def start(self, context, request, appstruct, **kw):
        login = appstruct['email']
        adapter = request.registry.queryMultiAdapter((context, request),
                                                     IUserLocator)
        if adapter is None:
            adapter = DefaultUserLocator(context, request)

        user = adapter.get_user_by_email(login)
        if user is not None:
            principals = find_service(user, 'principals')
            reset = principals.add_reset(user)
            reseturl = request.resource_url(reset)
            email = user.email
            site = get_site_folder(True)
            localizer = request.localizer
            mail_template = site.get_mail_template('reset_password')
            subject = mail_template['subject']
            message = mail_template['template'].format(
                person=user,
                user_title=localizer.translate(
                    _(getattr(user, 'user_title', ''))),
                reseturl=reseturl,
                lac_title=request.root.title)
            alert('email', [site.get_site_sender()], [email], {
                'subject': subject,
                'body': message
            })

        return {}
Exemple #2
0
 def velruse_login_complete_view(self):
     context = self.context
     request = self.request
     profile = context.profile
     account = profile['accounts'][0]
     domain = account['domain']
     username = account['username']
     userid = account['userid']
     sd_userid = f'{domain}_{userid}'
     root = root_factory(request)
     adapter = request.registry.queryMultiAdapter(
         (root, request), IUserLocator)
     if adapter is None:
         adapter = DefaultUserLocator(root, request)
     user = adapter.get_user_by_login(sd_userid)
     headers = []
     if user is None:
         photos = profile.get('photos')
         if photos:
             photo_url = photos[0]['value']
             request.session['photo_url'] = photo_url
         request.session['userid'] = sd_userid
         realname = profile['displayName']
         request.session['profilename'] = username
         request.session['realname'] = realname
         location = request.resource_url(root, 'create_profile')
     else:
         objectmap = find_objectmap(root)
         performer = list(objectmap.sources(user, PerformerToUser))[0]
         location = request.resource_url(performer)
         headers = remember(request, get_oid(user))
     return HTTPFound(location, headers=headers)
    def effective_principals(self, request):
        """ See IAuthenticationPolicy.
        """
        context = request.context
        effective_principals = [Everyone]
        userid = self.unauthenticated_userid(request)

        if userid is None:
            return effective_principals

        if userid in (Authenticated, Everyone): #pragma NO COVER
            return None

        effective_principals.append(userid)
        effective_principals.append('system.Identified')

        adapter = request.registry.queryMultiAdapter(
            (context, request), IUserLocator)
        if adapter is None:
            adapter = DefaultUserLocator(context, request)
        try:
            user = adapter.get_user_by_userid(userid)
        except ValueError:
            user = None
 
        if user is not None:
            effective_principals.append(Authenticated)
            effective_principals.extend(
                adapter.get_groupids(userid))

        return effective_principals
Exemple #4
0
    def login(self):
        """Log in with 'username' and 'password'
        """

        body = self.request.json_body

        if 'username' not in body or 'password' not in body:
            raise HTTPBadRequest()

        username = body['username']
        password = body['password']

        user_locator = self.request.registry.queryMultiAdapter(
            (self.context, self.request), IUserLocator)
        if user_locator is None:
            user_locator = DefaultUserLocator(self.context, self.request)

        user = user_locator.get_user_by_login(username)
        if user is None or not user.check_password(password):
            raise HTTPUnauthorized()

        headers = remember(self.request, get_oid(user))
        self.request.response.headerlist.extend(headers)

        self.request.registry.notify(
            LoggedIn(username, user, self.context, self.request))

        return self.user_json(user)
Exemple #5
0
    def start(self, context, request, appstruct, **kw):
        login = appstruct['email']
        adapter = request.registry.queryMultiAdapter(
                    (context, request),
                    IUserLocator
                    )
        if adapter is None:
            adapter = DefaultUserLocator(context, request)

        user = adapter.get_user_by_email(login)
        if user is not None:
            principals = find_service(user, 'principals')
            reset = principals.add_reset(user)
            reseturl = request.resource_url(reset)
            if not user.email:
                raise ValueError('User does not possess a valid email address.')

