def copy_file(box_name, id, rev, user_id):
user = current_user
if user_id == str(current_user.id):
user_id = None
else:
if not current_user.is_consultant:
raise Forbidden()
user = User.by_id(user_id)
filename = request.form.get('filename', False)
if (not filename):
flash(_("copy not possible"), 'error')
return redirect(
url_for("boxes.files", box_name=box_name, user_id=user_id))
customer_id = request.form.get('boxes', False)
if customer_id:
customer = User.by_id(customer_id)
user = current_user
couch_box = get_couch_box_db(user, 'file')
target_box_name = get_couch_box_db(customer, 'download')
else:
customer = current_user
user = User.by_id(user_id)
couch_box = get_couch_box_db(user, 'upload')
target_box_name = get_couch_box_db(customer, 'file')
user_couch = CouchFileBox(current_app.config.get('COUCH_DB_URL'),
couch_box)
user_couch.copy(id, filename, target_box_name=target_box_name)
flash(_("file copied"), 'success')
return redirect(url_for("boxes.files", box_name=box_name, user_id=user_id))
def copy_file(box_name, id, rev, user_id):
user = current_user
if user_id == str(current_user.id):
user_id = None
else:
if not current_user.is_consultant:
raise Forbidden()
user = User.by_id(user_id)
filename = request.form.get('filename', False)
if (not filename):
flash(_("copy not possible"), 'error')
return redirect(url_for("boxes.files", box_name=box_name, user_id=user_id))
customer_id = request.form.get('boxes', False)
if customer_id:
customer = User.by_id(customer_id)
user = current_user
couch_box = get_couch_box_db(user, 'file')
target_box_name = get_couch_box_db(customer, 'download')
else:
customer = current_user
user = User.by_id(user_id)
couch_box = get_couch_box_db(user, 'upload')
target_box_name = get_couch_box_db(customer, 'file')
user_couch = CouchFileBox(current_app.config.get('COUCH_DB_URL'), couch_box)
user_couch.copy(id, filename, target_box_name=target_box_name)
flash(_("file copied"), 'success')
return redirect(url_for("boxes.files", box_name=box_name, user_id=user_id))
def files(box_name, user_id=None):
form = UploadForm()
user = current_user
if user_id:
if not current_user.is_consultant:
raise Forbidden()
user = User.by_id(user_id)
couch_box = get_couch_box_db(user, box_name)
couch = CouchFileBox(current_app.config.get('COUCH_DB_URL'), couch_box)
if form.validate_on_submit():
file = request.files['file']
overwrite = True if request.form.get('overwrite') == 'true' else False
if file:
data = get_file_information(file)
if data:
couch.store_file(data, overwrite=overwrite)
flash(_('upload success'), 'success')
else:
flash(_('file type not allowed'), 'error')
files = couch.all_files()
for f in files:
f['download_link'] = couchid_to_authproxy_url(f['id'], couch_box=couch_box)
return render_template("boxes/%s.html" % box_name, form=form, user=user, files=files, box_name=box_name, user_id=user_id)
def files(box_name, user_id=None):
form = UploadForm()
copy_form = CopyFileForm()
user = current_user
if user_id:
if not current_user.is_consultant:
raise Forbidden()
user = User.by_id(user_id)
couch_box = get_couch_box_db(user, box_name)
couch = CouchFileBox(current_app.config.get('COUCH_DB_URL'), couch_box)
if form.validate_on_submit():
file = request.files['file']
overwrite = True if request.form.get('overwrite') == 'true' else False
if file:
data = get_file_information(file)
if data:
couch.store_file(data, overwrite=overwrite)
flash(_('upload success'), 'success')
else:
flash(_('file type not allowed'), 'error')
files = couch.all_files()
for f in files:
f['download_link'] = couchid_to_authproxy_url(f['id'],
couch_box=couch_box)
return render_template("boxes/%s.html" % box_name,
form=form,
copy_form=copy_form,
user=user,
files=files,
box_name=box_name,
user_id=user_id)
def reset_user_password(user_id):
user = User.by_id(user_id)
form = RecoverSetForm()
if form.validate_on_submit():
user.update_password(form.password.data)
db.session.commit()
flash(_('Password reset', username=user.email), 'success')
return render_template('admin/reset_user_password.html', form=form, user=user)
def reset_user_password(id):
form = RecoverSetForm()
