def __init__(self): if (self.disallow_api or self.moderator_only or self.admin_only) and weasyl.api.is_api_user(): raise web.forbidden() self.user_id = define.get_userid() self.status = define.common_status_check(self.user_id) # Status check if self.status: self.replace_methods(self.status_check_fail) return # Guest check if self.guest_required and self.user_id != 0: self.replace_methods(self.login_guest_fail) return # Login check if self.login_required and self.user_id == 0: self.replace_methods(self.login_check_fail) return # Permission check if self.moderator_only and self.user_id not in staff.MODS: self.replace_methods(self.permission_check_fail) return if self.admin_only and self.user_id not in staff.ADMINS: self.replace_methods(self.permission_check_fail) return
def POST(self): if define.common_status_check(self.user_id) != "resetpassword": return define.errorpage(self.user_id, errorcode.permission) form = web.input(password="", passcheck="") resetpassword.force(self.user_id, form) raise web.seeother("/index")
def force_resetpassword_(request): if define.common_status_check(request.userid) != "resetpassword": return Response(define.errorpage(request.userid, errorcode.permission)) form = request.web_input(password="", passcheck="") resetpassword.force(request.userid, form) raise HTTPSeeOther(location="/", headers=request.response.headers)
def force_resetbirthday_(request): if define.common_status_check(request.userid) != "resetbirthday": return define.errorpage(request.userid, errorcode.permission) form = request.web_input(birthday="") birthday = define.convert_inputdate(form.birthday) profile.force_resetbirthday(request.userid, birthday) raise HTTPSeeOther(location="/", headers=request.response.headers)
def POST(self): if define.common_status_check(self.user_id) != "resetbirthday": return define.errorpage(self.user_id, errorcode.permission) form = web.input(birthday="") birthday = define.convert_inputdate(form.birthday) profile.force_resetbirthday(self.user_id, birthday) raise web.seeother("/index")
def status_check_tween(request): status = d.common_status_check(request.userid) if status: # Permit POST'ing to the forced password reset path (handle the request normally) if request.method == "POST" and request.path == "/force/resetpassword": return handler(request) # Otherwise force the user to the corresponding `status` page. return Response(d.common_status_page(request.userid, status)) return handler(request)
def admin_render_page(template_path, args=()): userid = d.get_userid() status = d.common_status_check(userid) if status: return d.common_status_page(userid, status) elif not userid: return d.webpage(userid) elif userid not in staff.ADMINS: return d.webpage(userid, errorcode.permission) else: return d.webpage(userid, template_path, args)
def force_resetpassword_(request): if define.common_status_check(request.userid) != "resetpassword": return Response(define.errorpage(request.userid, errorcode.permission)) form = request.web_input(password="", passcheck="") resetpassword.force(request.userid, form) # Invalidate all other user sessions for this user. profile.invalidate_other_sessions(request.userid) raise HTTPSeeOther(location="/", headers=request.response.headers)
def GET(self): status = define.common_status_check(self.user_id) if status: return define.common_status_page(self.user_id, status) elif not self.user_id: return define.webpage(self.user_id) return define.webpage(self.user_id, "manage/alias.html", [ # Alias useralias.select(self.user_id), ])
def force_resetpassword_(request): if define.common_status_check(request.userid) != "resetpassword": raise WeasylError('InsufficientPermissions') form = request.web_input(password="", passcheck="") resetpassword.force(request.userid, form) # Invalidate all other user sessions for this user. profile.invalidate_other_sessions(request.userid) raise HTTPSeeOther(location="/", headers=request.response.headers)
def manage_alias_get_(request): status = define.common_status_check(request.userid) if status: return Response(define.common_status_page(request.userid, status)) elif not request.userid: return Response(define.webpage(request.userid)) return Response(define.webpage(request.userid, "manage/alias.html", [ # Alias useralias.select(request.userid), ], title="Edit Username Alias"))
def manage_alias_get_(request): status = define.common_status_check(request.userid) if status: return Response(define.common_status_page(request.userid, status)) elif not request.userid: return Response(define.webpage(request.userid)) return Response(define.webpage(request.userid, "manage/alias.html", [ # Alias useralias.select(request.userid), ]))
def GET(self): status = define.common_status_check(self.user_id) if status: return define.common_status_page(self.user_id, status) elif not self.user_id: return define.webpage(self.user_id) return define.webpage( self.user_id, "manage/alias.html", [ # Alias useralias.select(self.user_id), ])
def POST(self): userid = d.get_userid() status = d.common_status_check(userid) if status: return d.common_status_page(userid, status) elif not userid: return d.webpage(userid) elif userid not in staff.MODS: return d.webpage(userid, d.errorcode.permission) form = web.input(title="", content="") create(userid, form) raise web.seeother("/admincontrol")
def status_check_tween(request): status = d.common_status_check(request.userid) if status: return Response(d.common_status_page(request.userid, status)) return handler(request)