def _validate_groupid(self, appstruct): """ Validate the ``groupid`` to make sure it adheres to authority restrictions. ``groupid`` is only allowed if the authority of the group associated with it is not the default authority—i.e. this is a third-party group. :arg appstruct: Data, which may or may not contain a ``groupid`` entry :type appstruct: dict :raise h.schemas.ValidationError: """ groupid = appstruct.get("groupid", None) if groupid is None: # Nothing to validate return None if (self.group_authority is None) or (self.group_authority == self.default_authority): # This is a first-party group raise ValidationError("{err_msg} '{authority}'".format( err_msg= _("groupid may only be set on groups oustide of the default authority" ), authority=self.default_authority, )) groupid_parts = split_groupid(groupid) if groupid_parts["authority"] != self.group_authority: # The authority part of the ``groupid`` doesn't match the # group's authority raise ValidationError("{err_msg} '{groupid}'".format( err_msg=_("Invalid authority specified in groupid"), groupid=groupid))
def ensure_unique(self, data, authority): """ Ensure the provided `data` would constitute a new, non-duplicate user. Check for conflicts in email, username, identity. :param data: dictionary of new-user data. Will check `email`, `username` and any `identities` dictionaries provided :raises ConflictError: if the data violate any uniqueness constraints :param authority: Authority against which to do a duplicate check """ # pylint:disable=consider-using-f-string errors = [] # check for duplicate email address if data.get("email", None) and ( models.User.get_by_email(self._session, data["email"], authority) is not None ): errors.append( _("user with email address '{}' already exists".format(data["email"])) ) # check for duplicate username if data.get("username", None) and ( models.User.get_by_username(self._session, data["username"], authority) is not None ): errors.append( _("user with username '{}' already exists".format(data["username"])) ) # check for duplicate identities # (provider, provider_unique_id) combinations identities = data.get("identities", []) for identity in identities: if self.user_service.fetch_by_identity( identity["provider"], identity["provider_unique_id"] ): errors.append( _( "user with provider '{}' and unique id '{}' already exists".format( identity["provider"], identity["provider_unique_id"] ) ) ) if errors: raise DuplicateUserError(", ".join(errors))
def ensure_unique(self, data, authority): """ Ensure the provided `data` would constitute a new, non-duplicate user. Check for conflicts in email, username, identity. :param data: dictionary of new-user data. Will check `email`, `username` and any `identities` dictionaries provided :raises ConflictError: if the data violate any uniqueness constraints :param authority: Authority against which to do a duplicate check """ errors = [] # check for duplicate email address if data.get("email", None) and ( models.User.get_by_email(self._session, data["email"], authority) is not None ): errors.append( _("user with email address '{}' already exists".format(data["email"])) ) # check for duplicate username if data.get("username", None) and ( models.User.get_by_username(self._session, data["username"], authority) is not None ): errors.append( _("user with username '{}' already exists".format(data["username"])) ) # check for duplicate identities # (provider, provider_unique_id) combinations identities = data.get("identities", []) for identity in identities: if self.user_service.fetch_by_identity( identity["provider"], identity["provider_unique_id"] ): errors.append( _( "user with provider '{}' and unique id '{}' already exists".format( identity["provider"], identity["provider_unique_id"] ) ) ) if errors: raise DuplicateUserError(", ".join(errors))
def generate(request, user): """ Generate an email for a user password reset request. :param request: the current request :type request: pyramid.request.Request :param user: the user to whom to send the reset code :type user: h.models.User :returns: a 4-element tuple containing: recipients, subject, text, html """ serializer = request.registry.password_reset_serializer code = serializer.dumps(user.username) context = { 'username': user.username, 'reset_code': code, 'reset_link': request.route_url('account_reset_with_code', code=code) } subject = _('Reset your password') text = render('h:templates/emails/reset_password.txt.jinja2', context, request=request) html = render('h:templates/emails/reset_password.html.jinja2', context, request=request) return [user.email], subject, text, html
