def update_profile():
"""
Update user's profile.
Returns Jinja2 template.
"""
form = UpdateProfileForm(obj=current_user)
form.set_locales(current_app.config["LOCALES"])
form.populate_obj(current_user)
if request.method == "GET":
title_msg = "Update your profile: %s" % current_user.fullname
return render_template("account/update.html", title=title_msg, form=form)
else:
form = UpdateProfileForm(request.form)
form.set_locales(current_app.config["LOCALES"])
if form.validate():
new_profile = model.User(
id=form.id.data,
fullname=form.fullname.data,
name=form.name.data,
email_addr=form.email_addr.data,
locale=form.locale.data,
ckan_api=form.ckan_api.data,
)
db.session.query(model.User).filter(model.User.id == current_user.id).first()
db.session.merge(new_profile)
db.session.commit()
cached_users.delete_user_summary(current_user.name)
flash(gettext("Your profile has been updated!"), "success")
return redirect(url_for(".profile"))
else:
flash(gettext("Please correct the errors"), "error")
title_msg = "Update your profile: %s" % current_user.fullname
return render_template("/account/update.html", form=form, title=title_msg)
def set(self, user, update_repo=True):
"""Set a Gravatar for a user.
Parameters
----------
user : User
The PyBossa user.
update_repo : bool, optional
True to save changes, False otherwise (the default is True).
"""
url = self._get_url(user)
now = time.time()
filename = secure_filename('{0}_avatar.png'.format(now))
container = 'user_{0}'.format(user.id)
self._download(filename, container, url)
if not user.info: # pragma: no cover
user.info = dict()
user.info['avatar'] = filename
user.info['container'] = container
if update_repo:
user_repo.update(user)
cached_users.delete_user_summary(user.name)
def _handle_avatar_update(user, avatar_form):
if avatar_form.validate_on_submit():
_file = request.files['avatar']
coordinates = (avatar_form.x1.data, avatar_form.y1.data,
avatar_form.x2.data, avatar_form.y2.data)
prefix = time.time()
_file.filename = "%s_avatar.png" % prefix
container = "user_%s" % user.id
uploader.upload_file(_file,
container=container,
coordinates=coordinates)
# Delete previous avatar from storage
if user.info.get('avatar'):
uploader.delete_file(user.info['avatar'], container)
upload_method = current_app.config.get('UPLOAD_METHOD')
avatar_url = get_avatar_url(upload_method, _file.filename, container)
user.info['avatar'] = _file.filename
user.info['container'] = container
user.info['avatar_url'] = avatar_url
user_repo.update(user)
cached_users.delete_user_summary(user.name)
flash(
gettext('Your avatar has been updated! It may \
take some minutes to refresh...'), 'success')
return True
else:
flash("You have to provide an image file to update your avatar",
"error")
return False
def _handle_avatar_update(user, avatar_form):
if avatar_form.validate_on_submit():
_file = request.files['avatar']
coordinates = (avatar_form.x1.data, avatar_form.y1.data,
avatar_form.x2.data, avatar_form.y2.data)
prefix = time.time()
_file.filename = "%s_avatar.png" % prefix
container = "user_%s" % user.id
uploader.upload_file(_file,
container=container,
coordinates=coordinates)
# Delete previous avatar from storage
if user.info.get('avatar'):
uploader.delete_file(user.info['avatar'], container)
upload_method = current_app.config.get('UPLOAD_METHOD')
avatar_url = get_avatar_url(upload_method,
_file.filename, container)
user.info['avatar'] = _file.filename
user.info['container'] = container
user.info['avatar_url'] = avatar_url
user_repo.update(user)
cached_users.delete_user_summary(user.name)
flash(gettext('Your avatar has been updated! It may \
take some minutes to refresh...'), 'success')
return True
else:
flash("You have to provide an image file to update your avatar", "error")
return False
def _handle_external_services_update(user, update_form):
del update_form.locale
del update_form.email_addr
del update_form.fullname
del update_form.name
if update_form.validate():
user.ckan_api = update_form.ckan_api.data or None
user_repo.update(user)
cached_users.delete_user_summary(user.name)
flash(gettext('Your profile has been updated!'), 'success')
else:
flash(gettext('Please correct the errors'), 'error')
def _handle_external_services_update(user, update_form):
del update_form.locale
del update_form.email_addr
del update_form.fullname
del update_form.name
if update_form.validate():
user.ckan_api = update_form.ckan_api.data or None
user_repo.update(user)
cached_users.delete_user_summary(user.name)
flash(gettext('Your profile has been updated!'), 'success')
else:
flash(gettext('Please correct the errors'), 'error')
def _handle_profile_update(user, update_form):
acc_conf_dis = current_app.config.get('ACCOUNT_CONFIRMATION_DISABLED')
if update_form.validate_on_submit():
user.id = update_form.id.data
user.fullname = update_form.fullname.data
user.name = update_form.name.data
account, domain = update_form.email_addr.data.split('@')
if (user.email_addr != update_form.email_addr.data and
acc_conf_dis is False and
domain not in current_app.config.get('SPAM')):
user.valid_email = False
user.newsletter_prompted = False
account = dict(fullname=update_form.fullname.data,
name=update_form.name.data,
email_addr=update_form.email_addr.data)
confirm_url = get_email_confirmation_url(account)
subject = ('You have updated your email in %s! Verify it'
% current_app.config.get('BRAND'))
msg = dict(subject=subject,
recipients=[update_form.email_addr.data],
body=render_template(
'/account/email/validate_email.md',
user=account, confirm_url=confirm_url))
msg['html'] = markdown(msg['body'])
