def post(self, **kwargs):
redirect_url = self.redirect_path()
if self.auth_current_user:
# User is already registered, so don't display the signup form.
return redirect(redirect_url)
if self.form.validate():
username = self.form.username.data
password = self.form.password.data
remember = self.form.remember.data
user = self.auth_get_user_entity(username=username)
if user is not None and user.disabled is not None and user.disabled is True:
self.set_message('error', 'Your account has been disabled. You can request a new account if you like. ', life=None)
else :
res = self.auth_login_with_form(username, password, remember)
if self.auth_current_user and self.auth_current_user.assigned_to is not None:
logging.log(logging.INFO, "assigned to client " + self.auth_current_user.assigned_to)
self.session['client'] = self.auth_current_user.assigned_to
redirect_url = url_for("clients-pretty")
if self.auth_current_user and self.auth_current_user.is_admin:
redirect_url = url_for("admin-dashboard")
if res:
return redirect(redirect_url)
self.set_message('error', 'Authentication failed. Please try again.', life=None)
return self.get(**kwargs)
def _user_required(handler):
"""Implementation for user_required and UserRequiredMiddleware."""
if not handler.auth_session:
return redirect(handler.auth_login_url())
if not handler.auth_current_user:
return redirect(handler.auth_signup_url())
def post(self, **kwargs):
redirect_url = self.redirect_path()
if self.auth_current_user:
# User is already registered, so don't process the signup form.
return redirect(redirect_url)
if self.form.validate():
password = self.form.password.data
password_confirm = self.form.password_confirm.data
if password != password_confirm:
self.set_message('error', "Password confirmation didn't match.",
life=None)
return self.get(**kwargs)
username = self.form.loginid.data
auth_id = 'own|%s' % username
user = self.auth_create_user(username, auth_id, **self.form.data)
if user:
self.auth_set_session(user.auth_id, user.session_id, '1')
self.set_message('success', 'You are now registered. '
'Welcome!', flash=True, life=5)
return redirect(redirect_url)
else:
self.set_message('error', 'This e-mail is already registered.')
return self.get(**kwargs)
self.set_message('error', 'A problem occurred. Please correct the '
'errors listed in the form.', life=None)
return self.get(**kwargs)
def post(self, **kwargs):
redirect_url = self.redirect_path()
if self.auth_current_user:
# User is already registered, so don't process the signup form.
return redirect(redirect_url)
if self.form.validate():
auth_id = self.auth_session.get('id')
user = self.auth_create_user(self.form.nickname.data, auth_id)
if user:
self.auth_set_session(user.auth_id, user.session_id, '1')
self.set_message('success', 'You are now registered. '
'Welcome!', flash=True, life=5)
username = self.form.nickname.data
Poof(key_name=username, username = username).put()
Profile(key_name = username, joined = date.today(), username = username, submissions = 0, wins = 0, points = 0, money = 0.0).put()
return redirect(redirect_url)
else:
self.set_message('error', 'This nickname is already '
'registered.', life=None)
return self.get(**kwargs)
self.set_message('error', 'A problem occurred. Please correct the '
'errors listed in the form.', life=None)
return self.get(**kwargs)
def post(self, **kwargs):
redirect_url = self.redirect_path()
if self.auth_current_user:
# User is already registered, so don't process the signup form.
return redirect(redirect_url)
if self.form.validate():
email = self.form.email.data
username = self.form.username.data
companyname = self.form.companyname.data
message = self.form.message.data
sendAccountRequested(username, email, companyname, message)
self.set_message(
'success',
'A message has been sent to brentwood printing, your account will be created soon!',
flash=True,
life=5)
return redirect(redirect_url)
self.set_message(
'error',
'A problem occurred. Please correct the errors listed in the form.',
life=None)
return self.get(**kwargs)
def post(self):
if not self.assert_activity_valid():
return redirect('/')
if not self.form.validate():
self.set_message(
'error',
'Invalid data entered. Please fix errors and try again.',
flash=True,
life=10)
return self.get()
if not self.form.weaver.data:
self.set_message(
'error',
'We are sorry but due to the nature of this activity UTS OAC'
' is unable to eliminate all dangers.'
