Exemple #1
0
    def _newLink(self, vestigings_sleutel, webservice):
        session = Session()
        # Check if there is an account from another regelhulp for the same
        # vestiging.
        account = session.query(model.Account)\
            .filter(model.Account.loginname == vestigings_sleutel)\
            .first()
        if account is None:
            # Create a new account
            account = model.Account(
                    loginname=vestigings_sleutel,
                    password=None)
            session.add(account)
            session.flush()  # Make sure account.id is set
        log.info('Created new OD account %s for %s', account.loginname, self.url())

        # Login with the account
        newSecurityManager(None, account)
        pas = getToolByName(self.context, 'acl_users')
        pas.updateCredentials(self.request, self.response, account.loginname, None)

        # And start a new survey
        survey = aq_inner(self.context)
        ss = SessionManager.start(title=survey.Title(), survey=survey)
        Session.add(OdLink(
            session=ss,
            vestigings_sleutel=vestigings_sleutel,
            webservice=webservice))
        v_url = urlparse.urlsplit(survey.absolute_url() + '/od-new').path
        trigger_extra_pageview(self.request, v_url)
        self.request.response.redirect('%s/start' % survey.absolute_url())
Exemple #2
0
 def _NewSurvey(self, info):
     """Utility method to start a new survey session."""
     survey = aq_inner(self.context)
     title = info.get("title", u"").strip()
     if not title:
         title = survey.Title()
     SessionManager.start(title=title, survey=survey)
     v_url = urlparse.urlsplit(self.url()+'/resume').path
     trigger_extra_pageview(self.request, v_url)
     self.request.response.redirect("%s/start" % survey.absolute_url())
Exemple #3
0
 def _start(self, link):
     pas = getToolByName(self.context, 'acl_users')
     pas.updateCredentials(self.request, self.response,
             link.session.account.loginname, None)
     newSecurityManager(None, link.session.account)
     SessionManager.resume(link.session)
     survey = self.request.client.restrictedTraverse(str(link.session.zodb_path))
     v_url = urlparse.urlsplit(self.url() + '/od-resume').path
     trigger_extra_pageview(self.request, v_url)
     self.request.response.redirect("%s/resume" % survey.absolute_url())
Exemple #4
0
 def _NewSurvey(self, info):
     """Utility method to start a new survey session."""
     survey = aq_inner(self.context)
     title = info.get("title", u"").strip()
     if not title:
         title = survey.Title()
     SessionManager.start(title=title, survey=survey)
     v_url = urlparse.urlsplit(self.url() + '/resume').path
     trigger_extra_pageview(self.request, v_url)
     self.request.response.redirect("%s/start?initial_view=1" %
                                    survey.absolute_url())
Exemple #5
0
    def _tryRegistration(self):
        reply = self.request.form
        loginname = reply.get("email")
        if not loginname:
            self.errors["email"] = _(
                "error_missing_email",
                default=u"Please enter your email address")
        elif not EMAIL_RE.match(loginname):
            self.errors["email"] = _(
                "error_invalid_email",
                default=u"Please enter a valid email address")
        if not reply.get("password1"):
            self.errors["password"] = _("error_missing_password",
                                        default=u"Please enter a password")
        elif reply.get("password1") != reply.get("password2"):
            self.errors["password"] = _("error_password_mismatch",
                                        default=u"Passwords do not match")
        if self.errors:
            return False

        session = Session()
        loginname = loginname.lower()
        account = session.query(model.Account)\
                .filter(model.Account.loginname == loginname).count()
        if account:
            self.errors["email"] = _(
                "error_email_in_use",
                default=u"An account with this email address already exists.")
            return False

        pm = getToolByName(self.context, "portal_membership")
        if pm.getMemberById(loginname) is not None:
            self.errors["email"] = _(
                "error_email_in_use",
                default=u"An account with this email address already exists.")
            return False

