def post(self, login): schema = UserProfileManageInfoSchema() obj = schema.loads(request.get_data(as_text=True)) if obj.errors: return {"errors": obj.errors}, 400 user_login_obj = UserLoginSchemaBase().load({"login": login}) if user_login_obj.errors: return {"errors": user_login_obj.errors}, 400 if db.session.query(exists().where(User.login == login)).scalar(): raise Conflict("User exists yet") if db.session.query(exists().where(Group.name == login)).scalar(): raise Conflict("Group exists yet") user = User() user.login = login user.email = obj.data.get("email") user.additional_info = obj.data.get("additional_info") user.feed_quality = obj.data.get("feed_quality") user.disabled = False user.pending = False user.registered_by = g.auth_user.id user.registered_on = datetime.datetime.now() user.groups.append(Group.public_group()) user.reset_sessions() db.session.add(user) group = Group() group.name = login group.private = True group.users.append(user) db.session.add(group) if obj.data.get("send_email", False): try: send_email_notification("register", "New account registered in Malwarecage", user.email, base_url=app_config.malwarecage.base_url, login=user.login, set_password_token=user.generate_set_password_token().decode("utf-8")) except MailError: logger.exception("Can't send e-mail notification") raise InternalServerError("SMTP server needed to fulfill this request is" " not configured or unavailable.") db.session.commit() logger.info('User created', extra={'user': user.login}) schema = UserSuccessSchema() return schema.dump({"login": user.login})
def post(self): """ --- description: Request new user account tags: - auth requestBody: description: User basic information content: application/json: schema: UserRegisterSchema responses: 200: description: User login on successful registration content: application/json: schema: UserSuccessSchema """ if not app_config.malwarecage.enable_registration: raise Forbidden("User registration is not enabled.") schema = UserRegisterSchema() obj = schema.loads(request.get_data(as_text=True)) if obj.errors: return {"errors": obj.errors}, 400 login = obj.data.get("login") if db.session.query(exists().where(User.login == login)).scalar(): raise Conflict("Name already exists") if db.session.query(exists().where(Group.name == login)).scalar(): raise Conflict("Name already exists") recaptcha_secret = app_config.malwarecage.recaptcha_secret if recaptcha_secret: try: recaptcha_token = obj.data.get("recaptcha") recaptcha_response = requests.post( 'https://www.google.com/recaptcha/api/siteverify', data={ 'secret': recaptcha_secret, 'response': recaptcha_token }) recaptcha_response.raise_for_status() except Exception as e: logger.exception("Temporary problem with ReCAPTCHA.") raise InternalServerError( "Temporary problem with ReCAPTCHA.") from e if not recaptcha_response.json().get('success'): raise Forbidden("Wrong ReCAPTCHA, please try again.") user = User() user.login = login user.email = obj.data.get("email") user.additional_info = obj.data.get("additional_info") user.pending = True user.disabled = False user.requested_on = datetime.datetime.now() user.groups.append(Group.public_group()) user.reset_sessions() db.session.add(user) group = Group() group.name = login group.private = True group.users.append(user) db.session.add(group) db.session.commit() try: send_email_notification("pending", "Pending registration in Malwarecage", user.email, base_url=app_config.malwarecage.base_url, login=user.login) except MailError: logger.exception("Can't send e-mail notification") logger.info('User registered', extra={'user': user.login}) schema = UserSuccessSchema() return schema.dump({"login": user.login})
def post(self, login): """ --- summary: Create a new user description: | Creates new user account Requires `manage_users` capability. security: - bearerAuth: [] tags: - user parameters: - in: path name: login schema: type: string description: New user login requestBody: description: User information content: application/json: schema: UserProfileManageInfoSchema responses: 200: description: When user was created successfully content: application/json: schema: UserSuccessSchema 400: description: When request body is invalid 403: description: When user doesn't have `manage_users` capability. 409: description: When user or group with provided name already exists. 500: description: When SMTP server is unavailable or not properly configured on the server. """ schema = UserProfileManageInfoSchema() obj = schema.loads(request.get_data(as_text=True)) if obj.errors: return {"errors": obj.errors}, 400 user_login_obj = UserLoginSchemaBase().load({"login": login}) if user_login_obj.errors: return {"errors": user_login_obj.errors}, 400 if db.session.query(exists().where(User.login == login)).scalar(): raise Conflict("User exists yet") if db.session.query(exists().where(Group.name == login)).scalar(): raise Conflict("Group exists yet") user = User() user.login = login user.email = obj.data.get("email") user.additional_info = obj.data.get("additional_info") user.feed_quality = obj.data.get("feed_quality") user.disabled = False user.pending = False user.registered_by = g.auth_user.id user.registered_on = datetime.datetime.now() user.groups.append(Group.public_group()) user.reset_sessions() db.session.add(user) group = Group() group.name = login group.private = True group.users.append(user) db.session.add(group) if obj.data.get("send_email", False): try: send_email_notification( "register", "New account registered in Malwarecage", user.email, base_url=app_config.malwarecage.base_url, login=user.login, set_password_token=user.generate_set_password_token( ).decode("utf-8")) except MailError: logger.exception("Can't send e-mail notification") raise InternalServerError( "SMTP server needed to fulfill this request is" " not configured or unavailable.") db.session.commit() logger.info('User created', extra={'user': user.login}) schema = UserSuccessSchema() return schema.dump({"login": user.login})