def revoke(self, redirect_url=None):
v_id = request.params.get('id', None)
if v_id is None:
abort(401, "id of velruse account not specified")
v = Velruse.by_id(v_id)
if v is None:
self._failure(
_("You are trying to disconnect from a provider"
" you are disconnected from already."))
return None
elif not (v.user == c.user or can.user.manage()):
abort(
403,
_("You're not authorized to change %s's settings.") %
c.user.id)
else:
v.delete_forever()
model.meta.Session.commit()
h.flash(
_("You successfully disconnected from %(provider)s.") %
{'provider': v.domain}, 'success')
if redirect_url is None:
redirect(h.entity_url(c.user, member='settings/login'))
else:
redirect(redirect_url)
def update_user_badge(self, id):
try:
self.form_result = UserBadgeForm().to_python(request.params)
except Invalid as i:
return self.edit(id, i.unpack_errors())
badge = self._get_badge_or_redirect(id)
title, color, visible, description, impact, instance =\
self._get_common_fields(self.form_result)
group = self.form_result.get('group')
display_group = self.form_result.get('display_group')
badge.group = group
badge.title = title
badge.color = color
badge.visible = visible
badge.description = description
if badge.impact != impact:
badge.impact = impact
for user in badge.users:
update_entity(user, UPDATE)
badge.instance = instance
badge.display_group = display_group
if behavior_enabled():
badge.behavior_proposal_sort_order = self.form_result.get(
'behavior_proposal_sort_order')
meta.Session.commit()
h.flash(_("Badge changed successfully"), 'success')
redirect(self.base_url)
def unban(self, id):
c.page_user = get_entity_or_abort(model.User, id)
require.user.manage(c.page_user)
c.page_user.banned = False
model.meta.Session.commit()
h.flash(_("The account has been re-activated."), 'success')
redirect(h.entity_url(c.page_user))
def update_index(self):
for entity_type in model.refs.TYPES:
if hasattr(entity_type, "all"):
for entity in entity_type.all():
index.update(entity)
flash(_('Solr index updated.'), 'success')
redirect(base_url('/admin'))
def callback(self):
require.user.edit(c.user)
if 'denied' in request.params:
redirect(h.entity_url(c.user, member='edit'))
request_token = session.get('request_token')
if not request_token:
h.flash(_("You have been logged out while authenticating "
"at twitter. Please try again."), 'notice')
redirect(h.entity_url(c.user, member='edit'))
request_token = oauth.OAuthToken.from_string(request_token)
req_api = create_oauth(key=request_token.key,
secret=request_token.secret)
access_token = req_api.getAccessToken()
api = create_oauth(key=access_token.key, secret=access_token.secret)
user_data = api.GetUserInfo()
twitter = model.Twitter(int(user_data.id), c.user,
user_data.screen_name,
unicode(access_token.key),
unicode(access_token.secret))
model.meta.Session.add(twitter)
model.meta.Session.commit()
try:
# workaround to a hashing fuckup in oatuh
api._FetchUrl("http://twitter.com/friendships/create.json",
post_data={'screen_name': system_user()},
no_cache=True)
h.flash(_("You're now following %s on twitter so we "
+ "can send you notifications as direct messages") %
system_user(),
'success')
except HTTPError, he:
log.warn(he.read())
def revoke(self, redirect_url=None):
v_id = request.params.get('id', None)
if v_id is None:
abort(401, "id of velruse account not specified")
v = Velruse.by_id(v_id)
if v is None:
self._failure(_("You are trying to disconnect from a provider"
" you are disconnected from already."))
return None
elif not (v.user == c.user or can.user.manage()):
abort(403, _("You're not authorized to change %s's settings.")
% c.user.id)
else:
v.delete_forever()
model.meta.Session.commit()
h.flash(_("You successfully disconnected from %(provider)s.")
% {'provider': v.domain},
'success')
if redirect_url is None:
redirect(h.entity_url(c.user, member='settings/login'))
else:
redirect(redirect_url)
def settings_appearance_update(self, id, format='html'):
c.page_instance = self._get_current_instance(id)
require.instance.edit(c.page_instance)
# delete the logo if the button was pressed and exit
if 'delete_logo' in self.form_result:
logo.delete(c.page_instance)
return self.settings_result(
True, c.page_instance, 'appearance',
message=_(u'The logo has been deleted.'))
