def toggle_user(user_id=None): """ Enable or disable the account of a user. """ user_contr = UserController() user = user_contr.get(id=user_id) if user is None: flash(gettext('This user does not exist.'), 'danger') return redirect(url_for('admin.dashboard')) if user.activation_key != "": # Send the confirmation email try: notifications.new_account_activation(user) user_contr.unset_activation_key(user.id) message = gettext('Account of the user %(nick)s successfully ' 'activated.', nick=user.nickname) except Exception as error: flash(gettext('Problem while sending activation email %(error)s:', error=error), 'danger') return redirect(url_for('admin.dashboard')) else: user_contr.set_activation_key(user.id) message = gettext('Account of the user %(nick)s successfully disabled', nick=user.nickname) flash(message, 'success') return redirect(url_for('admin.dashboard'))
def profile(): """ Edit the profile of the currently logged user. """ user_contr = UserController(current_user.id) user = user_contr.get(id=current_user.id) form = ProfileForm() if request.method == 'POST': if form.validate(): try: user_contr.update({'id': current_user.id}, {'nickname': form.nickname.data, 'email': form.email.data, 'password': form.password.data, 'automatic_crawling': form.automatic_crawling.data, 'is_public_profile': form.is_public_profile.data, 'bio': form.bio.data, 'webpage': form.webpage.data, 'twitter': form.twitter.data}) except Exception as error: flash(gettext('Problem while updating your profile: ' '%(error)s', error=error), 'danger') else: flash(gettext('User %(nick)s successfully updated', nick=user.nickname), 'success') return redirect(url_for('user.profile')) else: return render_template('profile.html', user=user, form=form) if request.method == 'GET': form = ProfileForm(obj=user) return render_template('profile.html', user=user, form=form)
def fetch_asyncio(user_id, feed_id): "Crawl the feeds with asyncio." import asyncio with application.app_context(): from flask.ext.login import current_user from crawler import classic_crawler ucontr = UserController() users = [] try: users = [ucontr.get(user_id)] except: users = ucontr.read() finally: if users == []: users = ucontr.read() try: feed_id = int(feed_id) except: feed_id = None loop = asyncio.get_event_loop() for user in users: if user.is_active: logger.warn("Fetching articles for " + user.login) classic_crawler.retrieve_feed(loop, current_user, feed_id) loop.close()
def profile(): """ Edit the profile of the currently logged user. """ user_contr = UserController(g.user.id) user = user_contr.get(id=g.user.id) form = ProfileForm() if request.method == "POST": if form.validate(): user_contr.update( {"id": g.user.id}, { "nickname": form.nickname.data, "email": form.email.data, "password": form.password.data, "refresh_rate": form.refresh_rate.data, }, ) flash(gettext("User %(nick)s successfully updated", nick=user.nickname), "success") return redirect(url_for("user.profile")) else: return render_template("profile.html", user=user, form=form) if request.method == "GET": form = ProfileForm(obj=user) return render_template("profile.html", user=user, form=form)
def process_user_form(user_id=None): """ Create or edit a user. """ form = UserForm() user_contr = UserController() if not form.validate(): return render_template('/admin/create_user.html', form=form, message=gettext('Some errors were found')) role_user = Role.query.filter(Role.name == "user").first() if user_id is not None: # Edit a user user_contr.update({'id': user_id}, {'nickname': form.nickname.data, 'email': form.email.data, 'password': form.password.data, 'refresh_rate': form.refresh_rate.data}) user = user_contr.get(id=user_id) flash(gettext('User %(nick)s successfully updated', nick=user.nickname), 'success') else: # Create a new user user = user_contr.create(nickname=form.nickname.data, email=form.email.data, password=form.password.data, roles=[role_user], refresh_rate=form.refresh_rate.data, activation_key="") flash(gettext('User %(nick)s successfully created', nick=user.nickname), 'success') return redirect(url_for('admin.user_form', user_id=user.id))
