def _get_description(self, group): desc = _(u"Standard description for workspace links") if group in ("Gasthoerer", "Studierende"): desc = _(u"Students and guests description") if group == "Alumni": desc = _(u"Alumni description") if group == "prophil": desc = _(u"Prophil description") if group == "Lehrende": desc = _(u"Lectures description") return desc
def _get_description(self, group): desc = _(u'Standard description for workspace links') if group in ('Gasthoerer', 'Studierende'): desc = _(u'Students and guests description') if group == 'Alumni': desc = _(u'Alumni description') if group == 'prophil': desc = _(u'Prophil description') if group == 'Lehrende': desc = _(u'Lectures description') return desc
def __call__(self): # Send request email if self.send_request_email(): # Redirect back to insufficient privilege page. msg = _(u'Request sent.') msg_type = 'info' else: msg = _(u'Unable to send request.') msg_type = 'error' IStatusMessage(self.request).addStatusMessage(msg, type=msg_type) redirect_url = self.request.get('came_from') return self.request.response.redirect(redirect_url)
def build_and_send(self, data): addresses = self.get_addresses(data) subject = _(u"Invitation to join the HfPH relaunch") mail_tpl = self._build_mail(data) mail_plain = create_plaintext_message(mail_tpl) msg = prepare_email_message(mail_tpl, mail_plain) send_mail(msg, addresses, subject) IStatusMessage(self.request).addStatusMessage( _(u"User invitation email has been sent successfully."), type='info') portal_url = api.portal.get().absolute_url() next_url = '{0}/ws/'.format(portal_url) return self.request.response.redirect(next_url)
def _handle_reset(self, data): password = str(data.get('password')) confirm = str(data.get('confirm')) if len(password) < 8: errors = {} error = {} error['active'] = True error['msg'] = _(u"This field is required") errors['password'] = error self.errors = errors IStatusMessage(self.request).addStatusMessage( _(u"Passwords must consist of at least 8 characters"), "error") return self.request.response.redirect(self.context.absolute_url()) if confirm != password: IStatusMessage(self.request).addStatusMessage( _(u"The entered password and confirmation do not match."), "error") return self.request.response.redirect(self.context.absolute_url()) username = str(self.key) member = api.user.get(username=username) login_name = member.getProperty('email') member.setSecurityProfile(password=password) update_props = {'enabled': True, 'confirmed': True} member.setMemberProperties(mapping=update_props) acl = api.portal.get_tool(name='acl_users') authenticated = acl.authenticate(login_name, password, self.request) if authenticated: acl.updateCredentials(self.request, self.request.response, login_name, password) login_time = member.getProperty('login_time', '2000/01/01') base_url = '{0}/ws/{1}'.format(api.portal.get().absolute_url(), username) if not isinstance(login_time, DateTime): login_time = DateTime(login_time) initial_login = login_time == DateTime('2000/01/01') if initial_login: mtool = api.portal.get_tool(name='portal_membership') mtool.createMemberarea(member_id=username) next_url = '{0}?welcome_msg=1'.format(base_url) else: next_url = base_url IStatusMessage(self.request).addStatusMessage( _(u"You are now logged in."), "info") self.request.response.redirect(next_url)
def applyChanges(self, data): context = aq_inner(self.context) registration = api.portal.get_tool(name="portal_registration") pas = api.portal.get_tool(name="acl_users") generator = getUtility(IUUIDGenerator) properties = dict(fullname=data["fullname"], token=django_random.get_random_string(length=12)) existing = api.user.get(username=data["email"]) if not existing: user_id = generator() user_email = data["email"] password = django_random.get_random_string(8) properties["workspace"] = user_id properties["email"] = user_email registration.addMember(user_id, password) pas.updateLoginName(user_id, user_email) user = api.user.get(username=user_id) user.setMemberProperties(mapping=properties) else: user = existing user_id = user.getId() for group in data["groups"]: api.group.add_user(groupname=group, username=user_id) IStatusMessage(self.request).addStatusMessage( _(u"A new user acount has successfully been created"), type="info" ) next_url = context.absolute_url() return self.request.response.redirect(next_url)
