def update_profile(): """ Update user's profile. Returns Jinja2 template. """ form = UpdateProfileForm(obj=current_user) form.set_locales(current_app.config["LOCALES"]) form.populate_obj(current_user) if request.method == "GET": title_msg = "Update your profile: %s" % current_user.fullname return render_template("account/update.html", title=title_msg, form=form) else: form = UpdateProfileForm(request.form) form.set_locales(current_app.config["LOCALES"]) if form.validate(): new_profile = model.User( id=form.id.data, fullname=form.fullname.data, name=form.name.data, email_addr=form.email_addr.data, locale=form.locale.data, ckan_api=form.ckan_api.data, ) db.session.query(model.User).filter(model.User.id == current_user.id).first() db.session.merge(new_profile) db.session.commit() cached_users.delete_user_summary(current_user.name) flash(gettext("Your profile has been updated!"), "success") return redirect(url_for(".profile")) else: flash(gettext("Please correct the errors"), "error") title_msg = "Update your profile: %s" % current_user.fullname return render_template("/account/update.html", form=form, title=title_msg)
def set(self, user, update_repo=True): """Set a Gravatar for a user. Parameters ---------- user : User The PyBossa user. update_repo : bool, optional True to save changes, False otherwise (the default is True). """ url = self._get_url(user) now = time.time() filename = secure_filename('{0}_avatar.png'.format(now)) container = 'user_{0}'.format(user.id) self._download(filename, container, url) if not user.info: # pragma: no cover user.info = dict() user.info['avatar'] = filename user.info['container'] = container if update_repo: user_repo.update(user) cached_users.delete_user_summary(user.name)
def _handle_avatar_update(user, avatar_form): if avatar_form.validate_on_submit(): _file = request.files['avatar'] coordinates = (avatar_form.x1.data, avatar_form.y1.data, avatar_form.x2.data, avatar_form.y2.data) prefix = time.time() _file.filename = "%s_avatar.png" % prefix container = "user_%s" % user.id uploader.upload_file(_file, container=container, coordinates=coordinates) # Delete previous avatar from storage if user.info.get('avatar'): uploader.delete_file(user.info['avatar'], container) upload_method = current_app.config.get('UPLOAD_METHOD') avatar_url = get_avatar_url(upload_method, _file.filename, container) user.info['avatar'] = _file.filename user.info['container'] = container user.info['avatar_url'] = avatar_url user_repo.update(user) cached_users.delete_user_summary(user.name) flash( gettext('Your avatar has been updated! It may \ take some minutes to refresh...'), 'success') return True else: flash("You have to provide an image file to update your avatar", "error") return False
def _handle_avatar_update(user, avatar_form): if avatar_form.validate_on_submit(): _file = request.files['avatar'] coordinates = (avatar_form.x1.data, avatar_form.y1.data, avatar_form.x2.data, avatar_form.y2.data) prefix = time.time() _file.filename = "%s_avatar.png" % prefix container = "user_%s" % user.id uploader.upload_file(_file, container=container, coordinates=coordinates) # Delete previous avatar from storage if user.info.get('avatar'): uploader.delete_file(user.info['avatar'], container) upload_method = current_app.config.get('UPLOAD_METHOD') avatar_url = get_avatar_url(upload_method, _file.filename, container) user.info['avatar'] = _file.filename user.info['container'] = container user.info['avatar_url'] = avatar_url user_repo.update(user) cached_users.delete_user_summary(user.name) flash(gettext('Your avatar has been updated! It may \ take some minutes to refresh...'), 'success') return True else: flash("You have to provide an image file to update your avatar", "error") return False
def _handle_external_services_update(user, update_form): del update_form.locale del update_form.email_addr del update_form.fullname del update_form.name if update_form.validate(): user.ckan_api = update_form.ckan_api.data or None user_repo.update(user) cached_users.delete_user_summary(user.name) flash(gettext('Your profile has been updated!'), 'success') else: flash(gettext('Please correct the errors'), 'error')
def _handle_profile_update(user, update_form): acc_conf_dis = current_app.config.get('ACCOUNT_CONFIRMATION_DISABLED') if update_form.validate_on_submit(): user.id = update_form.id.data user.fullname = update_form.fullname.data user.name = update_form.name.data account, domain = update_form.email_addr.data.split('@') if (user.email_addr != update_form.email_addr.data and acc_conf_dis is False and domain not in current_app.config.get('SPAM')): user.valid_email = False user.newsletter_prompted = False account = dict(fullname=update_form.fullname.data, name=update_form.name.data, email_addr=update_form.email_addr.data) confirm_url = get_email_confirmation_url(account) subject = ('You have updated your email in %s! Verify it' % current_app.config.get('BRAND')) msg = dict(subject=subject, recipients=[update_form.email_addr.data], body=render_template( '/account/email/validate_email.md', user=account, confirm_url=confirm_url)) msg['html'] = markdown(msg['body']) mail_queue.enqueue(send_mail, msg) user.confirmation_email_sent = True fls = gettext('An email has been sent to verify your \ new email: %s. Once you verify it, it will \ be updated.' % account['email_addr']) flash(fls, 'info') return True if acc_conf_dis is False and domain in current_app.config.get('SPAM'): fls = gettext('Use a valid email account') flash(fls, 'info') return False if acc_conf_dis: user.email_addr = update_form.email_addr.data user.privacy_mode = fuzzyboolean(update_form.privacy_mode.data) user.restrict = fuzzyboolean(update_form.restrict.data) user.locale = update_form.locale.data user.subscribed = fuzzyboolean(update_form.subscribed.data) user_repo.update(user) cached_users.delete_user_summary(user.name) flash(gettext('Your profile has been updated!'), 'success') return True else: flash(gettext('Please correct the errors'), 'error') return False