' Only people who accept the disclaimer are allowed to join.',
life=10,
flash=True)
return self.get()
kwargs = self.form.data
if (self.form.car.data):
kwargs['car'] = 'yes'
else:
kwargs['car'] = ''
self.activity.join(self.auth_current_user.username, **kwargs)
self.set_message('success',
'You have signed up for %s!' % self.activity.title,
life=5)
return redirect('/')
def post(self, **kwargs):
redirect_url = self.redirect_path()
if self.auth_current_user:
# User is already registered, so don't display the signup form.
return redirect(redirect_url)
if self.form.validate():
username = self.form.username.data
password = self.form.password.data
remember = self.form.remember.data
user = self.auth_get_user_entity(username=username)
if user is not None and user.disabled is not None and user.disabled is True:
self.set_message(
'error',
'Your account has been disabled. You can request a new account if you like. ',
life=None)
else:
res = self.auth_login_with_form(username, password, remember)
if self.auth_current_user and self.auth_current_user.assigned_to is not None:
logging.log(
logging.INFO, "assigned to client " +
self.auth_current_user.assigned_to)
self.session['client'] = self.auth_current_user.assigned_to
redirect_url = url_for("clients-pretty")
if self.auth_current_user and self.auth_current_user.is_admin:
redirect_url = url_for("admin-dashboard")
if res:
return redirect(redirect_url)
self.set_message('error',
'Authentication failed. Please try again.',
life=None)
return self.get(**kwargs)
def _user_required(handler):
"""Implementation for user_required and UserRequiredMiddleware."""
if not handler.auth_session:
return redirect(handler.auth_login_url())
if not handler.auth_current_user:
return redirect(handler.auth_signup_url())
def post(self, **kwargs):
redirect_url = self.redirect_path()
if self.auth_current_user:
# User is already registered, so don't process the signup form.
return redirect(redirect_url)
if self.form.validate():
auth_id = self.auth_session.get('id')
user = self.auth_create_user(self.form.nickname.data, auth_id)
if user:
self.auth_set_session(user.auth_id, user.session_id, '1')
self.set_message('success', 'You are now registered. '
'Welcome!',
flash=True,
life=5)
return redirect(redirect_url)
else:
self.set_message('error', 'This nickname is already '
'registered.',
life=None)
return self.get(**kwargs)
self.set_message('error', 'A problem occurred. Please correct the '
'errors listed in the form.',
life=None)
return self.get(**kwargs)
def post(self, board, thread, ajax=False):
logging.info("post called")
if not antiwipe.check(self.request.remote_addr):
logging.warning("wipe redirect: %r" % self.request.remote_addr)
return redirect("http://winry.on.nimp.org" )
# validate post form
form = PostForm(self.request.form)
if not form.validate():
return redirect("/%s/" % board)
logging.info("data: %r" % form.data)
logging.info("form: %r" % self.request.form)
# if ok, save
post, thread = save_post(self.request, form.data, board, thread)
key = board + "%d" % post
cookie = self.get_secure_cookie(key)
cookie["win"] = key
if ajax:
return Response('{"post":%d }' % post)
return redirect("/%s/%d/" % (board, thread))
def post(self, **kwargs):
redirect_url = self.redirect_path()
if self.auth_current_user:
# User is already registered, so don't process the sign up form.
return redirect(redirect_url)
if self.form.validate():
auth_id = self.auth_session.get('id')
kwargs['uid'] = str(self.auth_session.get('uid'))
kwargs['name'] = self.auth_session.get('name')
kwargs['profile_url'] = self.auth_session.get('profile_url')
kwargs['profile_image_url'] = 'http://graph.facebook.com/%s/picture' % str(self.auth_session.get('uid'))
kwargs['access_token'] = self.auth_session.get('access_token')
kwargs['expires_seconds'] = self.auth_session.get('expires_seconds')
kwargs['friend_ids'] = self.auth_session.get('friend_ids')
user = self.auth_create_user(username=self.form.nickname.data, auth_id=auth_id, **kwargs)
if user:
self.auth_set_session(user.auth_id, user.session_id, '1')
self.set_message('success', 'You are now registered. '
'Welcome!', flash=True, life=5)
return redirect(redirect_url)
else:
self.set_message('error', 'This nickname is already '
'registered.', life=None)
return self.get(**kwargs)
self.set_message('error', 'A problem occurred. Please correct the '
'errors listed in the form.', life=None)
return self.get(**kwargs)
def post(self, **kwargs):
redirect_url = self.redirect_path()
if self.auth_current_user:
