def make_config_form():
"""Returns the form for the configuration editor."""
app = get_application()
fields = {}
values = {}
use_default_label = lazy_gettext(u"Use default value")
for category in app.cfg.get_detail_list():
items = {}
values[category["name"]] = category_values = {}
for item in category["items"]:
items[item["name"]] = forms.Mapping(value=item["field"], use_default=forms.BooleanField(use_default_label))
category_values[item["name"]] = {"value": item["value"], "use_default": False}
fields[category["name"]] = forms.Mapping(**items)
class _ConfigForm(forms.Form):
values = forms.Mapping(**fields)
cfg = app.cfg
def apply(self):
t = self.cfg.edit()
for category, items in self.data["values"].iteritems():
for key, d in items.iteritems():
if category != "pyClanSphere":
key = "%s/%s" % (category, key)
if d["use_default"]:
t.revert_to_default(key)
else:
t[key] = d["value"]
t.commit()
return _ConfigForm({"values": values})
def is_valid_email(message=None):
"""Check if the string passed is a valid mail address.
>>> check(is_valid_email, '*****@*****.**')
True
>>> check(is_valid_email, 'somebody AT example DOT com')
False
>>> check(is_valid_email, 'some random string')
False
Because e-mail validation is painfully complex we just check the first
part of the email if it looks okay (comments are not handled!) and ignore
the second.
"""
if message is None:
message = lazy_gettext(u'You have to enter a valid e-mail address.')
def validator(form, value):
if len(value) > 250 or _mail_re.match(value) is None:
raise ValidationError(message)
return validator
def is_valid_url(message=None):
"""Check if the string passed is a valid URL. We also blacklist some
url schemes like javascript for security reasons.
>>> check(is_valid_url, 'http://digital-family.de/')
True
>>> check(is_valid_url, 'http://www.pyclansphere.de/lists')
True
>>> check(is_valid_url, 'www.pyclansphere.de/lists')
False
>>> check(is_valid_url, 'javascript:alert("pyClanSphere rocks!");')
False
"""
if message is None:
message = lazy_gettext(u'You have to enter a valid URL.')
def validator(form, value):
parsed = urlparse(value)
protocol = parsed[0]
if not protocol or protocol == 'javascript':
raise ValidationError(message)
if not parsed.hostname:
raise ValidationError(message)
return validator
"""Like the `require_privilege` decorator but for asserting."""
if not get_request().user.has_privilege(expr):
raise Forbidden()
def privilege_attribute(lowlevel_attribute):
"""Returns a proxy attribute for privilege access."""
def creator_func(privilege):
if not isinstance(privilege, Privilege):
raise TypeError('%r is not a privilege object' %
type(privilege).__name__)
priv = _Privilege.query.filter_by(name=privilege.name).first()
if priv is None:
priv = _Privilege(privilege.name)
return priv
return db.association_proxy(lowlevel_attribute, 'privilege',
creator=creator_func)
def _register(name, description, privilege_dependencies=None):
"""Register a new builtin privilege."""
priv = Privilege(name, description, privilege_dependencies)
DEFAULT_PRIVILEGES[name] = priv
globals()[name] = priv
__all__.append(name)
_register('ENTER_ACCOUNT_PANEL', lazy_gettext(u'can enter user account panel'))
_register('ENTER_ADMIN_PANEL', lazy_gettext(u'can enter admin panel'))
_register('CLAN_ADMIN', lazy_gettext(u'can administer everything'))
