def pwdchange(req, error=0): if len(req.params) > 2 and "password_old" not in req.params: # user changed to browsing return buildURL(req) user = users.getUserFromRequest(req) if not user.canChangePWD() and not user.isAdmin(): error = 4 # no rights elif "ChangeSubmit" in req.params: if user.getName() == config.get("user.guestuser"): req.request["Location"] = req.makeLink("node", {"id": tree.getRoot("collections").id}) return httpstatus.HTTP_MOVED_TEMPORARILY else: if not users.checkLogin(user.getName(), req.params.get("password_old")): error = 1 # old pwd does not match elif req.params.get("password_new1") != req.params.get("password_new2"): error = 2 # new pwds do not match else: user.setPassword(req.params.get("password_new2")) req.request["Location"] = req.makeLink("node", {"id": tree.getRoot("collections").id}) return httpstatus.HTTP_MOVED_TEMPORARILY navframe = frame.getNavigationFrame(req) navframe.feedback(req) contentHTML = req.getTAL(theme.getTemplate("login.html"), {"error": error, "user": user}, macro="change_pwd") navframe.write(req, contentHTML) return httpstatus.HTTP_OK
def display_noframe(req): content = getContentArea(req) content.feedback(req) navframe = getNavigationFrame(req) navframe.feedback(req) req.params["show_navbar"] = 0 contentHTML = content.html(req) if "raw" in req.params: req.write(contentHTML) else: navframe.write(req, contentHTML, show_navbar=0)
def show_user_data(req): error = "" # XXX: dead code? if USE_EXAMPLES and 'examples' in req.params: try: import userdata_examples reload(userdata_examples) except Exception as e: log.error("Error loading examples:" + str(sys.exc_info()[0]) + " " + str(sys.exc_info()[1]), exc_info=True) if "jsonrequest" in req.params: python_callback_key = req.params.get("python_callback_key", "") if python_callback_key and python_callback_key in aclasses: req.write(aclasses[python_callback_key].callback(req=req)) return user = users.getUserFromRequest(req) user_homedir = {} if not user.isGuest(): user_homedir = users.getHomeDir(user) navframe = getNavigationFrame(req) navframe.feedback(req) udclasses = sorted([(uc.orderpos, uc) for uc in aclasses.values()]) udclasses = [t[1] for t in udclasses] ctx = { "error": error, "user": user, "user_homedir": user_homedir, "pf": pf, "udclasses": udclasses, "req": req, } navframe.write( req, req.getTAL("web/frontend/userdata.html", ctx, macro="show_user_data")) return httpstatus.HTTP_OK
def pwdchange(req, error=0): if len( req.params ) > 2 and "password_old" not in req.params: # user changed to browsing return buildURL(req) user = users.getUserFromRequest(req) if not user.canChangePWD() and not user.isAdmin(): error = 4 # no rights elif "ChangeSubmit" in req.params: if user.getName() == config.get("user.guestuser"): req.request["Location"] = req.makeLink( "node", {"id": tree.getRoot("collections").id}) return httpstatus.HTTP_MOVED_TEMPORARILY else: if not users.checkLogin(user.getName(), req.params.get("password_old")): error = 1 # old pwd does not match elif req.params.get("password_new1") != req.params.get( "password_new2"): error = 2 # new pwds do not match else: user.setPassword(req.params.get("password_new2")) req.request["Location"] = req.makeLink( "node", {"id": tree.getRoot("collections").id}) return httpstatus.HTTP_MOVED_TEMPORARILY navframe = frame.getNavigationFrame(req) navframe.feedback(req) contentHTML = req.getTAL(theme.getTemplate("login.html"), { "error": error, "user": user }, macro="change_pwd") navframe.write(req, contentHTML) return httpstatus.HTTP_OK
