def _on_submit(self): try: user = auth.get_user(self.val('login')) if user.status != auth.USER_STATUS_ACTIVE: return token = util.random_password(64, True) _RESET_TOKENS_POOL.put(token, user.login, _RESET_TOKEN_TTL) reset_url = router.rule_url('auth_ui_password@reset', {'token': token}) msg_body = tpl.render( 'auth_ui_password@mail/{}/reset-password'.format( lang.get_current()), { 'user': user, 'reset_url': reset_url }) mail.Message( user.login, lang.t('auth_ui_password@reset_password_mail_subject'), msg_body).send() router.session().add_info_message( lang.t('auth_ui_password@check_email_for_instructions')) except auth.error.UserNotFound: pass
def on_router_dispatch(): try: api_key = google_maps.helpers.get_google_api_key() metatag.t_set('pytsite-google-maps-api-key', api_key) except google_maps.error.GoogleApiKeyNotDefined: if auth.get_current_user().has_role('dev'): router.session().add_warning_message(lang.t('google_maps_ui@plugin_setup_required_warning'))
def on_auth_sign_up(user: auth.AbstractUser): # Set session notification router.session().add_success_message( lang.t('auth_ui@registration_form_success')) # Send a confirmation email to the user if auth.is_sign_up_confirmation_required(): msg = tpl.render( 'auth_ui@mail/{}/sign-up'.format(lang.get_current()), { 'user': user, 'confirm_url': router.rule_url('auth_ui@sign_up_confirm', {'code': user.confirmation_hash}) if not user.is_confirmed else None }) mail.Message(user.login, lang.t('auth_ui@confirm_registration'), msg).send() # Send a notification emails to admins if auth.is_sign_up_admins_notification_enabled(): for admin in auth.get_admin_users(): msg = tpl.render( 'auth_ui@mail/{}/sign-up-admin-notify'.format( lang.get_current()), { 'admin': admin, 'user': user, }) mail.Message(admin.login, lang.t('auth_ui@registration_admin_notify'), msg).send()
def _clear_state(self): """Clear state. """ if 'oauth.twitter.session' in _router.session(): del _router.session()['oauth.twitter.session'] return self
def router_dispatch(): """'pytsite.router.dispatch' event handler. """ if _auth.get_current_user().has_role('dev'): if not _reg.get('tumblr.app_key') or not _reg.get('tumblr.app_secret'): _router.session().add_warning_message( _lang.t('tumblr@plugin_setup_required_warning'))
def router_dispatch(): """'pytsite.router.dispatch' event handler. """ try: _metatag.t_set('fb:app_id', _api.get_app_id()) except (_error.AppIdNotSet, _error.AppSecretNotSet): if _auth.get_current_user().is_dev: _router.session().add_warning_message( _lang.t('facebook@plugin_setup_required_warning'))
def exec(self): """Unsubscribe from content digest """ s = _odm.dispense('content_digest_subscriber', self.arg('sid')) if s: s.f_set('enabled', False).save() _router.session().add_success_message( _lang.t('content_digest@unsubscription_successful')) return self.redirect(_router.base_url())
def router_dispatch(): """'pytsite.router.dispatch' handler. """ t_id = _reg.get('google_analytics.tracking_id') if not t_id and _auth.get_current_user().has_role('dev'): _router.session().add_warning_message( _lang.t('google_analytics@plugin_setup_required_warning')) else: _assetman.inline_js( _tpl.render('google_analytics@counter', {'tracking_id': t_id}))
def router_dispatch(): """'pytsite.router.dispatch' handler. """ counter_id = _reg.get('yandex_metrika.counter_id') if not counter_id and _auth.get_current_user().has_role('dev'): _router.session().add_warning_message( _lang.t('yandex_metrika@plugin_setup_required_warning')) else: _assetman.add_inline_js( _tpl.render('yandex_metrika@counter', {'counter_id': counter_id}))
def router_dispatch(): """pytsite.router.dispatch """ try: client_id = auth_google.get_client_id() metatag.t_set('google-signin-client_id', client_id) metatag.t_set('pytsite-auth-google-client-id', client_id) except auth_google.error.ClientIdNotDefined: if auth.get_current_user().has_role('dev'): router.session().add_warning_message(lang.t('auth_ui_google@plugin_setup_required_warning'))
def odm_ui_m_form_submit(self, frm: form.Form): """Hook """ # Populate form values to entity fields for f_name, f_value in frm.values.items(): if self.has_field(f_name): self.f_set(f_name, f_value) # Save entity self.save() router.session().add_info_message( lang.t('odm_ui@operation_successful'))
def router_dispatch(): """'pytsite.router.dispatch' handler """ pub_id = reg.get('addthis.pub_id') if pub_id: assetman.inline_js( '<script src="//s7.addthis.com/js/300/addthis_widget.js#pubid={}"></script>' .format(pub_id)) elif auth.get_current_user().has_role('dev'): router.session().add_warning_message( lang.t('addthis@plugin_setup_required_warning'))