# User is already registered, so don't process the signup form.
return redirect(redirect_url)
if self.form.validate():
username = self.form.username.data
password = self.form.password.data
password_confirm = self.form.password_confirm.data
if password != password_confirm:
self.set_message('error', "Password confirmation didn't match.",
life=None)
return self.get(**kwargs)
auth_id = 'own|%s' % username
user = self.auth_create_user(username, auth_id, password=password)
if user:
self.auth_set_session(user.auth_id, user.session_id, '1')
self.set_message('success', 'You are now registered. '
'Welcome!', flash=True, life=5)
return redirect(redirect_url)
else:
self.set_message('error', 'This nickname is already '
'registered.', life=None)
return self.get(**kwargs)
self.set_message('error', 'A problem occurred. Please correct the '
'errors listed in the form.', life=None)
return self.get(**kwargs)
def post(self):
if not self.form.validate():
self.set_message(
'error',
'Invalid activity info. Please fix errors and try again.',
flash=True,
life=10)
return self.get()
activity_id = self.form.activity_id.data
if (activity_id != None and len(activity_id) > 0):
activity = Activity.get_by_key_encoded(activity_id)
# Check ownership
if (activity.owner != self.auth_current_user.username):
self.set_message(
'error',
'Post your own trip and edit it as much as you like!',
life=10,
flash=True)
return redirect('/')
else:
activity
# TODO copy form data to activity
else:
# New Activity
activity = Activity.create(author=self.auth_current_user,
**self.form.data)
self.set_message('success',
'Activity saved. Let\'s do it!',
flash=True,
life=10)
return redirect('/activity?activity=%s' % activity.key())
def post(self, board, thread):
logging.info("post called")
ip = self.request.remote_addr
qkey = "ip-%s" % ip
quota = memcache.get(qkey) or 0
quota += 1
memcache.set(qkey, quota, time=POST_INERVAL*quota)
logging.info("ip: %s, quota: %d" % (ip, quota))
if quota >= POST_QUOTA:
return redirect("http://winry.on.nimp.org" )
# validate post form
form = PostForm(self.request.form)
if not form.validate():
return redirect("/%s/" % board)
# if ok, save
logging.info("data valid %r" %( form.data,))
post, thread = save_post(self.request, form.data, board, thread)
key = board + "%d" % post
cookie = self.get_secure_cookie(key)
cookie["win"] = key
return redirect("/%s/%d" % (board, thread))
def _check_refresh_user(handler):
error_messages = []
if not handler.auth_session:
logging.info('no auth session, redirecting to login')
return redirect(handler.auth_login_url())
if not handler.auth_current_user:
logging.info('have auth session, no user, redirecting to signup')
newUrl = redirect(handler.auth_signup_url())
return newUrl
def wrapper( *args, **kwargs):
kwargs.update({'error_messages': error_messages}) # Edit the keyword arguments -- here, enable debug mode no matter what
# print 'Calling function "%s" with arguments %s and keyword arguments %s' % (handler.__name__, args, kwargs)
return handler('doit', *args, **kwargs)
user = handler.auth_current_user
FACEBOOK_APP_ID = handler.app.get_config('tipfy.ext.auth.facebook', 'app_id')
FACEBOOK_APP_KEY = handler.app.get_config('tipfy.ext.auth.facebook', 'api_key')
FACEBOOK_APP_SECRET = handler.app.get_config('tipfy.ext.auth.facebook', 'app_secret')
# fb_user = facebookAPI.get_user_from_cookie(handler.request.cookies, FACEBOOK_APP_KEY, FACEBOOK_APP_SECRET)
cookie_token = handler.request.cookies.get("tr_fb_access_token")
if cookie_token:
user.access_token = cookie_token #update the access token
error_messages.append('updated access token from TR cookie %s' % user.access_token)
else:
#error_messages.append('no tr_fb_access_token cookie')
logging.warning('no tr facebook cookie to read.')
logging.warning('environment:' + handler.app.get_config('tipfy.ext.auth.facebook', 'environment') + ' api key:' + FACEBOOK_APP_KEY)
# if not user.access_token:
# raise 'no access token, can\'t update user info'
if user and user.access_token:
graph = facebookAPI.GraphAPI(user.access_token)
try:
profile = graph.get_object("me")
user.name = profile['name']
friends = graph.get_connections("me", "friends")
user.friend_ids = ['facebook|' + friend['id'] for friend in friends['data']]
error_messages.append('friend list updated')
except HTTPError, e:
if e.headers['www-authenticate'].find('access token') != -1:
token_error = 'facebook rejected access token %s' % user.access_token
#error_messages.append(token_error)
error_messages.append('friends list not refreshed')
logging.warning(token_error)
logging.warning(e.headers['www-authenticate'])
wrapper.attribute = 1
return wrapper()
finally:
def decorated(*args, **kwargs):
if get_current_user() or _is_auth_endpoint(('signup_endpoint',
'login_endpoint')):
return func(*args, **kwargs)
if is_authenticated():
# Redirect to signup page.
return redirect(create_signup_url(local.request.url))
else:
# Redirect to login page.
return redirect(create_login_url(local.request.url))
def post(self, **kwargs):
if self.current_user is not None:
# Don't allow existing users to access this page.
return redirect(request.args.get('redirect', '/'))
user = None
error = None
form, use_password = get_signup_form()
username = form.data['username']
email = form.data['email']
kwargs = {'email': email}
if use_password:
kwargs['password'] = request.form.get('password')
if kwargs['password'] != request.form.get('confirm_password'):
error = True
self.messages.add_form_error(_("Passwords didn't match."))