# process the normal form
updated = update_attributes(c.page_instance, self.form_result, ['css'])
try:
# fixme: show logo errors in the form
if ('logo' in request.POST and
hasattr(request.POST.get('logo'), 'file') and
request.POST.get('logo').file):
logo.store(c.page_instance, request.POST.get('logo').file)
updated = True
except Exception, e:
model.meta.Session.rollback()
h.flash(unicode(e), 'error')
log.debug(e)
return self.settings_appearance(id)
def update_index(self):
for entity_type in model.refs.TYPES:
if hasattr(entity_type, "all"):
for entity in entity_type.all():
index.update(entity)
flash(_('Solr index updated.'), 'success')
redirect(base_url('/admin'))
def callback(self):
require.user.edit(c.user)
if 'denied' in request.params:
redirect(h.entity_url(c.user, member='edit'))
request_token = session.get('request_token')
if not request_token:
h.flash(_("You have been logged out while authenticating "
"at twitter. Please try again."), 'notice')
redirect(h.entity_url(c.user, member='edit'))
request_token = oauth.OAuthToken.from_string(request_token)
req_api = create_oauth(key=request_token.key,
secret=request_token.secret)
access_token = req_api.getAccessToken()
api = create_oauth(key=access_token.key, secret=access_token.secret)
user_data = api.GetUserInfo()
twitter = model.Twitter(int(user_data.id), c.user,
user_data.screen_name,
unicode(access_token.key),
unicode(access_token.secret))
model.meta.Session.add(twitter)
model.meta.Session.commit()
try:
# workaround to a hashing fuckup in oatuh
api._FetchUrl("http://twitter.com/friendships/create.json",
post_data={'screen_name': system_user()},
no_cache=True)
h.flash(_("You're now following %s on twitter so we "
+ "can send you notifications as direct messages") %
system_user(),
'success')
except HTTPError, he:
log.warn(he.read())
def update_badges(self, id):
user = get_entity_or_abort(model.User, id)
badges = self.form_result.get('badge')
if not has('global.admin'):
# instance admins may only add user badges limited to this instance
for badge in badges:
if not badge.instance == c.instance:
h.flash(_(u'Invalid badge choice.'), u'error')
redirect(h.entity_url(user))
creator = c.user
added = []
removed = []
for badge in user.badges:
if badge not in badges:
removed.append(badge)
user.badges.remove(badge)
for badge in badges:
if badge not in user.badges:
badge.assign(user, creator)
added.append(badge)
model.meta.Session.flush()
# FIXME: needs commit() cause we do an redirect() which raises
# an Exception.
model.meta.Session.commit()
post_update(user, model.update.UPDATE)
redirect(h.entity_url(user, instance=c.instance))
def create(self, format='html'):
c.scope = self.form_result.get('scope')
require.delegation.create(c.scope)
agents = filter(lambda f: f is not None, self.form_result.get('agent'))
if not len(agents) or agents[0] == c.user:
h.flash(_("Invalid delegation recipient"), 'error')
return self.new()
existing = model.Delegation.find_by_agent_principal_scope(
agents[0], c.user, c.scope)
if existing is not None:
h.flash(
_("You have already delegated voting to %s in %s") %
(agents[0].name, c.scope.label), 'notice')
return self.new()
delegation = model.Delegation.create(
c.user,
agents[0],
c.scope,
replay=self.form_result.get('replay') == 1)
model.meta.Session.commit()
event.emit(event.T_DELEGATION_CREATE,
c.user,
instance=c.instance,
topics=[c.scope],
scope=c.scope,
agent=agents[0],
delegation=delegation)
return ret_success(entity=delegation.scope, format=format)
def groupmod(self, id):
c.page_user = get_entity_or_abort(model.User, id)
require.user.supervise(c.page_user)
to_group = self.form_result.get("to_group")
if not to_group.code in model.Group.INSTANCE_GROUPS:
h.flash(
_("Cannot make %(user)s a member of %(group)s") % {
'user': c.page_user.name,
'group': to_group.group_name
}, 'error')
redirect(h.entity_url(c.page_user))
had_vote = c.page_user._has_permission("vote.cast")
for membership in c.page_user.memberships:
if (not membership.is_expired()
and membership.instance == c.instance):
membership.group = to_group
model.meta.Session.commit()
event.emit(event.T_INSTANCE_MEMBERSHIP_UPDATE,
c.page_user,
instance=c.instance,
group=to_group,
admin=c.user)
if had_vote and not c.page_user._has_permission("vote.cast"):
# user has lost voting privileges
c.page_user.revoke_delegations(c.instance)
model.meta.Session.commit()
redirect(h.entity_url(c.page_user))
def _connect(self,
adhocracy_user,
domain,
domain_user,
provider_name,
velruse_email,
email_verified=False,
redirect_url=None):
"""
Connect existing adhocracy user to velruse.
