def _transfer_to_user_amendement_on_import(request: Request, lecture: Lecture,
amendement: Amendement, item: dict,
team: Team) -> None:
email = User.normalize_email(item["affectation_email"])
if not User.email_is_well_formed(email):
logger.warning("Invalid email address %r", email)
return
user, created = get_one_or_create(User, email=email)
if created:
affectation_name = User.normalize_name(item["affectation_name"])
user.name = affectation_name if affectation_name != "" else email
user.teams.append(team)
user_table, _ = get_one_or_create(UserTable, user=user, lecture=lecture)
if amendement.location.user_table is user_table:
return
old = amendement.table_name_with_email
new = str(user)
amendement.location.user_table = user_table
amendement.location.shared_table = None
AmendementTransfere.create(amendement=amendement,
old_value=old,
new_value=new,
request=request)
def post(self) -> Any:
email = self.request.params.get("email")
if not email:
self.request.session["missing_email"] = True
return HTTPFound(location=self.request.route_url("user_login"))
email = User.normalize_email(email)
if not User.validate_email(email):
self.request.session["incorrect_email"] = True
return HTTPFound(location=self.request.route_url("user_login"))
user, created = get_one_or_create(User, email=email)
# Automatically add user without a team to the authenticated team
if not user.teams and self.request.team is not None:
user.teams.append(self.request.team)
if created:
DBSession.flush() # so that the DB assigns a value to user.pk
# Prevent from impersonating an existing member of another team
if self.request.team and self.request.team not in user.teams:
self.request.session["already_in_use"] = True
return HTTPFound(location=self.request.route_url("user_login"))
user.last_login_at = datetime.utcnow()
next_url = self.next_url
if not user.name:
next_url = self.request.route_url("welcome", _query={"source": next_url})
headers = remember(self.request, user.pk)
return HTTPFound(location=next_url, headers=headers)
def post(self) -> Any:
if self.ip_limiter.exceeded(self.request.remote_addr):
return HTTPTooManyRequests()
email = User.normalize_email(self.request.params.get("email"))
if self.email_limiter.exceeded(email):
return HTTPTooManyRequests()
# Will usually be prevented by the browser (required)
if not email:
return self.invalid_email(email=email, reason="missing_email")
# Will usually be prevented by the browser (type=email)
if not User.email_is_well_formed(email):
return self.invalid_email(email=email, reason="incorrect_email")
# Will NOT be prevented by the browser (pattern=... is clumsy)
if not User.email_is_allowed(email):
return self.invalid_email(email=email, reason="incorrect_domain")
token = self.create_auth_token(email)
self.send_auth_token_email(token=token, email=email)
self.log_successful_token_request(email)
return HTTPFound(
location=self.request.route_url("email_sent", _query={"email": email})
)
def transfer_amendement(
request: Request, lecture: Lecture, amendement: Amendement, item: dict
) -> None:
email = User.normalize_email(item["affectation_email"])
if not User.validate_email(email):
logging.warning("Invalid email address %r", email)
return
user, created = get_one_or_create(User, email=email)
if created:
affectation_name = User.normalize_name(item["affectation_name"])
user.name = affectation_name if affectation_name != "" else email
if lecture.owned_by_team:
user.teams.append(lecture.owned_by_team)
target_table = user.table_for(lecture)
old = str(amendement.user_table.user) if amendement.user_table else ""
new = str(target_table.user) if target_table else ""
if amendement.user_table is target_table:
return
amendement.user_table = target_table
AmendementTransfere.create(request, amendement, old, new)
def _clean_emails(self, emails: Iterable[str]) -> Tuple[List[str], List[str]]:
normalized_emails = (User.normalize_email(email) for email in emails)
bad_emails, clean_emails = partition(self._is_email_valid, normalized_emails)
return list(bad_emails), list(clean_emails)