def forgot_password():
form = ForgotPasswordForm(request.form)
if form.validate_on_submit():
user = model.User.query.filter_by(email_addr=form.email_addr.data).first()
if user and user.email_addr:
msg = Message(subject="Account Recovery", recipients=[user.email_addr])
if user.twitter_user_id:
msg.body = render_template(
"/account/email/forgot_password_openid.md", user=user, account_name="Twitter"
)
elif user.facebook_user_id:
msg.body = render_template(
"/account/email/forgot_password_openid.md", user=user, account_name="Facebook"
)
elif user.google_user_id:
msg.body = render_template("/account/email/forgot_password_openid.md", user=user, account_name="Google")
else:
userdict = {"user": user.name, "password": user.passwd_hash}
key = signer.dumps(userdict, salt="password-reset")
recovery_url = url_for(".reset_password", key=key, _external=True)
msg.body = render_template("/account/email/forgot_password.md", user=user, recovery_url=recovery_url)
msg.html = markdown(msg.body)
mail.send(msg)
flash("We've send you email with account recovery instructions!", "success")
else:
flash(
"We don't have this email in our records. You may have"
" signed up with a different email or used Twitter, "
"Facebook, or Google to sign-in",
"error",
)
if request.method == "POST" and not form.validate():
flash("Something went wrong, please correct the errors on the " "form", "error")
return render_template("/account/password_forgot.html", form=form)
def test_proxy_admin(self, http_get, hdfs_get):
res = MagicMock()
res.json.return_value = {'key': 'testkey'}
http_get.return_value = res
admin, owner = UserFactory.create_batch(2)
project = ProjectFactory.create(
owner=owner, info={'ext_config': {
'encryption': {
'key_id': 123
}
}})
url = '/fileproxy/hdfs/test/%s/file.pdf' % project.id
task = TaskFactory.create(project=project, info={'url': url})
signature = signer.dumps({'task_id': task.id})
req_url = '%s?api_key=%s&task-signature=%s' % (url, admin.api_key,
signature)
encryption_key = 'testkey'
aes = AESWithGCM(encryption_key)
hdfs_get.return_value = aes.encrypt('the content')
with patch.dict(self.flask_app.config, self.app_config):
res = self.app.get(req_url, follow_redirects=True)
assert res.status_code == 200, res.status_code
assert res.data == 'the content', res.data
def test_proxy_key_err(self, http_get):
res = MagicMock()
res.json.return_value = {'error': 'an error occurred'}
http_get.return_value = res
admin, owner = UserFactory.create_batch(2)
project = ProjectFactory.create(
owner=owner, info={'ext_config': {
'encryption': {
'key_id': 123
}
}})
encryption_key = 'testkey'
aes = AESWithGCM(encryption_key)
content = json.dumps(dict(a=1, b="2"))
encrypted_content = aes.encrypt(content)
task = TaskFactory.create(
project=project,
info={'private_json__encrypted_payload': encrypted_content})
signature = signer.dumps({'task_id': task.id})
url = '/fileproxy/encrypted/taskpayload/%s/%s?api_key=%s&task-signature=%s' \
% (project.id, task.id, admin.api_key, signature)
with patch.dict(self.flask_app.config, self.app_config):
res = self.app.get(url, follow_redirects=True)
assert res.status_code == 500, res.status_code
bad_project_id = 9999
url = '/fileproxy/encrypted/taskpayload/%s/%s?api_key=%s&task-signature=%s' \
% (bad_project_id, task.id, admin.api_key, signature)
with patch.dict(self.flask_app.config, self.app_config):
res = self.app.get(url, follow_redirects=True)
assert res.status_code == 400, res.status_code
def test_proxy_owner(self, http_get):
res = MagicMock()
res.json.return_value = {'key': 'testkey'}
http_get.return_value = res
project = ProjectFactory.create(
info={'ext_config': {
'encryption': {
'key_id': 123
}
}})
encryption_key = 'testkey'
aes = AESWithGCM(encryption_key)
content = json.dumps(dict(a=1, b="2"))
encrypted_content = aes.encrypt(content)
task = TaskFactory.create(
project=project,
info={'private_json__encrypted_payload': encrypted_content})
owner = project.owner
signature = signer.dumps({'task_id': task.id})
url = '/fileproxy/encrypted/taskpayload/%s/%s?api_key=%s&task-signature=%s' \
% (project.id, task.id, owner.api_key, signature)
with patch.dict(self.flask_app.config, self.app_config):
res = self.app.get(url, follow_redirects=True)
assert res.status_code == 200, res.status_code
assert res.data == content, res.data
def test_empty_response(self, http_get):
"""Returns empty response with task payload not containing encrypted data."""
