add(extid)
login_internal(user)
db.session.commit()
# redirect the user to profile edit page to fill in more details
return url_for('profile_new', next=next_url)
def validate_name(self, field):
if not valid_username(field.data):
raise wtforms.ValidationError("Invalid characters in name")
if field.data in current_app.config['RESERVED_USERNAMES']:
raise wtforms.ValidationError("That name is reserved")
existing = User.query.filter_by(username=field.data).first()
if existing is not None:
raise wtforms.ValidationError("That name is taken")
existing = Organization.query.filter_by(name=field.data).first()
if existing is not None and existing.id != self.edit_id:
raise wtforms.ValidationError("That name is taken")
def validate_name(self, field):
if not valid_username(field.data):
raise wtf.ValidationError("Invalid characters in name")
if field.data in RESERVED_USERNAMES:
raise wtf.ValidationError("That name is reserved")
existing = User.query.filter_by(username=field.data).first()
if existing is not None:
raise wtf.ValidationError("That name is taken")
existing = Organization.query.filter_by(name=field.data).first()
if existing is not None and existing.id != self.edit_id:
raise wtf.ValidationError("That name is taken")
def is_valid_username(self, value):
if not valid_username(value):
return False
existing = User.query.filter(db.or_(
User.username == value,
User.userid == value)).first() # Avoid User.get to skip status check
if existing and existing.id != self.id:
return False
existing = Organization.get(name=value)
if existing:
return False
return True
def is_valid_username(self, value):
if not valid_username(value):
return False
existing = User.query.filter(db.or_(
User.username == value,
User.userid == value)).first() # Avoid User.get to skip status check
if existing and existing.id != self.id:
return False
existing = Organization.get(name=value)
if existing:
return False
return True
def validate_username(self, field):
## Usernames are now mandatory. This should be commented out:
# if not field.data:
# field.data = None
# return
field.data = field.data.lower() # Usernames can only be lowercase
if not valid_username(field.data):
raise wtforms.ValidationError("Usernames can only have alphabets, numbers and dashes (except at the ends)")
if field.data in current_app.config.get('RESERVED_USERNAMES', []):
raise wtforms.ValidationError("This name is reserved")
if not self.edit_user.is_valid_username(field.data):
raise wtforms.ValidationError("This username is taken")
def validate_username(self, field):
## Usernames are now mandatory. This should be commented out:
# if not field.data:
# field.data = None
# return
field.data = field.data.lower() # Usernames can only be lowercase
if not valid_username(field.data):
raise wtforms.ValidationError(
"Usernames can only have alphabets, numbers and dashes (except at the ends)"
)
if field.data in current_app.config.get('RESERVED_USERNAMES', []):
raise wtforms.ValidationError("This name is reserved")
if not self.edit_user.is_valid_username(field.data):
raise wtforms.ValidationError("This username is taken")
def validate_username(self, field):
## Usernames are now mandatory. This should be commented out:
# if not field.data:
# field.data = None
# return
if not valid_username(field.data):
raise wtf.ValidationError("Usernames can only have alphabets, numbers and dashes (except at the ends)")
if field.data in RESERVED_USERNAMES:
raise wtf.ValidationError("This name is reserved")
existing = User.query.filter_by(username=field.data).first()
if existing is not None and existing.id != self.edit_id:
raise wtf.ValidationError("This username is taken")
existing = Organization.query.filter_by(name=field.data).first()
if existing is not None:
raise wtf.ValidationError("This username is taken")
def validate_username(self, field):
## Usernames are now mandatory. This should be commented out:
# if not field.data:
# field.data = None
# return
if not valid_username(field.data):
raise wtf.ValidationError("Invalid characters in username")
if field.data in RESERVED_USERNAMES:
raise wtf.ValidationError("That name is reserved")
existing = User.query.filter_by(username=field.data).first()
if existing is not None and existing.id != self.edit_id:
raise wtf.ValidationError("That username is taken")
existing = Organization.query.filter_by(name=field.data).first()
if existing is not None:
raise wtf.ValidationError("That username is taken")
def validate_username(self, field):
## Usernames are now mandatory. This should be commented out:
# if not field.data:
# field.data = None
# return
if not valid_username(field.data):
raise wtf.ValidationError("Invalid characters in username")
if field.data in RESERVED_USERNAMES:
raise wtf.ValidationError("That name is reserved")
existing = User.query.filter_by(username=field.data).first()
if existing is not None and existing.id != self.edit_id:
raise wtf.ValidationError("That username is taken")