def _handle_profile_update(user, update_form): acc_conf_dis = current_app.config.get('ACCOUNT_CONFIRMATION_DISABLED') if update_form.validate_on_submit(): user.id = update_form.id.data user.fullname = update_form.fullname.data user.name = update_form.name.data account, domain = update_form.email_addr.data.split('@') if (user.email_addr != update_form.email_addr.data and acc_conf_dis is False and domain not in current_app.config.get('SPAM')): user.valid_email = False user.newsletter_prompted = False account = dict(fullname=update_form.fullname.data, name=update_form.name.data, email_addr=update_form.email_addr.data) confirm_url = get_email_confirmation_url(account) subject = ('You have updated your email in %s! Verify it' % current_app.config.get('BRAND')) msg = dict(subject=subject, recipients=[update_form.email_addr.data], body=render_template('/account/email/validate_email.md', user=account, confirm_url=confirm_url)) msg['html'] = markdown(msg['body']) mail_queue.enqueue(send_mail, msg) user.confirmation_email_sent = True fls = gettext('An email has been sent to verify your \ new email: %s. Once you verify it, it will \ be updated.' % account['email_addr']) flash(fls, 'info') return True if acc_conf_dis is False and domain in current_app.config.get('SPAM'): fls = gettext('Use a valid email account') flash(fls, 'info') return False if acc_conf_dis: user.email_addr = update_form.email_addr.data user.privacy_mode = fuzzyboolean(update_form.privacy_mode.data) user.restrict = fuzzyboolean(update_form.restrict.data) user.locale = update_form.locale.data user.subscribed = fuzzyboolean(update_form.subscribed.data) user_repo.update(user) cached_users.delete_user_summary(user.name) flash(gettext('Your profile has been updated!'), 'success') return True else: flash(gettext('Please correct the errors'), 'error') return False
def reset_api_key(name): """ Reset API-KEY for user. Returns a Jinja2 template. """ user = user_repo.get_by_name(name) if not user: return abort(404) ensure_authorized_to('update', user) user.api_key = model.make_uuid() user_repo.update(user) cached_users.delete_user_summary(user.name) msg = gettext('New API-KEY generated') flash(msg, 'success') return redirect(url_for('account.profile', name=name))
def reset_api_key(name): """ Reset API-KEY for user. Returns a Jinja2 template. """ user = User.query.filter_by(name=name).first() if not user: return abort(404) require.user.update(user) title = ("User: %s · Settings" "- Reset API KEY") % current_user.fullname user.api_key = model.make_uuid() db.session.commit() cached_users.delete_user_summary(user.name) msg = gettext('New API-KEY generated') flash(msg, 'success') return redirect(url_for('account.profile', name=name))
def reset_api_key(name): """ Reset API-KEY for user. Returns a Jinja2 template. """ user = user_repo.get_by_name(name) if not user: return abort(404) require.user.update(user) title = ("User: %s · Settings" "- Reset API KEY") % current_user.fullname user.api_key = model.make_uuid() user_repo.update(user) cached_users.delete_user_summary(user.name) msg = gettext('New API-KEY generated') flash(msg, 'success') return redirect(url_for('account.profile', name=name))
def _handle_profile_update(user, update_form): acc_conf_dis = current_app.config.get('ACCOUNT_CONFIRMATION_DISABLED') if update_form.validate_on_submit(): user.id = update_form.id.data user.fullname = update_form.fullname.data user.name = update_form.name.data if (user.email_addr != update_form.email_addr.data and acc_conf_dis is False): user.valid_email = False user.newsletter_prompted = False account = dict(fullname=update_form.fullname.data, name=update_form.name.data, email_addr=update_form.email_addr.data) confirm_url = get_email_confirmation_url(account) subject = ( u'Has actualizado tu correo electrónico con %s! Verifica la dirección' % current_app.config.get('BRAND')) msg = dict(subject=subject, recipients=[update_form.email_addr.data], body=render_template('/account/email/validate_email.md', user=account, confirm_url=confirm_url)) msg['html'] = markdown(msg['body']) mail_queue.enqueue(send_mail, msg) user.confirmation_email_sent = True fls = gettext( u'Se ha enviado un correo electrónico para verificar tu nuevo correo electrónico: %s. Una vez que lo verifiques, estará actualizado.' % account['email_addr']) flash(fls, 'info') return True if acc_conf_dis: user.email_addr = update_form.email_addr.data user.privacy_mode = update_form.privacy_mode.data user.locale = update_form.locale.data user.subscribed = update_form.subscribed.data user_repo.update(user) cached_users.delete_user_summary(user.name) flash(gettext(u'¡Tu perfil ha sido actualizado!'), 'success') return True else: flash(gettext(u'Por favor corrige los errores'), 'error') return False
