def load(self):
if not self._loaded:
#TODO: bullet-proof code, assert kcd_user and return an error code in case of none
kcd_user = KcdUser.get_by(user_id = self._user_id, kws_id = self._workspace_id)
self._notif_policy = kcd_user.notif_policy
self._loaded = True
pass
def show(self, workspace_id, email_id):
ws = c.workspace
if not ws:
log.warn("InvitationController().show(): Workspace %s does not exist." % ( workspace_id ) )
abort(403)
invitation = Invitation.get_by(email_id = email_id)
if not invitation:
log.warn("InvitationController().show(): No invitation '%s' for workspace %s" \
% ( email_id, workspace_id ) )
ui_error(code="invitation_link_not_valid")
return render('message/show.mako')
#abort(403)
if 'user_id' in session:
if session['user_id'] == invitation.user_id:
# User is already logged - redirect.
redirect_to(url('teambox', workspace_id = session['workspace_id']))
else:
# User is logged as another user - unlog.
init_session(c.workspace, reinit=True)
if (ws.id==invitation.kws_id):
### Temp workaround to show notification management page for users with no passwords. ###
session['tmp_notif_user_id'] = invitation.user_id
session.save()
c.notif_flag = True
### End workaround ###
if ws.secured:
c.email_id = email_id
kcd_user = KcdUser.get_by(user_id = invitation.user_id, kws_id = invitation.kws_id)
if not kcd_user:
log.warn("kcd user " + str(invitation.user_id) + " for workspace " + str(workspace_id) + " not found in database")
abort(403)
if kcd_user.pwd: #prompt for password and for credentials download
c.show_pass = True
pass
else: #prompt for credintials download
c.show_pass = False
pass
return render('/invitation/show.mako')
else: #authorize
self._login(invitation)
else:
abort(403)
def set_user(self, workspace_id):
if 'member_password' in session and 'user_id' in request.params:
password = session['member_password']
del session['member_password']
del session['same_pwd_members']
session.save()
user = KcdUser.get_by(user_id = request.params['user_id'], pwd=password, kws_id=workspace_id)
if(user):
self._invite_and_login(user, workspace_id, password)
else:
abort(403)
else:
abort(403)
def create(self, workspace_id):
email_id = None
if 'email_id' in request.params:
email_id = request.params['email_id']
else:
abort(403)
ws = c.workspace
invitation = Invitation.get_by(email_id = email_id)
if (ws and invitation and ws.id==invitation.kws_id):
kcd_user = KcdUser.get_by(user_id = invitation.user_id, kws_id = invitation.kws_id)
if(kcd_user and kcd_user.pwd and ('password' in request.params) and request.params['password']==kcd_user.pwd):
self._login(invitation, kcd_user.pwd)
else:
ui_flash_error(message="You have not provided a valid password.")
redirect_to(url('invite_show', workspace_id=workspace_id, email_id=email_id))
else:
abort(403)