        guest_session_id = self.request.form.get('guest_session_id')
        if guest_session_id:
            account = getSecurityManager().getUser()
            account.loginname = loginname
            account.password = reply.get("password1")
            account.account_type = config.CONVERTED_ACCOUNT
        else:
            account = model.Account(loginname=loginname,
                                    password=reply.get("password1"))
        Session().add(account)
        log.info("Registered new account %s", loginname)
        v_url = urlparse.urlsplit(self.url() + '/success').path
        trigger_extra_pageview(self.request, v_url)
        return account
Exemple #6
0
 def _ContinueSurvey(self, info):
     """Utility method to continue an existing session."""
     session = Session.query(model.SurveySession).get(info["session"])
     current_user = aq_base(getSecurityManager().getUser())
     if session.account is not current_user:
         log.warn('User %s tried to hijack session from %s',
                 getattr(current_user, 'loginname', repr(current_user)),
                 session.account.loginname)
         raise Unauthorized()
     SessionManager.resume(session)
     survey = self.request.client.restrictedTraverse(str(session.zodb_path))
     v_url = urlparse.urlsplit(self.url()+'/resume').path
     trigger_extra_pageview(self.request, v_url)
     self.request.response.redirect("%s/resume" % survey.absolute_url())
Exemple #7
0
    def _tryRegistration(self):
        reply = self.request.form
        loginname = reply.get("email")
        if not loginname:
            self.errors["email"] = _("error_missing_email",
                    default=u"Please enter your email address")
        elif not EMAIL_RE.match(loginname):
            self.errors["email"] = _("error_invalid_email",
                    default=u"Please enter a valid email address")
        if not reply.get("password1"):
            self.errors["password"] = _("error_missing_password",
                    default=u"Please enter a password")
        elif reply.get("password1") != reply.get("password2"):
            self.errors["password"] = _("error_password_mismatch",
                    default=u"Passwords do not match")
        if self.errors:
            return False

        session = Session()
        loginname = loginname.lower()
        account = session.query(model.Account)\
                .filter(model.Account.loginname == loginname).count()
        if account:
            self.errors["email"] = _("error_email_in_use",
                default=u"An account with this email address already exists.")
            return False

        pm = getToolByName(self.context, "portal_membership")
        if pm.getMemberById(loginname) is not None:
            self.errors["email"] = _("error_email_in_use",
                default=u"An account with this email address already exists.")
            return False

        guest_session_id = self.request.form.get('guest_session_id')
        if guest_session_id:
            account = getSecurityManager().getUser()
            account.loginname = loginname
            account.password = reply.get("password1")
            account.account_type = config.CONVERTED_ACCOUNT
        else:
            account = model.Account(
                loginname=loginname,
                password=reply.get("password1")
            )
        Session().add(account)
        log.info("Registered new account %s", loginname)
        v_url = urlparse.urlsplit(self.url()+'/success').path
        trigger_extra_pageview(self.request, v_url)
        return account
Exemple #8
0
 def _ContinueSurvey(self, info):
     """Utility method to continue an existing session."""
     session = Session.query(model.SurveySession).get(info["session"])
     current_user = aq_base(getSecurityManager().getUser())
     if session.account is not current_user:
         log.warn('User %s tried to hijack session from %s',
                  getattr(current_user, 'loginname', repr(current_user)),
                  session.account.loginname)
         raise Unauthorized()
     SessionManager.resume(session)
     survey = self.request.client.restrictedTraverse(str(session.zodb_path))
     v_url = urlparse.urlsplit(self.url() + '/resume').path
     trigger_extra_pageview(self.request, v_url)
     self.request.response.redirect("%s/resume?initial_view=1" %
                                    survey.absolute_url())
Exemple #9
0
    def update(self):
        context = aq_inner(self.context)
        came_from = self.request.form.get("came_from")
        if came_from:
            if isinstance(came_from, list):
                # If came_from is both in the querystring and the form data
                came_from = came_from[0]
            self.setLanguage(came_from)
        else:
            came_from = aq_parent(context).absolute_url()

        account = getSecurityManager().getUser()
        appconfig = component.getUtility(IAppConfig)
        settings = appconfig.get('euphorie')
        self.allow_guest_accounts = settings.get('allow_guest_accounts', False)

        if self.request.environ["REQUEST_METHOD"] == "POST":
            reply = self.request.form
            if reply["next"] == "previous":
                next = aq_parent(aq_inner(context)).absolute_url()
                self.response.redirect(next)
                return

            if isinstance(account, model.Account) and \
                    account.getUserName() == reply.get("__ac_name", '').lower():

                self.transferGuestSession(reply.get('guest_session_id'))
                self.login(account, bool(self.request.form.get('remember')))
                v_url = urlparse.urlsplit(self.url()+'/success').path
                trigger_extra_pageview(self.request, v_url)

                if checkTermsAndConditions() and \
                        not approvedTermsAndConditions(account):
                    self.response.redirect(
                        "%s/terms-and-conditions?%s" %
                        (context.absolute_url(),
                            urllib.urlencode({"came_from": came_from})))
                else:
                    self.response.redirect(came_from)
                return
            self.error = True

        self.reminder_url = "%s/@@reminder?%s" % (context.absolute_url(),
                urllib.urlencode({'came_from': came_from}))
        self.register_url = "%s/@@register?%s" % (context.absolute_url(),
                urllib.urlencode({'came_from': came_from}))
        self.tryout_url = "%s/@@tryout?%s" % (context.absolute_url(),
                urllib.urlencode({'came_from': came_from}))
Exemple #10
0
    def update(self):
        context = aq_inner(self.context)
        came_from = self.request.form.get("came_from")
        if came_from:
            if isinstance(came_from, list):
                # If came_from is both in the querystring and the form data
                came_from = came_from[0]
            self.setLanguage(came_from)
        else:
            came_from = aq_parent(context).absolute_url()

