def reject(self):
user_id = request.args.get('user_id')
User.get(id=user_id).set_state(STATE_REJECTED)
flash.warn("User #%s has been rejected." % user_id)
# Redirecting to the next pending user
next_user = User.get(state=STATE_PENDING)
if next_user:
return redirect(url_for('.details', user_id=next_user.id))
else:
return redirect(url_for('.index'))
def approve(self):
user_id = request.args.get('user_id')
User.get(id=user_id).set_state(STATE_ACTIVE)
flash.info("User #%s has been approved." % user_id)
# Redirecting to the next pending user
next_user = User.get(state=STATE_PENDING)
if next_user:
return redirect(url_for('.details', user_id=next_user.id))
else:
return redirect(url_for('.index'))
def reject(self):
user_id = request.args.get('user_id')
User.get(id=user_id).set_state(STATE_REJECTED)
flash.warning('User #%s has been rejected.' % user_id)
# Redirecting to the next pending user
next_user = User.get(state=STATE_PENDING)
if next_user:
return redirect(url_for('.details', user_id=next_user.id))
else:
flash.info('No more pending users.')
return redirect(url_for('.index'))
def wait(self):
user_id = request.args.get('user_id')
User.get(id=user_id).set_state(STATE_WAITING)
flash.info('User #%s has been put into the waiting list.' % user_id)
# Redirecting to the next pending user
next_user = User.get(state=STATE_PENDING)
if next_user:
return redirect(url_for('.details', user_id=next_user.id))
else:
flash.info('No more pending users.')
return redirect(url_for('.index'))
def wait(self):
user_id = request.args.get('user_id')
User.get(id=user_id).set_state(STATE_WAITING)
flash.info('User #%s has been put into the waiting list.' % user_id)
# Redirecting to the next pending user
next_user = User.get(state=STATE_PENDING)
if next_user:
return redirect(url_for('.details', user_id=next_user.id))
else:
flash.info('No more pending users.')
return redirect(url_for('.index'))
def approve(self):
user_id = request.args.get('user_id')
if request.args.get('limited'):
User.get(id=user_id).set_state(STATE_LIMITED)
else:
User.get(id=user_id).set_state(STATE_ACTIVE)
flash.info('User #%s has been approved.' % user_id)
# Redirecting to the next pending user
next_user = User.get(state=STATE_PENDING)
if next_user:
return redirect(url_for('.details', user_id=next_user.id))
else:
flash.info('No more pending users.')
return redirect(url_for('.index'))
def approve(self):
user_id = request.args.get('user_id')
if request.args.get('limited'):
User.get(id=user_id).set_state(STATE_LIMITED)
else:
User.get(id=user_id).set_state(STATE_ACTIVE)
flash.info('User #%s has been approved.' % user_id)
# Redirecting to the next pending user
next_user = User.get(state=STATE_PENDING)
if next_user:
return redirect(url_for('.details', user_id=next_user.id))
else:
flash.info('No more pending users.')
return redirect(url_for('.index'))
def signup_noncommercial():
"""Sign up endpoint for non-commercial users."""
mb_username = session.fetch_data(SESSION_KEY_MB_USERNAME)
if not mb_username:
session.persist_data(**{
SESSION_KEY_ACCOUNT_TYPE: ACCOUNT_TYPE_NONCOMMERCIAL,
})
return redirect(url_for(".signup"))
mb_email = session.fetch_data(SESSION_KEY_MB_EMAIL)
form = NonCommercialSignUpForm(default_email=mb_email)
if form.validate_on_submit():
# Checking if this user already exists
new_user = User.get(musicbrainz_id=mb_username)
if not new_user:
new_user = User.add(
is_commercial=False,
musicbrainz_id=mb_username,
contact_name=form.contact_name.data,
contact_email=form.contact_email.data,
data_usage_desc=form.usage_desc.data,
)
login_user(new_user)
flash.success("Thanks for signing up!")
send_mail(
subject="[MetaBrainz] Sign up confirmation",
text='Dear %s,\n\nThank you for signing up!\n\nYou can now generate '
'an access token for the MetaBrainz API on your profile page.'