"""
if not Velruse.find(domain, domain_user):
velruse_user = Velruse.connect(adhocracy_user, domain, domain_user,
velruse_email, email_verified)
model.meta.Session.commit()
h.flash(
_("You successfully connected to %s." %
provider_name.capitalize()), 'success')
if redirect_url is None:
redirect(h.user.post_login_url(adhocracy_user))
else:
redirect(redirect_url)
return velruse_user
else:
h.flash(
_("Your %s account is already connected." %
provider_name.capitalize()), 'error')
redirect(h.user.post_login_url(adhocracy_user))
return None
def settings_appearance_update(self, id, format='html'):
c.page_instance = self._get_current_instance(id)
require.instance.edit(c.page_instance)
# delete the logo if the button was pressed and exit
if 'delete_logo' in self.form_result:
logo.delete(c.page_instance)
return self._settings_result(
True, c.page_instance, 'appearance',
message=_(u'The logo has been deleted.'))
# process the normal form
updated = update_attributes(c.page_instance, self.form_result,
['css',
'thumbnailbadges_width',
'thumbnailbadges_height'])
try:
# fixme: show logo errors in the form
if ('logo' in request.POST and
hasattr(request.POST.get('logo'), 'file') and
request.POST.get('logo').file):
logo.store(c.page_instance, request.POST.get('logo').file)
updated = True
except Exception, e:
model.meta.Session.rollback()
h.flash(unicode(e), 'error')
log.debug(e)
return self.settings_appearance(id)
def update_index(self):
for entity_type in model.refs.TYPES:
if hasattr(entity_type, "all"):
for entity in entity_type.all():
index.update(entity)
flash(_("Solr index updated."), "success")
redirect(base_url("/admin"))
def update_category_badge(self, id):
try:
params = request.params.copy()
params['id'] = id
self.form_result = CategoryBadgeUpdateForm().to_python(params)
except Invalid as i:
return self.edit(id, i.unpack_errors())
badge = self._get_badge_or_redirect(id)
title, color, visible, description, impact, instance =\
self._get_common_fields(self.form_result)
child_descr = self.form_result.get("select_child_description")
child_descr = child_descr.replace("$badge_title", title)
#TODO global badges must have only global badges children, joka
parent = self.form_result.get("parent")
if parent and parent.id == id:
parent = None
badge.title = title
badge.color = color
badge.visible = visible
badge.description = description
if badge.impact != impact:
badge.impact = impact
for delegateable in badge.delegateables:
update_entity(delegateable, UPDATE)
badge.instance = instance
badge.select_child_description = child_descr
badge.parent = parent
meta.Session.commit()
h.flash(_("Badge changed successfully"), 'success')
redirect(self.base_url)
def fix_autojoin(self):
config_autojoin = config.get('adhocracy.instances.autojoin')
if not config_autojoin:
return ret_abort('autojoin is not enabled')
users = model.User.all()
instances = model.Instance.all(include_hidden=True)
added = 0
if config_autojoin != 'ALL':
instance_keys = [key.strip() for key in config_autojoin.split(",")]
instances = [
instance for instance in instances
if instance.key in instance_keys
]
for user in users:
to_join = set(instances)
for m in user.memberships:
to_join.discard(m.instance)
for instance in to_join:
autojoin_membership = model.Membership(user, instance,
instance.default_group)
model.meta.Session.add(autojoin_membership)
added += 1
if added > 0:
model.meta.Session.commit()
flash(_('Autojoin fixed - added %s memberships.') % added, 'success')
return redirect(base_url('/admin'))
def update_thumbnail_badge(self, id):
try:
self.form_result = ThumbnailBadgeForm().to_python(request.params)
