def _newLink(self, vestigings_sleutel, webservice): session = Session() # Check if there is an account from another regelhulp for the same # vestiging. account = session.query(model.Account)\ .filter(model.Account.loginname == vestigings_sleutel)\ .first() if account is None: # Create a new account account = model.Account( loginname=vestigings_sleutel, password=None) session.add(account) session.flush() # Make sure account.id is set log.info('Created new OD account %s for %s', account.loginname, self.url()) # Login with the account newSecurityManager(None, account) pas = getToolByName(self.context, 'acl_users') pas.updateCredentials(self.request, self.response, account.loginname, None) # And start a new survey survey = aq_inner(self.context) ss = SessionManager.start(title=survey.Title(), survey=survey) Session.add(OdLink( session=ss, vestigings_sleutel=vestigings_sleutel, webservice=webservice)) v_url = urlparse.urlsplit(survey.absolute_url() + '/od-new').path trigger_extra_pageview(self.request, v_url) self.request.response.redirect('%s/start' % survey.absolute_url())
def _NewSurvey(self, info): """Utility method to start a new survey session.""" survey = aq_inner(self.context) title = info.get("title", u"").strip() if not title: title = survey.Title() SessionManager.start(title=title, survey=survey) v_url = urlparse.urlsplit(self.url()+'/resume').path trigger_extra_pageview(self.request, v_url) self.request.response.redirect("%s/start" % survey.absolute_url())
def _start(self, link): pas = getToolByName(self.context, 'acl_users') pas.updateCredentials(self.request, self.response, link.session.account.loginname, None) newSecurityManager(None, link.session.account) SessionManager.resume(link.session) survey = self.request.client.restrictedTraverse(str(link.session.zodb_path)) v_url = urlparse.urlsplit(self.url() + '/od-resume').path trigger_extra_pageview(self.request, v_url) self.request.response.redirect("%s/resume" % survey.absolute_url())
def _NewSurvey(self, info): """Utility method to start a new survey session.""" survey = aq_inner(self.context) title = info.get("title", u"").strip() if not title: title = survey.Title() SessionManager.start(title=title, survey=survey) v_url = urlparse.urlsplit(self.url() + '/resume').path trigger_extra_pageview(self.request, v_url) self.request.response.redirect("%s/start?initial_view=1" % survey.absolute_url())
def _tryRegistration(self): reply = self.request.form loginname = reply.get("email") if not loginname: self.errors["email"] = _( "error_missing_email", default=u"Please enter your email address") elif not EMAIL_RE.match(loginname): self.errors["email"] = _( "error_invalid_email", default=u"Please enter a valid email address") if not reply.get("password1"): self.errors["password"] = _("error_missing_password", default=u"Please enter a password") elif reply.get("password1") != reply.get("password2"): self.errors["password"] = _("error_password_mismatch", default=u"Passwords do not match") if self.errors: return False session = Session() loginname = loginname.lower() account = session.query(model.Account)\ .filter(model.Account.loginname == loginname).count() if account: self.errors["email"] = _( "error_email_in_use", default=u"An account with this email address already exists.") return False pm = getToolByName(self.context, "portal_membership") if pm.getMemberById(loginname) is not None: self.errors["email"] = _( "error_email_in_use", default=u"An account with this email address already exists.") return False guest_session_id = self.request.form.get('guest_session_id') if guest_session_id: account = getSecurityManager().getUser() account.loginname = loginname account.password = reply.get("password1") account.account_type = config.CONVERTED_ACCOUNT else: account = model.Account(loginname=loginname, password=reply.get("password1")) Session().add(account) log.info("Registered new account %s", loginname) v_url = urlparse.urlsplit(self.url() + '/success').path trigger_extra_pageview(self.request, v_url) return account
