def user_roles_update(user_id): api = system_util.pillar_api() group_subscriber = Group.find_one({'where': "name=='subscriber'"}, api=api) external_subscriptions_server = app.config['EXTERNAL_SUBSCRIPTIONS_MANAGEMENT_SERVER'] # Fetch the user once outside the loop, because we only need to get the # subscription status once. user = User.me(api=api) r = requests.get(external_subscriptions_server, params={'blenderid': user.email}) if r.status_code != 200: log.warning("Error communicating with %s, code=%i, unable to check " "subscription status of user %s", external_subscriptions_server, r.status_code, user_id) return store_user = r.json() max_retry = 5 for retry_count in range(max_retry): # Update the user's role & groups for their subscription status. roles = set(user.roles or []) groups = set(user.groups or []) if store_user['cloud_access'] == 1: roles.add(u'subscriber') groups.add(group_subscriber._id) elif u'admin' not in roles: roles.discard(u'subscriber') groups.discard(group_subscriber._id) # Only send an API request when the user has actually changed if set(user.roles or []) == roles and set(user.groups or []) == groups: break user.roles = list(roles) user.groups = list(groups) try: user.update(api=api) except sdk_exceptions.PreconditionFailed: log.warning('User etag changed while updating roles, retrying.') else: # Successful update, so we can stop the loop. break # Fetch the user for the next iteration. if retry_count < max_retry - 1: user = User.me(api=api) else: log.warning('Tried %i times to update user %s, and failed each time. Giving up.', max_retry, user_id)
def settings_emails(): """Main email settings. """ if current_user.has_role('protected'): return abort(404) # TODO: make this 403, handle template properly api = system_util.pillar_api() user = User.find(current_user.objectid, api=api) # Force creation of settings for the user (safely remove this code once # implemented on account creation level, and after adding settings to all # existing users) if not user.settings: user.settings = dict(email_communications=1) user.update(api=api) if user.settings.email_communications is None: user.settings.email_communications = 1 user.update(api=api) # Generate form form = UserSettingsEmailsForm( email_communications=user.settings.email_communications) if form.validate_on_submit(): try: user.settings.email_communications = form.email_communications.data user.update(api=api) flash("Profile updated", 'success') except sdk_exceptions.ResourceInvalid as e: message = json.loads(e.content) flash(message) return render_template('users/settings/emails.html', form=form, title='emails')
def load_user(userid): api = Api( endpoint=SystemUtility.attract_server_endpoint(), username=None, password=None, token=userid ) params = {'where': 'token=="{0}"'.format(userid)} token = Token.all(params, api=api) if token: user_id = token['_items'][0]['user'] user = User.find(user_id, api=api) if token and user: login_user = userClass(userid) login_user.email = user.email login_user.objectid = user._id login_user.username = user.username #login_user.permissions = user['computed_permissions'] login_user.gravatar = gravatar(user.email) try: login_user.full_name = user.full_name except KeyError: pass else: login_user = None return login_user
def __init__(self, name): self.api = SystemUtility.attract_api() # Check if organization exists user = Organization.find_first({ 'where': '{"url" : "%s"}' % (name), }, api=self.api) if user: self.is_organization = True self.name = user.name self.url = user.url self.description = user.description self.gravatar = gravatar(user.email) else: # Check if user exists user = User.find_first({ 'where': '{"username" : "%s"}' % (name), }, api=self.api) if user: self.is_organization = False self.name = user.first_name self.url = user.username else: return abort(404) self._id = user._id
def load_user(userid): api = Api(endpoint=SystemUtility.attract_server_endpoint(), username=None, password=None, token=userid) params = {'where': 'token=="{0}"'.format(userid)} token = Token.all(params, api=api) if token: user_id = token['_items'][0]['user'] user = User.find(user_id, api=api) if token and user: login_user = userClass(userid) login_user.email = user.email login_user.objectid = user._id login_user.username = user.username #login_user.permissions = user['computed_permissions'] login_user.gravatar = gravatar(user.email) try: login_user.full_name = user.full_name except KeyError: pass else: login_user = None return login_user
def load_user(userid): from application import system_util api = system_util.pillar_api(token=userid) try: user = User.me(api=api) except sdk_exceptions.ForbiddenAccess: return None if not user: return None login_user = UserClass(userid) login_user.email = user.email login_user.objectid = user._id login_user.username = user.username login_user.gravatar = gravatar(user.email) login_user.roles = user.roles login_user.groups = user.groups try: login_user.full_name = user.full_name except KeyError: pass return login_user
def validate(self): rv = Form.validate(self) if not rv: return False api = system_util.pillar_api() user = User.find(current_user.objectid, api=api) if user.username != self.username.data: username = User.find_first({'where': '{"username": "******"}' % (self.username.data)}, api=api) if username: self.username.errors.append('Sorry, username already exists!') return False self.user = user return True
