Пример #1
0
def route_create():
    """ Add a vendor [ADMIN ONLY] """

    # only accept form data
    if request.method != 'POST':
        return redirect(url_for('vendors.route_list_admin'))

    if not 'group_id' in request.form:
        return _error_internal('Unable to add vendor as no data')
    if db.session.query(Vendor).filter(Vendor.group_id == request.form['group_id']).first():
        flash('Failed to add vendor: Group ID already exists', 'warning')
        return redirect(url_for('vendors.route_list_admin'), 302)
    if len(request.form['group_id']) > 80:
        flash('Failed to add vendor: Group ID is too long', 'warning')
        return redirect(url_for('vendors.route_list_admin'), 302)
    r = Remote(name='embargo-%s' % request.form['group_id'])
    db.session.add(r)
    db.session.commit()
    v = Vendor(group_id=request.form['group_id'], remote_id=r.remote_id)
    db.session.add(v)
    db.session.commit()
    flash('Added vendor %s' % request.form['group_id'], 'info')

    # asynchronously rebuilt
    _async_regenerate_remote.apply_async(args=(r.remote_id,), queue='metadata')

    return redirect(url_for('vendors.route_show', vendor_id=v.vendor_id), 302)
Пример #2
0
def route_create():
    """ Add a vendor [ADMIN ONLY] """

    # only accept form data
    if request.method != 'POST':
        return redirect(url_for('vendors.route_list_admin'))

    if not 'group_id' in request.form:
        return _error_internal('Unable to add vendor as no data')
    if db.session.query(Vendor).filter(
            Vendor.group_id == request.form['group_id']).first():
        flash('Failed to add vendor: Group ID already exists', 'warning')
        return redirect(url_for('vendors.route_list_admin'), 302)
    if len(request.form['group_id']) > 80:
        flash('Failed to add vendor: Group ID is too long', 'warning')
        return redirect(url_for('vendors.route_list_admin'), 302)

    # use a random access token, unless running in debug mode
    if app.config.get('DEBUG', None):
        access_token = request.form['group_id'].replace('-', '_')
    else:
        access_token = secrets.token_hex(nbytes=32)

    r = Remote(name='embargo-%s' % request.form['group_id'],
               access_token=access_token,
               is_dirty=True)
    db.session.add(r)
    db.session.commit()
    v = Vendor(group_id=request.form['group_id'], remote_id=r.remote_id)
    db.session.add(v)
    db.session.commit()
    flash('Added vendor %s' % request.form['group_id'], 'info')

    # asynchronously rebuilt
    _async_regenerate_remote.apply_async(args=(r.remote_id, ),
                                         queue='metadata')

    return redirect(url_for('vendors.route_show', vendor_id=v.vendor_id), 302)
Пример #3
0
def route_create():
    """ Add a user [ADMIN ONLY] """

    # only accept form data
    if request.method != 'POST':
        return redirect(url_for('main.route_profile'))

    if not 'username' in request.form:
        flash('Unable to add user as no username', 'danger')
        return redirect(url_for('main.route_dashboard'))
    if not 'password_new' in request.form:
        flash('Unable to add user as no password_new', 'danger')
        return redirect(url_for('main.route_dashboard'))
    if not 'group_id' in request.form:
        flash('Unable to add user as no group_id', 'danger')
        return redirect(url_for('main.route_dashboard'))
    if not 'display_name' in request.form:
        flash('Unable to add user as no display_name', 'danger')
        return redirect(url_for('main.route_dashboard'))
    user = db.session.query(User).filter(User.username == request.form['username']).first()
    if user:
        flash('Already a user with that username!', 'danger')
        return redirect(url_for('main.route_dashboard'), 422)

    # verify password
    password = request.form['password_new']
    if not _password_check(password):
        return redirect(url_for('users.route_list'), 302)

    # verify email
    username = request.form['username'].lower()
    if not _email_check(username):
        flash('Failed to add user: Invalid email address', 'warning')
        return redirect(url_for('users.route_list'), 302)

    # verify group_id
    group_id = request.form['group_id']
    if len(group_id) < 3:
        flash('Failed to add user: QA group invalid', 'warning')
        return redirect(url_for('users.route_list'), 302)

    # verify name
    display_name = request.form['display_name']
    if len(display_name) < 3:
        flash('Failed to add user: Name invalid', 'warning')
        return redirect(url_for('users.route_list'), 302)

    vendor = db.session.query(Vendor).filter(Vendor.group_id == group_id).first()
    if not vendor:
        remote = Remote(name='embargo-%s' % group_id)
        db.session.add(remote)
        db.session.commit()
        vendor = Vendor(group_id=group_id, remote_id=remote.remote_id)
        db.session.add(vendor)
        db.session.commit()
    user = User(username=username,
                auth_type='local',
                otp_secret=_otp_hash(),
                display_name=display_name,
                vendor_id=vendor.vendor_id)
    user.password = password
    db.session.add(user)
    db.session.commit()
    flash('Added user %i and an email has been sent to the user' % user.user_id, 'info')
    return redirect(url_for('users.route_list'), 302)