res = MagicMock()
res.json.return_value = {'key': 'testkey'}
http_get.return_value = res
project = ProjectFactory.create(
info={'ext_config': {
'encryption': {
'key_id': 123
}
}})
encryption_key = 'testkey'
task = TaskFactory.create(
project=project,
info={}) # missing private_json__encrypted_payload
owner = project.owner
signature = signer.dumps({'task_id': task.id})
url = '/fileproxy/encrypted/taskpayload/%s/%s?api_key=%s&task-signature=%s' \
% (project.id, task.id, owner.api_key, signature)
with patch.dict(self.flask_app.config, self.app_config):
res = self.app.get(url, follow_redirects=True)
assert res.status_code == 200, res.status_code
assert res.data == '', res.data
def test_file_user_key_from_vault(self, get_secret, has_lock,
create_connection):
has_lock.return_value = True
admin, owner, user = UserFactory.create_batch(3)
project = ProjectFactory.create(info={'encryption': {'key': 'abc'}})
url = '/fileproxy/encrypted/s3/anothertest/%s/file.pdf' % project.id
task = TaskFactory.create(project=project, info={'url': url})
signature = signer.dumps({'task_id': task.id})
req_url = '%s?api_key=%s&task-signature=%s' % (url, user.api_key,
signature)
encryption_key = 'testkey'
aes = AESWithGCM(encryption_key)
key = self.get_key(create_connection)
key.get_contents_as_string.return_value = aes.encrypt('the content')
get_secret.return_value = encryption_key
with patch.dict(
self.flask_app.config, {
'FILE_ENCRYPTION_KEY': 'another key',
'S3_REQUEST_BUCKET': 'test',
'ENCRYPTION_CONFIG_PATH': ['encryption']
}):
res = self.app.get(req_url, follow_redirects=True)
assert res.status_code == 200, res.status_code
assert res.data == 'the content', res.data
def forgot_password():
"""
Request a forgotten password for a user.
Returns a Jinja2 template.
"""
form = ForgotPasswordForm(request.body)
if form.validate_on_submit():
user = user_repo.get_by(email_addr=form.email_addr.data)
if user and user.email_addr:
msg = dict(subject='Account Recovery',
recipients=[user.email_addr])
if user.twitter_user_id:
msg['body'] = render_template(
'/account/email/forgot_password_openid.md',
user=user, account_name='Twitter')
msg['html'] = render_template(
'/account/email/forgot_password_openid.html',
user=user, account_name='Twitter')
elif user.facebook_user_id:
msg['body'] = render_template(
'/account/email/forgot_password_openid.md',
user=user, account_name='Facebook')
msg['html'] = render_template(
'/account/email/forgot_password_openid.html',
user=user, account_name='Facebook')
elif user.google_user_id:
msg['body'] = render_template(
'/account/email/forgot_password_openid.md',
user=user, account_name='Google')
msg['html'] = render_template(
'/account/email/forgot_password_openid.html',
user=user, account_name='Google')
else:
userdict = {'user': user.name, 'password': user.passwd_hash}
key = signer.dumps(userdict, salt='password-reset')
recovery_url = url_for_app_type('.reset_password',
key=key, _external=True)
msg['body'] = render_template(
'/account/email/forgot_password.md',
user=user, recovery_url=recovery_url)
msg['html'] = render_template(
'/account/email/forgot_password.html',
user=user, recovery_url=recovery_url)
mail_queue.enqueue(send_mail, msg)
flash(gettext("We've sent you an email with account "
"recovery instructions!"),
'success')
else:
flash(gettext("We don't have this email in our records. "
"You may have signed up with a different "
"email or used Twitter, Facebook, or "
"Google to sign-in"), 'error')
if request.method == 'POST' and not form.validate():
flash(gettext('Something went wrong, please correct the errors on the '
'form'), 'error')
data = dict(template='/account/password_forgot.html',
form=form)
return handle_content_type(data)
def forgot_password():
"""
Request a forgotten password for a user.
