def isValidName(request, name): """ Validate user name @param name: user name, unicode """ normalized = normalizeName(name) return (name == normalized) and not wikiutil.isGroupPage(request, name)
def isValidName(request, name): """ Validate user name @param name: user name, unicode """ normalized = normalizeName(name) return (name == normalized) and not wikiutil.isGroupPage(name, request.cfg)
def execute(pagename, request): request.content_type = "application/json" if request.environ['REQUEST_METHOD'] == "GET": groups = {} for group in request.groups: if request.user.may.read(group): members = request.groups[group].members grps = request.groups[group].member_groups groups[group] = dict(members=members, groups=grps) json.dump(groups, request, cls=SetEncoder) return elif request.environ['REQUEST_METHOD'] == 'POST': try: indata = request.read() if not indata: raise ValueError("No data") indata = json.loads(indata) for row in indata: op = row.get('op', None) group = row.get('group', None) name = row.get('name', None) if op == "rename": group_rename(request, group, [name, row.get('to')]) elif op == "del": group_del(request, group, [name]) elif op == "add": if isGroupPage(name, request.cfg): group_add(request, group, [name], row.get('create', False), False) else: group_add(request, group, [name], row.get('create', False)) elif op == "invite": invite_user_to_wiki(request, group, name) else: raise ValueError("Bad operation") except (GroupException, ValueError) as e: request.status_code = 400 request.write(e.message) except NotImplementedError as e: request.status_code = 501 request.write(e.message) except Exception as e: request.status_code = 500 request.write(e.message) else: #405 Method Not Allowed request.status_code = 405 return
def isValidName(request, name): """ Validate user name @param name: user name, unicode """ normalized = normalizeName(name) name = name.replace('_', ' ') # we treat _ as a blank return (name == normalized) and not wikiutil.isGroupPage(request, name)
def do_action(self): form = values_to_form(self.request.values) template = form.get('template', [''])[0] template = wikiutil.clean_input(template).strip().split(',') new_template = old_template = None if len(template) > 0: new_template = template[0] if len(template) > 1: old_template = template[1] email = form.get('email', [u''])[0] email = wikiutil.clean_input(email).strip() if len(email) == 0: return False, "Please specify an email address." pagename = self.pagename try: if wikiutil.isGroupPage(pagename, self.request.cfg): myuser = invite_user_to_wiki(self.request, pagename, email, new_template, old_template) mygrouppage = pagename else: myuser = invite_user_to_page(self.request, pagename, email, new_template, old_template) mygrouppage = getattr(self.request.cfg, GROUP_DEFAULT_VARIABLE, GROUP_DEFAULT_DEFAULT) if mygrouppage: mycomment = "invited {0}.".format(myuser.email) try: add_user_to_group(self.request, myuser, mygrouppage, comment=mycomment) except GroupException, ge: tmp = "User invitation mail sent to address '%s', but could not add the user to group '%s': %s" if myuser.email != email: tmp += " Please note that the email address was converted to lowercase!" return True, wikiutil.escape( tmp % (email, mygrouppage, unicode(ge))) tmp = "User invitation mail sent to address '%s' and the user was added to group '%s'." if myuser.email != email: tmp += " Please note that the email address was converted to lowercase!" return True, wikiutil.escape(tmp % (email, mygrouppage)) except InviteException, ie: return False, wikiutil.escape(unicode(ie).encode(config.charset))
def testNormalizeGroupName(self): """ request: normalize pagename: restrict groups to alpha numeric Unicode Spaces should normalize after invalid chars removed! """ cases = ( # current acl chars (u'Name,:Group', u'NameGroup'), # remove than normalize spaces (u'Name ! @ # $ % ^ & * ( ) + Group', u'Name Group'), ) for test, expected in cases: # validate we are testing valid group names if wikiutil.isGroupPage(test, self.request.cfg): result = wikiutil.normalize_pagename(test, self.request.cfg) assert result == expected
def check_grouppage(request, grouppage, writecheck=True, createcheck=True): _ = request.getText grouppage = normalize_pagename(grouppage, request.cfg) if not isGroupPage(grouppage, request.cfg): return False, _("Invalid group name.") if writecheck: if not request.user.may.write(grouppage): return False, _("You are not allowed to edit this page.") if createcheck: try: if not isinstance(request.groups[grouppage], WikiGroup): return False, _("Invalid group.") except GroupDoesNotExistError: return False, _("Invalid group.") return True, ''
def check_grouppage(request, grouppage, writecheck=True, createcheck=True): _ = request.getText grouppage = normalize_pagename(grouppage, request.cfg) if not isGroupPage(grouppage, request.cfg): return False, _("Invalid group name.") if writecheck: if not request.user.may.write(grouppage): return False, _("You are not allowed to edit this page.") if createcheck: try: if not isinstance(request.groups[grouppage], WikiGroup): return False, _("Invalid group.") except GroupDoesNotExistError: return False, _("Invalid group.") return True, ''
def do_action(self): form = values_to_form(self.request.values) template = form.get('template', [''])[0] template = wikiutil.clean_input(template).strip().split(',') new_template = old_template = None if len(template) > 0: new_template = template[0] if len(template) > 1: old_template = template[1] email = form.get('email', [u''])[0] email = wikiutil.clean_input(email).strip() if len(email) == 0: return False, "Please specify an email address." pagename = self.pagename try: if wikiutil.isGroupPage(pagename, self.request.cfg): myuser = invite_user_to_wiki(self.request, pagename, email, new_template, old_template) mygrouppage = pagename else: myuser = invite_user_to_page(self.request, pagename, email, new_template, old_template) mygrouppage = getattr(self.request.cfg, GROUP_DEFAULT_VARIABLE, GROUP_DEFAULT_DEFAULT) if mygrouppage: mycomment = "invited {0}.".format(myuser.email) try: add_user_to_group(self.request, myuser, mygrouppage, comment=mycomment) except GroupException, ge: tmp = "User invitation mail sent to address '%s', but could not add the user to group '%s': %s" if myuser.email != email: tmp += " Please note that the email address was converted to lowercase!" return True, wikiutil.escape(tmp % (email, mygrouppage, unicode(ge))) tmp = "User invitation mail sent to address '%s' and the user was added to group '%s'." if myuser.email != email: tmp += " Please note that the email address was converted to lowercase!" return True, wikiutil.escape(tmp % (email, mygrouppage)) except InviteException, ie: return False, wikiutil.escape(unicode(ie).encode(config.charset))