def register(self): if not Validate.bool(self.settings('allow_local_registration','false')): return HTTPFound(location=route_url('menu', self.request)) self.response['email'] = '' if 'form.submitted' in self.request.params: self.response['email'] = Validate.sanatize(self.request.params['email']) password = Validate.sanatize(self.request.params['password']) repassword = Validate.sanatize(self.request.params['re.password']) if Users.by({'email':self.response['email']}).first(): self.response['message'] = "Email already in use" return self.template('register.pt') if not Validate.email(self.response['email']): self.response['message'] = "Not a valid email address" return self.template('register.pt') if not Validate.password(password): self.response['message'] = "Improper password." return self.template('register.pt') if repassword != password: self.response['message'] = "Passwords do not match." return self.template('register.pt') # Below is good Users.registerLocalUser(self.response['email'], password) return HTTPFound(location=route_url('login', self.request)) return self.template('register.pt')
def register(self): if not Validate.bool(self.settings("allow_local_registration", "false")): return HTTPFound(location=route_url("menu", self.request)) self.response["email"] = "" if "form.submitted" in self.request.params: self.response["email"] = Validate.sanatize(self.request.params["email"]) password = Validate.sanatize(self.request.params["password"]) repassword = Validate.sanatize(self.request.params["re.password"]) if Users.by({"email": self.response["email"]}).first(): self.notify("Email already in use!", warn=True) return self.template("register.pt") if not Validate.email(self.response["email"]): self.notify("Not a valid email address!", warn=True) return self.template("register.pt") if not Validate.password(password): self.notify("Improper password!", warn=True) return self.template("register.pt") if repassword != password: self.notify("Passwords do not match!", warn=True) return self.template("register.pt") # Below is good Users.registerLocalUser(self.response["email"], password) return HTTPFound(location=route_url("login", self.request)) return self.template("register.pt")
def change_password(self): user = Users.by(self.request.user.id).first() if not user.is_local: return HTTPForbidden() if 'form.submitted' in self.request.params: old = Validate.sanatize(self.request.params['old_password']) new = Validate.sanatize(self.request.params['new_password']) recheck = Validate.sanatize(self.request.params['new_recheck_password']) if not Validate.password(new): self.response['message'] = "Improper new password." return self.template('change_password.pt') if recheck != new: self.response['message'] = "New passwords do not match." return self.template('change_password.pt') if user.validate_password(old): user._set_password(new) transaction.commit() return self.template('change_password.pt')
def change_password(self): user = Users.by(self.request.user.id).first() if not user.is_local: return HTTPForbidden() if "form.submitted" in self.request.params: old = Validate.sanatize(self.request.params["old_password"]) new = Validate.sanatize(self.request.params["new_password"]) recheck = Validate.sanatize(self.request.params["new_recheck_password"]) if not Validate.password(new): self.notify("Improper new password!", warn=True) return self.template("change_password.pt") if recheck != new: self.notify("New passwords do not match!", warn=True) return self.template("change_password.pt") if user.validate_password(old): user._set_password(new) transaction.commit() return self.template("change_password.pt")
def _transaction(self, question_set, fields): for key,v in fields.iteritems(): if Validate.sanatize(v) != '': parts = key.split('_') if parts[0] == 'answerhelp': question_set.answer_help = v if parts[0] == 'correctanswer' and not key.endswith('_index'): if parts[1] == 'old': a = Answers.by(parts[2]).first() a.answer = v a.position=fields[key + '_index'] else: a = Answers(question_sets_id=question_set.id, answer=v, is_correct=True, position=fields[key + '_index']) DBSession.add(a) if parts[0] == 'wronganswer' and not key.endswith('_index'): if parts[1] == 'old': a = Answers.by(parts[2]).first() a.answer = v a.position = fields[key + '_index'] else: a = Answers(question_sets_id=question_set.id, answer=v, is_correct=False, position=fields[key + '_index']) DBSession.add(a) if parts[0] == 'question': if parts[1] == 'old': a = Questions.by(parts[2]).first() a.question = v else: a = Questions(question=v, question_sets_id=question_set.id) DBSession.add(a) DBSession.flush() transaction.commit()
def alias(self): if self.request.user.alias: return self.reroute() self.response['alias'] = '' self.response['accessibility'] = False if 'form.submitted' in self.request.params: self.response['alias'] = Validate.sanatize(self.request.params['alias']) self.response['accessibility'] = Validate.bool(self.request.params.get('accessibility', False)) user = Users.by({'alias':self.response['alias']}).first() if user: self.response['message'] = 'Alias is already taken' elif not Validate.alias(self.response['alias']): self.response['message'] = 'Improper Alias' else: user = Users.by(self.request.user.id).first() user.alias = self.response['alias'] user.needs_accessibility = self.response['accessibility'] transaction.commit() return self.reroute() return self.template('alias.pt')