Returns a Jinja2 template.
"""
form = ForgotPasswordForm(request.body)
if form.validate_on_submit():
user = user_repo.get_by(email_addr=form.email_addr.data)
if user and user.email_addr:
msg = dict(subject='Account Recovery',
recipients=[user.email_addr])
if user.twitter_user_id:
msg['body'] = render_template(
'/account/email/forgot_password_openid.md',
user=user, account_name='Twitter')
msg['html'] = render_template(
'/account/email/forgot_password_openid.html',
user=user, account_name='Twitter')
elif user.facebook_user_id:
msg['body'] = render_template(
'/account/email/forgot_password_openid.md',
user=user, account_name='Facebook')
msg['html'] = render_template(
'/account/email/forgot_password_openid.html',
user=user, account_name='Facebook')
elif user.google_user_id:
msg['body'] = render_template(
'/account/email/forgot_password_openid.md',
user=user, account_name='Google')
msg['html'] = render_template(
'/account/email/forgot_password_openid.html',
user=user, account_name='Google')
else:
userdict = {'user': user.name, 'password': user.passwd_hash}
key = signer.dumps(userdict, salt='password-reset')
recovery_url = url_for_app_type('.reset_password',
key=key, _external=True)
msg['body'] = render_template(
'/account/email/forgot_password.md',
user=user, recovery_url=recovery_url)
msg['html'] = render_template(
'/account/email/forgot_password.html',
user=user, recovery_url=recovery_url)
mail_queue.enqueue(send_mail, msg)
flash(gettext("We've sent you an email with account "
"recovery instructions!"),
'success')
else:
flash(gettext("We don't have this email in our records. "
"You may have signed up with a different "
"email or used Twitter, Facebook, or "
"Google to sign-in"), 'error')
if request.method == 'POST' and not form.validate():
flash(gettext('Something went wrong, please correct the errors on the '
'form'), 'error')
data = dict(template='/account/password_forgot.html',
form=form)
return handle_content_type(data)
def register():
"""
Register method for creating a PyBossa account.
Returns a Jinja2 template
"""
form = RegisterForm(request.form)
if request.method == 'POST' and form.validate():
account = dict(fullname=form.fullname.data, name=form.name.data,
email_addr=form.email_addr.data, password=form.password.data)
key = signer.dumps(account, salt='account-validation')
confirm_url = url_for('.confirm_account', key=key, _external=True)
if current_app.config.get('ACCOUNT_CONFIRMATION_DISABLED'):
return redirect(confirm_url)
msg = dict(subject='Welcome to %s!' % current_app.config.get('BRAND'),
recipients=[account['email_addr']],
body=render_template('/account/email/validate_account.md',
user=account, confirm_url=confirm_url))
msg['html'] = markdown(msg['body'])
send_mail_job = mail_queue.enqueue(send_mail, msg)
return render_template('account/account_validation.html')
if request.method == 'POST' and not form.validate():
flash(gettext('Please correct the errors'), 'error')
return render_template('account/register.html',
title=gettext("Register"), form=form)
def register():
"""
Register method for creating a PyBossa account.