mail_queue.enqueue(send_mail, msg)
user.confirmation_email_sent = True
fls = gettext('An email has been sent to verify your \
new email: %s. Once you verify it, it will \
be updated.' % account['email_addr'])
flash(fls, 'info')
return True
if acc_conf_dis is False and domain in current_app.config.get('SPAM'):
fls = gettext('Use a valid email account')
flash(fls, 'info')
return False
if acc_conf_dis:
user.email_addr = update_form.email_addr.data
user.privacy_mode = fuzzyboolean(update_form.privacy_mode.data)
user.restrict = fuzzyboolean(update_form.restrict.data)
user.locale = update_form.locale.data
user.subscribed = fuzzyboolean(update_form.subscribed.data)
user_repo.update(user)
cached_users.delete_user_summary(user.name)
flash(gettext('Your profile has been updated!'), 'success')
return True
else:
flash(gettext('Please correct the errors'), 'error')
return False
def _handle_profile_update(user, update_form):
acc_conf_dis = current_app.config.get('ACCOUNT_CONFIRMATION_DISABLED')
if update_form.validate_on_submit():
user.id = update_form.id.data
user.fullname = update_form.fullname.data
user.name = update_form.name.data
account, domain = update_form.email_addr.data.split('@')
if (user.email_addr != update_form.email_addr.data
and acc_conf_dis is False
and domain not in current_app.config.get('SPAM')):
user.valid_email = False
user.newsletter_prompted = False
account = dict(fullname=update_form.fullname.data,
name=update_form.name.data,
email_addr=update_form.email_addr.data)
confirm_url = get_email_confirmation_url(account)
subject = ('You have updated your email in %s! Verify it' %
current_app.config.get('BRAND'))
msg = dict(subject=subject,
recipients=[update_form.email_addr.data],
body=render_template('/account/email/validate_email.md',
user=account,
confirm_url=confirm_url))
msg['html'] = markdown(msg['body'])
mail_queue.enqueue(send_mail, msg)
user.confirmation_email_sent = True
fls = gettext('An email has been sent to verify your \
new email: %s. Once you verify it, it will \
be updated.' % account['email_addr'])
flash(fls, 'info')
return True
if acc_conf_dis is False and domain in current_app.config.get('SPAM'):
fls = gettext('Use a valid email account')
flash(fls, 'info')
return False
if acc_conf_dis:
user.email_addr = update_form.email_addr.data
user.privacy_mode = fuzzyboolean(update_form.privacy_mode.data)
user.restrict = fuzzyboolean(update_form.restrict.data)
user.locale = update_form.locale.data
user.subscribed = fuzzyboolean(update_form.subscribed.data)
user_repo.update(user)
cached_users.delete_user_summary(user.name)
flash(gettext('Your profile has been updated!'), 'success')
return True
else:
flash(gettext('Please correct the errors'), 'error')
return False
def reset_api_key(name):
"""
Reset API-KEY for user.
Returns a Jinja2 template.
"""
user = user_repo.get_by_name(name)
if not user:
return abort(404)
ensure_authorized_to('update', user)
user.api_key = model.make_uuid()
user_repo.update(user)
cached_users.delete_user_summary(user.name)
msg = gettext('New API-KEY generated')
flash(msg, 'success')
return redirect(url_for('account.profile', name=name))
def reset_api_key(name):
"""
Reset API-KEY for user.
Returns a Jinja2 template.
"""
user = user_repo.get_by_name(name)
if not user:
return abort(404)
ensure_authorized_to('update', user)
user.api_key = model.make_uuid()
user_repo.update(user)
cached_users.delete_user_summary(user.name)
msg = gettext('New API-KEY generated')
flash(msg, 'success')
return redirect(url_for('account.profile', name=name))
def reset_api_key(name):
"""
Reset API-KEY for user.
Returns a Jinja2 template.
"""
user = User.query.filter_by(name=name).first()
if not user:
return abort(404)
require.user.update(user)
title = ("User: %s · Settings"
"- Reset API KEY") % current_user.fullname
user.api_key = model.make_uuid()
db.session.commit()
cached_users.delete_user_summary(user.name)
msg = gettext('New API-KEY generated')
flash(msg, 'success')
return redirect(url_for('account.profile', name=name))
def reset_api_key(name):
"""
Reset API-KEY for user.
Returns a Jinja2 template.
"""
user = user_repo.get_by_name(name)
if not user:
return abort(404)
require.user.update(user)
title = ("User: %s · Settings"
"- Reset API KEY") % current_user.fullname
user.api_key = model.make_uuid()
user_repo.update(user)
cached_users.delete_user_summary(user.name)
msg = gettext('New API-KEY generated')
flash(msg, 'success')
return redirect(url_for('account.profile', name=name))
def _handle_profile_update(user, update_form):
acc_conf_dis = current_app.config.get('ACCOUNT_CONFIRMATION_DISABLED')
if update_form.validate_on_submit():
user.id = update_form.id.data
user.fullname = update_form.fullname.data
user.name = update_form.name.data
if (user.email_addr != update_form.email_addr.data
and acc_conf_dis is False):
user.valid_email = False
user.newsletter_prompted = False
account = dict(fullname=update_form.fullname.data,
name=update_form.name.data,
email_addr=update_form.email_addr.data)
confirm_url = get_email_confirmation_url(account)
subject = (
u'Has actualizado tu correo electrónico con %s! Verifica la dirección'
% current_app.config.get('BRAND'))
msg = dict(subject=subject,
recipients=[update_form.email_addr.data],
body=render_template('/account/email/validate_email.md',
user=account,
confirm_url=confirm_url))
msg['html'] = markdown(msg['body'])
mail_queue.enqueue(send_mail, msg)
user.confirmation_email_sent = True
fls = gettext(
u'Se ha enviado un correo electrónico para verificar tu nuevo correo electrónico: %s. Una vez que lo verifiques, estará actualizado.'
