def getGroups(includes=None):
if includes:
includeString = '?'
for r in includes:
includeString = includeString + str(r) + str('=True&')
return authAPI(endpoint='userGroup'+includeString, method='get', token=session['token'])
else:
return authAPI(endpoint='userGroup', method='get', token=session['token'])
def getCurrentTenant():
tok = session['token']
tenant = authAPI(endpoint='returnCurrentTenant', method='post', token=session['token'])
if 'success' in tenant:
tenant_uuid = tenant['success']
return authAPI(endpoint='tenant/'+unicode(tenant_uuid), method='get', token=session['token'])['tenant']
else:
return tenant
def getUser(id, includes=None):
if includes:
includeString = '?'
for r in includes:
includeString = includeString + str(r) + str('=True&')
return authAPI(endpoint='user/'+str(id)+includeString, method='get', token=session['token'])
else:
return authAPI(endpoint='user/'+str(id), method='get', token=session['token'])
def getUsers(includes=None):
if includes:
includeString = '?'
for r in includes:
includeString = includeString + unicode(r) + unicode('=True&')
return authAPI(endpoint='user'+includeString, method='get', token=session['token'])
else:
return authAPI(endpoint='user', method='get', token=session['token'])
def getGroup(uuid, includes=None):
if includes:
includeString = '?'
for r in includes:
includeString = includeString + unicode(r) + unicode('=True&')
return authAPI(endpoint='group/' + unicode(uuid) + includeString,
method='get',
token=session['token'])
else:
return authAPI(endpoint='group/' + unicode(uuid),
method='get',
token=session['token'])
def confirmEmailView(token):
session.clear()
req = authAPI('confirm', method='post', token=token)
if 'error' in req:
if req['error'] == 'User already confirmed':
if req['mustSetPass'] == 'True':
successMessage(
'Account confirmed, please set new password (the password your enter here will be your new password to the system)'
)
return redirect(
url_for('authBP.setPasswordView', tok=req['token']))
else:
errorMessage('Your profile has already been confirmed')
else:
errorMessage(req['error'])
elif 'success' in req:
if req['mustSetPass'] == 'True':
return redirect(url_for('authBP.setPasswordView',
tok=req['token']))
else:
successMessage('Your profile has already been confirmed')
return redirect(url_for('authBP.loginView'))
return redirect(url_for('indexView'))
def loginView():
if not 'token' in session:
kwargs = {'formWidth': 300, 'contentTitle': 'Login'}
form = loginForm()
if form.validate_on_submit():
regNo = form.regNo.data
email = form.email.data
password = form.password.data
dataDict = {'regNo': regNo, 'email': email, 'password': password}
req = authAPI('login', method='post', dataDict=dataDict)
if 'success' in req:
session['token'] = req['token']
session['email'] = req['email']
session['roles'] = req['roles']
successMessage('You are now logged in')
return redirect(url_for('indexView'))
else:
errorMessage('User / password combination error')
return render_template('auth/loginForm.html', form=form, **kwargs)
else:
errorMessage('You are already logged into the system')
return redirect(url_for('indexView'))
def confirmEmailView(token):
session.clear()
req = authAPI('confirm', method='post', token=token)
if 'error' in req:
if req['error'] == 'Could not identify access token':
errorMessage(req['error'])
elif req['error'] == 'Could not identify Platform':
errorMessage(req['error'])
elif req['error'] == 'User must set password':
errorMessage('Please set your password')
return redirect(url_for('authBP.setPasswordView',
tok=req['token']))
elif req['error'] == 'User already confirmed':
errorMessage('Your profile has already been confirmed')
return redirect(url_for('indexView'))
else:
errorMessage(req['error'])
elif 'success' in req:
if req['mustSetPass'] == 'True':
successMessage(
'Your profile has been confirmed, please set your new password'
)
return redirect(url_for('authBP.setPasswordView',
tok=req['token']))
else:
successMessage('Your profile has been confirmed, please login')
