def email_confirm_resend(): session.require(False) utils.check_ajax() try: users.email_confirm_send(session["user_id"]) except users.EmailAlreadyConfirmed: logger.warning("email was already confirmed when resending (ajax)") r = "ALREADY CONFIRMED" else: r = "OK" return flask.Response(r, mimetype="text/plain")
def user_details(): session.require(False) utils.check_csrf() user = session["user"] if user["details_completed"]: return redirect(login_next()) def nonevalue(v): return v if v is not None else "" # final: don't allow modifications to values already in db details_ok = True data = ("person_type", "crsid", "email", "email_confirmed") strings = ("surname", "othernames") update = {} kwargs = {} # person_type, crsid, email for key in data: kwargs[key] = user[key] # surname, othernames for key in strings: final = user[key] is not None empty_error = False if not final and key in request.form: value = request.form[key].strip() if value == "": value = None else: value = user[key] if value is None: details_ok = False empty_error = True elif value != user[key]: update[key] = value final = True kwargs[key] = {"value": nonevalue(value), "final": final, "error": empty_error, "empty": empty_error} # college_id final = user["college_id"] is not None empty_error = False if not final and "college_id" in request.form: value = request.form["college_id"] if value != "": try: value = int(value) except ValueError: abort(400) if value not in utils.all_colleges(): abort(400) else: value = None else: value = user["college_id"] if value is None: details_ok = False empty_error = True elif value != user["college_id"]: update["college_id"] = value final = True kwargs["college_id"] = {"value": value, "final": final, "error": empty_error, "empty": empty_error} # matriculation_year if user["person_type"] == "alumnus": final = user["matriculation_year"] is not None invalid = empty = future = False if not final and "matriculation_year" in request.form: value = request.form["matriculation_year"].strip() if value != "": try: value = utils.parse_matriculation_year(value) except utils.MatriculationTimetravel: future = True except ValueError: invalid = True else: value = None else: value = user["matriculation_year"] if not invalid and value is None: empty = True if empty or future or invalid: details_ok = False elif value != user["matriculation_year"]: update["matriculation_year"] = value final = True kwargs["matriculation_year"] = \ {"value": nonevalue(value), "final": final, "empty": empty, "future": future, "invalid": invalid, "error": empty or future or invalid, "hide": False} else: kwargs["matriculation_year"] = {"hide": True} # update logic if update: logger.info("User %s provided updates for keys %s", user["user_id"], ', '.join(update)) if not details_ok: error_keys = [] for key, value in kwargs.iteritems(): if isinstance(value, dict) and value.get("error"): error_keys.append(key) if request.method != "POST": # show neither empty text nor scary redness on the GET request for key in error_keys: kwargs[key]["error"] = False kwargs[key]["empty"] = False else: logger.info("Errors in user provided updates for keys %s", ', '.join(error_keys)) if details_ok and not user["email_confirmed"]: kwargs["need_email_only"] = True details_ok = False else: kwargs["need_email_only"] = False if details_ok and request.method == "POST": update["details_completed"] = True if update: users.update_user(user["user_id"], **update) # `user` was grabbed from flask.session by reference, and # update_user() update()s that dict if user["details_completed"]: return redirect(login_next()) else: return render_template("login/user-details.html", **kwargs)