def generate(request, email, incontext_link): """ Generate an email to notify the group admin when a group member flags an annotation. :param request: the current request :type request: pyramid.request.Request :param email: the group admin's email address :type email: text :param incontext_link: the direct link to the flagged annotation :type incontext_link: text :returns: a 4-element tuple containing: recipients, subject, text, html """ context = {"incontext_link": incontext_link} subject = _("An annotation has been flagged") text = render( "h:templates/emails/flag_notification.txt.jinja2", context, request=request ) html = render( "h:templates/emails/flag_notification.html.jinja2", context, request=request ) return [email], subject, text, html
def generate(request, id, email, activation_code): """ Generate an email for a user signup. :param request: the current request :type request: pyramid.request.Request :param id: the new user's primary key ID :type id: int :param email: the new user's email address :type email: text :param activation_code: the activation code :type activation_code: text :returns: a 4-element tuple containing: recipients, subject, text, html """ context = { "activate_link": request.route_url("activate", id=id, code=activation_code) } subject = _("Please activate your account") text = render("h:templates/emails/signup.txt.jinja2", context, request=request) html = render("h:templates/emails/signup.html.jinja2", context, request=request) return [email], subject, text, html
def generate(request, id, email, activation_code): """ Generate an email for a user signup. :param request: the current request :type request: pyramid.request.Request :param id: the new user's primary key ID :type id: int :param email: the new user's email address :type email: text :param activation_code: the activation code :type activation_code: text :returns: a 4-element tuple containing: recipients, subject, text, html """ context = { 'activate_link': request.route_url('activate', id=id, code=activation_code), } subject = _('Please activate your account') text = render('h:templates/emails/signup.txt.jinja2', context, request=request) html = render('h:templates/emails/signup.html.jinja2', context, request=request) return [email], subject, text, html
def json_error(request): """Handle an unexpected exception where the request asked for JSON.""" handle_exception(request) message = _("Hypothesis had a problem while handling this request. " "Our team has been notified. Please contact [email protected]" " if the problem persists.") return {'status': 'failure', 'reason': message}
def create(request): """Create a group from the POST payload.""" appstruct = CreateGroupAPISchema( default_authority=request.default_authority, group_authority=client_authority(request) or request.default_authority).validate(_json_payload(request)) group_service = request.find_service(name='group') group_create_service = request.find_service(name='group_create') # Check for duplicate group groupid = appstruct.get('groupid', None) if groupid is not None: duplicate_group = group_service.fetch(pubid_or_groupid=groupid) if duplicate_group: raise ConflictError( _("group with groupid '{}' already exists").format(groupid)) group = group_create_service.create_private_group( name=appstruct['name'], userid=request.user.userid, description=appstruct.get('description', None), groupid=groupid, ) return GroupJSONPresenter(GroupContext( group, request)).asdict(expand=['organization'])
def create(request): """Create a group from the POST payload.""" appstruct = CreateGroupAPISchema( default_authority=request.default_authority, group_authority=request.effective_authority, ).validate(_json_payload(request)) group_service = request.find_service(name="group") group_create_service = request.find_service(name="group_create") # Check for duplicate group groupid = appstruct.get("groupid", None) if groupid is not None: duplicate_group = group_service.fetch(pubid_or_groupid=groupid) if duplicate_group: raise HTTPConflict( _("group with groupid '{}' already exists").format(groupid)) group = group_create_service.create_private_group( name=appstruct["name"], userid=request.user.userid, description=appstruct.get("description", None), groupid=groupid, ) return GroupJSONPresenter( group, request).asdict(expand=["organization", "scopes"])
