def create_sample_users(): for user in users_to_add: print("Username: \'%s\', password: \'%s\'" % (user[0], user[1])) new_user = User(user[0], user[1]) new_user.test_account = True db.session.add(new_user) db.session.commit()
def create_user_with_role(self, user, email, password, role, github_token=None): """ Create a user with specified user details and role. """ from flask import g user = User(self.user.name, email=self.user.email, password=User.generate_hash(self.user.password), role=role, github_token=github_token) g.db.add(user) g.db.commit()
def complete_signup(email: str, expires: int, mac: str) -> Union[Response, Dict[str, Union[CompleteSignupForm, str, int]]]: """ Complete user signup. :param email: email address of the user :type email: str :param expires: integer representing time after which the link expires :type expires: int :param mac: message authentication code :type mac: str """ from run import app if int(time.time()) <= expires: content_to_hash = f"{email}|{expires}" real_hash = generate_hmac_hash(app.config.get('HMAC_KEY', ''), content_to_hash) try: authentic = hmac.compare_digest(real_hash, mac) except AttributeError: g.log.warning(f'falling back to direct comparison of hash...') # Older python version? Fallback which is less safe authentic = real_hash == mac if authentic: # Check if email already exists (sign up twice with same email) user_that_exists = User.query.filter_by(email=email).first() if user_that_exists is not None: flash('There is already a user with this email address registered.', 'error-message') return redirect(url_for('.signup')) form = CompleteSignupForm() if form.validate_on_submit(): user_to_register = User(form.name.data, email=email, password=User.generate_hash(form.password.data)) g.db.add(user_to_register) g.db.commit() session['user_id'] = user_to_register.id template = app.jinja_env.get_or_select_template('email/registration_ok.txt') message = template.render(name=user_to_register.name) g.mailer.send_simple_message({ "to": user_to_register.email, "subject": "Welcome to the CCExtractor CI platform", "text": message }) return redirect('/') return { 'form': form, 'email': email, 'expires': expires, 'mac': mac } flash('The request to complete the registration was invalid. Please enter your email again to start over.', 'error-message') return redirect(url_for('.signup'))
def complete_signup(email, expires, mac): from run import app # Check if time expired now = int(time.time()) if now <= expires: # Validate HMAC content_to_hash = "{email}|{expiry}".format(email=email, expiry=expires) real_hash = generate_hmac_hash(app.config.get('HMAC_KEY', ''), content_to_hash) try: authentic = hmac.compare_digest(real_hash, mac) except AttributeError: # Older python version? Fallback which is less safe authentic = real_hash == mac if authentic: # Check if email already exists (sign up twice with same email) user = User.query.filter_by(email=email).first() if user is not None: flash( 'There is already a user with this email address registered.', 'error-message') return redirect(url_for('.signup')) form = CompleteSignupForm() if form.validate_on_submit(): user = User(form.name.data, email=email, password=User.generate_hash(form.password.data)) g.db.add(user) g.db.commit() session['user_id'] = user.id # Send email template = app.jinja_env.get_or_select_template( 'email/registration_ok.txt') message = template.render(name=user.name) g.mailer.send_simple_message({ "to": user.email, "subject": "Welcome to the CCExtractor CI platform", "text": message }) return redirect('/') return { 'form': form, 'email': email, 'expires': expires, 'mac': mac } flash( 'The request to complete the registration was invalid. Please enter your email again to start over.', 'error-message') return redirect(url_for('.signup'))
def run(): from database import create_session from mod_auth.models import User, Role db = create_session(sys.argv[1]) # Check if there's at least one admin user admin = User.query.filter(User.role == Role.admin).first() if admin is not None: print(f"Admin already exists: {admin.name}") return user = User(sys.argv[2], Role.admin, sys.argv[3], User.generate_hash(sys.argv[4])) db.add(user) db.commit() print(f"Admin user created with name: {user.name}")