def exec(self): """Authorization. """ # Check for errors error = self.arg('error_description') if error: _router.session().add_error_message(error) # Initializing authorization session auth_session = _AuthSession(self.arg('state')) return self.redirect(_router.url(auth_session.redirect_uri, query=self.args))
def _on_submit(self): e_type = self.attr('e_type') eids = self.attr('eids', []) try: for eid in eids: if e_type == 'role': auth.get_role(uid=eid).delete() elif e_type == 'user': auth.get_user(uid=eid).delete() except errors.ForbidDeletion as e: router.session().add_error_message(str(e)) return
def _on_submit(self): from ._api import dispense_entity # Dispense entity entity = dispense_entity(self.attr('model'), self.attr('eid')) # Fill entity fields try: entity.odm_ui_m_form_submit(self) except Exception as e: router.session().add_error_message(str(e)) raise e # Process 'special' redirect endpoint if self.redirect == 'ENTITY_VIEW': self.redirect = entity.odm_ui_view_url()
def _on_submit(self): from ._api import dispense_entity model = self.attr('model') try: # Ask entities to process deletion for eid in self.attr('eids', self.attr('ids', [])): dispense_entity(model, eid).odm_ui_d_form_submit() router.session().add_info_message( lang.t('odm_ui@operation_successful')) # Entity deletion was forbidden except errors.ForbidDeletion as e: logger.error(e) router.session().add_error_message( lang.t('odm_ui@entity_deletion_forbidden') + '. ' + str(e))
def _on_submit(self): """Hook """ try: token = self.attr('token') user = auth.get_user(_RESET_TOKENS_POOL.get(token)) auth.switch_user_to_system() user.password = self.val('password') user.save() auth.restore_user() _RESET_TOKENS_POOL.rm(token) router.session().add_success_message( lang.t('auth_ui_password@reset_password_success')) self.redirect = router.rule_url('auth_ui@sign_in', {'driver': 'password'}) except auth.error.UserNotFound: raise RuntimeError('Invalid token')
def exec(self): try: # Search for user user = next( auth.find_users( query.Query(query.Eq('confirmation_hash', self.arg('code'))))) except StopIteration: # No user found, redirect to sign in URL return self.redirect(_api.sign_in_url(redirect=router.base_url())) try: auth.switch_user_to_system() user.confirmation_hash = None if user.status == auth.USER_STATUS_WAITING: user.status = auth.get_new_user_status() user.save() finally: auth.restore_user() router.session().add_success_message( lang.t('auth_ui@registration_confirm_success')) return self.redirect(_api.sign_in_url(redirect=router.base_url()))
def _on_submit(self): setting_uid = self.attr('setting_uid') # Extract all values who's name starts with 'setting_' setting_value = reg.get(setting_uid, {}) for k, v in self.values.items(): if k.startswith('setting_'): k = _re.sub('^setting_', '', k) if isinstance(v, (list, tuple)): v = util.cleanup_list(v) if isinstance(v, dict): v = util.cleanup_dict(v) setting_value[k] = v # Update settings reg.put(setting_uid, setting_value) # Notify user router.session().add_success_message(lang.t('settings@settings_has_been_saved')) self.redirect = router.rule_url('settings@get_form', {'uid': setting_uid})
def _get_state(self) -> dict: """Get state. """ if self._oauth_token and self._oauth_token_secret: return {'stage': 'ready'} default = { 'stage': 'new', 'time': _dt.now(), 'oauth_token': None, 'oauth_token_secret': None } state = _router.session().get('oauth.twitter.session') if not state or (_dt.now() - state['time']).seconds > 60: state = default return state
def exec(self): # Check for error from Google error = self.arg('error') if error == 'access_denied': raise self.forbidden( lang.t('auth_ui_google@user_declined_authorization')) # Check for code from Google code = self.arg('code') if code: # Restore flow from session flow = router.session().get( 'google_oauth2_flow') # type: OAuth2WebServerFlow if not flow: raise self.forbidden('Cannot retrieve stored OAuth2 flow') # Exchange code to credentials credentials = flow.step2_exchange(code) user = auth.get_current_user() user.set_option('google_oauth2_credentials', credentials.to_json()) user.save() final_redirect = router.session().get( 'google_oauth2_final_redirect', router.base_url()) router.session().pop('google_oauth2_flow') router.session().pop('google_oauth2_final_redirect') return self.redirect(final_redirect) else: # Request new code from Google scope = self.args.pop('scope') # type: str if scope and ',' in scope: scope = scope.split(',') flow = auth_google.create_oauth2_flow( scope, router.current_url(True, query=dict(self.args))) router.session()['google_oauth2_flow'] = flow router.session()['google_oauth2_final_redirect'] = self.args.pop( '__redirect', router.base_url()) return self.redirect(flow.step1_get_authorize_url())