def show_user_data(req): error = "" # XXX: dead code? if USE_EXAMPLES and 'examples' in req.params: try: import userdata_examples reload(userdata_examples) except Exception as e: log.error("Error loading examples:" + str(sys.exc_info()[0]) + " " + str(sys.exc_info()[1]), exc_info=True) if "jsonrequest" in req.params: python_callback_key = req.params.get("python_callback_key", "") if python_callback_key and python_callback_key in aclasses: req.write(aclasses[python_callback_key].callback(req=req)) return user = users.getUserFromRequest(req) user_homedir = {} if not user.isGuest(): user_homedir = users.getHomeDir(user) navframe = getNavigationFrame(req) navframe.feedback(req) udclasses = sorted([(uc.orderpos, uc) for uc in aclasses.values()]) udclasses = [t[1] for t in udclasses] ctx = { "error": error, "user": user, "user_homedir": user_homedir, "pf": pf, "udclasses": udclasses, "req": req, } navframe.write(req, req.getTAL("web/frontend/userdata.html", ctx, macro="show_user_data")) return httpstatus.HTTP_OK
def display(req): if "jsonrequest" in req.params: handle_json_request(req) return req.session["area"] = "" content = getContentArea(req) content.feedback(req) try: # add export mask data of current node to request object mask = getMetaType(content.actNode().getSchema()).getMask('head_meta') req.params['head_meta'] = mask.getViewHTML([content.actNode()], flags=8) except: req.params['head_meta'] = '' navframe = getNavigationFrame(req) navframe.feedback(req) contentHTML = content.html(req) contentHTML = modify_tex(contentHTML, 'html') navframe.write(req, contentHTML) # set status code here... req.setStatus(content.status())
def login(req): if len(req.params ) > 2 and "user" not in req.params: # user changed to browsing return buildURL(req) error = 0 username = req.params.get("user", config.get("user.guestuser")) password = req.params.get("password", "") if username == "" and "user" in req.params: # empty username error = 1 elif "LoginSubmit" in req.params: # try given values user = users.checkLogin(username, password, req=req) if user: if "contentarea" in req.session: del req.session["contentarea"] req.session["user"] = user logging.getLogger('usertracing').info(user.name + " logged in") if user.getUserType() == "users": if user.stdPassword(): return pwdchange(req, 3) else: x = users.getExternalAuthentificator(user.getUserType()) if x and x.stdPassword(user): return pwdchange(req, 3) if req.session.get('return_after_login'): req.request['Location'] = req.session['return_after_login'] elif config.get("config.ssh", "") == "yes": req.request["Location"] = ''.join([ "https://", config.get("host.name"), "/node?id=", tree.getRoot("collections").id ]) else: req.request["Location"] = ''.join( ["/node?id=", tree.getRoot("collections").id]) return httpstatus.HTTP_MOVED_TEMPORARILY else: error = 1 referer = next((h.split(":", 1)[1].strip() for h in req.header if h.startswith("Referer:")), None) if referer is None or any(uri in referer for uri in ('/login', '/logout', '/pwdforgotten', '/pwdchange', '/pnode')): req.session['return_after_login'] = False else: if '/edit' in referer: # returns the user to /edit/ instead of /edit/edit_content?id=604993, which has no sidebar req.session['return_after_login'] = '******'.join( referer.split('/')[:-1]) else: req.session['return_after_login'] = referer # standard login form user = users.getUserFromRequest(req) navframe = frame.getNavigationFrame(req) navframe.feedback(req) navframe.write( req, req.getTAL(theme.getTemplate("login.html"), { "error": error, "user": user }, macro="login")) return httpstatus.HTTP_OK
def pwdforgotten(req): if len(req.params) > 3: # user changed to browsing return buildURL(req) navframe = frame.getNavigationFrame(req) navframe.feedback(req) if req.params.get("action", "") == "activate": # do activation of new password id, key = req.params.get("key").replace("/", "").split('-') targetuser = users.getUser(id) if targetuser.get("newpassword.activation_key") == key: newpassword = targetuser.get("newpassword.password") if newpassword: targetuser.set("password", newpassword) print "password reset for user '%s' (id=%s) reset" % ( targetuser.getName(), targetuser.id) targetuser.removeAttribute("newpassword.password") targetuser.set("newpassword.time_activated", date.format_date()) logging.getLogger('usertracing').info( "new password activated for user: %s - was requested: %s by %s" % (targetuser.getName(), targetuser.get("newpassword.time_requested"), targetuser.get("newpassword.request_ip"))) navframe.write( req, req.getTAL(theme.getTemplate("login.html"), {"username": targetuser.getName()}, macro="pwdforgotten_password_activated")) return httpstatus.HTTP_OK else: print "invalid key: wrong key or already used key" navframe.write( req, req.getTAL( theme.getTemplate("login.html"), {"message": "pwdforgotten_password_invalid_key"}, macro="pwdforgotten_message")) return httpstatus.HTTP_OK elif "user" in req.params: # create email with activation information username = req.params.get("user", "") if username == '': req.params['error'] = "pwdforgotten_noentry" else: targetuser = users.getUser(username) if not targetuser or not targetuser.canChangePWD(): logging.getLogger('usertracing').info( "new password requested for non-existing user: "******"pwdforgotten_nosuchuser" else: password = users.makeRandomPassword() randomkey = mkKey() targetuser.set("newpassword.password", hashlib.md5(password).hexdigest()) targetuser.set("newpassword.time_requested", date.format_date()) targetuser.set("newpassword.activation_key", randomkey) targetuser.set("newpassword.request_ip", req.ip) v = {} v["name"] = targetuser.getName() v["host"] = config.get("host.name") v["login"] = targetuser.getName() v["language"] = lang(req) v["activationlink"] = v[ "host"] + "/pwdforgotten?action=activate&key=%s-%s" % ( targetuser.id, randomkey) v["email"] = targetuser.getEmail() v["userid"] = targetuser.getName() # going to send the mail try: mailtext = req.getTAL(theme.getTemplate("login.html"), v, macro="emailtext") mailtext = mailtext.strip().replace( "[$newpassword]", password).replace("[wird eingesetzt]", password) mail.sendmail(config.get("email.admin"), targetuser.getEmail(), t(lang(req), "pwdforgotten_email_subject"), mailtext) logging.getLogger('usertracing').info( "new password requested for user: %s - activation email sent" % username) navframe.write( req, req.getTAL(theme.getTemplate("login.html"), {"message": "pwdforgotten_butmailnowsent"}, macro="pwdforgotten_message")) return httpstatus.HTTP_OK except mail.SocketError: print "Socket error while sending mail" logging.getLogger('usertracing').info( "new password requested for user: %s - failed to send activation email" % username) return req.getTAL( theme.getTemplate("login.html"), {"message": "pwdforgotten_emailsenderror"}, macro="pwdforgotten_message") # standard operation navframe.write( req, req.getTAL(theme.getTemplate("login.html"), { "error": req.params.get("error"), "user": users.getUserFromRequest(req) }, macro="pwdforgotten")) return httpstatus.HTTP_OK
def login(req): if len(req.params) > 2 and "user" not in req.params: # user changed to browsing return buildURL(req) error = 0 username = req.params.get("user", config.get("user.guestuser")) password = req.params.get("password", "") if username == "" and "user" in req.params: # empty username error = 1 elif "LoginSubmit" in req.params: # try given values user = users.checkLogin(username, password, req=req) if user: if "contentarea" in req.session: del req.session["contentarea"] req.session["user"] = user logging.getLogger('usertracing').info(user.name + " logged in") if user.getUserType() == "users": if user.stdPassword(): return pwdchange(req, 3) else: x = users.getExternalAuthentificator(user.getUserType()) if x and x.stdPassword(user): return pwdchange(req, 3) if req.session.get('return_after_login'): req.request['Location'] = req.session['return_after_login'] elif config.get("config.ssh", "") == "yes": req.request["Location"] = ''.join(["https://", config.get("host.name"), "/node?id=", tree.getRoot("collections").id]) else: req.request["Location"] = ''.join(["/node?id=", tree.getRoot("collections").id]) return httpstatus.HTTP_MOVED_TEMPORARILY else: error = 1 referer = next((h.split(":", 1)[1].strip() for h in req.header if h.startswith("Referer:")), None) if referer is None or any(uri in referer for uri in ('/login', '/logout', '/pwdforgotten', '/pwdchange', '/pnode')): req.session['return_after_login'] = False else: if '/edit' in referer: # returns the user to /edit/ instead of /edit/edit_content?id=604993, which has no sidebar req.session['return_after_login'] = '******'.join(referer .split('/')[:-1]) else: req.session['return_after_login'] = referer # standard login form user = users.getUserFromRequest(req) navframe = frame.getNavigationFrame(req) navframe.feedback(req) navframe.write(req, req.getTAL(theme.getTemplate("login.html"), {"error": error, "user": user}, macro="login")) return httpstatus.HTTP_OK