def create(request): """Create a group from the POST payload.""" appstruct = CreateGroupAPISchema( default_authority=request.default_authority, group_authority=client_authority(request) or request.default_authority, ).validate(_json_payload(request)) group_service = request.find_service(name="group") group_create_service = request.find_service(name="group_create") # Check for duplicate group groupid = appstruct.get("groupid", None) if groupid is not None: duplicate_group = group_service.fetch(pubid_or_groupid=groupid) if duplicate_group: raise HTTPConflict( _("group with groupid '{}' already exists").format(groupid) ) group = group_create_service.create_private_group( name=appstruct["name"], userid=request.user.userid, description=appstruct.get("description", None), groupid=groupid, ) return GroupJSONPresenter(GroupContext(group, request)).asdict( expand=["organization", "scopes"] )
def generate(request, user): """ Generate an email for a user password reset request. :param request: the current request :type request: pyramid.request.Request :param user: the user to whom to send the reset code :type user: h.models.User :returns: a 4-element tuple containing: recipients, subject, text, html """ serializer = request.registry.password_reset_serializer code = serializer.dumps(user.username) context = { "username": user.username, "reset_code": code, "reset_link": request.route_url("account_reset_with_code", code=code), } subject = _("Reset your password") text = render( "h:templates/emails/reset_password.txt.jinja2", context, request=request ) html = render( "h:templates/emails/reset_password.html.jinja2", context, request=request ) return [user.email], subject, text, html
def json_error(context, request): """Handle an unexpected exception in an API view.""" handle_exception(request, exception=context) message = _( "Hypothesis had a problem while handling this request. " "Our team has been notified. Please contact [email protected]" " if the problem persists.") return {"status": "failure", "reason": message}
def back_link(_context, request): """ A link which takes the user back to the previous page on the site. """ referrer_path = urlparse(request.referrer or "").path current_username = request.user.username if referrer_path == request.route_path("activity.user_search", username=current_username): back_label = _("Back to your profile page") elif _matches_route(referrer_path, request, "group_read"): back_label = _("Back to group overview page") else: back_label = None return {"back_label": back_label, "back_location": request.referrer}
def back_link_label(request): """ Get a link which takes the user back to the previous page on the site. This is used in `templates/includes/back_link.html.jinja2` """ referrer_path = urlparse(request.referrer or "").path current_username = request.user.username if referrer_path == request.route_path("activity.user_search", username=current_username): return _("Back to your profile page") if _matches_route(referrer_path, request, route_name="group_read"): return _("Back to group overview page") return None
def _form_request_user(request, param): username = request.params[param] user = models.User.get_by_username(request.db, username) if user is None: raise UserNotFoundError( _("Could not find user with username %s" % username)) return user
def search(self): check_slug(self.group, self.request) result = super(GroupSearchController, self).search() result["opts"] = {"search_groupname": self.group.name} if self.request.authenticated_user not in self.group.members: return result def user_annotation_count(aggregation, userid): for user in aggregation: if user["user"] == userid: return user["count"] return 0 q = query.extract(self.request) users_aggregation = result["search_results"].aggregations.get("users", []) members = [ { "username": u.username, "userid": u.userid, "count": user_annotation_count(users_aggregation, u.userid), "faceted_by": _faceted_by_user(self.request, u.username, q), } for u in self.group.members ] members = sorted(members, key=lambda k: k["username"].lower()) group_annotation_count = None if self.request.feature("total_shared_annotations"): group_annotation_count = self.request.find_service(name="annotation_stats").group_annotation_count( self.group.pubid ) result["stats"] = {"annotation_count": group_annotation_count} result["group"] = { "created": self.group.created.strftime("%B, %Y"), "description": self.group.description, "name": self.group.name, "pubid": self.group.pubid, "url": self.request.route_url("group_read", pubid=self.group.pubid, slug=self.group.slug), "members": members, } if self.request.has_permission("admin", self.group): result["group_edit_url"] = self.request.route_url("group_edit", pubid=self.group.pubid) result["more_info"] = "more_info" in self.request.params if not result.get("q"): result["zero_message"] = Markup( _("The group “{name}” has not made any annotations yet.").format(name=Markup.escape(self.group.name)) ) return result