def validate(self): rv = Form.validate(self) if not rv: return False api = system_util.pillar_api() user = User.find(current_user.objectid, api=api) if user.username != self.username.data: username = User.find_first( {'where': '{"username": "******"}' % (self.username.data)}, api=api) if username: self.username.errors.append('Sorry, username already exists!') return False self.user = user return True
def validate(self): rv = super().validate() if not rv: return False api = system_util.pillar_api() user = User.find(current_user.objectid, api=api) if user.username != self.username.data: username = User.find_first( {'where': {"username": self.username.data}}, api=api) if username: self.username.errors.append('Sorry, this username is already taken.') return False self.user = user return True
def profile(): """Profile view and edit page. This is a temporary implementation. """ api = SystemUtility.attract_api() user = User.find(current_user.objectid, api=api) form = UserProfileForm(first_name=user.first_name, last_name=user.last_name) if form.validate_on_submit(): user.first_name = form.first_name.data user.last_name = form.last_name.data user.update(api=api) flash("Profile updated") return render_template("users/profile.html", form=form)
def profile(): """Profile view and edit page. This is a temporary implementation. """ api = SystemUtility.attract_api() user = User.find(current_user.objectid, api=api) form = UserProfileForm(first_name=user.first_name, last_name=user.last_name) if form.validate_on_submit(): user.first_name = form.first_name.data user.last_name = form.last_name.data user.update(api=api) flash("Profile updated") return render_template('users/profile.html', form=form)
def settings_billing(): """View the subscription status of a user """ if current_user.has_role('protected'): return abort(404) # TODO: make this 403, handle template properly api = system_util.pillar_api() user = User.find(current_user.objectid, api=api) groups = [] if user.groups: for group_id in user.groups: group = Group.find(group_id, api=api) groups.append(group.name) external_subscriptions_server = app.config['EXTERNAL_SUBSCRIPTIONS_MANAGEMENT_SERVER'] r = requests.get(external_subscriptions_server, params={'blenderid': user.email}) store_user = r.json() return render_template('users/settings/billing.html', store_user=store_user, groups=groups, title='billing')
def users_edit(user_id): if not current_user.has_role('admin'): return abort(403) api = system_util.pillar_api() user = User.find(user_id, api=api) form = UserEditForm() if form.validate_on_submit(): def get_groups(roles): """Return a set of role ids matching the group names provided""" groups_set = set() for system_role in roles: group = Group.find_one({'where': "name=='%s'" % system_role}, api=api) groups_set.add(group._id) return groups_set # Remove any of the default roles system_roles = set([role[0] for role in form.roles.choices]) system_groups = get_groups(system_roles) # Current user roles user_roles_list = user.roles if user.roles else [] user_roles = set(user_roles_list) user_groups = get_groups(user_roles_list) # Remove all form roles from current roles user_roles = list(user_roles.difference(system_roles)) user_groups = list(user_groups.difference(system_groups)) # Get the assigned roles system_roles_assigned = form.roles.data system_groups_assigned = get_groups(system_roles_assigned) # Reassign roles based on form.roles.data by adding them to existing roles user_roles += system_roles_assigned user_groups += list(get_groups(user_roles)) # Fetch the group for the assigned system roles user.roles = user_roles user.groups = user_groups user.update(api=api) else: form.roles.data = user.roles return render_template('users/edit_embed.html', user=user, form=form)
def users_edit(user_id): from pillar.auth import UserClass if not current_user.has_cap('admin'): return abort(403) api = system_util.pillar_api() try: user = User.find(user_id, api=api) except sdk_exceptions.ResourceNotFound: log.warning('Non-existing user %r requested.', user_id) raise wz_exceptions.NotFound('Non-existing user %r requested.' % user_id) form = forms.UserEditForm() if form.validate_on_submit(): _users_edit(form, user, api) else: form.roles.data = user.roles form.email.data = user.email user_ob = UserClass.construct('', db_user=user.to_dict()) return render_template('users/edit_embed.html', user=user_ob, form=form)
def settings_profile(): """Profile view and edit page. This is a temporary implementation. """ if current_user.has_role('protected'): return abort(404) # TODO: make this 403, handle template properly api = system_util.pillar_api() user = User.find(current_user.objectid, api=api) form = UserProfileForm( full_name=user.full_name, username=user.username) if form.validate_on_submit(): try: user.full_name = form.full_name.data user.username = form.username.data user.update(api=api) flash("Profile updated", 'success') except sdk_exceptions.ResourceInvalid as e: message = json.loads(e.content) flash(message) return render_template('users/settings/profile.html', form=form, title='profile')
def __init__(self, name): self.api = system_util.pillar_api() # Check if organization exists user = Organization.find_first({ 'where': '{"url" : "%s"}' % (name), }, api=self.api) if user: self.is_organization = True self.name = user.name self.url = user.url self.description = user.description self.gravatar = gravatar(user.email) else: # Check if user exists user = User.find_first({ 'where': '{"username" : "%s"}' % (name), }, api=self.api) if user: self.is_organization = False self.name = user.first_name self.url = user.username else: return abort(404) self._id = user._id