def reset_api_key(): """ Reset API-KEY for user. Returns a Jinja2 template. """ if current_user.is_authenticated(): title = ("User: %s · Settings" "- Reset API KEY") % current_user.fullname if request.method == "GET": return render_template("account/reset-api-key.html", title=title) else: user = db.session.query(model.User).get(current_user.id) user.api_key = model.make_uuid() db.session.commit() cached_users.delete_user_summary(user.name) msg = gettext("New API-KEY generated") flash(msg, "success") return redirect(url_for("account.settings")) else: return abort(403)
def reset_api_key(name): """ Reset API-KEY for user. Returns a Jinja2 template. """ if request.method == 'POST': user = user_repo.get_by_name(name) if not user: return abort(404) ensure_authorized_to('update', user) user.api_key = model.make_uuid() user_repo.update(user) cached_users.delete_user_summary(user.name) msg = gettext('New API-KEY generated') flash(msg, 'success') return redirect_content_type(url_for('account.profile', name=name)) else: csrf = dict(form=dict(csrf=generate_csrf())) return jsonify(csrf)
def reset_api_key(name): """ Reset API-KEY for user. Returns a Jinja2 template. """ user = User.query.filter_by(name=name).first() if not user: return abort(404) if current_user.name != user.name: return abort(403) title = ("User: %s · Settings" "- Reset API KEY") % current_user.fullname user = db.session.query(model.user.User).get(current_user.id) user.api_key = model.make_uuid() db.session.commit() cached_users.delete_user_summary(user.name) msg = gettext('New API-KEY generated') flash(msg, 'success') return redirect(url_for('account.profile', name=name))
def _handle_avatar_update(user, avatar_form): if avatar_form.validate_on_submit(): _file = request.files['avatar'] coordinates = (avatar_form.x1.data, avatar_form.y1.data, avatar_form.x2.data, avatar_form.y2.data) prefix = time.time() _file.filename = "%s_avatar.png" % prefix container = "user_%s" % user.id uploader.upload_file(_file, container=container, coordinates=coordinates) # Delete previous avatar from storage if user.info.get('avatar'): uploader.delete_file(user.info['avatar'], container) user.info = {'avatar': _file.filename, 'container': container} user_repo.update(user) cached_users.delete_user_summary(user.name) flash(gettext('Your avatar has been updated! It may \ take some minutes to refresh...'), 'success') else: flash("You have to provide an image file to update your avatar", "error")
def update_profile(): """ Update user's profile. Returns Jinja2 template. """ form = UpdateProfileForm(obj=current_user) form.set_locales(current_app.config['LOCALES']) form.populate_obj(current_user) if request.method == 'GET': title_msg = "Update your profile: %s" % current_user.fullname return render_template('account/update.html', title=title_msg, form=form) else: form = UpdateProfileForm(request.form) form.set_locales(current_app.config['LOCALES']) if form.validate(): new_profile = model.User(id=form.id.data, fullname=form.fullname.data, name=form.name.data, email_addr=form.email_addr.data, locale=form.locale.data, ckan_api=form.ckan_api.data, privacy_mode=form.privacy_mode.data) db.session.query(model.User)\ .filter(model.User.id == current_user.id)\ .first() db.session.merge(new_profile) db.session.commit() cached_users.delete_user_summary(current_user.name) flash(gettext('Your profile has been updated!'), 'success') return redirect(url_for('.profile')) else: flash(gettext('Please correct the errors'), 'error') title_msg = 'Update your profile: %s' % current_user.fullname return render_template('/account/update.html', form=form, title=title_msg)
def update_profile(): """ Update user's profile. Returns Jinja2 template. """ form = UpdateProfileForm(obj=current_user) form.set_locales(current_app.config['LOCALES']) form.populate_obj(current_user) if request.method == 'GET': title_msg = "Update your profile: %s" % current_user.fullname return render_template('account/update.html', title=title_msg, form=form) else: form = UpdateProfileForm(request.form) form.set_locales(current_app.config['LOCALES']) if form.validate(): new_profile = model.User(id=form.id.data, fullname=form.fullname.data, name=form.name.data, email_addr=form.email_addr.data, locale=form.locale.data, ckan_api=form.ckan_api.data) db.session.query(model.User)\ .filter(model.User.id == current_user.id)\ .first() db.session.merge(new_profile) db.session.commit() cached_users.delete_user_summary(current_user.name) flash(gettext('Your profile has been updated!'), 'success') return redirect(url_for('.profile')) else: flash(gettext('Please correct the errors'), 'error') title_msg = 'Update your profile: %s' % current_user.fullname return render_template('/account/update.html', form=form, title=title_msg)
def reset_api_key(): """ Reset API-KEY for user. Returns a Jinja2 template. """ if current_user.is_authenticated(): title = ("User: %s · Settings" "- Reset API KEY") % current_user.fullname if request.method == 'GET': return render_template('account/reset-api-key.html', title=title) else: user = db.session.query(model.User).get(current_user.id) user.api_key = model.make_uuid() db.session.commit() cached_users.delete_user_summary(user.name) msg = gettext('New API-KEY generated') flash(msg, 'success') return redirect(url_for('account.settings')) else: # pragma: no cover return abort(403)
