def contact(control_list_id):
""" This routes allows user to send email to list administrators
"""
control_list, is_owner = ControlLists.get_linked_or_404(
control_list_id=control_list_id, user=current_user)
form = SendMailToAdmin(prefix="mail")
if request.method == "POST" and form.validate_on_submit():
control_list_link = url_for('control_lists_bp.get',
control_list_id=control_list_id,
_external=True)
email.send_email_async(
app=current_app._get_current_object(),
bcc=[u[3] for u in control_list.owners] + [current_user.email],
recipient=[],
subject='[Pyrrha Control List] ' + form.title.data,
template='control_lists/email/contact',
# current_user is a LocalProxy, we want the underlying user
# object
user=current_user._get_current_object(),
message=form.message.data,
control_list_title=control_list.name,
url=control_list_link)
flash('The email has been sent to the control list administrators.',
'success')
return redirect(
url_for('control_lists_bp.contact',
control_list_id=control_list_id))
return render_template_with_nav_info('control_lists/contact.html',
form=form,
control_list=control_list)
def reset_password_request():
"""Respond to existing user's request to reset their password."""
if not current_user.is_anonymous:
return redirect(url_for('main.index'))
form = RequestResetPasswordForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user:
token = user.generate_password_reset_token()
reset_link = url_for('account.reset_password',
token=token,
_external=True)
send_email_async(app=current_app._get_current_object(),
recipient=user.email,
subject='Reset Your Password',
template='account/email/reset_password',
user=user,
reset_link=reset_link,
next=request.args.get('next'))
flash(
'A password reset link has been sent to {}.'.format(
form.email.data), 'warning')
return redirect(url_for('account.login'))
return render_template_with_nav_info('account/reset_password.html',
form=form)
def invite_user():
"""Invites a new user to create an account and set their own password."""
form = InviteUserForm()
if form.validate_on_submit():
user = User(role=form.role.data,
first_name=form.first_name.data,
last_name=form.last_name.data,
email=form.email.data)
db.session.add(user)
db.session.commit()
token = user.generate_confirmation_token()
invite_link = url_for('account.join_from_invite',
user_id=user.id,
token=token,
_external=True)
send_email_async(
app=current_app._get_current_object(),
recipient=user.email,
subject='You Are Invited To Join',
template='account/email/invite',
user=user,
invite_link=invite_link,
)
flash('User {} successfully invited'.format(user.full_name()),
'form-success')
return render_template_with_nav_info('admin/new_user.html', form=form)
def change_email_request():
"""Respond to existing user's request to change their email."""
form = ChangeEmailForm()
if form.validate_on_submit():
if current_user.verify_password(form.password.data):
new_email = form.email.data
token = current_user.generate_email_change_token(new_email)
change_email_link = url_for('account.change_email',
token=token,
_external=True)
send_email_async(
app=current_app._get_current_object(),
recipient=new_email,
subject='Confirm Your New Email',
template='account/email/change_email',
# current_user is a LocalProxy, we want the underlying user
# object
user=current_user._get_current_object(),
change_email_link=change_email_link)
flash('A confirmation link has been sent to {}.'.format(new_email),
'warning')
return redirect(url_for('main.index'))
else:
flash('Invalid email or password.', 'form-error')
return render_template_with_nav_info('account/manage.html', form=form)
def propose_as_public(control_list_id):
""" This routes allows user to send email to application administrators
to propose a list as public for everyone to use
"""
control_list, is_owner = ControlLists.get_linked_or_404(
control_list_id=control_list_id, user=current_user)
if not is_owner:
flash("You are not an owner of the list.", category="error")
return redirect(
url_for("control_lists_bp.get", control_list_id=control_list_id))
elif control_list.public != PublicationStatus.private:
flash("This list is already public or submitted.", category="warning")
return redirect(
url_for("control_lists_bp.get", control_list_id=control_list_id))
form = SendMailToAdmin(prefix="mail")
if form.validate_on_submit():
admins = User.get_admins()
control_list_link = url_for('control_lists_bp.get',
control_list_id=control_list_id,
_external=True)
control_list.public = PublicationStatus.submitted
db.session.add(control_list)
try:
email.send_email_async(
app=current_app._get_current_object(),
bcc=[u.email for u in admins] + [current_user.email],
recipient=[],
subject='[Pyrrha Control List] ' + form.title.data,
template='control_lists/email/contact',
# current_user is a LocalProxy, we want the underlying user
# object
user=current_user._get_current_object(),
message=form.message.data,
control_list_title=control_list.name,
url=control_list_link)
flash('The email has been sent to the administrators.', 'success')
db.session.commit()
except Exception:
db.session.rollback()
flash("There was an error during the messaging step")
return render_template_with_nav_info(
'control_lists/propose_as_public.html',
form=form,
control_list=control_list)
def confirm_request():
"""Respond to new user's request to confirm their account."""