Returns a Jinja2 template
"""
form = RegisterForm(request.form)
if request.method == 'POST' and form.validate():
account = dict(fullname=form.fullname.data,
name=form.name.data,
email_addr=form.email_addr.data,
password=form.password.data)
key = signer.dumps(account, salt='account-validation')
confirm_url = url_for('.confirm_account', key=key, _external=True)
msg = Message(subject='Welcome to %s!' %
current_app.config.get('BRAND'),
recipients=[account['email_addr']])
msg.body = render_template('/account/email/validate_account.md',
user=account,
confirm_url=confirm_url)
msg.html = markdown(msg.body)
mail.send(msg)
return render_template('account/account_validation.html')
if request.method == 'POST' and not form.validate():
flash(gettext('Please correct the errors'), 'error')
return render_template('account/register.html',
title=gettext("Register"),
form=form)
def test_44_password_reset_key_errors(self, Mock):
"""Test WEB password reset key errors are caught"""
self.register()
user = model.User.query.get(1)
userdict = {"user": user.name, "password": user.passwd_hash}
fakeuserdict = {"user": user.name, "password": "******"}
key = signer.dumps(userdict, salt="password-reset")
returns = [BadSignature("Fake Error"), BadSignature("Fake Error"), userdict, fakeuserdict, userdict]
def side_effects(*args, **kwargs):
result = returns.pop(0)
if isinstance(result, BadSignature):
raise result
return result
Mock.side_effect = side_effects
# Request with no key
res = self.app.get("/account/reset-password", follow_redirects=True)
assert 403 == res.status_code
# Request with invalid key
res = self.app.get("/account/reset-password?key=foo", follow_redirects=True)
assert 403 == res.status_code
# Request with key exception
res = self.app.get("/account/reset-password?key=%s" % (key), follow_redirects=True)
assert 403 == res.status_code
res = self.app.get("/account/reset-password?key=%s" % (key), follow_redirects=True)
assert 200 == res.status_code
res = self.app.get("/account/reset-password?key=%s" % (key), follow_redirects=True)
assert 403 == res.status_code
res = self.app.post(
"/account/reset-password?key=%s" % (key),
data={"new_password": "******", "confirm": "p4ssw0rD"},
follow_redirects=True,
)
assert "You reset your password successfully!" in res.data
def test_proxy_no_task(self):
project = ProjectFactory.create()
owner = project.owner
signature = signer.dumps({'task_id': 100})
url = '/fileproxy/encrypted/s3/test/%s/file.pdf?api_key=%s&task-signature=%s' \
% (project.id, owner.api_key, signature)
res = self.app.get(url, follow_redirects=True)
assert res.status_code == 400, res.status_code
def get_email_confirmation_url(account):
"""Return confirmation url for a given user email."""
key = signer.dumps(account, salt='account-validation')
scheme = current_app.config.get('PREFERRED_URL_SCHEME')
if (scheme):
return url_for_app_type('.confirm_account',
key=key,
_scheme=scheme,
_external=True)
else:
return url_for_app_type('.confirm_account', key=key, _external=True)
def test_proxy_no_task(self):
project = ProjectFactory.create()
owner = project.owner
signature = signer.dumps({'task_id': 100})
url = '/fileproxy/hdfs/test/%s/file.pdf?api_key=%s&task-signature=%s' \
% (project.id, owner.api_key, signature)
with patch.dict(self.flask_app.config, self.app_config):
res = self.app.get(url, follow_redirects=True)
assert res.status_code == 400, res.status_code
def get_email_confirmation_url(account):
"""Return confirmation url for a given user email."""