def deactivate(uid): # Only give access if the uid matches the user, or if the user is an admin if g.user.id == uid or g.user.role == Role.admin: usr = User.query.filter_by(id=uid).first() if usr is not None: form = DeactivationForm(request.form) if form.validate_on_submit(): # Deactivate user usr.name = "Anonymized {id}".format(id=usr.id) usr.email = "unknown{id}@ccextractor.org".format(id=usr.id) usr.password = User.create_random_password(16) g.db.commit() if g.user.role == Role.admin: return redirect(url_for('.users')) else: session.pop('user_id', None) flash('Account deactivated.', 'success') return redirect(url_for('.login')) return { 'form': form, 'view_user': usr } abort(404) else: abort(403, request.endpoint)
def deactivate(uid): # Only give access if the uid matches the user, or if the user is an admin if g.user.id == uid or g.user.role == Role.admin: usr = User.query.filter_by(id=uid).first() if usr is not None: form = DeactivationForm(request.form) if form.validate_on_submit(): # Deactivate user usr.name = "Anonymized %s" % usr.id usr.email = "*****@*****.**" % usr.id usr.password = User.create_random_password(16) g.db.commit() if g.user.role == Role.admin: return redirect(url_for('.users')) else: session.pop('user_id', None) flash('Account deactivated.', 'success') return redirect(url_for('.login')) return { 'form': form, 'view_user': usr } abort(404) else: abort(403, request.endpoint)
def deactivate(uid): """ Deactivate user account. Only give access if the uid matches the user, or if the user is an admin :param uid: id of the user :type uid: int :return: DeactivationForm and user view if valid response, appropriate error otherwise :rtype: dynamic """ if g.user.id == uid or g.user.role == Role.admin: usr = User.query.filter_by(id=uid).first() if usr is not None: form = DeactivationForm(request.form) if form.validate_on_submit(): # Deactivate user usr.name = "Anonymized {id}".format(id=usr.id) usr.email = "unknown{id}@ccextractor.org".format(id=usr.id) usr.password = User.create_random_password(16) g.db.commit() if g.user.role == Role.admin: return redirect(url_for('.users')) else: session.pop('user_id', None) g.log.debug(f'account deactivate for user id: {uid}') flash('Account deactivated.', 'success') return redirect(url_for('.login')) return {'form': form, 'view_user': usr} g.log.debug(f'user with id: {uid} not found!') abort(404) else: abort(403, request.endpoint)
def run(): from database import create_session from mod_auth.models import User, Role from mod_auth.models import Page db = create_session(sys.argv[1]) # Create pages if not existing pages = Page.query.all() if len(pages) == 0: page_entries = { 'report.dashboard': 'Dashboard', 'config.notifications': 'Notification services', 'config.data_processing': 'Data processing', 'config.services': 'Honeypot services', 'auth.users': 'User manager', 'auth.access': 'Access manager', 'honeypot.profiles': 'Profile management', 'honeypot.manage': 'Honeypot management' } for name, pretty_name in page_entries.iteritems(): page = Page(name, pretty_name) db.add(page) db.commit() # Add support pages db.add(Page('support.about', 'About', True)) db.add(Page('support.support', 'Support', True)) db.commit() # Create admin role, or check if it already exists existing = Role.query.filter(Role.is_admin).first() if existing is None: role = Role("Admin") db.add(role) db.commit() existing = role else: # Check if there's at least one admin user admin = User.query.filter(User.role_id == existing.id).first() if admin is not None: print("Admin already exists: %s" % admin.name) return user = User(existing.id, sys.argv[2], sys.argv[3], User.generate_hash(sys.argv[4])) db.add(user) db.commit() print("Admin user created with name: %s" % user.name)
def test_unique_username(self): """Test that username is always unique.""" user = User(name="thealphadollar") g.db.add(user) g.db.commit() user_field = Field("thealphadollar") with self.assertRaises(ValidationError): unique_username(None, user_field)
