def _extract_json_body(request: Request) -> object: json_body = {} if request.body == "": request.body = "{}" try: json_body = request.json_body except (ValueError, TypeError) as err: error = error_entry("body", None, "Invalid JSON request body".format(err)) request.errors.append(error) return json_body
def _extract_json_body(request: Request) -> object: json_body = {} if request.body == '': request.body = '{}' try: json_body = request.json_body except (ValueError, TypeError) as err: error = error_entry('body', None, 'Invalid JSON request body'.format(err)) request.errors.append(error) return json_body
def _extract_json_body(request: IRequest) -> object: json_body = {} if request.body == '': request.body = '{}' try: json_body = request.json_body except (ValueError, TypeError) as err: error = error_entry('body', None, 'Invalid JSON request body'.format(err)) request.errors.append(error) return json_body
def validate_user_headers(request: Request): """ Validate the user headers. If the request has a 'X-User-Path' and/or 'X-User-Token' header, we ensure that the session takes belongs to the user and is not expired. """ headers = request.headers if "X-User-Path" in headers or "X-User-Token" in headers: if get_user(request) is None: error = error_entry("header", "X-User-Token", "Invalid user token") request.errors.append(error)
def validate_user_headers(request: Request): """ Validate the user headers. If the request has a 'X-User-Path' and/or 'X-User-Token' header, we ensure that the session takes belongs to the user and is not expired. """ headers = request.headers if 'X-User-Path' in headers or 'X-User-Token' in headers: if get_user(request) is None: error = error_entry('header', 'X-User-Token', 'Invalid user token') request.errors.append(error)
def validate_post_root_versions(context, request: Request): """Check and transform the 'root_version' paths to resources.""" # TODO: make this a colander validator and move to schema.py root_versions = request.validated.get('root_versions', []) valid_root_versions = [] for root in root_versions: if not IItemVersion.providedBy(root): error = 'This resource is not a valid ' \ 'root version: {}'.format(request.resource_url(root)) request.errors.append(error_entry('body', 'root_versions', error)) continue valid_root_versions.append(root) request.validated['root_versions'] = valid_root_versions
def validate_post_root_versions(context, request: Request): """Check and transform the 'root_version' paths to resources.""" # TODO: make this a colander validator and move to schema.py # use the catalog to find IItemversions root_versions = request.validated.get("root_versions", []) valid_root_versions = [] for root in root_versions: if not IItemVersion.providedBy(root): error = "This resource is not a valid " "root version: {}".format(request.resource_url(root)) request.errors.append(error_entry("body", "root_versions", error)) continue valid_root_versions.append(root) request.validated["root_versions"] = valid_root_versions
def validate_account_active(context, request: Request): """Ensure that the user account is already active. Requires the user object as `user` in `request.validated`. No error message is added if there were earlier errors, as that would leak information (indicating that a not-yet-activated account already exists). """ user = request.validated.get("user", None) if user is None or request.errors: return if not user.active: error = error_entry("body", "name", "User account not yet activated") request.errors.append(error)
def validate_account_active(context, request: Request): """Ensure that the user account is already active. Requires the user object as `user` in `request.validated`. No error message is added if there were earlier errors, as that would leak information (indicating that a not-yet-activated account already exists). """ user = request.validated.get('user', None) if user is None or request.errors: return if not user.active: error = error_entry('body', 'name', 'User account not yet activated') request.errors.append(error)
def validate_post_root_versions(context, request: Request): """Check and transform the 'root_version' paths to resources.""" # TODO: make this a colander validator and move to schema.py # use the catalog to find IItemversions root_versions = request.validated.get('root_versions', []) valid_root_versions = [] for root in root_versions: if not IItemVersion.providedBy(root): error = 'This resource is not a valid ' \ 'root version: {}'.format(request.resource_url(root)) request.errors.append(error_entry('body', 'root_versions', error)) continue valid_root_versions.append(root) request.validated['root_versions'] = valid_root_versions
def validate_activation_path(context, request: Request): """Validate the user name of a login request. If valid and activated, the user object is added as 'user' to `request.validated`. """ path = request.validated['path'] locator = request.registry.getMultiAdapter((context, request), IUserLocator) user = locator.get_user_by_activation_path(path) registry = request.registry if user is None or _activation_time_window_has_expired(user, registry): error = error_entry('body', 'path', 'Unknown or expired activation path') request.errors.append(error) else: user.activate() request.validated['user'] = user if user is not None: user.activation_path = None # activation path can only be used once
def validate_activation_path(context, request: Request): """Validate the user name of a login request. If valid and activated, the user object is added as 'user' to `request.validated`. """ path = request.validated["path"] locator = request.registry.getMultiAdapter((context, request), IUserLocator) user = locator.get_user_by_activation_path(path) error = error_entry("body", "path", "Unknown or expired activation path") if user is None: request.errors.append(error) elif is_older_than(user, days=8): request.errors.append(error) user.activation_path = None else: user.activate() user.activation_path = None request.validated["user"] = user event = ResourceSheetModified(user, IUserBasic, request.registry, {}, {}, request) request.registry.notify(event) # trigger reindex activation_path index
def validate_activation_path(context, request: Request): """Validate the user name of a login request. If valid and activated, the user object is added as 'user' to `request.validated`. """ path = request.validated['path'] locator = request.registry.getMultiAdapter((context, request), IUserLocator) user = locator.get_user_by_activation_path(path) error = error_entry('body', 'path', 'Unknown or expired activation path') if user is None: request.errors.append(error) elif is_older_than(user, days=8): request.errors.append(error) user.activation_path = None else: user.activate() user.activation_path = None request.validated['user'] = user event = ResourceSheetModified(user, IUserBasic, request.registry, {}, {}, request) request.registry.notify(event) # trigger reindex activation_path index
def _add_no_such_user_or_wrong_password_error(request: Request): error = error_entry('body', 'password', 'User doesn\'t exist or password is wrong') request.errors.append(error)
def _add_colander_invalid_error_to_request(error: Invalid, request: Request, location: str): for name, msg in error.asdict().items(): request.errors.append(error_entry(location, name, msg))
def _add_no_such_user_or_wrong_password_error(request: Request): error = error_entry("body", "password", "User doesn't exist or password is wrong") request.errors.append(error)