% new_user.contact_name,
recipients=[new_user.contact_email],
)
return redirect(url_for('.profile'))
return render_template("users/signup-non-commercial.html", form=form)
def update(user_id, **kwargs):
user = User.get(id=user_id)
if not user:
raise ValueError("Can't find user with a specified ID (%s)" % user_id)
multiparams = {
"id": user_id,
"musicbrainz_id": kwargs.pop("musicbrainz_id", user.musicbrainz_id),
"contact_name": kwargs.pop("contact_name", user.contact_name),
"contact_email": kwargs.pop("contact_email", user.contact_email),
"state": kwargs.pop("state", user.state),
"is_commercial": kwargs.pop("is_commercial", user.is_commercial),
"org_name": kwargs.pop("org_name", user.org_name),
"org_desc": kwargs.pop("org_desc", user.org_desc),
"api_url": kwargs.pop("api_url", user.api_url),
"address_street": kwargs.pop("address_street", user.address_street),
"address_city": kwargs.pop("address_city", user.address_city),
"address_state": kwargs.pop("address_state", user.address_state),
"address_postcode": kwargs.pop("address_postcode", user.address_postcode),
"address_country": kwargs.pop("address_country", user.address_country),
"tier_id": kwargs.pop("tier_id", user.tier_id),
"amount_pledged": kwargs.pop("amount_pledged", user.amount_pledged),
"featured": kwargs.pop("featured", user.featured),
"website_url": kwargs.pop("website_url", user.website_url),
"logo_filename": kwargs.pop("logo_filename", user.logo_filename),
"org_logo_url": kwargs.pop("org_logo_url", user.org_logo_url),
"data_usage_desc": kwargs.pop("data_usage_desc", user.data_usage_desc),
"good_standing": kwargs.pop("good_standing", user.good_standing),
"in_deadbeat_club": kwargs.pop("in_deadbeat_club", user.in_deadbeat_club),
}
if kwargs:
raise TypeError("Unexpected **kwargs: %r" % kwargs)
with db.engine.connect() as connection:
connection.execute(sqlalchemy.text("""
UPDATE "user"
SET musicbrainz_id = :musicbrainz_id,
contact_name = :contact_name,
contact_email = :contact_email,
state = :state,
is_commercial = :is_commercial,
org_name = :org_name,
org_desc = :org_desc,
api_url = :api_url,
address_street = :address_street,
address_city = :address_city,
address_state = :address_state,
address_postcode = :address_postcode,
address_country = :address_country,
tier_id = :tier_id,
amount_pledged = :amount_pledged,
featured = :featured,
website_url = :website_url,
logo_filename = :logo_filename,
org_logo_url = :org_logo_url,
data_usage_desc = :data_usage_desc,
good_standing = :good_standing,
in_deadbeat_club = :in_deadbeat_club
WHERE id = :id
"""), multiparams)
def musicbrainz_post():
"""MusicBrainz OAuth2 callback endpoint."""
if not musicbrainz_login.validate_post_login():
raise BadRequest(gettext("Login failed!"))
code = request.args.get('code')
if not code:
raise InternalServerError(gettext("Authorization code is missing!"))
try:
mb_username, mb_email = musicbrainz_login.get_user(code)
except KeyError:
raise BadRequest(gettext("Login failed!"))
session.persist_data(**{
SESSION_KEY_MB_USERNAME: mb_username,
SESSION_KEY_MB_EMAIL: mb_email,
})
user = User.get(musicbrainz_id=mb_username)
if user: # Checking if user is already signed up
login_user(user)
next = session.session.get('next')
return redirect(next) if next else redirect(url_for('.profile'))
else:
flash.info(
"This is the first time you've signed into metabrainz.org, please sign up!"
