def register():
"""
Register method for creating a PyBossa account.
Returns a Jinja2 template
"""
form = RegisterForm(request.form)
if request.method == 'POST' and form.validate():
account = dict(fullname=form.fullname.data, name=form.name.data,
email_addr=form.email_addr.data,
password=form.password.data)
confirm_url = get_email_confirmation_url(account)
if current_app.config.get('ACCOUNT_CONFIRMATION_DISABLED'):
return _create_account(account)
msg = dict(subject='Welcome to %s!' % current_app.config.get('BRAND'),
recipients=[account['email_addr']],
body=render_template('/account/email/validate_account.md',
user=account, confirm_url=confirm_url))
msg['html'] = markdown(msg['body'])
mail_queue.enqueue(send_mail, msg)
return render_template('account/account_validation.html')
if request.method == 'POST' and not form.validate():
flash(gettext('Please correct the errors'), 'error')
return render_template('account/register.html',
title=gettext("Register"), form=form)
def login():
print(get_locale())
print(request.user_agent.platform)
print(request.user_agent.language)
print(request.user_agent.browser)
print(request.user_agent.version)
print(request.headers.get('User-Agent'))
print(request.accept_languages.best_match(['en', 'fr']))
print("============")
fform = LoginForm(request.form)
if request.method == 'POST' and fform.validate():
with app.db.session_scope():
if app.db.authenticate(request.form["user"], request.form["passwd"]):
user = app.db.get_user_account_by_login(request.form["user"])
if user.is_admin:
login_user(user)
flash(gettext("Login successfull"), "success")
return redirect('/')
else:
flash(gettext("This user is not an admin"), "warning")
else:
flash(gettext("Combination of username and password wrong"), "warning")
return render_template('login.html',
form=fform,
nonav = True)
def register(app):
app.views['bill'] = 'bill_main'
gettext('bill') # for babel extraction
@app.route('/bill/', methods=['GET'])
@breadcrumb(app)
def bill_main():
assembly_id = int(request.args.get('assembly_id', current_parliament_id('assembly')) or 0)
bills = Bill.query.filter(Bill.assembly_id==assembly_id)\
.order_by(Bill.proposed_date.desc().nullslast(),
Bill.id.desc())
return render_template('bills.html',\
assembly_id=assembly_id, bills=bills)
@app.route('/bill/<id>', methods=['GET'])
@breadcrumb(app, 'bill')
def bill(id):
try:
bill = Bill.query.filter_by(id=id).one()
except NoResultFound, e:
return render_template('not-found.html'), 404
return render_template('bill.html', bill=bill)
def microsoft_translate(text, sourceLang, destLang):
if MS_TRANSLATOR_CLIENT_ID == "" or MS_TRANSLATOR_CLIENT_SECRET == "":
return gettext('Error: translation service not configured.')
print "source:%s dest:%s" %(sourceLang,destLang)
try:
# get access token
params = urllib.urlencode({
'client_id': MS_TRANSLATOR_CLIENT_ID,
'client_secret': MS_TRANSLATOR_CLIENT_SECRET,
'scope': 'http://api.microsofttranslator.com',
'grant_type': 'client_credentials'
})
conn = httplib.HTTPSConnection("datamarket.accesscontrol.windows.net")
conn.request("POST", "/v2/OAuth2-13", params)
response = json.loads(conn.getresponse().read())
token = response[u'access_token']
# translate
conn = httplib.HTTPConnection('api.microsofttranslator.com')
params = {
'appId': 'Bearer ' + token,
'from': sourceLang,
'to': destLang,
'text': text.encode("utf-8")
}
conn.request("GET", '/V2/Ajax.svc/Translate?' + urllib.urlencode(params))
response = json.loads("{\"response\":" + conn.getresponse().read().decode('utf-8-sig') + "}")
return response["response"]
except:
return gettext('Error: Unexpected error.')
def register():
register_form = forms.RegistrationForm(request.form)
if request.method == 'POST' and register_form.validate():
data = json.dumps(request.form)
headers = {"Content-Type": "application/json"}
try:
response = requests.post(API_HOST + 'register/', data=data, headers=headers)
if response.status_code != 200:
raise ApiException(response.status_code, response.json().get('message', gettext(u"An unspecified error has occurred.")))
user_dict = response.json()
api_key = user_dict.get('api_key')
email = user_dict.get('email')
session['api_key'] = api_key
session['email'] = email
flash(gettext(u"Thank you. You have been registered successfully."), "success")
return redirect(url_for('landing'))
except ConnectionError:
flash(gettext(u'Error connecting to backend service.'), 'danger')
pass
return render_template(
'register.html',
API_HOST=API_HOST,
form=register_form
)
def load_from_api(resource_name, resource_id=None):
query_str = resource_name + "/"
if resource_id:
query_str += str(resource_id) + "/"
headers = {}
if session and session.get('api_key'):
headers = {'Authorization': 'ApiKey:' + session.get('api_key')}
try:
response = requests.get(API_HOST + query_str, headers=headers)
out = response.json()
if response.status_code != 200:
raise ApiException(response.status_code, response.json().get('message', gettext(u"An unspecified error has occurred.")))
i = 0
while i < 10:
i += 1
if response.json().get('next'):
response = requests.get(response.json()['next'], headers=headers)
if response.status_code != 200:
raise ApiException(response.status_code, response.json().get('message', gettext(u"An unspecified error has occurred.")))