except Invalid as i:
return self.edit(id, i.unpack_errors())
badge = self._get_badge_or_redirect(id)
title, color, visible, description, impact, instance =\
self._get_common_fields(self.form_result)
thumbnail = self.form_result.get("thumbnail")
if isinstance(thumbnail, FieldStorage):
badge.thumbnail = thumbnail.file.read()
if 'delete_thumbnail' in self.form_result:
badge.thumbnail = None
badge.title = title
badge.color = color
badge.visible = visible
badge.description = description
if badge.impact != impact:
badge.impact = impact
for delegateable in badge.delegateables:
update_entity(delegateable, UPDATE)
badge.instance = instance
meta.Session.commit()
h.flash(_("Badge changed successfully"), 'success')
redirect(self.base_url)
def create(self, format='html'):
c.scope = self.form_result.get('scope')
require.delegation.create(c.scope)
agents = filter(lambda f: f is not None, self.form_result.get('agent'))
if not len(agents) or agents[0] == c.user:
h.flash(_("Invalid delegation recipient"), 'error')
return self.new()
existing = model.Delegation.find_by_agent_principal_scope(agents[0],
c.user,
c.scope)
if existing is not None:
h.flash(_("You have already delegated voting to %s in %s") %
(agents[0].name, c.scope.label),
'notice')
return self.new()
delegation = model.Delegation.create(
c.user, agents[0], c.scope,
replay=self.form_result.get('replay') == 1)
model.meta.Session.commit()
event.emit(event.T_DELEGATION_CREATE, c.user,
instance=c.instance,
topics=[c.scope], scope=c.scope,
agent=agents[0], delegation=delegation)
return ret_success(entity=delegation.scope, format=format)
def create(cls, user_name, email, password=None, locale=None,
openid_identity=None, global_admin=False, display_name=None,
autojoin=True, shibboleth_persistent_id=None):
"""
Create a user. If user_name is None, a random user name is generated.
"""
from group import Group
from membership import Membership
import adhocracy.lib.util as util
if password is None:
password = util.random_token()
import adhocracy.i18n as i18n
if locale is None:
locale = i18n.get_default_locale()
while user_name is None:
# Note: This can theoretically lead to IntegrityErrors if the same
# username is generated at the same time. This is very unlikely
# though.
from adhocracy.lib.util import random_username
try_user_name = random_username()
if cls.find(try_user_name) is None:
user_name = try_user_name
from adhocracy.lib import helpers as h
h.flash(_('The random username %s has been assigned to you.') %
user_name, 'success')
user = User(user_name, email, password, locale,
display_name=display_name)
meta.Session.add(user)
# Add the global default group
default_group = Group.by_code(Group.CODE_DEFAULT)
default_membership = Membership(user, None, default_group)
meta.Session.add(default_membership)
# Autojoin the user in instances
config_autojoin = config.get('adhocracy.instances.autojoin')
if autojoin and config_autojoin:
user.fix_autojoin(commit=False)
if global_admin:
admin_group = Group.by_code(Group.CODE_ADMIN)
admin_membership = Membership(user, None, admin_group)
meta.Session.add(admin_membership)
if openid_identity is not None:
from adhocracy.model.openid import OpenID
openid = OpenID(unicode(openid_identity), user)
meta.Session.add(openid)
if shibboleth_persistent_id is not None:
from adhocracy.model.shibboleth import Shibboleth
shib = Shibboleth(shibboleth_persistent_id, user)
meta.Session.add(shib)
meta.Session.flush()
return user
def _connect(self, adhocracy_user, domain, domain_user,
provider_name,
velruse_email, email_verified=False,
redirect_url=None):
"""
Connect existing adhocracy user to velruse.