def json_error(context, request): """Handle an unexpected exception where the request asked for JSON.""" handle_exception(request, exception=context) message = _( "Hypothesis had a problem while handling this request. " "Our team has been notified. Please contact [email protected]" " if the problem persists." ) return {"status": "failure", "reason": message}
def admins_add(request): """Make a given user an admin.""" username = request.params['add'] try: accounts.make_admin(username) except accounts.NoSuchUserError: request.session.flash( _("User {username} doesn't exist.".format(username=username)), "error") return admins_index(request)
def _form_request_user(request, param): username = request.params[param] user = models.User.get_by_username(request.db, username) if user is None: raise UserNotFoundError( _("Could not find user with username %s" % username) ) return user
def json_error(request): """Handle an unexpected exception where the request asked for JSON.""" handle_exception(request) message = _("Uh-oh, something went wrong! We're very sorry, our " "application wasn't able to load this page. The team has " "been notified and we'll fix it shortly. If the problem " "persists or you'd like more information please email " "[email protected] with the subject 'Internal Server " "Error'.") return {'status': 'failure', 'reason': message}
def back_link(context, request): """ A link which takes the user back to the previous page on the site. """ referrer_path = urlparse.urlparse(request.referrer or '').path current_username = request.authenticated_user.username if referrer_path == request.route_path('activity.user_search', username=current_username): back_label = _('Back to your profile page') elif _matches_route(referrer_path, request, 'group_read'): back_label = _('Back to group overview page') else: back_label = None return { 'back_label': back_label, 'back_location': request.referrer, }
def nipsa_remove(request): userid = request.params["remove"] user = request.db.query(models.User).filter_by(userid=userid).first() if user is None: raise UserNotFoundError(_("Could not find user with userid %s" % userid)) nipsa_service = request.find_service(name="nipsa") nipsa_service.unflag(user) index = request.route_path("admin.nipsa") return httpexceptions.HTTPSeeOther(index)
def back_link(context, request): """ A link which takes the user back to the previous page on the site. """ referrer_path = urlparse.urlparse(request.referrer or '').path current_username = request.user.username if referrer_path == request.route_path('activity.user_search', username=current_username): back_label = _('Back to your profile page') elif _matches_route(referrer_path, request, 'group_read'): back_label = _('Back to group overview page') else: back_label = None return { 'back_label': back_label, 'back_location': request.referrer, }
def upsert(context, request): """ Create or update a group from a PUT payload. If no group model is present in the passed ``context`` (on ``context.group``), treat this as a create action and delegate to ``create``. Otherwise, replace the existing group's resource properties entirely and update the object. :arg context: :type context: h.traversal.GroupUpsertContext """ if context.group is None: return create(request) group = context.group # Because this is a PUT endpoint and not a PATCH, a full replacement of the # entire resource is expected. Thus, we're validating against the Create schema # here as we want to make sure properties required for a fresh object are present appstruct = CreateGroupAPISchema( default_authority=request.default_authority, group_authority=client_authority(request) or request.default_authority, ).validate(_json_payload(request)) group_update_service = request.find_service(name="group_update") group_service = request.find_service(name="group") # Check for duplicate group groupid = appstruct.get("groupid", None) if groupid