out['results'] += response.json()['results']
else:
break
return out
except ConnectionError:
flash(gettext(u'Error connecting to backend service.'), 'danger')
pass
return
def del_category(id):
"""Deletes a category"""
try:
category = db.session.query(model.category.Category).get(id)
if category:
if len(cached_cat.get_all()) > 1:
require.category.delete(category)
if request.method == 'GET':
return render_template('admin/del_category.html',
title=gettext('Delete Category'),
category=category)
if request.method == 'POST':
db.session.delete(category)
db.session.commit()
msg = gettext("Category deleted")
flash(msg, 'success')
cached_cat.reset()
return redirect(url_for(".categories"))
else:
msg = gettext('Sorry, it is not possible to delete the only \
available category. You can modify it, click the \
edit button')
flash(msg, 'warning')
return redirect(url_for('.categories'))
else:
abort(404)
except HTTPException:
raise
except Exception as e: # pragma: no cover
current_app.logger.error(e)
return abort(500)
def users(user_id=None):
"""Manage users of PyBossa"""
try:
form = SearchForm(request.form)
users = db.session.query(model.user.User)\
.filter(model.user.User.admin == True)\
.filter(model.user.User.id != current_user.id)\
.all()
if request.method == 'POST' and form.user.data:
query = '%' + form.user.data.lower() + '%'
found = db.session.query(model.user.User)\
.filter(or_(func.lower(model.user.User.name).like(query),
func.lower(model.user.User.fullname).like(query)))\
.filter(model.user.User.id != current_user.id)\
.all()
require.user.update(found)
if not found:
flash("<strong>Ooops!</strong> We didn't find a user "
"matching your query: <strong>%s</strong>" % form.user.data)
return render_template('/admin/users.html', found=found, users=users,
title=gettext("Manage Admin Users"),
form=form)
return render_template('/admin/users.html', found=[], users=users,
title=gettext("Manage Admin Users"), form=form)
except Exception as e: # pragma: no cover
current_app.logger.error(e)
return abort(500)
def saveIt(user, form, op_type='new'):
user.about_me = form.about_me.data
user.email = form.email.data
# print 'Will save: {}\n - Notes: {}\n - Email: {}\n - Roles: {}'.format(user.nickname, user.about_me, user.email, form.roles.data)
if administrator_permission.can():
user.roles = []
for aRole in form.roles.data.split(','):
user.roles.append(Role.query.get(aRole))
else:
msg = Message (
'{} privileges request.'.format(config.PROJECT_NAME)
, sender=config.DEFAULT_MAIL_SENDER
, recipients=[g.user.email, config.DEFAULT_MAIL_SENDER]
)
msg.body = "{} requests to be allocated {} privileges".format(g.user.nickname, ampersandAtEnd(form.roles.data))
mail.send(msg)
alert = 'An email has been sent to the site administrators, stating : "{}".'.format(msg.body)
flash(gettext(alert), 'info')
if op_type == 'new':
user.nickname = form.nickname.data
orm_db.session.add(user)
orm_db.session.commit()
flash(gettext('Your {} user: {}, has been saved.'.format(op_type, user.nickname)), 'success')
flash(gettext('({}).'.format(user.id)), 'info')
return redirect(url_for('users'))
def posts_add(page=False):
post = Post()
if page: urls = 'admin.pages'
else: urls = 'admin.posts'
if request.args.get('edit'):
post = Post.query.get(request.args.get('edit'))
if post:
if post.parent:
return redirect(url_for(urls+'_add', edit=post.parent))
if request.form:
post_id = Post.update(request.form, post)
flash(messages['updated']+' ('+str(post)+')')
return redirect(url_for(urls+'_add', edit=post_id))
else:
return handle_404()
else:
if request.form:
post_id = Post.create(request.form)
flash(messages['added']+' ('+str(post)+')')
return redirect(url_for(urls+'_add', edit=post_id))
folders = Folder.get_all()
if page:
title = gettext('New - Page')
else:
title = gettext('New - Post')
return render_template('admin/posts_new.html', folders=folders, post=post, title=title, page=page, urls=urls)
def process_form(category_id=None):
form = CategoryForm()
cat_contr = CategoryController(g.user.id)
if not form.validate():
return render_template('edit_category.html', form=form)
existing_cats = list(cat_contr.read(name=form.name.data))
if existing_cats and category_id is None:
flash(gettext("Couldn't add category: already exists."), "warning")
return redirect(url_for('category.form',
category_id=existing_cats[0].id))
# Edit an existing category
category_attr = {'name': form.name.data}
if category_id is not None:
cat_contr.update({'id': category_id}, category_attr)
flash(gettext('Category %(cat_name)r successfully updated.',
cat_name=category_attr['name']), 'success')
return redirect(url_for('category.form', category_id=category_id))
# Create a new category
new_category = cat_contr.create(**category_attr)
flash(gettext('Category %(category_name)r successfully created.',
category_name=new_category.name), 'success')
return redirect(url_for('category.form', category_id=new_category.id))
def init_app(app):
gettext("home") # for babel extraction
app.views = getattr(app, "views", dict(home="main"))
from views.bill import register
register(app)
from views.login import register
register(app)
from views.main import register
register(app)
from views.mypage import register
register(app)
from views.party import register
register(app)
from views.person import register
register(app)
from views.region import register
register(app)
from views.search import register
register(app)
def login():
"""Login page for users
"""
form = LoginForm()
if form.validate_on_submit():
dormitory = dormitory_from_name(form.dormitory.data)
username = form.username.data
password = form.password.data
remember = form.remember.data
User = dormitory.datasource.user_class
try:
user = User.authenticate(username, password)
except (UserNotFound, PasswordInvalid):
flash(gettext("Anmeldedaten fehlerhaft!"), "error")
else:
if isinstance(user, User):
session['dormitory'] = dormitory.name
login_user(user, remember=remember)
logger.info('Authentication successful')
flash(gettext("Anmeldung erfolgreich!"), "success")
elif form.is_submitted():
flash_formerrors(form)
if current_user.is_authenticated:
return redirect(url_for('usersuite.usersuite'))
return render_template('login.html', form=form,
unsupported=unsupported_dormitories)
def del_category(id):
"""Delete a category."""
try:
category = project_repo.get_category(id)
if category:
if len(cached_cat.get_all()) > 1:
ensure_authorized_to('delete', category)
if request.method == 'GET':
return render_template('admin/del_category.html',
title=gettext('Delete Category'),
category=category)
if request.method == 'POST':
project_repo.delete_category(category)
msg = gettext("Category deleted")
flash(msg, 'success')
cached_cat.reset()
return redirect(url_for(".categories"))
else:
msg = gettext('Sorry, it is not possible to delete the only'
' available category. You can modify it, '
' click the edit button')
flash(msg, 'warning')
return redirect(url_for('.categories'))
else:
abort(404)
except HTTPException:
raise
except Exception as e: # pragma: no cover
current_app.logger.error(e)
return abort(500)
def categories():
"""List Categories."""
