def update(self, req):
template = self.view.get_template("group/update.html")
group = Group.retrieve(screen_name=req.params["id"])
groups = list()
for g in Group.list():
if not (group.is_ancestor(g) or group.is_descendant(g)
or g == group):
groups.append(g)
users = list()
error = ""
message = ""
for u in User.list():
if not group.is_in(u):
users.append(u)
if req.method == "POST":
try:
form = GroupUpdateForm(req.post())
icon = resize_icon(
form["icon"]) if form["icon"] is not None else group.icon
group.screen_name = form["screen_name"]
group.name = form["name"]
group.parent = Group.retrieve(
form["parent"]) if form["parent"] is not None else None
for role in form["roles"]:
group.roles.append(Role.retrieve(screen_name=role))
group.icon = icon
group.users = [User.retrieve(user) for user in form['users']]
if form['new_user'] is not None:
group.users.append(User.retrieve(form['new_user']))
for user, roles in form['inner_roles'].items():
rel = UserGroup.retrieve(group=group,
user=User.retrieve(user))
rel.roles = [InnerRole.retrieve(role) for role in roles]
group.update()
message = "変更を保存しました"
except ValidationError as err:
error = str(err)
roles = Role.list()
inner_roles = InnerRole.list()
return Response.render(
template,
{
"message": message,
"error": error,
"group": group,
"all_groups": groups,
"all_users": users,
"screen_name": group.screen_name,
"name": group.name,
"icon": group.icon,
"roles": roles,
"inner_roles": inner_roles
},
)
def retrieve(self, request):
try:
id = request.params["id"]
if id.isdigit():
user = User.retrieve(int(id))
else:
user = User.retrieve(screen_name=id)
return Response.json(user.to_dict())
except KeyError as err:
error = err
return Response.json({
"error": err.__class__.__name__,
"message": err.message,
"args": err.args,
})
def update_profile(self, req):
template = self.view.get_template("user/update/profile.html")
user = User.retrieve(screen_name=req.params["id"])
roles = Role.list()
error = ""
if req.method == "POST":
try:
form = UserUpdateForm(req.post())
user.screen_name = form["screen_name"]
user.name = form["name"]
user.icon = (resize_icon(form["icon"])
if form["icon"] is not None else user.icon)
roles_ = []
for role in form["roles"]:
roles_.append(Role.retrieve(role))
user.roles = roles_
user.update()
return Response.redirect(
self.app.convert_url("/users/" + user.screen_name +
"/settings"))
except Exception as err:
error = str(err)
return Response.render(
template,
{
"user": user,
"screen_name": user.screen_name,
"name": user.name,
"icon": user.icon,
"roles": roles,
"error": error
},
)
def update_notification(self, req):
template = self.view.get_template("user/update/notification.html")
user = User.retrieve(screen_name=req.params["id"])
if user._id != req.user._id:
return Response.redirect(self.app.convert_url("/"))
error = ""
if req.method == "POST":
try:
form = SubscriptionForm(req.post())
if form["action"] == "subscribe":
subscription = PushSubscription()
subscription.subscription = form["subscription"]
subscription.create()
user.subscriptions.append(subscription)
user.update()
error = "通知の購読を設定しました"
else:
subscription = PushSubscription.retrieve(
subscription=form["subscription"])
subscription.delete()
error = "通知の購読を解除しました"
except Exception as err:
error = str(err)
return Response.render(
template,
{
"user": user,
"vapid_public_key": self.app.project.vapid["public_key"],
"error": error
},
)
def delete(self, request):
try:
id = request.params["id"]
if id.isdigit():
user = User.retrieve(int(id))
else:
user = User.retrieve(screen_name=id)
user.delete()
return Response.json({"_id": user._id})
except Exception as err:
error = err
return Response.json({
"error": err.__class__.__name__,
"message": err.message,
"args": err.args,
})
def icon(self, request):
try:
id = request.params["id"]
if id.isdigit():
user = User.retrieve(int(id))
else:
user = User.retrieve(screen_name=id)
f = magic.Magic(mime=True, uncompress=True)
mime = f.from_buffer(group.icon)
return Response(body=user.icon, content_type=mime)
except KeyError as err:
return Response.error({
"error": err.__class__.__name__,
"message": err.message,
"args": err.args,
})
def create(self, request):
template = self.view.get_template("repo/create.html")
nodes = [*Group.list(), *User.list()]
try:
if request.method == 'POST':
body = request.post()
repo = Repo()
repo.name = body['name']
repo.owner = Node.retrieve(body['owner'])
repo.create()
if not (self.app.project_dir / 'git_template').is_dir:
git.Repo.init(self.app.project_dir / 'git_template',
bare=True)
git.Repo.init(self.app.project_dir /
('repos/' + repo.name + '.git'),
bare=True,
template=self.app.project_dir / 'git_template')
return Response.redirect(self.app.convert_url('/' + repo.name))
except Exception as err:
error = str(err)
traceback.print_exc(err)
return Response.render(template, {
'post': body,
'error': error,
'nodes': nodes
})
return Response.render(template, {'post': dict(), 'nodes': nodes})
def process_result_value(self, value, dialect):
from mitama.models import User
if value == None:
return None
else:
user = User.retrieve(value)
return user
def list(self, req):
template = self.view.get_template("user/list.html")
users = User.list()
return Response.render(
template,
{
"users": users,
},
)
def retrieve(self, req):
template = self.view.get_template("user/retrieve.html")
user = User.retrieve(screen_name=req.params["id"])
return Response.render(
template,
{
"user": user,
},
)
def create(self, request):
post = request.post()
try:
user = User()
user.screen_name = post["screen_name"]
user.name = post["name"]
user.set_password(post["password"])
user.create()
return Response.json(user.to_dict())
except KeyError as err:
error = err
return Response.json({
"error": err.__class__.__name__,
"message": err.message,
"args": err.args,
})
def remove_user(self, req):
try:
group = Group.retrieve(screen_name=req.params["id"])
child = User.retrieve(req.params["uid"])
group.remove(child)
except Exception as err:
print(err)
pass
finally:
return Response.redirect(
self.app.convert_url("/groups/" + group.screen_name +
"/settings"))
def test_node(self):
group = Group()
group.name = "team1"
group.screen_name = "team1"
user1 = User()
user1.name = "bob"
user1.screen_name = "bob"
group.create()
user1.create()
hoge = ModelC()
hoge.node = group
hoge.create()
piyo = ModelC()
piyo.node = user1
piyo.create()
foo = ModelC()
foo.node = group._id
foo.create()
bar= ModelC()
bar.node = user1._id
bar.create()
self.assertEqual(hoge.node, group)
self.assertEqual(piyo.node, user1)
self.assertEqual(foo.node, group)
self.assertEqual(bar.node, user1)
pass
def auth(project, args):
from mitama.models import User
user = args.user
password = args.password
if password == "":
password = getpass("Password:"******"Authentication failed")
sys.exit(1)
def process_result_value(self, value, dialect):
prefix = value.split("-")[0]
if prefix == "user":
from mitama.models import User
node = User.retrieve(value)
elif prefix == "group":
from mitama.models import Group
node = Group.retrieve(value)
else:
raise TypeError("Invalid ID format")
return node
def login(self, request):
template = self.view.get_template("login.html")
if request.method == "POST":
try:
form = LoginForm(request.post())
result = User.password_auth(form["screen_name"],
form["password"])
sess = request.session()
sess["jwt_token"] = result.get_jwt()
redirect_to = request.query.get("redirect_to", ["/"])[0]
return Response.redirect(redirect_to)
except Exception as err:
return Response.render(template, {"error": err}, status=401)
return Response.render(template, status=401)
def update(self, request):
try:
post = request.post()
id = request.params["id"]
if id.isdigit():
user = User.retrieve(int(id))
else:
user = User.retrieve(screen_name=id)
if "screen_name" in post:
user.screen_name = post["screen_name"]
if "name" in post:
user.name = post["name"]
if "password" in post:
user.set_password(post["password"])
user.update()
return Response.json(user.to_dict())
except KeyError as err:
error = err
return Response.json({
"error": err.__class__.__name__,
"message": err.message,
"args": err.args,
})
def process(self, request, handler):
sess = request.session()
try:
if "jwt_token" in sess:
request.user = User.check_jwt(sess["jwt_token"])
else:
return Response.redirect(
request.app.project.login_page
+ "?redirect_to="
+ urllib.parse.quote(str(request.url), safe="")
)
except Exception:
return Response.redirect(
request.app.project.login_page
+ "?redirect_to="
+ urllib.parse.quote(str(request.url), safe="")
)
return handler(request)
def update_password(self, req):
template = self.view.get_template("user/update/password.html")
user = User.retrieve(screen_name=req.params["id"])
if user._id != req.user._id:
return Response.redirect(self.app.convert_url("/"))
error = ""
if req.method == "POST":
try:
form = UserPasswordUpdateForm(req.post())
if form["password"] != form["password_"]:
raise Exception("パスワードが一致しません")
user.set_password(form["password"])
user.update()
error = "パスワードを変更しました"
except Exception as err:
error = str(err)
return Response.render(
template,
{
"user": user,
"error": error
},
)
def process(self, request, handler):
try:
if "HTTP_AUTHORIZATION" in request.headers:
name, token = request.headers["HTTP_AUTHORIZATION"].split(" ")
login, password = base64.b64decode(token).decode().split(":")
request.user = User.password_auth(login, password)
else:
return Response(
status=401,
reason="Authorization Required",
headers={
"WWW-Authenticate": "Basic realm=\"mitama authorization\""