"""
if not Velruse.find(domain, domain_user):
velruse_user = Velruse.connect(adhocracy_user, domain, domain_user,
velruse_email, email_verified)
model.meta.Session.commit()
h.flash(_("You successfully connected to %s."
% provider_name.capitalize()),
'success')
if redirect_url is None:
redirect(h.user.post_login_url(adhocracy_user))
else:
redirect(redirect_url)
return velruse_user
else:
h.flash(_("Your %s account is already connected."
% provider_name.capitalize()),
'error')
redirect(h.user.post_login_url(adhocracy_user))
return None
def reset(self, id):
c.page_user = get_entity_or_abort(model.User,
id,
instance_filter=False)
try:
if c.page_user.reset_code != self.form_result.get('c'):
raise ValueError()
new_password = random_token()
c.page_user.password = new_password
model.meta.Session.add(c.page_user)
model.meta.Session.commit()
body = (
_("your password has been reset. It is now:") + "\r\n\r\n " +
new_password + "\r\n\r\n" +
_("Please login and change the password in your user "
"settings.") + "\n\n" +
_("Your user name to login is: %s") % c.page_user.user_name)
libmail.to_user(c.page_user, _("Your new password"), body)
h.flash(
_("Success. You have been sent an email with your new "
"password."), 'success')
except Exception:
h.flash(
_("The reset code is invalid. Please repeat the password"
" recovery procedure."), 'error')
redirect('/login')
def connect(self):
if not openid_login_allowed() and "facebook" not in allowed_login_types():
ret_abort(_("Connection not allowed, single sign-on has been " "disabled on this installation"), code=403)
require.user.edit(c.user)
if not c.user:
h.flash(_("No OpenID was entered."), "warning")
redirect("/login")
return render("/openid/connect.html")
def revoke(self):
require.user.edit(c.user)
if not c.user.twitter:
h.flash(_("You have no twitter association."), 'notice')
redirect(h.entity_url(c.user, member='edit'))
c.user.twitter.delete()
model.meta.Session.commit()
redirect(h.entity_url(c.user, member='edit'))
def connect(self):
if not openid_login_allowed():
ret_abort(_("Connection not allowed, OpenID has been disabled on this installation"), code=403)
require.user.edit(c.user)
if not c.user:
h.flash(_("No OpenID was entered."), 'warning')
redirect("/login")
return render("/openid/connect.html")
def revoke(self):
require.user.edit(c.user)
if not c.user.twitter:
h.flash(_("You have no twitter association."), 'notice')
redirect(h.entity_url(c.user, member='edit'))
c.user.twitter.delete()
model.meta.Session.commit()
redirect(h.entity_url(c.user, member='edit'))
def resend(self, id):
c.page_user = get_entity_or_abort(model.User, id,
instance_filter=False)
require.user.edit(c.page_user)
libmail.send_activation_link(c.page_user)
h.flash(_("The activation link has been re-sent to your email "
"address."), 'notice')
redirect(h.entity_url(c.page_user, member='edit'))
def create(self):
t = model.Treatment.create(
self.form_result['key'],
self.form_result['source_badges'],
self.form_result['variant_count'],
)
model.meta.Session.commit()
h.flash(_("Treatment has been created."), 'success')
return redirect(h.base_url('/admin/treatment/'))
def create(self, format='html'):
entity = self.form_result.get('ref')
try:
model.Watch.create(c.user, entity, check_existing=True)
model.meta.Session.commit()
except model.watch.WatchAlreadyExists:
h.flash(_(u"A watchlist entry for this entity already exists."),
u'notice')
redirect(h.entity_url(entity))
def delete(self, id):
badge = self._get_badge_or_redirect(id)
for badge_instance in badge.badges():
meta.Session.delete(badge_instance)
update_entity(badge_instance.badged_entity(), UPDATE)
meta.Session.delete(badge)
meta.Session.commit()
h.flash(_(u"Badge deleted successfully"), 'success')
redirect(self.base_url)
def create(self, format='html'):
entity = self.form_result.get('ref')
try:
model.Watch.create(c.user, entity, check_existing=True)
model.meta.Session.commit()
except model.watch.WatchAlreadyExists:
h.flash(_(u"A watchlist entry for this entity already exists."),
u'notice')
redirect(h.entity_url(entity))
def create(self):
t = model.Treatment.create(
self.form_result['key'],
self.form_result['source_badges'],