def pwdforgotten(req): if len(req.params) > 3: # user changed to browsing return buildURL(req) navframe = frame.getNavigationFrame(req) navframe.feedback(req) if req.params.get("action", "") == "activate": # do activation of new password id, key = req.params.get("key").replace("/", "").split('-') targetuser = users.getUser(id) if targetuser.get("newpassword.activation_key") == key: newpassword = targetuser.get("newpassword.password") if newpassword: targetuser.set("password", newpassword) print "password reset for user '%s' (id=%s) reset" % (targetuser.getName(), targetuser.id) targetuser.removeAttribute("newpassword.password") targetuser.set("newpassword.time_activated", date.format_date()) logging.getLogger('usertracing').info( "new password activated for user: %s - was requested: %s by %s" % (targetuser.getName(), targetuser.get("newpassword.time_requested"), targetuser.get("newpassword.request_ip"))) navframe.write( req, req.getTAL( theme.getTemplate("login.html"), { "username": targetuser.getName()}, macro="pwdforgotten_password_activated")) return httpstatus.HTTP_OK else: print "invalid key: wrong key or already used key" navframe.write( req, req.getTAL( theme.getTemplate("login.html"), { "message": "pwdforgotten_password_invalid_key"}, macro="pwdforgotten_message")) return httpstatus.HTTP_OK elif "user" in req.params: # create email with activation information username = req.params.get("user", "") if username == '': req.params['error'] = "pwdforgotten_noentry" else: targetuser = users.getUser(username) if not targetuser or not targetuser.canChangePWD(): logging.getLogger('usertracing').info("new password requested for non-existing user: "******"pwdforgotten_nosuchuser" else: password = users.makeRandomPassword() randomkey = mkKey() targetuser.set("newpassword.password", hashlib.md5(password).hexdigest()) targetuser.set("newpassword.time_requested", date.format_date()) targetuser.set("newpassword.activation_key", randomkey) targetuser.set("newpassword.request_ip", req.ip) v = {} v["name"] = targetuser.getName() v["host"] = config.get("host.name") v["login"] = targetuser.getName() v["language"] = lang(req) v["activationlink"] = v["host"] + "/pwdforgotten?action=activate&key=%s-%s" % (targetuser.id, randomkey) v["email"] = targetuser.getEmail() v["userid"] = targetuser.getName() # going to send the mail try: mailtext = req.getTAL(theme.getTemplate("login.html"), v, macro="emailtext") mailtext = mailtext.strip().replace("[$newpassword]", password).replace("[wird eingesetzt]", password) mail.sendmail(config.get("email.admin"), targetuser.getEmail(), t(lang(req), "pwdforgotten_email_subject"), mailtext) logging.getLogger('usertracing').info("new password requested for user: %s - activation email sent" % username) navframe.write( req, req.getTAL( theme.getTemplate("login.html"), { "message": "pwdforgotten_butmailnowsent"}, macro="pwdforgotten_message")) return httpstatus.HTTP_OK except mail.SocketError: print "Socket error while sending mail" logging.getLogger('usertracing').info( "new password requested for user: %s - failed to send activation email" % username) return req.getTAL( theme.getTemplate("login.html"), {"message": "pwdforgotten_emailsenderror"}, macro="pwdforgotten_message") # standard operation navframe.write(req, req.getTAL(theme.getTemplate("login.html"), { "error": req.params.get("error"), "user": users.getUserFromRequest(req)}, macro="pwdforgotten")) return httpstatus.HTTP_OK