def display(username): user = webapp.user.get_user(username=username) if not user: flask.abort(http.client.NOT_FOUND) if not webapp.user.am_admin_or_self(user): flask.abort(http.client.FORBIDDEN) user.pop("password", None) user.pop("apikey", None) user["logs"] = {"href": utils.url_for(".logs", username=user["username"])} return utils.jsonify(utils.get_json(**user), schema_url=utils.url_for("api_schema.user"))
def software(): result = [{ "name": s[0], "version": s[1], "href": s[2] } for s in webapp.about.get_software()] return utils.jsonify(utils.get_json(software=result), schema_url=utils.url_for("api_schema.about_software"))
def logs(username): user = webapp.user.get_user(username=username) if not user: flask.abort(http.client.NOT_FOUND) if not webapp.user.am_admin_or_self(user): flask.abort(http.client.FORBIDDEN) return utils.jsonify(utils.get_json(user=get_user_basic(user), logs=utils.get_logs(user["iuid"])), schema_url=utils.url_for("api_schema.logs"))
def send_password_code(user, action): "Send an email with the one-time code to the user's email address." site = flask.current_app.config["SITE_NAME"] message = flask_mail.Message(f"{site} user account {action}", recipients=[user["email"]]) url = utils.url_for(".password", username=user["username"], code=user["password"][len("code:"):]) message.body = f"To set your password, go to {url}" utils.mail.send(message)
def root(): "API root." items = { "schema": { "root": { "href": utils.url_for("api_schema.root") }, "logs": { "href": utils.url_for("api_schema.logs") }, "user": { "href": utils.url_for("api_schema.user") }, "users": { "href": utils.url_for("api_schema.users") }, "about/software": { "href": utils.url_for("api_schema.about_software") } }, "about": { "software": { "href": utils.url_for("api_about.software") } } } if flask.g.current_user: items["user"] = { "username": flask.g.current_user["username"], "href": utils.url_for("api_user.display", username=flask.g.current_user["username"]) } if flask.g.am_admin: items["users"] = {"href": utils.url_for("api_user.all")} return utils.jsonify(utils.get_json(**items), schema_url=utils.url_for("api_schema.root"))
def get_user_basic(user): "Return the basic JSON data for a user." return { "username": user["username"], "href": utils.url_for(".display", username=user["username"]) }
def all(): if not flask.g.am_admin: flask.abort(http.client.FORBIDDEN) users = [get_user_basic(u) for u in webapp.user.get_users()] return utils.jsonify(utils.get_json(users=users), schema_url=utils.url_for("api_schema.users"))
def register(): "Register a new user account." if utils.http_GET(): return flask.render_template("user/register.html") elif utils.http_POST(): try: with UserSaver() as saver: saver.set_username(flask.request.form.get("username")) saver.set_email(flask.request.form.get("email")) saver.set_role(constants.USER) if flask.g.am_admin: password = flask.request.form.get("password") or None if password: confirm = flask.request.form.get("confirm_password") if password != confirm: raise ValueError("Password differs from" " confirmed password.") saver.set_password(password) saver.set_status(constants.ENABLED) elif not flask.current_app.config["MAIL_SERVER"]: password = flask.request.form.get("password") or None if password: confirm = flask.request.form.get("confirm_password") if password != confirm: raise ValueError("Password an confirmed password" " not the same.") saver.set_password(password) else: saver.set_password() user = saver.doc except ValueError as error: return utils.error(error) utils.get_logger().info(f"registered user {user['username']}") # Directly enabled. if user["status"] == constants.ENABLED: if user["password"][:5] == "code:": utils.get_logger().info(f"enabled user {user['username']}") # Send code by email to user. if flask.current_app.config["MAIL_SERVER"]: send_password_code(user, "registration") utils.flash_message("User account created; check your email.") # No email server: must contact admin. else: utils.flash_message("User account created; contact" " the site admin to get the password" " setting code.") # Directly enabled and password set. No email to anyone. else: utils.get_logger().info(f"enabled user {user['username']}" " and set password") utils.flash_message("User account created and password set.") # Was set to 'pending'; send email to admins if email server defined. elif flask.current_app.config["MAIL_SERVER"]: admins = get_users(constants.ADMIN, status=constants.ENABLED) emails = [u["email"] for u in admins] site = flask.current_app.config["SITE_NAME"] message = flask_mail.Message(f"{site} user account pending", recipients=emails) url = utils.url_for(".display", username=user["username"]) message.body = f"To enable the user account, go to {url}" utils.mail.send(message) utils.get_logger().info(f"pending user {user['username']}") utils.flash_message("User account created; an email will be sent" " when it has been enabled by the admin.") else: utils.get_logger().info(f"pending user {user['username']}") utils.flash_message("User account created; admin will enable it" " at some point. Try login later.") return flask.redirect(flask.url_for("home"))