self.form_result['variant_count'],
)
model.meta.Session.commit()
h.flash(_("Treatment has been created."), 'success')
return redirect(h.base_url('/admin/treatment/'))
def set_password(self, id):
c.page_user = get_entity_or_abort(model.User, id,
instance_filter=False)
require.user.edit(c.page_user)
c.page_user.password = self.form_result.get('password')
model.meta.Session.add(c.page_user)
model.meta.Session.commit()
h.flash(_('Password has been set. Have fun!'), 'success')
redirect(h.base_url('/'))
def delete(self, id):
c.page_user = get_entity_or_abort(model.User, id)
require.user.delete(c.page_user)
c.page_user.delete()
model.meta.Session.commit()
h.flash(_("The account has been deleted."), 'success')
if c.instance is not None:
redirect(h.instance.url(c.instance))
else:
redirect(h.site.base_url(instance=None))
def create(self, format='html'):
require.watch.create()
entity = self.form_result.get('ref')
if model.Watch.find_by_entity(c.user, entity):
h.flash(_("A watchlist entry for this entity already exists."),
'notice')
else:
model.Watch.create(c.user, entity)
model.meta.Session.commit()
redirect(h.entity_url(entity))
def connect(self):
if (not openid_login_allowed()
and 'facebook' not in allowed_login_types()):
ret_abort(_("Connection not allowed, single sign-on has been "
"disabled on this installation"),
code=403)
require.user.edit(c.user)
if not c.user:
h.flash(_("No OpenID was entered."), 'warning')
redirect("/login")
return render("/openid/connect.html")
def delete(self, proposal_id, id):
c.proposal = get_entity_or_abort(model.Proposal, proposal_id)
c.selection = get_entity_or_abort(model.Selection, id)
require.selection.delete(c.selection)
# TODO implement
# event.emit(event.T_PROPOSAL_DELETE, c.user, instance=c.instance,
# topics=[c.proposal], proposal=c.proposal)
c.selection.delete()
model.meta.Session.commit()
h.flash(_("The inclusion of %s has been deleted.") % c.selection.page.title, "success")
redirect(h.entity_url(c.proposal))
def _failure(self, openid, message):
"""
Abort an OpenID authenication attempt and return to login page,
giving an error message at the openid field.
"""
log.info("OpenID: %s - Error: %s" % (openid, message))
if c.user:
h.flash(message, "error")
return redirect(h.entity_url(c.user, member="settings/login"))
else:
loginhtml = render("/user/login_tile.html")
form = formencode.htmlfill.render(loginhtml, defaults={"openid": openid}, errors={"openid": message})
return render("/user/login.html", {"login_form_code": form})
def ret_status(type_, message, entity=None, code=200, format='html'):
import adhocracy.lib.helpers as h
response.status_int = code
if code != 200:
if format == 'json':
return ret_json_status(type_, message, code)
abort(code, message)
if message:
if format == 'json':
return ret_json_status(type_, message, code)
h.flash(message)
if entity is not None:
redirect(h.entity_url(entity, format=format))
redirect(h.base_url(c.instance))
def activate(self, id):
c.page_user = get_entity_or_abort(model.User, id,
instance_filter=False)
code = self.form_result.get('c')
if c.page_user.activation_code is None:
h.flash(_(u'Thank you, The address is already activated.'))
redirect(h.entity_url(c.page_user))
elif c.page_user.activation_code != code:
h.flash(_("The activation code is invalid. Please have it "
"resent."), 'error')
redirect(h.entity_url(c.page_user))
c.page_user.activation_code = None
model.meta.Session.commit()
if code.startswith(model.User.IMPORT_MARKER):
# Users imported by admins
login_user(c.page_user, request)
h.flash(_("Welcome to %s") % h.site.name(), 'success')
if c.instance:
membership = model.Membership(c.page_user, c.instance,
c.instance.default_group)
model.meta.Session.expunge(membership)
model.meta.Session.add(membership)
model.meta.Session.commit()
redirect(h.entity_url(c.instance))
else:
redirect(h.base_url('/instance', None))
else:
h.flash(_("Your email has been confirmed."), 'success')
redirect(h.entity_url(c.page_user))
redirect(h.entity_url(c.page_user))
def _failure(self, openid, message):
"""
Abort an OpenID authenication attempt and return to login page,
giving an error message at the openid field.
