def get_user(key, mail): ''' Get the user with the the given mail, with the given key. ''' return DBSession.query(User).filter( and_(User.email == mail, User.key == key)).first()
def post_delete(self, *args, **kw): for id in args : permission = DBSession.query(Permission).filter(Permission.id == id).first() if permission.id == constants.permission_admin_name: flash('Cannot delete admin permission', 'error') redirect('/permissions') if permission.name == constants.permissions_read_name: flash('Cannot delete read permission', 'error') redirect('/permissions') return CrudRestController.post_delete(self, *args, **kw)
def post_delete(self, *args, **kw): for id in args : group = DBSession.query(Group).filter(Group.id == id).first() if group.id == constants.group_admins_id: flash('Cannot delete admin group', 'error') redirect('/groups') if group.name == constants.group_users_id: flash('Cannot delete users group', 'error') redirect('/groups') return CrudRestController.post_delete(self, *args, **kw)
def post_delete(self, *args, **kw): for id in args: group = DBSession.query(Group).filter(Group.id == id).first() if group.id == constants.group_admins_id: flash('Cannot delete admin group', 'error') redirect('/groups') if group.name == constants.group_users_id: flash('Cannot delete users group', 'error') redirect('/groups') return CrudRestController.post_delete(self, *args, **kw)
def post_delete(self, *args, **kw): for id in args: permission = DBSession.query(Permission).filter( Permission.id == id).first() if permission.id == constants.permission_admin_name: flash('Cannot delete admin permission', 'error') redirect('/permissions') if permission.name == constants.permissions_read_name: flash('Cannot delete read permission', 'error') redirect('/permissions') return CrudRestController.post_delete(self, *args, **kw)
def get_user_in_session(request): ''' Get the user that is performing the current request @param request: the web request @type request: a WebOb ''' if not 'repoze.who.identity' in request.environ : abort(401) identity = request.environ['repoze.who.identity'] email = identity['repoze.who.userid'] user = DBSession.query(User).filter(User.email == email).first() return user
def get_user_in_session(request): ''' Get the user that is performing the current request @param request: the web request @type request: a WebOb ''' if not 'repoze.who.identity' in request.environ: abort(401) identity = request.environ['repoze.who.identity'] email = identity['repoze.who.userid'] user = DBSession.query(User).filter(User.email == email).first() return user
def by_email_address(cls, email): """Return the user object whose email address is ``email``.""" return DBSession.query(cls).filter(cls.email == email).first()
def setdefaultkey(self): uid = str(uuid.uuid4()) while DBSession.query(User).filter(User.key == uid).first(): uid = str(uuid.uuid4()) return uid
def auth(self,came_from='/',**kw): ''' Fetch user back from tequila. Validate the key from tequila. Log user. ''' if not kw.has_key('key'): redirect(came_from) # take parameters key = kw.get('key') environ = request.environ authentication_plugins = environ['repoze.who.plugins'] identifier = authentication_plugins['ticket'] secret = identifier.secret cookiename = identifier.cookie_name remote_addr = environ['REMOTE_ADDR'] # get user principal = tequila.validate_key(key,'tequila.epfl.ch') if not principal : redirect('/login/go') # build user from tequila response tmp_user = self.build_user(principal) mail = tmp_user.email # log or create him user = DBSession.query(User).filter(User.email == tmp_user.email).first() if user is None: user_group = DBSession.query(Group).filter(Group.id == constants.group_users_id).first() user_group.users.append(tmp_user) DBSession.add(tmp_user) DBSession.flush() user = DBSession.query(User).filter(User.email == mail).first() flash( '''Your account has been created''') DBSession.flush() elif user.name == constants.tmp_user_name: user.name = tmp_user.name user._set_date(datetime.datetime.now()) user_group = DBSession.query(Group).filter(Group.id == constants.group_users_id).first() user_group.users.append(tmp_user) flash( '''Your account has been created''') DBSession.add(user) DBSession.flush() else : flash( 'Welcome back', 'notice') # user is logged now / look if he's an admin admins = tg.config.get('admin.mails') if admins is not None : group_admins = DBSession.query(Group).filter(Group.id == constants.group_admins_id).first() if user.email in admins: user not in group_admins.users and group_admins.users.append(user) else : user in group_admins.users and group_admins.users.remove(user) DBSession.flush() # create the authentication ticket user = DBSession.query(User).filter(User.email == mail).first() userdata=str(user.id) ticket = auth_tkt.AuthTicket( secret, user.email, remote_addr, tokens=token, user_data=userdata, time=None, cookie_name=cookiename, secure=True) val = ticket.cookie_value() # set it in the cookies response.set_cookie( cookiename, value=val, max_age=None, path='/', domain=None, secure=False, httponly=False, comment=None, expires=None, overwrite=False) redirect(came_from)
def get_user(key,mail): ''' Get the user with the the given mail, with the given key. ''' return DBSession.query(User).filter(and_(User.email == mail, User.key == key)).first()