def invitation_retrieve(request, response_format='html'): "Retrieve invitation and create account" if request.user.username: return HttpResponseRedirect('/') email = request.REQUEST.get('email') key = request.REQUEST.get('key') if email and key: try: invitation = Invitation.objects.get(email=email, key=key) except: raise Http404 else: raise Http404 if request.POST: form = InvitationForm(invitation, request.POST) if form.is_valid(): profile = form.save() username = profile.user.username password = form.cleaned_data['password'] user = authenticate(username=username, password=password) if user: invitation.delete() login(request, user) return HttpResponseRedirect('/') else: form = InvitationForm(invitation) return render_to_response('core/invitation_retrieve', {'invitation': invitation, 'form': form}, context_instance=RequestContext(request), response_format=response_format)
def user_denied(request, message='', response_format='html'): "User denied page" response = render_to_response('core/user_denied', {'message': message}, context_instance=RequestContext(request), response_format=response_format) # response.status_code = 403 return response
def widget_welcome(request, response_format='html'): "Quick start widget, which users see when they first log in" trial = False if settings.ANAF_SUBSCRIPTION_USER_LIMIT == 3: trial = True customization = settings.ANAF_SUBSCRIPTION_CUSTOMIZATION return render_to_response('core/widgets/welcome', {'trial': trial, 'customization': customization}, context_instance=RequestContext(request), response_format=response_format)
def ajax_tag_lookup(request, response_format='html'): "Returns a list of matching tags" tags = [] if request.GET and 'term' in request.GET: tags = Tag.objects.filter(name__icontains=request.GET['term']) return render_to_response('core/ajax_tag_lookup', {'tags': tags}, context_instance=RequestContext(request), response_format=response_format)
def database_setup(request, response_format='html'): if not User.objects.all().count(): if request.POST: sql_form = SqlSettingsForm(data=request.POST) if sql_form.is_valid(): sql_form.create_database() if sql_form.is_valid(): return HttpResponseRedirect('/') else: sql_form = SqlSettingsForm() return render_to_response('core/database_setup', {'sql_form': sql_form}, context_instance=RequestContext(request), response_format=response_format) return HttpResponseRedirect('/')
def ajax_object_lookup(request, response_format='html'): "Returns a list of matching objects" objects = [] if request.GET and 'term' in request.GET: objects = Object.filter_permitted(request.user.profile, Object.objects.filter( object_name__icontains=request.GET['term']), mode='x')[:10] return render_to_response('core/ajax_object_lookup', {'objects': objects}, context_instance=RequestContext(request), response_format=response_format)
def password_reset(request, response_format='html'): "Password_reset sends the email with the new password" if request.POST: form = PasswordResetForm(request.POST) if form.is_valid(): form.save() return HttpResponseRedirect(reverse('password_reset_done')) else: form = PasswordResetForm() return render_to_response('core/password_reset_form', {'form': form}, context_instance=RequestContext(request), response_format=response_format)
def help_page(request, url='/', response_format='html'): "Returns a Help page from Evergreen" source = settings.ANAF_HELP_SOURCE if not url: url = '/' body = '' try: body = urllib2.urlopen( source + url + '?domain=' + RequestSite(request).domain).read() except: pass regexp = r"<!-- module_content_inner -->(?P<module_inner>.*?)<!-- /module_content_inner -->" blocks = re.finditer(regexp, body, re.DOTALL) for block in blocks: body = smart_unicode(block.group('module_inner').strip()) return render_to_response('core/help_page', {'body': body}, context_instance=RequestContext(request), response_format=response_format)
def password_reset_done(request, response_format='html'): "Shows success message" return render_to_response('core/password_reset_done', context_instance=RequestContext(request), response_format=response_format)
def user_login(request, response_format='html'): "User login" if request.user.username: return HttpResponseRedirect(reverse('user_denied')) next = request.GET.get('next', '/') form = LoginForm(request.POST) if request.POST: username = request.POST['username'] password = request.POST['password'] user = authenticate(username=username, password=password) if user and getattr(settings, 'HARDTREE_DISABLE_EVERGREEN_USERS', False) and 'evergreen_' in user.username[:10]: user = None if form.is_valid(): if user is not None: try: profile = user.profile except: profile = None if not profile: return render_to_response('core/user_login', { 'error_message': 'Username or password you entered is not valid', 'form': Markup(form)}, context_instance=RequestContext(request), response_format=response_format) if