is not None: duplicate_group = group_service.fetch(pubid_or_groupid=groupid) if duplicate_group and (duplicate_group != group): raise HTTPConflict( _("group with groupid '{}' already exists").format(groupid) ) # Need to make sure every resource-defined property is present, as this # is meant as a full-resource-replace operation. # TODO: This may be better handled in the schema at some point update_properties = { "name": appstruct["name"], "description": appstruct.get("description", ""), "groupid": appstruct.get("groupid", None), } group = group_update_service.update(group, **update_properties) # Note that this view takes a ``GroupUpsertContext`` but uses a ``GroupContext`` here return GroupJSONPresenter(GroupContext(group, request)).asdict( expand=["organization", "scopes"] )
def features_save(request): session.check_csrf_token(request) for feat in models.Feature.all(request.db): for attr in ['everyone', 'admins', 'staff']: val = request.POST.get('{0}[{1}]'.format(feat.name, attr)) if val == 'on': setattr(feat, attr, True) else: setattr(feat, attr, False) request.session.flash(_("Changes saved."), "success") return httpexceptions.HTTPSeeOther( location=request.route_url('admin_features'))
def search(self): # Make a copy of the query params to be consumed by search. query_params = self.parsed_query_params.copy() # Check whether a redirect is required. query.check_url(self.request, query_params) page_size = self.request.params.get("page_size", PAGE_SIZE) try: page_size = int(page_size) except ValueError: page_size = PAGE_SIZE # Fetch results. results = query.execute(self.request, query_params, page_size=page_size) groups_suggestions = [] if self.request.user: for group in self.request.user.groups: groups_suggestions.append({ "name": group.name, "pubid": group.pubid }) def tag_link(tag): tag = parser.unparse({"tag": tag}) return self.request.route_url("activity.search", _query=[("q", tag)]) def username_from_id(userid): parts = split_user(userid) return parts["username"] def user_link(userid): username = username_from_id(userid) return self.request.route_url("activity.user_search", username=username) return { "search_results": results, "groups_suggestions": groups_suggestions, "page": paginate(self.request, results.total, page_size=page_size), "pretty_link": pretty_link, "q": self.request.params.get("q", ""), "tag_link": tag_link, "user_link": user_link, "username_from_id": username_from_id, # The message that is shown (only) if there's no search results. "zero_message": _("No annotations matched your search."), }
def staff_add(request): """Make a given user a staff member.""" username = request.params['add'] user = models.User.get_by_username(username) if user is None: request.session.flash( _("User {username} doesn't exist.".format(username=username)), "error") else: user.staff = True index = request.route_path('admin_staff') return httpexceptions.HTTPSeeOther(location=index)
def features_save(request): session.check_csrf_token(request) for feat in models.Feature.all(): for attr in ['everyone', 'admins', 'staff']: val = request.POST.get('{0}[{1}]'.format(feat.name, attr)) if val == 'on': setattr(feat, attr, True) else: setattr(feat, attr, False) request.session.flash(_("Changes saved."), "success") return httpexceptions.HTTPSeeOther( location=request.route_url('admin_features'))
def nipsa_remove(request): username = request.params["remove"] if username: userid = util.user.userid_from_username(username, request) nipsa_service = request.find_service(name='nipsa') nipsa_service.unflag(userid) else: request.session.flash(_('Please supply a username!'), 'error') index = request.route_path("admin_nipsa") return httpexceptions.HTTPSeeOther(index)
def _validate_groupid(self, appstruct): """ Validate the ``groupid`` to make sure it adheres to authority restrictions. ``groupid`` is only allowed if the authority of the group associated with it is not the default authority—i.e. this is a third-party group. :arg appstruct: Data, which may or may not contain a ``groupid`` entry :type appstruct: dict :raise h.schemas.ValidationError: """ groupid = appstruct.get("groupid", None) if groupid is None: # Nothing to validate return None if (self.group_authority is None) or ( self.group_authority == self.default_authority ): # This is a first-party group raise ValidationError( "{err_msg} '{authority}'".format( err_msg=_( "groupid may only be set on groups oustide of the default authority" ), authority=self.default_authority, ) ) groupid_parts = split_groupid(groupid) if groupid_parts["authority"] != self.group_authority: # The authority part of the ``groupid`` doesn't match the # group's authority raise ValidationError( "{err_msg} '{groupid}'".format( err_msg=_("Invalid authority specified in groupid"), groupid=groupid ) )
