def authorized():
resp = linkedin.authorized_response()
if resp is None or not resp['access_token']:
return 'Access denied: reason=%s error=%s' % (
request.args['error_reason'], request.args['error_description'])
token = resp['access_token']
session['linkedin_token'] = (token, '')
profile = linkedin.get('people/~:(id,email-address)')
linkedin_id = profile.data['id']
session['linkedin_id'] = linkedin_id
# Try to login the user
try:
user = User.query.filter_by(linkedin_id=linkedin_id).one()
except MultipleResultsFound:
flash('There has been an error, please try again later', 'error')
return redirect('page.home')
except NoResultFound:
# Register
return redirect(url_for('user.become_member'))
login_user(user, force=True)
user.last_login = datetime.now()
update_linkedin_fields(user)
db.session.commit()
flash('You have been successfully logged in.')
return redirect_back()
def subscriptions():
class F(SubscriptionsForm):
pass
class Data():
pass
if newsletter.check_connection() is False:
flash('Service at the moment not available. Please try again later.')
return redirect_back()
# Dynamically create form
lists = newsletter.get_lists()
lists_id = []
for subscription_list in lists:
lists_id.append(subscription_list['id'])
on_list = newsletter.user_on_list(subscription_list['id'],
current_user.email)
setattr(F, subscription_list['id'],
fields.BooleanField(subscription_list['name']))
setattr(Data, subscription_list['id'], on_list)
form = F(request.form, Data)
if form.validate_on_submit():
for subscription_list, value in form.data.iteritems():
if subscription_list in lists_id:
if value != getattr(Data, subscription_list):
if value:
newsletter.subscribe(subscription_list, current_user)
else:
newsletter.unsubscribe(subscription_list, current_user)
flash('Your subscriptions have been successfully updated.')
return render_template('members/subscriptions.html', form=form)
def decorated_view(*args, **kwargs):
if current_app.login_manager._login_disabled:
return func(*args, **kwargs)
elif not current_user.is_authenticated() or not current_user.has_role(
'ROLE_ADMIN'):
flash("You have no permission to access this page.")
return redirect_back()
return func(*args, **kwargs)
def send_newsletters():
try:
tasks.send_newsletter()
flash('Newsletters successfully sent.')
except Exception as ex:
traceback.print_exc()
flash('Something went wrong! Can not send the newsletters. ' +
ex.message)
return redirect_back()
def profile(user_id):
if not current_user.is_active() and user_id != current_user.id:
flash(
'You have to wait until you application has been approved to access this area.',
'error')
return redirect_back()
user = User.query.get_or_404(user_id)
if not user.is_active(
) and user_id != current_user.id and not user.has_role('ROLE_ADMIN'):
flash(
'The member exists, but is not yet activated and can therefore his profile is not yet available.',
'error')
return redirect_back()
return render_template('members/profile.html',
user=user,
levels=get_access_levels())
def decorated_view(*args, **kwargs):
if current_app.login_manager._login_disabled:
return func(*args, **kwargs)
elif not current_user.is_authenticated() or not current_user.is_active(
):
flash(
'To access this page, your application has first to be reviewed.'
)
return redirect_back()
return func(*args, **kwargs)
def deactivate(user_id):
form = Form(request.form)
if form.validate_on_submit():
u = User.query.get_or_404(user_id)
u.activated = False
db.session.commit()
newsletter.unsubscribe_all(u)
flash(
'User has been deactivated and unsubscribed from all newsletter.')
else:
flash('Invalid CSRF Token')
return redirect_back()
def run_update(user_id):
if user_id is None:
users = User.query.all()
else:
users = [User.query.get_or_404(user_id)]
for user in users:
print 'Updating ' + user.name
if update_linkedin_fields(user, token=user.linkedin_token):
print ' successfull'
else:
print ' error (probably expired or revoked token)'
flash('Users updated')
return redirect_back()
def delete(job_hash):
job = Job.query.filter_by(hash=job_hash).first()
if job is None:
abort(404)
if current_user.id != job.user_id and not current_user.has_role(
'ROLE_ADMIN'):
abort(403)
form = DeleteForm(request.form, job)
if form.validate_on_submit():
db.session.delete(job)
db.session.commit()
flash('Job successfully removed.')
return redirect(url_for('jobs.index'))
flash('Invalid CSRF token')
return redirect_back()
def delete(event_hash):
if not current_user.has_role('ROLE_ADMIN'):
abort(403)
event = Event.query.filter_by(hash=event_hash).first()
if event is None:
abort(404)
form = DeleteForm(request.form, event)
if form.validate_on_submit():
notifications.event_deleted(event)
db.session.delete(event)
db.session.commit()
flash('Event successfully removed.')
return redirect(url_for('events.index'))
flash('Invalid CSRF token')
return redirect_back()
def activate(user_id):
''' Activates the user account and sends a welcome message '''
form = Form(request.form)
if form.validate_on_submit():
u = User.query.get_or_404(user_id)
u.activated = True
db.session.commit()
msg = Message("Welcome to the QFin Club!", recipients=[u.email])
msg.html = render_template('members/email_welcome.html', user=u)
mail.send(msg)
# Subscribe to mailinglists
newsletter.subscribe_all(u)
flash(
'User has been activated, a welcome message has been sent and he has been subscribed to all newsletters.'
)
else:
flash('Invalid CSRF Token')
return redirect_back()