def alias(self): if self.request.user.alias: return self.reroute() self.response['alias'] = '' self.response['category'] = self.request.params.get('category','0') self.response['accessibility'] = False if 'form.submitted' in self.request.params: self.response['alias'] = Validate.sanatize(self.request.params['alias']) self.response['accessibility'] = Validate.bool(self.request.params.get('accessibility', False)) user = Users.by({'alias':self.response['alias']}).first() if user: self.notify('Alias already in use!',warn=True) elif not Validate.alias(self.response['alias']): self.notify('Improper alias!',warn=True) else: user = Users.by(self.request.user.id).first() user.alias = self.response['alias'] user.needs_accessibility = self.response['accessibility'] transaction.commit() return self.reroute() return self.template('alias.pt')
def edit_category(self): category_id = self.request.matchdict['category'] self.response['category_id'] = category_id self.response['version'] = Addons.get_version('QuizSmith Core') self.response['d2l_on'] = Validate.bool(self.settings('d2l_on')) if 'form.submit' in self.request.params or 'form.submit.questions' in self.request.params: active = None if category_id == 'add': active = Categories(name='New Category') editors = [] for group in self.request.user.get_groups(): editors.append(str(group.id)) reviewers = [] for group in self.request.user.get_groups(): reviewers.append(str(group.id)) active.set_groups([], editors, reviewers) DBSession.add(active) DBSession.flush() category_id = str(active.id) else: active = Categories.by(category_id, sort='position asc', user=self.request.user, permission=ACL.EDIT).first() active.name = self.request.params.get('category.name','') active.category_intro = self.request.params.get('category.intro','') active.playable_questions = self.request.params.get('category.playable_questions',10) active.wrong_answer_time_penalty = self.request.params.get('category.wrong_answer_time_penalty',5) active.max_wrong_answer_allowed = self.request.params.get('category.max_wrong_answer_allowed',2) active.question_time_allowed = self.request.params.get('category.question_time_allowed',30) active.transition_in = self.request.params.get('category.transition_in','Random') active.transition_out = self.request.params.get('category.transition_out','Random') active.d2l_folder = self.request.params.get('category.d2l_folder','') assesment_data = [] for key,v in self.request.params.iteritems(): if Validate.sanatize(v) != '': if key.startswith('assessment'): field_data = key.split('.') row = {} if not any(a['id'] == field_data[-1] for a in assesment_data): assesment_data.append(row) else: row = filter(lambda x: x['id'] == field_data[-1], assesment_data)[0] row['id'] = field_data[-1] if v.isdigit(): row[field_data[1]] = int(v) else: row[field_data[1]] = v active.set_assessments(assesment_data) editors = [] if self.request.params.getall('category.editable'): editors = self.request.params.getall('category.editable') else: for g in active.groups: if g.edit: editors.append(str(g.groups_id)) reviewers = [] if self.request.params.getall('category.reviewable'): reviewers = self.request.params.getall('category.reviewable') else: for g in active.groups: if g.edit: editors.append(str(g.groups_id)) active.set_groups(self.request.params.getall('category.playable'), editors, reviewers) DBSession.flush() transaction.commit() if 'form.submit.questions' in self.request.params: return HTTPFound(location=self.request.application_url + '/edit/category/' + category_id + '/questions') return HTTPFound(location=self.request.application_url + '/edit/category/' + category_id) elif category_id == 'add': self.response['active_category'] = Categories(name='New Category') else: self.response['active_category'] = Categories.by(category_id, sort='position asc', user=self.request.user, permission=ACL.EDIT, strict=True).first() self.response['transitions_in'] = self.response['active_category'].transition_in self.response['transitions_out'] = self.response['active_category'].transition_out self.response['transitions'] = Transitions.all() self.response['all_edit_groups'] = Groups.by({'edit':True}).all() self.response['all_play_groups'] = Groups.by({'play':True}).all() self.response['all_review_groups'] = Groups.by({'review':True}).all() self.response['play_groups'] = [] self.response['edit_groups'] = [] self.response['review_groups'] = [] if self.response['active_category'].groups: for categorygroup in self.response['active_category'].groups: group = Groups.by(categorygroup.groups_id).first() if categorygroup.edit: self.response['edit_groups'].append(group.name) if categorygroup.play: self.response['play_groups'].append(group.name) if categorygroup.review: self.response['review_groups'].append(group.name) return self.template('/edit-category.pt', theme='AdminPanel')