def users_activate(request): username = request.params['username'] user = models.User.get_by_username(username) if user is None: request.session.flash( jinja2.Markup(_( "User {name} doesn't exist!".format(name=username))), 'error') return httpexceptions.HTTPFound( location=request.route_path('admin_users')) user.activate() request.session.flash( jinja2.Markup( _('User {name} has been activated!'.format(name=user.username))), 'success') request.registry.notify(ActivationEvent(request, user)) return httpexceptions.HTTPFound(location=request.route_path( 'admin_users', _query=(('username', user.username), )))
def staff_add(request): """Make a given user a staff member.""" username = request.params["add"].strip() authority = request.params["authority"].strip() user = models.User.get_by_username(request.db, username, authority) if user is None: request.session.flash( _("User {username} doesn't exist.".format(username=username)), "error") else: user.staff = True index = request.route_path("admin.staff") return httpexceptions.HTTPSeeOther(location=index)
def staff_add(request): """Make a given user a staff member.""" username = request.params["add"].strip() authority = request.params["authority"].strip() user = models.User.get_by_username(request.db, username, authority) if user is None: request.session.flash( _("User {username} doesn't exist.".format(username=username)), "error" ) else: user.staff = True index = request.route_path("admin.staff") return httpexceptions.HTTPSeeOther(location=index)
def admins_add(request): """Make a given user an admin.""" username = request.params['add'].strip() authority = request.params['authority'].strip() user = models.User.get_by_username(request.db, username, authority) if user is None: request.session.flash( _("User {username} doesn't exist.".format(username=username)), "error") else: user.admin = True index = request.route_path('admin_admins') return httpexceptions.HTTPSeeOther(location=index)
def users_activate(request): username = request.params['username'] user = models.User.get_by_username(username) if user is None: request.session.flash(jinja2.Markup(_( "User {name} doesn't exist!".format(name=username))), 'error') return httpexceptions.HTTPFound( location=request.route_path('admin_users')) user.activate() request.session.flash(jinja2.Markup(_( 'User {name} has been activated!'.format(name=user.username))), 'success') request.registry.notify(ActivationEvent(request, user)) return httpexceptions.HTTPFound( location=request.route_path('admin_users', _query=(('username', user.username),)))
def staff_add(request): """Make a given user a staff member.""" try: username = request.params['add'] except KeyError: raise httpexceptions.HTTPNotFound() try: accounts.make_staff(username) except accounts.NoSuchUserError: request.session.flash( _("User {username} doesn't exist.".format(username=username)), "error") return staff_index(request)
def search(self): # Make a copy of the query params to be consumed by search. q = self.parsed_query_params.copy() # Check whether a redirect is required. query.check_url(self.request, q) page_size = self.request.params.get('page_size', PAGE_SIZE) try: page_size = int(page_size) except ValueError: page_size = PAGE_SIZE # Fetch results. results = query.execute(self.request, q, page_size=page_size) groups_suggestions = [] if self.request.user: for group in self.request.user.groups: groups_suggestions.append({ 'name': group.name, 'pubid': group.pubid }) def tag_link(tag): q = parser.unparse({'tag': tag}) return self.request.route_url('activity.search', _query=[('q', q)]) def username_from_id(userid): parts = split_user(userid) return parts['username'] def user_link(userid): username = username_from_id(userid) return self.request.route_url('activity.user_search', username=username) return { 'search_results': results, 'groups_suggestions': groups_suggestions, 'page': paginate(self.request, results.total, page_size=page_size), 'pretty_link': pretty_link, 'q': self.request.params.get('q', ''), 'tag_link': tag_link, 'user_link': user_link, 'username_from_id': username_from_id, # The message that is shown (only) if there's no search results. 'zero_message': _('No annotations matched your search.'), }
