def decorated_function(*args, **kwargs): if current_user.has_permission(permission): return f(*args, **kwargs) if current_user.has_permission('AUTH-PERMISSION_MISSING'): flash( _('Missing permission %(permission)s', permission=b(permission)), 'warning') abort(403)
def main_message_clean(): messages = Notification.query.all() counter = 0 for message in messages: if message.expired: counter = counter + 1 message.delete() flash(_('%(counter)s messages have been removed.', counter=b(counter))) return redirect(url_for('admin.main_sysmsg_list'))
def preference_reload(): session.pop('preferences', None) session['preferences'] = {} for pref in current_user.preferences: session['preferences'][pref.name] = pref.value flash(_('Preferences for %(name)s have been reloaded.', name=b(current_user.name or current_user.username)), 'success') return redirect(url_for('auth.preferences'))
def preference_create(): form = PreferenceForm() if form.validate_on_submit(): exists = AuthUserPreference.query.filter(and_( AuthUserPreference.name == form.name.data, AuthUserPreference.user_id == current_user.id)).first() if exists: preference = AuthUserPreference.query.get(exists.id) else: preference = AuthUserPreference() form.populate_obj(preference) preference.user_id = current_user.id preference.update() session.pop('preferences', None) session['preferences'] = {} for pref in current_user.preferences: session['preferences'][pref.name] = pref.value flash(_('Preference %(name)s is set to %(value)s', name=b(preference.name), value=b(preference.value or 'False')), 'success') return redirect(url_for('auth.preferences')) for field, errors in form.errors.items(): for error in errors: flash(_('%(field)s: %(msg)s', field=b(getattr(form, field).label.text), msg=error), 'danger') return render_template('auth/routes.preferences.html.j2', form=form, user=current_user)
def login(): if current_user.is_authenticated: flash(_('You were already authenticated as %(name)s.', name=b(current_user.name)), 'info') if session['preferences']: session.pop('preferences', None) if session['locale']: session.pop('locale', None) logout_user() form = LoginForm() if not current_app.config['RUNE_AUTH_LOGIN_REMEMBER']: form.remember_me = None if form.validate_on_submit(): _fails = 0 user = User.query.filter_by(username=form.username.data).first() if user is None: flash(_('Invalid username or password.'), 'error') return redirect(url_for('auth.login')) _fails = user.failed_attempts if not user.verify_password(form.password.data): flash(_('Invalid username or password.'), 'error') return redirect(url_for('auth.login')) if _fails > 0: flash(ngettext('You have %(num)d failed login attempt.', 'You have %(num)d failed login attempts.', num=_fails), 'warning') login_user(user) session['locale'] = user.locale session['preferences'] = {} for preference in user.preferences: session['preferences'][preference.name] = preference.value return redirect(request.args.get('next') or url_for('main.index')) return render_template('auth/routes.login.html.j2', form=form)
def validate_end_date(self, end): if end.data < self.start_date.data: raise ValidationError( _('End date %(end)s is smaller than the start date %(start)s.', end=b(self.end_date.data), start=b(self.start_date.data)))
def validate_email(self, email): if User.query.filter_by(email=email.data).first() is not None: raise ValidationError( _('Email %(mail)s is already registered.', mail=b(email.data)))