def profile_update(user_id): ucontr = None if admin_permission.can(): ucontr = UserController() elif Permission(UserNeed(user_id)).can(): ucontr = UserController(user_id) else: flash(gettext('You do not have rights on this user'), 'danger') raise Forbidden(gettext('You do not have rights on this user')) user = ucontr.get(id=user_id) profile_form, pass_form = ProfileForm(obj=user), PasswordModForm() if profile_form.validate(): values = {'login': profile_form.login.data, 'email': profile_form.email.data} if admin_permission.can(): values['is_active'] = profile_form.is_active.data values['is_admin'] = profile_form.is_admin.data values['is_api'] = profile_form.is_api.data ucontr.update({'id': user_id}, values) flash(gettext('User %(login)s successfully updated', login=user.login), 'success') return redirect(url_for('user.profile', user_id=user.id)) return render_template('profile.html', user=user, admin_permission=admin_permission, form=profile_form, pass_form=pass_form)
def recover(): """ Enables the user to recover its account when he has forgotten its password. """ form = RecoverPasswordForm() user_contr = UserController() if request.method == "POST": if form.validate(): user = user_contr.get(email=form.email.data) characters = string.ascii_letters + string.digits password = "".join(random.choice(characters) for x in range(random.randint(8, 16))) user.set_password(password) user_contr.update({"id": user.id}, {"password": password}) # Send the confirmation email try: notifications.new_password_notification(user, password) flash(gettext("New password sent to your address."), "success") except Exception as error: flash(gettext("Problem while sending your new password: "******"%(error)s", error=error), "danger") return redirect(url_for("login")) return render_template("recover.html", form=form) if request.method == "GET": return render_template("recover.html", form=form)
def recover(): """ Enables the user to recover its account when he has forgotten its password. """ form = RecoverPasswordForm() user_contr = UserController() if request.method == 'POST': if form.validate(): user = user_contr.get(email=form.email.data) characters = string.ascii_letters + string.digits password = "".join(random.choice(characters) for x in range(random.randint(8, 16))) user.set_password(password) user_contr.update({'id': user.id}, {'password': password}) # Send the confirmation email try: notifications.new_password_notification(user, password) flash(gettext('New password sent to your address.'), 'success') except Exception as error: flash(gettext('Problem while sending your new password: '******'%(error)s', error=error), 'danger') return redirect(url_for('login')) return render_template('recover.html', form=form) if request.method == 'GET': return render_template('recover.html', form=form)
def process_user_form(user_id=None): """ Create or edit a user. """ form = UserForm() user_contr = UserController() if not form.validate(): return render_template('/admin/create_user.html', form=form, message=gettext('Some errors were found')) if user_id is not None: # Edit a user user_contr.update({'id': user_id}, {'nickname': form.nickname.data, 'email': form.email.data, 'password': form.password.data, 'automatic_crawling': form.automatic_crawling.data}) user = user_contr.get(id=user_id) flash(gettext('User %(nick)s successfully updated', nick=user.nickname), 'success') else: # Create a new user (by the admin) user = user_contr.create(nickname=form.nickname.data, email=form.email.data, pwdhash=generate_password_hash(form.password.data), automatic_crawling=form.automatic_crawling.data, is_admin=False, is_active=True) flash(gettext('User %(nick)s successfully created', nick=user.nickname), 'success') return redirect(url_for('admin.user_form', user_id=user.id))
def test_password(self): passwd = 'test_password' ucontr = UserController() user = ucontr.create(login=passwd, password=passwd) self.assertNotEquals(passwd, user.password) self.assertTrue(ucontr.check_password(user, passwd)) self.assertFalse(ucontr.check_password(user, passwd * 2)) passwd *= 2 ucontr.update({'id': user.id}, {'password': passwd}) user = ucontr.get(id=user.id) self.assertNotEquals(passwd, user.password) self.assertTrue(ucontr.check_password(user, passwd)) self.assertFalse(ucontr.check_password(user, passwd * 2))
def wrapper(*args, **kwargs): if request.authorization: ucontr = UserController() try: user = ucontr.get(login=request.authorization.username) except NotFound: raise Forbidden("Couldn't authenticate your user") if not ucontr.check_password(user, request.authorization.password): raise Forbidden("Couldn't authenticate your user") if not user.is_active: raise Forbidden("User is desactivated") login_user_bundle(user) if current_user.is_authenticated: return func(*args, **kwargs) raise Unauthorized()
def recover(token): form = PasswordModForm() ucontr = UserController() try: user = ucontr.get(renew_password_token=token) except NotFound: return gettext("Token is not valid, please regenerate one") if request.method == 'GET': return render_template('recover.html', form=form, token=token) if form.validate(): ucontr.update({'id': user.id}, {'renew_password_token': '', 'password': form.password.data}) login_user_bundle(user) return redirect(url_for('home')) return render_template('recover.html', form=form, token=token)
