예제 #1
0
    def post(self):
        username = self.get_argument("email", "").strip().lower()
        password = self.get_argument("newpass", "")
        info = {}
        for info_column in ("name", "affiliation", "address", "phone"):
            hold = self.get_argument(info_column, None)
            if hold:
                info[info_column] = hold

        created = False
        try:
            created = User.create(username, password, info)
        except QiitaDBDuplicateError:
            msg = "Email already registered as a user"

        if created:
            info = created.info
            try:
                # qiita_config.base_url doesn't have a / at the end, but the
                # qiita_config.portal_dir has it at the beginning but not at
                # the end. This constructs the correct URL
                url = qiita_config.base_url + qiita_config.portal_dir
                send_email(
                    username, "QIITA: Verify Email Address", "Please "
                    "click the following link to verify email address: "
                    "%s/auth/verify/%s?email=%s\n\nBy clicking you are "
                    "accepting our term and conditions: "
                    "%s/iframe/?iframe=qiita-terms" %
                    (url, info['user_verify_code'], url_escape(username), url))
            except Exception:
                msg = ("Unable to send verification email. Please contact the "
                       "qiita developers at <a href='mailto:qiita.help"
                       "@gmail.com'>[email protected]</a>")
                self.redirect(u"%s/?level=danger&message=%s" %
                              (qiita_config.portal_dir, url_escape(msg)))
                return

            msg = ("<h3>User Successfully Created</h3><p>Your Qiita account "
                   "has been successfully created. An email has been sent to "
                   "the email address you provided. This email contains "
                   "instructions on how to activate your account.</p>"
                   "<p>If you don't receive your activation email within a "
                   "couple of minutes, check your spam folder. If you still "
                   "don't see it, send us an email at <a "
                   "href=\"mailto:[email protected]\">[email protected]"
                   "</a>.</p>")
            self.redirect(u"%s/?level=success&message=%s" %
                          (qiita_config.portal_dir, url_escape(msg)))
        else:
            error_msg = u"?error=" + url_escape(msg)
            self.redirect(u"%s/auth/create/%s" %
                          (qiita_config.portal_dir, error_msg))
예제 #2
0
    def post(self):
        message = ""
        level = ""
        page = "lost_pass.html"
        user_id = None

        try:
            user = User(self.get_argument("email"))
        except QiitaDBUnknownIDError:
            message = "ERROR: Unknown user."
            level = "danger"
        else:
            user_id = user.id
            user.generate_reset_code()
            info = user.info
            try:
                # qiita_config.base_url doesn't have a / at the end, but the
                # qiita_config.portal_dir has it at the beginning but not at
                # the end. This constructs the correct URL
                url = qiita_config.base_url + qiita_config.portal_dir
                send_email(
                    user.id, "Qiita: Password Reset", "Please go to "
                    "the following URL to reset your password: \n"
                    "%s/auth/reset/%s  \nYou "
                    "have 30 minutes from the time you requested a "
                    "reset to change your password. After this period, "
                    "you will have to request another reset." %
                    (url, info["pass_reset_code"]))
                message = ("Check your email for the reset code.")
                level = "success"
                page = "index.html"
            except Exception as e:
                message = ("Unable to send email. Error has been registered. "
                           "Your password has not been reset.")
                level = "danger"
                LogEntry.create('Runtime',
                                "Unable to send forgot password "
                                "email: %s" % str(e),
                                info={'User': user.id})

        self.render(page, user=user_id, message=message, level=level)
예제 #3
0
def artifact_patch_request(user,
                           artifact_id,
                           req_op,
                           req_path,
                           req_value=None,
                           req_from=None):
    """Modifies an attribute of the artifact

    Parameters
    ----------
    user : qiita_db.user.User
        The user performing the patch operation
    artifact_id : int
        Id of the artifact in which the patch operation is being performed
    req_op : str
        The operation to perform on the artifact
    req_path : str
        The prep information and attribute to patch
    req_value : str, optional
        The value that needs to be modified
    req_from : str, optional
        The original path of the element

    Raises
    ------
    QiitaHTTPError
        If `req_op` != 'replace'
        If the path parameter is incorrect
        If missing req_value
        If the attribute to replace is not known
    """
    if req_op == 'replace':
        req_path = [v for v in req_path.split('/') if v]
        if len(req_path) != 1:
            raise QiitaHTTPError(404, 'Incorrect path parameter')

        attribute = req_path[0]

        # Check if the user actually has access to the artifact
        artifact = Artifact(artifact_id)
        check_artifact_access(user, artifact)

        if not req_value:
            raise QiitaHTTPError(404, 'Missing value to replace')

        if attribute == 'name':
            artifact.name = req_value
            return
        elif attribute == 'visibility':
            if req_value not in get_visibilities():
                raise QiitaHTTPError(
                    400, 'Unknown visibility value: %s' % req_value)

            if (req_value == 'private' and qiita_config.require_approval
                    and not user.level == 'admin'):
                raise QiitaHTTPError(
                    403, 'User does not have permissions '
                    'to approve change')

            try:
                artifact.visibility = req_value
            except Exception as e:
                raise QiitaHTTPError(403, str(e).replace('\n', '<br/>'))

            sid = artifact.study.id
            if artifact.visibility == 'awaiting_approval':
                email_to = '*****@*****.**'
                subject = ('QIITA: Artifact %s awaiting_approval. Study %d, '
                           'Prep %d' %
                           (artifact_id, sid, artifact.prep_templates[0].id))
                message = ('%s requested approval. <a '
                           'href="https://qiita.ucsd.edu/study/description/'
                           '%d">Study %d</a>.' % (user.email, sid, sid))
                try:
                    send_email(email_to, subject, message)
                except Exception:
                    msg = ("Couldn't send email to admins, please email us "
                           "directly to <a href='mailto:{0}'>{0}</a>.".format(
                               email_to))
                    raise QiitaHTTPError(400, msg)
            else:
                msg = '%s changed artifact %s (study %d) to %s' % (
                    user.email, artifact_id, sid, req_value)
                LogEntry.create('Warning', msg)
        else:
            # We don't understand the attribute so return an error
            raise QiitaHTTPError(
                404, 'Attribute "%s" not found. Please, '
                'check the path parameter' % attribute)
    else:
        raise QiitaHTTPError(
            400, 'Operation "%s" not supported. Current '
            'supported operations: replace' % req_op)