def claim_ticket(ticket, request, user_identifier): #Is the ticket open? if ticket.get_workflow_state() != 'open': raise HTTPForbidden("Access already granted with this ticket") #Find required resources and do some basic validation meeting = find_interface(ticket, IMeeting) root = find_root(ticket) assert meeting assert root if '@' in user_identifier: user = root['users'].get_user_by_email(user_identifier, None) else: user = root['users'].get(user_identifier, None) if user is None: raise HTTPForbidden("No user could be looked up via: %r" % user_identifier) meeting.add_groups(user.userid, ticket.roles) ticket.claimed_by = user.userid ticket.set_workflow_state(request, 'closed') ticket.closed = utcnow() #If ticket and user profile has the same email, consider that email validated #This will notify and perhaps fetch other tickets as well if user.email == ticket.email: user.email_validated = True return user
def popup_toggle(request): """ Toggle whether the user is configured to receive fedmsg popups in the web UI. Args: request (pyramid.util.Request): The current request. Returns: pyramid.httpexceptions.HTTPFound: A redirect to the "next" field of the request, or the home page if "next" is not defined. Raises: pyramid.exceptions.HTTPForbidden: If the user is not logged in. pyramid.httpexceptions.HTTPBadRequest: If the user is not found. It is unknown under which circumstances this could happen. """ # Get the user userid = request.authenticated_userid if userid is None: raise HTTPForbidden("You must be logged in.") user = request.db.query( models.User).filter_by(name=unicode(userid)).first() if user is None: raise HTTPBadRequest("For some reason, user does not exist.") # Toggle the value. user.show_popups = not user.show_popups # And send the user back return_to = request.params.get('next', request.route_url('home')) return HTTPFound(location=return_to)
def new_override(request): """ Returns the new buildroot override form """ nvr = request.params.get('nvr') user = authenticated_userid(request) if not user: raise HTTPForbidden("You must be logged in.") return dict(nvr=nvr)
def new_update(request): """ Return the new update form. Args: request (pyramid.request.Request): The current request. Returns: dict: A dictionary with four keys. "update" indexes None. "types" indexes a list of the possible UpdateTypes. "severities" indexes a list of the possible severity values. "suggestions" indexes a list of the possible values for update suggestions. Raises: pyramid.exceptions.HTTPForbidden: If the user is not logged in. """ user = request.authenticated_userid if not user: raise HTTPForbidden("You must be logged in.") suggestions = list(models.UpdateSuggestion.values()) return dict(update=None, types=reversed(list(models.UpdateType.values())), severities=sorted(list(models.UpdateSeverity.values()), key=bodhi.server.util.sort_severity), suggestions=suggestions, sidetags=_get_sidetags(request.koji, user=user, contains_builds=True))
def groupfinder(userid, request): user = request.db.users.find_one({'identifier': userid}) if user: if user.get('group') == Admin: return [Admin] elif user.get('group') == User: return [User] else: return [Guest] return HTTPForbidden()
def new_update(request): """ Returns the new update form """ user = authenticated_userid(request) if not user: raise HTTPForbidden("You must be logged in.") return dict( update=None, types=reversed(bodhi.models.UpdateType.values()), severities=reversed(bodhi.models.UpdateSeverity.values()), suggestions=reversed(bodhi.models.UpdateSuggestion.values()), )
def change_states_proposals(obj, event): """ Change state on proposals when adding them to upcoming poll. """ request = get_current_request() if obj.get_workflow_state() == 'upcoming': for proposal in obj.get_proposal_objects(): if proposal.get_workflow_state() != 'voting': try: proposal.set_workflow_state(request, 'voting') except WorkflowError: raise HTTPForbidden(_(u"workflow_error_when_setting_proposal_as_voting", default = u"Can't set Proposal '${title}' as 'Locked for voting'. It's probably not in the state published, or has already been handled in another way. All changes aborted, please check the proposals and try again.", mapping = {'title': obj.title}))
def new_stack(request): """ Return the new stack form. Args: request (pyramid.request): The current web request. Returns: dict: An empty dictionary. Raises: pyramid.exceptions.HTTPForbidden: If the user is not logged in. """ user = request.authenticated_userid if not user: raise HTTPForbidden("You must be logged in.") return dict()
def test_assign_to_slot_forbidden(self, config, db_session, events): from kotti.views.slots import assign_slot from pyramid.exceptions import HTTPForbidden def special(context, request): return Response(u"Hello world!") assign_slot('special', 'right') config.add_view(special, name='special', permission='admin') # the slot rendering must not fail if a HTTPForbidden exception api = self.make() with patch('kotti.views.slots.render_view') as render_view: render_view.side_effect = HTTPForbidden() assert api.slots.right == []
def new_override(request): """ Return the new buildroot override form. Args: request (pyramid.request.Request): The current request. Returns: dict: A dictionary of the form {nvr: nvr}, where the request nvr field indexes itself. Raises: pyramid.exceptions.HTTPForbidden: If the user is not logged in. """ nvr = request.params.get('nvr') user = request.authenticated_userid if not user: raise HTTPForbidden("You must be logged in.") return dict(nvr=nvr)
def popup_toggle(request): # Get the user from bodhi.models import User userid = authenticated_userid(request) if userid is None: raise HTTPForbidden("You must be logged in.") user = request.db.query(User).filter_by(name=unicode(userid)).first() if user is None: raise HTTPBadRequest("For some reason, user does not exist.") # Toggle the value. user.show_popups = not user.show_popups # And send the user back return_to = request.params.get('next', request.route_url('home')) return HTTPFound(location=return_to)
def logged_in_user(self): """Returns the logged in user as JSON data """ from pyramid.security import authenticated_userid login_name = authenticated_userid(self.request) from stalker import User from stalker.db.session import DBSession from sqlalchemy import or_ user_id = DBSession.query(User.id) \ .filter(or_(User.login == login_name, User.email == login_name)) \ .first() if not user_id: from pyramid.exceptions import HTTPForbidden raise HTTPForbidden(self.request) else: self.entity_id = user_id return self.get_entity()
def new_override(request): """ Returns the new buildroot override form """ user = authenticated_userid(request) if not user: raise HTTPForbidden("You must be logged in.") return dict()
def __init__(self, request: Request): raise HTTPForbidden("foo")
def forbidden(self): """A view which is always forbidden""" raise HTTPForbidden()
def new_stack(request): """ Returns the new stack form """ user = authenticated_userid(request) if not user: raise HTTPForbidden("You must be logged in.") return dict()
def edit_GET(request): if not _is_boss(request): raise HTTPForbidden( detail="Hint: try connecting from a private IP address.") return {'table': request.database.get_all()}