key = signer.dumps(account, salt='account-validation')
scheme = current_app.config.get('PREFERRED_URL_SCHEME')
if (scheme):
return url_for_app_type('.confirm_account',
key=key,
_scheme=scheme,
_external=True)
else:
return url_for_app_type('.confirm_account', key=key, _external=True)
def test_proxy_no_task(self):
project = ProjectFactory.create()
owner = project.owner
task_id = 2020127
signature = signer.dumps({'task_id': task_id})
url = '/fileproxy/encrypted/taskpayload/%s/%s?api_key=%s&task-signature=%s' \
% (project.id, task_id, owner.api_key, signature)
with patch.dict(self.flask_app.config, self.app_config):
res = self.app.get(url, follow_redirects=True)
assert res.status_code == 400, res.status_code
def test_file_user(self, create_connection):
admin, owner, user = UserFactory.create_batch(3)
project = ProjectFactory.create()
url = '/fileproxy/encrypted/s3/test/%s/file.pdf' % project.id
task = TaskFactory.create(project=project, info={'url': url})
signature = signer.dumps({'task_id': task.id})
req_url = '%s?api_key=%s&task-signature=%s' % (url, user.api_key,
signature)
res = self.app.get(req_url, follow_redirects=True)
assert res.status_code == 403, res.status_code
def test_file_not_in_task(self, create_connection):
project = ProjectFactory.create()
url = '/fileproxy/encrypted/s3/test/%s/file.pdf' % project.id
task = TaskFactory.create(project=project,
info={'url': 'not/the/same'})
owner = project.owner
signature = signer.dumps({'task_id': task.id})
req_url = '%s?api_key=%s&task-signature=%s' % (url, owner.api_key,
signature)
res = self.app.get(req_url, follow_redirects=True)
assert res.status_code == 403, res.status_code
def forgot_password():
form = ForgotPasswordForm(request.form)
if form.validate_on_submit():
user = model.User.query\
.filter_by(email_addr=form.email_addr.data)\
.first()
if user and user.email_addr:
msg = Message(subject='Account Recovery',
recipients=[user.email_addr])
if user.twitter_user_id:
msg.body = render_template(
'/account/email/forgot_password_openid.md',
user=user,
account_name='Twitter')
elif user.facebook_user_id:
msg.body = render_template(
'/account/email/forgot_password_openid.md',
user=user,
account_name='Facebook')
elif user.google_user_id:
msg.body = render_template(
'/account/email/forgot_password_openid.md',
user=user,
account_name='Google')
else:
userdict = {'user': user.name, 'password': user.passwd_hash}
key = signer.dumps(userdict, salt='password-reset')
recovery_url = url_for('.reset_password',
key=key,
_external=True)
msg.body = render_template('/account/email/forgot_password.md',
user=user,
recovery_url=recovery_url)
msg.html = markdown(msg.body)
mail.send(msg)
flash(
lazy_gettext(
"We've send you email with account recovery instructions!"
), 'success')
else:
flash(
lazy_gettext(
"We don't have this email in our records. You may have"
" signed up with a different email or used Twitter, "
"Facebook, or Google to sign-in"), 'error')
if request.method == 'POST' and not form.validate():
flash(
lazy_gettext(
'Something went wrong, please correct the errors on the '
'form'), 'error')
return render_template('/account/password_forgot.html', form=form)
def forgot_password():
"""
Request a forgotten password for a user.
Returns a Jinja2 template.
"""
form = ForgotPasswordForm(request.form)
if form.validate_on_submit():
user = model.User.query\
.filter_by(email_addr=form.email_addr.data)\
.first()
if user and user.email_addr:
msg = Message(subject='Account Recovery',
recipients=[user.email_addr])
if user.twitter_user_id:
msg.body = render_template(
'/account/email/forgot_password_openid.md',
user=user, account_name='Twitter')
#elif user.facebook_user_id:
# msg.body = render_template(
# '/account/email/forgot_password_openid.md',
# user=user, account_name='Facebook')
elif user.google_user_id:
msg.body = render_template(
'/account/email/forgot_password_openid.md',
user=user, account_name='Google')
else:
userdict = {'user': user.name, 'password': user.passwd_hash}
key = signer.dumps(userdict, salt='password-reset')
recovery_url = url_for('.reset_password',
key=key, _external=True)
msg.body = render_template(
'/account/email/forgot_password.md',
user=user, recovery_url=recovery_url)
msg.html = markdown(msg.body)
mail.send(msg)
flash(gettext("We've send you email with account "
"recovery instructions!"),
'success')
else:
flash(gettext("We don't have this email in our records. "
"You may have signed up with a different "
"email or used Twitter, Facebook, or "
"Google to sign-in"), 'error')
if request.method == 'POST' and not form.validate():
flash(gettext('Something went wrong, please correct the errors on the '
'form'), 'error')
return render_template('/account/password_forgot.html', form=form)
def test_proxy_s3_error(self, create_connection):
admin, owner = UserFactory.create_batch(2)
project = ProjectFactory.create(owner=owner)
url = '/fileproxy/encrypted/s3/test/%s/file.pdf' % project.id
task = TaskFactory.create(project=project, info={'url': url})
signature = signer.dumps({'task_id': task.id})
req_url = '%s?api_key=%s&task-signature=%s' % (url, admin.api_key,
signature)
key = self.get_key(create_connection)
key.get_contents_as_string.side_effect = S3ResponseError(
403, 'Forbidden')
res = self.app.get(req_url, follow_redirects=True)
assert res.status_code == 500, res.status_code
def test_proxy_regular_user_has_lock(self, http_get):
res = MagicMock()
res.json.return_value = {'key': 'testkey'}
http_get.return_value = res
admin, owner, user = UserFactory.create_batch(3)
project = ProjectFactory.create(
owner=owner, info={'ext_config': {
'encryption': {
'key_id': 123
}
}})
encryption_key = 'testkey'
aes = AESWithGCM(encryption_key)
content = json.dumps(dict(a=1, b="2"))
encrypted_content = aes.encrypt(content)
task = TaskFactory.create(
project=project,
info={'private_json__encrypted_payload': encrypted_content})
signature = signer.dumps({'task_id': task.id})
url = '/fileproxy/encrypted/taskpayload/%s/%s?api_key=%s&task-signature=%s' \
% (project.id, task.id, user.api_key, signature)
with patch('pybossa.view.fileproxy.has_lock') as has_lock:
has_lock.return_value = True
with patch.dict(self.flask_app.config, self.app_config):
res = self.app.get(url, follow_redirects=True)
assert res.status_code == 200, res.status_code
assert res.data == content, res.data
with patch('pybossa.view.fileproxy.has_lock') as has_lock:
has_lock.return_value = False
with patch.dict(self.flask_app.config, self.app_config):
res = self.app.get(url, follow_redirects=True)
assert res.status_code == 403, res.status_code
# coowner can access the task
project.owners_ids.append(user.id)
with patch('pybossa.view.fileproxy.has_lock') as has_lock:
has_lock.return_value = False
with patch.dict(self.flask_app.config, self.app_config):
res = self.app.get(url, follow_redirects=True)
assert res.status_code == 200, res.status_code
def test_proxy_admin(self, create_connection):
admin, owner = UserFactory.create_batch(2)
project = ProjectFactory.create(owner=owner)
url = '/fileproxy/encrypted/s3/test/%s/file.pdf' % project.id
task = TaskFactory.create(project=project, info={'url': url})
signature = signer.dumps({'task_id': task.id})
req_url = '%s?api_key=%s&task-signature=%s' % (url, admin.api_key,
signature)
encryption_key = 'testkey'
aes = AESWithGCM(encryption_key)
key = self.get_key(create_connection)
key.get_contents_as_string.return_value = aes.encrypt('the content')
with patch.dict(self.flask_app.config,
{'FILE_ENCRYPTION_KEY': encryption_key}):
res = self.app.get(req_url, follow_redirects=True)
assert res.status_code == 200, res.status_code
assert res.data == 'the content', res.data
def set_password(self, password):
if len(password) > 1:
self.info['passwd_hash'] = signer.dumps(password)
return True
self.info['passwd_hash'] = None
return False
def get_email_confirmation_url(account):
"""Return confirmation url for a given user email."""