% account['email_addr'])
flash(fls, 'info')
return True
if acc_conf_dis:
user.email_addr = update_form.email_addr.data
user.privacy_mode = update_form.privacy_mode.data
user.locale = update_form.locale.data
user.subscribed = update_form.subscribed.data
user_repo.update(user)
cached_users.delete_user_summary(user.name)
flash(gettext(u'¡Tu perfil ha sido actualizado!'), 'success')
return True
else:
flash(gettext(u'Por favor corrige los errores'), 'error')
return False
def reset_api_key():
"""
Reset API-KEY for user.
Returns a Jinja2 template.
"""
if current_user.is_authenticated():
title = ("User: %s · Settings" "- Reset API KEY") % current_user.fullname
if request.method == "GET":
return render_template("account/reset-api-key.html", title=title)
else:
user = db.session.query(model.User).get(current_user.id)
user.api_key = model.make_uuid()
db.session.commit()
cached_users.delete_user_summary(user.name)
msg = gettext("New API-KEY generated")
flash(msg, "success")
return redirect(url_for("account.settings"))
else:
return abort(403)
def reset_api_key(name):
"""
Reset API-KEY for user.
Returns a Jinja2 template.
"""
if request.method == 'POST':
user = user_repo.get_by_name(name)
if not user:
return abort(404)
ensure_authorized_to('update', user)
user.api_key = model.make_uuid()
user_repo.update(user)
cached_users.delete_user_summary(user.name)
msg = gettext('New API-KEY generated')
flash(msg, 'success')
return redirect_content_type(url_for('account.profile', name=name))
else:
csrf = dict(form=dict(csrf=generate_csrf()))
return jsonify(csrf)
def reset_api_key(name):
"""
Reset API-KEY for user.
Returns a Jinja2 template.
"""
if request.method == 'POST':
user = user_repo.get_by_name(name)
if not user:
return abort(404)
ensure_authorized_to('update', user)
user.api_key = model.make_uuid()
user_repo.update(user)
cached_users.delete_user_summary(user.name)
msg = gettext('New API-KEY generated')
flash(msg, 'success')
return redirect_content_type(url_for('account.profile', name=name))
else:
csrf = dict(form=dict(csrf=generate_csrf()))
return jsonify(csrf)
def reset_api_key(name):
"""
Reset API-KEY for user.
Returns a Jinja2 template.
"""
user = User.query.filter_by(name=name).first()
if not user:
return abort(404)
if current_user.name != user.name:
return abort(403)
title = ("User: %s · Settings"
"- Reset API KEY") % current_user.fullname
user = db.session.query(model.user.User).get(current_user.id)
user.api_key = model.make_uuid()
db.session.commit()
cached_users.delete_user_summary(user.name)
msg = gettext('New API-KEY generated')
flash(msg, 'success')
return redirect(url_for('account.profile', name=name))
def _handle_avatar_update(user, avatar_form):
if avatar_form.validate_on_submit():
_file = request.files['avatar']
coordinates = (avatar_form.x1.data, avatar_form.y1.data,
avatar_form.x2.data, avatar_form.y2.data)
prefix = time.time()
_file.filename = "%s_avatar.png" % prefix
container = "user_%s" % user.id
uploader.upload_file(_file,
container=container,
coordinates=coordinates)
# Delete previous avatar from storage
if user.info.get('avatar'):
uploader.delete_file(user.info['avatar'], container)
user.info = {'avatar': _file.filename,
'container': container}
user_repo.update(user)
cached_users.delete_user_summary(user.name)
flash(gettext('Your avatar has been updated! It may \
take some minutes to refresh...'), 'success')
else:
flash("You have to provide an image file to update your avatar", "error")
def _handle_avatar_update(user, avatar_form):
if avatar_form.validate_on_submit():
_file = request.files['avatar']
coordinates = (avatar_form.x1.data, avatar_form.y1.data,
avatar_form.x2.data, avatar_form.y2.data)
prefix = time.time()
_file.filename = "%s_avatar.png" % prefix
container = "user_%s" % user.id
uploader.upload_file(_file,
container=container,
coordinates=coordinates)
# Delete previous avatar from storage
if user.info.get('avatar'):
uploader.delete_file(user.info['avatar'], container)
user.info = {'avatar': _file.filename,
'container': container}
user_repo.update(user)
cached_users.delete_user_summary(user.name)
flash(gettext('Your avatar has been updated! It may \
take some minutes to refresh...'), 'success')
else:
flash("You have to provide an image file to update your avatar", "error")
def update_profile():
"""
Update user's profile.
Returns Jinja2 template.
"""
form = UpdateProfileForm(obj=current_user)
form.set_locales(current_app.config['LOCALES'])
form.populate_obj(current_user)
if request.method == 'GET':
title_msg = "Update your profile: %s" % current_user.fullname
return render_template('account/update.html',
title=title_msg,
form=form)
else:
form = UpdateProfileForm(request.form)
form.set_locales(current_app.config['LOCALES'])
if form.validate():
new_profile = model.User(id=form.id.data,
fullname=form.fullname.data,
name=form.name.data,
email_addr=form.email_addr.data,
locale=form.locale.data,
ckan_api=form.ckan_api.data,
privacy_mode=form.privacy_mode.data)
db.session.query(model.User)\
.filter(model.User.id == current_user.id)\
.first()
db.session.merge(new_profile)
db.session.commit()
cached_users.delete_user_summary(current_user.name)
flash(gettext('Your profile has been updated!'), 'success')
return redirect(url_for('.profile'))
else:
flash(gettext('Please correct the errors'), 'error')
title_msg = 'Update your profile: %s' % current_user.fullname
return render_template('/account/update.html', form=form,
title=title_msg)
def update_profile():
"""
Update user's profile.
Returns Jinja2 template.