def router_dispatch(): """'pytsite.router.dispatch' event handler. """ if not reg.get('disqus.short_name') and auth.get_current_user().has_role('dev'): router.session().add_warning_message(lang.t('disqus@plugin_setup_required_warning'))
def router_dispatch(): if _auth.get_current_user().has_role('dev'): if not _reg.get('vkontakte.app_id') or not _reg.get('vkontakte.app_secret'): _router.session().add_warning_message(_lang.t('vkontakte@plugin_setup_required_warning'))
def _set_state(self, state: dict): """Set state. """ _router.session()['oauth.twitter.session'] = state return self
def router_dispatch(): if _reload.get_flag() and _auth.get_current_user().is_admin: _router.session().add_warning_message(_lang.t('reload_ui@reload_required'))
def exec(self): from . import _api model = self.arg('model') entity = _api.find(model, status='*', check_publish_time=False) \ .eq('_id', self.arg('eid')) \ .first() # type: _model.ContentWithURL # Check entity existence if not entity: raise self.not_found() # Check permissions if not entity.odm_auth_check_entity_permissions(CONTENT_PERM_VIEW): raise self.not_found() # Show non-published entities only to authors and users who can edit or delete them c_user = auth.get_current_user() if (entity.has_field('publish_time') and entity.publish_time > datetime.now()) or \ (entity.has_field('status') and entity.status in (CONTENT_STATUS_UNPUBLISHED, CONTENT_STATUS_WAITING)): if not (entity.author == c_user or entity.odm_auth_check_entity_permissions( [PERM_MODIFY, PERM_DELETE])): raise self.not_found() # Show warnings about unpublished entities if entity.has_field( 'publish_time') and entity.publish_time > datetime.now(): router.session().add_warning_message( lang.t('content@content_warning_future_publish_time')) if entity.has_field('status') and entity.status in ( CONTENT_STATUS_UNPUBLISHED, CONTENT_STATUS_WAITING): router.session().add_warning_message( lang.t('content@content_status_warning_{}'.format( entity.status))) # Breadcrumb breadcrumb = widget.select.Breadcrumb('content-index-breadcrumb') breadcrumb.append_item(lang.t('content@home_page'), router.base_url()) entity.content_breadcrumb(breadcrumb) # Meta title if entity.has_field('title'): title = entity.title metatag.t_set('title', title) metatag.t_set('og:title', title) metatag.t_set('twitter:title', title) # Meta description if entity.has_field('description'): description = entity.f_get('description') metatag.t_set('description', description) metatag.t_set('og:description', description) metatag.t_set('twitter:description', description) # Meta keywords if entity.has_field('tags'): metatag.t_set('keywords', entity.f_get('tags', as_string=True)) # Meta image if entity.has_field('images') and entity.images: metatag.t_set('twitter:card', 'summary_large_image') image_w = 900 image_h = 500 image_url = entity.images[0].get_url(width=image_w, height=image_h) metatag.t_set('og:image', image_url) metatag.t_set('og:image:width', str(image_w)) metatag.t_set('og:image:height', str(image_h)) metatag.t_set('twitter:image', image_url) else: metatag.t_set('twitter:card', 'summary') # Various metatags metatag.t_set('og:type', 'article') metatag.t_set('og:url', entity.url) metatag.t_set('article:publisher', entity.url) # 'Author' metatag if entity.has_field('author') and entity.author: metatag.t_set('author', entity.author.first_last_name) metatag.t_set('article:author', entity.author.first_last_name) # Alternate languages URLs for lng in lang.langs(False): f_name = 'localization_' + lng if entity.has_field(f_name) and entity.f_get(f_name): hreflang.put(lng, entity.f_get(f_name).url) else: hreflang.remove(lng) # Update args self.args.update({ 'entity': entity, 'breadcrumb': breadcrumb, }) # Notify listeners events.fire('content@view', entity=entity) try: # Call a controller provided by application return router.call('content_view', self.args) except routing.error.RuleNotFound: # Render a template provided by application return tpl.render('content/view', self.args)