def account_post(request):
_ = request.translate
redirect = HTTPSeeOther(location=request.route_url('account'))
profiles_limit = 10
profile_name = request.POST.get('profilename')
profile_delete = request.POST.get('delete')
if profile_name:
p = Profile()
if not p.validate_name(profile_name):
request.messages.error(_('Invalid name.'))
return redirect
# Check if the name is already used
used = DBSession.query(Profile).filter_by(uid=request.user.id) \
.filter_by(name=profile_name).first()
if used:
request.messages.error(_('Name already used.'))
return redirect
# Check if this user's under the profile number limit
profiles_count = DBSession.query(func.count(Profile.id)) \
.filter_by(uid=request.user.id).scalar()
if profiles_count > profiles_limit:
request.messages.error(_('You have too many profiles.'))
return redirect
p.name = profile_name
p.uid = request.user.id
DBSession.add(p)
DBSession.flush()
return HTTPSeeOther(
location=request.route_url('account_profiles_edit', id=p.id))
if profile_delete:
try:
profile_delete = int(profile_delete)
except ValueError:
return redirect
p = DBSession.query(Profile) \
.filter_by(id=int(profile_delete)) \
.filter(Profile.name != '') \
.filter_by(uid=request.user.id) \
.first()
if not p:
request.messages.error(_('Unknown profile.'))
return redirect
DBSession.delete(p)
return redirect
def account_post(request):
_ = request.translate
redirect = HTTPSeeOther(location=request.route_url('account'))
profiles_limit = 10
profile_name = request.POST.get('profilename')
profile_delete = request.POST.get('delete')
if profile_name:
p = Profile()
if not p.validate_name(profile_name):
request.messages.error(_('Invalid name.'))
return redirect
# Check if the name is already used
used = DBSession.query(Profile).filter_by(uid=request.user.id) \
.filter_by(name=profile_name).first()
if used:
request.messages.error(_('Name already used.'))
return redirect
# Check if this user's under the profile number limit
profiles_count = DBSession.query(func.count(Profile.id)) \
.filter_by(uid=request.user.id).scalar()
if profiles_count > profiles_limit:
request.messages.error(_('You have too many profiles.'))
return redirect
p.name = profile_name
p.uid = request.user.id
DBSession.add(p)
DBSession.flush()
return HTTPSeeOther(location=request.route_url('account_profiles_edit', id=p.id))
if profile_delete:
try:
profile_delete = int(profile_delete)
except ValueError:
return redirect
p = DBSession.query(Profile) \
.filter_by(id=int(profile_delete)) \
.filter(Profile.name != '') \
.filter_by(uid=request.user.id) \
.first()
if not p:
request.messages.error(_('Unknown profile.'))
return redirect
DBSession.delete(p)
return redirect
def reset(request):
_ = request.translate
token = DBSession.query(PasswordResetToken) \
.filter_by(token=request.matchdict['token']) \
.first()
if not token or not token.user:
request.messages.error(_('Unknown password reset token.'))
url = request.route_url('account_forgot')
return HTTPMovedPermanently(location=url)
password = request.POST.get('password')
password2 = request.POST.get('password2')
if request.method != 'POST' or not password or not password2:
return {'token': token}
if not User.validate_password(password) or password != password2:
request.messages.error(_('Invalid password.'))
request.response.status_code = HTTPBadRequest.code
return {'token': token}
token.user.set_password(password)
mailer = get_mailer(request)
body = render('mail/password_reset_done.mako', {
'user': token.user,
'changed_by': request.remote_addr,
},
request=request)
message = Message(subject=_('CCVPN: Password changed'),
recipients=[token.user.email],
body=body)
mailer.send(message)
msg = _('You have changed the password for ${user}.',
mapping={'user': token.user.username})
msg += ' ' + _('You can now log in.')
request.messages.info(msg)
DBSession.delete(token)
url = request.route_url('account_login')
return HTTPMovedPermanently(location=url)
def reset(request):
_ = request.translate
token = DBSession.query(PasswordResetToken) \
.filter_by(token=request.matchdict['token']) \
.first()
if not token or not token.user:
request.messages.error(_('Unknown password reset token.'))
url = request.route_url('account_forgot')
return HTTPMovedPermanently(location=url)
password = request.POST.get('password')
password2 = request.POST.get('password2')
if request.method != 'POST' or not password or not password2:
return {'token': token}
if not User.validate_password(password) or password != password2:
request.messages.error(_('Invalid password.'))
request.response.status_code = HTTPBadRequest.code
return {'token': token}
token.user.set_password(password)
mailer = get_mailer(request)
body = render('mail/password_reset_done.mako', {
'user': token.user,
'changed_by': request.remote_addr,
}, request=request)
message = Message(subject=_('CCVPN: Password changed'),
recipients=[token.user.email],
body=body)
mailer.send(message)
msg = _('You have changed the password for ${user}.',
mapping={'user': token.user.username})
msg += ' ' + _('You can now log in.')
request.messages.info(msg)
DBSession.delete(token)
url = request.route_url('account_login')
return HTTPMovedPermanently(location=url)
def revoke(args):
q = DBSession.query(APIAccessToken)
if args.token == '-':
args.token = input('Search token (empty=*): ')
if args.token:
q = q.filter_by(token=args.token)
if args.label:
q = q.filter_by(label=args.label)
count = q.count()
if count == 0:
print('No token found.')