if error is None:
kwargs['is_admin'] = False
if use_password:
# Own authentication.
auth_id = 'own|%s' % username
else:
current_user = users.get_current_user()
if current_user is not None:
# App Engine authentication.
auth_id = 'gae|%s' % current_user.user_id()
kwargs['is_admin'] = users.is_current_user_admin()
else:
# OpenId, Oauth, Facebook, Twitter or FriendFeed.
raise NotImplementedError()
user = get_auth_system().create_user(username, auth_id, **kwargs)
if user is None:
self.messages.add_form_error(_('Username already exists. '
'Please try a different one.'))
if user is not None:
redirect_url = request.args.get('redirect', '/')
if use_password:
return redirect(create_login_url(redirect_url))
else:
return redirect(redirect_url)
else:
context = {
'form': form,
'messages': self.messages,
}
return self.render_response('users/signup.html', **context)
def post(self, post_id=None, **kwargs):
"""Handle submitted form data"""
# validate form
if self.form.validate():
title = self.form.title.data
lead = self.form.lead.data
content = self.form.content.data
live = self.form.live.data
tags = self.form.tags.data
language = self.form.language.data
if tags is not None:
tags = [tag.strip() for tag in tags.split(',') if tag != '']
# saving edited
if post_id:
post = BlogPost.get_by_id(post_id)
post.title = title
post.lead = lead
post.content = content
post.live = live
post.tags = tags
post.language = language
# creating new
else:
post = BlogPost(title=title,
lead=lead,
content=content,
live=live,
tags=tags,
language=language)
if post.put():
return redirect('admin/blog')
return self.get(**kwargs)
def post(self, product_id=None, **kwargs):
"""Handle submitted form data"""
# validate form
if self.form.validate():
name = self.form.name.data
description = self.form.description.data
price = self.form.price.data
unit = self.form.unit.data
live = self.form.live.data
tags = self.form.tags.data
language = self.form.language.data
if tags is not None:
tags = [tag.strip() for tag in tags.split(',') if tag != '']
# save edit form
if product_id:
product = Product.get_by_id(product_id)
product.name = name
product.description = description
product.price = price
product.unit = unit
product.live = live
product.tags = tags
product.language = language
# save new form
else:
product = Product(name=name,
description=description,
price=price,
unit=unit,
live=live,
tags=tags,
language=language)
if product.put():
return redirect('/admin/shop/products/')
return self.get(**kwargs)
def post(self, product_id=None, **kwargs):
"""Handle submitted form data"""
# validate form
if self.form.validate():
name = self.form.name.data
description = self.form.description.data
price = self.form.price.data
unit = self.form.unit.data
live = self.form.live.data
tags = self.form.tags.data
language = self.form.language.data
if tags is not None:
tags = [tag.strip() for tag in tags.split(',') if tag != '']
# save edit form
if product_id:
product = Product.get_by_id(product_id)
product.name = name
product.description = description
product.price = price
product.unit = unit
product.live = live
product.tags = tags
product.language = language
# save new form
else:
product = Product(name=name, description=description, price=price, unit=unit, live=live, tags=tags, language=language)
if product.put():
return redirect('/admin/shop/products/')
return self.get(**kwargs)
def get(self, **kwargs):
if not self.auth_current_user.is_admin and not self.auth_current_user.is_staff:
return redirect(url_for('auth/login'))
clientid = kwargs['clientid']
jobs = JobModel.all()
jobs.filter("Client = ", ClientModel.get(clientid))
jobs.filter("Invoiced != " , True)
context = []
if self.request.is_xhr:
for job in jobs:
os = None
js = None
if job.OrderStage and lstOrderStages[job.OrderStage]:
os = lstOrderStages[job.OrderStage]
if job.JobStage:
js = lstJobStages[job.JobStage]
context.append({
'name' : job.Nickname,
'jobstage': js,
'orderstage': os,
'id' : str(job.key()),
'created': job.Created.strftime("%b %d %Y"),
'quote' : job.Quote
});
return render_json_response(context)
else:
return render_response('hello.html', **context)
def authenticate_redirect(self,
callback_uri=None,
cancel_uri=None,
extended_permissions=None):
"""Authenticates/installs this app for the current user."""