def _ContinueSurvey(self, info): """Utility method to continue an existing session.""" session = Session.query(model.SurveySession).get(info["session"]) current_user = aq_base(getSecurityManager().getUser()) if session.account is not current_user: log.warn('User %s tried to hijack session from %s', getattr(current_user, 'loginname', repr(current_user)), session.account.loginname) raise Unauthorized() SessionManager.resume(session) survey = self.request.client.restrictedTraverse(str(session.zodb_path)) v_url = urlparse.urlsplit(self.url()+'/resume').path trigger_extra_pageview(self.request, v_url) self.request.response.redirect("%s/resume" % survey.absolute_url())
def _tryRegistration(self): reply = self.request.form loginname = reply.get("email") if not loginname: self.errors["email"] = _("error_missing_email", default=u"Please enter your email address") elif not EMAIL_RE.match(loginname): self.errors["email"] = _("error_invalid_email", default=u"Please enter a valid email address") if not reply.get("password1"): self.errors["password"] = _("error_missing_password", default=u"Please enter a password") elif reply.get("password1") != reply.get("password2"): self.errors["password"] = _("error_password_mismatch", default=u"Passwords do not match") if self.errors: return False session = Session() loginname = loginname.lower() account = session.query(model.Account)\ .filter(model.Account.loginname == loginname).count() if account: self.errors["email"] = _("error_email_in_use", default=u"An account with this email address already exists.") return False pm = getToolByName(self.context, "portal_membership") if pm.getMemberById(loginname) is not None: self.errors["email"] = _("error_email_in_use", default=u"An account with this email address already exists.") return False guest_session_id = self.request.form.get('guest_session_id') if guest_session_id: account = getSecurityManager().getUser() account.loginname = loginname account.password = reply.get("password1") account.account_type = config.CONVERTED_ACCOUNT else: account = model.Account( loginname=loginname, password=reply.get("password1") ) Session().add(account) log.info("Registered new account %s", loginname) v_url = urlparse.urlsplit(self.url()+'/success').path trigger_extra_pageview(self.request, v_url) return account
def _ContinueSurvey(self, info): """Utility method to continue an existing session.""" session = Session.query(model.SurveySession).get(info["session"]) current_user = aq_base(getSecurityManager().getUser()) if session.account is not current_user: log.warn('User %s tried to hijack session from %s', getattr(current_user, 'loginname', repr(current_user)), session.account.loginname) raise Unauthorized() SessionManager.resume(session) survey = self.request.client.restrictedTraverse(str(session.zodb_path)) v_url = urlparse.urlsplit(self.url() + '/resume').path trigger_extra_pageview(self.request, v_url) self.request.response.redirect("%s/resume?initial_view=1" % survey.absolute_url())
def update(self): context = aq_inner(self.context) came_from = self.request.form.get("came_from") if came_from: if isinstance(came_from, list): # If came_from is both in the querystring and the form data came_from = came_from[0] self.setLanguage(came_from) else: came_from = aq_parent(context).absolute_url() account = getSecurityManager().getUser() appconfig = component.getUtility(IAppConfig) settings = appconfig.get('euphorie') self.allow_guest_accounts = settings.get('allow_guest_accounts', False) if self.request.environ["REQUEST_METHOD"] == "POST": reply = self.request.form if reply["next"] == "previous": next = aq_parent(aq_inner(context)).absolute_url() self.response.redirect(next) return if isinstance(account, model.Account) and \ account.getUserName() == reply.get("__ac_name", '').lower(): self.transferGuestSession(reply.get('guest_session_id')) self.login(account, bool(self.request.form.get('remember'))) v_url = urlparse.urlsplit(self.url()+'/success').path trigger_extra_pageview(self.request, v_url) if checkTermsAndConditions() and \ not approvedTermsAndConditions(account): self.response.redirect( "%s/terms-and-conditions?%s" % (context.absolute_url(), urllib.urlencode({"came_from": came_from}))) else: self.response.redirect(came_from) return self.error = True self.reminder_url = "%s/@@reminder?%s" % (context.absolute_url(), urllib.urlencode({'came_from': came_from})) self.register_url = "%s/@@register?%s" % (context.absolute_url(), urllib.urlencode({'came_from': came_from})) self.tryout_url = "%s/@@tryout?%s" % (context.absolute_url(), urllib.urlencode({'came_from': came_from}))
