def register_new_user():
"""
Create a new account and send email with link to create password.
"""
if not _using_moin_auth():
return Response('No MoinAuth in auth list', 403)
title_name = _('Register New User')
FormClass = RegisterNewUserForm
if request.method in ['GET', 'HEAD']:
form = FormClass.from_defaults()
elif request.method == 'POST':
form = FormClass.from_flat(request.form)
if form.validate():
username = form['username'].value
email = form['email'].value
user_profile = user.UserProfile()
user_profile[ITEMID] = make_uuid()
user_profile[NAME] = [
username,
]
user_profile[EMAIL] = email
user_profile[DISABLED] = False
user_profile[ACTION] = ACTION_SAVE
users = user.search_users(**{NAME_EXACT: username})
if users:
flash(_('User already exists'), 'error')
emails = None
if app.cfg.user_email_unique:
emails = user.search_users(email=email)
if emails:
flash(_("This email already belongs to somebody else."),
'error')
if not (users or emails):
user_profile.save()
flash(_("Account for %(username)s created", username=username),
"info")
form = FormClass.from_defaults()
u = user.User(auth_username=username)
if u.valid:
is_ok, msg = u.mail_password_recovery()
if not is_ok:
flash(msg, "error")
else:
flash(
L_("%(username)s has been sent a password recovery email.",
username=username), "info")
else:
flash(
_("%(username)s is an invalid user, no email has been sent.",
username=username), "error")
return render_template(
'admin/register_new_user.html',
title_name=title_name,
form=form,
)
def userbrowser():
"""
User Account Browser
"""
groups = flaskg.groups
member_groups = {} # {username: [list of groups], ...}
for groupname in groups:
group = groups[groupname]
for member in group.members:
member_groups[member] = member_groups.get(member,
[]) + [group.name]
revs = user.search_users() # all users
user_accounts = []
for rev in revs:
user_names = rev.meta[NAME]
user_groups = member_groups.get(user_names[0], [])
for name in user_names[1:]:
user_groups = user_groups + member_groups.get(name, [])
subscriptions = rev.meta[SUBSCRIPTIONS]
user_accounts.append(
dict(uid=rev.meta[ITEMID],
name=user_names,
fqname=CompositeName(NAMESPACE_USERS, NAME_EXACT, rev.name),
email=rev.meta[EMAIL]
if EMAIL in rev.meta else rev.meta[EMAIL_UNVALIDATED],
disabled=rev.meta[DISABLED],
groups=user_groups,
subscriptions=subscriptions))
return render_template('admin/userbrowser.html',
user_accounts=user_accounts,
title_name=_("Users"))
def _special_Known(self, name, dowhat, rightsdict):
""" check if user <name> is known to us,
that means that there is a valid user account present.
works for subscription emails.
"""
if user.search_users(**{NAME_EXACT: name}): # is a user with this name known?
return rightsdict.get(dowhat)
return None
def run(self, name, uid, password, all_users, notify, verbose, subject,
text, text_file, skip_invalid):
flags_given = name or uid or all_users
if not flags_given:
print('incorrect number of arguments')
sys.exit(1)
if notify and not app.cfg.mail_enabled:
print(
"This wiki is not enabled for mail processing. The --notify option requires this. Aborting..."
)
sys.exit(1)
if text_file:
with open(text_file) as f:
text = f.read().decode('utf-8')
before_wiki()
if uid:
query = {ITEMID: uid}
elif name:
query = {NAME_EXACT: name}
elif all_users:
query = {}
# sorting the list so we have some specific, reproducable order
uids_metas = sorted([(rev.meta[ITEMID], rev.meta)
for rev in user.search_users(**query)])
total = len(uids_metas)
for nr, (uid, meta) in enumerate(uids_metas, start=1):
name = meta[NAME]
email = meta.get(EMAIL)
if email is None:
email = meta.get(EMAIL_UNVALIDATED)
if email is None:
raise ValueError(
"neither EMAIL nor EMAIL_UNVALIDATED key is present in user profile metadata of uid %r name %r"
% (uid, name))
else:
email += '[email_unvalidated]'
try:
set_password(uid,
password,
notify=notify,
skip_invalid=skip_invalid,
subject=subject,
text=text)
except Fault as err:
status = "FAILURE: [%s]" % str(err)
else:
status = "SUCCESS"
if verbose:
print("uid %s, name %s, email %s (%05d / %05d) %s" %
(uid, name, email, nr, total, status))
def _handleContinuationVerify(self):
"""
Handles the first stage continuation.
"""
# the consumer object with an in-memory storage
oid_consumer = consumer.Consumer(session, self.store)
# a dict containing the parsed query string
query = {}
for key in request.values.keys():
query[key] = request.values.get(key)
# the current url (w/o query string)
url = get_multistage_continuation_url(self.name, {'oidstage': '1'})
# we get the info about the authentication
oid_info = oid_consumer.complete(query, url)
# the identity we've retrieved from the response
if oid_info.status == consumer.FAILURE:
# verification has failed
# return an error message with description of error
logging.debug("OpenIDError: {0}".format(oid_info.message))
error_message = _('OpenID Error')
return CancelLogin(error_message)
elif oid_info.status == consumer.CANCEL:
logging.debug("OpenID verification cancelled.")
# verification was cancelled
# return error
return CancelLogin(_('OpenID verification cancelled.'))
elif oid_info.status == consumer.SUCCESS:
logging.debug('OpenID success. id: {0}'.format(
oid_info.identity_url))
# we get the provider's url
# and the list of trusted providers
trusted = self._trusted_providers
server = oid_info.endpoint.server_url
if server in trusted or not trusted:
# the provider is trusted or all providers are trusted
# we have successfully authenticated our openid
# we get the user with this openid associated to him
identity = oid_info.identity_url
users = user.search_users(openid=identity)
user_obj = users and user.User(uid=users[0].item.itemid,
trusted=self.trusted,
auth_method=self.name)
# if the user actually exists
if user_obj:
# we get the authenticated user object
# success!
user_obj.auth_method = self.name
flash(_('You have logged in with OpenID.'), "info")
return ContinueLogin(user_obj)
# there is no user with this openid
else:
# redirect the user to registration
return MultistageRedirectLogin(
url_for('frontend.register',
_external=True,
openid_openid=identity,
openid_submit='1'))
# not trusted
return ContinueLogin(None,
_('This OpenID provider is not trusted.'))
else:
logging.debug("OpenID failure")
# the auth failed miserably
return CancelLogin(_('OpenID failure.'))