)
return redirect(url_for('.signup'))
def details(self, user_id):
user = User.get(id=user_id)
active_tokens = Token.get_all(owner_id=user.id, is_active=True)
return self.render(
'admin/users/details.html',
user=user,
active_tokens=active_tokens,
)
def details(self, user_id):
user = User.get(id=user_id)
active_tokens = Token.get_all(owner_id=user.id, is_active=True)
return self.render(
'admin/users/details.html',
user=user,
active_tokens=active_tokens,
)
def musicbrainz_post():
"""MusicBrainz OAuth2 callback endpoint."""
if not musicbrainz_login.validate_post_login():
raise BadRequest("Login failed!")
code = request.args.get('code')
if not code:
raise InternalServerError("Authorization code is missing!")
mb_username, mb_email = musicbrainz_login.get_user(code)
session.persist_data(**{
SESSION_KEY_MB_USERNAME: mb_username,
SESSION_KEY_MB_EMAIL: mb_email,
})
user = User.get(musicbrainz_id=mb_username)
if user: # Checking if user is already signed up
login_user(user)
next = session.session.get('next')
return redirect(next) if next else redirect(url_for('.profile'))
else:
return redirect(url_for('.signup'))
def edit(self, user_id):
user = User.get(id=user_id)
form = forms.UserEditForm(
defaults={
'musicbrainz_id': user.musicbrainz_id,
'contact_name': user.contact_name,
'contact_email': user.contact_email,
'state': user.state,
'is_commercial': user.is_commercial,
'org_name': user.org_name,
'org_desc': user.org_desc,
'api_url': user.api_url,
'address_street': user.address_street,
'address_city': user.address_city,
'address_state': user.address_state,
'address_postcode': user.address_postcode,
'address_country': user.address_country,
'tier': user.tier_id,
'amount_pledged': user.amount_pledged or 0,
'featured': user.featured,
'website_url': user.website_url,
'logo_url': user.org_logo_url,
'usage_desc': user.data_usage_desc,
'good_standing': user.good_standing,
'in_deadbeat_club': user.in_deadbeat_club,
})
if form.validate_on_submit():
update_data = {
'musicbrainz_id': form.musicbrainz_id.data,
'contact_name': form.contact_name.data,
'contact_email': form.contact_email.data,
'state': form.state.data,
'is_commercial': form.is_commercial.data,
'org_name': form.org_name.data,
'org_desc': form.org_desc.data,
'api_url': form.api_url.data,
'address_street': form.address_street.data,
'address_city': form.address_city.data,
'address_state': form.address_state.data,
'address_postcode': form.address_postcode.data,
'address_country': form.address_country.data,
'tier_id':
int(form.tier.data) if form.tier.data != 'None' else None,
'amount_pledged': form.amount_pledged.data,
'featured': form.featured.data,
'website_url': form.website_url.data,
'org_logo_url': form.logo_url.data,
'data_usage_desc': form.usage_desc.data,
'good_standing': form.good_standing.data,
'in_deadbeat_club': form.in_deadbeat_club.data,
}
if form.logo.data:
extension = os.path.splitext(
secure_filename(form.logo.data.filename))[1]