"""
form = UpdateProfileForm(obj=current_user)
form.set_locales(current_app.config['LOCALES'])
form.populate_obj(current_user)
if request.method == 'GET':
title_msg = "Update your profile: %s" % current_user.fullname
return render_template('account/update.html',
title=title_msg,
form=form)
else:
form = UpdateProfileForm(request.form)
form.set_locales(current_app.config['LOCALES'])
if form.validate():
new_profile = model.User(id=form.id.data,
fullname=form.fullname.data,
name=form.name.data,
email_addr=form.email_addr.data,
locale=form.locale.data,
ckan_api=form.ckan_api.data)
db.session.query(model.User)\
.filter(model.User.id == current_user.id)\
.first()
db.session.merge(new_profile)
db.session.commit()
cached_users.delete_user_summary(current_user.name)
flash(gettext('Your profile has been updated!'), 'success')
return redirect(url_for('.profile'))
else:
flash(gettext('Please correct the errors'), 'error')
title_msg = 'Update your profile: %s' % current_user.fullname
return render_template('/account/update.html', form=form,
title=title_msg)
def reset_api_key():
"""
Reset API-KEY for user.
Returns a Jinja2 template.
"""
if current_user.is_authenticated():
title = ("User: %s · Settings"
"- Reset API KEY") % current_user.fullname
if request.method == 'GET':
return render_template('account/reset-api-key.html',
title=title)
else:
user = db.session.query(model.User).get(current_user.id)
user.api_key = model.make_uuid()
db.session.commit()
cached_users.delete_user_summary(user.name)
msg = gettext('New API-KEY generated')
flash(msg, 'success')
return redirect(url_for('account.settings'))
else: # pragma: no cover
return abort(403)
def home():
""" Render home page with the cached apps and users"""
d = {'featured': cached_apps.get_featured_front_page(),
'top_apps': cached_apps.get_top(),
'top_users': None,
'categories': None,
'apps': None,
'n_apps_per_category': None}
if app.config['ENFORCE_PRIVACY'] and current_user.is_authenticated():
if current_user.admin:
d['top_users'] = cached_users.get_top()
if not app.config['ENFORCE_PRIVACY']:
d['top_users'] = cached_users.get_top()
# @FC
categories = cached_cat.get_all()
n_apps_per_category = dict()
apps = dict()
for c in categories:
n_apps_per_category[c.short_name] = cached_apps.n_count(c.short_name)
apps[c.short_name],count = cached_apps.get(c.short_name,1,1)
d['categories'] = categories
d['n_apps_per_category'] = n_apps_per_category
d['apps'] = apps
# Current user Survey System
if current_user.is_authenticated():
sql = text('''SELECT COUNT(task_run.id) AS task_run FROM task_run WHERE :cur_user_id=task_run.user_id''')
results = db.engine.execute(sql,cur_user_id=current_user.id)
for row in results:
num_run_task=row.task_run
if current_user.is_authenticated() and current_user.survey_check!= "None" and current_user.survey_check == "2":
if num_run_task>=30:
d['survey_three'] = True
new_profile = model.User(id=current_user.id, survey_check="3")
db.session.query(model.User).filter(model.User.id == current_user.id).first()
db.session.merge(new_profile)
db.session.commit()
cached_users.delete_user_summary(current_user.name)
elif current_user.is_authenticated() and current_user.survey_check!= "None" and current_user.survey_check == "1":
if num_run_task>=1:
d['survey_two'] = True
new_profile = model.User(id=current_user.id, survey_check="2")
db.session.query(model.User).filter(model.User.id == current_user.id).first()
db.session.merge(new_profile)
db.session.commit()
cached_users.delete_user_summary(current_user.name)
elif current_user.is_authenticated() and current_user.survey_check!= "None" and current_user.survey_check == "0":
d['survey_one'] = True
new_profile = model.User(id=current_user.id, survey_check="1")
db.session.query(model.User).filter(model.User.id == current_user.id).first()
db.session.merge(new_profile)
db.session.commit()
cached_users.delete_user_summary(current_user.name)
else:
d['survey_one'] = False
# @FC
return render_template('/home/index.html', **d)
def delete_user(name, confirmed):
"""
Deletes a user on pybossa
- Only admins will be able to delete other users.
- Does not let delete admin users.
Admin users will have to remove the user from the admin lists before they can delete then
- Marks all the task_runs of the specific user as anonymous
- Changes the ownership of all the projects owned by the user to the current_user
TODO: Clean this feature up and push this feature to pybossa core
"""
"""
Get the user object and contributed projects object from cache to enable
global helper functions to render it in a uniform way.
But Obtain the results from the non-memoized functions to get the latest state
"""
target_user = cached_users.get_user_summary(name)
if current_user.admin and target_user != None and current_user.id != target_user['id'] :
user_page_redirect = request.args.get('user_page_redirect')
if not user_page_redirect:
user_page_redirect = 1
if confirmed == "unconfirmed":
published_projects = cached_users.published_projects(target_user['id'])
draft_projects = cached_users.draft_projects(target_user['id'])
owned_projects = published_projects + draft_projects
return render_template('geotagx/users/delete_confirmation.html', \
target_user = target_user,
owned_projects = owned_projects,
user_page_redirect=user_page_redirect
)
elif confirmed == "confirmed":
"""
Retrieval of the User object necessary as the target_user object
obtained from `cached_users.get_user_summary` doesnot expose
the `admin` check that is necessary to prevent the user from
deleting other admin users, and also the SQLAlchemy `delete`
function
"""
user_object = User.query.filter_by(id=target_user['id']).first()
if user_object.admin:
# It is not allowed to delete other admin users
abort(404)
"""
Mark all task runs by the user as anonymous
Mark the user_ip field in the task_run by the username instead
to retain user identity for analytics
"""
task_runs = TaskRun.query.filter_by(user_id=target_user['id']).all()
for task_run in task_runs:
task_run.user_id = None
task_run.user_ip = "deleted_user_"+target_user['name']
db.session.commit()
"""
Change the ownership of all projects owned by the target user
to that of the current user
"""
projects = Project.query.filter_by(owner_id=target_user['id']).all()
for project in projects:
project.owner_id = current_user.id
db.session.commit()
"""
Clean cached data about the project
"""
cached_projects.clean_project(project.id)
"""
Delete the user from the database
"""
db.session.delete(user_object)
db.session.commit()
"""
Clean user data from the cache
Force Update current_user's data in the cache
"""
cached_users.delete_user_summary(target_user['id'])
cached_users.delete_user_summary(current_user.id)
flash("User <strong>"+target_user['name']+"</strong> has been successfully deleted, and all the projects owned by the user have been transferred to you.", 'success')
return redirect(url_for('geotagx-admin.manage_users', page=user_page_redirect))
else:
abort(404)
else:
abort(404)
def update_profile(name):
"""
Update user's profile.
