Пример #1
0
def adminUnimpersonatePost(handler):
	if 'impersonator' in handler.session:
		handler.session['user'] = handler.session['impersonator']
		del handler.session['impersonator']
		Event.impersonate(handler, None)
Пример #2
0
def adminUsersPost(handler, p_action, p_username, p_privileges = [], p_send_welcome = False):
	handler.title('User Management')
	requirePriv(handler, 'Admin')

	for case in switch(p_action):
		if case('resetpw'):
			handler.title('Reset password')
			user = User.load(username = p_username)
			if not user:
				ErrorBox.die('Reset Password', "No user named <b>%s</b>" % stripTags(p_username))

			hadPreviousKey = (user.resetkey != None and user.resetkey != '0')
			user.resetkey = "%x" % random.randint(0x10000000, 0xffffffff)
			user.save()
			Event.genResetKey(handler, user)

			print "Reset key for %s: <a href=\"/resetpw/%s?key=%s\">%s</a><br>" % (user, user.safe.username, user.resetkey, user.resetkey)
			if hadPreviousKey:
				print "<b>Warning</b>: This invalides the previous reset key for this user<br>"
			break
		if case('impersonate'):
			user = User.load(username = p_username)
			if not user:
				ErrorBox.die('Impersonate User', "No user named <b>%s</b>" % stripTags(p_username))

			if not 'impersonator' in handler.session:
				handler.session['impersonator'] = handler.session['user']
				handler.session.remember('impersonator')
			Event.impersonate(handler, user)
			handler.session['user'] = user
			redirect('/')
			break
		if case('sessions'):
			redirect("/admin/sessions?username=%s" % p_username)
			break
		if case('privileges'):
			redirect("/admin/privileges?username=%s" % p_username)
			break
		if case('new'):
			if User.load(username = p_username):
				ErrorBox.die('Add User', "There is already a user named <b>%s</b>" % stripTags(p_username))
			if not re.match("^%s$" % USERNAME_PATTERN, p_username):
				ErrorBox.die('Add User', "Username <b>%s</b> is illegal" % stripTags(p_username))
			if not all(name in privList for name in p_privileges):
				ErrorBox.die('Add User', "Unrecognized privilege name")

			user = User(p_username, '', privileges = set(p_privileges))
			Event.newUser(handler, user)
			for priv in p_privileges:
				Event.grantPrivilege(handler, user, priv, True)

			if p_send_welcome:
				user.resetkey = "%x" % random.randint(0x10000000, 0xffffffff)
				msg = "A Sprint account has been created for you with the username `%s'. " % user.username
				if settings.kerberosRealm:
					msg += "You can use your %s password to login, or set a dedicated Sprint password here: " % settings.kerberosRealm
				else:
					msg += "You can set a password here: "
				msg += "http://%s:%d/resetpw/%s?key=%s" % (gethostname(), PORT, user.safe.username, user.resetkey)
				sendmail(user.getEmail(), "Sprint - New Account", msg)

			user.save()

			delay(handler, SuccessBox("Added user <b>%s</b>" % stripTags(p_username), close = True))
			redirect("/users/%s" % user.username)
			break