def lookup_current_user():
"""Set the g.user variable to the User in the database that shares
openid with the session, if one exists.
Note that it gets called before all requests, but not before decorators
"""
g.user = None
if not current_app.config.get('EVENTUM_GOOGLE_AUTH_ENABLED'):
# bypass auth by mocking a super user
session['gplus_id'] = SUPER_USER_GPLUS_ID
try:
g.user = User.objects.get(gplus_id=SUPER_USER_GPLUS_ID)
except DoesNotExist:
user = User(name='Super User',
gplus_id=SUPER_USER_GPLUS_ID,
user_type='admin',
email='*****@*****.**')
user.save()
if 'gplus_id' in session:
gplus_id = session['gplus_id']
try:
g.user = User.objects().get(gplus_id=gplus_id)
except DoesNotExist:
pass # Fail gracefully if the user is not in the database yet
def lookup_current_user():
"""Set the g.user variable to the User in the database that shares
openid with the session, if one exists.
Note that it gets called before all requests, but not before decorators
"""
g.user = None
if not current_app.config.get('EVENTUM_GOOGLE_AUTH_ENABLED'):
# bypass auth by mocking a super user
session['gplus_id'] = SUPER_USER_GPLUS_ID
try:
g.user = User.objects.get(gplus_id=SUPER_USER_GPLUS_ID)
except DoesNotExist:
user = User(name='Super User',
gplus_id=SUPER_USER_GPLUS_ID,
user_type='admin',
email='*****@*****.**')
user.save()
if 'gplus_id' in session:
gplus_id = session['gplus_id']
try:
g.user = User.objects().get(gplus_id=gplus_id)
except DoesNotExist:
pass # Fail gracefully if the user is not in the database yet
def create_profile():
"""Create a profile (filling in the form with openid data), and
register it in the database.
**Route:** ``/admin/create-profile``
**Methods:** ``GET, POST``
"""
if g.user is not None and 'gplus_id' in session:
# use code=303 to avoid POSTing to the next page.
return redirect(url_for('admin.index'), code=303)
form = CreateProfileForm(request.form,
name=request.args['name'],
email=request.args['email'],
next=request.args['next'])
if form.validate_on_submit():
if User.objects(email=form.email.data).count() != 0:
# A user with this email already exists. Override it.
user = User.objects.get(email=form.email.data)
user.openid = session['openid']
user.name = form.name.data
flash('Account with this email already exists. Overridden.',
MESSAGE_FLASH)
user.register_login()
user.save()
else:
# Retreive their user type from the whitelist then remove them.
wl = Whitelist.objects().get(email=form.email.data)
user_type = wl.user_type
wl.redeemed = True
wl.save()
# Create a brand new user
user = User(email=form.email.data,
name=form.name.data,
gplus_id=session['gplus_id'],
user_type=user_type,
image_url=request.args.get('image_url'))
flash('Account created successfully.', MESSAGE_FLASH)
user.register_login()
user.save()
# redirect to the next url or the root of the application ('/')
if form.next.data:
# use code=303 to avoid POSTing to the next page.
return redirect(form.next.data, code=303)
# use code=303 to avoid POSTing to the next page.
return redirect('/', code=303)
return render_template('eventum_auth/create_profile.html',
image_url=request.args.get('image_url'),
form=form)
def create_profile():
"""Create a profile (filling in the form with openid data), and
register it in the database.
**Route:** ``/admin/create-profile``
**Methods:** ``GET, POST``
"""
if g.user is not None and 'gplus_id' in session:
# use code=303 to avoid POSTing to the next page.
return redirect(url_for('admin.index'), code=303)
form = CreateProfileForm(request.form,
name=request.args['name'],
email=request.args['email'],
next=request.args['next'])
if form.validate_on_submit():
if User.objects(email=form.email.data).count() != 0:
# A user with this email already exists. Override it.
user = User.objects.get(email=form.email.data)
user.openid = session['openid']
user.name = form.name.data
flash('Account with this email already exists. Overridden.',
MESSAGE_FLASH)
user.register_login()
user.save()
else:
# Retreive their user type from the whitelist then remove them.
wl = Whitelist.objects().get(email=form.email.data)
user_type = wl.user_type
wl.redeemed = True
wl.save()
# Create a brand new user
user = User(email=form.email.data,
name=form.name.data,
gplus_id=session['gplus_id'],
user_type=user_type,
image_url=request.args.get('image_url'))
flash('Account created successfully.', MESSAGE_FLASH)
user.register_login()
user.save()
# redirect to the next url or the root of the application ('/')
if form.next.data:
# use code=303 to avoid POSTing to the next page.
return redirect(form.next.data, code=303)
# use code=303 to avoid POSTing to the next page.
return redirect('/', code=303)
return render_template('eventum_auth/create_profile.html',
image_url=request.args.get('image_url'), form=form)
def add():
"""Add and email to the whitelist.
**Route:** ``/admin/whitelist/add``
**Methods:** ``POST``
"""
form = AddToWhitelistForm(request.form)
if form.user_type.data == 'fake_user':
if form.validate_on_submit():
fake_id = str(uuid.uuid4())
fake_email = fake_id[:10] + "@fake-users.com"
filename = form.fake_user_image.data
try:
fake_image = Image.objects().get(filename=filename)
fake_user = User(email=fake_email,
gplus_id=fake_id,
name=form.name.data,
user_type=form.user_type.data,
image=fake_image)
except Image.DoesNotExist:
fake_user = User(email=fake_email,
gplus_id=fake_id,
name=form.name.data,
user_type=form.user_type.data)
fake_user.save()
else:
current_app.logger.warning(form.errors)
else:
user_exists = User.objects(email=form.email.data).count() != 0
if form.validate_on_submit() and not user_exists:
wl = Whitelist(email=form.email.data,
user_type=form.user_type.data)
wl.save()
else:
current_app.logger.warning(form.errors)
return redirect(url_for('users.index'))
def setUp(self): # noqa
"""Before every test, make some example users."""
from eventum.models import User
for user_config in USERS.values():
user = User(**user_config)
user.save()