def auth_func(*args, **kw): if request.authorization: ucontr = UserController() try: user = ucontr.get(nickname=request.authorization.username) except NotFound: raise ProcessingException("Couldn't authenticate your user", code=401) if not ucontr.check_password(user, request.authorization.password): raise ProcessingException("Couldn't authenticate your user", code=401) if not user.is_active: raise ProcessingException("User is desactivated", code=401) login_user_bundle(user) if not current_user.is_authenticated: raise ProcessingException(description='Not authenticated!', code=401)
def validate(self): validated = super().validate() ucontr = UserController() try: user = ucontr.get(login=self.login.data) except NotFound: self.login.errors.append('Wrong login') validated = False else: if not user.is_active: self.login.errors.append('User is desactivated') validated = False if not ucontr.check_password(user, self.password.data): self.password.errors.append('Wrong password') validated = False self.user = user return validated
def profile(user_id=None): ucontr = None if user_id and admin_permission.can(): ucontr = UserController() elif user_id and Permission(UserNeed(user_id)).can(): ucontr = UserController(user_id) elif user_id: flash(gettext('You do not have rights on this user'), 'danger') raise Forbidden(gettext('You do not have rights on this user')) else: ucontr = UserController(current_user.id) user_id = current_user.id user = ucontr.get(id=user_id) profile_form, pass_form = ProfileForm(obj=user), PasswordModForm() return render_template('profile.html', user=user, admin_permission=admin_permission, form=profile_form, pass_form=pass_form)
def validate(self): validated = super().validate() ucontr = UserController() try: user = ucontr.get(nickname=self.nickmane.data) except NotFound: self.nickmane.errors.append( 'Wrong nickname') validated = False else: if not user.is_active: self.nickmane.errors.append('Account not active') validated = False if not ucontr.check_password(user, self.password.data): self.password.errors.append('Wrong password') validated = False self.user = user return validated
def oauth_callback(provider): # pragma: no cover if not current_user.is_anonymous: return redirect(url_for('home')) oauth = OAuthSignIn.get_provider(provider) social_id, username, email = oauth.callback() if social_id is None: flash('Authentication failed.') return redirect(url_for('home')) ucontr = UserController() try: user = ucontr.get(**{'%s_identity' % provider: social_id}) except NotFound: user = None if not user: user = ucontr.create(**{'%s_identity' % provider: social_id, 'login': username, 'email': email}) login_user_bundle(user) return redirect(url_for('home'))
def toggle_user(user_id=None): """ Enable or disable the account of a user. """ ucontr = UserController() user = ucontr.get(id=user_id) user_changed = ucontr.update({'id': user_id}, {'is_active': not user.is_active}) if not user_changed: flash(gettext('This user does not exist.'), 'danger') return redirect(url_for('admin.dashboard')) else: act_txt = 'activated' if user.is_active else 'desactivated' message = gettext('User %(nickname)s successfully %(is_active)s', nickname=user.nickname, is_active=act_txt) flash(message, 'success') return redirect(url_for('admin.dashboard'))
def validate(self): validated = super().validate() ucontr = UserController() try: user = ucontr.get(**{'__or__': {'email': self.email_or_nickmane.data, 'nickname': self.email_or_nickmane.data}}) except NotFound: self.email_or_nickmane.errors.append( 'Wrong email address or nickname') validated = False else: if not user.is_active: self.email_or_nickmane.errors.append('User is desactivated') validated = False if not ucontr.check_password(user, self.password.data): self.password.errors.append('Wrong password') validated = False self.user = user return validated
def profile_public(nickname=None): """ Display the public profile of the user. """ category_id = int(request.args.get('category_id', 0)) user_contr = UserController() user = user_contr.get(nickname=nickname) if not user.is_public_profile: if current_user.is_authenticated and current_user.id == user.id: flash(gettext('You must set your profile to public.'), 'info') return redirect(url_for('user.profile')) filters = {} filters['private'] = False if category_id: filters['category_id'] = category_id feeds = FeedController(user.id).read(**filters) return render_template('profile_public.html', user=user, feeds=feeds, selected_category_id=category_id)