key = signer.dumps(account, salt='account-validation')
return url_for_app_type('.confirm_account', key=key, _external=True)
def user_add(name, user=None):
''' Add Current User to a team '''
team = cached_teams.get_team(name)
title = gettext('Add User to a Team')
if not require.team.read():
abort(403)
if request.method == 'GET':
return render_template('/team/user_add.html',
title=title,
team=team,
user=user)
if user:
user_search = User.query.filter_by(name=user).first()
if not user_search:
flash(gettext('This user don\t exists!!!'), 'error')
return redirect(url_for('team.myteams', name=team.name))
else:
''' Check to see if the current_user is the owner or admin '''
if current_user.admin is True or team.owner_id == current_user.id:
user_id = user_search.id
else:
flash(gettext('You do not have right to add to this team!!!'),
'error')
return redirect(url_for('team.myteams', name=team.name))
else:
user_search = current_user
'''user_id = current_user.id'''
''' Search relationship '''
user2team = db.session.query(User2Team)\
.filter(User2Team.user_id == user_search.id )\
.filter(User2Team.team_id == team.id )\
.first()
if user2team:
flash(gettext('This user is already in this team'), 'error')
return redirect(url_for('team.search_users', name=team.name))
else:
if team.public == True:
cached_teams.delete_team_members()
user2team = User2Team(user_id=user_search.id, team_id=team.id)
db.session.add(user2team)
db.session.commit()
flash(gettext('Association to the team created'), 'success')
return redirect(url_for('team.myteams'))
else:
msg = Message(subject='Invitation to a Team',
recipients=[user_search.email_addr])
userdict = {'user': user_search.name, 'team': team.name}
key = signer.dumps(userdict, salt='join-private-team')
join_url = url_for('.join_private_team', key=key, _external=True)
msg.body = render_template('/team/email/send_invitation.md',
user=user_search,
team=team,
join_url=join_url)
msg.html = markdown(msg.body)
mail.send(msg)
return render_template('./team/message.html')
def get_email_confirmation_url(account):
"""Return confirmation url for a given user email."""
key = signer.dumps(account, salt='account-validation')
confirm_url = url_for('.confirm_account', key=key, _external=True)
return confirm_url
def set_password(self, password):
if len(password) > 1:
self.info['passwd_hash'] = signer.dumps(password)
return True
self.info['passwd_hash'] = None
return False
def sign_task(task):
if current_app.config.get('ENABLE_ENCRYPTION'):
from pybossa.core import signer
signature = signer.dumps({'task_id': task['id']})
task['signature'] = signature
def forgot_password():
"""
Request a forgotten password for a user.
Returns a Jinja2 template.
"""
form = ForgotPasswordForm(request.body)
data = dict(template='/account/password_forgot.html',
form=form)
if form.validate_on_submit():
email_addr = form.email_addr.data.lower()
user = user_repo.get_by(email_addr=email_addr)
if user and not user.enabled:
brand = current_app.config['BRAND']
flash(gettext('Your account is disabled. '
'Please contact your {} administrator.'.format(brand)),
'error')
return handle_content_type(data)
if user and user.email_addr:
msg = dict(subject='Account Recovery',
recipients=[user.email_addr])
if user.twitter_user_id:
msg['body'] = render_template(
'/account/email/forgot_password_openid.md',
user=user, account_name='Twitter')
msg['html'] = render_template(
'/account/email/forgot_password_openid.html',
user=user, account_name='Twitter')
elif user.facebook_user_id:
msg['body'] = render_template(
'/account/email/forgot_password_openid.md',
user=user, account_name='Facebook')
msg['html'] = render_template(
'/account/email/forgot_password_openid.html',
user=user, account_name='Facebook')
elif user.google_user_id:
msg['body'] = render_template(
'/account/email/forgot_password_openid.md',
user=user, account_name='Google')
msg['html'] = render_template(
'/account/email/forgot_password_openid.html',
user=user, account_name='Google')
else:
userdict = {'user': user.name, 'password': user.passwd_hash}
key = signer.dumps(userdict, salt='password-reset')
recovery_url = url_for_app_type('.reset_password',
key=key, _external=True)
msg['body'] = render_template(
'/account/email/forgot_password.md',
user=user, recovery_url=recovery_url, key=key)
msg['html'] = render_template(
'/account/email/forgot_password.html',
user=user, recovery_url=recovery_url, key=key)
mail_queue.enqueue(send_mail, msg)
flash(gettext("We've sent you an email with account "
"recovery instructions!"),
'success')
else:
flash(gettext("We don't have this email in our records. "