def home(): """ Render home page with the cached apps and users""" d = {'featured': cached_apps.get_featured_front_page(), 'top_apps': cached_apps.get_top(), 'top_users': None, 'categories': None, 'apps': None, 'n_apps_per_category': None} if app.config['ENFORCE_PRIVACY'] and current_user.is_authenticated(): if current_user.admin: d['top_users'] = cached_users.get_top() if not app.config['ENFORCE_PRIVACY']: d['top_users'] = cached_users.get_top() # @FC categories = cached_cat.get_all() n_apps_per_category = dict() apps = dict() for c in categories: n_apps_per_category[c.short_name] = cached_apps.n_count(c.short_name) apps[c.short_name],count = cached_apps.get(c.short_name,1,1) d['categories'] = categories d['n_apps_per_category'] = n_apps_per_category d['apps'] = apps # Current user Survey System if current_user.is_authenticated(): sql = text('''SELECT COUNT(task_run.id) AS task_run FROM task_run WHERE :cur_user_id=task_run.user_id''') results = db.engine.execute(sql,cur_user_id=current_user.id) for row in results: num_run_task=row.task_run if current_user.is_authenticated() and current_user.survey_check!= "None" and current_user.survey_check == "2": if num_run_task>=30: d['survey_three'] = True new_profile = model.User(id=current_user.id, survey_check="3") db.session.query(model.User).filter(model.User.id == current_user.id).first() db.session.merge(new_profile) db.session.commit() cached_users.delete_user_summary(current_user.name) elif current_user.is_authenticated() and current_user.survey_check!= "None" and current_user.survey_check == "1": if num_run_task>=1: d['survey_two'] = True new_profile = model.User(id=current_user.id, survey_check="2") db.session.query(model.User).filter(model.User.id == current_user.id).first() db.session.merge(new_profile) db.session.commit() cached_users.delete_user_summary(current_user.name) elif current_user.is_authenticated() and current_user.survey_check!= "None" and current_user.survey_check == "0": d['survey_one'] = True new_profile = model.User(id=current_user.id, survey_check="1") db.session.query(model.User).filter(model.User.id == current_user.id).first() db.session.merge(new_profile) db.session.commit() cached_users.delete_user_summary(current_user.name) else: d['survey_one'] = False # @FC return render_template('/home/index.html', **d)
def delete_user(name, confirmed): """ Deletes a user on pybossa - Only admins will be able to delete other users. - Does not let delete admin users. Admin users will have to remove the user from the admin lists before they can delete then - Marks all the task_runs of the specific user as anonymous - Changes the ownership of all the projects owned by the user to the current_user TODO: Clean this feature up and push this feature to pybossa core """ """ Get the user object and contributed projects object from cache to enable global helper functions to render it in a uniform way. But Obtain the results from the non-memoized functions to get the latest state """ target_user = cached_users.get_user_summary(name) if current_user.admin and target_user != None and current_user.id != target_user['id'] : user_page_redirect = request.args.get('user_page_redirect') if not user_page_redirect: user_page_redirect = 1 if confirmed == "unconfirmed": published_projects = cached_users.published_projects(target_user['id']) draft_projects = cached_users.draft_projects(target_user['id']) owned_projects = published_projects + draft_projects return render_template('geotagx/users/delete_confirmation.html', \ target_user = target_user, owned_projects = owned_projects, user_page_redirect=user_page_redirect ) elif confirmed == "confirmed": """ Retrieval of the User object necessary as the target_user object obtained from `cached_users.get_user_summary` doesnot expose the `admin` check that is necessary to prevent the user from deleting other admin users, and also the SQLAlchemy `delete` function """ user_object = User.query.filter_by(id=target_user['id']).first() if user_object.admin: # It is not allowed to delete other admin users abort(404) """ Mark all task runs by the user as anonymous Mark the user_ip field in the task_run by the username instead to retain user identity for analytics """ task_runs = TaskRun.query.filter_by(user_id=target_user['id']).all() for task_run in task_runs: task_run.user_id = None task_run.user_ip = "deleted_user_"+target_user['name'] db.session.commit() """ Change the ownership of all projects owned by the target user to that of the current user """ projects = Project.query.filter_by(owner_id=target_user['id']).all() for project in projects: project.owner_id = current_user.id db.session.commit() """ Clean cached data about the project """ cached_projects.clean_project(project.id) """ Delete the user from the database """ db.session.delete(user_object) db.session.commit() """ Clean user data from the cache Force Update current_user's data in the cache """ cached_users.delete_user_summary(target_user['id']) cached_users.delete_user_summary(current_user.id) flash("User <strong>"+target_user['name']+"</strong> has been successfully deleted, and all the projects owned by the user have been transferred to you.", 'success') return redirect(url_for('geotagx-admin.manage_users', page=user_page_redirect)) else: abort(404) else: abort(404)
