def decorated_function(*args, **kwargs):
if current_user.has_permission(permission):
return f(*args, **kwargs)
if current_user.has_permission('AUTH-PERMISSION_MISSING'):
flash(
_('Missing permission %(permission)s',
permission=b(permission)), 'warning')
abort(403)
def main_message_clean():
messages = Notification.query.all()
counter = 0
for message in messages:
if message.expired:
counter = counter + 1
message.delete()
flash(_('%(counter)s messages have been removed.', counter=b(counter)))
return redirect(url_for('admin.main_sysmsg_list'))
def preference_reload():
session.pop('preferences', None)
session['preferences'] = {}
for pref in current_user.preferences:
session['preferences'][pref.name] = pref.value
flash(_('Preferences for %(name)s have been reloaded.',
name=b(current_user.name or current_user.username)), 'success')
return redirect(url_for('auth.preferences'))
def preference_create():
form = PreferenceForm()
if form.validate_on_submit():
exists = AuthUserPreference.query.filter(and_(
AuthUserPreference.name == form.name.data,
AuthUserPreference.user_id == current_user.id)).first()
if exists:
preference = AuthUserPreference.query.get(exists.id)
else:
preference = AuthUserPreference()
form.populate_obj(preference)
preference.user_id = current_user.id
preference.update()
session.pop('preferences', None)
session['preferences'] = {}
for pref in current_user.preferences:
session['preferences'][pref.name] = pref.value
flash(_('Preference %(name)s is set to %(value)s',
name=b(preference.name), value=b(preference.value or 'False')),
'success')
return redirect(url_for('auth.preferences'))
for field, errors in form.errors.items():
for error in errors:
flash(_('%(field)s: %(msg)s',
field=b(getattr(form, field).label.text),
msg=error),
'danger')
return render_template('auth/routes.preferences.html.j2',
form=form,
user=current_user)
def login():
if current_user.is_authenticated:
flash(_('You were already authenticated as %(name)s.',
name=b(current_user.name)), 'info')
if session['preferences']:
session.pop('preferences', None)
if session['locale']:
session.pop('locale', None)
logout_user()
form = LoginForm()
if not current_app.config['RUNE_AUTH_LOGIN_REMEMBER']:
form.remember_me = None
if form.validate_on_submit():
_fails = 0
user = User.query.filter_by(username=form.username.data).first()
if user is None:
flash(_('Invalid username or password.'), 'error')
return redirect(url_for('auth.login'))
_fails = user.failed_attempts
if not user.verify_password(form.password.data):
flash(_('Invalid username or password.'), 'error')
return redirect(url_for('auth.login'))
if _fails > 0:
flash(ngettext('You have %(num)d failed login attempt.',
'You have %(num)d failed login attempts.',
num=_fails),
'warning')
login_user(user)
session['locale'] = user.locale
session['preferences'] = {}
for preference in user.preferences:
session['preferences'][preference.name] = preference.value
return redirect(request.args.get('next') or url_for('main.index'))
return render_template('auth/routes.login.html.j2', form=form)
def validate_end_date(self, end):
if end.data < self.start_date.data:
raise ValidationError(
_('End date %(end)s is smaller than the start date %(start)s.',
end=b(self.end_date.data),
start=b(self.start_date.data)))
def validate_email(self, email):
if User.query.filter_by(email=email.data).first() is not None:
raise ValidationError(
_('Email %(mail)s is already registered.', mail=b(email.data)))