def _check_invite_allowed(email_domain): if not g.config('invitations', 'enabled'): # TODO(imelnikov): consider if this is error 403, not 400 raise exc.InvalidRequest('Invitations disabled') domains_allowed = g.config('invitations', 'domains-allowed') if domains_allowed and email_domain not in domains_allowed: abort(403)
def _send_mail(email, link_template, subject, template, args): args = args.copy() args['installation_name'] = g.config('general', 'installation-name') args['footer'] = g.config('mail', 'footer') if link_template: args['link'] = _render_link_template(link_template, args['code']) if not args['greeting']: # empty string and None should mean 'no greeting' del args['greeting'] msg = mail.Message(subject % args, recipients=[email], sender=(g.config('mail', 'sender-name'), g.config('mail', 'sender-mail')), body=render_template(template, **args)) try: mail.Mail(current_app).send(msg) except IOError, e: e.message = 'Failed to send e-mail' raise
def apply_password_reset(code): if not g.config('password-reset', 'enabled'): abort(404) data = parse_request_data(required=_APPLY_SCHEMA) token = ResetTokensDAO.get(code) if not token or token.complete: abort(404) user = fetch_user(token.user_id, admin_mode=True) update_user_data(user, data) ResetTokensDAO.complete_for_user(token.user_id) return make_json_response(None, status_code=204)
def reset_password(): if not g.config('password-reset', 'enabled'): abort(404) data = parse_request_data(allowed=_RESET_SCHEMA) user = _find_user(data) if user is None: return make_json_response(None, status_code=204) token = ResetTokensDAO.create(user.id, user.email) send_reset_password(user.email, token.code, user.name, link_template=data.get('link-template'), greeting=getattr(user, 'fullname', '')) return make_json_response(None, status_code=204)
def send_invite_for_user(user_id): if not g.config('invitations', 'enabled'): # TODO(imelnikov): consider if this is error 403, not 400 raise exc.InvalidRequest('Invitations disabled') data = parse_request_data(_SEND_INVITE_SCHEMA) user = fetch_user(user_id, g.is_admin) if data.get('disable-user', False): auth.assert_admin() update_user_data(user, {'enabled': False, 'password': None}) result = _invite_user(user, data) return make_json_response(result)