def add_address(row, user, requester): "Add address" session_dict = {} dummy = AddressForm(dict2mdict({}), csrf_context=session_dict) fields = getkeys(row, 'af') post_data = dict2mdict(fields) post_data.add('csrf_token', dummy.csrf_token.current_token) form = AddressForm(post_data, csrf_context=session_dict) if form.validate(): try: if requester.is_domain_admin: # check if they own the domain domainname = form.address.data.split('@')[1] Session.query(Domain).options( joinedload('organizations')).join( domain_owners, (oa, domain_owners.c.organization_id == \ oa.c.organization_id))\ .filter(oa.c.user_id == user.id)\ .filter(Domain.name == domainname).one() addr = Address(address=form.address.data) addr.enabled = form.enabled.data addr.user = user Session.add(addr) Session.commit() except (IntegrityError, NoResultFound): pass
def editaddress(self, addressid): "Edit address" address = get_address(addressid) if not address: abort(404) c.form = AddressForm(request.POST, address, csrf_context=session) if request.method == 'POST' and c.form.validate(): try: if (address.address != c.form.address.data or address.enabled != c.form.enabled.data): update_address(c.form, address, c.user, request.host, request.remote_addr) flash(_('The alias address has been updated')) else: flash_info(_('No changes were made to the address')) except IntegrityError: Session.rollback() msg = _('The address %(addr)s already exists') % \ dict(addr=c.form.address.data) flash_alert(msg) log.info(msg) except NoResultFound: domain = c.form.address.data.split('@')[1] msg = _('Domain: %(d)s does not belong to you') % \ dict(d=domain) flash(msg) log.info(msg) redirect( url(controller='accounts', action='detail', userid=address.user_id)) c.id = addressid c.userid = address.user_id return self.render('/accounts/editaddress.html')
def addaddress(self, userid): "Add address" user = self._get_user(userid) if not user: abort(404) c.form = AddressForm(request.POST, csrf_context=session) if request.method == 'POST' and c.form.validate(): try: addr = create_address(c.form, user, c.user, request.host, request.remote_addr) flash( _('The alias address %(address)s was successfully created.' % dict(address=addr.address))) except IntegrityError: Session.rollback() msg = _('The address %(addr)s already exists') % \ dict(addr=c.form.address.data) flash_alert(msg) log.info(msg) except NoResultFound: domain = c.form.address.data.split('@')[1] msg = _('Domain: %(d)s does not belong to you') % \ dict(d=domain) flash(msg) log.info(msg) redirect(url(controller='accounts', action='detail', userid=userid)) c.id = userid return self.render('/accounts/addaddress.html')
def deleteaddress(self, addressid): "Delete address" address = get_address(addressid) if not address: abort(404) c.form = AddressForm(request.POST, address, csrf_context=session) if request.method == 'POST' and c.form.validate(): user_id = delete_address(address, c.user, request.host, request.remote_addr) flash(_('The address has been deleted')) redirect( url(controller='accounts', action='detail', userid=user_id)) c.id = addressid c.userid = address.user_id return self.render('/accounts/deleteaddress.html')
def editaddress(self, addressid): "Edit address" address = self._get_address(addressid) if not address: abort(404) c.form = AddressForm(request.POST, address, csrf_context=session) if request.POST and c.form.validate(): try: if (address.address != c.form.address.data or address.enabled != c.form.enabled.data): if c.user.is_domain_admin: # check if they own the domain domain = c.form.address.data.split('@')[1] domain = Session.query(Domain).options( joinedload('organizations')).join( dom_owns, (oas, dom_owns.c.organization_id == oas.c.organization_id))\ .filter(oas.c.user_id == c.user.id)\ .filter(Domain.name == domain).one() address.address = c.form.address.data address.enabled = c.form.enabled.data Session.add(address) Session.commit() update_serial.delay() info = ADDRUPDATE_MSG % dict(a=address.address, ac=address.user.username) audit_log(c.user.username, 2, info, request.host, request.remote_addr, now()) flash(_('The alias address has been updated')) else: flash_info(_('No changes were made to the address')) except IntegrityError: flash_alert( _('The address %(addr)s already exists') % dict(addr=c.form.address.data)) except NoResultFound: flash( _('Domain: %(d)s does not belong to you') % dict(d=domain)) redirect( url(controller='accounts', action='detail', userid=address.user_id)) c.id = addressid c.userid = address.user_id return render('/accounts/editaddress.html')
def addaddress(self, userid): "Add address" user = self._get_user(userid) if not user: abort(404) c.form = AddressForm(request.POST, csrf_context=session) if request.POST and c.form.validate(): try: if c.user.is_domain_admin: # check if they own the domain domain = c.form.address.data.split('@')[1] domain = Session.query(Domain).options( joinedload('organizations')).join( dom_owns, (oas, dom_owns.c.organization_id == oas.c.organization_id))\ .filter(oas.c.user_id == c.user.id)\ .filter(Domain.name == domain).one() addr = Address(address=c.form.address.data) addr.enabled = c.form.enabled.data addr.user = user Session.add(addr) Session.commit() update_serial.delay() info = ADDRADD_MSG % dict(a=addr.address, ac=user.username) audit_log(c.user.username, 3, info, request.host, request.remote_addr, now()) flash( _('The alias address %(address)s was successfully created.' % dict(address=addr.address))) except IntegrityError: flash_alert( _('The address %(addr)s already exists') % dict(addr=addr.address)) except NoResultFound: flash( _('Domain: %(d)s does not belong to you') % dict(d=domain)) redirect(url(controller='accounts', action='detail', userid=userid)) c.id = userid return render('/accounts/addaddress.html')
def deleteaddress(self, addressid): "Delete address" address = self._get_address(addressid) if not address: abort(404) c.form = AddressForm(request.POST, address, csrf_context=session) if request.POST and c.form.validate(): user_id = address.user_id addr = address.address username = address.user.username Session.delete(address) Session.commit() update_serial.delay() info = ADDRDELETE_MSG % dict(a=addr, ac=username) audit_log(c.user.username, 4, info, request.host, request.remote_addr, now()) flash(_('The address has been deleted')) redirect( url(controller='accounts', action='detail', userid=user_id)) c.id = addressid c.userid = address.user_id return render('/accounts/deleteaddress.html')