Returns Jinja2 template.
"""
user = user_repo.get_by_name(name)
if not user:
return abort(404)
if current_user.name != name:
return abort(403)
ensure_authorized_to('update', user)
show_passwd_form = True
if user.twitter_user_id or user.google_user_id or user.facebook_user_id:
show_passwd_form = False
usr = cached_users.get_user_summary(name)
# Extend the values
user.rank = usr.get('rank')
user.score = usr.get('score')
btn = request.body.get('btn', 'None').capitalize()
if btn != 'Profile':
update_form = UpdateProfileForm(formdata=None, obj=user)
else:
update_form = UpdateProfileForm(obj=user)
update_form.set_locales(current_app.config['LOCALES'])
avatar_form = AvatarUploadForm()
password_form = ChangePasswordForm()
title_msg = "Update your profile: %s" % user.fullname
if request.method == 'POST':
# Update user avatar
succeed = False
btn = request.body.get('btn', 'None').capitalize()
if btn == 'Upload':
succeed = _handle_avatar_update(user, avatar_form)
# Update user profile
elif btn == 'Profile':
succeed = _handle_profile_update(user, update_form)
# Update user password
elif btn == 'Password':
succeed = _handle_password_update(user, password_form)
# Update user external services
elif btn == 'External':
succeed = _handle_external_services_update(user, update_form)
# Otherwise return 415
else:
return abort(415)
if succeed:
cached_users.delete_user_summary(user.name)
return redirect_content_type(url_for('.update_profile',
name=user.name),
status=SUCCESS)
else:
data = dict(template='/account/update.html',
form=update_form,
upload_form=avatar_form,
password_form=password_form,
title=title_msg,
show_passwd_form=show_passwd_form)
return handle_content_type(data)
data = dict(template='/account/update.html',
form=update_form,
upload_form=avatar_form,
password_form=password_form,
title=title_msg,
show_passwd_form=show_passwd_form)
return handle_content_type(data)
def update_profile(name):
"""
Update user's profile.
Returns Jinja2 template.
"""
user = User.query.filter_by(name=name).first()
if not user:
return abort(404)
require.user.update(user)
show_passwd_form = True
if user.twitter_user_id or user.google_user_id or user.facebook_user_id:
show_passwd_form = False
usr = cached_users.get_user_summary(name)
# Extend the values
current_user.rank = usr.get('rank')
current_user.score = usr.get('score')
# Title page
title_msg = "Update your profile: %s" % current_user.fullname
# Creation of forms
update_form = UpdateProfileForm(obj=user)
update_form.set_locales(current_app.config['LOCALES'])
avatar_form = AvatarUploadForm()
password_form = ChangePasswordForm()
external_form = update_form
if request.method == 'GET':
return render_template('account/update.html',
title=title_msg,
user=usr,
form=update_form,
upload_form=avatar_form,
password_form=password_form,
external_form=external_form,
show_passwd_form=show_passwd_form)
else:
# Update user avatar
if request.form.get('btn') == 'Upload':
avatar_form = AvatarUploadForm()
if avatar_form.validate_on_submit():
file = request.files['avatar']
coordinates = (avatar_form.x1.data, avatar_form.y1.data,
avatar_form.x2.data, avatar_form.y2.data)
prefix = time.time()
file.filename = "%s_avatar.png" % prefix
container = "user_%s" % current_user.id
uploader.upload_file(file,
container=container,
coordinates=coordinates)
# Delete previous avatar from storage
if current_user.info.get('avatar'):
uploader.delete_file(current_user.info['avatar'],
container)
current_user.info = {
'avatar': file.filename,
'container': container
}
db.session.commit()
cached_users.delete_user_summary(current_user.name)
flash(
gettext('Your avatar has been updated! It may \
take some minutes to refresh...'), 'success')
return redirect(
url_for('.update_profile', name=current_user.name))
else:
flash(
"You have to provide an image file to update your avatar",
"error")
return render_template('/account/update.html',
form=update_form,
upload_form=avatar_form,
password_form=password_form,
external_form=external_form,
title=title_msg,
show_passwd_form=show_passwd_form)
# Update user profile
elif request.form.get('btn') == 'Profile':
update_form = UpdateProfileForm()
update_form.set_locales(current_app.config['LOCALES'])
if update_form.validate():
current_user.id = update_form.id.data
current_user.fullname = update_form.fullname.data
current_user.name = update_form.name.data
current_user.email_addr = update_form.email_addr.data
current_user.privacy_mode = update_form.privacy_mode.data
current_user.locale = update_form.locale.data
db.session.commit()
cached_users.delete_user_summary(current_user.name)
flash(gettext('Your profile has been updated!'), 'success')
return redirect(
url_for('.update_profile', name=current_user.name))
else:
flash(gettext('Please correct the errors'), 'error')
title_msg = 'Update your profile: %s' % current_user.fullname
return render_template('/account/update.html',
form=update_form,
upload_form=avatar_form,
password_form=password_form,
external_form=external_form,
title=title_msg,
show_passwd_form=show_passwd_form)
# Update user password
elif request.form.get('btn') == 'Password':
# Update the data because passing it in the constructor does not work
update_form.name.data = user.name
update_form.fullname.data = user.fullname
update_form.email_addr.data = user.email_addr
update_form.ckan_api.data = user.ckan_api
external_form = update_form
if password_form.validate_on_submit():
user = db.session.query(model.user.User).get(current_user.id)
if user.check_password(password_form.current_password.data):
user.set_password(password_form.new_password.data)
db.session.add(user)
db.session.commit()
flash(
gettext('Yay, you changed your password succesfully!'),
'success')
return redirect(url_for('.update_profile', name=name))
else:
msg = gettext("Your current password doesn't match the "
"one in our records")
flash(msg, 'error')
return render_template('/account/update.html',
form=update_form,
upload_form=avatar_form,
password_form=password_form,
external_form=external_form,
title=title_msg,
show_passwd_form=show_passwd_form)
else:
flash(gettext('Please correct the errors'), 'error')
return render_template('/account/update.html',