        account = getSecurityManager().getUser()
        appconfig = component.getUtility(IAppConfig)
        settings = appconfig.get('euphorie')
        self.allow_guest_accounts = settings.get('allow_guest_accounts', False)

        if self.request.environ["REQUEST_METHOD"] == "POST":
            reply = self.request.form
            if reply["next"] == "previous":
                next = aq_parent(aq_inner(context)).absolute_url()
                self.response.redirect(next)
                return

            if isinstance(account, model.Account) and \
                    account.getUserName() == reply.get("__ac_name", '').lower():

                self.transferGuestSession(reply.get('guest_session_id'))
                self.login(account, bool(self.request.form.get('remember')))
                v_url = urlparse.urlsplit(self.url() + '/success').path
                trigger_extra_pageview(self.request, v_url)

                if checkTermsAndConditions() and \
                        not approvedTermsAndConditions(account):
                    self.response.redirect(
                        "%s/terms-and-conditions?%s" %
                        (context.absolute_url(),
                         urllib.urlencode({"came_from": came_from})))
                else:
                    self.response.redirect(came_from)
                return
            self.error = True

        self.reminder_url = "%s/@@reminder?%s" % (
            context.absolute_url(), urllib.urlencode({'came_from': came_from}))
        self.register_url = "%s/@@register?%s" % (
            context.absolute_url(), urllib.urlencode({'came_from': came_from}))
        self.tryout_url = "%s/@@tryout?%s" % (
            context.absolute_url(), urllib.urlencode({'came_from': came_from}))
Exemple #11
0
    def _continue(self, session_id, vestigings_sleutel, webservice):
        session = Session.query(model.SurveySession).get(session_id)
        account = aq_base(getSecurityManager().getUser())
        if session.account is not account:
            log.warn('User %s tried to hijack session from %s',
                    getattr(account, 'loginname', repr(account)),
                    session.account.loginname)
            raise Unauthorized()

        Session.add(OdLink(
            session=session,
            vestigings_sleutel=vestigings_sleutel,
            webservice=webservice))

        SessionManager.resume(session)
        survey = self.request.client.restrictedTraverse(str(session.zodb_path))
        v_url = urlparse.urlsplit(self.url() + '/od-link').path
        trigger_extra_pageview(self.request, v_url)
        self.request.response.redirect("%s/resume" % survey.absolute_url())
Exemple #12
0
 def update(self):
     came_from = self.request.form.get("came_from")
     if not came_from:
         return self.request.response.redirect(api.portal.get().absolute_url())
     account = self.createGuestAccount()
     self.login(account, False)
     client_url = self.request.client.absolute_url()
     came_from = came_from.replace(client_url, '')
     if came_from.startswith('/'):
         came_from = came_from[1:]
     try:
         survey = self.context.restrictedTraverse(came_from)
     except KeyError:
         survey = None
     if not ISurvey.providedBy(survey):
         return self.request.response.redirect(came_from)
     title = survey.Title()
     SessionManager.start(title=title, survey=survey, account=account)
     survey_url = survey.absolute_url()
     v_url = urlparse.urlsplit(survey_url + '/resume').path
     trigger_extra_pageview(self.request, v_url)
     self.request.response.redirect("%s/start" % survey_url)
Exemple #13
0
 def update(self):
     came_from = self.request.form.get("came_from")
     if not came_from:
         return self.request.response.redirect(
             api.portal.get().absolute_url())
     account = self.createGuestAccount()
     self.login(account, False)
     client_url = self.request.client.absolute_url()
     came_from = came_from.replace(client_url, '')
     if came_from.startswith('/'):
         came_from = came_from[1:]
     try:
         survey = self.context.restrictedTraverse(came_from)
     except KeyError:
         survey = None
     if not ISurvey.providedBy(survey):
         return self.request.response.redirect(came_from)
     title = survey.Title()
     SessionManager.start(title=title, survey=survey, account=account)
     survey_url = survey.absolute_url()
     v_url = urlparse.urlsplit(survey_url + '/resume').path
     trigger_extra_pageview(self.request, v_url)
     self.request.response.redirect("%s/start" % survey_url)
Exemple #14
0
    def __call__(self):
        context = aq_inner(self.context)
        self.errors = {}

        form = self.request.form

        came_from = self.webhelpers.get_came_from(
            default=self.webhelpers.country_url)
        self.setLanguage(came_from)

