def test_authenticated_user(self):
environ = make_environ('gustavo')
p = predicates.is_anonymous()
self.eval_unmet_predicate(p, environ,
'The current user must be anonymous')
def test_anonymous_user(self):
environ = {}
p = predicates.is_anonymous()
self.eval_met_predicate(p, environ)
class RootController(StandardController):
"""
The root controller for the tracim application.
All the other controllers and WSGI applications should be mounted on this
controller. For example::
panel = ControlPanelController()
another_app = AnotherWSGIApplication()
Keep in mind that WSGI applications shouldn't be mounted directly: They
must be wrapped around with :class:`tg.controllers.WSGIAppController`.
"""
admin = AdminController()
help = HelpController()
calendar = CalendarController()
calendar_config = CalendarConfigController()
debug = DebugController()
error = ErrorController()
# Rest controllers
workspaces = UserWorkspaceRestController()
user = UserRestController()
previews = PreviewsController()
content = ContentController()
events = EventRestController()
# api
api = APIController()
def _render_response(self, tgl, controller, response):
replace_reset_password_templates(controller.decoration.engines)
return super()._render_response(tgl, controller, response)
def _before(self, *args, **kw):
super(RootController, self)._before(args, kw)
tmpl_context.project_name = "tracim"
@expose('tracim.templates.index')
def index(self, came_from='', *args, **kwargs):
if request.identity:
if came_from:
logger.info(self, 'Will redirect to {}'.format(came_from))
redirect(url(came_from))
else:
redirect(self.url(None, self.home.__name__))
login_counter = request.environ.get('repoze.who.logins', 0)
if login_counter > 0:
flash(_('Wrong credentials'), CST.STATUS_ERROR)
return dict(page='login',
login_counter=str(login_counter),
came_from=came_from)
@require(predicates.is_anonymous())
@expose('tracim.templates.index')
def login(self, *args, **kwargs):
"""
This method is there for backward compatibility only
This is related to the default TG2 authentication behavior...
Now the login form is included in home page
:param args:
:param kwargs:
:return:
"""
came_from = kwargs['came_from'] if 'came_from' in kwargs.keys() else ''
logger.info(self, 'came_from: {}'.format(kwargs))
return self.index(came_from, args, *kwargs)
@expose()
def post_login(self, came_from=lurl('/home')):
"""
Redirect the user to the initially requested page on successful
authentication or redirect her back to the login page if login failed.
"""
if not request.identity:
login_counter = request.environ.get('repoze.who.logins', 0) + 1
redirect(url('/login'),
params=dict(came_from=came_from, __logins=login_counter))
user = CurrentUserGetterApi.get_current_user()
flash(_('Welcome back, %s!') % user.get_display_name())
redirect(came_from)
@expose()
def post_logout(self, came_from=lurl('/')):
"""
Redirect the user to the initially requested page on logout and say
goodbye as well.
"""
flash(_('Successfully logged out. We hope to see you soon!'))
redirect(came_from)
@require(predicates.not_anonymous())
@expose('tracim.templates.home')
def home(self):
user = tmpl_context.current_user
current_user_content = Context(CTX.CURRENT_USER).toDict(user)
fake_api = Context(CTX.CURRENT_USER).toDict(
{'current_user': current_user_content})
last_active_contents = ContentApi(user).get_last_active(
None, ContentType.Any, None)
fake_api.last_actives = Context(CTX.CONTENT_LIST).toDict(
last_active_contents, 'contents', 'nb')
unread_contents = ContentApi(user).get_last_unread(
None, ContentType.Any, None)
fake_api.last_unread = Context(CTX.CONTENT_LIST).toDict(
unread_contents, 'contents', 'nb')
# INFO - D.A. - 2015-05-20
# For now, we do not have favorties and read/unread status
# so we only show:
# - workspaces
# - last activity
# - oldest open stuff
items = ContentApi(user).get_all_without_exception(
ContentType.Any, None)[:4]
fake_api.favorites = Context(CTX.CONTENT_LIST).toDict(
items, 'contents', 'nb')
return DictLikeClass(fake_api=fake_api)
@require(predicates.not_anonymous())
@expose('tracim.templates.search.display')
def search(self, keywords=''):
from tracim.lib.content import ContentApi
user = tmpl_context.current_user
api = ContentApi(user)
items = []
keyword_list = api.get_keywords(keywords)
result = api.search(keyword_list)
if result:
items = result.limit(ContentApi.SEARCH_DEFAULT_RESULT_NB).all()
api.exclude_unavailable(items)
current_user_content = Context(CTX.CURRENT_USER).toDict(user)
fake_api = Context(CTX.CURRENT_USER).toDict(
{'current_user': current_user_content})
search_results = Context(CTX.SEARCH).toDict(items, 'results',
'result_nb')
search_results.keywords = keyword_list
return DictLikeClass(fake_api=fake_api, search=search_results)
def test_anonymous_user(self):
environ = {}
p = predicates.is_anonymous()
self.eval_met_predicate(p, environ)
def test_authenticated_user(self):
environ = make_environ('gustavo')
p = predicates.is_anonymous()
self.eval_unmet_predicate(p, environ,
'The current user must be anonymous')
def index(self):
"""Handle the front-page."""