def users_activate(request): user = _form_request_user(request) user.activate() request.session.flash(jinja2.Markup(_( 'User {name} has been activated!'.format(name=user.username))), 'success') request.registry.notify(ActivationEvent(request, user)) return httpexceptions.HTTPFound( location=request.route_path('admin_users', _query=(('username', user.username),)))
def search(self): q = query.extract(self.request) # Check whether a redirect is required. query.check_url(self.request, q) page_size = self.request.params.get('page_size', PAGE_SIZE) try: page_size = int(page_size) except ValueError: page_size = PAGE_SIZE # Fetch results. results = query.execute(self.request, q, page_size=page_size) groups_suggestions = [] if self.request.user: for group in self.request.user.groups: groups_suggestions.append({ 'name': group.name, 'pubid': group.pubid }) def tag_link(tag): q = parser.unparse({'tag': tag}) return self.request.route_url('activity.search', _query=[('q', q)]) def username_from_id(userid): parts = split_user(userid) return parts['username'] def user_link(userid): username = username_from_id(userid) return self.request.route_url('activity.user_search', username=username) return { 'search_results': results, 'groups_suggestions': groups_suggestions, 'page': paginate(self.request, results.total, page_size=page_size), 'pretty_link': pretty_link, 'q': self.request.params.get('q', ''), 'tag_link': tag_link, 'user_link': user_link, 'username_from_id': username_from_id, # The message that is shown (only) if there's no search results. 'zero_message': _('No annotations matched your search.'), }
def cohorts_edit_remove(request): member_name = request.params['remove'] cohort_id = request.matchdict['id'] cohort = request.db.query(models.FeatureCohort).get(cohort_id) member = request.db.query(models.User).filter_by(username=member_name).first() try: cohort.members.remove(member) except ValueError: request.session.flash( _("User {member_name} doesn't exist.".format(member_name=member_name)), "error") url = request.route_url('admin_cohorts_edit', id=cohort_id) return httpexceptions.HTTPSeeOther(url)
def nipsa_add(request): username = request.params['add'].strip() authority = request.params['authority'].strip() user = models.User.get_by_username(request.db, username, authority) if user is None: raise UserNotFoundError( _("Could not find user with username %s and authority %s" % (username, authority)) ) nipsa_service = request.find_service(name='nipsa') nipsa_service.flag(user) index = request.route_path("admin_nipsa") return httpexceptions.HTTPSeeOther(index)
def cohorts_edit_add(request): member_name = request.params['add'] cohort_id = request.matchdict['id'] member = models.User.get_by_username(request.db, member_name) if member is None: request.session.flash( _("User {member_name} doesn't exist.".format(member_name=member_name)), "error") else: cohort = request.db.query(models.FeatureCohort).get(cohort_id) cohort.members.append(member) url = request.route_url('admin_cohorts_edit', id=cohort_id) return httpexceptions.HTTPSeeOther(url)
def nipsa_add(request): username = request.params['add'].strip() authority = request.params['authority'].strip() user = models.User.get_by_username(request.db, username, authority) if user is None: raise UserNotFoundError( _("Could not find user with username %s and authority %s" % (username, authority))) nipsa_service = request.find_service(name='nipsa') nipsa_service.flag(user) index = request.route_path("admin_nipsa") return httpexceptions.HTTPSeeOther(index)
def admins_add(request): """Make a given user an admin.""" username = request.params["add"].strip() authority = request.params["authority"].strip() user = models.User.get_by_username(request.db, username, authority) if user is None: request.session.flash( # pylint:disable=consider-using-f-string _("User {username} doesn't exist.".format(username=username)), "error", ) else: user.admin = True index = request.route_path("admin.admins") return httpexceptions.HTTPSeeOther(location=index)
def badge_add(request): uri = request.params['add'] item = models.Blocklist(uri=uri) request.db.add(item) # There's a uniqueness constraint on `uri`, so we flush the session, # catching any IntegrityError and responding appropriately. try: request.db.flush() except IntegrityError: request.db.rollback() msg = _("{uri} is already blocked.").format(uri=uri) request.session.flash(msg, 'error') index = request.route_path('admin_badge') return httpexceptions.HTTPSeeOther(location=index)