        account = get_current_account()
        self.allow_guest_accounts = api.portal.get_registry_record(
            "euphorie.allow_guest_accounts", default=False)
        lang = api.portal.get_current_language()

        self.show_whofor = False if lang in ("fr", ) else True
        self.show_what_to_do = False if lang in ("fr", ) else True
        self.show_how_long = False if lang in ("fr", ) else True
        self.show_why_register = True
        self.show_prepare = False if lang in ("fr", ) else True

        if self.request.method == "POST":
            if form.get("action") == "login":
                if (isinstance(account, model.Account)
                        and account.getUserName() == form.get("__ac_name",
                                                              "").lower()):
                    self.transferGuestSession()
                    self.login(account,
                               bool(self.request.form.get("remember")))
                    v_url = urlsplit(self.request.URL +
                                     "/success").path.replace("@@", "")
                    trigger_extra_pageview(self.request, v_url)
                else:
                    self.error = True

            elif form.get("action") == "register":
                account = self._tryRegistration()
                if account:
                    pas = getToolByName(self.context, "acl_users")
                    pas.updateCredentials(
                        self.request,
                        self.request.response,
                        account.getUserName(),
                        account.password,
                    )
                else:
                    self.error = True

            if not self.error:
                if api.portal.get_registry_record(
                        "euphorie.terms_and_conditions", default=False
                ) and not approvedTermsAndConditions(account):
                    self.request.RESPONSE.redirect(
                        "{0}/terms-and-conditions?{1}".format(
                            context.absolute_url(),
                            urlencode({"came_from": came_from}),
                        ))
                else:
                    self.request.RESPONSE.redirect(came_from)
                return

        self.reset_password_request_url = "{0}/@@reset_password_request?{1}".format(
            context.absolute_url(),
            urlencode({"came_from": came_from}),
        )
        self.register_url = "{0}/@@login#registration?{1}".format(
            context.absolute_url(),
            urlencode({"came_from": came_from}),
        )
        self.tryout_url = "{0}/@@tryout?{1}".format(
            context.absolute_url(),
            urlencode({"came_from": came_from}),
        )

        return self.index()
Exemple #15
0
    def _tryRegistration(self):
        if not self.webhelpers.allow_self_registration:
            raise Unauthorized("No self registration allowed.")
        form = self.request.form
        loginname = form.get("email")
        if not loginname:
            self.errors["email"] = _("error_missing_email",
                                     default="Please enter your email address")
        elif not EMAIL_RE.match(loginname):
            self.errors["email"] = _(
                "error_invalid_email",
                default="Please enter a valid email address")
        if not form.get("password1"):
            self.errors["password"] = _("error_missing_password",
                                        default="Please enter a password")
        elif form.get("password1") != form.get("password2"):
            self.errors["password"] = _("error_password_mismatch",
                                        default="Passwords do not match")
        else:
            policy_error = self.check_password_policy(form.get("password1"))
            if policy_error:
                self.errors["password"] = policy_error
        if not form.get("terms"):
            self.errors["terms"] = _(
                "error_terms_not_accepted",
                default=
                "An accout can only be created for you if you accept the "
                "terms and conditions.",
            )

        if self.errors:
            return False

        # Check honeypot fields
        if form.get("user_name") or form.get("user_email"):
            return False

        session = Session()
        loginname = loginname.lower()
        account = (session.query(model.Account).filter(
            model.Account.loginname == loginname).count())
        if account:
            self.errors["email"] = _(
                "error_email_in_use",
                default="An account with this email address already exists.",
            )
            return False

        pm = getToolByName(self.context, "portal_membership")
        if pm.getMemberById(loginname) is not None:
            self.errors["email"] = _(
                "error_email_in_use",
                default="An account with this email address already exists.",
            )
            return False

        account = get_current_account()
        if account and account.account_type == config.GUEST_ACCOUNT:
            account.loginname = loginname
            account.password = form.get("password1")
            account.account_type = config.CONVERTED_ACCOUNT
            account.created = datetime.datetime.now()
            account.tc_approved = 1
            account.first_name = form.get("first_name")
            account.last_name = form.get("last_name")
            msg = _(
                "An account was created for you with email address ${email}",
                mapping={"email": loginname},
            )
            api.portal.show_message(msg, self.request, "success")
        else:
            account = model.Account(
                loginname=loginname,
                password=form.get("password1"),
                tc_approved=1,
                first_name=form.get("first_name"),
                last_name=form.get("last_name"),
            )
            Session().add(account)
        log.info("Registered new account %s", loginname)
        v_url = urlsplit(self.request.URL + "/success").path.replace("@@", "")
        trigger_extra_pageview(self.request, v_url)
        return account