def complete_reset(uid, expires, mac): """ Complete process of account reset. :param uid: user id :type uid: int :param expires: integer representing time after which the link expires :type expires: int :param mac: message authentication code :type mac: str """ from run import app # Check if time expired now = int(time.time()) if now <= expires: user = User.query.filter_by(id=uid).first() if user is not None: # Validate HMAC content_to_hash = "{id}|{expiry}|{passwd}".format( id=uid, expiry=expires, passwd=user.password) real_hash = generate_hmac_hash(app.config.get('HMAC_KEY', ''), content_to_hash) try: authentic = hmac.compare_digest(real_hash, mac) except AttributeError: g.log.warning(f'falling back to direct comparison of hash...') # Older python version? Fallback which is less safe authentic = real_hash == mac if authentic: form = CompleteResetForm(request.form) if form.validate_on_submit(): user.password = User.generate_hash(form.password.data) g.db.commit() template = app.jinja_env.get_or_select_template( 'email/password_reset.txt') message = template.render(name=user.name) g.mailer.send_simple_message({ "to": user.email, "subject": "CCExtractor CI platform password reset", "text": message }) session['user_id'] = user.id return redirect("/") return { 'form': form, 'uid': uid, 'mac': mac, 'expires': expires } flash( 'The request to reset your password was invalid. Please enter your email again to start over.', 'error-message') return redirect(url_for('.reset'))
def manage(): """Allow editing or accessing account details.""" from run import app form = AccountForm(request.form, g.user) if form.validate_on_submit(): user_to_update = User.query.filter(User.id == g.user.id).first() old_email = None password = False if user_to_update.email != form.email.data: old_email = user_to_update.email user_to_update.email = form.email.data if len(form.new_password.data) >= 10: password = True user_to_update.password = User.generate_hash( form.new_password.data) if user_to_update.name != form.name.data: user_to_update.name = form.name.data g.user = user_to_update g.db.commit() if old_email is not None: template = app.jinja_env.get_or_select_template( 'email/email_changed.txt') message = template.render(name=user_to_update.name, email=user_to_update.email) g.mailer.send_simple_message({ "to": [old_email, user_to_update.email], "subject": "CCExtractor CI platform email changed", "text": message }) if password: template = app.jinja_env.get_or_select_template( 'email/password_changed.txt') message = template.render(name=user_to_update.name) to = user_to_update.email if old_email is None else [ old_email, user_to_update.email ] g.mailer.send_simple_message({ "to": to, "subject": "CCExtractor CI platform password changed", "text": message }) flash('Settings saved') github_url = github_redirect() return {'form': form, 'url': github_url}
def create_admin(self): # test if there is admin existed try: name, password, email = "admin", "adminpwd", "*****@*****.**" db = create_session(self.app.config['DATABASE_URI'], drop_tables=False) role = Role(name=name) db.add(role) db.commit() admin_user = User(role_id=role.id, name=name, password=password, email=email) db.add(admin_user) db.commit() finally: db.remove() return name, password, email
def signup(): form = SignupForm(request.form) print(form.password.data) if request.method == 'POST' and form.validate(): # Check whether the user name is unique user_name_taken = db.session.query(User.email).filter_by( email=form.user_name.data).scalar() is not None print("heo") if user_name_taken: form.user_name.errors.append('Username taken') else: user = User(email=form.user_name.data, password=form.password.data) db.session.add(user) db.session.commit() flash('Thanks for registering') # TODO: send email to the user for registration signup return redirect(url_for('hello')) return render_template('auth/signup.html', form=form)
