def post(self):
try:
member = self.get_member(self.get_argument('email'))
except (tornado.web.MissingArgumentError, KeyError):
self.see_other('home', error='No such member account.')
else:
if member.get('status') == constants.PENDING:
self.see_other('home',
error='Cannot reset password.'
' Member account has not been enabled.')
return
elif member.get('status') == constants.DISABLED:
self.see_other('home',
error='Cannot reset password.'
' Member account is disabled.')
return
with MemberSaver(doc=member, rqh=self) as saver:
saver['password'] = None
saver['code'] = utils.get_iuid()
data = dict(email=member['email'],
site=settings['SITE_NAME'],
url=self.absolute_reverse_url('password',
email=member['email'],
code=member['code']))
email_server = utils.EmailServer()
email_server.send(member['email'], RESET_SUBJECT.format(**data),
RESET_TEXT.format(**data))
if self.current_user and not self.is_admin():
# Log out the user if not admin
self.set_secure_cookie(constants.USER_COOKIE, '')
self.see_other('home', message=EMAIL_SENT)
def set_api_key(self):
if not self.rqh.is_admin(): return
if self['role'] != constants.ADMIN: return
try:
if self.rqh.get_argument('api_key', False):
self['api_key'] = utils.get_iuid()
except (tornado.web.MissingArgumentError, ValueError):
pass
def __init__(self, doc=None, rqh=None, db=None, member=None):
assert self.doctype in constants.ENTITIES
if rqh is not None:
self.rqh = rqh
self.db = rqh.db
self.member = member or rqh.current_user
elif db is not None:
self.rqh = None
self.db = db
self.member = member
else:
raise AttributeError('neither db nor rqh given')
self.doc = doc or dict()
self.changed = dict()
if '_id' in self.doc:
assert self.doctype == self.doc[constants.DOCTYPE]
else:
self.doc['_id'] = utils.get_iuid()
self.doc[constants.DOCTYPE] = self.doctype
self.initialize()
self.setup()
def post(self, email):
self.check_admin()
member = self.get_member(email)
with MemberSaver(doc=member, rqh=self) as saver:
saver['status'] = constants.ENABLED
saver['login'] = None
saver['password'] = None
saver['code'] = utils.get_iuid()
email_server = utils.EmailServer()
data = dict(email=member['email'],
site=settings['SITE_NAME'],
url=self.absolute_reverse_url('password',
email=member['email'],
code=member['code']))
email_server.send(member['email'], ENABLED_SUBJECT.format(**data),
ENABLED_TEXT.format(**data))
self.set_message_flash(EMAIL_SENT)
url = self.get_argument('next', None)
if url:
self.redirect(url)
else:
self.see_other('member', member['email'])
def post(self):
try:
with MemberSaver(rqh=self) as saver:
try:
email = self.get_argument('email').lower()
if not email: raise ValueError
except (tornado.web.MissingArgumentError, ValueError):
raise ValueError('No email address provided.')
if not fnmatch.fnmatch(email, constants.EMAIL_PATTERN):
raise ValueError('Invalid email address provided.')
try:
member = self.get_doc(email, 'member/email')
except KeyError:
pass
else:
raise ValueError('Member account exists!'
' Please use Reset password.')
saver['email'] = email
saver.set_name()
saver.set_swish()
saver.set_address()
# Set the very first member account in the database
# to be admin and enabled.
count = len(
self.get_docs('member/email',
key='',
last=constants.CEILING,
limit=2))
if count == 0:
saver['role'] = constants.ADMIN
saver['status'] = constants.ENABLED
saver['code'] = code = utils.get_iuid()
else:
saver['role'] = constants.MEMBER
ptn = settings['MEMBER_EMAIL_AUTOENABLE']
# Enable directly if pattern match.
if ptn and fnmatch.fnmatch(saver['email'], ptn):
saver['status'] = constants.ENABLED
saver['code'] = code = utils.get_iuid()
except ValueError as error:
self.set_message_flash(str(error))
self.see_other('home')
return
member = saver.doc
data = dict(email=member['email'], site=settings['SITE_NAME'])
email_server = utils.EmailServer()
if member['status'] == constants.ENABLED:
data['url'] = self.absolute_reverse_url('password',
email=email,
code=code)
email_server.send(member['email'], ENABLED_SUBJECT.format(**data),
ENABLED_TEXT.format(**data))
self.set_message_flash(EMAIL_SENT)
else:
data['url'] = self.absolute_reverse_url('member', data['email'])
subject = PENDING_SUBJECT.format(**data)
text = PENDING_TEXT.format(**data)
for admin in self.get_docs('member/role', key=constants.ADMIN):
email_server.send(admin['email'], subject, text)
self.set_message_flash(PENDING_MESSAGE)
if self.is_admin():
self.see_other('member', member['email'])
else:
self.see_other('home')