return redirect(url_for('authBP.loginView'))
return redirect(url_for('indexView'))
def loginView(lang='dk'):
if not 'token' in session:
g.lang = lang
kwargs = {'formWidth':300,
'contentTitle':messageText('newPassword'),
'breadcrumbs': breadCrumbs('authBP.loginView')}
form = loginForm()
if form.validate_on_submit():
regNo = form.regNo.data
email = form.email.data
password = form.password.data
dataDict = {'regNo':regNo,
'email':email,
'password':password}
req = authAPI('login', method='post', dataDict=dataDict)
if 'success' in req:
session['token'] = req['token']
session['email'] = req['email']
session['roles'] = req['roles']
flashMessage('loginSuccess')
return redirect(url_for('indexView', lang=lang))
else:
print req
flashMessage('loginError')
return render_template(lang+'/auth/loginForm.html', form=form, **kwargs)
else:
flashMessage('alreadyLoggedIn')
return redirect(url_for('indexView', lang=lang))
def postUser(dataDict):
req = authAPI(endpoint='user', method='post', dataDict=dataDict, token=session['token'])
print req
if 'success' in req:
return req
else:
if req['error'] == 'Could not identify access token':
return {'error':req['error']}
elif req['error'] == 'Could not identify Platform':
return {'error':req['error']}
elif req['error'] == 'You are not authorized to view this content':
return {'error':req['error']}
elif req['error'] == 'User already exist':
return {'error':req['error']}
elif req['error'] == 'Not valid email-address':
return {'error':req['error']}
elif req['error'] == 'Internal server error':
return {'error':req['error']}
elif req['error'] == 'Invalid access token':
return {'error':req['error']}
def confirmEmailView(token):
if 'token' in session:
errorMessage('Please log out before confirming a new account')
return redirect(url_for('indexBP.indexView'))
else:
req = authAPI('confirm', method='post', token=token)
if 'error' in req:
usrConf = userCrud.confirmUser(uuid=req['user_uuid'], tenant_uuid=req['tenant_uuid'])
if 'success' in usrConf:
if req['error'] == 'User must set password':
successMessage('Your profile has been confirmed, please set your new password')
return redirect(url_for('authBP.setPasswordView', tok=req['token']))
else:
errorMessage(req['error'])
else:
errorMessage(req['error'])
elif 'success' in req:
usrConf = userCrud.confirmUser(uuid=req['user_uuid'], tenant_uuid=req['tenant_uuid'])
if 'success' in usrConf:
successMessage('Your profile has been confirmed, please login')
return redirect(url_for('authBP.loginView'))
else:
errorMessage(userConf['error'])
return redirect(url_for('indexBP.indexView'))
return redirect(url_for('indexBP.indexView'))
def registerView():
if not 'token' in session:
# universal variables
form = registerForm()
kwargs = {'formWidth': 400}
if form.validate_on_submit():
dataDict = {
'regNo': form.regNo.data,
'companyName': form.companyName.data,
'userName': form.userName.data,
'email': form.email.data,
'password': form.password.data
}
req = authAPI('register', method='post', dataDict=dataDict)
if 'error' in req:
if req['error'] == 'Could not identify Platform':
errorMessage(req['error'])
elif req['error'] == 'Request data incomplete':
errorMessage(req['error'])
elif req['error'] == 'Reg/VAT number already exist':
errorMessage(
'An account using this Reg/VAT number already exist')
elif req['error'] == 'Invalid email-address':
errorMessage(req['error'])
elif req[
'error'] == 'Illegal null values present in request data':
errorMessage(req['error'])
elif req['error'] == 'Internal server error':
errorMessage(req['error'])
elif 'success' in req:
# send email confirmation
subject = u'Please confirm your account'
tok = req['token']
email = req['email']
confirm_url = url_for('authBP.confirmEmailView',
token=tok,
_external=True)
html = render_template('email/verify.html',
confirm_url=confirm_url)
sendMail(subject=subject,
sender='Henrik Poulsen',
recipients=[email],
html_body=html,
text_body=None)
successMessage(
'You have successfully registered your account, please check your email for confirmation.'