"""
log.info("OpenID: %s - Error: %s" % (openid, message))
if c.user:
h.flash(message, 'error')
return redirect(h.entity_url(c.user, member='edit'))
else:
loginhtml = render("/user/login.html")
return formencode.htmlfill.render(loginhtml,
defaults={'openid': openid},
errors={'openid': message})
def post_login(self):
if c.user:
url = h.base_url(c.instance)
if 'came_from' in session:
url = session.get('came_from')
del session['came_from']
session.save()
h.flash(_("You have successfully logged in."), 'success')
redirect(str(url))
else:
session.delete()
return formencode.htmlfill.render(
render("/user/login.html"),
errors={"login": _("Invalid user name or password")})
def ret_status(type_, message, entity=None, code=200, format='html'):
import adhocracy.lib.helpers as h
response.status_int = code
if code != 200:
if format == 'json':
return ret_json_status(type_, message, code)
abort(code, message)
if message:
if format == 'json':
return ret_json_status(type_, message, code)
h.flash(message)
if entity is not None:
redirect(h.entity_url(entity, format=format))
redirect(h.base_url(c.instance))
def post_login(self):
if c.user:
url = h.base_url(c.instance)
if 'came_from' in session:
url = session.get('came_from')
del session['came_from']
session.save()
h.flash(_("You have successfully logged in."), 'success')
redirect(str(url))
else:
session.delete()
return formencode.htmlfill.render(
render("/user/login.html"),
errors={"login": _("Invalid user name or password")})
def _failure(self, openid, message):
"""
Abort an OpenID authenication attempt and return to login page,
giving an error message at the openid field.
"""
log.info("OpenID: %s - Error: %s" % (openid, message))
if c.user:
h.flash(message, 'error')
return redirect(h.entity_url(c.user, member='edit'))
else:
loginhtml = render("/user/login.html")
return formencode.htmlfill.render(loginhtml,
defaults={'openid': openid},
errors={'openid': message})
def _failure(self, message, auth_info=None):
"""
Abort a velruse authenication attempt and return to login page,
giving an error message at the openid / velruse area.
"""
log.info('velruse login error: ' + message)
if auth_info:
log.debug('<pre>' + dumps(auth_info, indent=4) + '</pre>')
h.flash(message, 'error')
if c.user:
return redirect(h.entity_url(c.user, member='edit'))
else:
redirect("/login")
def assign(self, key):
treatment = model.Treatment.find(key)
if not treatment:
return ret_abort(_("Could not find the entity '%s'") % id,
code=404)
if assign_users(treatment):
model.meta.Session.commit()
h.flash(_("All users have been assigned to their respective "
"treatment badges."), 'success')
else:
h.flash(_("All users are already assigned to their respective "
"treatment badges."))
