def userbrowser():
"""
User Account Browser
"""
groups = flaskg.groups
member_groups = {} # {username: [list of groups], ...}
for groupname in groups:
group = groups[groupname]
for member in group.members:
member_groups[member] = member_groups.get(member, []) + [group.name]
revs = user.search_users() # all users
user_accounts = []
for rev in revs:
user_names = rev.meta[NAME]
user_groups = member_groups.get(user_names[0], [])
for name in user_names[1:]:
user_groups = user_groups + member_groups.get(name, [])
user_accounts.append(dict(uid=rev.meta[ITEMID],
name=user_names,
fqname=CompositeName(NAMESPACE_USERS, NAME_EXACT, rev.name),
email=rev.meta[EMAIL] if EMAIL in rev.meta else rev.meta[EMAIL_UNVALIDATED],
disabled=rev.meta[DISABLED],
groups=user_groups))
return render_template('admin/userbrowser.html', user_accounts=user_accounts, title_name=_(u"Users"))
def userbrowser():
"""
User Account Browser
"""
groups = flaskg.groups
revs = user.search_users() # all users
user_accounts = []
for rev in revs:
user_groups = []
user_names = rev.meta[NAME]
for groupname in groups:
group = groups[groupname]
for name in user_names:
if name in group:
user_groups.append(groupname)
user_accounts.append(
dict(uid=rev.meta[ITEMID],
name=user_names,
fqname=CompositeName(NAMESPACE_USERPROFILES, NAME_EXACT,
rev.name),
email=rev.meta[EMAIL]
if EMAIL in rev.meta else rev.meta[EMAIL_UNVALIDATED],
disabled=rev.meta[DISABLED],
groups=user_groups))
return render_template('admin/userbrowser.html',
user_accounts=user_accounts,
title_name=_(u"Users"))
def _special_Known(self, name, dowhat, rightsdict):
""" check if user <name> is known to us,
that means that there is a valid user account present.
works for subscription emails.
"""
if user.search_users(name_exact=name): # is a user with this name known?
return rightsdict.get(dowhat)
return None
def userid_pseudo_field(node):
username = node.text
users = user.search_users(**{NAME_EXACT: username})
if users:
userid = users[0].meta[ITEMID]
node = WordNode(userid)
node.set_fieldname(fieldname)
return node
return node
def _special_Known(self, name, dowhat, rightsdict):
""" check if user <name> is known to us,
that means that there is a valid user account present.
works for subscription emails.
"""
if user.search_users(
**{NAME_EXACT: name}): # is a user with this name known?
return rightsdict.get(dowhat)
return None
def run(self, name, uid, password, all_users, notify, verbose, subject,
text, text_file, skip_invalid):
flags_given = name or uid or all_users
if not flags_given:
print 'incorrect number of arguments'
sys.exit(1)
if notify and not app.cfg.mail_enabled:
print "This wiki is not enabled for mail processing. The --notify option requires this. Aborting..."
