def _on_submit(self):
try:
user = auth.get_user(self.val('login'))
if user.status != auth.USER_STATUS_ACTIVE:
return
token = util.random_password(64, True)
_RESET_TOKENS_POOL.put(token, user.login, _RESET_TOKEN_TTL)
reset_url = router.rule_url('auth_ui_password@reset',
{'token': token})
msg_body = tpl.render(
'auth_ui_password@mail/{}/reset-password'.format(
lang.get_current()), {
'user': user,
'reset_url': reset_url
})
mail.Message(
user.login,
lang.t('auth_ui_password@reset_password_mail_subject'),
msg_body).send()
router.session().add_info_message(
lang.t('auth_ui_password@check_email_for_instructions'))
except auth.error.UserNotFound:
pass
def on_router_dispatch():
try:
api_key = google_maps.helpers.get_google_api_key()
metatag.t_set('pytsite-google-maps-api-key', api_key)
except google_maps.error.GoogleApiKeyNotDefined:
if auth.get_current_user().has_role('dev'):
router.session().add_warning_message(lang.t('google_maps_ui@plugin_setup_required_warning'))
def on_auth_sign_up(user: auth.AbstractUser):
# Set session notification
router.session().add_success_message(
lang.t('auth_ui@registration_form_success'))
# Send a confirmation email to the user
if auth.is_sign_up_confirmation_required():
msg = tpl.render(
'auth_ui@mail/{}/sign-up'.format(lang.get_current()), {
'user':
user,
'confirm_url':
router.rule_url('auth_ui@sign_up_confirm',
{'code': user.confirmation_hash})
if not user.is_confirmed else None
})
mail.Message(user.login, lang.t('auth_ui@confirm_registration'),
msg).send()
# Send a notification emails to admins
if auth.is_sign_up_admins_notification_enabled():
for admin in auth.get_admin_users():
msg = tpl.render(
'auth_ui@mail/{}/sign-up-admin-notify'.format(
lang.get_current()), {
'admin': admin,
'user': user,
})
mail.Message(admin.login,
lang.t('auth_ui@registration_admin_notify'),
msg).send()
def _clear_state(self):
"""Clear state.
"""
if 'oauth.twitter.session' in _router.session():
del _router.session()['oauth.twitter.session']
return self
def router_dispatch():
"""'pytsite.router.dispatch' event handler.
"""
if _auth.get_current_user().has_role('dev'):
if not _reg.get('tumblr.app_key') or not _reg.get('tumblr.app_secret'):
_router.session().add_warning_message(
_lang.t('tumblr@plugin_setup_required_warning'))
def router_dispatch():
"""'pytsite.router.dispatch' event handler.
"""
try:
_metatag.t_set('fb:app_id', _api.get_app_id())
except (_error.AppIdNotSet, _error.AppSecretNotSet):
if _auth.get_current_user().is_dev:
_router.session().add_warning_message(
_lang.t('facebook@plugin_setup_required_warning'))
def exec(self):
"""Unsubscribe from content digest
"""
s = _odm.dispense('content_digest_subscriber', self.arg('sid'))
if s:
s.f_set('enabled', False).save()
_router.session().add_success_message(
_lang.t('content_digest@unsubscription_successful'))
return self.redirect(_router.base_url())
def router_dispatch():
"""'pytsite.router.dispatch' handler.
"""
t_id = _reg.get('google_analytics.tracking_id')
if not t_id and _auth.get_current_user().has_role('dev'):
_router.session().add_warning_message(
_lang.t('google_analytics@plugin_setup_required_warning'))
else:
_assetman.inline_js(
_tpl.render('google_analytics@counter', {'tracking_id': t_id}))
def router_dispatch():
"""'pytsite.router.dispatch' handler.
"""
counter_id = _reg.get('yandex_metrika.counter_id')
if not counter_id and _auth.get_current_user().has_role('dev'):
_router.session().add_warning_message(
_lang.t('yandex_metrika@plugin_setup_required_warning'))
else:
_assetman.add_inline_js(
_tpl.render('yandex_metrika@counter', {'counter_id': counter_id}))
def router_dispatch():
"""pytsite.router.dispatch
"""
try:
client_id = auth_google.get_client_id()
metatag.t_set('google-signin-client_id', client_id)
metatag.t_set('pytsite-auth-google-client-id', client_id)
except auth_google.error.ClientIdNotDefined:
if auth.get_current_user().has_role('dev'):
router.session().add_warning_message(lang.t('auth_ui_google@plugin_setup_required_warning'))
def odm_ui_m_form_submit(self, frm: form.Form):
"""Hook
"""
# Populate form values to entity fields
for f_name, f_value in frm.values.items():
if self.has_field(f_name):
self.f_set(f_name, f_value)
# Save entity
self.save()
router.session().add_info_message(
lang.t('odm_ui@operation_successful'))
def router_dispatch():
"""'pytsite.router.dispatch' handler
"""
pub_id = reg.get('addthis.pub_id')
if pub_id:
assetman.inline_js(
'<script src="//s7.addthis.com/js/300/addthis_widget.js#pubid={}"></script>'
.format(pub_id))
elif auth.get_current_user().has_role('dev'):
router.session().add_warning_message(
lang.t('addthis@plugin_setup_required_warning'))
def exec(self):
"""Authorization.
