def __init__(self):
if (self.disallow_api or self.moderator_only
or self.admin_only) and weasyl.api.is_api_user():
raise web.forbidden()
self.user_id = define.get_userid()
self.status = define.common_status_check(self.user_id)
# Status check
if self.status:
self.replace_methods(self.status_check_fail)
return
# Guest check
if self.guest_required and self.user_id != 0:
self.replace_methods(self.login_guest_fail)
return
# Login check
if self.login_required and self.user_id == 0:
self.replace_methods(self.login_check_fail)
return
# Permission check
if self.moderator_only and self.user_id not in staff.MODS:
self.replace_methods(self.permission_check_fail)
return
if self.admin_only and self.user_id not in staff.ADMINS:
self.replace_methods(self.permission_check_fail)
return
def __init__(self):
if (self.disallow_api or self.moderator_only or self.admin_only) and weasyl.api.is_api_user():
raise web.forbidden()
self.user_id = define.get_userid()
self.status = define.common_status_check(self.user_id)
# Status check
if self.status:
self.replace_methods(self.status_check_fail)
return
# Guest check
if self.guest_required and self.user_id != 0:
self.replace_methods(self.login_guest_fail)
return
# Login check
if self.login_required and self.user_id == 0:
self.replace_methods(self.login_check_fail)
return
# Permission check
if self.moderator_only and self.user_id not in staff.MODS:
self.replace_methods(self.permission_check_fail)
return
if self.admin_only and self.user_id not in staff.ADMINS:
self.replace_methods(self.permission_check_fail)
return
def POST(self):
if define.common_status_check(self.user_id) != "resetpassword":
return define.errorpage(self.user_id, errorcode.permission)
form = web.input(password="", passcheck="")
resetpassword.force(self.user_id, form)
raise web.seeother("/index")
def force_resetpassword_(request):
if define.common_status_check(request.userid) != "resetpassword":
return Response(define.errorpage(request.userid, errorcode.permission))
form = request.web_input(password="", passcheck="")
resetpassword.force(request.userid, form)
raise HTTPSeeOther(location="/", headers=request.response.headers)
def POST(self):
if define.common_status_check(self.user_id) != "resetpassword":
return define.errorpage(self.user_id, errorcode.permission)
form = web.input(password="", passcheck="")
resetpassword.force(self.user_id, form)
raise web.seeother("/index")
def force_resetpassword_(request):
if define.common_status_check(request.userid) != "resetpassword":
return Response(define.errorpage(request.userid, errorcode.permission))
form = request.web_input(password="", passcheck="")
resetpassword.force(request.userid, form)
raise HTTPSeeOther(location="/", headers=request.response.headers)
def force_resetbirthday_(request):
if define.common_status_check(request.userid) != "resetbirthday":
return define.errorpage(request.userid, errorcode.permission)
form = request.web_input(birthday="")
birthday = define.convert_inputdate(form.birthday)
profile.force_resetbirthday(request.userid, birthday)
raise HTTPSeeOther(location="/", headers=request.response.headers)
def POST(self):
if define.common_status_check(self.user_id) != "resetbirthday":
return define.errorpage(self.user_id, errorcode.permission)
form = web.input(birthday="")
birthday = define.convert_inputdate(form.birthday)
profile.force_resetbirthday(self.user_id, birthday)
raise web.seeother("/index")
def force_resetbirthday_(request):
if define.common_status_check(request.userid) != "resetbirthday":
return define.errorpage(request.userid, errorcode.permission)
form = request.web_input(birthday="")
birthday = define.convert_inputdate(form.birthday)
profile.force_resetbirthday(request.userid, birthday)
raise HTTPSeeOther(location="/", headers=request.response.headers)
def status_check_tween(request):
status = d.common_status_check(request.userid)
if status:
# Permit POST'ing to the forced password reset path (handle the request normally)
if request.method == "POST" and request.path == "/force/resetpassword":
return handler(request)