def password_update(user_id): ucontr = None if admin_permission.can(): ucontr = UserController() elif Permission(UserNeed(user_id)).can(): ucontr = UserController(user_id) else: flash(gettext('You do not have rights on this user'), 'danger') raise Forbidden(gettext('You do not have rights on this user')) user = ucontr.get(id=user_id) profile_form, pass_form = ProfileForm(obj=user), PasswordModForm() if pass_form.validate(): ucontr.update({'id': user_id}, {'password': pass_form.password.data}) flash(gettext('Password for %(login)s successfully updated', login=user.login), 'success') return redirect(url_for('user.profile', user_id=user.id)) return render_template('profile.html', user=user, admin_permission=admin_permission, form=profile_form, pass_form=pass_form)
def profile_public(nickname=None): """ Display the public profile of the user. """ category_id = int(request.args.get("category_id", 0)) user_contr = UserController() user = user_contr.get(nickname=nickname) if not user.is_public_profile: if current_user.is_authenticated and current_user.id == user.id: flash(gettext("You must set your profile to public."), "info") return redirect(url_for("user.profile")) filters = {} filters["private"] = False if category_id: filters["category_id"] = category_id feeds = FeedController(user.id).read(**filters) return render_template( "profile_public.html", user=user, feeds=feeds, selected_category_id=category_id )
def user_stream(per_page, nickname=None): """ Display the stream of a user (list of articles of public feed). """ user_contr = UserController() user = user_contr.get(nickname=nickname) if not user.is_public_profile: if current_user.is_authenticated and current_user.id == user.id: flash(gettext('You must set your profile to public.'), 'info') return redirect(url_for('user.profile')) category_id = int(request.args.get('category_id', 0)) category = CategoryController().read(id=category_id).first() # Load the public feeds filters = {} filters['private'] = False if category_id: filters['category_id'] = category_id feeds = FeedController().read(**filters).all() # Re-initializes the filters to load the articles filters = {} filters['feed_id__in'] = [feed.id for feed in feeds] if category: filters['category_id'] = category_id articles = ArticleController(user.id).read_light(**filters) # Server-side pagination page, per_page, offset = get_page_args(per_page_parameter='per_page') pagination = Pagination(page=page, total=articles.count(), css_framework='bootstrap3', search=False, record_name='articles', per_page=per_page) return render_template('user_stream.html', user=user, articles=articles.offset(offset).limit(per_page), category=category, pagination=pagination)
def oauth_callback(provider): # pragma: no cover if not current_user.is_anonymous: return redirect(url_for('home')) oauth = OAuthSignIn.get_provider(provider) social_id, username, email = oauth.callback() if social_id is None: flash('Authentication failed.') return redirect(url_for('home')) ucontr = UserController() try: user = ucontr.get(**{'%s_identity' % provider: social_id}) except NotFound: user = None if not user and not conf.OAUTH_ALLOW_SIGNUP: flash('Account creation is not allowed through OAuth.') return redirect(url_for('home')) elif not user: user = ucontr.create(**{'%s_identity' % provider: social_id, 'login': '******' % (provider, username), 'email': email}) login_user_bundle(user) return redirect(url_for('home'))
def profile_public(nickname=None): """ Display the public profile of the user. """ user_contr = UserController() user = user_contr.get(nickname=nickname) if not user.is_public_profile: if current_user.is_authenticated and current_user.id == user.id: flash(gettext('You must set your profile to public.'), 'info') return redirect(url_for('user.profile')) filters = {} filters['private'] = False feeds = FeedController(user.id).read(**filters).all() """word_size = 6 filters = {} filters['retrieved_date__gt'] = datetime.now() - timedelta(weeks=10) articles = ArticleController(user.id).read(**filters).all() top_words = misc_utils.top_words(articles, n=50, size=int(word_size)) tag_cloud = misc_utils.tag_cloud(top_words)""" return render_template('profile_public.html', user=user, feeds=feeds)