return
if count > 1:
if args.force:
print('Warning: mutliple tokens match.')
else:
print('Error: mutliple tokens match. Use -f to force.')
return
sure_str = 'Sure revoking %d tokens? [y/n] ' % q.count()
if not args.yes and input(sure_str).lower() != 'y':
return
for t in q.all():
print('Revoking token #%d (%s)...' % (t.id, t.label))
DBSession.delete(t)
def revoke(args):
q = DBSession.query(Gateway)
if args.token == '-':
args.token = input('Search token (empty=*): ')
if args.token:
q = q.filter_by(token=args.token)
if args.label:
q = q.filter_by(label=args.label)
count = q.count()
if count == 0:
print('No token found.')
return
if count > 1:
if args.force:
print('Warning: mutliple tokens match.')
else:
print('Error: mutliple tokens match. Use -f to force.')
return
sure_str = 'Sure revoking %d tokens? [y/n] ' % q.count()
if not args.yes and input(sure_str).lower() != 'y':
return
for t in q.all():
print('Revoking token #%d (%s)...' % (t.id, t.label))
DBSession.delete(t)
def account_post(request):
# TODO: Fix that. split in two functions or something.
errors = []
try:
if 'profilename' in request.POST:
p = Profile()
p.validate_name(request.POST['profilename']) or \
errors.append('Invalid name.')
assert not errors
name_used = DBSession.query(Profile) \
.filter_by(uid=request.user.id,
name=request.POST['profilename']) \
.first()
if name_used:
errors.append('Name already used.')
profiles_count = DBSession.query(func.count(Profile.id)) \
.filter_by(uid=request.user.id).scalar()
if profiles_count > 10:
errors.append('You have too many profiles.')
assert not errors
p.name = request.POST['profilename']
p.askpw = 'askpw' in request.POST and request.POST['askpw'] == '1'
p.uid = request.user.id
if not p.askpw:
p.password = random_access_token()
DBSession.add(p)
DBSession.flush()
return account(request)
if 'profiledelete' in request.POST:
p = DBSession.query(Profile) \
.filter_by(id=int(request.POST['profiledelete'])) \
.filter_by(uid=request.user.id) \
.first()
assert p or errors.append('Unknown profile.')
DBSession.delete(p)
DBSession.flush()
return account(request)
u = request.user
if request.POST['password'] != '':
u.validate_password(request.POST['password']) or \
errors.append('Invalid password.')
if request.POST['password'] != request.POST['password2']:
errors.append('Both passwords do not match.')
if request.POST['email'] != '':
u.validate_email(request.POST['email']) or \
errors.append('Invalid email address.')
assert not errors
new_email = request.POST.get('email')
if new_email and new_email != request.user.email:
c = DBSession.query(func.count(User.id).label('ec')) \
.filter_by(email=new_email).first()
if c.ec > 0:
errors.append('E-mail address already registered.')
assert not errors
if request.POST['password'] != '':
u.set_password(request.POST['password'])
if request.POST['email'] != '':
u.email = request.POST['email']
request.session.flash(('info', 'Saved!'))
DBSession.flush()
except KeyError:
return HTTPBadRequest()
except AssertionError:
for error in errors:
request.session.flash(('error', error))
return account(request)
def account_post(request):
_ = request.translate
# TODO: Fix that. split in two functions or something.
errors = []
try:
if 'profilename' in request.POST:
p = Profile()
p.validate_name(request.POST['profilename']) or \
errors.append(_('Invalid name.'))
assert not errors
name_used = DBSession.query(Profile) \
.filter_by(uid=request.user.id,
name=request.POST['profilename']) \
.first()
if name_used:
errors.append(_('Name already used.'))
profiles_count = DBSession.query(func.count(Profile.id)) \
.filter_by(uid=request.user.id).scalar()
if profiles_count > 10:
errors.append(_('You have too many profiles.'))
assert not errors
p.name = request.POST['profilename']
p.askpw = 'askpw' in request.POST and request.POST['askpw'] == '1'
p.uid = request.user.id
if not p.askpw:
p.password = random_access_token()
DBSession.add(p)
DBSession.flush()
return account(request)
if 'profiledelete' in request.POST:
p = DBSession.query(Profile) \
.filter_by(id=int(request.POST['profiledelete'])) \
.filter_by(uid=request.user.id) \
.first()
assert p or errors.append(_('Unknown profile.'))
DBSession.delete(p)
DBSession.flush()
return account(request)
u = request.user
if request.POST['password'] != '':
u.validate_password(request.POST['password']) or \
errors.append(_('Invalid password.'))
if request.POST['password'] != request.POST['password2']:
errors.append(_('Both passwords do not match.'))
if request.POST['email'] != '':
u.validate_email(request.POST['email']) or \
errors.append(_('Invalid email address.'))
assert not errors
new_email = request.POST.get('email')
if new_email and new_email != request.user.email:
c = DBSession.query(func.count(User.id).label('ec')) \
.filter_by(email=new_email).first()
if c.ec > 0:
errors.append(_('E-mail address already registered.'))
assert not errors
if request.POST['password'] != '':
u.set_password(request.POST['password'])
if request.POST['email'] != '':
u.email = request.POST['email']
request.messages.info(_('Saved!'))
DBSession.flush()
except KeyError:
return HTTPBadRequest()
except AssertionError:
for error in errors:
request.session.flash(('error', error))
return account(request)