def GET(self, get_string=''):
        log.loggit('default.GET()')

        # Try to detemine the username from the query
        username = ''
        if web.input().has_key('username'):
            username = web.input()['username']

        adb = accountdb.AccountDB()
        if username:
            account = adb.review_account(username)
            if account:
                return {
                    'status': 'success',
                    'account': wputil.clean_account(account)
                }
            else:
                return {
                    'status': 'failure',
                    'message': 'No account: %s' % (username)
                }
        else:
            accounts = adb.review_accounts()
            for account in accounts:
                account = wputil.clean_account(account)
            return {'status': 'success', 'accounts': accounts}
Exemple #2
0
  def login( self, username, password, session_login=True ):
    """
    @param username is the username of an account
    @param password is the password of an account
    @returns a single record from the database as a Storage object
    """
    log.loggit( 'AccountDB.login()' )
    # Try to login
    account = self.review_account( username )
    if not account:
      return False
    if not pwd_context.verify( password, account['password'] ):
      return False

    account = wputil.clean_account( account )
    if session_login:
      # Update the account information
      data = {}
      data['last_ip'] = web.ctx.ip
      data['last_login'] = str(int(time.time()))
      account = self._set_account_info( account, data )

      # Put account information in session key
      for key,value in account.items():
        value = str(value)
        web.ctx.session[ key ] = ( value[:50] + '...' ) if len(value) > 50 else value

    return account
Exemple #3
0
  def GET( self, get_string='' ):
    log.loggit( 'update.GET()' )

    # Grab the account id from the get string
    username = get_string.lstrip('/')
    if not username:
      raise web.seeother('../')

    # Must be a matching user or administrator to review accounts
    wputil.must_match_username_or_admin( username )

    # Verify account exists
    adb = accountdb.AccountDB()
    account = adb.review_account( username )
    if not account:
      return { 'status' : 'error',
               'message' : 'No such account exists: %s' % ( username ) }

    # Instantiate a form and populate it with the data
    if wputil.is_admin():
      f = admin_account_form()
    else:
      f = account_form()
    f.fill( wputil.clean_account( account ) )
    return { 'status' : 'success',
             'message' : 'Required fields include: id, username, password, password2 - Note that password and password2 must match.',
             'form' : f }
Exemple #4
0
    def login(self, username, password, session_login=True):
        """
    @param username is the username of an account
    @param password is the password of an account
    @returns a single record from the database as a Storage object
    """
        log.loggit("AccountDB.login()")
        # Try to login
        account = self.review_account(username)
        if not account:
            return False
        if not pwd_context.verify(password, account["password"]):
            return False

        account = wputil.clean_account(account)
        if session_login:
            # Update the account information
            data = {}
            data["last_ip"] = web.ctx.ip
            data["last_login"] = str(int(time.time()))
            account = self._set_account_info(account, data)

            # Put account information in session key
            for key, value in account.items():
                value = str(value)
                web.ctx.session[key] = (value[:50] + "...") if len(value) > 50 else value

        return account
Exemple #5
0
    def GET(self, get_string=''):
        log.loggit('update.GET()')

        # Grab the account id from the get string
        username = get_string.lstrip('/')
        if not username:
            raise web.seeother('../')

        # Must be a matching user or administrator to review accounts
        wputil.must_match_username_or_admin(username)

        # Verify account exists
        adb = accountdb.AccountDB()
        account = adb.review_account(username)
        if not account:
            return {
                'status': 'error',
                'message': 'No such account exists: %s' % (username)
            }

        # Instantiate a form and populate it with the data
        if wputil.is_admin():
            f = admin_account_form()
        else:
            f = account_form()
        f.fill(wputil.clean_account(account))
        return {
            'status': 'success',
            'message':
            'Required fields include: id, username, password, password2 - Note that password and password2 must match.',
            'form': f
        }
Exemple #6
0
  def GET( self, get_string='' ):
    log.loggit( 'default.GET()' )

    # Get the accounds and delete the password field
    adb = accountdb.AccountDB()
    accounts = adb.review_accounts()
    for account in accounts:
      account = wputil.clean_account( account )
    return { 'status' : 'success',
             'message' : 'Select the user account to review, update or delete. Click the Add Account link to create a new account.',
             'accounts' : accounts }
Exemple #7
0
  def GET( self, get_string='' ):
    log.loggit( 'default.GET()' )

    # Try to detemine the username from the query
    username = ''
    if web.input().has_key('username'):
      username = web.input()['username']

    adb = accountdb.AccountDB()
    if username:
      account = adb.review_account( username )
      if account:
        return { 'status' : 'success', 'account' : wputil.clean_account( account ) }
      else:
        return { 'status' : 'failure', 'message' : 'No account: %s' % ( username ) }
    else:
      accounts = adb.review_accounts()
      for account in accounts:
        account = wputil.clean_account( account )
      return { 'status' : 'success', 'accounts' : accounts }
    def GET(self, get_string=''):
        log.loggit('default.GET()')