def worklist(self): context = aq_inner(self.context) userinfo = self.user_info() user_worklist = userinfo['worklist'] removable = [] worklist = [] for item_uid in user_worklist: try: item = api.content.get(UID=item_uid) info = {} info['uid'] = item_uid info['title'] = item.Title() if ILecture.providedBy(item): next_url = '{0}/@@lecture-factory/{1}'.format( context.absolute_url(), item_uid) info['url'] = next_url else: info['url'] = item.absolute_url() info['path'] = self.breadcrumbs(item) worklist.append(info) except: removable.append(item_uid) if len(removable): removed = self._autoclean_worklist(removable) msg = _(u"Removed {0} broken assignments from worklist".format( removed)) api.portal.show_message(message=msg, request=self.request) return worklist
def render(self): idx = self.build_and_send() IStatusMessage(self.request).addStatusMessage( _(u"{0} invitation emails successfully sent.".format(idx)), type='info') url = '{0}/ws'.format(api.portal.get().absolute_url()) return self.request.response.redirect(url)
def update(self): self.has_users = len(self.member_records()) > 0 unwanted = ('_authenticator', 'form.button.Submit') required = ('title') if 'form.button.Submit' in self.request: authenticator = getMultiAdapter((self.context, self.request), name=u"authenticator") if not authenticator.verify(): raise Unauthorized form = self.request.form form_data = {} form_errors = {} error_idx = 0 for value in form: if value not in unwanted: form_data[value] = safe_unicode(form[value]) if not form[value] and value in required: error = {} error['active'] = True error['msg'] = _(u"This field is required") form_errors[value] = error error_idx += 1 else: error = {} error['active'] = False error['msg'] = form[value] form_errors[value] = error if error_idx > 0: self.errors = form_errors else: self._search_records(form)
def update(self): context = aq_inner(self.context) self.requested_user_id = self.request.get('userid', None) self.errors = {} unwanted = ('_authenticator', 'form.button.Submit') required = ('title') if 'form.button.Submit' in self.request: authenticator = getMultiAdapter((context, self.request), name=u"authenticator") if not authenticator.verify(): raise Unauthorized form = self.request.form form_data = {} form_errors = {} errorIdx = 0 for value in form: if value not in unwanted: form_data[value] = safe_unicode(form[value]) if not form[value] and value in required: error = {} error['active'] = True error['msg'] = _(u"This field is required") form_errors[value] = error errorIdx += 1 else: error = {} error['active'] = False error['msg'] = form[value] form_errors[value] = error if errorIdx > 0: self.errors = form_errors else: self.build_and_send(form)
def update(self): self.key = self.traverse_subpath[0] self.token = self.traverse_subpath[1] self.has_valid_token(self.token) self.errors = {} self.can_set_password = self.has_valid_token(self.token) unwanted = ('_authenticator', 'form.button.Submit') required = ('title') if 'form.button.Submit' in self.request: authenticator = getMultiAdapter((self.context, self.request), name=u"authenticator") if not authenticator.verify(): raise Unauthorized form = self.request.form form_data = {} form_errors = {} errorIdx = 0 for value in form: if value not in unwanted: form_data[value] = safe_unicode(form[value]) if not form[value] and value in required: error = {} error['active'] = True error['msg'] = _(u"This field is required") form_errors[value] = error errorIdx += 1 else: error = {} error['active'] = False error['msg'] = form[value] form_errors[value] = error if errorIdx > 0: self.errors = form_errors else: self._handle_reset(form)
def handleLogin(self, action): data, errors = self.extractData() if errors: self.status = self.formErrorsMessage return membership_tool = getToolByName(self.context, 'portal_membership') if membership_tool.isAnonymousUser(): self.request.response.expireCookie('__ac', path='/') email_login = getToolByName(self.context, 'portal_properties') \ .site_properties.getProperty('use_email_as_login') if email_login: IStatusMessage(self.request).addStatusMessage( _(u'Login failed. Both email address and password are case' u' sensitive, check that caps lock is not enabled.'), 'error') else: IStatusMessage(self.request).addStatusMessage( _(u'Login failed. Both login name and password are case ' u'sensitive, check that caps lock is not enabled.'), 'error') return member = membership_tool.getAuthenticatedMember() login_time = member.getProperty('login_time', '2000/01/01') if not isinstance(login_time, DateTime): login_time = DateTime(login_time) initial_login = login_time == DateTime('2000/01/01') if initial_login: # TODO: Redirect if this is initial login pass must_change_password = member.getProperty('must_change_password', 0) if must_change_password: # TODO: This user needs to change his password pass membership_tool.loginUser(self.request) IStatusMessage(self.request).addStatusMessage( _(u"You are now logged in."), "info") if data['came_from']: came_from = data['came_from'] else: came_from = self.context.portal_url() self.request.response.redirect(came_from)