def toggle_user(user_id=None): """ Enable or disable the account of a user. """ ucontr = UserController() user = ucontr.get(id=user_id) user_changed = ucontr.update({"id": user_id}, {"is_active": not user.is_active}) if not user_changed: flash(gettext("This user does not exist."), "danger") return redirect(url_for("admin.dashboard")) else: act_txt = "activated" if user.is_active else "desactivated" message = gettext( "User %(nickname)s successfully %(is_active)s", nickname=user.nickname, is_active=act_txt, ) flash(message, "success") return redirect(url_for("admin.dashboard"))
def profile(): """ Edit the profile of the currently logged user. """ user_contr = UserController(current_user.id) user = user_contr.get(id=current_user.id) form = ProfileForm() if request.method == 'POST': if form.validate(): try: user_contr.update( {'id': current_user.id}, { 'nickname': form.nickname.data, 'password': form.password.data, 'automatic_crawling': form.automatic_crawling.data, 'is_public_profile': form.is_public_profile.data, 'bio': form.bio.data, 'webpage': form.webpage.data, 'twitter': form.twitter.data }) except Exception as error: flash( gettext( 'Problem while updating your profile: ' '%(error)s', error=error), 'danger') else: flash( gettext('User %(nick)s successfully updated', nick=user.nickname), 'success') return redirect(url_for('user.profile')) else: return render_template('profile.html', user=user, form=form) if request.method == 'GET': form = ProfileForm(obj=user) return render_template('profile.html', user=user, form=form)
def process_user_form(user_id=None): """ Create or edit a user. """ form = UserForm() user_contr = UserController() if not form.validate(): return render_template('/admin/create_user.html', form=form, message=gettext('Some errors were found')) role_user = Role.query.filter(Role.name == "user").first() if user_id is not None: # Edit a user user_contr.update({'id': user_id}, { 'nickname': form.nickname.data, 'email': form.email.data, 'password': form.password.data, 'refresh_rate': form.refresh_rate.data }) user = user_contr.get(id=user_id) flash( gettext('User %(nick)s successfully updated', nick=user.nickname), 'success') else: # Create a new user user = user_contr.create(nickname=form.nickname.data, email=form.email.data, password=form.password.data, roles=[role_user], refresh_rate=form.refresh_rate.data, activation_key="") flash( gettext('User %(nick)s successfully created', nick=user.nickname), 'success') return redirect(url_for('admin.user_form', user_id=user.id))
def process_user_form(user_id=None): """ Create or edit a user. """ form = UserForm() user_contr = UserController() if not form.validate(): return render_template('/admin/create_user.html', form=form, message=gettext('Some errors were found')) if user_id is not None: # Edit a user user_contr.update({'id': user_id}, { 'nickname': form.nickname.data, 'email': form.email.data, 'password': form.password.data, 'automatic_crawling': form.automatic_crawling.data }) user = user_contr.get(id=user_id) flash( gettext('User %(nick)s successfully updated', nick=user.nickname), 'success') else: # Create a new user (by the admin) user = user_contr.create( nickname=form.nickname.data, email=form.email.data, pwdhash=generate_password_hash(form.password.data), automatic_crawling=form.automatic_crawling.data, is_admin=False, is_active=True) flash( gettext('User %(nick)s successfully created', nick=user.nickname), 'success') return redirect(url_for('admin.user_form', user_id=user.id))
def password_update(user_id): ucontr = None if admin_permission.can(): ucontr = UserController() elif Permission(UserNeed(user_id)).can(): ucontr = UserController(user_id) else: flash(gettext('You do not have rights on this user'), 'danger') raise Forbidden(gettext('You do not have rights on this user')) user = ucontr.get(id=user_id) profile_form, pass_form = ProfileForm(obj=user), PasswordModForm() if pass_form.validate(): ucontr.update({'id': user_id}, {'password': pass_form.password.data}) flash( gettext('Password for %(login)s successfully updated', login=user.login), 'success') return redirect(url_for('user.profile', user_id=user.id)) return render_template('profile.html', user=user, admin_permission=admin_permission, form=profile_form, pass_form=pass_form)
def validate(self): validated = super().validate() ucontr = UserController() try: user = ucontr.get( **{ '__or__': { 'email': self.email_or_nickmane.data, 'nickname': self.email_or_nickmane.data } }) except NotFound: self.email_or_nickmane.errors.append( 'Wrong email address or nickname') validated = False else: if not user.is_active: self.email_or_nickmane.errors.append('User is desactivated') validated = False if not ucontr.check_password(user, self.password.data): self.password.errors.append('Wrong password') validated = False self.user = user return validated