def groups_users_add(request):
"""
Get list of permissions assigned to specific resources
"""
group = GroupService.by_id(request.matchdict.get("group_id"))
user = UserService.by_user_name(request.unsafe_json_body.get("user_name"))
if not user:
user = UserService.by_email(request.unsafe_json_body.get("user_name"))
if not group or not user:
return HTTPNotFound()
if user not in group.users:
group.users.append(user)
group.member_count = group.users_dynamic.count()
props = [
"user_name",
"id",
"first_name",
"last_name",
"email",
"last_login_date",
"status",
]
u_dict = user.get_dict(include_keys=props)
u_dict["gravatar_url"] = UserService.gravatar_url(user, s=20)
return u_dict
def user_resource_permission_create(request):
"""
Set new permissions for user for a resource
"""
resource = request.context.resource
user_name = request.unsafe_json_body.get("user_name")
user = UserService.by_user_name(user_name)
if not user:
user = UserService.by_email(user_name)
if not user:
return False
for perm_name in request.unsafe_json_body.get("permissions", []):
permission = UserResourcePermissionService.by_resource_user_and_perm(
user.id, perm_name, resource.resource_id
)
if not permission:
permission = UserResourcePermission(perm_name=perm_name, user_id=user.id)
resource.user_permissions.append(permission)
DBSession.flush()
perms = [
p.perm_name
for p in ResourceService.perms_for_user(resource, user)
if p.type == "user"
]
result = {"user_name": user.user_name, "permissions": list(set(perms))}
return result
def lost_password(request):
"""
Presents lost password page - sends password reset link to
specified email address.
This link is valid only for 10 minutes
"""
form = forms.LostPasswordForm(request.POST, csrf_context=request)
if request.method == "POST" and form.validate():
user = UserService.by_email(form.email.data)
if user:
UserService.regenerate_security_code(user)
user.security_code_date = datetime.datetime.utcnow()
email_vars = {
"user": user,
"request": request,
"email_title": "AppEnlight :: New password request",
}
UserService.send_email(
request,
recipients=[user.email],
variables=email_vars,
template="/email_templates/lost_password.jinja2",
)
msg = (
"Password reset email had been sent. "
"Please check your mailbox for further instructions."
)
request.session.flash(_(msg))
return HTTPFound(location=request.route_url("lost_password"))
return {"form": form}
def validate_email(self, value):
request = self.context['request']
modified_obj = self.context.get('modified_obj')
user = UserService.by_email(value, db_session=request.dbsession)
if user:
if not modified_obj or modified_obj.id != user.id:
msg = _('Email already exists in database')
raise validate.ValidationError(msg)
def by_email(cls, email, db_session=None):
"""
.. deprecated:: 0.8
:param email:
:param db_session:
:return:
"""
db_session = get_db_session(db_session)
return UserService.by_email(email=email, db_session=db_session)
def by_email(cls, email, db_session=None):
"""
.. deprecated:: 0.8
:param email:
:param db_session:
:return:
"""
db_session = get_db_session(db_session)
return UserService.by_email(email=email,
db_session=db_session)
def search_users(request):
"""
Returns a list of users for autocomplete
"""
user = request.user
items_returned = []
like_condition = request.params.get("user_name", "") + "%"
# first append used if email is passed
found_user = UserService.by_email(request.params.get("user_name", ""))
if found_user:
name = "{} {}".format(found_user.first_name, found_user.last_name)
items_returned.append({"user": found_user.user_name, "name": name})
for found_user in UserService.user_names_like(like_condition).limit(20):
name = "{} {}".format(found_user.first_name, found_user.last_name)
items_returned.append({"user": found_user.user_name, "name": name})
return items_returned
def sign_in(self, request):
came_from = request.params.get(self.signin_came_from_key, "/")
db_session = self.session_getter(request)
user = UserService.by_user_name(request.params.get(
self.signin_username_key),
db_session=db_session)
if user is None:
# if no result, test to see if email exists
user = UserService.by_email(request.params.get(
self.signin_username_key),
db_session=db_session)
if user:
password = request.params.get(self.signin_password_key)
if UserService.check_password(user, password):
headers = pyramid.security.remember(request, user.id)
return ZigguratSignInSuccess(headers=headers,
came_from=came_from,
user=user)
headers = pyramid.security.forget(request)
return ZigguratSignInBadAuth(headers=headers, came_from=came_from)
def sign_in(self, request):
came_from = request.params.get(self.signin_came_from_key, "/")
db_session = self.session_getter(request)
user = UserService.by_user_name(
request.params.get(self.signin_username_key), db_session=db_session
)
if user is None:
# if no result, test to see if email exists
user = UserService.by_email(
request.params.get(self.signin_username_key), db_session=db_session
)
if user:
password = request.params.get(self.signin_password_key)
if UserService.check_password(user, password):
headers = pyramid.security.remember(request, user.id)
return ZigguratSignInSuccess(
headers=headers, came_from=came_from, user=user
)
headers = pyramid.security.forget(request)
return ZigguratSignInBadAuth(headers=headers, came_from=came_from)
def test_by_email_wrong_email(self, db_session):
add_user(db_session)
queried_user = UserService.by_email("wrong_email", db_session=db_session)
assert queried_user is None
def test_by_email_none(self, db_session):
add_user(db_session)
queried_user = UserService.by_email(None, db_session=db_session)
assert queried_user is None
def test_by_email(self, db_session):
created_user = add_user(db_session)
queried_user = UserService.by_email("email", db_session=db_session)
assert created_user == queried_user
def unique_email_validator(form, field):
user = UserService.by_email(field.data)
if user:
raise wtforms.ValidationError("This email already exists in system")
def found_username_email_validator(form, field):
user = UserService.by_email(field.data)
if not user:
raise wtforms.ValidationError("Email is incorrect")