)
return redirect(url_for('indexView'))
return render_template('auth/registerForm.html', form=form, **kwargs)
else:
errorMessage('alreadyRegistered')
return redirect(url_for('indexView'))
def decorated_function(*args, **kwargs):
if not 'token' in session:
return redirect(url_for('authBP.loginView'))
req = authAPI(endpoint='checkPassword',
method='post',
token=session['token'])
if 'error' in req:
return redirect(url_for('authBP.loginView'))
return f(*args, **kwargs)
def putGroup(data, uuid):
try:
dataDict = {
'name': data['title'],
'desc': data['desc'],
'users': data['users']
}
req = authAPI(endpoint='group/' + unicode(uuid),
method='put',
dataDict=dataDict,
token=session['token'])
if 'error' in req:
return {'error': req['error']}
else:
grp = getGroup(uuid)
changes = compareDict(row=grp, data=data)['modified']
try:
currentUsers = [r.uuid for r in grp.users]
except:
currentUsers = []
try:
newUsers = [
user.query.filter_by(uuid=unicode(r)).first().uuid
for r in data['users']
]
except:
newUsers = []
if currentUsers != newUsers:
changes['users'] = (currentUsers, newUsers)
grp.title = data['title']
grp.desc = data['desc']
grp.users = [
user.query.filter_by(uuid=unicode(r)).first()
for r in data['users']
]
grp.modified = datetime.now()
grp.modifiedBy = session['user_uuid']
try:
db.session.commit()
putLog(table='group', uuid=unicode(uuid), changes=changes)
return {'success': 'Group has been modified'}
except Exception as E:
if 'unique constraint' in unicode(E):
errorLog('Unique constraint', table='group')
return {'error': 'Group already exist'}
else:
errorLog(unicode(E), table='group')
return {'error': unicode(E)}
except Exception as E:
return {'error': unicode(E)}
def profileView():
user = authAPI(endpoint='user/' + session['user_uuid'] +
'?includeRoles=True&includeGroups=True',
method='get',
token=session['token'])
if 'user' in user:
return render_template('user/profile.html', user=user['user'])
else:
errorMessage('Your user profile is not found')
return redirect(url_for('indexBP.indexView'))
def setPasswordView(tok=None):
form = setPasswordForm()
if form.validate_on_submit():
dataDict={'password':form.password.data}
req = authAPI('setPassword', method='post', dataDict=dataDict, token=tok)
if 'error' in req:
errorMessage(req['error'])
elif 'success' in req:
successMessage('Your password has now been set, please login')
return redirect(url_for('authBP.loginView'))
return render_template('auth/setPassword.html', form=form)
def registerView():
form = registerForm()
if 'token' in session:
errorMessage('Please log out before registering a new account')
return redirect(url_for('indexBP.indexView'))
if form.validate_on_submit():
dataDict = {'regNo' : form.regNo.data,
'companyName' : form.companyName.data,
'userName' : form.userName.data,
'email' : form.email.data,
'password' : form.password.data}
req = authAPI('register', method='post', dataDict=dataDict)
if 'error' in req:
errorMessage(req['error'])
elif 'success' in req:
data = {'uuid':req['user_uuid'],
'name':form.userName.data,
'email':form.email.data,
'phone':'',
'role':'Administrator',
'contact':True,
'initials':'',
'tenant_uuid':req['tenant_uuid'],
'groups':[]}
usr = userCrud.postUser(data=data)
if 'error' in usr:
errorMessage(usr['error'])
else:
# send email confirmation
subject = u'Please confirm your account'
tok = req['token']
email = req['email']
confirm_url = url_for('authBP.confirmEmailView',token=tok, _external=True)
html = render_template('email/verify.html', confirm_url=confirm_url)
sendMail(subject=subject,
sender=os.environ['mailSender'],
recipients=[email],
html_body=html,
text_body = None)
successMessage('You have successfully registered your account, please check your email for confirmation.')