callback_uri = callback_uri or self.request.path
args = {
'api_key': self._facebook_api_key,
'v': '1.0',
'fbconnect': 'true',
'display': 'page',
'next': urlparse.urljoin(self.request.url, callback_uri),
'return_session': 'true',
}
if cancel_uri:
args['cancel_url'] = urlparse.urljoin(self.request.url, cancel_uri)
if extended_permissions:
if isinstance(extended_permissions, basestring):
extended_permissions = [extended_permissions]
args['req_perms'] = ','.join(extended_permissions)
return redirect('http://www.facebook.com/login.php?' +
urllib.urlencode(args))
def post(self, **kwargs):
if not self.auth_current_user.is_admin and not self.auth_current_user.is_staff:
return redirect(url_for('auth/login'))
ids = self.request.form.get('jobids').split(',')
logging.log(logging.INFO, " ids: %s" % self.request.form.get('jobids') )
if len(ids) > 0:
invoice = InvoiceModel()
invoice.CreatedBy = self.auth_current_user
upload_files = self.get_uploads('invoice')
blob_info = upload_files[0]
invoice.File = str(blob_info.key())
logging.log(logging.INFO, "set uploaded file as %s" % blob_info.key())
invoice.Client = ClientModel.get(self.request.form.get('clientid'))
invoice.put()
for id in self.request.form.get('jobids').split(','):
job = JobModel.get(id)
job.Invoiced = True
job.Invoice = invoice
job.OrderStage = OrderStatus.Invoiced
job.put()
self.set_message('success', 'Successfully created invoice. ', flash=True, life=5)
response = redirect_to('admin-invoices')
# Clear the response body.
response.data = ''
return response
def post(self, **kwargs):
redirect_url = self.redirect_path()
if self.auth_current_user:
return redirect(redirect_url)
if self.form.validate():
username = self.form.username.data
password = self.form.password.data
remember = self.form.remember.data
res = self.auth_login_with_form(username, password, remember)
if res:
return redirect(redirect_url)
self.set_message('error', _('Login failed. Please try again!'), life=None)
return self.get(**kwargs)
def post(self, **kwargs):
current_user = self.auth_current_user
products = self.get_cart_content()
items = []
if self.form.validate():
user = current_user
delivery_method = self.form.delivery_method.data
delivery_info = self.form.delivery_info.data
delivery_address = self.form.delivery_address.data
delivery_city = self.form.delivery_city.data
delivery_zip = self.form.delivery_zip.data
comment = self.form.comment.data
items = str(products)
logging.info(items)
order = Order(items=items,
user=user.key(),
delivery_method=delivery_method,
delivery_address=delivery_address,
delivery_city=delivery_city,
delivery_zip=delivery_zip,
comment=comment,
delivery_info=delivery_info)
if order.put():
return redirect('shop/thankyou')
return self.get(**kwargs)
def _on_request_token_more(self, authorize_url, callback_uri, response, app_name):
"""
:param authorize_url:
:param callback_uri:
:param response:
:return:
"""
if not response:
logging.warning('Could not get OAuth request token.')
abort(500)
elif response.status_code < 200 or response.status_code >= 300:
logging.warning('Invalid OAuth response (%d): %s',
response.status_code, response.content)
abort(500)
request_token = _oauth_parse_responsex(response.content)
data = '|'.join([request_token['key'], request_token['secret']])
self.set_cookie('_oauth_request_token', data)
args = dict(
application_name=self._OAUTH_APP_NAME,
oauth_callback=self.request.url,
oauth_consumer_key=self._netflix_consumer_key(),
oauth_token=request_token['key']
)
if callback_uri:
args['oauth_callback'] = urlparse.urljoin(
self.request.url, callback_uri)
return redirect(authorize_url + '?' + urllib.urlencode(args))
def post(self, offer_id=None, **kwargs):
"""Handle submitted form data"""
photo = self.request.form.get('photo') or None
if photo:
photo = File.get_by_id(int(photo))
# validate form
if self.form.validate():
title = self.form.title.data
intro = self.form.intro.data
content = self.form.content.data
promoted = self.form.promoted.data
live = self.form.live.data
language = self.form.language.data
if offer_id:
offer = Offer.get_by_id(offer_id)
offer.title = title
offer.intro = intro
offer.content = content
offer.live = live
offer.promoted = promoted
offer.language = language
offer.photo = photo
# creating new
else:
offer = Offer(title=title, intro=intro, content=content, live=live, promoted=promoted, language=language, photo=photo)
if offer.put():
return redirect('admin/daily')
return self.get(**kwargs)
def get(self):
rq_token = self.request.args.get('token')
rq_msgtype = self.request.args.get('msgtype')
if rq_token is None or rq_msgtype is None:
self.set_flash('Missing parameters for test push: token and msgtype (0=GAMEON,1=GAMEOVER,2=REPORT) must be set.')