try:
if request.method == 'GET':
ensure_authorized_to('read', Category)
form = CategoryForm()
if request.method == 'POST':
ensure_authorized_to('create', Category)
form = CategoryForm(request.form)
del form.id
if form.validate():
slug = form.name.data.lower().replace(" ", "")
category = Category(name=form.name.data,
short_name=slug,
description=form.description.data)
project_repo.save_category(category)
cached_cat.reset()
msg = gettext("Category added")
flash(msg, 'success')
else:
flash(gettext('Please correct the errors'), 'error')
categories = cached_cat.get_all()
n_projects_per_category = dict()
for c in categories:
n_projects_per_category[c.short_name] = \
cached_projects.n_count(c.short_name)
return render_template('admin/categories.html',
title=gettext('Categories'),
categories=categories,
n_projects_per_category=n_projects_per_category,
form=form)
except Exception as e: # pragma: no cover
current_app.logger.error(e)
return abort(500)
def register_preferences(self):
# Register 'file upload size' preference
self.file_upload_size = self.preference.register(
'options', 'file_upload_size',
gettext("Maximum file upload size(MB)"), 'integer', 50,
category_label=gettext('Options')
)
def edit(nickname):
user = User.query.filter_by(nickname = nickname).first()
print 'Got user : {}'.format(user.id)
if user == None:
flash(gettext('User %(nickname)s not found.', nickname = nickname))
return redirect(url_for('index'))
if administrator_permission.can() or g.user.nickname == nickname:
roleVOs = determineRoles(user)
form = UserForm(user)
if form.validate_on_submit():
print 'Roles gained : {}.'.format(form.roles.data)
return saveIt(user, form, 'updated')
else:
form.about_me.data = user.about_me
form.email.data = user.email
form.nickname.data = user.nickname
return renderIt('users.html', {'key': 'edit', 'form': form, 'roles': roleVOs, 'user': user})
else:
flash(gettext('You are not authorised to edit users. You can request permission below.'), 'error')
return redirect(url_for('users'))
return redirect(url_for('users'))
def posts(page=False):
numbers = Post.count_by_status(page)
if not request.args.get('filter'):
if page:
query = Post.query.where(' _table_.post_status IN ("draft", "published") AND _table_.post_type="page"').order_by('created')
else:
query = Post.query.where(' _table_.post_status IN ("draft", "published") AND _table_.post_type="post"').order_by('created')
else:
if page:
query = Post.query.filter(status=request.args.get('filter'), type='page').order_by('created')
else:
query = Post.query.filter(status=request.args.get('filter'), type='post').order_by('created')
if page:
title = gettext('Page')
else:
title = gettext('Posts')
paginator = Paginator(
query = query,
page = request.args.get('page')
)
if page: urls = 'admin.pages'
else: urls = 'admin.posts'
return render_template('admin/posts.html', pages=paginator.links, title=title, posts=paginator.items, numbers=numbers, filter=request.args.get('filter'), page=page, urls=urls)
def pretty_date(dt, default=None):
"""
Returns string representing "time since" e.g.
3 days ago, 5 hours ago etc.
NB: when/if Babel 1.0 released use format_timedelta/timedeltaformat instead
"""
if default is None:
default = gettext("just now")
now = datetime.utcnow()
diff = now - dt
years = diff.days / 365
months = diff.days / 30
weeks = diff.days / 7
days = diff.days
hours = diff.seconds / 3600
minutes = diff.seconds / 60
seconds = diff.seconds
periods = (
(years, ngettext("%(num)s year", "%(num)s years", num=years)),
(months, ngettext("%(num)s month", "%(num)s months", num=months)),
(weeks, ngettext("%(num)s week", "%(num)s weeks", num=weeks)),
(days, ngettext("%(num)s day", "%(num)s days", num=days)),
(hours, ngettext("%(num)s hour", "%(num)s hours", num=hours)),
(minutes, ngettext("%(num)s minute", "%(num)s minutes", num=minutes)),
(seconds, ngettext("%(num)s second", "%(num)s seconds", num=seconds)),
)
for period, trans in periods:
if period:
return gettext("%(period)s ago", period=trans)
return default
def export_csv():
#type_query = db.session.query(Operation_Type.name.distinct().label("type"))
type_query = Operation_Type.query
operation_types = [(unicode(row.id), unicode(row.name)) for row in type_query.all()]
operation_types.insert(0, ("", "Select Operation Type"))
search_form = ExportProductsRangeForm(operation_types)
if search_form.validate_on_submit():
start_date = search_form.start.data
end_date = search_form.end.data
query = Product.query
if start_date:
query = query.filter(start_date <= Product.date_added)
if end_date:
query = query.filter(end_date >= Product.date_added)
if search_form.type.data:
query = query.filter(Product.operations.any(Operation.operation_type_id==search_form.type.data))
total = query.count()
result = query.all()
if result is not None:
flash(gettext(u'{number} products found with selected criteria.'.format(number=len(result), start=start_date, end=end_date)))
return redirect(url_for('products.export', start_date=start_date, end_date=end_date, operation_type_id=search_form.type.data))
flash(gettext(u'No products are matching selected criteria.'.format(number=len(result), start=start_date, end=end_date)))
return render_template('products/export_csv.html', search_form=search_form)
def feed_rss():
q = db.session.query(Dataset)
if not auth.account.is_admin():
q = q.filter_by(private=False)
feed_items = q.order_by(Dataset.created_at.desc()).limit(20)
items = []
for feed_item in feed_items:
items.append({
'title': feed_item.label,
'pubdate': feed_item.updated_at,
'link': '/datasets/%s' % feed_item.name,
'description': feed_item.description,
'author_name': ', '.join([person.fullname for person in
feed_item.managers if
person.fullname]),
})
desc = gettext('Recently created datasets on %(site_title)s',
site_title=current_app.config.get('SITE_TITLE'))
feed = Rss201rev2Feed(gettext('Recently Created Datasets'),
url_for('home.index'), desc)
for item in items:
feed.add_item(**item)
sio = StringIO()
feed.write(sio, 'utf-8')
return Response(sio.getvalue(), mimetype='application/xml')
def categories():
"""List Categories"""
try:
if request.method == 'GET':
require.category.read()
form = CategoryForm()
if request.method == 'POST':
require.category.create()
form = CategoryForm(request.form)
if form.validate():
slug = form.name.data.lower().replace(" ", "")
category = model.category.Category(name=form.name.data,
short_name=slug,
description=form.description.data)
db.session.add(category)
db.session.commit()
cached_cat.reset()
msg = gettext("Category added")
flash(msg, 'success')
else:
flash(gettext('Please correct the errors'), 'error')
categories = cached_cat.get_all()
n_apps_per_category = dict()
for c in categories:
n_apps_per_category[c.short_name] = cached_apps.n_count(c.short_name)
return render_template('admin/categories.html',
title=gettext('Categories'),
categories=categories,
n_apps_per_category=n_apps_per_category,
form=form)
except Exception as e: # pragma: no cover
current_app.logger.error(e)
return abort(500)
def passwordChange():
form = PasswordChangeForm()
if form.validate_on_submit():
old_pass = form.old_password.data
new_pass = form.new_password.data
conf_pass = form.new_password_confirm.data
# Password change
if new_pass == conf_pass and check_password_hash(current_user.password, old_pass):
user = current_user
user.password = generate_password_hash(new_pass)
db.session.add(user)
db.session.commit()
flash(gettext('User password successfully changed.'))
else:
if new_pass != conf_pass:
flash(gettext('New password must match confirmation!'))
elif not check_password_hash(current_user.password, old_pass):
flash(gettext('Current password is incorrect!'))
return redirect(url_for('passwordChange'))
return redirect(url_for('user'))
return render_template('/settings/passwordchange.html',
title=gettext("Password Change"),
form=form)
def login():
if g.user is not None and g.user.is_authenticated():
return redirect(url_for('home'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user:
if user.verify_password(form.password.data):
login_user(user, remember=form.remember_me.data)
logger.info('Successful login attempt for user %s', user.username)
flash(gettext("Logged in successfully."), 'success')
return redirect(request.args.get("next") or url_for("base.home"))
else:
# Produces a warning like this
# '2015-03-18 17:25:11,859 [WARNING] - Invalid login attempt for user test from IP 127.0.0.1'
#if request.environ.has_key('X-Real-IP')
#remote_address
logger.warning('Invalid password for user %s from IP %s',
form.username.data, request.environ['REMOTE_ADDR'])
flash(gettext("Invalid Login"), 'error')
redirect(url_for('base.login'))
else:
logger.warning('Invalid login attempt for user %s from IP %s',
form.username.data, request.environ['REMOTE_ADDR'])
flash(gettext("Invalid Login"), 'error')
redirect(url_for('base.login'))
return render_template("login.html", form=form)
def register():
"""
Register method for creating a PyBossa account.
