예제 #1
0
파일: people.py 프로젝트: boothead/karl
def change_password_view(context, request):
    min_pw_length = get_setting(context, 'min_pw_length')
    form = ChangePasswordForm(min_pw_length=min_pw_length)
    if 'form.cancel' in request.POST:
        return HTTPFound(location=model_url(context, request))

    if 'form.submitted' in request.POST:
        try:
            converted = form.validate(request.POST)
            users = find_users(context)
            userid = context.__name__
            user = users.get_by_id(userid)

            # check the old password
            # XXX: repoze.who.plugins.zodb.interfaces.IUsers
            # really should have a check_password(id, password)
            # method.  We shouldn't have to use get_sha_password
            # directly.
            enc = get_sha_password(converted['old_password'])
            if enc != user['password']:
                raise CustomInvalid({'old_password': '******'})

            users.change_password(userid, converted['password'])

            # send email
            system_name = get_setting(context, 'system_name', 'KARL')
            mail = karl.mail.Message()
            admin_email = get_setting(context, 'admin_email')
            mail["From"] = "%s Administrator <%s>" % (system_name, admin_email)
            mail["To"] = "%s <%s>" % (context.title, context.email)
            mail["Subject"] = "%s Password Change Notification" % system_name
            system_name = get_setting(context, 'system_name', 'KARL')
            body = render_template(
                "templates/email_change_password.pt",
                login=user['login'],
                password=converted['password'],
                system_name=system_name,
            )

            if isinstance(body, unicode):
                body = body.encode("UTF-8")

            mail.set_payload(body, "UTF-8")
            mail.set_type("text/html")

            recipients = [context.email]
            mailer = getUtility(IMailDelivery)
            mailer.send(admin_email, recipients, mail)

            path = model_url(context, request)
            msg = '?status_message=Password%20changed'
            return HTTPFound(location=path+msg)

        except Invalid, e:
            fielderrors = e.error_dict
            fill_values = form.convert(request.POST)
예제 #2
0
파일: community.py 프로젝트: boothead/karl
def join_community_view(context, request):
    """ User sends an email to community moderator(s) asking to join
    the community.  Email contains a link to "add_existing" view, in members,
    that a moderator can use to add member to the community.

    """
    assert ICommunity.providedBy(context)

    # Get logged in user
    profiles = find_profiles(context)
    user = authenticated_userid(request)
    profile = profiles[user]

    # Handle form submission
    if "form.submitted" in request.POST:
        message = request.POST.get("message", "")
        moderators = [profiles[id] for id in context.moderator_names]
        mail = karl.mail.Message()
        mail["From"] = "%s <%s>" % (profile.title, profile.email)
        mail["To"] = ",".join(
            ["%s <%s>" % (p.title, p.email) for p in moderators]
        )
        mail["Subject"] = "Request to join %s community" % context.title

        body_template = get_template("templates/email_join_community.pt")
        profile_url = model_url(profile, request)
        accept_url=model_url(context, request, "members", "add_existing.html",
                             query={"user_id": user})
        body = body_template(
            message=message,
            community_title=context.title,
            person_name=profile.title,
            profile_url=profile_url,
            accept_url=accept_url
        )

        if isinstance(body, unicode):
            body = body.encode("UTF-8")

        mail.set_payload(body, "UTF-8")
        mail.set_type("text/html")

        recipients = [p.email for p in moderators]
        mailer = getUtility(IMailDelivery)
        mailer.send(profile.email, recipients, mail)

        status_message = "Your request has been sent to the moderators."
        location = model_url(context, request,
                             query={"status_message": status_message})

        return HTTPFound(location=location)

    # Show form
    page_title = "Join " + context.title
    api = TemplateAPI(context, request, page_title)
    return render_template_to_response(
        "templates/join_community.pt",
        api=api,
        profile=profile,
        community=context,
        post_url=model_url(context, request, "join.html"),
        formfields=api.formfields,
    )
예제 #3
0
def reset_request_view(context, request):

    form = ResetRequestForm()
    system_name = get_setting(context, 'system_name', 'KARL')

    if 'form.cancel' in request.POST:
        return HTTPFound(location=model_url(context, request))

    if 'form.submitted' in request.POST:
        try:
            converted = form.validate(request.POST)

            address = converted['email']
            if address:
                address = address.lower()

            search = getAdapter(context, ICatalogSearch)
            count, docids, resolver = search(
                interfaces=[IProfile], email=[address])

            users = find_users(context)
            for docid in docids:
                profile = resolver(docid)
                if profile is None:
                    continue
                userid = profile.__name__
                user = users.get_by_id(userid)
                if user is None:
                    continue
                # found the profile and user
                break
            else:
                raise CustomInvalid({"email":
                    "%s has no account with the email address: %s" %
                    (system_name, address)})

            groups = user['groups']
            if groups and 'group.KarlStaff' in groups:
                # because staff accounts are managed centrally, staff
                # must use the forgot_password_url if it is set.
                forgot_password_url = get_setting(
                    context, 'forgot_password_url')
                if forgot_password_url:
                    came_from = model_url(context, request, "login.html")
                    url = '%s?email=%s&came_from=%s' % (
                        forgot_password_url, urllib.quote_plus(address),
                        urllib.quote_plus(came_from))
                    return HTTPFound(location=url)

            profile.password_reset_key = sha1(
                str(random.random())).hexdigest()
            profile.password_reset_time = datetime.datetime.now()
            reset_url = model_url(
                context, request, "reset_confirm.html") + (
                "?key=%s" % profile.password_reset_key)

            # send email
            mail = karl.mail.Message()
            admin_email = get_setting(context, 'admin_email')
            mail["From"] = "%s Administrator <%s>" % (system_name, admin_email)
            mail["To"] = "%s <%s>" % (profile.title, profile.email)
            mail["Subject"] = "%s Password Reset Request" % system_name
            body = render_template(
                "templates/email_reset_password.pt",
                login=user['login'],
                reset_url=reset_url,
                system_name=system_name,
            )

            if isinstance(body, unicode):
                body = body.encode("UTF-8")

            mail.set_payload(body, "UTF-8")
            mail.set_type("text/html")

            recipients = [profile.email]
            mailer = getUtility(IMailDelivery)
            mailer.send(admin_email, recipients, mail)

            url = model_url(context, request, 'reset_sent.html') + (
                '?email=%s' % urllib.quote_plus(address))
            return HTTPFound(location=url)

        except Invalid, e:
            fielderrors = e.error_dict
            fill_values = form.convert(request.POST)