"""
# Check for errors
error = self.arg('error_description')
if error:
_router.session().add_error_message(error)
# Initializing authorization session
auth_session = _AuthSession(self.arg('state'))
return self.redirect(_router.url(auth_session.redirect_uri, query=self.args))
def _on_submit(self):
e_type = self.attr('e_type')
eids = self.attr('eids', [])
try:
for eid in eids:
if e_type == 'role':
auth.get_role(uid=eid).delete()
elif e_type == 'user':
auth.get_user(uid=eid).delete()
except errors.ForbidDeletion as e:
router.session().add_error_message(str(e))
return
def _on_submit(self):
from ._api import dispense_entity
# Dispense entity
entity = dispense_entity(self.attr('model'), self.attr('eid'))
# Fill entity fields
try:
entity.odm_ui_m_form_submit(self)
except Exception as e:
router.session().add_error_message(str(e))
raise e
# Process 'special' redirect endpoint
if self.redirect == 'ENTITY_VIEW':
self.redirect = entity.odm_ui_view_url()
def _on_submit(self):
from ._api import dispense_entity
model = self.attr('model')
try:
# Ask entities to process deletion
for eid in self.attr('eids', self.attr('ids', [])):
dispense_entity(model, eid).odm_ui_d_form_submit()
router.session().add_info_message(
lang.t('odm_ui@operation_successful'))
# Entity deletion was forbidden
except errors.ForbidDeletion as e:
logger.error(e)
router.session().add_error_message(
lang.t('odm_ui@entity_deletion_forbidden') + '. ' + str(e))
def _on_submit(self):
"""Hook
"""
try:
token = self.attr('token')
user = auth.get_user(_RESET_TOKENS_POOL.get(token))
auth.switch_user_to_system()
user.password = self.val('password')
user.save()
auth.restore_user()
_RESET_TOKENS_POOL.rm(token)
router.session().add_success_message(
lang.t('auth_ui_password@reset_password_success'))
self.redirect = router.rule_url('auth_ui@sign_in',
{'driver': 'password'})
except auth.error.UserNotFound:
raise RuntimeError('Invalid token')
def exec(self):
try:
# Search for user
user = next(
auth.find_users(
query.Query(query.Eq('confirmation_hash',
self.arg('code')))))
except StopIteration:
# No user found, redirect to sign in URL
return self.redirect(_api.sign_in_url(redirect=router.base_url()))
try:
auth.switch_user_to_system()
user.confirmation_hash = None
if user.status == auth.USER_STATUS_WAITING:
user.status = auth.get_new_user_status()
user.save()
finally:
auth.restore_user()
router.session().add_success_message(
lang.t('auth_ui@registration_confirm_success'))
return self.redirect(_api.sign_in_url(redirect=router.base_url()))
def _on_submit(self):
setting_uid = self.attr('setting_uid')
# Extract all values who's name starts with 'setting_'
setting_value = reg.get(setting_uid, {})
for k, v in self.values.items():
if k.startswith('setting_'):
k = _re.sub('^setting_', '', k)
if isinstance(v, (list, tuple)):
v = util.cleanup_list(v)
if isinstance(v, dict):
v = util.cleanup_dict(v)
setting_value[k] = v
# Update settings
reg.put(setting_uid, setting_value)
# Notify user
router.session().add_success_message(lang.t('settings@settings_has_been_saved'))
self.redirect = router.rule_url('settings@get_form', {'uid': setting_uid})
def _get_state(self) -> dict:
"""Get state.
"""
if self._oauth_token and self._oauth_token_secret:
return {'stage': 'ready'}
default = {
'stage': 'new',
'time': _dt.now(),
'oauth_token': None,
'oauth_token_secret': None
}
state = _router.session().get('oauth.twitter.session')
if not state or (_dt.now() - state['time']).seconds > 60:
state = default
return state
def exec(self):
# Check for error from Google
error = self.arg('error')
if error == 'access_denied':
raise self.forbidden(
lang.t('auth_ui_google@user_declined_authorization'))
# Check for code from Google
code = self.arg('code')
if code:
# Restore flow from session
flow = router.session().get(
'google_oauth2_flow') # type: OAuth2WebServerFlow
if not flow:
raise self.forbidden('Cannot retrieve stored OAuth2 flow')
# Exchange code to credentials
credentials = flow.step2_exchange(code)
user = auth.get_current_user()
user.set_option('google_oauth2_credentials', credentials.to_json())
user.save()
final_redirect = router.session().get(
'google_oauth2_final_redirect', router.base_url())
router.session().pop('google_oauth2_flow')
router.session().pop('google_oauth2_final_redirect')
return self.redirect(final_redirect)
else:
# Request new code from Google
scope = self.args.pop('scope') # type: str
if scope and ',' in scope:
scope = scope.split(',')
flow = auth_google.create_oauth2_flow(
scope, router.current_url(True, query=dict(self.args)))
router.session()['google_oauth2_flow'] = flow
router.session()['google_oauth2_final_redirect'] = self.args.pop(
'__redirect', router.base_url())
return self.redirect(flow.step1_get_authorize_url())
def router_dispatch():
"""'pytsite.router.dispatch' event handler.
