Exemplo n.º 1
0
def lookup_current_user():
    """Set the g.user variable to the User in the database that shares
    openid with the session, if one exists.

    Note that it gets called before all requests, but not before decorators
    """
    g.user = None
    if not current_app.config.get('EVENTUM_GOOGLE_AUTH_ENABLED'):
        # bypass auth by mocking a super user
        session['gplus_id'] = SUPER_USER_GPLUS_ID
        try:
            g.user = User.objects.get(gplus_id=SUPER_USER_GPLUS_ID)
        except DoesNotExist:
            user = User(name='Super User',
                        gplus_id=SUPER_USER_GPLUS_ID,
                        user_type='admin',
                        email='*****@*****.**')
            user.save()

    if 'gplus_id' in session:
        gplus_id = session['gplus_id']
        try:
            g.user = User.objects().get(gplus_id=gplus_id)
        except DoesNotExist:
            pass  # Fail gracefully if the user is not in the database yet
Exemplo n.º 2
0
def lookup_current_user():
    """Set the g.user variable to the User in the database that shares
    openid with the session, if one exists.

    Note that it gets called before all requests, but not before decorators
    """
    g.user = None
    if not current_app.config.get('EVENTUM_GOOGLE_AUTH_ENABLED'):
        # bypass auth by mocking a super user
        session['gplus_id'] = SUPER_USER_GPLUS_ID
        try:
            g.user = User.objects.get(gplus_id=SUPER_USER_GPLUS_ID)
        except DoesNotExist:
            user = User(name='Super User',
                        gplus_id=SUPER_USER_GPLUS_ID,
                        user_type='admin',
                        email='*****@*****.**')
            user.save()

    if 'gplus_id' in session:
        gplus_id = session['gplus_id']
        try:
            g.user = User.objects().get(gplus_id=gplus_id)
        except DoesNotExist:
            pass  # Fail gracefully if the user is not in the database yet
Exemplo n.º 3
0
def create_profile():
    """Create a profile (filling in the form with openid data), and
    register it in the database.

    **Route:** ``/admin/create-profile``

    **Methods:** ``GET, POST``
    """
    if g.user is not None and 'gplus_id' in session:
        # use code=303 to avoid POSTing to the next page.
        return redirect(url_for('admin.index'), code=303)
    form = CreateProfileForm(request.form,
                             name=request.args['name'],
                             email=request.args['email'],
                             next=request.args['next'])
    if form.validate_on_submit():
        if User.objects(email=form.email.data).count() != 0:
            # A user with this email already exists.  Override it.
            user = User.objects.get(email=form.email.data)
            user.openid = session['openid']
            user.name = form.name.data
            flash('Account with this email already exists.  Overridden.',
                  MESSAGE_FLASH)
            user.register_login()
            user.save()
        else:
            # Retreive their user type from the whitelist then remove them.
            wl = Whitelist.objects().get(email=form.email.data)
            user_type = wl.user_type
            wl.redeemed = True
            wl.save()
            # Create a brand new user
            user = User(email=form.email.data,
                        name=form.name.data,
                        gplus_id=session['gplus_id'],
                        user_type=user_type,
                        image_url=request.args.get('image_url'))
            flash('Account created successfully.', MESSAGE_FLASH)
            user.register_login()
            user.save()

        # redirect to the next url or the root of the application ('/')
        if form.next.data:
            # use code=303 to avoid POSTing to the next page.
            return redirect(form.next.data, code=303)
        # use code=303 to avoid POSTing to the next page.
        return redirect('/', code=303)

    return render_template('eventum_auth/create_profile.html',
                           image_url=request.args.get('image_url'),
                           form=form)
Exemplo n.º 4
0
def create_profile():
    """Create a profile (filling in the form with openid data), and
    register it in the database.

    **Route:** ``/admin/create-profile``

    **Methods:** ``GET, POST``
    """
    if g.user is not None and 'gplus_id' in session:
        # use code=303 to avoid POSTing to the next page.
        return redirect(url_for('admin.index'), code=303)
    form = CreateProfileForm(request.form,
                             name=request.args['name'],
                             email=request.args['email'],
                             next=request.args['next'])
    if form.validate_on_submit():
        if User.objects(email=form.email.data).count() != 0:
            # A user with this email already exists.  Override it.
            user = User.objects.get(email=form.email.data)
            user.openid = session['openid']
            user.name = form.name.data
            flash('Account with this email already exists.  Overridden.',
                  MESSAGE_FLASH)
            user.register_login()
            user.save()
        else:
            # Retreive their user type from the whitelist then remove them.
            wl = Whitelist.objects().get(email=form.email.data)
            user_type = wl.user_type
            wl.redeemed = True
            wl.save()
            # Create a brand new user
            user = User(email=form.email.data,
                        name=form.name.data,
                        gplus_id=session['gplus_id'],
                        user_type=user_type,
                        image_url=request.args.get('image_url'))
            flash('Account created successfully.', MESSAGE_FLASH)
            user.register_login()
            user.save()

        # redirect to the next url or the root of the application ('/')
        if form.next.data:
            # use code=303 to avoid POSTing to the next page.
            return redirect(form.next.data, code=303)
        # use code=303 to avoid POSTing to the next page.
        return redirect('/', code=303)

    return render_template('eventum_auth/create_profile.html',
                           image_url=request.args.get('image_url'), form=form)
Exemplo n.º 5
0
def add():
    """Add and email to the whitelist.

    **Route:** ``/admin/whitelist/add``

    **Methods:** ``POST``
    """
    form = AddToWhitelistForm(request.form)

    if form.user_type.data == 'fake_user':
        if form.validate_on_submit():
            fake_id = str(uuid.uuid4())
            fake_email = fake_id[:10] + "@fake-users.com"
            filename = form.fake_user_image.data
            try:
                fake_image = Image.objects().get(filename=filename)
                fake_user = User(email=fake_email,
                                 gplus_id=fake_id,
                                 name=form.name.data,
                                 user_type=form.user_type.data,
                                 image=fake_image)
            except Image.DoesNotExist:
                fake_user = User(email=fake_email,
                                 gplus_id=fake_id,
                                 name=form.name.data,
                                 user_type=form.user_type.data)
            fake_user.save()
        else:
            current_app.logger.warning(form.errors)
    else:
        user_exists = User.objects(email=form.email.data).count() != 0
        if form.validate_on_submit() and not user_exists:
            wl = Whitelist(email=form.email.data,
                           user_type=form.user_type.data)
            wl.save()
        else:
            current_app.logger.warning(form.errors)
    return redirect(url_for('users.index'))
Exemplo n.º 6
0
 def setUp(self):  # noqa
     """Before every test, make some example users."""
     from eventum.models import User
     for user_config in USERS.values():
         user = User(**user_config)
         user.save()