sys.exit(1)
if text_file:
with open(text_file) as f:
text = f.read().decode('utf-8')
before_wiki()
if uid:
query = {ITEMID: uid}
elif name:
query = {NAME_EXACT: name}
elif all_users:
query = {}
# sorting the list so we have some specific, reproducable order
uids_metas = sorted([(rev.meta[ITEMID], rev.meta)
for rev in user.search_users(**query)])
total = len(uids_metas)
for nr, (uid, meta) in enumerate(uids_metas, start=1):
name = meta[NAME]
email = meta.get(EMAIL)
if email is None:
email = meta.get(EMAIL_UNVALIDATED)
if email is None:
raise ValueError(
"neither EMAIL nor EMAIL_UNVALIDATED key is present in user profile metadata of uid %r name %r"
% (uid, name))
else:
email += '[email_unvalidated]'
try:
set_password(uid,
password,
notify=notify,
skip_invalid=skip_invalid,
subject=subject,
text=text)
except Fault as err:
status = "FAILURE: [%s]" % str(err)
else:
status = "SUCCESS"
if verbose:
print "uid %s, name %s, email %s (%05d / %05d) %s" % (
uid, name, email, nr, total, status)
def userbrowser():
"""
User Account Browser
"""
groups = flaskg.groups
revs = user.search_users() # all users
user_accounts = [dict(uid=rev.meta[ITEMID],
name=rev.meta[NAME],
email=u'', # rev.meta[EMAIL], # TODO: fix KeyError
disabled=False, # TODO: add to index
groups=[groupname for groupname in groups if rev.meta[NAME] in groups[groupname]],
)
for rev in revs]
return render_template('admin/userbrowser.html', user_accounts=user_accounts, title_name=_(u"User Browser"))
def userbrowser():
"""
User Account Browser
"""
groups = flaskg.groups
revs = user.search_users() # all users
user_accounts = [dict(uid=rev.meta[ITEMID],
name=rev.meta[NAME],
fqname=CompositeName(NAMESPACE_USERPROFILES, NAME_EXACT, rev.name),
email=rev.meta[EMAIL],
disabled=rev.meta[DISABLED],
groups=[groupname for groupname in groups if rev.meta[NAME] in groups[groupname]],
) for rev in revs]
return render_template('admin/userbrowser.html', user_accounts=user_accounts, title_name=_(u"Users"))
def run(self, name, uid, password, all_users, notify, verbose, subject, text, text_file, skip_invalid):
flags_given = name or uid or all_users
if not flags_given:
print 'incorrect number of arguments'
sys.exit(1)
if notify and not app.cfg.mail_enabled:
print "This wiki is not enabled for mail processing. The --notify option requires this. Aborting..."
sys.exit(1)
if text_file:
with open(text_file) as f:
text = f.read().decode('utf-8')
before_wiki()
if uid:
query = {ITEMID: uid}
elif name:
query = {NAME_EXACT: name}
elif all_users:
query = {}
# sorting the list so we have some specific, reproducable order
uids_metas = sorted([(rev.meta[ITEMID], rev.meta) for rev in user.search_users(**query)])
total = len(uids_metas)
for nr, (uid, meta) in enumerate(uids_metas, start=1):
name = meta[NAME]
email = meta.get(EMAIL)
if email is None:
email = meta.get(EMAIL_UNVALIDATED)
if email is None:
raise ValueError("neither EMAIL nor EMAIL_UNVALIDATED key is present in user profile metadata of uid %r name %r" % (uid, name))
else:
email += '[email_unvalidated]'
try:
set_password(uid, password, notify=notify, skip_invalid=skip_invalid,
subject=subject, text=text)
except Fault as err:
status = "FAILURE: [%s]" % str(err)
else:
status = "SUCCESS"
if verbose:
print "uid %s, name %s, email %s (%05d / %05d) %s" % (uid, name, email, nr, total, status)
def userbrowser():
"""
User Account Browser
"""
groups = flaskg.groups
revs = user.search_users() # all users
user_accounts = []
for rev in revs:
user_groups = []
user_names = rev.meta[NAME]
for groupname in groups:
group = groups[groupname]
for name in user_names:
if name in group:
user_groups.append(groupname)
user_accounts.append(dict(uid=rev.meta[ITEMID],
name=user_names,
fqname=CompositeName(NAMESPACE_USERPROFILES, NAME_EXACT, rev.name),
email=rev.meta[EMAIL] if EMAIL in rev.meta else rev.meta[EMAIL_UNVALIDATED],
disabled=rev.meta[DISABLED],
groups=user_groups))
return render_template('admin/userbrowser.html', user_accounts=user_accounts, title_name=_(u"Users"))
def _handleContinuationVerify(self):
"""
Handles the first stage continuation.