return redirect(h.base_url('/admin/treatment/'))
def activate(self, id):
c.page_user = get_entity_or_abort(model.User, id,
instance_filter=False)
#require.user.edit(c.page_user)
try:
if c.page_user.activation_code != self.form_result.get('c'):
raise ValueError()
c.page_user.activation_code = None
model.meta.Session.commit()
h.flash(_("Your email has been confirmed."), 'success')
except Exception:
log.exception("Invalid activation code")
h.flash(_("The activation code is invalid. Please have it "
"resent."), 'error')
redirect(h.entity_url(c.page_user))
def delete(self, proposal_id, id):
c.proposal = get_entity_or_abort(model.Proposal, proposal_id)
c.selection = get_entity_or_abort(model.Selection, id)
require.selection.delete(c.selection)
# TODO implement
#event.emit(event.T_PROPOSAL_DELETE, c.user, instance=c.instance,
# topics=[c.proposal], proposal=c.proposal)
c.selection.delete()
model.meta.Session.commit()
h.flash(_("The inclusion of %s has been deleted.") %
c.selection.page.title,
'success')
redirect(h.entity_url(c.proposal))
class MessageController(BaseController):
def new(self, id, format='html', errors={}):
c.page_user = get_entity_or_abort(model.User, id)
require.user.message(c.page_user)
html = render("/message/new.html", overlay=format == u'overlay')
return htmlfill.render(html,
defaults=request.params,
errors=errors,
force_defaults=False)
def create(self, id, format='html'):
c.page_user = get_entity_or_abort(model.User, id)
require.user.message(c.page_user)
try:
self.form_result = MessageCreateForm().to_python(request.params)
except Invalid, i:
return self.new(id, errors=i.unpack_errors())
body = self.form_result.get('body')
subject = self.form_result.get('subject')
send_message(subject,
body,
c.user, [c.page_user],
instance=c.instance,
massmessage=False)
h.flash(_("Your message has been sent. Thanks."), 'success')
redirect(h.entity_url(c.page_user, instance=c.instance))
def revoke(self):
if not openid_login_allowed():
ret_abort(_("Removal not allowed, OpenID has been disabled on " "this installation"), code=403)
require.user.edit(c.user)
id = request.params.get("id")
openid = model.OpenID.by_id(id)
if not openid:
abort(404, _("No OpenID with ID '%s' exists.") % id)
page_user = openid.user
if not (page_user == c.user or can.user.manage()):
abort(403, _("You're not authorized to change %s's settings.") % id)
openid.delete()
model.meta.Session.commit()
h.flash(_("Successfully removed OpenID from account"), "success")
log.info("User %s revoked OpenID '%s'" % (c.user.user_name, id))
redirect(h.entity_url(c.user, member="settings/login"))
def update(self, key, lang):
backend = get_backend()
sp = backend.get(key, lang)
if not sp:
return ret_abort(_('Cannot find static page to edit'), code=404)
try:
form_result = EditForm().to_python(request.params)
except Invalid as i:
return self.edit(errors=i.unpack_errors())
sp.title = form_result.get('title')
sp.body = form_result.get('body')
sp.commit()
helpers.flash(_('Page updated'), 'notice')
return redirect(helpers.base_url('/static/'))
class MessageController(BaseController):
def new(self, id, format='html', errors={}):
c.page_user = get_entity_or_abort(model.User, id)
require.user.message(c.page_user)
html = render("/message/new.html", overlay=format == u'overlay')
return htmlfill.render(html,
defaults=request.params,
errors=errors,
force_defaults=False)
def create(self, id, format='html'):
c.page_user = get_entity_or_abort(model.User, id)
require.user.message(c.page_user)
try:
self.form_result = MessageCreateForm().to_python(request.params)
except Invalid, i:
return self.new(id, errors=i.unpack_errors())
c.body = self.form_result.get('body')
c.subject = self.form_result.get('subject')
message = render("/message/body.txt")
headers = {}
if c.user.is_email_activated():
headers['Reply-To'] = c.user.email
from adhocracy.lib.mail import to_user
label = h.site.name() if c.instance is None else c.instance.label
subject = _("[%s] Message from %s: %s") % (label, c.user.name,
c.subject)
to_user(c.page_user, subject, message, headers=headers)
h.flash(_("Your message has been sent. Thanks."), 'success')
redirect(h.entity_url(c.page_user, instance=c.instance))
def update(self, key, lang):
backend = get_backend()
sp = backend.get(key, lang)
if not sp:
return ret_abort(_('Cannot find static page to edit'), code=404)
try:
form_result = EditForm().to_python(request.params)
except Invalid as i:
return self.edit(errors=i.unpack_errors())
sp.title = form_result.get('title')
sp.body = form_result.get('body')
sp.commit()
helpers.flash(_('Page updated'), 'notice')
return redirect(helpers.base_url('/static/'))