def render(self): portal_url = api.portal.get().absolute_url() in_debug_mode = api.env.debug_mode() actual_url = self.request.get('ACTUAL_URL') if not in_debug_mode and not actual_url.startswith('https://'): msg = _(u"The Discourse SSO endpoint can only be accessed via " u"SSL since we do not support transfer of authentication " u"tokens via unencrypted connections.") api.portal.show_message(msg, self.request, type='info') error_page = '{0}/@@discourse-sso-error'.format(portal_url) return self.request.response.redirect(error_page) discourse_url = self.get_stored_records(token='discourse_url') sso_secret = self.get_stored_records(token='discourse_sso_secret') if not discourse_url or not sso_secret: msg = _(u"The Discourse SSO endpoint has not been configured yet") api.portal.show_message(msg, self.request, type='info') error_page = '{0}/@@discourse-sso-error'.format(portal_url) return self.request.response.redirect(error_page) payload = self.request.get('sso') signature = self.request.get('sig') if payload is None: msg = _(u"Required parameters for SSO credential verification are " u"missing in the request") api.portal.show_message(msg, self.request, type='error') error_page = '{0}/@@discourse-sso-error'.format(portal_url) return self.request.response.redirect(error_page) discourse_url = self.get_stored_records(token='discourse_url') sso_secret = self.get_stored_records(token='discourse_sso_secret') if api.user.is_anonymous(): url = '{0}/@@discourse-signin?sso={1}&sig={2}'.format(portal_url, payload, signature) return self.request.response.redirect(url) try: nonce = self.sso_validate(payload, signature, sso_secret) except DiscourseError as e: return 'HTTP400 Error {}'.format(e) # Todo: implement handler user = api.user.get_current() url = self.sso_redirect_url(nonce, sso_secret, user.getProperty('email'), user.getId(), user.getProperty('fullname')) return self.request.response.redirect(discourse_url + url)
def build_and_send(self): addresses = self.get_addresses() subject = _(u"Invitation to join the HfPH relaunch") mail_tpl = self._build_mail() mail_plain = create_plaintext_message(mail_tpl) msg = prepare_email_message(mail_tpl, mail_plain) send_mail(msg, addresses, subject) return 'Done'
def render(self): new_records = self.get_importable_records() IStatusMessage(self.request).addStatusMessage( _(u"External records stored for import"), type='info') here_url = self.context.absolute_url() next_url = '{0}/@@user-manager?imported_records={1}'.format( here_url, len(new_records)) return self.request.response.redirect(next_url)
def applyChanges(self, data): context = aq_inner(self.context) pwtool = api.portal.get_tool(name='portal_password_reset') try: pwtool.verifyKey(self.key) except InvalidRequestError: IStatusMessage(self.request).addStatusMessage( _(u"This password request reset is invalid"), type='info') except ExpiredRequestError: IStatusMessage(self.request).addStatusMessage( _(u"This password request reset is invalid"), type='info') IStatusMessage(self.request).addStatusMessage( _(u"A new password has been set"), type='info') next_url = context.absolute_url() return self.request.response.redirect(next_url)
def _start_password_reset(self, userid): user = self.get_user(userid) subject = _(u"Invitation to join the HfPH portal") mail_tpl = self._compose_message(userid, message_type='invitation') mail_plain = create_plaintext_message(mail_tpl) msg = prepare_email_message(mail_tpl, mail_plain) recipients = list() recipients.append(user.getProperty('email')) send_mail(msg, recipients, subject) return userid
def reset_user(self, userid): user = self.get_user(userid) subject = _(u"Please change your account information for HfPH") mail_tpl = self._compose_message(userid, message_type='password') mail_plain = create_plaintext_message(mail_tpl) msg = prepare_email_message(mail_tpl, mail_plain) recipients = list() recipients.append(user.getProperty('email')) send_mail(msg, recipients, subject) return userid