form=update_form,
upload_form=avatar_form,
password_form=password_form,
external_form=external_form,
title=title_msg,
show_passwd_form=show_passwd_form)
# Update user external services
elif request.form.get('btn') == 'External':
del external_form.locale
del external_form.email_addr
del external_form.fullname
del external_form.name
if external_form.validate():
current_user.ckan_api = external_form.ckan_api.data or None
db.session.commit()
cached_users.delete_user_summary(current_user.name)
flash(gettext('Your profile has been updated!'), 'success')
return redirect(
url_for('.update_profile', name=current_user.name))
else:
flash(gettext('Please correct the errors'), 'error')
title_msg = 'Update your profile: %s' % current_user.fullname
return render_template('/account/update.html',
form=update_form,
upload_form=avatar_form,
password_form=password_form,
external_form=external_form,
title=title_msg,
show_passwd_form=show_passwd_form)
# Otherwise return 415
else:
return abort(415)
def update_profile(name):
"""
Update user's profile.
Returns Jinja2 template.
"""
user = user_repo.get_by_name(name)
if not user:
return abort(404)
require.user.update(user)
show_passwd_form = True
if user.twitter_user_id or user.google_user_id or user.facebook_user_id:
show_passwd_form = False
usr = cached_users.get_user_summary(name)
# Extend the values
user.rank = usr.get('rank')
user.score = usr.get('score')
# Title page
title_msg = "Update your profile: %s" % user.fullname
# Creation of forms
update_form = UpdateProfileForm(obj=user)
update_form.set_locales(current_app.config['LOCALES'])
avatar_form = AvatarUploadForm()
password_form = ChangePasswordForm()
external_form = update_form
if request.method == 'GET':
return render_template('account/update.html',
title=title_msg,
user=usr,
form=update_form,
upload_form=avatar_form,
password_form=password_form,
external_form=external_form,
show_passwd_form=show_passwd_form)
else:
acc_conf_dis = current_app.config.get('ACCOUNT_CONFIRMATION_DISABLED')
# Update user avatar
if request.form.get('btn') == 'Upload':
avatar_form = AvatarUploadForm()
if avatar_form.validate_on_submit():
file = request.files['avatar']
coordinates = (avatar_form.x1.data, avatar_form.y1.data,
avatar_form.x2.data, avatar_form.y2.data)
prefix = time.time()
file.filename = "%s_avatar.png" % prefix
container = "user_%s" % user.id
uploader.upload_file(file,
container=container,
coordinates=coordinates)
# Delete previous avatar from storage
if user.info.get('avatar'):
uploader.delete_file(user.info['avatar'], container)
user.info = {'avatar': file.filename, 'container': container}
user_repo.update(user)
cached_users.delete_user_summary(user.name)
flash(
gettext('Your avatar has been updated! It may \
take some minutes to refresh...'), 'success')
return redirect(url_for('.update_profile', name=user.name))
else:
flash(
"You have to provide an image file to update your avatar",
"error")
return render_template('/account/update.html',
form=update_form,
upload_form=avatar_form,
password_form=password_form,
external_form=external_form,
title=title_msg,
show_passwd_form=show_passwd_form)
# Update user profile
elif request.form.get('btn') == 'Profile':
update_form = UpdateProfileForm()
update_form.set_locales(current_app.config['LOCALES'])
if update_form.validate():
user.id = update_form.id.data
user.fullname = update_form.fullname.data
user.name = update_form.name.data
if (user.email_addr != update_form.email_addr.data
and acc_conf_dis is False):
user.valid_email = False
user.newsletter_prompted = False
account = dict(fullname=update_form.fullname.data,
name=update_form.name.data,
email_addr=update_form.email_addr.data)
confirm_url = get_email_confirmation_url(account)
subject = ('You have updated your email in %s! Verify it' \
% current_app.config.get('BRAND'))
msg = dict(subject=subject,
recipients=[update_form.email_addr.data],
body=render_template(
'/account/email/validate_email.md',
user=account,
confirm_url=confirm_url))
msg['html'] = markdown(msg['body'])
mail_queue.enqueue(send_mail, msg)
user.confirmation_email_sent = True
fls = gettext('An email has been sent to verify your \
new email: %s. Once you verify it, it will \
be updated.' % account['email_addr'])
flash(fls, 'info')
if acc_conf_dis:
user.email_addr = update_form.email_addr.data
user.privacy_mode = update_form.privacy_mode.data
user.locale = update_form.locale.data
user_repo.update(user)
cached_users.delete_user_summary(user.name)
flash(gettext('Your profile has been updated!'), 'success')
return redirect(url_for('.update_profile', name=user.name))
else:
flash(gettext('Please correct the errors'), 'error')
title_msg = 'Update your profile: %s' % user.fullname
return render_template('/account/update.html',
form=update_form,
upload_form=avatar_form,
password_form=password_form,
external_form=external_form,
title=title_msg,
show_passwd_form=show_passwd_form)
# Update user password
elif request.form.get('btn') == 'Password':
# Update the data because passing it in the constructor does not work
update_form.name.data = user.name
update_form.fullname.data = user.fullname
update_form.email_addr.data = user.email_addr
update_form.ckan_api.data = user.ckan_api
external_form = update_form
if password_form.validate_on_submit():
user = user_repo.get(user.id)
if user.check_password(password_form.current_password.data):
user.set_password(password_form.new_password.data)
user_repo.update(user)
flash(
gettext('Yay, you changed your password succesfully!'),
'success')
return redirect(url_for('.update_profile', name=name))
else:
msg = gettext("Your current password doesn't match the "
"one in our records")
flash(msg, 'error')
return render_template('/account/update.html',
form=update_form,
upload_form=avatar_form,
password_form=password_form,
external_form=external_form,
title=title_msg,
show_passwd_form=show_passwd_form)
else:
flash(gettext('Please correct the errors'), 'error')
return render_template('/account/update.html',
form=update_form,
upload_form=avatar_form,
password_form=password_form,
external_form=external_form,
title=title_msg,