def update(self): context = aq_inner(self.context) came_from = self.request.form.get("came_from") if came_from: if isinstance(came_from, list): # If came_from is both in the querystring and the form data came_from = came_from[0] self.setLanguage(came_from) else: came_from = aq_parent(context).absolute_url() account = getSecurityManager().getUser() appconfig = component.getUtility(IAppConfig) settings = appconfig.get('euphorie') self.allow_guest_accounts = settings.get('allow_guest_accounts', False) if self.request.environ["REQUEST_METHOD"] == "POST": reply = self.request.form if reply["next"] == "previous": next = aq_parent(aq_inner(context)).absolute_url() self.response.redirect(next) return if isinstance(account, model.Account) and \ account.getUserName() == reply.get("__ac_name", '').lower(): self.transferGuestSession(reply.get('guest_session_id')) self.login(account, bool(self.request.form.get('remember'))) v_url = urlparse.urlsplit(self.url() + '/success').path trigger_extra_pageview(self.request, v_url) if checkTermsAndConditions() and \ not approvedTermsAndConditions(account): self.response.redirect( "%s/terms-and-conditions?%s" % (context.absolute_url(), urllib.urlencode({"came_from": came_from}))) else: self.response.redirect(came_from) return self.error = True self.reminder_url = "%s/@@reminder?%s" % ( context.absolute_url(), urllib.urlencode({'came_from': came_from})) self.register_url = "%s/@@register?%s" % ( context.absolute_url(), urllib.urlencode({'came_from': came_from})) self.tryout_url = "%s/@@tryout?%s" % ( context.absolute_url(), urllib.urlencode({'came_from': came_from}))
def _continue(self, session_id, vestigings_sleutel, webservice): session = Session.query(model.SurveySession).get(session_id) account = aq_base(getSecurityManager().getUser()) if session.account is not account: log.warn('User %s tried to hijack session from %s', getattr(account, 'loginname', repr(account)), session.account.loginname) raise Unauthorized() Session.add(OdLink( session=session, vestigings_sleutel=vestigings_sleutel, webservice=webservice)) SessionManager.resume(session) survey = self.request.client.restrictedTraverse(str(session.zodb_path)) v_url = urlparse.urlsplit(self.url() + '/od-link').path trigger_extra_pageview(self.request, v_url) self.request.response.redirect("%s/resume" % survey.absolute_url())
def update(self): came_from = self.request.form.get("came_from") if not came_from: return self.request.response.redirect(api.portal.get().absolute_url()) account = self.createGuestAccount() self.login(account, False) client_url = self.request.client.absolute_url() came_from = came_from.replace(client_url, '') if came_from.startswith('/'): came_from = came_from[1:] try: survey = self.context.restrictedTraverse(came_from) except KeyError: survey = None if not ISurvey.providedBy(survey): return self.request.response.redirect(came_from) title = survey.Title() SessionManager.start(title=title, survey=survey, account=account) survey_url = survey.absolute_url() v_url = urlparse.urlsplit(survey_url + '/resume').path trigger_extra_pageview(self.request, v_url) self.request.response.redirect("%s/start" % survey_url)
def update(self): came_from = self.request.form.get("came_from") if not came_from: return self.request.response.redirect( api.portal.get().absolute_url()) account = self.createGuestAccount() self.login(account, False) client_url = self.request.client.absolute_url() came_from = came_from.replace(client_url, '') if came_from.startswith('/'): came_from = came_from[1:] try: survey = self.context.restrictedTraverse(came_from) except KeyError: survey = None if not ISurvey.providedBy(survey): return self.request.response.redirect(came_from) title = survey.Title() SessionManager.start(title=title, survey=survey, account=account) survey_url = survey.absolute_url() v_url = urlparse.urlsplit(survey_url + '/resume').path trigger_extra_pageview(self.request, v_url) self.request.response.redirect("%s/start" % survey_url)