def complete_signup(email, expires, mac): from run import app # Check if time expired now = int(time.time()) if now <= expires: # Validate HMAC content_to_hash = "{email}|{expiry}".format(email=email, expiry=expires) real_hash = generate_hmac_hash(app.config.get('HMAC_KEY', ''), content_to_hash) try: authentic = hmac.compare_digest(real_hash, mac) except AttributeError: # Older python version? Fallback which is less safe authentic = real_hash == mac if authentic: # Check if email already exists (sign up twice with same email) user = User.query.filter_by(email=email).first() if user is not None: flash('There is already a user with this email address registered.', 'error-message') return redirect(url_for('.signup')) form = CompleteSignupForm() if form.validate_on_submit(): user = User(form.name.data, email=email, password=User.generate_hash(form.password.data)) g.db.add(user) g.db.commit() session['user_id'] = user.id # Send email template = app.jinja_env.get_or_select_template('email/registration_ok.txt') message = template.render(name=user.name) g.mailer.send_simple_message({ "to": user.email, "subject": "Welcome to the CCExtractor CI platform", "text": message }) return redirect('/') return { 'form': form, 'email': email, 'expires': expires, 'mac': mac } flash('The request to complete the registration was invalid. Please enter your email again to start over.', 'error-message') return redirect(url_for('.signup'))
def manage(): form = AccountForm(request.form, g.user) if not g.user.is_admin(): form.email.validators = [] if request.method == 'POST': result = {'status': 'error', 'errors': []} if form.validate_on_submit(): user = User.query.filter(User.id == g.user.id).first() if user.is_admin(): user.email = form.email.data if len(form.new_password.data) >= 10: user.password = User.generate_hash(form.new_password.data) g.user = user g.db.commit() result['status'] = 'success' result['errors'] = form.errors return jsonify(result) return {'form': form}
def complete_reset(uid, expires, mac): from run import app # Check if time expired now = int(time.time()) if now <= int(expires): user = User.query.filter_by(id=uid).first() if user is not None: # Validate HMAC real_hash = hmac.new( app.config.get('HMAC_KEY', ''), "%s|%s|%s" % (uid, expires, user.password) ).hexdigest() try: authentic = hmac.compare_digest(real_hash, mac.encode('utf-8')) except AttributeError: # Older python version? Fallback which is less safe authentic = real_hash == mac if authentic: form = CompleteResetForm(request.form) if form.validate_on_submit(): user.password = User.generate_hash(form.password.data) g.db.commit() template = app.jinja_env.get_or_select_template( 'email/password_reset.txt') message = template.render(name=user.name) g.mailer.send_simple_message({ "to": user.email, "subject": "CCExtractor CI platform password reset", "text": message }) session['user_id'] = user.id return redirect("/") return { 'form': form, 'uid': uid, 'mac': mac, 'expires': expires } flash('The request to reset your password was invalid. Please enter your ' 'email again to start over.', 'error-message') return redirect(url_for('.reset'))
def manage(): """ Function to edit or access account details """ from run import app form = AccountForm(request.form, g.user) if form.validate_on_submit(): user = User.query.filter(User.id == g.user.id).first() old_email = None password = False if user.email != form.email.data: old_email = user.email user.email = form.email.data if len(form.new_password.data) >= 10: password = True user.password = User.generate_hash(form.new_password.data) if user.name != form.name.data: user.name = form.name.data g.user = user g.db.commit() if old_email is not None: template = app.jinja_env.get_or_select_template('email/email_changed.txt') message = template.render(name=user.name, email=user.email) g.mailer.send_simple_message({ "to": [old_email, user.email], "subject": "CCExtractor CI platform email changed", "text": message }) if password: template = app.jinja_env.get_or_select_template('email/password_changed.txt') message = template.render(name=user.name) to = user.email if old_email is None else [old_email, user.email] g.mailer.send_simple_message({ "to": to, "subject": "CCExtractor CI platform password changed", "text": message }) flash('Settings saved') github_url = github_redirect() return { 'form': form, 'url': github_url }