Returns a Jinja2 template
"""
# TODO: re-enable csrf
form = RegisterForm(request.form)
if request.method == 'POST' and form.validate():
if not request.form.get('survey_check', None) == None:
survar="0"
else:
survar="None"
account = model.User(fullname=form.fullname.data,
name=form.username.data,
email_addr=form.email_addr.data,
survey_check=survar)
account.set_password(form.password.data)
# account.locale = get_locale()
db.session.add(account)
db.session.commit()
login_user(account, remember=True)
flash(gettext('Thanks for signing-up'), 'success')
return redirect(url_for('home.home'))
if request.method == 'POST' and not form.validate():
flash(gettext('Please correct the errors'), 'error')
return render_template('account/register.html',
title=gettext("Register"), form=form)
def change_login():
change_login_form = forms.ChangeLoginForm(request.form)
if not change_login_form.email.data:
change_login_form.email.data = session['email']
if request.method == 'POST' and change_login_form.validate():
data = json.dumps(request.form)
headers = {}
headers['Authorization'] = 'ApiKey:' + session.get('api_key')
headers["Content-Type"] = "application/json"
try:
response = requests.post(API_HOST + 'change-login/', data=data, headers=headers)
if response.status_code != 200:
raise ApiException(response.status_code, response.json().get('message', gettext(u"An unspecified error has occurred.")))
user_dict = response.json()
api_key = user_dict.get('api_key')
email = user_dict.get('email')
session['api_key'] = api_key
session['email'] = email
flash(gettext(u"Your details have been updated successfully."), "success")
return redirect(url_for('landing'))
except ConnectionError:
flash(gettext(u'Error connecting to backend service.'), 'danger')
pass
return render_template(
'change_login.html',
API_HOST=API_HOST,
form=change_login_form
)
def reset_password():
"""
Reset password method.
Returns a Jinja2 template.
"""
key = request.args.get('key')
if key is None:
abort(403)
userdict = {}
try:
userdict = signer.loads(key, max_age=3600, salt='password-reset')
except BadData:
abort(403)
username = userdict.get('user')
if not username or not userdict.get('password'):
abort(403)
user = model.user.User.query.filter_by(name=username).first_or_404()
if user.passwd_hash != userdict.get('password'):
abort(403)
form = ChangePasswordForm(request.form)
if form.validate_on_submit():
user.set_password(form.new_password.data)
db.session.add(user)
db.session.commit()
login_user(user)
flash(gettext('You reset your password successfully!'), 'success')
return redirect(url_for('.signin'))
if request.method == 'POST' and not form.validate():
flash(gettext('Please correct the errors'), 'error')
return render_template('/account/password_reset.html', form=form)
def recover():
"""recover"""
if request.method == 'GET':
return render_template('recover_password.html')
username = request.form['username']
registered_user = User.query.filter_by(username=username,).first()
if registered_user is None:
flash(gettext('Invalid username'), 'danger')
return redirect(url_for('recover', lang=g.current_lang))
fromaddr = '%s <%s>' % (APP.config['GHC_SITE_TITLE'],
APP.config['GHC_ADMIN_EMAIL'])
toaddr = registered_user.email
template_vars = {
'config': APP.config,
'password': registered_user.password
}
msg = render_template2('recover_password_email.txt', template_vars)
send_email(APP.config['GHC_SMTP'], fromaddr, toaddr, msg)
flash(gettext('Password sent via email'), 'success')
if 'next' in request.args:
return redirect(request.args.get('next'))
return redirect(url_for('home', lang=g.current_lang))
def reset_password():
"""
Reset password method.
Returns a Jinja2 template.
"""
key = request.args.get('key')
if key is None:
abort(403)
userdict = {}
try:
timeout = current_app.config.get('ACCOUNT_LINK_EXPIRATION', 3600)
userdict = signer.loads(key, max_age=timeout, salt='password-reset')
except BadData:
abort(403)
username = userdict.get('user')
if not username or not userdict.get('password'):
abort(403)
user = user_repo.get_by_name(username)
if user.passwd_hash != userdict.get('password'):
abort(403)
form = ChangePasswordForm(request.form)
if form.validate_on_submit():
user.set_password(form.new_password.data)
user_repo.update(user)
flash(gettext('You reset your password successfully!'), 'success')
return _sign_in_user(user)
if request.method == 'POST' and not form.validate():
flash(gettext('Please correct the errors'), 'error')
return render_template('/account/password_reset.html', form=form)
def delete(resource_identifier):
"""delete a resource"""
resource = Resource.query.filter_by(identifier=resource_identifier).first()
if g.user.role != 'admin' and g.user.username != resource.owner.username:
msg = gettext('You do not have access to delete this resource')
flash(msg, 'danger')
return redirect(url_for('get_resource_by_id', lang=g.current_lang,
identifier=resource_identifier))
if resource is None:
flash(gettext('Resource not found'), 'danger')
return redirect(url_for('home', lang=g.current_lang))
runs = Run.query.filter_by(resource_identifier=resource_identifier).all()
for run in runs:
DB.session.delete(run)
DB.session.delete(resource)
try:
DB.session.commit()
flash(gettext('Resource deleted'), 'success')
return redirect(url_for('home', lang=g.current_lang))
except Exception as err:
DB.session.rollback()
flash(str(err), 'danger')
return redirect(url_for(request.referrer))
def login():
form = login_form(request.form)
if request.method == 'POST' and form.validate():
username = form.username.data
try:
user = User.get_user(username=username)
if user and user.check_password(password=form.password.data):
user.authenticated = True
remember = form.remember.data
if login_user(user, remember=remember):
if not user.last_login:
flash(
gettext(
'<strong>Tip:</strong> It appears that this is your first login, if you need any help please visit our help section by clicking <a href="/help">here</a>.'
), 'info')
user.last_login = now()
loc = rfk.helper.get_location(request.remote_addr)
if 'country_code' in loc and loc[
'country_code'] is not None:
user.country = loc['country_code']
rfk.database.session.commit()
flash(
gettext('Login successful. Welcome %s!' %
user.username), 'success')
return redirect(
request.args.get('next') or url_for('index'))
else:
form.username.errors.append(
gettext('There was an error while logging you in.'))