def update_profile(name): """ Update user's profile. Returns Jinja2 template. """ user = user_repo.get_by_name(name) if not user: return abort(404) if current_user.name != name: return abort(403) ensure_authorized_to('update', user) show_passwd_form = True if user.twitter_user_id or user.google_user_id or user.facebook_user_id: show_passwd_form = False usr = cached_users.get_user_summary(name) # Extend the values user.rank = usr.get('rank') user.score = usr.get('score') btn = request.body.get('btn', 'None').capitalize() if btn != 'Profile': update_form = UpdateProfileForm(formdata=None, obj=user) else: update_form = UpdateProfileForm(obj=user) update_form.set_locales(current_app.config['LOCALES']) avatar_form = AvatarUploadForm() password_form = ChangePasswordForm() title_msg = "Update your profile: %s" % user.fullname if request.method == 'POST': # Update user avatar succeed = False btn = request.body.get('btn', 'None').capitalize() if btn == 'Upload': succeed = _handle_avatar_update(user, avatar_form) # Update user profile elif btn == 'Profile': succeed = _handle_profile_update(user, update_form) # Update user password elif btn == 'Password': succeed = _handle_password_update(user, password_form) # Update user external services elif btn == 'External': succeed = _handle_external_services_update(user, update_form) # Otherwise return 415 else: return abort(415) if succeed: cached_users.delete_user_summary(user.name) return redirect_content_type(url_for('.update_profile', name=user.name), status=SUCCESS) else: data = dict(template='/account/update.html', form=update_form, upload_form=avatar_form, password_form=password_form, title=title_msg, show_passwd_form=show_passwd_form) return handle_content_type(data) data = dict(template='/account/update.html', form=update_form, upload_form=avatar_form, password_form=password_form, title=title_msg, show_passwd_form=show_passwd_form) return handle_content_type(data)
def update_profile(name): """ Update user's profile. Returns Jinja2 template. """ user = User.query.filter_by(name=name).first() if not user: return abort(404) require.user.update(user) show_passwd_form = True if user.twitter_user_id or user.google_user_id or user.facebook_user_id: show_passwd_form = False usr = cached_users.get_user_summary(name) # Extend the values current_user.rank = usr.get('rank') current_user.score = usr.get('score') # Title page title_msg = "Update your profile: %s" % current_user.fullname # Creation of forms update_form = UpdateProfileForm(obj=user) update_form.set_locales(current_app.config['LOCALES']) avatar_form = AvatarUploadForm() password_form = ChangePasswordForm() external_form = update_form if request.method == 'GET': return render_template('account/update.html', title=title_msg, user=usr, form=update_form, upload_form=avatar_form, password_form=password_form, external_form=external_form, show_passwd_form=show_passwd_form) else: # Update user avatar if request.form.get('btn') == 'Upload': avatar_form = AvatarUploadForm() if avatar_form.validate_on_submit(): file = request.files['avatar'] coordinates = (avatar_form.x1.data, avatar_form.y1.data, avatar_form.x2.data, avatar_form.y2.data) prefix = time.time() file.filename = "%s_avatar.png" % prefix container = "user_%s" % current_user.id uploader.upload_file(file, container=container, coordinates=coordinates) # Delete previous avatar from storage if current_user.info.get('avatar'): uploader.delete_file(current_user.info['avatar'], container) current_user.info = { 'avatar': file.filename, 'container': container } db.session.commit() cached_users.delete_user_summary(current_user.name) flash( gettext('Your avatar has been updated! It may \ take some minutes to refresh...'), 'success') return redirect( url_for('.update_profile', name=current_user.name)) else: flash( "You have to provide an image file to update your avatar", "error") return render_template('/account/update.html', form=update_form, upload_form=avatar_form, password_form=password_form, external_form=external_form, title=title_msg, show_passwd_form=show_passwd_form) # Update user profile elif request.form.get('btn') == 'Profile': update_form = UpdateProfileForm() update_form.set_locales(current_app.config['LOCALES']) if update_form.validate(): current_user.id = update_form.id.data current_user.fullname = update_form.fullname.data current_user.name = update_form.name.data current_user.email_addr = update_form.email_addr.data current_user.privacy_mode = update_form.privacy_mode.data current_user.locale = update_form.locale.data db.session.commit() cached_users.delete_user_summary(current_user.name) flash(gettext('Your profile has been updated!'), 'success') return redirect( url_for('.update_profile', name=current_user.name)) else: flash(gettext('Please correct the errors'), 'error') title_msg = 'Update your profile: %s' % current_user.fullname return render_template('/account/update.html', form=update_form, upload_form=avatar_form, password_form=password_form, external_form=external_form, title=title_msg, show_passwd_form=show_passwd_form) # Update user password elif request.form.get('btn') == 'Password': # Update the data because passing it in the constructor does not work update_form.name.data = user.name update_form.fullname.data = user.fullname update_form.email_addr.data = user.email_addr update_form.ckan_api.data = user.ckan_api external_form = update_form if password_form.validate_on_submit(): user = db.session.query(model.user.User).get(current_user.id) if user.check_password(password_form.current_password.data): user.set_password(password_form.new_password.data) db.session.add(user) db.session.commit() flash( gettext('Yay, you changed your password succesfully!'), 'success') return redirect(url_for('.update_profile', name=name)) else: msg = gettext("Your current password doesn't match the " "one in our records") flash(msg, 'error') return