def has_valid_token(self, token): token = self.traverse_subpath[1] user = api.user.get(userid=str(self.key)) try: stored_token = user.getProperty('token', None) except AttributeError: IStatusMessage(self.request).addStatusMessage( _(u"No matching user account found"), type='error') portal_url = api.portal.get().absolute_url() error_url = '{0}/@@useraccount-error'.format(portal_url) return self.request.response.redirect(error_url) if stored_token is None: IStatusMessage(self.request).addStatusMessage( _(u"No stored access token found"), type='error') portal_url = api.portal.get().absolute_url() error_url = '{0}/@@useraccount-error'.format(portal_url) return self.request.response.redirect(error_url) return self.is_equal(stored_token, token)
def user_info(self): context = aq_inner(self.context) info = {} userid = context.getId() user = api.user.get(username=userid) info['fullname'] = user.getProperty('fullname', '') or userid info['email'] = user.getProperty('email', _(u"No email provided")) info['login_time'] = user.getProperty('last_login_time', '') info['enabled'] = user.getProperty('enabled', '') info['confirmed'] = user.getProperty('confirmed', '') info['worklist'] = user.getProperty('worklist', list()) return info
def user_info(self): context = aq_inner(self.context) info = {} userid = context.getId() user = api.user.get(username=userid) info["fullname"] = user.getProperty("fullname", "") or userid info["email"] = user.getProperty("email", _(u"No email provided")) info["login_time"] = user.getProperty("last_login_time", "") info["enabled"] = user.getProperty("enabled", "") info["confirmed"] = user.getProperty("confirmed", "") info["worklist"] = user.getProperty("worklist", list()) return info
def handleLogin(self, action): data, errors = self.extractData() if errors: self.status = self.formErrorsMessage return membership_tool = api.portal.get_tool(name='portal_membership') if membership_tool.isAnonymousUser(): self.request.response.expireCookie('__ac', path='/') email_login = api.portal.get_tool(name='portal_properties') \ .site_properties.getProperty('use_email_as_login') if email_login: api.portal.show_message( _(u'Login failed. Both email address and password are case' u' sensitive, check that caps lock is not enabled.'), self.request, type='error') else: api.portal.show_message( _(u'Login failed. Both login name and password are case ' u'sensitive, check that caps lock is not enabled.'), self.request, type='error') return member = membership_tool.getAuthenticatedMember() login_time = member.getProperty('login_time', '2000/01/01') if not isinstance(login_time, DateTime): login_time = DateTime(login_time) membership_tool.loginUser(self.request) api.portal.show_message( _(u"You are now logged in."), self.request, type="info") url = '{0}/@@discourse-sso?sso={1}&sig={2}'.format( self.context.portal_url(), data['sso'], data['sig']) self.request.response.redirect(url)
def build_and_send(self): addresses = self.get_addresses() idx = 0 for addr in addresses: user = api.user.get(username=addr.getId()) confirmed = user.getProperty('confirmed', None) if confirmed is False: userid = user.getId() subject = _(u"Einladung zur neuen hfph.de Seite") mail_tpl = self._compose_invitation_message(userid) mail_plain = create_plaintext_message(mail_tpl) msg = prepare_email_message(mail_tpl, mail_plain) recipients = list() recipients.append(addr.getProperty('email')) send_mail(msg, recipients, subject) idx += 1 return idx
def render(self): context = aq_inner(self.context) authenticator = getMultiAdapter((context, self.request), name=u"authenticator") if not authenticator.verify(): raise Unauthorized user_id = self.request.get('user-id', None) tool = getUtility(IHPHMemberTool) if tool.can_manage_users(context): tool.remove_user(user_id) base_url = '{0}/@@user-management'.format(context.absolute_url()) next_url = '{0}?_authenticator={1}'.format( base_url, authenticator.token() ) api.portal.show_message( message=_(u"User account successfully removed form portal"), request=self.request) return self.request.response.redirect(next_url)
def render(self): context = aq_inner(self.context) authenticator = getMultiAdapter((context, self.request), name=u"authenticator") if not authenticator.verify(): raise Unauthorized user_id = self.request.get('user-id', None) tool = getUtility(IHPHMemberTool) if tool.can_manage_users(context): tool.update_user(user_id, { 'enabled': False }) base_url = '{0}/@@user-manager-details?user-id={1}'.format( context.absolute_url(), user_id ) next_url = '{0}&_authenticator={1}'.format( base_url, authenticator.token() ) api.portal.show_message( message=_(u"User was successfully disabled."), request=self.request) return self.request.response.redirect(next_url)
def handleCancel(self, action): context = aq_inner(self.context) IStatusMessage(self.request).addStatusMessage(_(u"Process has been cancelled."), type="info") return self.request.response.redirect(context.absolute_url())