def create(self): form = ProfileForm(self.request.POST) if self.request.method == 'POST' and form.validate(): name = ' '.join([form.first_name.data, form.last_name.data]) # Create the webapp2_extras.auth user. model = self.auth.store.user_model ok, user = model.create_user(form.data['email'], password_raw=form.data['password']) if not ok: self.session.add_flash(messages.EDITOR_CREATE_ERROR, level='error') return self.redirect_to('editors.list') # Create the profile. profile = Profile(name=name, email=form.data['email'], is_editor=True, auth_user_id=user.key.id()) profile.put() # Force reload of profile object Profile.get(profile.key()) self.session.add_flash(messages.EDITOR_CREATE_SUCCESS) return self.redirect_to('editors.list') return self.render_to_response('editors/form.haml', {'form': form})
def test_forgot_password_post_sends_email(self): self.assertNotLoggedIn() profile = self.create_profile() response = self.app.get(self.uri_for('forgot-password')) form = response.forms['forgot-password'] form['email'] = profile.email response = form.submit() # Check the task was put on the mail queue. tasks = self.taskqueue_stub.get_filtered_tasks(queue_names='mail') self.assertIn('mail', tasks[0].headers['X-AppEngine-QueueName']) task, = tasks deferred.run(task.payload) messages = self.mail_stub.get_sent_messages() self.assertLength(1, messages) message, = messages profile = Profile.get(profile.key()) # Reload profile to get new activation key. self.assertEqual('"%s" <%s>' % (profile.name, profile.email), message.to) self.assertEqual(constants.FULL_NO_REPLY_EMAIL, message.sender) self.assertEqual(constants.FULL_SUPPORT_EMAIL, message.reply_to) self.assertIn(profile.activation_key, message.body.decode()) self.assertIn(profile.activation_key, message.html.decode()) recover_uri = self.uri_for('forgot-password', k=profile.activation_key) self.assertIn(recover_uri, message.body.decode()) self.assertIn(recover_uri, message.html.decode())
def endpoint_get(data: dict, user: str) -> dict: profile: Profile = Profile.get(user) if profile is None: return invalid_user_uuid return profile.serialize
def test_forgot_password_post_resets_activation_key(self): profile = self.create_profile() old_activation_key = profile.activation_key params = {'email': profile.email} response = self.app.post(self.uri_for('forgot-password'), params) self.assertOk(response) profile = Profile.get(profile.key()) self.assertNotEqual(old_activation_key, profile.activation_key)
def update(self, id): editor = Profile.get_by_id(int(id)) if not editor or not editor.is_editor: self.session.add_flash(messages.EDITOR_NOT_FOUND, level='error') self.redirect_to('editors.list') form = ProfileUpdateForm(self.request.POST, obj=editor) form.user_id = editor.key().id() if self.request.method == 'GET': names = editor.name.split(' ') form.first_name.data = names[0] form.last_name.data = names[1] form.profile_id = editor.key().id() if self.request.method == 'POST' and form.validate(): # Access to the user model is only needed in this section. user = editor.get_auth_user() editor.name = ' '.join([form.first_name.data, form.last_name.data]) if form.email.data != editor.email: user.auth_ids.remove(editor.email) user.auth_ids.append(form.email.data) editor.email = form.email.data if form.password.data: user.password = security.generate_password_hash( form.password.data, length=12) editor.put() user.put() # Force reload of profile object Profile.get(editor.key()) self.session.add_flash(messages.EDITOR_UPDATE_SUCCESS) return self.redirect_to('editors.list') return self.render_to_response('editors/form.haml', {'form': form})
def update(self, id): editor = Profile.get_by_id(int(id)) if not editor or not editor.is_editor: self.session.add_flash(messages.EDITOR_NOT_FOUND, level='error') self.redirect_to('editors.list') form = ProfileUpdateForm(self.request.POST, obj=editor) form.user_id = editor.key().id() if self.request.method == 'GET': names = editor.name.split(' ') form.first_name.data = names[0] form.last_name.data = names[1] form.profile_id = editor.key().id() if self.request.method == 'POST' and form.validate(): # Access to the user model is only needed in this section. user = editor.get_auth_user() editor.name = ' '.join([form.first_name.data, form.last_name.data]) if form.email.data != editor.email: user.auth_ids.remove(editor.email) user.auth_ids.append(form.email.data) editor.email = form.email.data if form.password.data: user.password = security.generate_password_hash(form.password.data, length=12) editor.put() user.put() # Force reload of profile object Profile.get(editor.key()) self.session.add_flash(messages.EDITOR_UPDATE_SUCCESS) return self.redirect_to('editors.list') return self.render_to_response('editors/form.haml', {'form': form})
def test_forgot_password_post_with_email_trailing_whitespace(self): profile = self.create_profile() params = {'email': profile.email + ' '} response = self.app.post(self.uri_for('forgot-password'), params) self.assertOk(response) tasks = self.taskqueue_stub.get_filtered_tasks(queue_names='mail') self.assertIn('mail', tasks[0].headers['X-AppEngine-QueueName']) task, = tasks deferred.run(task.payload) self.assertLength(1, self.mail_stub.get_sent_messages()) message, = self.mail_stub.get_sent_messages() profile = Profile.get(profile.key()) self.assertEqual('"%s" <%s>' % (profile.name, profile.email), message.to)
def endpoint_description(data: dict, user: str) -> dict: if "description" not in data: return invalid_request description: str = data["description"] profile: Optional[Profile] = Profile.get(user) if profile is None: return invalid_user_uuid profile.change_description(description) return success
def endpoint_cluster(data: dict, user: str) -> dict: if "cluster" not in data: return invalid_request cluster: int = data["cluster"] if not isinstance(cluster, int) or cluster < 0: return invalid_request profile: Optional[Profile] = Profile.get(user) if profile is None: return invalid_user_uuid profile.change_cluster(cluster) return success
def endpoint_hacks(data: dict, user: str) -> dict: if "hacks" not in data: return invalid_request hacks: int = data["hacks"] if not isinstance(hacks, int) or hacks < 0: return invalid_request profile: Optional[Profile] = Profile.get(user) if profile is None: return invalid_user_uuid profile.update_hacks(hacks) return success