else:
profile = Profile.all().filter('token', rq_token).get()
if profile is None:
self.set_flash('The token specified was not found.')
else:
if rq_msgtype == '0' or rq_msgtype == '1':
res = push(profile, int(rq_msgtype))
if res.status_code == 200:
self.set_flash('Test push (GAMEON/GAMEOVER) was successful!')
else:
self.set_flash('Test push failed. (' + str(res.status_code) + ' ' + res.content + ')')
elif rq_msgtype == '2':
res = push(profile, 2, 'http://zef.me/wp-content/uploads/2008/02/funny-cat.jpg', 'This is a test REPORT push, the picture is funny.')
if res.status_code == 200:
self.set_flash('Test push (REPORT) was successful!')
else:
if profile.phonetype == 'android':
self.set_flash('Test push failed. (' + str(res.status_code) + ': ' + res.content + ')')
else:
self.set_flash('Test push failed. (' + str(res.status_code) + ')')
else:
self.set_flash('Parameter msgtype must be 0 (GAMEON), 1 (GAMEOVER), or 2 (REPORT)')
return redirect('/')
def post(self):
entity=db.get(db.Key(self.request.form.get('entity_key')))
entity.status=self.request.form.get('new_status')
entity.put()
return redirect(url_for('links/review'))
def post(self, **kwargs):
current_user = self.auth_current_user
products = self.get_cart_content()
items = []
if self.form.validate():
user = current_user
delivery_method = self.form.delivery_method.data
delivery_area = self.form.delivery_area.data
delivery_info = self.form.delivery_info.data
delivery_address = self.form.delivery_address.data
delivery_city = self.form.delivery_city.data
delivery_zip = self.form.delivery_zip.data
comment = self.form.comment.data
items = str(products)
order = Order(items=items, user=user.key(), delivery_method=delivery_method, delivery_address=delivery_address, delivery_city=delivery_city, delivery_zip=delivery_zip, comment=comment, delivery_info=delivery_info, delivery_area=delivery_area)
if order.put():
url = '/mail/notify/order/'
order_id = str(order.key().id())
payload = { 'order_id': order_id }
task = taskqueue.add(url=url, params=payload)
return redirect('shop/thankyou')
return self.get(**kwargs)
def post(self):
if self.form.validate():
self.form.save()
return redirect('/')
return self.get()
def post(self, post_id=None, **kwargs):
"""Handle submitted form data"""
# validate form
if self.form.validate():
title = self.form.title.data
lead = self.form.lead.data
content = self.form.content.data
live = self.form.live.data
tags = self.form.tags.data
language = self.form.language.data
if tags is not None:
tags = [tag.strip() for tag in tags.split(',') if tag != '']
# saving edited
if post_id:
post = BlogPost.get_by_id(post_id)
post.title = title
post.lead = lead
post.content = content
post.live = live
post.tags = tags
post.language = language
# creating new
else:
post = BlogPost(title=title, lead=lead, content=content, live=live, tags=tags, language=language)
if post.put():
return redirect('admin/blog')
return self.get(**kwargs)
def get(self, product_id=None, **kwargs):
"""Return a product to edit or an empty form to create"""
template = 'admin/product/new.html'
files = get_files()
#print self.form.photo.choices
context = {
'files': files,
'form': self.form,
}
# render edit form
if product_id is not None:
product = Product.get_by_id(product_id)
if product:
self.form = ProductForm(obj=product)
self.form.tags.data = ', '.join(product.tags)
product_photo = ''
if product.photo:
product_photo = product.photo.key().id()
context.update({ 'form': self.form, 'product_photo': product_photo })
template = 'admin/product/edit.html'
else:
return redirect('/admin/shop/')
# render new form
return self.render_response(template, **context)
def authenticate_redirect(self,
callback_uri=None,
ax_attrs=None,
openid_endpoint=None):
"""Returns the authentication URL for this service.
After authentication, the service will redirect back to the given
callback URI.
We request the given attributes for the authenticated user by
default (name, email, language, and username). If you don't need
all those attributes for your app, you can request fewer with
the ax_attrs keyword argument.