            subject = RESETPW_SUBJECT.format(novaideo_title=request.root.title)
            localizer = request.localizer
            message = RESETPW_MESSAGE.format(
                recipient_title=localizer.translate(_(getattr(user, 'user_title',''))),
                recipient_first_name=getattr(user, 'first_name', user.name),
                recipient_last_name=getattr(user, 'last_name',''),
                reseturl=reseturl,
                novaideo_title=request.root.title
                 )
            mailer_send(subject=subject, 
                recipients=[user.email], 
                body=message)

        return {}
Exemple #6
0
def velruse_login_complete_view(context, request):
    provider = context.provider_name
    profile = context.profile
    username = profile['accounts'][0]['username']
    root = root_factory(request)
    adapter = request.registry.queryMultiAdapter(
        (root, request), IUserLocator)
    if adapter is None:
        adapter = DefaultUserLocator(root, request)
    user = adapter.get_user_by_login(username)
    if user is None:
        registry = request.registry
        principals = find_service(root, 'principals')
        user = principals.add_user(username, registry=registry)
        performer = registry.content.create('Performer')
        root['performers'][username] = performer
        performer.title = profile['displayName']
        addresses = profile.get('addresses')
        if addresses:
            user.email = performer.email = addresses[0]['formatted']
        photos = profile.get('photos')
        if photos:
            performer.photo_url = photos[0]['value']
        performer.age = colander.null
        performer.sex = user.favorite_genre = None
        performer.user = user
        set_acl(performer, [(Allow, user.__oid__, ['yss.edit-profile'])])
        location = request.resource_url(performer, 'edit.html')
    else:
        location = request.resource_url(root['performers'][username])
    headers = remember(request, get_oid(user))
    return HTTPFound(location, headers=headers)
Exemple #7
0
def persona_login(context, request):
    check_csrf_token(request)
    email = verify_persona_assertion(request)
    root = root_factory(request)
    adapter = request.registry.queryMultiAdapter(
        (root, request), IUserLocator)
    if adapter is None:
        adapter = DefaultUserLocator(root, request)
    user = adapter.get_user_by_email(email)
    if user is None:
        registry = request.registry
        username = '******' % email
        principals = find_service(root, 'principals')
        user = principals.add_user(username, registry=registry)
        user.email = email
        performer = registry.content.create('Performer')
        root['performers'][username] = performer
        performer.user = user
        set_acl(performer, [(Allow, user.__oid__, ['yss.edit-profile'])])
        location = request.resource_url(performer, 'edit.html')
        performer.title = email
        performer.email = email
        performer.photo_url = persona_gravatar_photo(request, email)
        performer.age = colander.null
        performer.sex = user.favorite_genre = None
        location = request.resource_url(performer, 'edit.html')
    else:
        location = request.resource_url(root['performers'][user.__name__])
    headers = remember(request, get_oid(user))
    request.response.headers.extend(headers)
    return {'redirect': location, 'success': True}
    def start(self, context, request, appstruct, **kw):
        login = appstruct['email']
        adapter = request.registry.queryMultiAdapter(
            (context, request),
            IUserLocator
            )
        if adapter is None:
            adapter = DefaultUserLocator(context, request)

        user = adapter.get_user_by_email(login)
        if user is not None:
            principals = find_service(user, 'principals')
            reset = principals.add_reset(user)
            reseturl = request.resource_url(reset)
            email = user.email
            site = get_site_folder(True)
            localizer = request.localizer
            mail_template = site.get_mail_template('reset_password')
            subject = mail_template['subject']
            message = mail_template['template'].format(
                person=user,
                user_title=localizer.translate(
                    _(getattr(user, 'user_title', ''))),
                reseturl=reseturl,
                lac_title=request.root.title)
            alert('email', [site.get_site_sender()], [email],
                  {'subject': subject, 'body': message})

        return {}
    def _login_validator(node, value):
        adapter = request.registry.queryMultiAdapter((context, request),
                                                     IUserLocator)
        if adapter is None:
            adapter = DefaultUserLocator(context, request)

        user = adapter.get_user_by_email(value)
        if user is None:
            raise colander.Invalid(node, 'No such user %s' % value)
    def _login_validator(node, value):
        adapter = request.registry.queryMultiAdapter(
            (context, request),
            IUserLocator
            )
        if adapter is None:
            adapter = DefaultUserLocator(context, request)

