def newuser(request):
user = admin.login_user(quiet=True)
if not ((user and user.mayAdmin) or
config.get('users', 'unpriv_newuser')):
raise AccessError('You may not create a new user')
form = form2.Form()
form.add(form2.StringWidget, 'username', title='User name')
form.add(form2.StringWidget, 'fullname', title='Full name')
form.add(form2.StringWidget, 'email', title='email address')
form.add(form2.PasswordWidget, 'pass1', title='Password')
form.add(form2.PasswordWidget, 'pass2', title='Password verify')
form.add_submit('create', 'Create user')
ret = None
if form.is_submitted():
username = form['username'].strip()
if db.User.select(db.User.q.username == username).count() != 0:
form.get_widget('username').set_error(H("Username '%s' already in use") % username)
if form['pass1'] != form['pass2']:
form.get_widget('pass1').set_error('Passwords do not match')
fullname = form['fullname'].strip()
if fullname == '':
form.get_widget('fullname').set_error('Full name not set')
email = form['email'].strip()
if email == '':
form.get_widget('email').set_error('Missing or bad email address')
if not form.has_errors():
u = db.User(username=username, fullname=fullname,
password=form['pass1'],
email=email,
mayAdmin=False,
mayViewall=False,
mayUpload=False,
mayComment=config.get('users', 'mayComment'),
mayRate=config.get('users', 'mayRate'))
ret = quixote.redirect(path(u))
if ret is None:
r = TemplateIO(html=True)
r += page.pre(request, 'New User', 'newuser')
r += page.menupane(request)
r += form.render()
r += page.post()
ret = r.getvalue()
return ret
def db_connect():
global conn, __connection__
uri=config.get('db', 'connection')
print 'uri='+uri
conn = connectionForURI(uri, cache=False)
conn.debug = 0
__connection__ = conn
# Create tables if necessary
for c in [ Collection, CollectionPerms, Picture, Comment,
Media, Keyword, User, Camera, Upload, Session ]:
#print 'c=%s' % c
c.setConnection(conn)
if not conn.tableExists(c.sqlmeta.table):
c.createTable(ifNotExists=True)
if c == Media and conn.dbName == 'mysql':
# allow media table to grow big
conn.query('alter table media max_rows=10000000 avg_row_length=%d' % _chunksize)
# Create a default user and collection
if User.select(User.q.username == 'admin').count() == 0:
User(username='******', password='******', email='*****@*****.**',
fullname='Administrator',
mayAdmin=True, mayViewall=True, mayUpload=True, mayComment=False,
mayCreateCat=True)
if Collection.select(Collection.q.name == 'default').count() == 0:
Collection(name='default', owner=User.byUsername('admin'),
description='The default collection')
def _auth_challenge(scheme, realm, stale=False):
if scheme == 'basic':
ret =(0, { 'realm': realm })
if scheme == 'digest':
expire = 0
life=config.get('auth', 'nonce_life')
if life != 'unlimited' and int(life) != 0:
expire = int(time.time()) + int(life)
ret = (expire, {
'realm': realm,
'nonce': makenonce(expire),
'uri': imagestore.path(),
'algorithm': 'MD5',
'qop': 'auth',
'stale': stale and 'true' or 'false'
})
return ret
def base():
import imagestore.config as config
return config.get('server', 'path')
import imagestore.config as config
import imagestore.http as http
# Store persistently if nonce needs to survive over server restarts.
# Alternatively, change regularly to force digest renegotations. We
# return the 'stale' flag in these cases, so the browser should just
# do it without pestering the user.
#_private = os.urandom(20)
_private = 'x' * 20
_nonce_random = 12
_sha_len = 20
_pack_hash = '>l%ds%ds' % (_nonce_random, len(_private))
_pack_nonce = '>l%ds%ds' % (_nonce_random, _sha_len)
_schemes_allowed = config.get('auth', 'schemes').split(', ')
_realm = config.get('auth', 'realm')
_auth_cookie = 'IS-authorization'
def _hash_nonce(e, r):
return sha.sha(struct.pack(_pack_hash, e, r, _private)).digest()
def makenonce(expire=0):
"""Generate a unique nonce. If expire is non-zero, it specifies
the number of seconds the nonce should be valid for."""
def enc(s):
"""base64 ends with \n, which is just confusing"""
s=s.encode('base64')
while s.endswith('\n'):
s = s[:-1]