}
)
except Exception as err:
print(err)
return Response(
status=401,
reason="Authorization Required",
headers={
"WWW-Authenticate": "Basic realm=\"mitama authorization\""
}
)
return handler(request)
def append(self, req):
form = req.post()
try:
group = Group.retrieve(screen_name=req.params["id"])
nodes = list()
if "user" in form:
for uid in form.getlist("user"):
try:
nodes.append(User.retrieve(uid))
except Exception:
pass
if "group" in form:
for gid in form.getlist("group"):
try:
nodes.append(Group.retrieve(gid))
except Exception:
pass
group.append_all(nodes)
except Exception:
pass
finally:
return Response.redirect(
self.app.convert_url("/groups/" + group.screen_name +
"/settings"))
def signup(self, request):
sess = request.session()
template = self.view.get_template("signup.html")
invite = UserInvite.retrieve(token=request.query["token"][0])
if request.method == "POST":
try:
form = RegisterForm(request.post())
user = User()
user.email = invite.email
user.set_password(form["password"])
user.screen_name = form["screen_name"]
user.name = form["name"]
user.icon = (resize_icon(form["icon"])
if form["icon"] is not None else user.icon)
user.create()
sess["jwt_token"] = user.get_jwt()
roles = invite.roles
if len(roles) > 0:
for role_id in invite.roles.split(":"):
role = Role.retrieve(role_id)
role.append(user)
invite.delete()
return Response.redirect(self.app.convert_url("/"))
except (ValidationError, ValueError) as err:
icon = form["icon"]
return Response.render(
template,
{
"error": err.messsage,
"name": form["name"] or invite.name,
"screen_name":
(form["screen_name"] or invite.screen_name),
"password": form["password"] or "",
"icon": icon,
},
)
return Response.render(
template,
{
"icon": invite.icon,
"name": invite.name or "",
"screen_name": invite.screen_name or "",
},
)
def test_group(self):
group = Group()
group.name = "team1"
group.screen_name = "team1"
user1 = User()
user1.name = "bob"
user1.screen_name = "bob"
user1.email = "*****@*****.**"
user2 = User()
user2.name = "charlie"
user2.screen_name = "charlie"
user2.email = "*****@*****.**"
group.create()
user1.create()
user2.create()
group.append(user1)
self.assertTrue(group.is_in(user1))
self.assertFalse(group.is_in(user2))
pass
def test_user(self):
user = User()
user.name = "alice"
user.screen_name = "alice"
user.email = "*****@*****.**"
user.set_password("alice_s_password_1234")
user.create()
self.assertTrue(User.password_auth("alice", "alice_s_password_1234"))
jwt = user.get_jwt()
self.assertEqual(User.check_jwt(jwt), user)
def list(self, request):
users = User.list()
return Response.json([user.to_dict for user in users])
def handle(self, request):
template = self.view.get_template("welcome.html")
return Response.render(template, {"users": User.list()})
def setup(self, request):
template = self.view.get_template("setup.html")
if len(User.list()) > 0:
return Response.redirect(self.app.convert_url("/login"))
if request.method == "POST":
try:
form = SetupForm(request.post())
try:
owner = Role()
owner.name = "Owner"
owner.create()
manager = Role()
manager.name = "Manager"
manager.create()
normal = Role()
normal.name = "Normal"
normal.create()
inner_owner = InnerRole()
inner_owner.name = "Owner"
inner_owner.create()
inner_manager = InnerRole()
inner_manager.name = "Manager"
inner_manager.create()
inner_normal = InnerRole()
inner_normal.name = "Normal"
inner_normal.create()
except Exception:
pass
Permission.accept("admin", owner)
Permission.accept("create_user", owner)
Permission.accept("update_user", owner)
Permission.accept("delete_user", owner)
Permission.accept("create_group", owner)
Permission.accept("update_group", owner)
Permission.accept("delete_group", owner)
Permission.accept("create_user", manager)
Permission.accept("update_user", manager)
Permission.accept("create_group", manager)
Permission.accept("update_group", manager)
InnerPermission.accept("admin", inner_owner)
InnerPermission.accept("add_user", inner_owner)
InnerPermission.accept("remove_user", inner_owner)
InnerPermission.accept("add_group", inner_owner)
InnerPermission.accept("remove_group", inner_owner)
InnerPermission.accept("add_user", inner_manager)
InnerPermission.accept("remove_user", inner_owner)
InnerPermission.accept("add_group", inner_manager)
InnerPermission.accept("remove_group", inner_owner)
user = UserInvite()
user.email = form["email"]
user.roles = owner._id
user.create()
user.mail(
"Mitamaへようこそ", "下記リンクから、Mitamaに参加しましょう\n{}".format(
self.app.convert_fullurl(request, "/signup?token=" +
user.token)))
template = self.view.get_template("confirm.html")
return Response.render(template)
except ValidationError as err:
return Response.render(template, {"error": str(err)})
return Response.render(template)