def get(self, ar): from brave.core.application.model import ApplicationGrant ar = self.ar(ar) u = user._current_obj() grant = ApplicationGrant.objects(user=u, application=ar.application).first() if not grant: # TODO: We need a 'just logged in' flag in the request. characters = list(u.characters.order_by('name').all()) if len(characters): default = u.primary or characters[0] else: return ('brave.core.template.authorize', dict(success=False, message=_("This application requires that you have a character connected to your" " account. Please <a href=\"/key/\">add an API key</a> to your account."), ar=ar)) return 'brave.core.template.authorize', dict(success=True, ar=ar, characters=characters, default=default) ngrant = ApplicationGrant(user=u, application=ar.application, mask=grant.mask, expires=datetime.utcnow() + timedelta(days=30), character=grant.character) ngrant.save() ar.user = u ar.grant = ngrant ar.expires = datetime.utcnow() + timedelta(minutes=10) # extend to allow time for verification ar.save() r = grant.delete() target = URL(ar.success) target.query.update(dict(token=str(ngrant.id))) raise HTTPFound(location=str(target))
def post(self, ar, grant=None, character=None): from brave.core.character.model import EVECharacter from brave.core.application.model import ApplicationGrant ar = self.ar(ar) u = user._current_obj() if not grant: # Deny access. ar.user = u ar.grant = None ar.expires = datetime.utcnow() + timedelta( minutes=10) # extend to allow time for verification ar.save() target = URL(ar.failure) target.query.update(dict(token=str(ar.id))) return 'json:', dict(success=True, location=str(target)) try: character = EVECharacter.objects.get(owner=u, id=character) except EVECharacter.DoesNotExist: return 'json:', dict(success=False, message="Unknown character ID.") except: log.exception("Error loading character.") return 'json:', dict(success=False, message="Error loading character.") # TODO: Non-zero grants. grant = ApplicationGrant(user=u, application=ar.application, mask=0, expires=datetime.utcnow() + timedelta(days=30), character=character) grant.save() ar.user = u ar.grant = grant ar.expires = datetime.utcnow() + timedelta( minutes=10) # extend to allow time for verification ar.save() target = URL(ar.success) target.query.update(dict(token=str(grant.id))) return 'json:', dict(success=True, location=str(target))
def get(self, ar): from brave.core.application.model import ApplicationGrant ar = self.ar(ar) u = user._current_obj() grant = ApplicationGrant.objects(user=u, application=ar.application).first() if not grant: # TODO: We need a 'just logged in' flag in the request. characters = list(u.characters.order_by('name').all()) if len(characters): default = u.primary or characters[0] else: return ( 'brave.core.template.authorize', dict( success=False, message= _("This application requires that you have a character connected to your" " account. Please <a href=\"/key/\">add an API key</a> to your account." ), ar=ar)) return 'brave.core.template.authorize', dict(success=True, ar=ar, characters=characters, default=default) ngrant = ApplicationGrant(user=u, application=ar.application, mask=grant.mask, expires=datetime.utcnow() + timedelta(days=30), character=grant.character) ngrant.save() ar.user = u ar.grant = ngrant ar.expires = datetime.utcnow() + timedelta( minutes=10) # extend to allow time for verification ar.save() r = grant.delete() target = URL(ar.success) target.query.update(dict(token=str(ngrant.id))) raise HTTPFound(location=str(target))
def merge(self, other): """Consumes other and takes its children.""" other.credentials.update(set__owner=self) other.characters.update(set__owner=self) LoginHistory.objects(user=other).update(set__user=self) from brave.core.group.model import Group from brave.core.application.model import Application, ApplicationGrant Group.objects(creator=other).update(set__creator=self) Application.objects(owner=other).update(set__owner=self) ApplicationGrant.objects(user=other).update(set__user=self) other.delete()
def get(self): records = ApplicationGrant.objects( user = user._current_obj() ).order_by('-id') return 'brave.core.application.template.list_grants', dict( area = 'apps', records = records )
def post(self, ar, grant=None, character=None): from brave.core.character.model import EVECharacter from brave.core.application.model import ApplicationGrant ar = self.ar(ar) u = user._current_obj() if not grant: # Deny access. ar.user = u ar.grant = None ar.expires = datetime.utcnow() + timedelta(minutes=10) # extend to allow time for verification ar.save() target = URL(ar.failure) target.query.update(dict(token=str(ar.id))) return 'json:', dict(success=True, location=str(target)) try: character = EVECharacter.objects.get(owner=u, id=character) except EVECharacter.DoesNotExist: return 'json:', dict(success=False, message="Unknown character ID.") except: log.exception("Error loading character.") return 'json:', dict(success=False, message="Error loading character.") # TODO: Non-zero grants. grant = ApplicationGrant(user=u, application=ar.application, mask=0, expires=datetime.utcnow() + timedelta(days=30), character=character) grant.save() ar.user = u ar.grant = grant ar.expires = datetime.utcnow() + timedelta(minutes=10) # extend to allow time for verification ar.save() target = URL(ar.success) target.query.update(dict(token=str(grant.id))) return 'json:', dict(success=True, location=str(target))
def get(self): records = ApplicationGrant.objects( user=user._current_obj()).order_by('-id') return 'brave.core.application.template.list_grants', dict( area='apps', records=records)
def deauthorize(self, token): from brave.core.application.model import ApplicationGrant count = ApplicationGrant.objects(id=token, application=request.service).delete() return dict(success=bool(count))
def grants(self): from brave.core.application.model import ApplicationGrant return ApplicationGrant.objects(user=self)