"You may have signed up with a different "
"email"), 'error')
if request.method == 'POST':
if not form.validate():
flash(gettext('Something went wrong, please correct the errors on the '
'form'), 'error')
else:
return redirect_content_type(url_for('account.password_reset_key'))
return handle_content_type(data)
def set_proj_passwd_cookie(self, project, user=None, username=None):
from pybossa.core import user_repo
if username:
user = user_repo.get_by_name(username)
cookie = signer.dumps([get_user_id_or_ip(user)])
self.app.set_cookie('/', '%spswd' % project.short_name, cookie)
def user_add(name,user=None):
''' Add Current User to a team '''
team = cached_teams.get_team(name)
title = gettext('Add User to a Team')
if not require.team.read():
abort(403)
if request.method == 'GET':
return render_template(
'/team/user_add.html',
title=title,
team=team,
user=user
)
if user:
user_search = User.query.filter_by(name=user).first()
if not user_search:
flash(gettext('This user don\t exists!!!'), 'error')
return redirect(url_for('team.myteams', name=team.name ))
else:
''' Check to see if the current_user is the owner or admin '''
if current_user.admin is True or team.owner_id == current_user.id:
user_id = user_search.id
else:
flash(gettext('You do not have right to add to this team!!!'), 'error')
return redirect(url_for('team.myteams', name=team.name ))
else:
user_search= current_user
'''user_id = current_user.id'''
''' Search relationship '''
user2team = db.session.query(User2Team)\
.filter(User2Team.user_id == user_search.id )\
.filter(User2Team.team_id == team.id )\
.first()
if user2team:
flash(gettext('This user is already in this team'), 'error')
return redirect(url_for('team.search_users', name=team.name ))
else:
if team.public == True:
cached_teams.delete_team_members()
user2team = User2Team(
user_id = user_search.id,
team_id = team.id
)
db.session.add(user2team)
db.session.commit()
flash(gettext('Association to the team created'), 'success')
return redirect(url_for('team.myteams' ))
else:
msg = Message(subject='Invitation to a Team',
recipients=[user_search.email_addr])
userdict = {'user': user_search.name,
'team': team.name
}
key = signer.dumps(userdict, salt='join-private-team')
join_url = url_for('.join_private_team',
key=key, _external=True)
msg.body = render_template(
'/team/email/send_invitation.md',
user=user_search, team=team, join_url=join_url)
msg.html = markdown(msg.body)
mail.send(msg)
return render_template('./team/message.html')
def forgot_password():
"""
Request a forgotten password for a user.
Returns a Jinja2 template.
"""
form = ForgotPasswordForm(request.body)
if form.validate_on_submit():
user = user_repo.get_by(email_addr=form.email_addr.data)
if user and user.email_addr:
msg = dict(subject=u'Recuperación de Cuenta',
recipients=[user.email_addr])
if user.twitter_user_id:
msg['body'] = render_template(
'/account/email/forgot_password_openid.md',
user=user,
account_name='Twitter')
msg['html'] = render_template(
'/account/email/forgot_password_openid.html',
user=user,
account_name='Twitter')
elif user.facebook_user_id:
msg['body'] = render_template(
'/account/email/forgot_password_openid.md',
user=user,
account_name='Facebook')
msg['html'] = render_template(
'/account/email/forgot_password_openid.html',
user=user,
account_name='Facebook')
elif user.google_user_id:
msg['body'] = render_template(
'/account/email/forgot_password_openid.md',
user=user,
account_name='Google')
msg['html'] = render_template(
'/account/email/forgot_password_openid.html',
user=user,
account_name='Google')
else:
userdict = {'user': user.name, 'password': user.passwd_hash}
key = signer.dumps(userdict, salt='password-reset')
recovery_url = url_for('.reset_password',
key=key,
_external=True)
msg['body'] = render_template(
'/account/email/forgot_password.md',
user=user,
recovery_url=recovery_url)
msg['html'] = render_template(
'/account/email/forgot_password.html',
user=user,
recovery_url=recovery_url)
mail_queue.enqueue(send_mail, msg)
flash(
gettext(
u"Te enviamos un correo electrónico con las instrucciones de recuperación!"
), 'success')
else:
flash(
gettext(
u"No tenemos este correo electrónico en nuestros registros. Es posible que se haya registrado con un correo electrónico diferente o haya utilizado Twitter, Facebook o Google para iniciar sesión."
), 'error')
if request.method == 'POST' and not form.validate():
flash(
gettext('Something went wrong, please correct the errors on the '
'form'), 'error')
data = dict(template='/account/password_forgot.html', form=form)
return handle_content_type(data)