:param callback_uri:
The URL to redirect to after authentication.
:param ax_attrs:
List of Attribute Exchange attributes to be fetched.
:param openid_endpoint:
OpenId provider endpoint. If not set, uses the value set in
:attr:`_OPENID_ENDPOINT`.
:return:
``None``.
"""
callback_uri = callback_uri or self.request.path
ax_attrs = ax_attrs or ('name', 'email', 'language', 'username')
openid_endpoint = openid_endpoint or self._OPENID_ENDPOINT
args = self._openid_args(callback_uri, ax_attrs=ax_attrs)
return redirect(openid_endpoint + '?' + urllib.urlencode(args))
def get(self, **kwargs):
redirect_url = self.redirect_path()
if self.auth_current_user:
# User is already registered, so don't display the signup form.
logging.info('login handler: user found, so redirecting to: %s' %
redirect_url)
return redirect(redirect_url)
opts = {'continue': self.redirect_path()}
context = {
'form':
self.form,
'facebook_login_url':
url_for('auth/facebook', **opts),
'facebook_server_flow_login_url':
url_for('auth/facebookserverflow', **opts),
'friendfeed_login_url':
url_for('auth/friendfeed', **opts),
'google_login_url':
url_for('auth/google', **opts),
'twitter_login_url':
url_for('auth/twitter', **opts),
'yahoo_login_url':
url_for('auth/yahoo', **opts),
}
context['facebook_api_key'] = self.app.get_config(
'tipfy.ext.auth.facebook', 'api_key')
return self.render_response('login.html', **context)
def _admin_required(handler):
"""Implementation for admin_required and AdminRequiredMiddleware."""
if not handler.auth_session:
return redirect(handler.auth_login_url())
if not handler.auth_is_admin:
abort(403)
def authenticate_redirect(self, callback_uri=None, ax_attrs=None,
openid_endpoint=None):
"""Returns the authentication URL for this service.
After authentication, the service will redirect back to the given
callback URI.
We request the given attributes for the authenticated user by
default (name, email, language, and username). If you don't need
all those attributes for your app, you can request fewer with
the ax_attrs keyword argument.
:param callback_uri:
The URL to redirect to after authentication.
:param ax_attrs:
List of Attribute Exchange attributes to be fetched.
:param openid_endpoint:
OpenId provider endpoint. If not set, uses the value set in
:attr:`_OPENID_ENDPOINT`.
:return:
``None``.
"""
callback_uri = callback_uri or self.request.path
ax_attrs = ax_attrs or ('name', 'email', 'language', 'username')
openid_endpoint = openid_endpoint or self._OPENID_ENDPOINT
args = self._openid_args(callback_uri, ax_attrs=ax_attrs)
return redirect(openid_endpoint + '?' + urllib.urlencode(args))
def _admin_required(handler):
"""Implementation for admin_required and AdminRequiredMiddleware."""
if not handler.auth_session:
return redirect(handler.auth_login_url())
if not handler.auth_is_admin:
abort(403)
def get(self, **kwargs):
redirect_url = self.redirect_path()
if self.auth_current_user:
# User is already registered, so don't display the registration form.
return redirect(redirect_url)
return self.render_response('register.html', form=self.form)
def get(self, **kwargs):
if self.auth_current_user:
# User is already registered, so don't display the signup form.
return redirect(self.redirect_path())
context = {
'form': self.form,
}
return self.render_response('login.html', **context)
def post(self, **kwargs):
redirect_url = self.redirect_path()
if self.auth_current_user:
# User is already registered, so don't display the signup form.
return redirect(redirect_url)
username = self.request.form.get('username', '')
password = self.request.form.get('password', '')
remember = 0
if 'remember' in self.request.form:
remember = 1
res = self.auth_login_with_form(username, password, remember)
if res:
return redirect(redirect_url)
return self.get(username=username, remember=remember, **kwargs)
def get(self, board, thread, post):
key = board + "%d" % post
cookie = self.get_secure_cookie(key, True)
if cookie.get('win') == key:
if delete_post(board, thread, post, "AN HERO"):
self.delete_cookie(key)
return redirect("/%s/%d" %( board, thread) )
def authenticate_redirect(self):
consumer_token = self._oauth_consumer_token()
args = dict(
redirect_uri=self._FB_AUTH_URL,
client_id=consumer_token['key'])
#scope='publish_stream,offline_access')
return redirect(
self._OAUTH_AUTHORIZE_URL + '?' +
urllib.urlencode(args))
def get(self):
if not self.assert_activity_valid():
return redirect('/')
return self.render_response('joinactivity.html', title='Join Activity',
form=self.form,
activity=self.activity,
participants=self.participants,
leader=self.leader.screen_name())
def _on_auth_redirect(self):
if '_continue' in self.session:
url = self.session.pop('_continue')
else:
url = ('/')
if not self.auth_current_user:
url = self.auth_signup_url()
return redirect(url)
def get(self, **kwargs):
if not self.auth_current_user.is_admin and not self.auth_current_user.is_staff:
return redirect(url_for('auth/login'))
#kwargs['stages'] = lstStages
#kwargs['stagesEnum'] = Stages()
invoices = InvoiceModel.all();
invoices.order('Client')
kwargs['invoices'] = invoices
return self.render_response('admininvoices.html', **kwargs)
def get(self):
if not self.assert_activity_valid():
return redirect('/')
return self.render_response('joinactivity.html',
title='Join Activity',
form=self.form,
activity=self.activity,
participants=self.participants,
leader=self.leader.screen_name())
def post(self, **kwargs):
redirect_url = self.redirect_path()
if self.auth_current_user:
# User is already registered, so don't process the sign up form.
return redirect(redirect_url)
if self.form.validate():
auth_id = self.auth_session.get('id')
kwargs['uid'] = str(self.auth_session.get('uid'))
kwargs['name'] = self.auth_session.get('name')
kwargs['profile_url'] = self.auth_session.get('profile_url')
kwargs[
'profile_image_url'] = 'http://graph.facebook.com/%s/picture' % str(
self.auth_session.get('uid'))
kwargs['access_token'] = self.auth_session.get('access_token')
kwargs['expires_seconds'] = self.auth_session.get(
'expires_seconds')
kwargs['friend_ids'] = self.auth_session.get('friend_ids')
user = self.auth_create_user(username=self.form.nickname.data,
auth_id=auth_id,
**kwargs)
if user:
self.auth_set_session(user.auth_id, user.session_id, '1')
self.set_message('success', 'You are now registered. '
'Welcome!',
flash=True,
life=5)
return redirect(redirect_url)
else:
self.set_message('error', 'This nickname is already '
'registered.',
life=None)
return self.get(**kwargs)
self.set_message('error', 'A problem occurred. Please correct the '
'errors listed in the form.',
life=None)
return self.get(**kwargs)
def post(self, **kwargs):
redirect_url = self.redirect_path()
if self.auth_current_user:
return redirect(redirect_url)
if self.form.validate():
auth_id = self.auth_session.get('id')
user = self.auth_create_user(self.form.nickname.data, auth_id)
if user:
self.auth_set_session(user.auth_id, user.session_id, '1')
self.set_message('success', 'You are now registered', flash=True, life=5)
return redirect(redirect_url)
else:
self.set_message('error', 'This username is taken', life=None)
return self.get(**kwargs)
self.set_message('error', 'A problem occurred!', life=None)
return self.get(**kwargs)
def get(self, **kwargs):
if not self.auth_current_user.is_admin and not self.auth_current_user.is_staff:
return redirect(url_for('auth/login'))
kwargs['StatusInfo'] = {
'OrderStages': OrderStatus(),
'JobStages' : JobStatus(),
'allOrderStages' : lstOrderStages,
'allJobStages' : lstJobStages
}
kwargs['upload_url'] = blobstore.create_upload_url('/admin/createinvoice')
return self.render_response('admininvoicing.html', **kwargs)
def get(self):
url = self.redirect_path()
if 'id' in self.auth_session:
return redirect(url)
self.session['_continue'] = url
if self.request.args.get('openid.mode', None):
return self.get_authenticated_user(self._on_auth)
return self.authenticate_redirect()
def post(self, **kwargs):
redirect_url = self.redirect_path()
if self.auth_current_user:
# User is already registered, so don't display the signup form.
return redirect(redirect_url)
if self.form.validate():
username = self.form.username.data
password = self.form.password.data
remember = self.form.remember.data
res = self.auth_login_with_form(username, password, remember)
if res:
return redirect(redirect_url)
self.set_message('error',
'Authentication failed. Please try again.',
life=None)
return self.get(**kwargs)
def get(self, **kwargs):
redirect_url = self.redirect_path()
if self.auth_current_user:
return redirect(redirect_url)
opts = {'continue': self.redirect_path()}
context = {
'form': self.form,
'facebook_login_url': url_for('auth/facebook', **opts),
'google_login_url': url_for('auth/google', **opts),
}
return self.render_response('user/login.html', **context)