#flash('There was an error while logging you in.', 'error')
else:
form.username.errors.append(
gettext('Invalid User or Password.'))
#flash('Invalid username or password.')
except UserNotFoundException:
form.username.errors.append(gettext('Invalid User or Password.'))
#flash('Invalid username or password.')
return render_template('login.html', form=form, TITLE=gettext('Login'))
def authentication():
""" Create accesstoken
Method: *POST*
URI: */accesstokens*
"""
# Get request values
datas = request.values
# Check firstname
if 'mail' not in datas:
return make_response(gettext(u"L'adresse mail est obligatoire."), 400)
if not isinstance(datas['mail'], (str, unicode)):
return make_response(gettext(u"L'adresse mail doit être une chaine de caractère."), 400)
# Check lastname
if 'password' not in datas:
return make_response(gettext(u"Le mot de passe est obligatoire."), 400)
if not isinstance(datas['password'], (str, unicode)):
return make_response(gettext(u"Le mot de passe doit être une chaine de caractère."), 400)
try:
user = db.session.query(Personne).filter(Personne.mail==datas['mail']).filter(Personne.password==datas['password']).one()
except:
return make_response(gettext(u"Echec d'authentification, l'adresse mail ou le mot de passe ne correspondent a aucun utilisateur."), 404)
if not login_user(user): # pragma no cover
return make_response(gettext(u"Dûe à une erreur inconnu, il est impossible de vous connecter."), 404)
# Build the response
response = make_response(jsonify(user.to_dict()))
response.status_code = 200
response.mimetype = 'application/json'
return response
def viewinbox(msgid):
"""View to display an inbox message."""
message = api.get_inbox_message_by_id(msgid)
form = ViewForm()
viewhtml = True
if form.validate_on_submit():
if request.form['btn'] == gettext('ViewHTML'):
viewhtml = True
if request.form['btn'] == gettext('ViewNormal'):
viewhtml = False
if request.form['btn'] == gettext('Delete'):
api.delete_message(msgid)
return redirect('/inbox')
if request.form['btn'] == gettext('Reply'):
return redirect('/send/inbox/reply/' + msgid)
if request.form['btn'] == gettext('Redirect'):
return redirect('/send/inbox/redirect/' + msgid)
if request.form['btn'] == gettext('Print'):
return redirect('/printus/inbox_message/' + msgid)
return render_template("view.html",
message=message,
form=form,
viewhtml=viewhtml)
def folders():
folders = Folder.get_all(True)
folder = None
if request.args.get('edit') and request.args.get('edit') != 1:
folder = Folder.query.get(request.args.get('edit'))
form = FolderForm(obj=folder)
if form.validate_on_submit():
form.populate_obj(folder)
folder.modified = 'NOW()'
Folder.query.update(folder)
flash(messages['updated']+' ('+str(folder)+')')
return redirect(url_for('admin.folders'))
else:
form = FolderForm()
if form.validate_on_submit():
Folder.add(form)
flash(messages['added']+' ('+str(folder)+')')
return redirect(url_for('admin.folders'))
return render_template('admin/folders.html', folders=folders, folder=folder, title=gettext('Categories'), form=form)
def validate_name(self, field):
code = Code.query.filter(Code.name.like(field.data)).first()
if code:
raise ValidationError(gettext(u"名称已经存在"))
def register():
"""
Register method for creating a PYBOSSA account.
Returns a Jinja2 template
"""
if current_app.config.get('LDAP_HOST', False):
return abort(404)
if not app_settings.upref_mdata:
form = RegisterForm(request.body)
else:
form = RegisterFormWithUserPrefMetadata(request.body)
form.set_upref_mdata_choices()
form.project_slug.choices = get_project_choices()
msg = "I accept receiving emails from %s" % current_app.config.get('BRAND')
form.consent.label = msg
if request.method == 'POST':
form.generate_password()
if request.method == 'POST' and form.validate():
if app_settings.upref_mdata:
user_pref, metadata = get_user_pref_and_metadata(
form.name.data, form)
account = dict(fullname=form.fullname.data,
name=form.name.data,
email_addr=form.email_addr.data,
password=form.password.data,
consent=form.consent.data,
user_type=form.user_type.data)
account['user_pref'] = user_pref
account['metadata'] = metadata
else:
account = dict(fullname=form.fullname.data,
name=form.name.data,
email_addr=form.email_addr.data,
password=form.password.data,
consent=form.consent.data)
ensure_data_access_assignment_from_form(account, form)
confirm_url = get_email_confirmation_url(account)
if current_app.config.get('ACCOUNT_CONFIRMATION_DISABLED'):
project_slugs = form.project_slug.data
create_account(account, project_slugs=project_slugs)
flash(gettext('Created user succesfully!'), 'success')
return redirect_content_type(url_for("home.home"))
msg = dict(subject='Welcome to %s!' % current_app.config.get('BRAND'),
recipients=[account['email_addr']],
body=render_template('/account/email/validate_account.md',
user=account,
confirm_url=confirm_url))
msg['html'] = markdown(msg['body'])
mail_queue.enqueue(send_mail, msg)
data = dict(template='account/account_validation.html',
title=gettext("Account validation"),
status='sent')
return handle_content_type(data)
if request.method == 'POST' and not form.validate():
flash(gettext('Please correct the errors'), 'error')
data = dict(template='account/register.html',
title=gettext("Register"),
form=form)
return handle_content_type(data)
def users():
paginator = Paginator(
query = User.query.select_all(array=True),
page = request.args.get('page')
)
return render_template('admin/users.html', title=gettext('Users'), users=paginator.items, pages=paginator.links)
def live_history():
W = g.notebook.create_new_worksheet_from_history(gettext('Log'),
g.username, 100)
from .worksheet import url_for_worksheet
return redirect(url_for_worksheet(W))
class EditPreferencesForm(Form):
language = StringField(gettext('Language'))
submit = SubmitField(gettext('Save'))
def get_template_configs(self):
return [
dict(type="settings", name=gettext("Plugin Manager"), template="pluginmanager_settings.jinja2", custom_bindings=True),
dict(type="about", name="Plugin Licenses", template="pluginmanager_about.jinja2")
]
def login_error():
"""Return error about missing or expired login data"""
return render_template("error.html",
text=gettext("Login error: session data missing or expired"),
title=gettext("Authentification Error"))
def index():
"""Render index page.
Supported outputs: html, json, csv, rss.
