예제 #1
0
def restpass(request):
    title = "Reset password"
    submitted_hmac = request.matchdict.get('hmac')
    user_id = request.matchdict.get('user_id')
    form = Form(request, schema=ResetPasswordForm)
    if 'form_submitted' in request.POST and form.validate():
        user = Users.get_by_id(user_id)
        current_time = time.time()
        time_key = int(base64.b64decode(submitted_hmac[10:]))
        if current_time < time_key:
            hmac_key = hmac.new(
                '%s:%s:%d' % (str(user.id), 'r5$55g35%4#$:l3#24&', time_key),
                user.email).hexdigest()[0:10]
            if hmac_key == submitted_hmac[0:10]:
                #Fix me reset email, no such attribute email
                user.password = form.data['password']
                DBSession.merge(user)
                DBSession.flush()
                request.session.flash(
                    'success; Password Changed. Please log in')
                return HTTPFound(location=request.route_url('login'))
            else:
                request.session.flash(
                    'warning; Invalid request, please try again')
                return HTTPFound(location=request.route_url('forgot_password'))
    action_url = request.route_url("reset_password",
                                   user_id=user_id,
                                   hmac=submitted_hmac)
    return {
        'title': title,
        'form': FormRenderer(form),
        'action_url': action_url
    }
예제 #2
0
def promo_sub(request):
    id = request.matchdict['id']
    user = Users.get_by_id(id)
    if not user:
        return HTTPNotFound()
    form = Form(request, schema=PromoSubSchema)
    if 'submit' in request.POST and form.validate():
        plan_id = form.data['plan']
        plan = DBSession.query(Plans).get(plan_id)
        if plan:
            subscription = Subscription(user=user,
                                        plan=plan,
                                        amount=0,
                                        no_of_months=1,
                                        discount="100%",
                                        status="Active",
                                        start_date=datetime.today(),
                                        end_date=datetime.today() +
                                        timedelta(days=30))
            DBSession.add(subscription)
            DBSession.flush()
            if request.is_xhr:
                html = """<div class="alert alert-success alert-dismissable col-xs-12">
                            <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
                            User subscription
                            </div>"""
                return Response(html)
            request.session.flash('success; User subscribed')
            return HTTPFound(
                location=request.route_url('profile', prefix=user.prefix))
        if request.is_xhr:
            html = """<div class="alert alert-danger alert-dismissable col-xs-12">
                        <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
                        An error occured, user Not subscribed
                        </div>"""
            return Response(html)
        request.session.flash('danger; An error occured, user subscribed %s' %
                              form.all_errors())
        return HTTPFound(
            location=request.route_url('profile', prefix=user.prefix))
    if request.is_xhr:
        html = """<div class="alert alert-danger alert-dismissable col-xs-12">
                    <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
                    An error occured, user Not subscribed
                    </div>"""
        return Response(html)
    request.session.flash('danger; An error occured, user subscribed %s' %
                          form.all_errors())
    return HTTPFound(location=request.route_url('profile', prefix=user.prefix))
예제 #3
0
def make_admin(request):
    id = request.matchdict['id']
    user = Users.get_by_id(id)
    pos = request.matchdict['pos']
    group = DBSession.query(Groups).filter(Groups.name == pos).first()
    if user and group:
        try:
            user.mygroups.append(group)
            request.session.flash('success; %s added to group %s' %
                                  (user.fullname, group.name))
        except:
            request.session.flash('danger; request not completed')
        return HTTPFound(location=request.route_url('search_user_list'))
    request.session.flash('danger; Not successfull')
    return HTTPFound(location=request.route_url('user_list'))
예제 #4
0
    def make_premium(self):
        for r in self.request.params:
            opts = r
        params = json.loads(opts)

        id = params['id']
        user_id = params['user_id']
        user = Users.get_by_id(user_id)
        positive = params['positive']
        listing = Listings.get_by_id(id)

        if listing:
            if int(positive) == 1:
                #we already have it as premium, remove
                premium = DBSession.query(Featured_Content).filter(
                    Featured_Content.name == 'Premium').first()
                premium.featured_properties.remove(listing)
                DBSession.flush()
                return dict(isOk=1, message="listing removed from premium")
            else:
                active_sub = user.active_subscription
                if not active_sub:
                    return dict(
                        isOk=0,
                        message="Upgrade your account to feature this listing")
                premium = DBSession.query(Featured_Content).filter(
                    Featured_Content.name == 'Premium').first()
                if premium.featured_properties:
                    user_total_premium = 0
                    for item in premium.featured_properties:
                        if item.user == user:
                            user_total_premium += 1
                    if user_total_premium < active_sub[
                            0].plan.max_premium_listings:
                        premium.featured_properties.append(listing)
                        DBSession.flush()
                        return dict(isOk=1,
                                    message="listing given a premium identity")
                    return dict(
                        isOk=0,
                        message=
                        "You have exceeded your allocation. Upgrade for more")
                premium.featured_properties.append(listing)
                DBSession.flush()
                return dict(isOk=1, message="listing given a premium identity")

        return dict(isOk=0, message="No such listing")
예제 #5
0
 def inbox(self):
     id = self.request.matchdict['id']
     user = Users.get_by_id(id)
     if not user:
         self.session.flash('info; No such user')
         return HTTPFound(location=self.request.route_url('home'))
     messages = DBSession.query(Messages).filter(
         Messages.user_id == user.id).order_by(
             Messages.created.desc()).all()
     page_url = PageURL_WebOb(self.request)
     paginator = Page(messages,
                      page=int(self.request.params.get("page", 1)),
                      url=page_url)
     for message in messages:
         message.is_seen = True
     DBSession.flush()
     return dict(user=user, paginator=paginator, mess='mess')
예제 #6
0
def deny_admin(request):
    id = request.matchdict['id']
    user = Users.get_by_id(id)
    pos = request.matchdict['pos']
    group = DBSession.query(Groups).filter(Groups.name == pos).first()
    if user and group:
        try:
            user.mygroups.remove(group)
            request.session.flash('success; %s removed from group %s' %
                                  (user.fullname, group.name))
        except:
            request.session.flash(
                'danger; Action cannot be performed because %s is not in the group %s'
                % (user.fullname, group.name))

        return HTTPFound(location=request.route_url('search_user_list'))
    request.session.flash('danger; Not successfull')
    return HTTPFound(location=request.route_url('user_list'))
예제 #7
0
def verify_email(request):
    title = "Email Confirmation"
    submitted_hmac = request.matchdict.get('hmac')
    user_id = request.matchdict.get('user_id')
    user = Users.get_by_id(user_id)
    current_time = time.time()
    time_key = int(base64.b64decode(submitted_hmac[10:]))
    if current_time < time_key:
        hmac_key = hmac.new(
            '%s:%s:%d' % (str(user.id), 'r5$55g35%4#$:l3#24&', time_key),
            user.email).hexdigest()[0:10]
        if hmac_key == submitted_hmac[0:10]:
            #Fix me reset email, no such attribute email
            user.email_verified = True
            DBSession.merge(user)
            DBSession.flush()
    if user.email_verified:
        message = 'Your email is now confirmed. Thank you for joining us'
        request.session.flash('success;%s' % message)
        return HTTPFound(location='/')
    else:
        message = 'Error verifying message'
        request.session.flash('success;%s' % message)
        return HTTPFound(location='/')