def complete_reset(uid, expires, mac): from run import app # Check if time expired now = int(time.time()) if now <= expires: user = User.query.filter_by(id=uid).first() if user is not None: # Validate HMAC content_to_hash = "{id}|{expiry}|{passwd}".format(id=uid, expiry=expires, passwd=user.password) real_hash = generate_hmac_hash(app.config.get('HMAC_KEY', ''), content_to_hash) try: authentic = hmac.compare_digest(real_hash, mac) except AttributeError: # Older python version? Fallback which is less safe authentic = real_hash == mac if authentic: form = CompleteResetForm(request.form) if form.validate_on_submit(): user.password = User.generate_hash(form.password.data) g.db.commit() template = app.jinja_env.get_or_select_template('email/password_reset.txt') message = template.render(name=user.name) g.mailer.send_simple_message({ "to": user.email, "subject": "CCExtractor CI platform password reset", "text": message }) session['user_id'] = user.id return redirect("/") return { 'form': form, 'uid': uid, 'mac': mac, 'expires': expires } flash('The request to reset your password was invalid. Please enter your email again to start over.', 'error-message') return redirect(url_for('.reset'))
def manage(): form = AccountForm(request.form, g.user) if not g.user.is_admin(): form.email.validators = [] if request.method == 'POST': result = { 'status': 'error', 'errors': [] } if form.validate_on_submit(): user = User.query.filter(User.id == g.user.id).first() if user.is_admin(): user.email = form.email.data if len(form.new_password.data) >= 10: user.password = User.generate_hash(form.new_password.data) g.user = user g.db.commit() result['status'] = 'success' result['errors'] = form.errors return jsonify(result) return { 'form': form }
def setUp(self): self.app.preprocess_request() g.db = create_session(self.app.config['DATABASE_URI'], drop_tables=True) # enable Foreign keys for unit tests g.db.execute('pragma foreign_keys=on') general_data = [ GeneralData('last_commit', "1978060bf7d2edd119736ba3ba88341f3bec3323"), GeneralData(f'fetch_commit_{TestPlatform.linux.value}', "1978060bf7d2edd119736ba3ba88341f3bec3323"), GeneralData(f'fetch_commit_{TestPlatform.windows.value}', "1978060bf7d2edd119736ba3ba88341f3bec3323") ] g.db.add_all(general_data) self.ccextractor_version = CCExtractorVersion( "1.2.3", "2013-02-27T19:35:32Z", "1978060bf7d2edd119736ba3ba88341f3bec3323") g.db.add(self.ccextractor_version) fork = Fork( f"https://github.com/{g.github['repository_owner']}/{g.github['repository']}.git" ) g.db.add(fork) g.db.commit() dummy_user = User(signup_information['existing_user_name'], signup_information['existing_user_role'], signup_information['existing_user_email'], signup_information['existing_user_pwd']) g.db.add(dummy_user) g.db.commit() test = [ Test(TestPlatform.linux, TestType.pull_request, 1, "master", "1978060bf7d2edd119736ba3ba88341f3bec3323", 1), Test(TestPlatform.linux, TestType.pull_request, 1, "master", "abcdefgh", 1) ] g.db.add_all(test) g.db.commit() categories = [ Category("Broken", "Samples that are broken"), Category("DVB", "Samples that contain DVB subtitles"), Category("DVD", "Samples that contain DVD subtitles"), Category("MP4", "Samples that are stored in the MP4 format"), Category("General", "General regression samples") ] g.db.add_all(categories) g.db.commit() samples = [ Sample("sample1", "ts", "sample1"), Sample("sample2", "ts", "sample2") ] g.db.add_all(samples) g.db.commit() upload = [ Upload(1, 1, 1, Platform.windows), Upload(1, 2, 1, Platform.linux) ] g.db.add_all(upload) g.db.commit() regression_tests = [ RegressionTest(1, "-autoprogram -out=ttxt -latin1 -2", InputType.file, OutputType.file, 3, 10), RegressionTest(2, "-autoprogram -out=ttxt -latin1 -ucla", InputType.file, OutputType.file, 1, 10) ] g.db.add_all(regression_tests) g.db.commit() categories[0].regression_tests.append(regression_tests[0]) categories[2].regression_tests.append(regression_tests[1]) regression_test_outputs = [ RegressionTestOutput(1, "sample_out1", ".srt", ""), RegressionTestOutput(2, "sample_out2", ".srt", "") ] g.db.add_all(regression_test_outputs) g.db.commit() rtof = RegressionTestOutputFiles("bluedabadee", 2) g.db.add(rtof) g.db.commit() test_result_progress = [ TestProgress(1, TestStatus.preparation, "Test 1 preparation"), TestProgress(1, TestStatus.building, "Test 1 building"), TestProgress(1, TestStatus.testing, "Test 1 testing"), TestProgress(1, TestStatus.completed, "Test 1 completed"), TestProgress(2, TestStatus.preparation, "Test 2 