"""
if not request.args and not request.form:
return render('index.html', )
try:
search = Search(request)
except:
return render('index.html', )
if plugins.call('pre_search', request, locals()):
search.search(request)
plugins.call('post_search', request, locals())
for result in search.result_container.get_ordered_results():
plugins.call('on_result', request, locals())
if not search.paging and engines[result['engine']].paging:
search.paging = True
if search.request_data.get('format', 'html') == 'html':
if 'content' in result:
result['content'] = highlight_content(
result['content'], search.query.encode('utf-8')) # noqa
result['title'] = highlight_content(result['title'],
search.query.encode('utf-8'))
else:
if result.get('content'):
result['content'] = html_to_text(result['content']).strip()
# removing html content and whitespace duplications
result['title'] = ' '.join(
html_to_text(result['title']).strip().split())
result['pretty_url'] = prettify_url(result['url'])
# TODO, check if timezone is calculated right
if 'publishedDate' in result:
result['pubdate'] = result['publishedDate'].strftime(
'%Y-%m-%d %H:%M:%S%z')
if result['publishedDate'].replace(
tzinfo=None) >= datetime.now() - timedelta(days=1):
timedifference = datetime.now(
) - result['publishedDate'].replace(tzinfo=None)
minutes = int((timedifference.seconds / 60) % 60)
hours = int(timedifference.seconds / 60 / 60)
if hours == 0:
result['publishedDate'] = gettext(
u'{minutes} minute(s) ago').format(minutes=minutes)
else:
result['publishedDate'] = gettext(
u'{hours} hour(s), {minutes} minute(s) ago').format(
hours=hours, minutes=minutes) # noqa
else:
result['publishedDate'] = format_date(result['publishedDate'])
if search.request_data.get('format') == 'json':
return Response(json.dumps({
'query':
search.query,
'results':
search.result_container.get_ordered_results()
}),
mimetype='application/json')
elif search.request_data.get('format') == 'csv':
csv = UnicodeWriter(cStringIO.StringIO())
keys = ('title', 'url', 'content', 'host', 'engine', 'score')
csv.writerow(keys)
for row in search.result_container.get_ordered_results():
row['host'] = row['parsed_url'].netloc
csv.writerow([row.get(key, '') for key in keys])
csv.stream.seek(0)
response = Response(csv.stream.read(), mimetype='application/csv')
cont_disp = 'attachment;Filename=searx_-_{0}.csv'.format(search.query)
response.headers.add('Content-Disposition', cont_disp)
return response
elif search.request_data.get('format') == 'rss':
response_rss = render(
'opensearch_response_rss.xml',
results=search.result_container.get_ordered_results(),
q=search.request_data['q'],
number_of_results=search.result_container.results_length(),
base_url=get_base_url())
return Response(response_rss, mimetype='text/xml')
return render('results.html',
results=search.result_container.get_ordered_results(),
q=search.request_data['q'],
selected_categories=search.categories,
paging=search.paging,
pageno=search.pageno,
base_url=get_base_url(),
suggestions=search.result_container.suggestions,
answers=search.result_container.answers,
infoboxes=search.result_container.infoboxes,
theme=get_current_theme_name(),
favicons=global_favicons[themes.index(
get_current_theme_name())])
'ar', 'arc', 'bcc', 'bqi', 'ckb', 'dv', 'fa', 'glk', 'he', 'ku', 'mzn',
'pnb'
', '
'ps', 'sd', 'ug', 'ur', 'yi'
]
global_favicons = []
for indice, theme in enumerate(themes):
global_favicons.append([])
theme_img_path = searx_dir + "/static/themes/" + theme + "/img/icons/"
for (dirpath, dirnames, filenames) in os.walk(theme_img_path):
global_favicons[indice].extend(filenames)
cookie_max_age = 60 * 60 * 24 * 365 * 5 # 5 years
_category_names = (gettext('files'), gettext('general'), gettext('music'),
gettext('social media'), gettext('images'),
gettext('videos'), gettext('it'), gettext('news'),
gettext('map'), gettext('science'))
outgoing_proxies = settings['outgoing'].get('proxies', None)
@babel.localeselector
def get_locale():
locale = request.accept_languages.best_match(settings['locales'].keys())
if settings['ui'].get('default_locale'):
locale = settings['ui']['default_locale']
if request.cookies.get('locale', '') in settings['locales']:
def create():
""" Create an address
Method: *POST*
URI: */address*
"""
# Get request values
datas = request.values
# Check personne
if 'personne_id' not in datas:
return make_response(
gettext(u"L'identifiant d'une personne est obligatoire."), 400)
try:
personne_id = int(datas['personne_id'])
except Exception:
return make_response(gettext(u"personne_id doit être un identifiant."),
400)
personne = db.session.query(Personne).get(personne_id)
if personne is None:
return make_response(gettext(u"La personne n'existe pas."), 404)
# Check address
if 'address' not in datas:
return make_response(gettext(u"L'adresse est obligatoire."), 400)
if not isinstance(datas['address'], (str, unicode)):
return make_response(
gettext(u"L'adresse doit être une chaine de caractère."), 400)
# Check zipcode
if 'zipcode' not in datas:
return make_response(gettext(u"Le code postal est obligatoire."), 400)
if not isinstance(datas['zipcode'], (str, unicode)):
return make_response(
gettext(u"Le code postal doit être une chaine de caractère."), 400)
# Check city
if 'city' not in datas:
return make_response(gettext(u"La ville est obligatoire."), 400)
if not isinstance(datas['city'], (str, unicode)):
return make_response(
gettext(u"La ville doit être une chaine de caractère."), 400)
# Check country
if 'country_id' not in datas:
return make_response(gettext(u"Le pays est obligatoire."), 400)
try:
country_id = int(datas['country_id'])
except Exception:
return make_response(gettext(u"country_id doit être un identifiant."),
400)
country = db.session.query(Country).get(country_id)
if country is None:
return make_response(gettext(u"Le pays n'existe pas."), 404)
# Create address
address = Address(address=datas['address'],
zipcode=datas['zipcode'],
city=datas['city'],
country=country,
personne_id=personne_id)
# Add address
db.session.add(address)
# Commit
try:
db.session.commit()
except Exception: # pragma: no cover
db.session.rollback()
return make_response(
gettext(
u"Dûe à une erreur inconnu, l'adresse ne peut pas être créé."),
500)
# Build the response
response = make_response(jsonify(address.to_dict()))
response.status_code = 201
response.mimetype = 'application/json'
return response
def update(id):
""" Update an address by id
Method: *PUT*
URI: */address/id*
"""
# Get request values
datas = request.values
# Check address
address = db.session.query(Address).get(id)
if address is None:
return make_response(gettext(u"L'adresse n'existe pas."), 404)
# Check address
if 'address' in datas:
if not isinstance(datas['address'], (str, unicode)):
return make_response(
gettext(u"L'adresse doit être une chaine de caractère."), 400)
address.address = datas['address']
# Check zipcode
if 'zipcode' in datas:
if not isinstance(datas['zipcode'], (str, unicode)):
return make_response(
gettext(u"Le code postal doit être une chaine de caractère."),
400)
address.zipcode = datas['zipcode']
# Check city
if 'city' in datas:
if not isinstance(datas['city'], (str, unicode)):
return make_response(
gettext(u"La ville doit être une chaine de caractère."), 400)
address.city = datas['city']
# Check country
if 'country_id' in datas:
try:
country_id = int(datas['country_id'])
except Exception: # pragma: no cover
return make_response(
gettext(u"country_id doit être un identifiant."), 400)
country = db.session.query(Country).get(country_id)
if country is None:
return make_response(gettext(u"Le pays n'existe pas."), 404)
address.country = country
# Commit
try:
db.session.commit()
except Exception: # pragma: no cover
db.session.rollback()
return make_response(
gettext(
u"Dûe à une erreur inconnu, l'adresse ne peut pas être modifiée."