return redirect(url_for('indexBP.indexView'))
return render_template('auth/register.html', form=form)
def confirmEmailView(token, lang='dk'):
g.lang = lang
req = authAPI('confirm', method='post', token=token)
if 'error' in req:
if req['error'] == 'User already confirmed':
flashMessage('alreadyConfirmed')
elif 'success' in req:
if req['mustSetPass'] == 'True':
return redirect(url_for('authBP.setPasswordView', lang=lang, token=req['token']))
else:
session['token'] = req['token']
flashMessage('profileConfirmed')
return redirect(url_for('indexView', lang=lang))
def putUser(data, uuid):
usr = getUser(uuid)
changes = compareDict(row=row, data=data)['modified']
try:
currentGroups = [r.uuid for r in usr.groups]
except:
currentGroups = []
try:
newGroups = [group.query.filter_by(uuid=unicode(r)).first().uuid for r in data['groups']]
except:
newGroups = []
if currentGroups != newGroups:
changes['groups'] = (currentGroups,newGroups)
usr.groups = [group.query.filter_by(uuid=unicode(r)).first() for r in data['groups']]
usr.initials = data['initials']
usr.name = data['name']
usr.email = data['email']
usr.phone = data['phone']
usr.role = data['role']
usr.modified = datetime.now()
usr.modifiedBy = session['user_uuid']
dataDict = {'name': data['name'],
'email': data['email'],
'phone': data['phone'],
'groups': data['groups'],
'roles': [data['role']]}
try:
db.session.add(usr)
db.session.commit()
req = authAPI(endpoint='user/'+unicode(uuid), method='put', dataDict=dataDict, token=session['token'])
if not 'error' in req:
putLog(table='user', uuid=unicode(uuid), changes=changes)
return {'success':'User has been modified'}
else:
errorLog(req['error'], table='user')
return {'error':req['error']}
except Exception as E:
if 'unique constraint' in unicode(E):
errorLog('Unique constraint', table='user')
return {'error': 'User already exist'}
else:
errorLog(unicode(E), table='user')
return {'error': unicode(E)}
def decorated_function(*args, **kwargs):
if not 'token' in session:
errorMessage(
'You are required to log into your account to view this content'
)
return redirect(url_for('authBP.loginView'))
req = authAPI(endpoint='checkPassword',
method='post',
token=session['token'])
if 'error' in req:
errorMessage(
'You are required to log into your account to view this content'
)
return redirect(url_for('authBP.loginView'))
return f(*args, **kwargs)
def changePasswordView():
kwargs = {'formWidth': 300, 'contentTitle': 'Change password'}
form = changePasswordForm()
if form.validate_on_submit():
dataDict = {'password': form.password.data}
req = authAPI(endpoint='changePassword',
method='put',
dataDict=dataDict,
token=session['token'])
apiMessage(req)
return render_template('user/changePasswordForm.html', form=form, **kwargs)
def registerView(lang='dk'):
if not 'token' in session:
# universal variables
form = registerForm()
kwargs = {'formWidth':400,
'breadcrumbs': breadCrumbs('authBP.registerView')}
if g.sijax.is_sijax_request:
g.sijax.register_callback('validate', validateCVR)
return g.sijax.process_request()
if form.validate_on_submit():
dataDict = {'regNo' : form.regNo.data,
'companyName' : form.companyName.data,
'userName' : form.userName.data,
'email' : form.email.data,
'password' : form.password.data}
req = authAPI('register', method='post', dataDict=dataDict)
if r.status_code == 409:
flashmessage('accountExists')
elif r.status_code == 404:
flashmessage('cvrCheckError')
elif 'error' in req:
if req['error'] == 'Not valid email-address':
flashMessage('validateEmail')
elif 'success' in req:
# send email confirmation
subject = u'Bekræft tilmelding'
tok = req['token']
email = req['email']
confirm_url = url_for('authBP.confirmEmailView',token=tok, _external=True, lang=lang)
html = render_template(lang+'/email/verify.html', confirm_url=confirm_url)
#
sendMail(subject=subject,
sender='Henrik Poulsen',
recipients=[email],
html_body=html,
text_body = None)
flashMessage('loginSuccess')
return redirect(url_for('indexView', lang=lang))
return render_template(lang+'/auth/registerForm.html', form=form, **kwargs)
else:
flashMessage('alreadyRegistered')
return redirect(url_for('indexView', lang=lang))
def setPasswordView(lang='dk', tok=None):
g.lang = lang
kwargs = {'formWidth':300,
'contentTitle':str(tok),
'title':messageText('setPasswordTitle'),
'breadcrumbs': breadCrumbs('authBP.setPasswordView')}
form = setPasswordForm()
if form.validate_on_submit():