preparation"), TestProgress(2, TestStatus.building, "Test 2 building"), TestProgress(2, TestStatus.testing, "Test 2 testing"), TestProgress(2, TestStatus.completed, "Test 2 completed") ] g.db.add_all(test_result_progress) g.db.commit() test_results = [ TestResult(1, 1, 200, 0, 0), TestResult(1, 2, 601, 0, 0), TestResult(2, 1, 200, 200, 0), TestResult(2, 2, 601, 0, 0) ] g.db.add_all(test_results) g.db.commit() test_result_files = [ TestResultFile(1, 1, 1, "sample_out1"), TestResultFile(1, 2, 2, "sample_out2"), TestResultFile(2, 1, 1, "sample_out1"), TestResultFile(2, 2, 2, "sample_out2", "out2") ] g.db.add_all(test_result_files) g.db.commit() forbidden_mime = ForbiddenMimeType("application/javascript") forbidden_ext = [ForbiddenExtension("js"), ForbiddenExtension("com")] g.db.add(forbidden_mime) g.db.add_all(forbidden_ext) g.db.commit()
def users_ajax(action): result = { 'status': 'error', 'errors': [] } if action == 'create': form = CreateUserForm(request.form) form.role.choices = [(r.id, r.name) for r in Role.query.order_by('name')] if form.validate_on_submit(): # Generate random password password = User.create_random_password() email = None if len(form.email.data) == 0 else form.email.data # No errors, so role is valid, email is valid & username # doesn't exist yet. Create user user = User(form.role.data, form.username.data, email, User.generate_hash(password)) g.db.add(user) g.db.commit() result['status'] = 'success' result['user'] = { 'id': user.id, 'name': user.name, 'role_id': user.role_id, 'role_name': user.role.name, 'email': user.email, 'password': password } result['errors'] = form.errors if action == 'delete': form = UserModifyForm('delete', g.user, request.form) if form.validate_on_submit(): # Delete user user = User.query.filter(User.id == form.id.data).first() g.db.delete(user) g.db.commit() result['status'] = 'success' result['errors'] = form.errors if action == 'change': form = UserModifyForm('change', g.user, request.form) if form.validate_on_submit(): # Change role user = User.query.filter(User.id == form.id.data).first() role = Role.query.filter(Role.id == form.role.data).first() user.role = role g.db.commit() result['status'] = 'success' result['role'] = { 'id': role.id, 'name': role.name } result['errors'] = form.errors if action == 'reset': form = UserModifyForm('reset', g.user, request.form) if form.validate_on_submit(): # Reset password user = User.query.filter(User.id == form.id.data).first() password = User.create_random_password() user.update_password(password) g.db.commit() result['status'] = 'success' result['message'] = 'The password for %s (#%s) was reset to: ' \ '<code>%s</code><br />Please copy ' \ 'this carefully and give it to the user in ' \ 'question.' % (user.name, user.id, password) result['errors'] = form.errors return jsonify(result)
def setUp(self): self.app.preprocess_request() g.db = create_session(self.app.config['DATABASE_URI'], drop_tables=True) g.db.execute('pragma foreign_keys=on') # Enable Foreign for unit tests commit_name_linux = 'fetch_commit_' + TestPlatform.linux.value commit_name_windows = 'fetch_commit_' + TestPlatform.windows.value general_data = [ GeneralData('last_commit', '1978060bf7d2edd119736ba3ba88341f3bec3323'), GeneralData(commit_name_linux, '1978060bf7d2edd119736ba3ba88341f3bec3323'), GeneralData(commit_name_windows, '1978060bf7d2edd119736ba3ba88341f3bec3323') ] g.db.add_all(general_data) self.ccextractor_version = CCExtractorVersion( '1.2.3', '2013-02-27T19:35:32Z', '1978060bf7d2edd119736ba3ba88341f3bec3323') g.db.add(self.ccextractor_version) fork_url = ('https://github.com/{user}/{repo}.git').format( user=g.github['repository_owner'], repo=g.github['repository']) fork = Fork(fork_url) g.db.add(fork) g.db.commit() dummy_user = User(signup_information['existing_user_name'], signup_information['existing_user_role'], signup_information['existing_user_email'], signup_information['existing_user_pwd']) g.db.add(dummy_user) g.db.commit() test = [ Test(TestPlatform.linux, TestType.pull_request, 1, 'master', '1978060bf7d2edd119736ba3ba88341f3bec3323', 1), Test(TestPlatform.linux, TestType.pull_request, 1, 'master', 'abcdefgh', 1) ] g.db.add_all(test) g.db.commit() categories = [ Category('Broken', 