token = current_user.generate_confirmation_token()
confirm_link = url_for('account.confirm', token=token, _external=True)
send_email_async(
app=current_app._get_current_object(),
recipient=current_user.email,
subject='Confirm Your Account',
template='account/email/confirm',
# current_user is a LocalProxy, we want the underlying user object
user=current_user._get_current_object(),
confirm_link=confirm_link)
flash(
'A new confirmation link has been sent to {}.'.format(
current_user.email), 'warning')
return redirect(url_for('main.index'))
def test_send_mail(self):
with self.app.app_context():
new_user = User(first_name="John",
last_name="Doe",
email="*****@*****.**",
role_id=1)
TestSendMail.db.session.add(new_user)
TestSendMail.db.session.commit()
send_email_async(self.app,
recipient="*****@*****.**",
subject="hello world",
template="account/email/reset_password",
user=User.query.first(),
reset_link="test",
config=self.app.config)
def join_from_invite(user_id, token):
"""
Confirm new user's account with provided token and prompt them to set
a password.
"""
if current_user is not None and current_user.is_authenticated:
flash('You are already logged in.', 'error')
return redirect(url_for('main.index'))
new_user = User.query.get(user_id)
if new_user is None:
return redirect(404)
if new_user.password_hash is not None:
flash('You have already joined.', 'error')
return redirect(url_for('main.index'))
if new_user.confirm_account(token):
form = CreatePasswordForm()
if form.validate_on_submit():
new_user.password = form.password.data
db.session.add(new_user)
db.session.commit()
flash(
'Your password has been set. After you log in, you can '
'go to the "Your Account" page to review your account '
'information and settings.', 'success')
return redirect(url_for('account.login'))
return render_template('account/join_invite.html', form=form)
else:
flash(
'The confirmation link is invalid or has expired. Another '
'invite email with a new link has been sent to you.', 'error')
token = new_user.generate_confirmation_token()
invite_link = url_for('account.join_from_invite',
user_id=user_id,
token=token,
_external=True)
send_email_async(app=current_app._get_current_object(),
recipient=new_user.email,
subject='You Are Invited To Join',
template='account/email/invite',
user=new_user,
invite_link=invite_link)
return redirect(url_for('main.index'))
def register():
"""Register a new user, and send them a confirmation email."""
form = RegistrationForm()
if form.validate_on_submit():
user = User(first_name=form.first_name.data,
last_name=form.last_name.data,
email=form.email.data,
password=form.password.data)
db.session.add(user)
db.session.commit()
token = user.generate_confirmation_token()
confirm_link = url_for('account.confirm', token=token, _external=True)
send_email_async(app=current_app._get_current_object(),
recipient=user.email,
subject='Confirm Your Account',
template='account/email/confirm',
user=user,
confirm_link=confirm_link)
flash('A confirmation link has been sent to {}.'.format(user.email),
'warning')
return redirect(url_for('main.index'))
return render_template_with_nav_info('account/register.html', form=form)