def search(self): # Make a copy of the query params to be consumed by search. q = self.parsed_query_params.copy() # Check whether a redirect is required. query.check_url(self.request, q) page_size = self.request.params.get("page_size", PAGE_SIZE) try: page_size = int(page_size) except ValueError: page_size = PAGE_SIZE # Fetch results. results = query.execute(self.request, q, page_size=page_size) groups_suggestions = [] if self.request.user: for group in self.request.user.groups: groups_suggestions.append({"name": group.name, "pubid": group.pubid}) def tag_link(tag): q = parser.unparse({"tag": tag}) return self.request.route_url("activity.search", _query=[("q", q)]) def username_from_id(userid): parts = split_user(userid) return parts["username"] def user_link(userid): username = username_from_id(userid) return self.request.route_url("activity.user_search", username=username) return { "search_results": results, "groups_suggestions": groups_suggestions, "page": paginate(self.request, results.total, page_size=page_size), "pretty_link": pretty_link, "q": self.request.params.get("q", ""), "tag_link": tag_link, "user_link": user_link, "username_from_id": username_from_id, # The message that is shown (only) if there's no search results. "zero_message": _("No annotations matched your search."), }
def search(self): result = super(UserSearchController, self).search() result['opts'] = {'search_username': self.user.username} result['more_info'] = 'more_info' in self.request.params def domain(user): if not user.uri: return None return urlparse.urlparse(user.uri).netloc annotation_count = None if self.request.feature('total_shared_annotations'): user_annotation_counts = self.request.find_service(name='annotation_stats').user_annotation_counts(self.user.userid) annotation_count = user_annotation_counts['public'] if self.request.authenticated_userid == self.user.userid: annotation_count = user_annotation_counts['total'] result['stats'] = { 'annotation_count': annotation_count, } result['user'] = { 'name': self.user.display_name or self.user.username, 'description': self.user.description, 'registered_date': self.user.registered_date.strftime('%B, %Y'), 'location': self.user.location, 'uri': self.user.uri, 'domain': domain(self.user), 'orcid': self.user.orcid, } if self.request.user == self.user: result['user']['edit_url'] = self.request.route_url( 'account_profile') if not result.get('q'): if self.request.user == self.user: # Tell the template that it should show "How to get started". result['zero_message'] = '__SHOW_GETTING_STARTED__' else: result['zero_message'] = _( "{name} has not made any annotations yet.".format( name=result['user']['name'])) return result
def navbar(context, request, search=None, opts=None): """ The navigation bar displayed at the top of the page. :param search: The current page's search state, if relevant. :type search: h.activity.query.ActivityResults """ groups_menu_items = [] groups_suggestions = [] user_activity_url = None username = None if request.user: for group in request.user.groups: groups_menu_items.append({ 'title': group.name, 'link': request.route_url('group_read', pubid=group.pubid, slug=group.slug) }) groups_suggestions.append({ 'name': group.name, 'pubid': group.pubid }) user_activity_url = request.route_url('activity.user_search', username=request.user.username) username = request.user.username route = request.matched_route if route and route.name in ['group_read', 'activity.user_search']: search_url = request.current_route_url() else: search_url = request.route_url('activity.search') return { 'settings_menu_items': [ {'title': _('Account details'), 'link': request.route_url('account')}, {'title': _('Edit profile'), 'link': request.route_url('account_profile')}, {'title': _('Notifications'), 'link': request.route_url('account_notifications')}, {'title': _('Developer'), 'link': request.route_url('account_developer')}, ], 'signout_item': {'title': _('Sign out'), 'link': request.route_url('logout')}, 'groups_menu_items': groups_menu_items, 'groups_suggestions': groups_suggestions, 'create_group_item': {'title': _('Create new group'), 'link': request.route_url('group_create')}, 'username': username, 'username_url': user_activity_url, 'search': search, 'search_url': search_url, 'q': request.params.get('q', ''), 'opts': opts or {}, }