        user = adapter.get_user_by_email(value)
        if user is None:
            raise colander.Invalid(node, 'No such user %s' % value)
Exemple #11
0
 def response(self):
     # import pdb; pdb.set_trace()
     adapter = DefaultUserLocator(self.context, self.request)
     user = adapter.get_user_by_userid(int(self.context.author))
     return {
         'title': self.context.title,
         'description': self.context.description,
         'text': self.context.text,
         'pubdate': self.context.pubdate.strftime('%Y-%m-%d %H:%M:%S'),
         'keywords': self.context.keywords,
         'author': user.name,
         'short_description': self.context.short_description,
     }
Exemple #12
0
def email_validator(node, kw):
    context = node.bindings['context']
    request = node.bindings['request']
    adapter = request.registry.queryMultiAdapter(
        (context, request),
        IUserLocator
        )
    if adapter is None:
        adapter = DefaultUserLocator(context, request)
    user = adapter.get_user_by_email(kw)
    if user and user is not context:
        raise colander.Invalid(node,
                _('${email} email address already in use',
                  mapping={'email': kw}))
Exemple #13
0
def login(context, request):
    login_url = request.sdiapi.mgmt_path(request.context, 'login')
    referrer = request.url
    if '/auditstream-sse' in referrer:
        # If we're being invoked as the result of a failed request to the
        # auditstream sse view, bail.  Otherwise the came_from will be set to
        # the auditstream URL, and the user who this happens to will eventually
        # be redirected to it and they'll be left scratching their head when
        # they see e.g. "id: 0-10\ndata: " when they log in successfully.
        return HTTPForbidden()
    if login_url in referrer:
        # never use the login form itself as came_from
        referrer = request.sdiapi.mgmt_path(request.virtual_root)
    came_from = request.session.setdefault('sdi.came_from', referrer)
    login = ''
    password = ''
    if 'form.submitted' in request.params:
        try:
            check_csrf_token(request)
        except:
            request.session.flash('Failed login (CSRF)', 'error')
        else:
            login = request.params['login']
            password = request.params['password']
            adapter = request.registry.queryMultiAdapter(
                (context, request),
                IUserLocator
                )
            if adapter is None:
                adapter = DefaultUserLocator(context, request)
            user = adapter.get_user_by_login(login)
            if user is not None and user.check_password(password):
                request.session.pop('sdi.came_from', None)
                headers = remember(request, get_oid(user))
                request.registry.notify(LoggedIn(login, user, context, request))
                return HTTPFound(location = came_from, headers = headers)
            request.session.flash('Failed login', 'error')

    # Pass this through FBO views (e.g., forbidden) which use its macros.
    template = get_renderer('substanced:sdi/views/templates/login.pt'
                           ).implementation()
    return dict(
        url = request.sdiapi.mgmt_path(request.virtual_root, '@@login'),
        came_from = came_from,
        login = login,
        password = password,
        login_template = template,
        )
Exemple #14
0
    def check_user(self):
        login = self.params('email')
        password = self.params('password')
        context = self.context
        request = self.request
        adapter = request.registry.queryMultiAdapter((context, request),
                                                     IUserLocator)
        if adapter is None:
            adapter = DefaultUserLocator(context, request)
        user = adapter.get_user_by_email(login)
        if user and user.check_password(password) and \
           (has_role(user=user, role=('Admin', )) or \
           'active' in getattr(user, 'state', [])):
            return {'check': True}

        return {'check': False}
Exemple #15
0
def internal_login(context, request):

    login = ''
    password = ''

    if 'form.submitted' in request.POST:
        try:
            check_csrf_token(request)
        except:
            request.sdiapi.flash('Failed login (CSRF)', 'danger')
        else:
            login = request.POST['login']
            password = request.POST['password']
            root = request.root
            adapter = request.registry.queryMultiAdapter(
                (root, request), IUserLocator)
            if adapter is None:
                adapter = DefaultUserLocator(root, request)
            user = adapter.get_user_by_login(login)
            if user is None:
                request.session.flash('Bad username or password', 'danger')
            else:
                if user.check_password(password):
                    request.registry.notify(LoggedIn(
                        login, user, context, request))
                    objectmap = find_objectmap(root)
                    try:
                        performer = list(
                            objectmap.sources(user, PerformerToUser)
                        )[0]
                    except IndexError:
                        request.session.flash(
                            'No performer associated with account', 'danger'
                        )
                    else:
                        headers = remember(request, get_oid(user))
                        location = request.resource_url(performer)
                        return HTTPFound(location, headers=headers)
                else:
                    request.session.flash('Bad username or password', 'danger')