if form.validate_on_submit():
user = User.by_id(id)
user.update_password(form.password.data)
db.session.commit()
flash( _('Password reset', username=user.realname), 'success')
return redirect(url_for('admin.user_detail', id=id))
return render_template('admin/reset_user_password.html', form=form)
def remove_user(id):
user = User.by_id(id)
if request.method == 'POST':
email = user.email
db.session.delete(user)
db.session.commit()
flash( _('User removed', username=email), "success")
return redirect(url_for('admin.user_list'))
return render_template('admin/remove_user.html', user=user)
def edit_user(user_id):
user = User.by_id(user_id)
form = EditAddressForm(request.form, user)
form.federal_state.choices = current_app.config['FEDERAL_STATES']
form.title.choices = current_app.config['SALUTATIONS']
if form.validate_on_submit():
user.set_user_data(form.data)
db.session.commit()
flash(_('User edited', username=user.email), 'success')
return render_template('admin/edit_user.html', form=form, user=user)
def check_file_exists(box_name, user_id):
user = current_user
if user_id != str(current_user.id):
if not current_user.is_consultant:
raise Forbidden()
user = User.by_id(user_id)
couch_box = get_couch_box_db(user, box_name)
couch = CouchFileBox(current_app.config.get('COUCH_DB_URL'), couch_box)
existing_doc = couch.get(request.form['filename'])
if existing_doc:
return jsonify(existing=True)
return jsonify(existing=False)
def activate_user(id):
user = User.by_id(id)
user.active = True
db.session.commit()
send_mail(
_("Account activated mail subject"),
render_template("user/activated_mail.txt", user=user, _external=True),
[user.email]
)
flash(_('User activated', email=user.email), 'success')
return redirect(url_for("admin.user_detail", id=id))
def check_file_exists(box_name, user_id):
user = current_user
if user_id != str(current_user.id):
if not current_user.is_consultant:
raise Forbidden()
user = User.by_id(user_id)
couch_box = get_couch_box_db(user, box_name)
couch = CouchFileBox(current_app.config.get('COUCH_DB_URL'), couch_box)
existing_doc = couch.get(request.form['filename'])
if existing_doc:
return jsonify(existing=True)
return jsonify(existing=False)
def delete_file(box_name, id, rev, user_id):
user = current_user
if user_id == str(current_user.id):
user_id = None
else:
if not current_user.is_consultant:
raise Forbidden()
user = User.by_id(user_id)
couch_box = get_couch_box_db(user, box_name)
couch = CouchFileBox(current_app.config.get('COUCH_DB_URL'), couch_box)
couch.delete(id, rev)
flash(_("file deleted"), 'success')
return redirect(url_for("boxes.files", box_name=box_name, user_id=user_id))
def activate_user(user_id):
user = User.by_id(user_id)
user.verified = True
user.active = True
db.session.commit()
send_mail(
_("Account activated mail subject"),
render_template("user/activated_mail.txt", user=user, _external=True),
[user.email]
)
flash(_('User activated %(email)s', email=user.email), 'success')
return redirect(request.args.get("next") or url_for("admin.inactive_users_list"))
def edit_user(id):
user = User.by_id(id)
form = EditAddressForm(request.form, user)
if form.validate_on_submit():
user.realname = form.data['realname']
user.florlp_name = form.data['florlp_name']
user.street = form.data['street']
user.housenumber = form.data['housenumber']
user.zipcode = form.data['zipcode']
user.city = form.data['city']
db.session.commit()
flash( _('User edited', username=user.realname), 'success')
return redirect(url_for("admin.user_detail", id=id))
return render_template('admin/edit_user.html', form=form)
def delete_file(box_name, id, rev, user_id):
user = current_user
if user_id == str(current_user.id):
user_id = None
else:
if not current_user.is_consultant:
raise Forbidden()
user = User.by_id(user_id)
couch_box = get_couch_box_db(user, box_name)
couch = CouchFileBox(current_app.config.get('COUCH_DB_URL'), couch_box)
couch.delete(id, rev)
flash(_("file deleted"), 'success')
return redirect(url_for("boxes.files", box_name=box_name, user_id=user_id))
def remove_user(user_id):
user = User.by_id(user_id)
if user == current_user:
flash(_('Self-User cannot be removed', 'success'))
return render_template('admin/remove_user.html', user=user)
if request.method == 'POST':
email = user.email
db.session.delete(user)
db.session.commit()
flash(_('User was removed %(email)s', email=email), 'success')
return redirect(request.args.get("next") or url_for("admin.inactive_users_list"))
return render_template('admin/remove_user.html', user=user)
def send_verifymail(id):
user = User.by_id(id)
if not user or user.verified:
raise NotFound()
verify = EmailVerification.verify(user)
db.session.add(verify)
db.session.commit()
send_mail(
_("Email verification mail subject"),
render_template("user/verify_mail.txt", user=user, verify=verify, _external=True),
[user.email]
)
flash(_('email verification was sent successfully'), 'success')
return redirect(url_for(".login"))
def send_verifymail(id):
user = User.by_id(id)
if not user or user.verified:
raise NotFound()
verify = EmailVerification.verify(user)
db.session.add(verify)
db.session.commit()
send_mail(
_("Email verification mail subject"),
render_template("user/verify_mail.txt",
user=user,
verify=verify,
_external=True), [user.email])
flash(_('email verification was sent successfully'), 'success')
return redirect(url_for(".login"))
def logs(page=1, user_id=False):
form = DownloadLogsForm()
query = Log.query
if user_id:
user = User.by_id(user_id)
query = query.filter_by(user=user)
if request.method == 'POST' and form.validate():
data = request.form
access_start = data.get('access_start', False)
access_end = data.get('access_end', False)
button_action = data.get('button-action', 'show-table')
if access_start:
query = query.filter(Log.time >= access_start)
if access_end:
query = query.filter(Log.time < access_end)
query = query.order_by(desc(Log.time))
if button_action == 'show-table':
results = query.paginate(page, current_app.config["USER_PER_PAGE"])
else:
results = query.all()
csv = log_spec_to_csv(
logs=results,
csv_headers=current_app.config['LOG_CSV_HEADER']
)
filename = 'geobox-access-%s.csv' % (to_user_timezone(datetime.utcnow()).strftime('%Y%m%d-%H%M%S'))
resp = Response(
csv,
headers={
'Content-type': 'application/octet-stream',
'Content-disposition': 'attachment; filename=%s' % filename})
return resp
else:
results = query.paginate(page, current_app.config["USER_PER_PAGE"])
if user_id:
return render_template('admin/user_log.html', user=user, logs=results)
return render_template('admin/logs.html', form=form, logs=results)
def verify_wait(id):
user = User.by_id(id)
if not user or user.verified:
raise NotFound()
return render_template("user/verify_wait.html", user_id=id)
def loging_as(id):
user = User.by_id(id)
login_user(user)
session['authproxy_token'] = user.authproxy_token
return redirect(url_for("user.home"))
def verify_user(id):
user = User.by_id(id)
user.verified = True
db.session.commit()
flash(_('User verified', email=user.email), 'success')
return redirect(url_for("admin.user_detail", id=id))
def user_detail(id):
user = User.by_id(id)
return render_template('admin/user_detail.html', user=user)
def user_log(id):
user = User.by_id(id)
result = db.session.query(Log, Log.geometry.envelope().wkt).filter_by(user=user).all()
return render_template('admin/user_log.html', logs=result)
def load_user(userid):
if request_for_static():
return DummyUser(userid)
if request.blueprint == 'authproxy':
return DummyUser(userid)
return User.by_id(userid)
def user_detail(user_id):
user = User.by_id(user_id)
return render_template('admin/user_detail.html', user=user)
def load_user(userid):
if request_for_static():
return DummyUser(userid)
if request.blueprint == 'authproxy':
return DummyUser(userid)
return User.by_id(userid)
def deactivate_user(user_id):
user = User.by_id(user_id)
user.active = False
db.session.commit()
flash(_('User deactivate %(email)s', email=user.email), 'success')
return redirect(request.args.get("next") or url_for("admin.inactive_users_list"))
def verify_wait(id):
user = User.by_id(id)
if not user or user.verified:
raise NotFound()
return render_template("user/verify_wait.html", user_id=id)
