def user():
""" Info on the currently logged in user. """
if current_user.is_anonymous():
raise ApiException(401, "not authenticated")
user = serializers.to_dict(current_user)
user['authentication_token'] = current_user.get_auth_token()
return send_api_response({'current_user': user})
def zupc():
if request.method != "GET":
abort(405, message="method now allowed")
if request_wants_json():
abort(400, message="bad format")
roles_accepted = set(['admin', 'mairie', 'prefecture', 'operateur'])
if current_user.is_anonymous() or\
len(roles_accepted.intersection(current_user.roles)) == 0:
abort(403)
page = int(request.args.get('page')) if 'page' in request.args else 1
return render_template('lists/zupc.html',
zupc_list=administrative_models.ZUPC.query.paginate(page))
def api_resource(resource_id, base_query):
try:
resource = base_query.filter_by(id=resource_id).one()
except NoResultFound:
raise ApiException(404, "Not found")
status_code = 200
if resource == "committee-meeting":
if not resource.check_permission():
if current_user.is_anonymous():
status_code = 401 # Unauthorized, i.e. authentication is required
else:
status_code = 403 # Forbidden, i.e. the user is not subscribed
return send_api_response(serializers.queryset_to_json(resource),
status_code=status_code)
def inject_user():
if current_user.is_anonymous():
return dict(SERIALIZED_USER='******')
return dict(SERIALIZED_USER=CurrentUser().dumps(current_user).data)
def inject_user():
if current_user.is_anonymous():
return dict(SERIALIZED_USER='******')
return dict(SERIALIZED_USER=CurrentUser().dumps(current_user).data)
def _handle_view(self, name, **kwargs):
if not self.is_accessible() and current_user.is_anonymous():
return redirect(url_for_security('login', next=url_for(".%s" % name)))
if not self.is_accessible() and current_user.is_authenticated():
abort(403)
def index():
"""The Main page"""
if current_user.is_anonymous():
return render_template("site/index.html")
else:
return redirect("/manager/bookmark")
def forbidden(error):
if not current_user.is_anonymous():
logger.fatal("reject user [%s]" % current_user)
logger.fatal("reject host [%s]" % request.remote_addr)
return "forbidden. you ip address is %s" % request.remote_addr, 403
def load_identity_from_weird_usecase():
if current_user.is_anonymous():
return AnonymousIdentity()
else:
return Identity(current_user.get_id())
def index():
'''The Main page'''
if current_user.is_anonymous():
return render_template("site/index.html")
else:
return redirect("/manager/bookmark")
def forbidden(error):
if not current_user.is_anonymous():
logger.fatal("reject user [%s]" % current_user)
logger.fatal("reject host [%s]" % request.remote_addr)
return "forbidden. you ip address is %s" % request.remote_addr, 403
