async def post(self):
group = self.model_by_id(GroupModel, "group_id")
membership = MembershipModel()
membership.user = self.current_user
membership.group = group
if group.requires_approval:
await slack.group_message(
group.slug, "New pending member: {}".format(
self.current_user.main_character.character_name))
membership.pending = True
else:
for identity in self.current_user.slack_identities:
member = await slack.user_email_to_id(identity.email)
await slack.group_invite(group.slug, member)
await slack.group_message(
group.slug, "New member: {}".format(
self.current_user.main_character.character_name))
session.add(membership)
session.commit()
sec_log.info("user {} joined group {}".format(membership.user,
membership.group))
return self.redirect("/groups/join/success?membership_id={}".format(
membership.id))
async def post(self):
group = self.model_by_id(GroupModel, "group_id")
for membership in group.memberships:
if membership.user == self.current_user:
session.delete(membership)
session.commit()
for identity in self.current_user.slack_identities:
member = await slack.user_email_to_id(identity.email)
await slack.group_kick(group.slug, member)
await slack.group_message(
group.slug, "Member left: {}".format(
self.current_user.main_character.character_name))
break
else:
raise tornado.web.HTTPError(400)
sec_log.info("user {} left group {}".format(membership.user,
membership.group))
return self.redirect("/groups/leave/success?group_id={}".format(
group.id))
async def post(self):
code = self.get_argument("code", None)
slackidentity = self.model_by_id(SlackIdentityModel,
"slackidentity_id")
if slackidentity.verification_code == code:
slackidentity.verification_done = True
session.add(slackidentity)
session.commit()
sec_log.info("slackidentity {} for {} verified".format(
slackidentity, slackidentity.user))
self.flash_success(
self.locale.translate(
"SERVICES_VERIFY_SLACK_IDENTITY_SUCCESS_ALERT"))
return self.redirect("/services?slackidentity_id={}".format(
slackidentity.id))
else:
self.flash_error(
self.locale.translate(
"SERVICES_VERIFY_SLACK_IDENTITY_FAILURE_ALERT"))
return self.redirect("/services?slackidentity_id={}".format(
slackidentity.id))
async def post(self):
slackidentity = self.model_by_id(SlackIdentityModel,
"slackidentity_id")
value = await slack.verify(slackidentity)
if value is False:
self.flash_error(
self.locale.translate(
"SERVICES_SEND_SLACK_IDENTITY_FAILURE_ALERT"))
return self.redirect("/services?slackidentity_id={}".format(
slackidentity.id))
sec_log.info("slackidentity {} for {} sent verification".format(
slackidentity, slackidentity.user))
return self.render("services_verify_slack_identity.html",
slackidentity=slackidentity)
async def post(self):
slack_id = self.get_argument("slack_id", None)
if not slack_id:
raise tornado.web.HTTPError(400)
slackidentity = SlackIdentityModel(slack_id.lower())
slackidentity.user = self.current_user
session.add(slackidentity)
session.commit()
sec_log.info("slackidentity {} added to {}".format(
slackidentity, slackidentity.user))
return self.redirect(
"/services/add_slack_identity/success?slackidentity_id={id}".
format(id=slackidentity.id))
async def _add(self):
character_id, character_scopes, access_token, refresh_token, account_hash = await self._sso_response(
)
# See if we already have this character
character = session.query(CharacterModel).filter(
CharacterModel.character_id == character_id).first()
if character: # XXX add new scopes
if character.user == self.current_user:
character.access_token = access_token
character.refresh_token = refresh_token
character.account_hash = account_hash
# For our scopes we see if they already exist, if they
# don't we create them and hang them on the character
character.update_scopes(character_scopes)
else:
sec_log.warn(
"user {} tried to add {} but belongs to {}".format(
self.current_user, character, character.user))
raise tornado.web.HTTPError(403)
else:
character = await self._create(character_id, character_scopes,
access_token, refresh_token,
account_hash)
# Append the character to the currently logged in character
self.current_user.characters.append(character)
self.current_user.chg_date = datetime.now()
session.add(self.current_user)
session.commit()
sec_log.info("added %s for %s" % (character, character.user))
queue_user.setup_character(character)
self.flash_success(
self.locale.translate("CHARACTER_ADD_SUCCESS_ALERT"))
self.redirect("/characters")
async def post(self):
group = self.model_by_id(GroupModel, "group_id")
for membership in group.memberships:
if membership.user == self.current_user:
session.delete(membership)
session.commit()
break
else:
raise tornado.web.HTTPError(400)
sec_log.info("user {} left group {}".format(membership.user,
membership.group))
# XXX move to task
#await slack.group_upkeep(group)
return self.redirect("/groups/leave/success?group_id={}".format(
group.id))
async def post(self):
group = self.model_by_id(GroupModel, "group_id")
membership = MembershipModel()
membership.user = self.current_user
membership.group = group
if group.requires_approval:
membership.pending = True
session.add(membership)
session.commit()
sec_log.info("user {} joined group {}".format(membership.user,
membership.group))
# XXX move to task
#await slack.group_upkeep(group)
return self.redirect("/groups/join/success?membership_id={}".format(
membership.id))
async def _login(self):
character_id, character_scopes, access_token, refresh_token, account_hash = await self._sso_response(
)
# See if we already have this character
character = session.query(CharacterModel).filter(
CharacterModel.character_id == character_id).first()
# The character already exists so we log in to the corresponding user
# and redirect to the success page
if character:
if character.account_hash != account_hash:
sec_log.critical(
"account hash for {} changed denying login".format(
character))
raise tornado.web.HTTPError(400)
sec_log.info("logged in {} through {}".format(
character.user, character))
self.set_current_user(character.user)
login = UserLoginModel()
login.user = character.user
login.pub_date = datetime.now()
login.ip_address = self.request.remote_ip
session.add(login)
session.commit()
return self.redirect("/login/success")
else:
# We don't have an account with this character on it yet. Let's
# fetch the character information from the XML API and fill it
# into a model, tie it up to a fresh new user and log it in
character = await self._create(character_id, character_scopes,
access_token, refresh_token,
account_hash)
character.is_main = True
character.pub_date = datetime.now()
user = UserModel()
user.characters.append(character)
user.pub_date = datetime.now()
user.chg_date = datetime.now()
session.add(user)
session.commit()
self.set_current_user(user)
sec_log.info("created %s through %s" % (character.user, character))
login = UserLoginModel()
login.user = character.user
login.pub_date = datetime.now()
login.ip_address = self.request.remote_ip
session.add(login)
session.commit()
queue_user.setup_character(character)
# Redirect to another page with some more information for the
# user of what is going on
return self.redirect("/login/created")
