def set_preference(self, key, val):
"""
Sets a user's preference
"""
self._load_prefs()
if key in self.preferences_dict:
self.preferences_dict[key].value = val
pref = self.preferences_dict[key]
else:
pref = UserPreference(key=key, value=val, user=self)
Session.add(pref)
self.preferences_dict[key] = pref
return pref
def __call__(self, environ, start_response):
"""Invoke the Controller"""
# WSGIController.__call__ dispatches to the Controller method
# the request is routed to. This routing information is
# available in environ['pylons.routes_dict']
try:
self._session = Session
if '_debug_frontend' in request.params:
#now we can force this no matter the environment.
c.debug_frontend = request.params['_debug_frontend'] == 'True'
else:
c.debug_frontend = not h.is_production()
#this is used by timer proxy and the templates
c.show_debug = bool(session.get('show_debug'))
request.environ['USER'] = session.get('username', '')
request.environ['REAL_USER'] = session.get('real_username', '')
# set the start of the rendering
c.render_start = time.time()
c.requested_url = request.environ.get('PATH_INFO')
if request.environ.get('QUERY_STRING'):
c.requested_url += '?' + request.environ['QUERY_STRING']
logger.info(c.requested_url)
# Capture IP address in non-ssl mode, so we can use it in SSL mode see ticket #2275
ip = auth.get_user_ip()
if not session.get('IP_ADDRESS') and ip:
session['IP_ADDRESS'] = ip
elif not session.get('IP_ADDRESS') and request.environ.get('HTTP_RLNCLIENTIPADDR'):
session['IP_ADDRESS'] = request.environ.get('HTTP_RLNCLIENTIPADDR')
elif not session.get('IP_ADDRESS') and request.environ.get('REMOTE_ADDR'):
session['IP_ADDRESS'] = request.environ.get('REMOTE_ADDR')
# Save the first referer we see to store in user record when/if we create one.
if not session.get('referer'):
session['referer'] = environ.get('HTTP_REFERER','').decode('utf-8','ignore')
session.save()
return WSGIController.__call__(self, environ, start_response)
finally:
if 'paste.testing_variables' not in request.environ:
Session.remove()
def authenticate(username, password, redirect_after=True, from_http_auth=False):
q = Session.query(users.User)
q = q.filter(sa.or_(users.User.username==username, users.User.email==username))
u = q.first()
if u and u.is_active and u.does_password_match(password):
return login(u, redirect_after=redirect_after, from_http_auth=from_http_auth)
else:
raise exceptions.ClientException('Email and password do not match.', code=exceptions.MISMATCH, field='password')
return None
def get_user(key='user'):
"""
Gets the user model object if user has logged on. Will be the pretend
user if an admin is pretending to be someone.
Returns/sets a cached copy (from the context c var)
"""
if getattr(c, key):
return getattr(c, key)
user_id = session.get(key)
if user_id:
setattr(c, key, Session.query(users.User).outerjoin(users.UserPreference).filter(users.User.id == user_id).first())
if session['user'] == session['real_user']:
c.user = c.real_user = getattr(c, key)
else:
setattr(c, key, None)
return getattr(c, key)