existing = Organization.query.filter_by(name=field.data).first()
if existing is not None:
raise wtf.ValidationError("That username is taken")
def validate_username(self, field):
## Usernames are now mandatory. This should be commented out:
# if not field.data:
# field.data = None
# return
field.data = field.data.lower() # Usernames can only be lowercase
if not valid_username(field.data):
raise wtforms.ValidationError("Usernames can only have alphabets, numbers and dashes (except at the ends)")
if field.data in current_app.config['RESERVED_USERNAMES']:
raise wtforms.ValidationError("That name is reserved")
existing = User.query.filter_by(username=field.data).first()
if existing is not None and existing.id != self.edit_id:
raise wtforms.ValidationError("That username is taken by {}".format(existing.fullname))
existing = Organization.query.filter_by(name=field.data).first()
if existing is not None:
raise wtforms.ValidationError("That username is taken by {}".format(existing.title))
def validate_name(self, field):
if not valid_username(field.data):
raise wtforms.ValidationError("Invalid characters in name")
if field.data in current_app.config['RESERVED_USERNAMES']:
raise wtforms.ValidationError("This name is reserved")
existing = User.get(username=field.data)
if existing is not None:
if existing == g.user:
raise wtforms.ValidationError(Markup(_(u"This is <em>your</em> current username. "
u'You must change it first from <a href="{profile}">your profile</a> '
u"before you can assign it to an organization").format(
profile=url_for('profile'))))
else:
raise wtforms.ValidationError("This name is taken")
existing = Organization.get(name=field.data)
if existing is not None and existing.id != self.edit_id:
raise wtforms.ValidationError("This name is taken")
def validate_username(self, field):
## Usernames are now mandatory. This should be commented out:
# if not field.data:
# field.data = None
# return
field.data = field.data.lower() # Usernames can only be lowercase
if not valid_username(field.data):
raise wtforms.ValidationError(
"Usernames can only have alphabets, numbers and dashes (except at the ends)"
)
if field.data in current_app.config['RESERVED_USERNAMES']:
raise wtforms.ValidationError("This name is reserved")
existing = User.query.filter_by(username=field.data).first()
if existing is not None and existing.id != self.edit_id:
raise wtforms.ValidationError("This username is taken")
existing = Organization.query.filter_by(name=field.data).first()
if existing is not None:
raise wtforms.ValidationError("This username is taken")
def config_external_id(service, service_name, user, userid, username, fullname, avatar, access_token, secret, token_type, next_url):
session['avatar_url'] = avatar
extid = UserExternalId.query.filter_by(service=service, userid=userid).first()
session['userid_external'] = {'service': service, 'userid': userid, 'username': username}
if extid is not None:
extid.oauth_token = access_token
extid.oauth_token_secret = secret
extid.oauth_token_type = token_type
extid.username = username # For twitter: update username if it changed
login_internal(extid.user)
db.session.commit()
flash('You have logged in as %s via %s' % (username, service_name), 'success')
if not extid.user.email:
return url_for('profile_new', next=next_url)
else:
return
else:
if user:
flash('You have logged in as %s via %s. This id has been linked to your existing account' % (username, service_name), 'success')
else:
flash('You have logged in as %s via %s. This is your first time here' % (username, service_name), 'success')
# If caller wants this id connected to an existing user, do it.
if not user:
user = register_internal(None, fullname, None)
extid = UserExternalId(user=user, service=service, userid=userid, username=username,
oauth_token=access_token, oauth_token_secret=secret,
oauth_token_type=token_type)
# If the service provided a username that is valid for Lastuser and not already in use, assign
# it to this user
if valid_username(username):
if User.query.filter_by(username=username).first() is None:
user.username = username
db.session.add(extid)
db.session.commit()
login_internal(user)
# redirect the user to profile edit page to fill in more details
return url_for('profile_new', next=next_url)
def login_service_postcallback(service, userdata):
user, extid, useremail = get_user_extid(service, userdata)
if extid is not None:
extid.oauth_token = userdata.get('oauth_token')
extid.oauth_token_secret = userdata.get('oauth_token_secret')
extid.oauth_token_type = userdata.get('oauth_token_type')
extid.username = userdata.get('username')
# TODO: Save refresh token and expiry date where present
extid.oauth_refresh_token = userdata.get('oauth_refresh_token')
extid.oauth_expiry_date = userdata.get('oauth_expiry_date')
extid.oauth_refresh_expiry = userdata.get(
'oauth_refresh_expiry') # TODO: Check this
else:
# New external id. Register it.
extid = UserExternalId(
user=user, # This may be None right now. Will be handled below
service=service,
userid=userdata['userid'],
username=userdata.get('username'),
oauth_token=userdata.get('oauth_token'),
oauth_token_secret=userdata.get('oauth_token_secret'),
oauth_token_type=userdata.get('oauth_token_type')
# TODO: Save refresh token
)
db.session.add(extid)
if user is None:
if g.user:
# Attach this id to currently logged-in user
user = g.user
extid.user = user
else:
# Register a new user
user = register_internal(None, userdata.get('fullname'), None)
extid.user = user
if userdata.get('username'):
if valid_username(
userdata['username']) and user.is_valid_username(
userdata['username']):
# Set a username for this user if it's available
user.username = userdata['username']
else: # This id is attached to a user
if g.user and g.user != user:
# Woah! Account merger handler required
# Always confirm with user before doing an account merger
session['merge_userid'] = user.userid
# Check for new email addresses
if userdata.get('email') and not useremail:
user.add_email(userdata['email'])
if userdata.get('emailclaim'):
emailclaim = UserEmailClaim(user=user, email=userdata['emailclaim'])
db.session.add(emailclaim)
send_email_verify_link(emailclaim)
# Is the user's fullname missing? Populate it.
if not user.fullname and userdata.get('fullname'):
user.fullname = userdata['fullname']
if not g.user: # If a user isn't already logged in, login now.
login_internal(user)
flash(
u"You have logged in via {service}.".format(
service=login_registry[service].title), 'success')
next_url = get_next_url(session=True)
db.session.commit()
# Finally: set a login method cookie and send user on their way
if not user.is_profile_complete():
login_next = url_for('.profile_new', next=next_url)
else:
login_next = next_url
if 'merge_userid' in session:
return set_loginmethod_cookie(
redirect(url_for('.profile_merge', next=login_next), code=303),
service)
else:
return set_loginmethod_cookie(redirect(login_next, code=303), service)
def login_service_postcallback(service, userdata):
user, extid, useremail = get_user_extid(service, userdata)
if extid is not None:
extid.oauth_token = userdata.get('oauth_token')
extid.oauth_token_secret = userdata.get('oauth_token_secret')
extid.oauth_token_type = userdata.get('oauth_token_type')
extid.username = userdata.get('username')
# TODO: Save refresh token and expiry date where present
extid.oauth_refresh_token = userdata.get('oauth_refresh_token')
extid.oauth_expiry_date = userdata.get('oauth_expiry_date')
extid.oauth_refresh_expiry = userdata.get('oauth_refresh_expiry') # TODO: Check this
else:
# New external id. Register it.
extid = UserExternalId(
user=user, # This may be None right now. Will be handled below
service=service,
userid=userdata['userid'],
username=userdata.get('username'),
oauth_token=userdata.get('oauth_token'),
oauth_token_secret=userdata.get('oauth_token_secret'),
oauth_token_type=userdata.get('oauth_token_type')
# TODO: Save refresh token
)
db.session.add(extid)
if user is None:
if g.user:
# Attach this id to currently logged-in user
user = g.user
extid.user = user
else:
# Register a new user
user = register_internal(None, userdata.get('fullname'), None)
extid.user = user
if userdata.get('username'):
if valid_username(userdata['username']) and user.is_valid_username(userdata['username']):
# Set a username for this user if it's available
user.username = userdata['username']
else: # This id is attached to a user
if g.user and g.user != user:
# Woah! Account merger handler required
# Always confirm with user before doing an account merger
session['merge_userid'] = user.userid
# Check for new email addresses
if userdata.get('email') and not useremail:
user.add_email(userdata['email'])
if userdata.get('emailclaim'):
emailclaim = UserEmailClaim(user=user, email=userdata['emailclaim'])
db.session.add(emailclaim)
send_email_verify_link(emailclaim)
# Is the user's fullname missing? Populate it.
if not user.fullname and userdata.get('fullname'):
user.fullname = userdata['fullname']
if not g.user: # If a user isn't already logged in, login now.
login_internal(user)
flash(u"You have logged in via %s." % login_registry[service].title, 'success')
next_url = get_next_url(session=True)
db.session.commit()
# Finally: set a login method cookie and send user on their way
if not user.is_profile_complete():
login_next = url_for('.profile_new', next=next_url)
else:
login_next = next_url
if 'merge_userid' in session:
return set_loginmethod_cookie(redirect(url_for('.profile_merge', next=login_next), code=303), service)
else:
return set_loginmethod_cookie(redirect(login_next, code=303), service)