def setUp(self):
self.config = testing.setUp()
setup_routes(self.config)
self.session = setup_database()
self.paiduser = User(username='******', password='******')
self.paiduser.add_paid_time(datetime.timedelta(days=30))
self.session.add(self.paiduser)
self.session.flush()
self.profile = Profile(uid=self.paiduser.id, name='testprofile')
self.session.add(self.profile)
self.freeuser = User(username='******', password='******')
self.session.add(self.freeuser)
duser = User(username='******', password='******')
duser.is_active = False
duser.add_paid_time(datetime.timedelta(days=30))
self.session.add(duser)
self.gw0 = Gateway(name='gw0',
token='simple_gateway',
isp_name='',
isp_url='',
country='')
self.session.add(self.gw0)
self.gw1 = Gateway(name='gw1',
token='disabled_gateway',
isp_name='',
isp_url='',
country='')
self.gw1.enabled = False
self.session.add(self.gw1)
self.gw2 = Gateway(name='gw2',
token='ipv4_gateway',
isp_name='',
isp_url='',
country='',
ipv4='1.2.3.4')
self.session.add(self.gw2)
self.gw3 = Gateway(name='gw3',
token='ipv6_gateway',
isp_name='',
isp_url='',
country='',
ipv6='1:2:3:4:5:6:7:8')
self.session.add(self.gw3)
self.session.flush()
self.testheaders = {
'X-Gateway-Token': 'simple_gateway',
'X-Gateway-Version': 'alpha',
}
def setUp(self):
super().setUp()
self.testuser = User(username='******', password='******')
self.session.add(self.testuser)
self.session.flush()
profile = Profile(uid=self.testuser.id, name='testprofile')
self.session.add(profile)
self.session.flush()
def account_post(request):
_ = request.translate
redirect = HTTPSeeOther(location=request.route_url('account'))
profiles_limit = 10
profile_name = request.POST.get('profilename')
profile_delete = request.POST.get('delete')
if profile_name:
p = Profile()
if not p.validate_name(profile_name):
request.messages.error(_('Invalid name.'))
return redirect
# Check if the name is already used
used = DBSession.query(Profile).filter_by(uid=request.user.id) \
.filter_by(name=profile_name).first()
if used:
request.messages.error(_('Name already used.'))
return redirect
# Check if this user's under the profile number limit
profiles_count = DBSession.query(func.count(Profile.id)) \
.filter_by(uid=request.user.id).scalar()
if profiles_count > profiles_limit:
request.messages.error(_('You have too many profiles.'))
return redirect
p.name = profile_name
p.uid = request.user.id
DBSession.add(p)
DBSession.flush()
return HTTPSeeOther(
location=request.route_url('account_profiles_edit', id=p.id))
if profile_delete:
try:
profile_delete = int(profile_delete)
except ValueError:
return redirect
p = DBSession.query(Profile) \
.filter_by(id=int(profile_delete)) \
.filter(Profile.name != '') \
.filter_by(uid=request.user.id) \
.first()
if not p:
request.messages.error(_('Unknown profile.'))
return redirect
DBSession.delete(p)
return redirect
def setUp(self):
settings = {'mako.directories': 'ccvpn:templates/'}
self.config = testing.setUp(settings=settings)
setup_routes(self.config)
self.session = setup_database()
self.testuser = User(username='******', password='******')
self.session.add(self.testuser)
self.session.flush()
profile = Profile(uid=self.testuser.id, name='testprofile')
self.session.add(profile)
self.session.flush()
def signup(request):
## TODO: seriously needs refactoring
_ = request.translate
if request.method != 'POST':
return {}
errors = []
try:
username = request.POST.get('username')
password = request.POST.get('password')
password2 = request.POST.get('password2')
email = request.POST.get('email')
if not User.validate_username(username):
errors.append(_('Invalid username.'))
if not User.validate_password(password):
errors.append(_('Invalid password.'))
if email and not User.validate_email(email):
errors.append(_('Invalid email address.'))
if password != password2:
errors.append(_('Both passwords do not match.'))
assert not errors
used = User.is_used(username, email)
if used[0] > 0:
errors.append(_('Username already registered.'))
if used[1] > 0 and email:
errors.append(_('E-mail address already registered.'))
assert not errors
with transaction.manager:
u = User(username=username, email=email, password=password)
if request.referrer:
u.referrer_id = request.referrer.id
DBSession.add(u)
DBSession.flush()
dp = Profile(uid=u.id, name='')
DBSession.add(dp)
request.session['uid'] = u.id
return HTTPSeeOther(location=request.route_url('account'))
except AssertionError:
for error in errors:
request.messages.error(error)
fields = ('username', 'password', 'password2', 'email')
request.response.status_code = HTTPBadRequest.code
return {k: request.POST[k] for k in fields}
def account_post(request):
_ = request.translate
# TODO: Fix that. split in two functions or something.
errors = []
try:
if 'profilename' in request.POST:
p = Profile()
p.validate_name(request.POST['profilename']) or \
errors.append(_('Invalid name.'))
assert not errors
name_used = DBSession.query(Profile) \
.filter_by(uid=request.user.id,
name=request.POST['profilename']) \
.first()
if name_used:
errors.append(_('Name already used.'))
profiles_count = DBSession.query(func.count(Profile.id)) \
.filter_by(uid=request.user.id).scalar()
if profiles_count > 10:
errors.append(_('You have too many profiles.'))
assert not errors
p.name = request.POST['profilename']
p.askpw = 'askpw' in request.POST and request.POST['askpw'] == '1'
p.uid = request.user.id
if not p.askpw:
p.password = random_access_token()
DBSession.add(p)
DBSession.flush()
return account(request)
if 'profiledelete' in request.POST:
p = DBSession.query(Profile) \
.filter_by(id=int(request.POST['profiledelete'])) \
.filter_by(uid=request.user.id) \
.first()
assert p or errors.append(_('Unknown profile.'))
DBSession.delete(p)
DBSession.flush()
return account(request)
u = request.user
if request.POST['password'] != '':
u.validate_password(request.POST['password']) or \
errors.append(_('Invalid password.'))
if request.POST['password'] != request.POST['password2']:
errors.append(_('Both passwords do not match.'))
if request.POST['email'] != '':
u.validate_email(request.POST['email']) or \
errors.append(_('Invalid email address.'))
assert not errors
new_email = request.POST.get('email')
if new_email and new_email != request.user.email:
c = DBSession.query(func.count(User.id).label('ec')) \
.filter_by(email=new_email).first()
if c.ec > 0:
errors.append(_('E-mail address already registered.'))
assert not errors
if request.POST['password'] != '':
u.set_password(request.POST['password'])
if request.POST['email'] != '':
u.email = request.POST['email']
request.messages.info(_('Saved!'))
DBSession.flush()
except KeyError:
return HTTPBadRequest()
except AssertionError:
for error in errors:
request.session.flash(('error', error))
return account(request)