def put(self, user=None):
gc = GlobalConfig.get_configs()
if not gc.allow_user_registration:
self.redirect('/register/disabled/', abort=True)
if self.json_request.get('organization'):
return HttpErrorException.forbidden()
User.new(self.json_request, request=self.request, worldshare_group=Group.get_worldshare_key())
creds = GenericCredentials(self.json_request.get('username'), self.json_request.get('password'))
if not creds.authenticate():
raise HttpErrorException.bad_request('faild to authinicate')
session = login(self.request, creds, User)
self.response.set_cookie('auth_user', base64.b64encode(creds.username))
self.response.set_cookie('user', creds.username)
self.response.set_cookie('auth_token', session.token)
def put(self, user_id=None):
if not self.user.is_admin:
lr = tt_logging.construct_log(
msg_short='Non-Admin User Try Create New User',
msg='User (%s) attemped to create a new user' % (self.user.key.id()),
log_type=tt_logging.SECURITY, request_user=self.user,
request=self.request
)
log.warning(lr['dict_msg']['msg'], extra=lr)
raise HttpErrorException.forbidden()
if self.json_request.get('username'):
org = None
if self.json_request.get('organization'):
org = Organization.get_by_id(self.json_request.get('organization'))
User.new(self.json_request, verify_email=False, request=self.request,
worldshare_group=Group.get_worldshare_key(), organization=org)