        # Get the accounds and delete the password field
        adb = accountdb.AccountDB()
        accounts = adb.review_accounts()
        for account in accounts:
            account = wputil.clean_account(account)
        return {
            'status': 'success',
            'message':
            'Select the user account to review, update or delete. Click the Add Account link to create a new account.',
            'accounts': accounts
        }
class default:
    """
  The REST functions for managing accounts
  """
    @wpauth.oauth_protect
    @mimerender(default='json', override_input_key='format', json=render_json)
    def GET(self, get_string=''):
        log.loggit('default.GET()')

        # Try to detemine the username from the query
        username = ''
        if web.input().has_key('username'):
            username = web.input()['username']

        adb = accountdb.AccountDB()
        if username:
            account = adb.review_account(username)
            if account:
                return {
                    'status': 'success',
                    'account': wputil.clean_account(account)
                }
            else:
                return {
                    'status': 'failure',
                    'message': 'No account: %s' % (username)
                }
        else:
            accounts = adb.review_accounts()
            for account in accounts:
                account = wputil.clean_account(account)
            return {'status': 'success', 'accounts': accounts}

    @wpauth.oauth_protect
    @mimerender(default='json', override_input_key='format', json=render_json)
    def POST(self, get_string=''):
        log.loggit('default.POST()')
        adb = accountdb.AccountDB()
        try:
            account = adb.create_account(web.input())
        except Exception, e:
            return {
                'status': 'failure',
                'message': '%s %s' % (repr(e), str(e))
            }
        return {'status': 'success', 'account': wputil.clean_account(account)}
Exemple #10
0
  def GET( self, get_string='' ):
    log.loggit( 'review.GET()' )

    # Grab the account username from URL
    username = get_string.lstrip('/')

    # Must be a matching user or administrator to review accounts
    wputil.must_match_username_or_admin( username )

    # Check to see if it exists
    account = adb.review_account( username )
    if not account:
      return { 'status' : 'error',
               'message' : 'No such account exists: %s' % ( username ) }

    return { 'status' : 'success',
             'message' : 'Review the account information.',
             'account' : wputil.clean_account( account ) }
  def GET( self, get_string='' ):
    log.loggit( 'review.GET()' )

    # Grab the account username from URL
    username = get_string.lstrip('/')

    # Must be a matching user or administrator to review accounts
    wputil.must_match_username_or_admin( username )

    # Check to see if it exists
    account = adb.review_account( username )
    if not account:
      return { 'status' : 'error',
               'message' : 'No such account exists: %s' % ( username ) }

    return { 'status' : 'success',
             'message' : 'Review the account information.',
             'account' : wputil.clean_account( account ) }
            }
        return {'status': 'success', 'account': wputil.clean_account(account)}

    @wpauth.oauth_protect
    @mimerender(default='json', override_input_key='format', json=render_json)
    def PUT(self, get_string=''):
        log.loggit('default.PUT()')
        adb = accountdb.AccountDB()
        try:
            account = adb.update_account(web.input())
        except Exception, e:
            return {
                'status': 'failure',
                'message': '%s %s' % (repr(e), str(e))
            }
        return {'status': 'success', 'account': wputil.clean_account(account)}

    @wpauth.oauth_protect
    @mimerender(default='json', override_input_key='format', json=render_json)
    def DELETE(self, get_string=''):
        log.loggit('default.DELETE()')
        if web.input()['username'] == 'admin':
            return {
                'status': 'failure',
                'message': 'Cannot delete the admin account.'
            }
        adb = accountdb.AccountDB()
        try:
            result = adb.delete_account(web.input()['username'])
        except Exception, e:
            return {
Exemple #13
0

  @wpauth.oauth_protect
  @mimerender(
    default = 'json',
    override_input_key = 'format',
    json = render_json
  )
  def PUT( self, get_string='' ):
    log.loggit( 'default.PUT()' )
    adb = accountdb.AccountDB()
    try:
      account = adb.update_account( web.input() )
    except Exception, e:
      return { 'status' : 'failure', 'message' : '%s %s' % ( repr(e), str(e) ) }
    return { 'status' : 'success', 'account': wputil.clean_account( account ) }


  @wpauth.oauth_protect
  @mimerender(
    default = 'json',
    override_input_key = 'format',
    json = render_json
  )
  def DELETE( self, get_string='' ):
    log.loggit( 'default.DELETE()' )
    if web.input()['username'] == 'admin':
      return { 'status' : 'failure', 'message' : 'Cannot delete the admin account.' }
    adb = accountdb.AccountDB()
    try:
      result = adb.delete_account( web.input()['username'] )