# Using a random UUID instead of user ID here so that we don't unnecessarily expose them.
logo_filename = '%s%s' % (uuid.uuid4(), extension)
update_data['logo_filename'] = logo_filename
image_storage = form.logo.data # type: werkzeug.datastructures.FileStorage
if user.logo_filename:
# Deleting old logo
try:
os.remove(
os.path.join(forms.LOGO_STORAGE_DIR,
user.logo_filename))
except OSError as e:
logging.warning(e)
# Saving new one
image_storage.save(
os.path.join(forms.LOGO_STORAGE_DIR, logo_filename))
db_user.update(user_id=user.id, **update_data)
return redirect(url_for('.details', user_id=user.id))
return self.render(
'admin/users/edit.html',
user=user,
form=form,
)
def user(user_id):
user = User.get(id=user_id)
return jsonify({
"username": user.musicbrainz_id,
})
def edit(self, user_id):
user = User.get(id=user_id)
form = forms.UserEditForm(defaults={
'musicbrainz_id': user.musicbrainz_id,
'contact_name': user.contact_name,
'contact_email': user.contact_email,
'state': user.state,
'is_commercial': user.is_commercial,
'org_name': user.org_name,
'org_desc': user.org_desc,
'api_url': user.api_url,
'address_street': user.address_street,
'address_city': user.address_city,
'address_state': user.address_state,
'address_postcode': user.address_postcode,
'address_country': user.address_country,
'tier': user.tier_id,
'amount_pledged': user.amount_pledged or 0,
'featured': user.featured,
'website_url': user.website_url,
'logo_url': user.org_logo_url,
'usage_desc': user.data_usage_desc,
'good_standing': user.good_standing,
'in_deadbeat_club': user.in_deadbeat_club,
})
if form.validate_on_submit():
update_data = {
'musicbrainz_id': form.musicbrainz_id.data,
'contact_name': form.contact_name.data,
'contact_email': form.contact_email.data,
'state': form.state.data,
'is_commercial': form.is_commercial.data,
'org_name': form.org_name.data,
'org_desc': form.org_desc.data,
'api_url': form.api_url.data,
'address_street': form.address_street.data,
'address_city': form.address_city.data,
'address_state': form.address_state.data,
'address_postcode': form.address_postcode.data,
'address_country': form.address_country.data,
'tier_id': int(form.tier.data) if form.tier.data != 'None' else None,
'amount_pledged': form.amount_pledged.data,
'featured': form.featured.data,
'website_url': form.website_url.data,
'org_logo_url': form.logo_url.data,
'data_usage_desc': form.usage_desc.data,
'good_standing': form.good_standing.data,
'in_deadbeat_club': form.in_deadbeat_club.data,
}
if form.logo.data:
extension = os.path.splitext(secure_filename(form.logo.data.filename))[1]
# Using a random UUID instead of user ID here so that we don't unnecessarily expose them.
logo_filename = '%s%s' % (uuid.uuid4(), extension)
update_data['logo_filename'] = logo_filename
image_storage = form.logo.data # type: werkzeug.datastructures.FileStorage
if user.logo_filename:
# Deleting old logo
try:
os.remove(os.path.join(forms.LOGO_STORAGE_DIR, user.logo_filename))
except OSError as e:
logging.warning(e)
# Saving new one
image_storage.save(os.path.join(forms.LOGO_STORAGE_DIR, logo_filename))
db_user.update(user_id=user.id, **update_data)
return redirect(url_for('.details', user_id=user.id))
return self.render(
'admin/users/edit.html',
user=user,
form=form,
)
def signup_commercial():
"""Sign up endpoint for commercial users.
Commercial users need to choose support tier before filling out the form.
`tier_id` argument with ID of a tier of choice is required there.
"""
tier_id = request.args.get('tier_id')
if not tier_id:
flash.warn(
gettext("You need to choose support tier before signing up!"))
return redirect(url_for('.account_type'))
selected_tier = Tier.get(id=tier_id)
if not selected_tier or not selected_tier.available:
flash.error(
gettext("You need to choose existing tier before signing up!"))
return redirect(url_for(".account_type"))
mb_username = session.fetch_data(SESSION_KEY_MB_USERNAME)
if not mb_username:
session.persist_data(
**{
SESSION_KEY_ACCOUNT_TYPE: ACCOUNT_TYPE_COMMERCIAL,
SESSION_KEY_TIER_ID: selected_tier.id,
})
return redirect(url_for(".signup"))
mb_email = session.fetch_data(SESSION_KEY_MB_EMAIL)
form = CommercialSignUpForm(default_email=mb_email)
def custom_validation(f):
if f.amount_pledged.data < selected_tier.price:
flash.warning(
gettext("Custom amount must be more than threshold amount"
"for selected tier or equal to it!"))