if is_anonymous(msg=u'Veuiller vous connecter pour continuer'):
redirect('/login')
return dict(title="Portail Asterisk", page='index')
class ResetRequestController(BaseController):
allow_only = is_anonymous()
@expose('contacts.templates.reset_password.reset_response')
def reset_response(self, title=None, message=None):
return dict(page='bad_token', title=title, message=message)
@expose('contacts.templates.reset_password.new_password')
def new_password(self, token, message=None):
'''
Starts the new password procedure if token is valid
'''
reset_request = ResetRequest.get_by_token(token)
# token is wrong or it's expired
if reset_request is None or reset_request.check_token_age() == False:
if reset_request is not None:
DBSession.delete(reset_request)
title = _("Bad token")
message = _("The token %s doesn't exist or it's expired") % token
redirect('/reset_password/reset_response',
params={
'title': title,
'message': message
})
if message is not None and message == 'passwords-not-match':
flash(_("Passwords provided don't match."), 'error')
return dict(page='new_password',
token=token,
email_address=reset_request.user.email_address)
@expose('contacts.templates.reset_password.reset_password')
def reset_request(self,
failure=None,
email_address=None,
error_message=None):
'''
Starts the reset password procedure
'''
if failure is not None:
if failure == 'user-not-found':
flash(
_("We don't have a user with %s as email address.") %
email_address, 'error')
if failure == 'request-already-present':
flash(
_("A reset request for %s was already present. We sent the email again, check your inbox"
) % email_address, 'info')
if failure == 'email-error':
flash_string = _(
"Error sending the reset request, try again later.")
if error_message is not None:
flash_string += _("The error was %s") & error_message
flash(flash_string, 'error')
if failure is None and email_address is not None:
flash(
_("A message with the link for the reset was sent to %s.") %
email_address, 'info')
return dict(page='reset_password', email_address=email_address)
@expose()
def reset_submission(self, email_address):
'''
Manage password reset submission
'''
user = User.by_email_address(email_address)
if not user:
redirect(
'/reset_password/reset_request/?failure=user-not-found&email_address='
+ email_address)
reset_request = ResetRequest.get_by_user(user.user_id)
already_present = False
result = False
message = ''
if reset_request:
already_present = True
result, message = reset_request.send_reset_link()
else:
reset_request = ResetRequest(user_id=user.user_id)
DBSession.add(reset_request)
DBSession.flush()
reset_request = ResetRequest.get_by_user(user.user_id)
result, message = reset_request.send_reset_link()
if result:
if already_present:
redirect(
'/reset_password/reset_request/?failure=request-already-present&email_address='
+ email_address)
else:
redirect('/reset_password/reset_request/?email_address=' +
email_address)
else:
redirect(
'/reset_password/reset_request/?failure=email-error&error_message='
+ message)
@expose()
def save_password(self, password, check_password, email_address):
user = User.by_email_address(email_address)
if password == check_password:
user._set_password(password)
user.reset_requests[0].activated = True
title = _("Password updated succesfully")
message = _("The password for %s updated, proceed to login."
) % email_address
redirect('/reset_password/reset_response',
params={
'title': title,
'message': message
})
else:
token = user.reset_requests[0].token
redirect('/reset_password/new_password',
params={
'token': token,
'message': 'passwords-not-match'
})