show_passwd_form=show_passwd_form)
# Update user external services
elif request.form.get('btn') == 'External':
del external_form.locale
del external_form.email_addr
del external_form.fullname
del external_form.name
if external_form.validate():
user.ckan_api = external_form.ckan_api.data or None
user_repo.update(user)
cached_users.delete_user_summary(user.name)
flash(gettext('Your profile has been updated!'), 'success')
return redirect(url_for('.update_profile', name=user.name))
else:
flash(gettext('Please correct the errors'), 'error')
title_msg = 'Update your profile: %s' % user.fullname
return render_template('/account/update.html',
form=update_form,
upload_form=avatar_form,
password_form=password_form,
external_form=external_form,
title=title_msg,
show_passwd_form=show_passwd_form)
# Otherwise return 415
else:
return abort(415)
def update_profile(name):
"""
Update user's profile.
Returns Jinja2 template.
"""
user = User.query.filter_by(name=name).first()
if not user:
return abort(404)
require.user.update(user)
show_passwd_form = True
if user.twitter_user_id or user.google_user_id or user.facebook_user_id:
show_passwd_form = False
usr = cached_users.get_user_summary(name)
# Extend the values
current_user.rank = usr.get('rank')
current_user.score = usr.get('score')
# Title page
title_msg = "Update your profile: %s" % current_user.fullname
# Creation of forms
update_form = UpdateProfileForm(obj=user)
update_form.set_locales(current_app.config['LOCALES'])
avatar_form = AvatarUploadForm()
password_form = ChangePasswordForm()
external_form = update_form
if request.method == 'GET':
return render_template('account/update.html',
title=title_msg,
user=usr,
form=update_form,
upload_form=avatar_form,
password_form=password_form,
external_form=external_form,
show_passwd_form=show_passwd_form)
else:
# Update user avatar
if request.form.get('btn') == 'Upload':
avatar_form = AvatarUploadForm()
if avatar_form.validate_on_submit():
file = request.files['avatar']
coordinates = (avatar_form.x1.data, avatar_form.y1.data,
avatar_form.x2.data, avatar_form.y2.data)
prefix = time.time()
file.filename = "%s_avatar.png" % prefix
container = "user_%s" % current_user.id
uploader.upload_file(file,
container=container,
coordinates=coordinates)
# Delete previous avatar from storage
if current_user.info.get('avatar'):
uploader.delete_file(current_user.info['avatar'], container)
current_user.info = {'avatar': file.filename,
'container': container}
db.session.commit()
cached_users.delete_user_summary(current_user.name)
flash(gettext('Your avatar has been updated! It may \
take some minutes to refresh...'), 'success')
return redirect(url_for('.update_profile', name=current_user.name))
else:
flash("You have to provide an image file to update your avatar",
"error")
return render_template('/account/update.html',
form=update_form,
upload_form=avatar_form,
password_form=password_form,
external_form=external_form,
title=title_msg,
show_passwd_form=show_passwd_form)
# Update user profile
elif request.form.get('btn') == 'Profile':
update_form = UpdateProfileForm()
update_form.set_locales(current_app.config['LOCALES'])
if update_form.validate():
current_user.id = update_form.id.data
current_user.fullname = update_form.fullname.data
current_user.name = update_form.name.data
current_user.email_addr = update_form.email_addr.data
current_user.privacy_mode = update_form.privacy_mode.data
current_user.locale = update_form.locale.data
db.session.commit()
cached_users.delete_user_summary(current_user.name)
flash(gettext('Your profile has been updated!'), 'success')
return redirect(url_for('.update_profile', name=current_user.name))
else:
flash(gettext('Please correct the errors'), 'error')
title_msg = 'Update your profile: %s' % current_user.fullname
return render_template('/account/update.html',
form=update_form,
upload_form=avatar_form,
password_form=password_form,
external_form=external_form,
title=title_msg,
show_passwd_form=show_passwd_form)
# Update user password
elif request.form.get('btn') == 'Password':
# Update the data because passing it in the constructor does not work
update_form.name.data = user.name
update_form.fullname.data = user.fullname
update_form.email_addr.data = user.email_addr
update_form.ckan_api.data = user.ckan_api
external_form = update_form
if password_form.validate_on_submit():
user = db.session.query(model.user.User).get(current_user.id)
if user.check_password(password_form.current_password.data):
user.set_password(password_form.new_password.data)
db.session.add(user)
db.session.commit()
flash(gettext('Yay, you changed your password succesfully!'),
'success')
return redirect(url_for('.update_profile', name=name))
else:
msg = gettext("Your current password doesn't match the "
"one in our records")
flash(msg, 'error')
return render_template('/account/update.html',
form=update_form,
upload_form=avatar_form,
password_form=password_form,
external_form=external_form,
title=title_msg,
show_passwd_form=show_passwd_form)
else:
flash(gettext('Please correct the errors'), 'error')
return render_template('/account/update.html',
form=update_form,
upload_form=avatar_form,
password_form=password_form,
external_form=external_form,
title=title_msg,
show_passwd_form=show_passwd_form)
# Update user external services
elif request.form.get('btn') == 'External':
del external_form.locale
del external_form.email_addr
del external_form.fullname
del external_form.name
if external_form.validate():
current_user.ckan_api = external_form.ckan_api.data or None
db.session.commit()
cached_users.delete_user_summary(current_user.name)
flash(gettext('Your profile has been updated!'), 'success')
return redirect(url_for('.update_profile', name=current_user.name))
else:
flash(gettext('Please correct the errors'), 'error')
title_msg = 'Update your profile: %s' % current_user.fullname
return render_template('/account/update.html',
form=update_form,
upload_form=avatar_form,
password_form=password_form,
external_form=external_form,
title=title_msg,
show_passwd_form=show_passwd_form)
# Otherwise return 415
else:
return abort(415)
def update_profile(name):
"""
Update user's profile.