"""
if not reg.get('disqus.short_name') and auth.get_current_user().has_role('dev'):
router.session().add_warning_message(lang.t('disqus@plugin_setup_required_warning'))
def router_dispatch():
if _auth.get_current_user().has_role('dev'):
if not _reg.get('vkontakte.app_id') or not _reg.get('vkontakte.app_secret'):
_router.session().add_warning_message(_lang.t('vkontakte@plugin_setup_required_warning'))
def _set_state(self, state: dict):
"""Set state.
"""
_router.session()['oauth.twitter.session'] = state
return self
def router_dispatch():
if _reload.get_flag() and _auth.get_current_user().is_admin:
_router.session().add_warning_message(_lang.t('reload_ui@reload_required'))
def exec(self):
from . import _api
model = self.arg('model')
entity = _api.find(model, status='*', check_publish_time=False) \
.eq('_id', self.arg('eid')) \
.first() # type: _model.ContentWithURL
# Check entity existence
if not entity:
raise self.not_found()
# Check permissions
if not entity.odm_auth_check_entity_permissions(CONTENT_PERM_VIEW):
raise self.not_found()
# Show non-published entities only to authors and users who can edit or delete them
c_user = auth.get_current_user()
if (entity.has_field('publish_time') and entity.publish_time > datetime.now()) or \
(entity.has_field('status') and entity.status in (CONTENT_STATUS_UNPUBLISHED, CONTENT_STATUS_WAITING)):
if not (entity.author == c_user
or entity.odm_auth_check_entity_permissions(
[PERM_MODIFY, PERM_DELETE])):
raise self.not_found()
# Show warnings about unpublished entities
if entity.has_field(
'publish_time') and entity.publish_time > datetime.now():
router.session().add_warning_message(
lang.t('content@content_warning_future_publish_time'))
if entity.has_field('status') and entity.status in (
CONTENT_STATUS_UNPUBLISHED, CONTENT_STATUS_WAITING):
router.session().add_warning_message(
lang.t('content@content_status_warning_{}'.format(
entity.status)))
# Breadcrumb
breadcrumb = widget.select.Breadcrumb('content-index-breadcrumb')
breadcrumb.append_item(lang.t('content@home_page'), router.base_url())
entity.content_breadcrumb(breadcrumb)
# Meta title
if entity.has_field('title'):
title = entity.title
metatag.t_set('title', title)
metatag.t_set('og:title', title)
metatag.t_set('twitter:title', title)
# Meta description
if entity.has_field('description'):
description = entity.f_get('description')
metatag.t_set('description', description)
metatag.t_set('og:description', description)
metatag.t_set('twitter:description', description)
# Meta keywords
if entity.has_field('tags'):
metatag.t_set('keywords', entity.f_get('tags', as_string=True))
# Meta image
if entity.has_field('images') and entity.images:
metatag.t_set('twitter:card', 'summary_large_image')
image_w = 900
image_h = 500
image_url = entity.images[0].get_url(width=image_w, height=image_h)
metatag.t_set('og:image', image_url)
metatag.t_set('og:image:width', str(image_w))
metatag.t_set('og:image:height', str(image_h))
metatag.t_set('twitter:image', image_url)
else:
metatag.t_set('twitter:card', 'summary')
# Various metatags
metatag.t_set('og:type', 'article')
metatag.t_set('og:url', entity.url)
metatag.t_set('article:publisher', entity.url)
# 'Author' metatag
if entity.has_field('author') and entity.author:
metatag.t_set('author', entity.author.first_last_name)
metatag.t_set('article:author', entity.author.first_last_name)
# Alternate languages URLs
for lng in lang.langs(False):
f_name = 'localization_' + lng
if entity.has_field(f_name) and entity.f_get(f_name):
hreflang.put(lng, entity.f_get(f_name).url)
else:
hreflang.remove(lng)
# Update args
self.args.update({
'entity': entity,
'breadcrumb': breadcrumb,
})
# Notify listeners
events.fire('content@view', entity=entity)
try:
# Call a controller provided by application
return router.call('content_view', self.args)
except routing.error.RuleNotFound:
# Render a template provided by application
return tpl.render('content/view', self.args)