), 500)
# Build the response
response = make_response(jsonify(address.to_dict()))
response.status_code = 200
response.mimetype = 'application/json'
return response
def forgot_password():
"""
Request a forgotten password for a user.
Returns a Jinja2 template.
"""
form = ForgotPasswordForm(request.body)
data = dict(template='/account/password_forgot.html', form=form)
if form.validate_on_submit():
email_addr = form.email_addr.data.lower()
user = user_repo.get_by(email_addr=email_addr)
if user and not user.enabled:
brand = current_app.config['BRAND']
flash(
gettext('Your account is disabled. '
'Please contact your {} administrator.'.format(brand)),
'error')
return handle_content_type(data)
if user and user.email_addr:
msg = dict(subject='Account Recovery',
recipients=[user.email_addr])
if user.twitter_user_id:
msg['body'] = render_template(
'/account/email/forgot_password_openid.md',
user=user,
account_name='Twitter')
msg['html'] = render_template(
'/account/email/forgot_password_openid.html',
user=user,
account_name='Twitter')
elif user.facebook_user_id:
msg['body'] = render_template(
'/account/email/forgot_password_openid.md',
user=user,
account_name='Facebook')
msg['html'] = render_template(
'/account/email/forgot_password_openid.html',
user=user,
account_name='Facebook')
elif user.google_user_id:
msg['body'] = render_template(
'/account/email/forgot_password_openid.md',
user=user,
account_name='Google')
msg['html'] = render_template(
'/account/email/forgot_password_openid.html',
user=user,
account_name='Google')
else:
userdict = {'user': user.name, 'password': user.passwd_hash}
key = signer.dumps(userdict, salt='password-reset')
recovery_url = url_for_app_type('.reset_password',
key=key,
_external=True)
msg['body'] = render_template(
'/account/email/forgot_password.md',
user=user,
recovery_url=recovery_url)
msg['html'] = render_template(
'/account/email/forgot_password.html',
user=user,
recovery_url=recovery_url)
mail_queue.enqueue(send_mail, msg)
flash(
gettext("We've sent you an email with account "
"recovery instructions!"), 'success')
else:
flash(
gettext("We don't have this email in our records. "
"You may have signed up with a different "
"email"), 'error')
if request.method == 'POST' and not form.validate():
flash(
gettext('Something went wrong, please correct the errors on the '
'form'), 'error')
return handle_content_type(data)
def validate_name(self, field):
code = Code.query.filter(
db.and_(Code.name.like(field.data),
db.not_(Code.id == self.code.id))).first()
if code:
raise ValidationError(gettext(u"名称已经存在"))
def logout():
logout_user()
flash(gettext(u'login.successful_logout'), 'success')
return redirect(url_for('.login'))
def medias_upload():
return render_template('admin/medias_upload.html', title=gettext('Medias'))
def _check_valid_row_length(self, row, row_number, headers):
if len(headers) != len(row):
msg = gettext("The file you uploaded has an extra value on "
"row %s." % (row_number + 1))
raise BulkImportException(msg)
def testsys_error(msg):
"""Return TestSys error, using *msg* as message"""
return render_template("error.html",
text=gettext("TestSys reports following error: {0}").format(msg) if msg
else gettext("TestSys reports unknown error"),
title=gettext("TestSys error"))
def _global_template_context():
notify_admin = False
if current_user and current_user.is_authenticated():
if current_user.email_addr == current_user.name:
flash(
gettext("Please update your e-mail address in your"
" profile page, right now it is empty!"), 'error')
if (current_user and current_user.is_authenticated()
and current_user.admin):
key = NEWS_FEED_KEY + str(current_user.id)
if sentinel.slave.get(key):
notify_admin = True
news = get_news()
else:
news = None
# Cookies warning
cookie_name = app.config['BRAND'] + "_accept_cookies"
show_cookies_warning = False
if request and (not request.cookies.get(cookie_name)):
show_cookies_warning = True
# Announcement sections
if app.config.get('ANNOUNCEMENT'):
announcement = app.config['ANNOUNCEMENT']
if current_user and current_user.is_authenticated():
for key in announcement.keys():
if key == 'admin' and current_user.admin:
flash(announcement[key], 'info')
if key == 'owner' and len(current_user.projects) != 0:
flash(announcement[key], 'info')
if key == 'user':
flash(announcement[key], 'info')
if app.config.get('CONTACT_EMAIL'): # pragma: no cover
contact_email = app.config.get('CONTACT_EMAIL')
else:
contact_email = '*****@*****.**'
if app.config.get('CONTACT_TWITTER'): # pragma: no cover
contact_twitter = app.config.get('CONTACT_TWITTER')
else:
contact_twitter = 'PYBOSSA'
# Available plugins
plugins = plugin_manager.plugins
return dict(
brand=app.config['BRAND'],
title=app.config['TITLE'],
logo=app.config['LOGO'],
copyright=app.config['COPYRIGHT'],
description=app.config['DESCRIPTION'],
terms_of_use=app.config['TERMSOFUSE'],
data_use=app.config['DATAUSE'],
enforce_privacy=app.config['ENFORCE_PRIVACY'],
# version=pybossa.__version__,
current_user=current_user,
show_cookies_warning=show_cookies_warning,
contact_email=contact_email,
contact_twitter=contact_twitter,
upload_method=app.config['UPLOAD_METHOD'],
news=news,
notify_admin=notify_admin,
plugins=plugins)
def log_exception(error):
from sagenb.notebook.notification import logger
logger.exception(error)
return app.message(gettext('''500: Internal server error.'''),
username=getattr(g, 'username', 'guest')), 500
def handle_403():
return render_template('admin/403.html', title=gettext('Error: 403')), 403
def forgot_password():
"""
Request a forgotten password for a user.
Returns a Jinja2 template.