Returns Jinja2 template.
"""
user = user_repo.get_by_name(name)
if not user:
return abort(404)
ensure_authorized_to('update', user)
show_passwd_form = True
if user.twitter_user_id or user.google_user_id or user.facebook_user_id or user.wechat_user_id or user.weibo_user_id:
show_passwd_form = False
usr = cached_users.get_user_summary(name)
# Extend the values
user.rank = usr.get('rank')
user.score = usr.get('score')
btn = request.body.get('btn', 'None').capitalize()
if btn != 'Profile':
update_form = UpdateProfileForm(formdata=None, obj=user)
else:
update_form = UpdateProfileForm(obj=user)
update_form.set_locales(current_app.config['LOCALES'])
avatar_form = AvatarUploadForm()
password_form = ChangePasswordForm()
title_msg = "Update your profile: %s" % user.fullname
if request.method == 'POST':
# Update user avatar
succeed = False
btn = request.body.get('btn', 'None').capitalize()
if btn == 'Upload':
succeed = _handle_avatar_update(user, avatar_form)
# Update user profile
elif btn == 'Profile':
succeed = _handle_profile_update(user, update_form)
# Update user password
elif btn == 'Password':
succeed = _handle_password_update(user, password_form)
# Update user external services
elif btn == 'External':
succeed = _handle_external_services_update(user, update_form)
# Otherwise return 415
else:
return abort(415)
if succeed:
cached_users.delete_user_summary(user.name)
return redirect_content_type(url_for('.update_profile',
name=user.name),
status=SUCCESS)
else:
data = dict(template='/account/update.html',
form=update_form,
upload_form=avatar_form,
password_form=password_form,
title=title_msg,
show_passwd_form=show_passwd_form)
return handle_content_type(data)
data = dict(template='/account/update.html',
form=update_form,
upload_form=avatar_form,
password_form=password_form,
title=title_msg,
show_passwd_form=show_passwd_form)
return handle_content_type(data)
def update_profile():
"""
Update user's profile.
Returns Jinja2 template.
"""
form = UpdateProfileForm()
upload_form = AvatarUploadForm()
if request.method == 'GET':
form = UpdateProfileForm(obj=current_user)
form.set_locales(current_app.config['LOCALES'])
form.populate_obj(current_user)
title_msg = "Update your profile: %s" % current_user.fullname
return render_template('account/update.html',
title=title_msg,
form=form,
upload_form=upload_form)
else:
form = UpdateProfileForm(request.form)
upload_form = AvatarUploadForm(request.form)
form.set_locales(current_app.config['LOCALES'])
if request.form['btn'] == 'Upload':
avatar = request.files['avatar']
extension = avatar.filename.rsplit(".")[1]
coordinates = (upload_form.x1.data, upload_form.y1.data,
upload_form.x2.data, upload_form.y2.data)
prefix = time.time()
avatar.filename = "%s_avatar.%s" % (prefix, extension)
container = "user_%s" % current_user.id
uploader.upload_file(avatar,
container=container,
coordinates=coordinates)
# Delete previous avatar from storage
if 'avatar' in current_user.info:
uploader.delete_file(current_user.info['avatar'], container)
current_user.info = {'avatar': avatar.filename,
'container': container}
db.session.commit()
cached_users.delete_user_summary(current_user.name)
flash(gettext('Your avatar has been updated! It may \
take some minutes to refresh...'), 'success')
return redirect(url_for('.profile'))
else:
if form.validate():
current_user.id = form.id.data
current_user.fullname = form.fullname.data
current_user.name = form.name.data
current_user.email_addr = form.email_addr.data
current_user.ckan_api = form.ckan_api.data
current_user.privacy_mode = form.privacy_mode.data
db.session.commit()
cached_users.delete_user_summary(current_user.name)
flash(gettext('Your profile has been updated!'), 'success')
return redirect(url_for('.profile'))
else:
flash(gettext('Please correct the errors'), 'error')
title_msg = 'Update your profile: %s' % current_user.fullname
return render_template('/account/update.html', form=form,
upload_form=upload_form,
title=title_msg)