"""
# the consumer object with an in-memory storage
oid_consumer = consumer.Consumer(session, self.store)
# a dict containing the parsed query string
query = {}
for key in request.values.keys():
query[key] = request.values.get(key)
# the current url (w/o query string)
url = get_multistage_continuation_url(self.name, {'oidstage': '1'})
# we get the info about the authentication
oid_info = oid_consumer.complete(query, url)
# the identity we've retrieved from the response
if oid_info.status == consumer.FAILURE:
# verification has failed
# return an error message with description of error
logging.debug("OpenIDError: {0}".format(oid_info.message))
error_message = _('OpenID Error')
return CancelLogin(error_message)
elif oid_info.status == consumer.CANCEL:
logging.debug("OpenID verification cancelled.")
# verification was cancelled
# return error
return CancelLogin(_('OpenID verification cancelled.'))
elif oid_info.status == consumer.SUCCESS:
logging.debug('OpenID success. id: {0}'.format(
oid_info.identity_url))
# we get the provider's url
# and the list of trusted providers
trusted = self._trusted_providers
server = oid_info.endpoint.server_url
if server in trusted or not trusted:
# the provider is trusted or all providers are trusted
# we have successfully authenticated our openid
# we get the user with this openid associated to him
identity = oid_info.identity_url
users = user.search_users(openid=identity)
user_obj = users and user.User(users[0][ITEMID],
trusted=self.trusted)
# if the user actually exists
if user_obj:
# we get the authenticated user object
# success!
user_obj.auth_method = self.name
return ContinueLogin(user_obj)
# there is no user with this openid
else:
# redirect the user to registration
return MultistageRedirectLogin(
url_for('frontend.register',
_external=True,
openid_openid=identity,
openid_submit='1'))
# not trusted
return ContinueLogin(None,
_('This OpenID provider is not trusted.'))
else:
logging.debug("OpenID failure")
# the auth failed miserably
return CancelLogin(_('OpenID failure.'))
def _handleContinuationVerify(self):
"""
Handles the first stage continuation.
"""
# the consumer object with an in-memory storage
oid_consumer = consumer.Consumer(session, self.store)
# a dict containing the parsed query string
query = {}
for key in request.values.keys():
query[key] = request.values.get(key)
# the current url (w/o query string)
url = get_multistage_continuation_url(self.name, {'oidstage': '1'})
# we get the info about the authentication
oid_info = oid_consumer.complete(query, url)
# the identity we've retrieved from the response
if oid_info.status == consumer.FAILURE:
# verification has failed
# return an error message with description of error
logging.debug("OpenIDError: {0}".format(oid_info.message))
error_message = _('OpenID Error')
return CancelLogin(error_message)
elif oid_info.status == consumer.CANCEL:
logging.debug("OpenID verification cancelled.")
# verification was cancelled
# return error
return CancelLogin(_('OpenID verification cancelled.'))
elif oid_info.status == consumer.SUCCESS:
logging.debug('OpenID success. id: {0}'.format(oid_info.identity_url))
# we get the provider's url
# and the list of trusted providers
trusted = self._trusted_providers
server = oid_info.endpoint.server_url
if server in trusted or not trusted:
# the provider is trusted or all providers are trusted
# we have successfully authenticated our openid
# we get the user with this openid associated to him
identity = oid_info.identity_url
users = user.search_users(openid=identity)
user_obj = users and user.User(users[0][ITEMID], trusted=self.trusted)
# if the user actually exists
if user_obj:
# we get the authenticated user object
# success!
user_obj.auth_method = self.name
return ContinueLogin(user_obj)
# there is no user with this openid
else:
# redirect the user to registration
return MultistageRedirectLogin(url_for('frontend.register',
_external=True,
openid_openid=identity,
openid_submit='1'
))
# not trusted
return ContinueLogin(None, _('This OpenID provider is not trusted.'))
else:
logging.debug("OpenID failure")
# the auth failed miserably
return CancelLogin(_('OpenID failure.'))