render_template('/account/update.html', form=update_form, upload_form=avatar_form, password_form=password_form, external_form=external_form, title=title_msg, show_passwd_form=show_passwd_form) else: flash(gettext('Please correct the errors'), 'error') return render_template('/account/update.html', form=update_form, upload_form=avatar_form, password_form=password_form, external_form=external_form, title=title_msg, show_passwd_form=show_passwd_form) # Update user external services elif request.form.get('btn') == 'External': del external_form.locale del external_form.email_addr del external_form.fullname del external_form.name if external_form.validate(): current_user.ckan_api = external_form.ckan_api.data or None db.session.commit() cached_users.delete_user_summary(current_user.name) flash(gettext('Your profile has been updated!'), 'success') return redirect( url_for('.update_profile', name=current_user.name)) else: flash(gettext('Please correct the errors'), 'error') title_msg = 'Update your profile: %s' % current_user.fullname return render_template('/account/update.html', form=update_form, upload_form=avatar_form, password_form=password_form, external_form=external_form, title=title_msg, show_passwd_form=show_passwd_form) # Otherwise return 415 else: return abort(415)
def update_profile(name): """ Update user's profile. Returns Jinja2 template. """ user = user_repo.get_by_name(name) if not user: return abort(404) require.user.update(user) show_passwd_form = True if user.twitter_user_id or user.google_user_id or user.facebook_user_id: show_passwd_form = False usr = cached_users.get_user_summary(name) # Extend the values user.rank = usr.get('rank') user.score = usr.get('score') # Title page title_msg = "Update your profile: %s" % user.fullname # Creation of forms update_form = UpdateProfileForm(obj=user) update_form.set_locales(current_app.config['LOCALES']) avatar_form = AvatarUploadForm() password_form = ChangePasswordForm() external_form = update_form if request.method == 'GET': return render_template('account/update.html', title=title_msg, user=usr, form=update_form, upload_form=avatar_form, password_form=password_form, external_form=external_form, show_passwd_form=show_passwd_form) else: acc_conf_dis = current_app.config.get('ACCOUNT_CONFIRMATION_DISABLED') # Update user avatar if request.form.get('btn') == 'Upload': avatar_form = AvatarUploadForm() if avatar_form.validate_on_submit(): file = request.files['avatar'] coordinates = (avatar_form.x1.data, avatar_form.y1.data, avatar_form.x2.data, avatar_form.y2.data) prefix = time.time() file.filename = "%s_avatar.png" % prefix container = "user_%s" % user.id uploader.upload_file(file, container=container, coordinates=coordinates) # Delete previous avatar from storage if user.info.get('avatar'): uploader.delete_file(user.info['avatar'], container) user.info = {'avatar': file.filename, 'container': container} user_repo.update(user) cached_users.delete_user_summary(user.name) flash( gettext('Your avatar has been updated! It may \ take some minutes to refresh...'), 'success') return redirect(url_for('.update_profile', name=user.name)) else: flash( "You have to provide an image file to update your avatar", "error") return render_template('/account/update.html', form=update_form, upload_form=avatar_form, password_form=password_form, external_form=external_form, title=title_msg, show_passwd_form=show_passwd_form) # Update user profile elif request.form.get('btn') == 'Profile': update_form = UpdateProfileForm() update_form.set_locales(current_app.config['LOCALES']) if update_form.validate(): user.id = update_form.id.data user.fullname = update_form.fullname.data user.name = update_form.name.data if (user.email_addr != update_form.email_addr.data and acc_conf_dis is False): user.valid_email = False user.newsletter_prompted = False account = dict(fullname=update_form.fullname.data, name=update_form.name.data, email_addr=update_form.email_addr.data) confirm_url = get_email_confirmation_url(account) subject = ('You have updated your email in %s! Verify it' \ % current_app.config.get('BRAND')) msg = dict(subject=subject, recipients=[update_form.email_addr.data], body=render_template( '/account/email/validate_email.md', user=account, confirm_url=confirm_url)) msg['html'] = markdown(msg['body']) mail_queue.enqueue(send_mail, msg) user.confirmation_email_sent = True fls = gettext('An email has been sent to verify your \ new email: %s. Once you verify it, it will \ be updated.' % account['email_addr']) flash(fls, 'info') if acc_conf_dis: user.email_addr = update_form.email_addr.data user.privacy_mode = update_form.privacy_mode.data user.locale = update_form.locale.data user_repo.update(user) cached_users.delete_user_summary(user.name) flash(gettext('Your profile has been updated!'), 'success') return redirect(url_for('.update_profile', name=user.name)) else: flash(gettext('Please correct the errors'), 'error') title_msg = 'Update your profile: %s' % user.fullname return render_template('/account/update.html', form=update_form, upload_form=avatar_form, password_form=password_form, external_form=external_form, title=title_msg, show_passwd_form=show_passwd_form) # Update user password elif request.form.get('btn') == 'Password': # Update the data because passing it in the constructor does not work update_form.name.data = user.name update_form.fullname.data = user.fullname update_form.email_addr.data = user.email_addr update_form.ckan_api.data = user.ckan_api external_form = update_form if password_form.validate_on_submit(): user = user_repo.get(user.id) if user.check_password(password_form.current_password.data): user.set_password(password_form.new_password.data) user_repo.update(user) flash( gettext('Yay, you changed your password succesfully!'), 'success') return redirect(url_for('.update_profile', name=name)) else: msg = gettext("Your current password doesn't match the " "one in our records") flash(msg, 'error') return render_template('/account/update.html', form=update_form, upload_form=avatar_form, password_form=password_form, external_form=external_form, title=title_msg, show_passwd_form=show_passwd_form) else: flash(gettext('Please correct the errors'), 'error') return render_template('/account/update.html', form=update_form, upload_form=avatar_form, password_form=password_form, external_form=external_form, title=title_msg, show_passwd_form=show_passwd_form) # Update user external services elif request.form.get('btn') == 'External': del external_form.locale del external_form.email_addr del external_form.fullname del external_form.name if external_form.validate(): user.ckan_api = external_form.ckan_api.data or None user_repo.update(user) cached_users.delete_user_summary(user.name) flash(gettext('Your profile has been updated!'), 'success') return redirect(url_for('.update_profile', name=user.name)) else: flash(gettext('Please correct the errors'), 'error') title_msg = 'Update your profile: %s' % user.fullname return render_template('/account/update.html', form=update_form, upload_form=avatar_form, password_form=password_form, external_form=external_form, title=title_msg, show_passwd_form=show_passwd_form) # Otherwise return 415 else: return abort(415)
def update_profile(name): """ Update user's profile. Returns Jinja2 template. """ user = User.query.filter_by(name=name).first() if not user: return abort(404) require.user.update(user) show_passwd_form = True if user.twitter_user_id or user.google_user_id or user.facebook_user_id: show_passwd_form = False usr = cached_users.get_user_summary(name) # Extend the values current_user.rank = usr.get('rank') current_user.score = usr.get('score') # Title page title_msg = "Update your profile: %s" % current_user.fullname # Creation of forms update_form = UpdateProfileForm(obj=user) update_form.set_locales(current_app.config['LOCALES']) avatar_form = AvatarUploadForm() password_form = ChangePasswordForm() external_form = update_form if request.method == 'GET': return render_template('account/update.html', title=title_msg, user=usr, form=update_form, upload_form=avatar_form, password_form=password_form, external_form=external_form, show_passwd_form=show_passwd_form) else: # Update user avatar if request.form.get('btn') == 'Upload': avatar_form = AvatarUploadForm() if avatar_form.validate_on_submit(): file = request.files['avatar'] coordinates = (avatar_form.x1.data, avatar_form.y1.data, avatar_form.x2.data, avatar_form.y2.data) prefix = time.time() file.filename = "%s_avatar.png" % prefix container = "user_%s" % current_user.id uploader.upload_file(file, container=container, coordinates=coordinates) # Delete previous avatar from storage if current_user.info.get('avatar'): uploader.delete_file(current_user.info['avatar'], container) current_user.info = {'avatar': file.filename, 'container': container} db.session.commit() cached_users.delete_user_summary(current_user.name) flash(gettext('Your avatar has been updated! It may \ take some minutes to refresh...'), 'success') return redirect(url_for('.update_profile', name=current_user.name)) else: flash("You have to provide an image file to update your avatar", "error") return render_template('/account/update.html', form=update_form, upload_form=avatar_form, password_form=password_form, external_form=external_form, title=title_msg, show_passwd_form=show_passwd_form) # Update user profile elif request.form.get('btn') == 'Profile': update_form = UpdateProfileForm() update_form.set_locales(current_app.config['LOCALES']) if update_form.validate(): current_user.id = update_form.id.data current_user.fullname = update_form.fullname.data current_user.name = update_form.name.data current_user.email_addr = update_form.email_addr.data current_user.privacy_mode = update_form.privacy_mode.data current_user.locale = update_form.locale.data db.session.commit() cached_users.delete_user_summary(current_user.name) flash(gettext('Your profile has been updated!'), 'success') return redirect(url_for('.update_profile', name=current_user.name)) else: flash(gettext('Please correct the errors'), 'error') title_msg = 'Update your profile: %s' % current_user.fullname return render_template('/account/update.html', form=update_form, upload_form=avatar_form, password_form=password_form, external_form=external_form, title=title_msg, show_passwd_form=show_passwd_form) # Update user password elif request.form.get('btn') == 'Password': # Update the data because passing it in the constructor does not work update_form.name.data = user.name update_form.fullname.data = user.fullname update_form.email_addr.data = user.email_addr update_form.ckan_api.data = user.ckan_api external_form = update_form if password_form.validate_on_submit(): user = db.session.query(model.user.User).get(current_user.id) if user.check_password(password_form.current_password.data): user.set_password(password_form.new_password.data) db.session.add(user) db.session.commit() flash(gettext('Yay, you changed your password succesfully!'), 