'Samples that are broken'), Category('DVB', 'Samples that contain DVB subtitles'), Category('DVD', 'Samples that contain DVD subtitles'), Category('MP4', 'Samples that are stored in the MP4 format'), Category('General', 'General regression samples') ] g.db.add_all(categories) g.db.commit() samples = [ Sample('sample1', 'ts', 'sample1'), Sample('sample2', 'ts', 'sample2') ] g.db.add_all(samples) g.db.commit() upload = [ Upload(1, 1, 1, Platform.windows), Upload(1, 2, 1, Platform.linux) ] g.db.add_all(upload) g.db.commit() regression_tests = [ RegressionTest(1, '-autoprogram -out=ttxt -latin1 -2', InputType.file, OutputType.file, 3, 10), RegressionTest(2, '-autoprogram -out=ttxt -latin1 -ucla', InputType.file, OutputType.file, 1, 10) ] g.db.add_all(regression_tests) g.db.commit() categories[0].regression_tests.append(regression_tests[0]) categories[2].regression_tests.append(regression_tests[1]) regression_test_outputs = [ RegressionTestOutput(1, 'sample_out1', '.srt', ''), RegressionTestOutput(2, 'sample_out2', '.srt', '') ] g.db.add_all(regression_test_outputs) g.db.commit() test_result_progress = [ TestProgress(1, TestStatus.preparation, "Test 1 preperation"), TestProgress(1, TestStatus.building, "Test 1 building"), TestProgress(1, TestStatus.testing, "Test 1 testing"), TestProgress(1, TestStatus.completed, "Test 1 completed"), TestProgress(2, TestStatus.preparation, "Test 2 preperation"), TestProgress(2, TestStatus.building, "Test 2 building"), TestProgress(2, TestStatus.testing, "Test 2 testing"), TestProgress(2, TestStatus.completed, "Test 2 completed") ] g.db.add_all(test_result_progress) g.db.commit() test_results = [ TestResult(1, 1, 200, 0, 0), TestResult(1, 2, 601, 0, 0), TestResult(2, 1, 200, 200, 0), TestResult(2, 2, 601, 0, 0) ] g.db.add_all(test_results) g.db.commit() test_result_files = [ TestResultFile(1, 1, 1, 'sample_out1'), TestResultFile(1, 2, 2, 'sample_out2'), TestResultFile(2, 1, 1, 'sample_out1'), TestResultFile(2, 2, 2, 'sample_out2', 'out2') ] g.db.add_all(test_result_files) g.db.commit() forbidden_mime = ForbiddenMimeType('application/javascript') forbidden_ext = [ForbiddenExtension('js'), ForbiddenExtension('com')] g.db.add(forbidden_mime) g.db.add_all(forbidden_ext) g.db.commit()
def users_ajax(action): result = {'status': 'error', 'errors': []} if action == 'create': form = CreateUserForm(request.form) form.role.choices = [(r.id, r.name) for r in Role.query.order_by('name')] if form.validate_on_submit(): # Generate random password password = User.create_random_password() email = None if len(form.email.data) == 0 else form.email.data # No errors, so role is valid, email is valid & username # doesn't exist yet. Create user user = User(form.role.data, form.username.data, email, User.generate_hash(password)) g.db.add(user) g.db.commit() result['status'] = 'success' result['user'] = { 'id': user.id, 'name': user.name, 'role_id': user.role_id, 'role_name': user.role.name, 'email': user.email, 'password': password } result['errors'] = form.errors if action == 'delete': form = UserModifyForm('delete', g.user, request.form) if form.validate_on_submit(): # Delete user user = User.query.filter(User.id == form.id.data).first() g.db.delete(user) g.db.commit() result['status'] = 'success' result['errors'] = form.errors if action == 'change': form = UserModifyForm('change', g.user, request.form) if form.validate_on_submit(): # Change role user = User.query.filter(User.id == form.id.data).first() role = Role.query.filter(Role.id == form.role.data).first() user.role = role g.db.commit() result['status'] = 'success' result['role'] = {'id': role.id, 'name': role.name} result['errors'] = form.errors if action == 'reset': form = UserModifyForm('reset', g.user, request.form) if form.validate_on_submit(): # Reset password user = User.query.filter(User.id == form.id.data).first() password = User.create_random_password() user.update_password(password) g.db.commit() result['status'] = 'success' result['message'] = 'The password for %s (#%s) was reset to: ' \ '<code>%s</code><br />Please copy ' \ 'this carefully and give it to the user in ' \ 'question.' % (user.name, user.id, password) result['errors'] = form.errors return jsonify(result)