req = authAPI('setPassword', method='post', dataDict=dataDict, token=session['token'])
if r.status_code == 404:
flashMessage('userDoesNotExist')
elif 'success' in req:
flashMessage('passwordSet')
return render_template(lang+'/auth/setPasswordForm.html', form=form, **kwargs)
def deleteUser(uuid):
try:
usr = getUser(uuid)
req = authAPI(endpoint='user/'+unicode(uuid), method='delete', token=session['token'])
if 'success' in req:
try:
db.session.delete(usr)
db.session.commit()
deleteLog(table='user', uuid=unicode(uuid))
return {'success': 'User has been activated'}
except Exception as E:
errorLog(unicode(E), table='user')
return {'error':unicode(E)}
else:
errorLog(req['error'], table='user')
return {'error':req['error']}
except Exception as E:
errorLog(unicode(E), table='user')
return {'error':unicode(E)}
def unlockUser(uuid):
try:
usr = getUser(uuid)
req = authAPI(endpoint='unlockUser/'+unicode(uuid), method='put', token=session['token'])
if 'success' in req:
try:
usr.locked = False
db.session.commit()
logEntry('User unlocked: {}'.format(usr.uuid), table='user')
return {'success': 'User can now use the system again'}
except Exception as E:
errorLog(unicode(E), table='user')
return {'error':unicode(E)}
else:
errorLog(req['error'], table='user')
return {'error': req['error']}
except Exception as E:
errorLog(unicode(E), table='user')
return {'error':unicode(E)}
def logoutView():
logout = authAPI(endpoint='logout', method='post', token=session['token'])
if ['error'] in logout:
if req['error'] == 'Could not identify access token':
errorMessage(req['error'])
elif req['error'] == 'Could not identify Platform':
errorMessage(req['error'])
elif req['error'] == 'Internal server error':
errorMessage(req['error'])
elif req['error'] == 'Invalid access token':
errorMessage(req['error'])
else:
session.clear()
successMessage('You are now logged out of the system')
return redirect(url_for('indexView'))
def deleteGroup(uuid):
try:
req = authAPI(endpoint='group/' + unicode(uuid),
method='delete',
token=session['token'])
if 'error' in req:
return {'error': req['error']}
else:
try:
grp = getGroup(uuid)
db.session.delete(grp)
db.session.commit()
deleteLog(table='group', uuid=unicode(uuid))
return {'success': 'Group has been deleted'}
except Exception as E:
errorLog(unicode(E), table='group')
return {'error': unicode(E)}
except Exception as E:
errorLog(unicode(E), table='group')
return {'error': unicode(E)}
def postGroup(data):
try:
dataDict = {
'name': data['title'],
'desc': data['desc'],
'users': data['users']
}
req = authAPI(endpoint='group',
method='post',
dataDict=dataDict,
token=session['token'])
if 'error' in req:
return {'error': req['error']}
else:
try:
grp = group(uuid=req['uuid'],
title=data['title'],
desc=data['desc'],
users=[
user.query.filter_by(uuid=unicode(r)).first()
for r in data['users']
],
tenant_uuid=session['tenant_uuid'],
created=datetime.now(),
createdBy=session['user_uuid'])
db.session.add(grp)
db.session.commit()
postLog(table='group', uuid=unicode(grp.uuid))
return {'success': 'Group has been added'}
except Exception as E:
if 'unique constraint' in unicode(E):
errorLog('Unique constraint', table='group')
return {'error': 'Group already exist'}
else:
errorLog(unicode(E), table='group')
return {'error': unicode(E)}
except Exception as E:
return {'error': unicode(E)}
def changePasswordView(lang='dk'):
g.lang = lang
kwargs = {
'formWidth': 300,
'contentTitle': messageText('changePassword'),
'breadcrumbs': breadCrumbs('userBP.changePasswordView')
}
form = changePasswordForm()
if form.validate_on_submit():
dataDict = {'password': form.password.data}
req = authAPI(endpoint='changePassword',
method='put',
dataDict=dataDict,
token=session['token'])
flashMessage('passwordChanged')
return render_template(lang + '/user/changePasswordForm.html',
form=form,
**kwargs)
def setPasswordView(tok):
session.clear()
kwargs = {'formWidth': 300, 'title': 'Set new password'}
form = setPasswordForm()
if form.validate_on_submit():
dataDict = {'password': form.password.data}
req = authAPI('setPassword',
method='post',
dataDict=dataDict,
token=tok)
print str(req)
if 'error' in req:
errorMessage(req['error'])
elif 'success' in req:
successMessage('Your password has now been set, please login')
return redirect(url_for('authBP.loginView'))
return render_template('auth/setPasswordForm.html', form=form, **kwargs)