return False
return True
if form.validate_on_submit() and custom_validation(form):
# Checking if this user already exists
new_user = User.get(musicbrainz_id=mb_username)
if not new_user:
new_user = User.add(
is_commercial=True,
musicbrainz_id=mb_username,
contact_name=form.contact_name.data,
contact_email=form.contact_email.data,
data_usage_desc=form.usage_desc.data,
org_name=form.org_name.data,
org_desc=form.org_desc.data,
website_url=form.website_url.data,
org_logo_url=form.logo_url.data,
api_url=form.api_url.data,
address_street=form.address_street.data,
address_city=form.address_city.data,
address_state=form.address_state.data,
address_postcode=form.address_postcode.data,
address_country=form.address_country.data,
tier_id=tier_id,
amount_pledged=form.amount_pledged.data,
)
flash.success(
gettext(
"Thanks for signing up! Your application will be reviewed "
"soon. We will send you updates via email."))
try:
send_mail(
subject="[MetaBrainz] Sign up confirmation",
text=
'Dear %s,\n\nThank you for signing up!\n\nYour application'
' will be reviewed soon. We will send you updates via email.'
% new_user.contact_name,
recipients=[new_user.contact_email],
)
except MailException as e:
logging.error(e)
flash.warn(
gettext(
"Failed to send welcome email to you. We are looking into it. "
"Sorry for inconvenience!"))
else:
flash.info(gettext("You already have a MetaBrainz account!"))
login_user(new_user)
return redirect(url_for('.profile'))
return render_template("users/signup-commercial.html",
form=form,
tier=selected_tier,
mb_username=mb_username)
def load_user(user_id):
return User.get(id=user_id)
def signup_commercial():
"""Sign up endpoint for commercial users.
Commercial users need to choose support tier before filling out the form.
`tier_id` argument with ID of a tier of choice is required there.
"""
tier_id = request.args.get('tier_id')
if not tier_id:
flash.warn("You need to choose support tier before signing up!")
return redirect(url_for('.account_type'))
selected_tier = Tier.get(id=tier_id)
if not selected_tier or not selected_tier.available:
flash.error("You need to choose existing tier before signing up!")
return redirect(url_for(".account_type"))
mb_username = session.fetch_data(SESSION_KEY_MB_USERNAME)
if not mb_username:
session.persist_data(**{
SESSION_KEY_ACCOUNT_TYPE: ACCOUNT_TYPE_COMMERCIAL,
SESSION_KEY_TIER_ID: selected_tier.id,
})
return redirect(url_for(".signup"))
mb_email = session.fetch_data(SESSION_KEY_MB_EMAIL)
form = CommercialSignUpForm(default_email=mb_email)
def custom_validation(f):
if f.amount_pledged.data < selected_tier.price:
flash.warning("Custom amount must be more than threshold amount"
"for selected tier or equal to it!")
return False
return True
if form.validate_on_submit() and custom_validation(form):
# Checking if this user already exists
new_user = User.get(musicbrainz_id=mb_username)
if not new_user:
new_user = User.add(
is_commercial=True,
musicbrainz_id=mb_username,
contact_name=form.contact_name.data,
contact_email=form.contact_email.data,
data_usage_desc=form.usage_desc.data,
org_name=form.org_name.data,
org_desc=form.org_desc.data,
website_url=form.website_url.data,
org_logo_url=form.logo_url.data,
api_url=form.api_url.data,
address_street=form.address_street.data,
address_city=form.address_city.data,
address_state=form.address_state.data,
address_postcode=form.address_postcode.data,
address_country=form.address_country.data,
tier_id=tier_id,
amount_pledged=form.amount_pledged.data,
)
flash.success("Thanks for signing up! Your application will be reviewed "
"soon. We will send you updates via email.")
send_mail(
subject="[MetaBrainz] Sign up confirmation",
text='Dear %s,\n\nThank you for signing up!\n\nYour application'
' will be reviewed soon. We will send you updates via email.'
% new_user.contact_name,
recipients=[new_user.contact_email],
)
else:
flash.info("You already have a MetaBrainz account!")
login_user(new_user)
return redirect(url_for('.profile'))
return render_template("users/signup-commercial.html", form=form, tier=selected_tier, mb_username=mb_username)