# Otherwise force the user to the corresponding `status` page.
return Response(d.common_status_page(request.userid, status))
return handler(request)
def POST(self):
if define.common_status_check(self.user_id) != "resetbirthday":
return define.errorpage(self.user_id, errorcode.permission)
form = web.input(birthday="")
birthday = define.convert_inputdate(form.birthday)
profile.force_resetbirthday(self.user_id, birthday)
raise web.seeother("/index")
def admin_render_page(template_path, args=()):
userid = d.get_userid()
status = d.common_status_check(userid)
if status:
return d.common_status_page(userid, status)
elif not userid:
return d.webpage(userid)
elif userid not in staff.ADMINS:
return d.webpage(userid, errorcode.permission)
else:
return d.webpage(userid, template_path, args)
def force_resetpassword_(request):
if define.common_status_check(request.userid) != "resetpassword":
return Response(define.errorpage(request.userid, errorcode.permission))
form = request.web_input(password="", passcheck="")
resetpassword.force(request.userid, form)
# Invalidate all other user sessions for this user.
profile.invalidate_other_sessions(request.userid)
raise HTTPSeeOther(location="/", headers=request.response.headers)
def GET(self):
status = define.common_status_check(self.user_id)
if status:
return define.common_status_page(self.user_id, status)
elif not self.user_id:
return define.webpage(self.user_id)
return define.webpage(self.user_id, "manage/alias.html", [
# Alias
useralias.select(self.user_id),
])
def admin_render_page(template_path, args=()):
userid = d.get_userid()
status = d.common_status_check(userid)
if status:
return d.common_status_page(userid, status)
elif not userid:
return d.webpage(userid)
elif userid not in staff.ADMINS:
return d.webpage(userid, errorcode.permission)
else:
return d.webpage(userid, template_path, args)
def force_resetpassword_(request):
if define.common_status_check(request.userid) != "resetpassword":
raise WeasylError('InsufficientPermissions')
form = request.web_input(password="", passcheck="")
resetpassword.force(request.userid, form)
# Invalidate all other user sessions for this user.
profile.invalidate_other_sessions(request.userid)
raise HTTPSeeOther(location="/", headers=request.response.headers)
def manage_alias_get_(request):
status = define.common_status_check(request.userid)
if status:
return Response(define.common_status_page(request.userid, status))
elif not request.userid:
return Response(define.webpage(request.userid))
return Response(define.webpage(request.userid, "manage/alias.html", [
# Alias
useralias.select(request.userid),
], title="Edit Username Alias"))
def manage_alias_get_(request):
status = define.common_status_check(request.userid)
if status:
return Response(define.common_status_page(request.userid, status))
elif not request.userid:
return Response(define.webpage(request.userid))
return Response(define.webpage(request.userid, "manage/alias.html", [
# Alias
useralias.select(request.userid),
]))
def force_resetpassword_(request):
if define.common_status_check(request.userid) != "resetpassword":
return Response(define.errorpage(request.userid, errorcode.permission))
form = request.web_input(password="", passcheck="")
resetpassword.force(request.userid, form)
# Invalidate all other user sessions for this user.
profile.invalidate_other_sessions(request.userid)
raise HTTPSeeOther(location="/", headers=request.response.headers)
def GET(self):
status = define.common_status_check(self.user_id)
if status:
return define.common_status_page(self.user_id, status)
elif not self.user_id:
return define.webpage(self.user_id)
return define.webpage(
self.user_id,
"manage/alias.html",
[
# Alias
useralias.select(self.user_id),
])
def POST(self):
userid = d.get_userid()
status = d.common_status_check(userid)
if status:
return d.common_status_page(userid, status)
elif not userid:
return d.webpage(userid)
elif userid not in staff.MODS:
return d.webpage(userid, d.errorcode.permission)
form = web.input(title="", content="")
create(userid, form)
raise web.seeother("/admincontrol")
def POST(self):
userid = d.get_userid()
status = d.common_status_check(userid)
if status:
return d.common_status_page(userid, status)
elif not userid:
return d.webpage(userid)
elif userid not in staff.MODS:
return d.webpage(userid, d.errorcode.permission)
form = web.input(title="", content="")
create(userid, form)
raise web.seeother("/admincontrol")
def status_check_tween(request):
status = d.common_status_check(request.userid)
if status:
return Response(d.common_status_page(request.userid, status))
return handler(request)
def status_check_tween(request):
status = d.common_status_check(request.userid)
if status:
return Response(d.common_status_page(request.userid, status))
return handler(request)
