def doEdit(self): m = self.mf.getUser(self.session['username']) if m.validate: # member locked for validation raise HTTPError(403, 'Forbidden') else: changes = False if self.request.params['sn'] != m.sn or\ self.request.params['givenName'] != m.givenName or\ self.request.params['homePostalAddress'] != m.homePostalAddress or\ self.request.params['homePhone'] != m.homePhone or\ self.request.params['mobile'] != m.mobile or\ self.request.params['mail'] != m.mail or\ self.request.params['xmppID'] != m.xmppID: changes = True if changes: tm = TmpMember(m.uidNumber) tm.sn = str(self.request.params['sn'].encode('utf-8')) tm.gn = str(self.request.params['givenName'].encode('utf-8')) tm.homePostalAddress = str(self.request.params['homePostalAddress'].encode('utf-8')) # @TODO make this more consistent if self.request.params.get('homePhone', '') == '' and not m.homePhone == '': tm.phone = '>>REMOVE<<' else: tm.phone = self.request.params['homePhone'] if self.request.params.get('xmppID', '') == '' and not m.xmppID == '': tm.xmppID = 'removed' else: tm.xmppID = self.request.params['xmppID'] tm.mobile = self.request.params['mobile'] tm.mail = self.request.params['mail'] self.db.add(tm) self.db.commit() self.session['flash'] = _('Changes saved!') self.session['flash_class'] = 'success' self.mailValidationRequired() else: self.session['flash'] = _('Nothing to save!') self.session['flash_class'] = 'info' if not self.request.params.get('userPassword', '') == '' and self.request.params['userPassword'] == self.request.params['userPassword2']: m.setPassword(self.request.params['userPassword']) self.mf.saveMember(m, is_admin=False) self.session['secret'] = encodeAES(self.request.params['userPassword']) self.session['flash'] = _('Password updated!') self.session['flash_class'] = 'success' self.session.save() raise HTTPRedirect('/profile/index')
def doLogin(self, username=None, password=None): try: ParamChecker.checkUsername('username', param=True) ParamChecker.checkPassword('password', 'password', param=True) except InvalidParameterFormat as ipf: return self.index(_('Invalid data')) try: ldap_connector = LdapConnector(username=username, password=password) except mematool.helpers.exceptions.InvalidCredentials: return self.index(_('Invalid credentials')) except mematool.helpers.exceptions.ServerError: return self.index(_('Server error, please retry later')) old_session_language = self.session.get('language', '') self.session.regenerate() self.session['username'] = username self.session['password'] = encodeAES(password) self.set_ldapcon(ldap_connector.get_connection()) self.session['groups'] = self.mf.getUserGroupList(username) try: user = self.mf.getUser(self.session['username']) except: return self.index(_('Server error, please retry later')) self.session['user'] = user if self.is_admin(): self.session[ 'pendingMemberValidations'] = self.pendingMemberValidations() uidNumber = user.uidNumber language = self.db.query(Preferences).filter( and_(Preferences.uidNumber == uidNumber, Preferences.key == 'language')).one() if language.value in self.languages: self.session['language'] = language.value elif not old_session_language == '': self.session['language'] = old_session_language else: self.session['language'] = self.default_language log.info(username + ' logged in') if user.is_admin(): raise HTTPRedirect('/members/index') else: raise HTTPRedirect('/profile/index')
def doLogin(self, username=None, password=None): try: ParamChecker.checkUsername('username', param=True) ParamChecker.checkPassword('password', 'password', param=True) except InvalidParameterFormat as ipf: return self.index(_('Invalid data')) try: ldap_connector = LdapConnector(username=username, password=password) except mematool.helpers.exceptions.InvalidCredentials: return self.index(_('Invalid credentials')) except mematool.helpers.exceptions.ServerError: return self.index(_('Server error, please retry later')) old_session_language = self.session.get('language', '') self.session.regenerate() self.session['username'] = username self.session['password'] = encodeAES(password) self.set_ldapcon(ldap_connector.get_connection()) self.session['groups'] = self.mf.getUserGroupList(username) try: user = self.mf.getUser(self.session['username']) except: return self.index(_('Server error, please retry later')) self.session['user'] = user if self.is_admin(): self.session['pendingMemberValidations'] = self.pendingMemberValidations() uidNumber = user.uidNumber language = self.db.query(Preferences).filter(and_(Preferences.uidNumber == uidNumber, Preferences.key == 'language')).one() if language.value in self.languages: self.session['language'] = language.value elif not old_session_language == '': self.session['language'] = old_session_language else: self.session['language'] = self.default_language log.info(username + ' logged in') if user.is_admin(): raise HTTPRedirect('/members/index') else: raise HTTPRedirect('/profile/index')
def doEdit(self): m = self.mf.getUser(self.session['username']) if m.validate: # member locked for validation raise HTTPError(403, 'Forbidden') else: changes = False if self.request.params['sn'] != m.sn or\ self.request.params['givenName'] != m.givenName or\ self.request.params['homePostalAddress'] != m.homePostalAddress or\ self.request.params['homePhone'] != m.homePhone or\ self.request.params['mobile'] != m.mobile or\ self.request.params['mail'] != m.mail or\ self.request.params['xmppID'] != m.xmppID: changes = True if changes: tm = TmpMember(m.uidNumber) tm.sn = str(self.request.params['sn'].encode('utf-8')) tm.gn = str(self.request.params['givenName'].encode('utf-8')) tm.homePostalAddress = str( self.request.params['homePostalAddress'].encode('utf-8')) # @TODO make this more consistent if self.request.params.get('homePhone', '') == '' and not m.homePhone == '': tm.phone = '>>REMOVE<<' else: tm.phone = self.request.params['homePhone'] if self.request.params.get('xmppID', '') == '' and not m.xmppID == '': tm.xmppID = 'removed' else: tm.xmppID = self.request.params['xmppID'] tm.mobile = self.request.params['mobile'] tm.mail = self.request.params['mail'] self.db.add(tm) self.db.commit() self.session['flash'] = _('Changes saved!') self.session['flash_class'] = 'success' self.mailValidationRequired() else: self.session['flash'] = _('Nothing to save!') self.session['flash_class'] = 'info' if not self.request.params.get( 'userPassword', '' ) == '' and self.request.params[ 'userPassword'] == self.request.params['userPassword2']: m.setPassword(self.request.params['userPassword']) self.mf.saveMember(m, is_admin=False) self.session['secret'] = encodeAES( self.request.params['userPassword']) self.session['flash'] = _('Password updated!') self.session['flash_class'] = 'success' self.session.save() raise HTTPRedirect('/profile/index')