profile.disabled: return render_to_response('core/user_login', { 'error_message': 'Your account is disabled.', 'form': Markup(form)}, context_instance=RequestContext(request), response_format=response_format) if user.is_active and profile: # Disable account with overdue payment if settings.ANAF_SUBSCRIPTION_BLOCKED: return render_to_response('core/user_login', { 'error_message': 'We are sorry to inform you but your account has been deactivated. Please login to your <a href="https://www.tree.io/login/">control panel</a> to see details.', 'form': Markup(form)}, context_instance=RequestContext(request), response_format=response_format) login(request, user) # Prevent same user from logging in at 2 different machines if settings.ANAF_MULTIPLE_LOGINS_DISABLED: for ses in Session.objects.all(): if ses != request.session: try: data = ses.get_decoded() if '_auth_user_id' in data and data['_auth_user_id'] == request.user.id: ses.delete() except Exception: pass if 'next' in request.POST: return HttpResponseRedirect(request.POST['next']) else: return HttpResponseRedirect(next) else: return render_to_response('core/user_login_disabled', context_instance=RequestContext( request), response_format=response_format) else: return render_to_response('core/user_login', { 'error_message': 'Username or password you entered is not valid', 'form': Markup(form)}, context_instance=RequestContext(request), response_format=response_format) elif not form.is_valid() and user is None: return render_to_response('core/user_login', {'error_message': 'Username or password you entered is not valid', 'form': Markup( form)}, context_instance=RequestContext(request), response_format=response_format) else: return render_to_response('core/user_login', {'error_message': 'Please re-enter the text from the image', 'form': Markup(form)}, context_instance=RequestContext(request), response_format=response_format) else: return render_to_response('core/user_login', {'form': Markup(form)}, context_instance=RequestContext(request), response_format=response_format)
def iframe_close(request, response_format='html'): "For third-party resources, when returned back to Anaf, close iframe" return render_to_response('core/iframe_close', {}, context_instance=RequestContext(request), response_format=response_format)
def ajax_popup(request, popup_id='', url='/'): "Handles pop up forms and requests, by extracting only the required content from response content" view, args, kwargs = resolve(url) if not request.user.username: return HttpResponseRedirect('/accounts/login') modules = Module.objects.all() active = None for module in modules: try: import_name = module.name + "." + \ settings.ANAF_MODULE_IDENTIFIER hmodule = __import__(import_name, fromlist=[str(module.name)]) urls = hmodule.URL_PATTERNS for regexp in urls: if re.match(regexp, url): active = module except ImportError: pass except AttributeError: pass response = None if active and not request.user.profile.has_permission(active): response = user_denied(request, "You do not have access to the {0!s} module".format(unicode(active)), response_format='ajax') if not response: if view == ajax_popup: raise Http404("OMG, I see myself!") kwargs['request'] = request kwargs['response_format'] = 'ajax' response = view(*args, **kwargs) # response = csrf().process_response(request, response) module_inner = "" regexp = r"<!-- module_content_inner -->(?P<module_inner>.*?)<!-- /module_content_inner -->" blocks = re.finditer(regexp, response.content, re.DOTALL) for block in blocks: module_inner += block.group('module_inner').strip() title = "" regexp = r"<div class=\\\"title\\\">(?P<title>.*?)</div>" blocks = re.finditer(regexp, response.content, re.DOTALL) for block in blocks: title += block.group('title').replace('\\n', '').strip() if not title: blocks = re.finditer( r"<title>(?P<title>.*?)</title>", response.content, re.DOTALL) for block in blocks: title += block.group('title').replace('\\n', '').strip() subtitle = "" regexp = r"<div class=\\\"subtitle-block\\\">(?P<subtitle>.*?)</div>" blocks = re.finditer(regexp, response.content, re.DOTALL) for block in blocks: subtitle += block.group('subtitle').replace('\\n', '').strip() context = {'content': module_inner, 'title': title, 'subtitle': subtitle, 'popup_id': popup_id, 'url': request.path} if settings.ANAF_RESPONSE_FORMATS['json'] in response.get('Content-Type', 'text/html'): new_response = render_to_response('core/ajax_popup', context, context_instance=RequestContext(request), response_format='json') else: new_response = HttpResponse(json.dumps({'popup': context})) new_response.mimetype = settings.ANAF_RESPONSE_FORMATS['json'] try: jsonresponse = json.loads(response.content) if 'redirect' in jsonresponse: new_response.status_code = 302 except Exception: new_response.status_code = response.status_code return new_response