'success') return redirect(url_for('.update_profile', name=name)) else: msg = gettext("Your current password doesn't match the " "one in our records") flash(msg, 'error') return render_template('/account/update.html', form=update_form, upload_form=avatar_form, password_form=password_form, external_form=external_form, title=title_msg, show_passwd_form=show_passwd_form) else: flash(gettext('Please correct the errors'), 'error') return render_template('/account/update.html', form=update_form, upload_form=avatar_form, password_form=password_form, external_form=external_form, title=title_msg, show_passwd_form=show_passwd_form) # Update user external services elif request.form.get('btn') == 'External': del external_form.locale del external_form.email_addr del external_form.fullname del external_form.name if external_form.validate(): current_user.ckan_api = external_form.ckan_api.data or None db.session.commit() cached_users.delete_user_summary(current_user.name) flash(gettext('Your profile has been updated!'), 'success') return redirect(url_for('.update_profile', name=current_user.name)) else: flash(gettext('Please correct the errors'), 'error') title_msg = 'Update your profile: %s' % current_user.fullname return render_template('/account/update.html', form=update_form, upload_form=avatar_form, password_form=password_form, external_form=external_form, title=title_msg, show_passwd_form=show_passwd_form) # Otherwise return 415 else: return abort(415)
def update_profile(name): """ Update user's profile. Returns Jinja2 template. """ user = user_repo.get_by_name(name) if not user: return abort(404) ensure_authorized_to('update', user) show_passwd_form = True if user.twitter_user_id or user.google_user_id or user.facebook_user_id or user.wechat_user_id or user.weibo_user_id: show_passwd_form = False usr = cached_users.get_user_summary(name) # Extend the values user.rank = usr.get('rank') user.score = usr.get('score') btn = request.body.get('btn', 'None').capitalize() if btn != 'Profile': update_form = UpdateProfileForm(formdata=None, obj=user) else: update_form = UpdateProfileForm(obj=user) update_form.set_locales(current_app.config['LOCALES']) avatar_form = AvatarUploadForm() password_form = ChangePasswordForm() title_msg = "Update your profile: %s" % user.fullname if request.method == 'POST': # Update user avatar succeed = False btn = request.body.get('btn', 'None').capitalize() if btn == 'Upload': succeed = _handle_avatar_update(user, avatar_form) # Update user profile elif btn == 'Profile': succeed = _handle_profile_update(user, update_form) # Update user password elif btn == 'Password': succeed = _handle_password_update(user, password_form) # Update user external services elif btn == 'External': succeed = _handle_external_services_update(user, update_form) # Otherwise return 415 else: return abort(415) if succeed: cached_users.delete_user_summary(user.name) return redirect_content_type(url_for('.update_profile', name=user.name), status=SUCCESS) else: data = dict(template='/account/update.html', form=update_form, upload_form=avatar_form, password_form=password_form, title=title_msg, show_passwd_form=show_passwd_form) return handle_content_type(data) data = dict(template='/account/update.html', form=update_form, upload_form=avatar_form, password_form=password_form, title=title_msg, show_passwd_form=show_passwd_form) return handle_content_type(data)
def update_profile(): """ Update user's profile. Returns Jinja2 template. """ form = UpdateProfileForm() upload_form = AvatarUploadForm() if request.method == 'GET': form = UpdateProfileForm(obj=current_user) form.set_locales(current_app.config['LOCALES']) form.populate_obj(current_user) title_msg = "Update your profile: %s" % current_user.fullname return render_template('account/update.html', title=title_msg, form=form, upload_form=upload_form) else: form = UpdateProfileForm(request.form) upload_form = AvatarUploadForm(request.form) form.set_locales(current_app.config['LOCALES']) if request.form['btn'] == 'Upload': avatar = request.files['avatar'] extension = avatar.filename.rsplit(".")[1] coordinates = (upload_form.x1.data, upload_form.y1.data, upload_form.x2.data, upload_form.y2.data) prefix = time.time() avatar.filename = "%s_avatar.%s" % (prefix, extension) container = "user_%s" % current_user.id uploader.upload_file(avatar, container=container, coordinates=coordinates) # Delete previous avatar from storage if 'avatar' in current_user.info: uploader.delete_file(current_user.info['avatar'], container) current_user.info = {'avatar': avatar.filename, 'container': container} db.session.commit() cached_users.delete_user_summary(current_user.name) flash(gettext('Your avatar has been updated! It may \ take some minutes to refresh...'), 'success') return redirect(url_for('.profile')) else: if form.validate(): current_user.id = form.id.data current_user.fullname = form.fullname.data current_user.name = form.name.data current_user.email_addr = form.email_addr.data current_user.ckan_api = form.ckan_api.data current_user.privacy_mode = form.privacy_mode.data db.session.commit() cached_users.delete_user_summary(current_user.name) flash(gettext('Your profile has been updated!'), 'success') return redirect(url_for('.profile')) else: flash(gettext('Please correct the errors'), 'error') title_msg = 'Update your profile: %s' % current_user.fullname return render_template('/account/update.html', form=form, upload_form=upload_form, title=title_msg)