    return {
        'login':login,
        'password':password,
        'login_url':request.resource_url(
            request.virtual_root, '@@internal_login'),
    }
Exemple #16
0
def email_validator(node, kw):
    context = node.bindings['context']
    request = node.bindings['request']
    root = getSite()
    adapter = request.registry.queryMultiAdapter(
        (context, request),
        IUserLocator
        )
    if adapter is None:
        adapter = DefaultUserLocator(context, request)
    user = adapter.get_user_by_email(kw)
    preregistrations = [pr for pr in root.preregistrations
                        if getattr(pr, 'email', '') == kw]
    if (user and user is not context) or preregistrations:
        raise colander.Invalid(node,
                _('${email} email address already in use',
                  mapping={'email': kw}))
Exemple #17
0
    def check_user(self):
        login = self.params('email')
        password = self.params('password')
        context = self.context
        request = self.request
        adapter = request.registry.queryMultiAdapter(
            (context, request),
            IUserLocator
            )
        if adapter is None:
            adapter = DefaultUserLocator(context, request)
        user = adapter.get_user_by_email(login)
        if user and user.check_password(password) and \
           (has_role(user=user, role=('Admin', )) or \
           'active' in getattr(user, 'state', [])):
            return {'check': True}

        return {'check': False}
Exemple #18
0
def validate_user(context, request, appstruct):
    login = appstruct.get('login')
    password = appstruct.get('password')
    adapter = request.registry.queryMultiAdapter((context, request),
                                                 IUserLocator)
    if adapter is None:
        adapter = DefaultUserLocator(context, request)

    user = adapter.get_user_by_email(login)
    valid = user and user.check_password(password) and \
                (has_role(user=user, role=('Admin', )) or \
                 'active' in getattr(user, 'state', []))
    headers = None
    if user and valid:
        request.session.pop('lac.came_from', None)
        headers = remember(request, get_oid(user))
        request.registry.notify(LoggedIn(login, user, context, request))

    return user, valid, headers
Exemple #19
0
    def persons_contacted(self):
        """ Return all contacted persons"""

        request = get_current_request()
        adapter = request.registry.queryMultiAdapter(
                (self, request),
                IUserLocator
                )
        if adapter is None:
            adapter = DefaultUserLocator(self, request)

        result = []
        for email in self._email_persons_contacted:
            user = adapter.get_user_by_email(email)
            if user is not None:
                result.append(user)
            else:
                result.append(email.split('@')[0].split('+')[0])

        return set(result)
Exemple #20
0
def _get_user_by_attr(attr, login, request=None):
    if request is None:
        request = get_current_request()

    registry = request.registry
    app = request.root
    locator = registry.queryMultiAdapter((app, request), IUserLocator)
    if locator is None:
        locator = DefaultUserLocator(app, request)

    user = getattr(locator, attr)(login)
    return user
    def authenticated_userid(self, request):
        """ See IAuthenticationPolicy.
        """
        context = request.context
        userid = self.unauthenticated_userid(request)
        if userid is None:
            return None

        if userid in (Authenticated, Everyone): #pragma NO COVER
            return None

        adapter = request.registry.queryMultiAdapter(
            (context, request), IUserLocator)
        if adapter is None:
            adapter = DefaultUserLocator(context, request)
        try:
            user = adapter.get_user_by_userid(userid)
        except ValueError: #pragma NO COVER
            user = None

        if user is not None:
            return userid
Exemple #22
0
def validate_user(context, request, appstruct):
    login = appstruct.get('login')
    password = appstruct.get('password')
    adapter = request.registry.queryMultiAdapter(
        (context, request),
        IUserLocator
        )
    if adapter is None:
        adapter = DefaultUserLocator(context, request)

    user = adapter.get_user_by_email(login)
    valid = user and user.check_password(password) and \
                (has_role(user=user, role=('Admin', )) or \
                 'active' in getattr(user, 'state', []))
    headers = None
    if user and valid:
        request.session.pop('lac.came_from', None)
        headers = remember(request, get_oid(user))
        request.registry.notify(LoggedIn(
            login, user, context, request))

    return user, valid, headers