def __call__(self): context = aq_inner(self.context) self.errors = {} form = self.request.form came_from = self.webhelpers.get_came_from( default=self.webhelpers.country_url) self.setLanguage(came_from) account = get_current_account() self.allow_guest_accounts = api.portal.get_registry_record( "euphorie.allow_guest_accounts", default=False) lang = api.portal.get_current_language() self.show_whofor = False if lang in ("fr", ) else True self.show_what_to_do = False if lang in ("fr", ) else True self.show_how_long = False if lang in ("fr", ) else True self.show_why_register = True self.show_prepare = False if lang in ("fr", ) else True if self.request.method == "POST": if form.get("action") == "login": if (isinstance(account, model.Account) and account.getUserName() == form.get("__ac_name", "").lower()): self.transferGuestSession() self.login(account, bool(self.request.form.get("remember"))) v_url = urlsplit(self.request.URL + "/success").path.replace("@@", "") trigger_extra_pageview(self.request, v_url) else: self.error = True elif form.get("action") == "register": account = self._tryRegistration() if account: pas = getToolByName(self.context, "acl_users") pas.updateCredentials( self.request, self.request.response, account.getUserName(), account.password, ) else: self.error = True if not self.error: if api.portal.get_registry_record( "euphorie.terms_and_conditions", default=False ) and not approvedTermsAndConditions(account): self.request.RESPONSE.redirect( "{0}/terms-and-conditions?{1}".format( context.absolute_url(), urlencode({"came_from": came_from}), )) else: self.request.RESPONSE.redirect(came_from) return self.reset_password_request_url = "{0}/@@reset_password_request?{1}".format( context.absolute_url(), urlencode({"came_from": came_from}), ) self.register_url = "{0}/@@login#registration?{1}".format( context.absolute_url(), urlencode({"came_from": came_from}), ) self.tryout_url = "{0}/@@tryout?{1}".format( context.absolute_url(), urlencode({"came_from": came_from}), ) return self.index()
def _tryRegistration(self): if not self.webhelpers.allow_self_registration: raise Unauthorized("No self registration allowed.") form = self.request.form loginname = form.get("email") if not loginname: self.errors["email"] = _("error_missing_email", default="Please enter your email address") elif not EMAIL_RE.match(loginname): self.errors["email"] = _( "error_invalid_email", default="Please enter a valid email address") if not form.get("password1"): self.errors["password"] = _("error_missing_password", default="Please enter a password") elif form.get("password1") != form.get("password2"): self.errors["password"] = _("error_password_mismatch", default="Passwords do not match") else: policy_error = self.check_password_policy(form.get("password1")) if policy_error: self.errors["password"] = policy_error if not form.get("terms"): self.errors["terms"] = _( "error_terms_not_accepted", default= "An accout can only be created for you if you accept the " "terms and conditions.", ) if self.errors: return False # Check honeypot fields if form.get("user_name") or form.get("user_email"): return False session = Session() loginname = loginname.lower() account = (session.query(model.Account).filter( model.Account.loginname == loginname).count()) if account: self.errors["email"] = _( "error_email_in_use", default="An account with this email address already exists.", ) return False pm = getToolByName(self.context, "portal_membership") if pm.getMemberById(loginname) is not None: self.errors["email"] = _( "error_email_in_use", default="An account with this email address already exists.", ) return False account = get_current_account() if account and account.account_type == config.GUEST_ACCOUNT: account.loginname = loginname account.password = form.get("password1") account.account_type = config.CONVERTED_ACCOUNT account.created = datetime.datetime.now() account.tc_approved = 1 account.first_name = form.get("first_name") account.last_name = form.get("last_name") msg = _( "An account was created for you with email address ${email}", mapping={"email": loginname}, ) api.portal.show_message(msg, self.request, "success") else: account = model.Account( loginname=loginname, password=form.get("password1"), tc_approved=1, first_name=form.get("first_name"), last_name=form.get("last_name"), ) Session().add(account) log.info("Registered new account %s", loginname) v_url = urlsplit(self.request.URL + "/success").path.replace("@@", "") trigger_extra_pageview(self.request, v_url) return account