"""
form = ForgotPasswordForm(request.form)
if form.validate_on_submit():
user = user_repo.get_by(email_addr=form.email_addr.data)
if user and user.email_addr:
msg = dict(subject='Account Recovery',
recipients=[user.email_addr])
if user.twitter_user_id:
msg['body'] = render_template(
'/account/email/forgot_password_openid.md',
user=user,
account_name='Twitter')
msg['html'] = render_template(
'/account/email/forgot_password_openid.html',
user=user,
account_name='Twitter')
elif user.facebook_user_id:
msg['body'] = render_template(
'/account/email/forgot_password_openid.md',
user=user,
account_name='Facebook')
msg['html'] = render_template(
'/account/email/forgot_password_openid.html',
user=user,
account_name='Facebook')
elif user.google_user_id:
msg['body'] = render_template(
'/account/email/forgot_password_openid.md',
user=user,
account_name='Google')
msg['html'] = render_template(
'/account/email/forgot_password_openid.html',
user=user,
account_name='Google')
else:
userdict = {'user': user.name, 'password': user.passwd_hash}
key = signer.dumps(userdict, salt='password-reset')
recovery_url = url_for('.reset_password',
key=key,
_external=True)
msg['body'] = render_template(
'/account/email/forgot_password.md',
user=user,
recovery_url=recovery_url)
msg['html'] = render_template(
'/account/email/forgot_password.html',
user=user,
recovery_url=recovery_url)
mail_queue.enqueue(send_mail, msg)
flash(
gettext("We've send you an email with account "
"recovery instructions!"), 'success')
else:
flash(
gettext("We don't have this email in our records. "
"You may have signed up with a different "
"email or used Twitter, Facebook, or "
"Google to sign-in"), 'error')
if request.method == 'POST' and not form.validate():
flash(
gettext('Something went wrong, please correct the errors on the '
'form'), 'error')
return render_template('/account/password_forgot.html', form=form)
def signin():
"""
Signin method for PYBOSSA users.
Returns a Jinja2 template with the result of signing process.
"""
form = LoginForm(request.body)
isLdap = current_app.config.get('LDAP_HOST', False)
if (request.method == 'POST' and form.validate() and isLdap is False):
password = form.password.data
email_addr = form.email.data.lower()
user = user_repo.search_by_email(email_addr=email_addr)
if user and not user.enabled:
brand = current_app.config['BRAND']
flash(
gettext('Your account is disabled. '
'Please contact your {} administrator.'.format(brand)),
'error')
return redirect(url_for('home.home'))
if user and user.check_password(password):
if not current_app.config.get('ENABLE_TWO_FACTOR_AUTH'):
msg_1 = gettext('Welcome back') + ' ' + user.fullname
flash(msg_1, 'success')
return _sign_in_user(user)
else:
_email_two_factor_auth(user)
url_token = otp.generate_url_token(user.email_addr)
next_url = is_own_url_or_else(request.args.get('next'),
url_for('home.home'))
return redirect_content_type(
url_for('account.otpvalidation',
token=url_token,
next=next_url))
elif user:
msg, method = get_user_signup_method(user)
if method == 'local':
msg = gettext('Ooops, Incorrect email/password')
flash(msg, 'error')
else:
flash(msg, 'info')
else:
msg = gettext("Ooops, we didn't find you in the system, \
did you sign up?")
flash(msg, 'info')
if (request.method == 'POST' and form.validate() and isLdap):
password = form.password.data
cn = form.email.data
ldap_user = None
if ldap.bind_user(cn, password):
ldap_user = ldap.get_object_details(cn)
key = current_app.config.get('LDAP_USER_FILTER_FIELD')
value = ldap_user[key][0]
user_db = user_repo.get_by(ldap=value)
if (user_db is None):
keyfields = current_app.config.get('LDAP_PYBOSSA_FIELDS')
user_data = dict(
fullname=ldap_user[keyfields['fullname']][0],
name=ldap_user[keyfields['name']][0],
email_addr=ldap_user[keyfields['email_addr']][0],
valid_email=True,
ldap=value,
consent=True)
create_account(user_data, ldap_disabled=False)
else:
login_user(user_db, remember=True)
else:
msg = gettext("User LDAP credentials are wrong.")
flash(msg, 'info')
if request.method == 'POST' and not form.validate():
flash(gettext('Please correct the errors'), 'error')
auth = {'twitter': False, 'facebook': False, 'google': False}
if current_user.is_anonymous():
# If Twitter is enabled in config, show the Twitter Sign in button
if (isLdap is False):
if ('twitter' in current_app.blueprints): # pragma: no cover
auth['twitter'] = True
if ('facebook' in current_app.blueprints): # pragma: no cover
auth['facebook'] = True
if ('google' in current_app.blueprints): # pragma: no cover
auth['google'] = True
next_url = is_own_url_or_else(request.args.get('next'),
url_for('home.home'))
response = dict(template='account/signin.html',
title="Sign in",
form=form,
auth=auth,
next=next_url)
return handle_content_type(response)
else:
# User already signed in, so redirect to home page
return redirect_content_type(url_for("home.home"))
def _(*args, **kwargs):
return gettext(*args, **kwargs)
def respond():
response = dict(
template='', # template='admin/update_announcement.html',
title=gettext("Edit a post"),
form=form)
return handle_content_type(response)
def _check_no_duplicated_headers(self, headers):
if len(headers) != len(set(headers)):
msg = gettext('The file you uploaded has '
'two headers with the same name.')
raise BulkImportException(msg)
def create(self, gid, sid, did):
"""
This function will create the foreign data wrapper node.
Args:
gid: Server Group ID
sid: Server ID
did: Database ID
"""
required_args = [
'name'
]
data = request.form if request.form else json.loads(request.data.decode())
for arg in required_args:
if arg not in data:
return make_json_response(
status=410,
success=0,
errormsg=gettext(
"Couldn't find the required parameter (%s)." % arg
)
)
try:
if 'fdwacl' in data:
data['fdwacl'] = parse_priv_to_db(data['fdwacl'], ['U'])
new_list = []
# Allow user to set the blank value in fdwvalue field in option model
if 'fdwoptions' in data:
for item in data['fdwoptions']:
new_dict = {}
if item['fdwoption']:
if 'fdwvalue' in item and item['fdwvalue'] and item['fdwvalue'] != '':
new_dict.update(item);
else:
new_dict.update({'fdwoption': item['fdwoption'], 'fdwvalue': ''})
new_list.append(new_dict)
data['fdwoptions'] = new_list
sql = render_template("/".join([self.template_path, 'create.sql']), data=data, conn=self.conn)
status, res = self.conn.execute_dict(sql)
if not status:
return internal_server_error(errormsg=res)
sql = render_template("/".join([self.template_path, 'properties.sql']), fname=data['name'], conn=self.conn)
status, r_set = self.conn.execute_dict(sql)
if not status:
return internal_server_error(errormsg=r_set)
for row in r_set['rows']:
return jsonify(
node=self.blueprint.generate_browser_node(
row['fdwoid'],
did,
row['name'],
icon='icon-foreign_data_wrapper'
)
)
except Exception as e:
return internal_server_error(errormsg=str(e))
