def set_random_password(self, username=None): user = M.User.by_username(username) if not user or user.is_anonymous(): raise HTTPNotFound() pwd = h.random_password() AuthenticationProvider.get(request).set_password(user, None, pwd) h.auditlog_user('Set random password', user=user) flash('Password is set', 'ok') redirect(request.referer)
def set_status(self, username=None, status=None): user = M.User.by_username(username) if not user or user.is_anonymous(): raise HTTPNotFound() if status == 'enable' and (user.disabled or user.pending): AuthenticationProvider.get(request).activate_user(user, audit=False) AuthenticationProvider.get(request).enable_user(user) flash('User enabled') elif status == 'disable' and not user.disabled: AuthenticationProvider.get(request).disable_user(user) flash('User disabled') elif status == 'pending': AuthenticationProvider.get(request).deactivate_user(user) AuthenticationProvider.get(request).enable_user(user, audit=False) flash('Set user status to pending') redirect(request.referer)
def display(self, *a, **kw): """ Renders the section using the context from :meth:`prepare_context` and the :attr:`template`, if :meth:`check_display` returns True. If overridden or this base class is not used, this method should return either plain text (which will be escaped) or a `jinja2.Markup` instance. """ if not self.check_display(): return '' try: tmpl = g.jinja2_env.get_template(self.template) context = self.prepare_context({ 'h': h, 'c': c, 'g': g, 'user': self.user, 'config': tg.config, 'auth': AuthenticationProvider.get(request), }) return Markup(tmpl.render(context)) except Exception as e: log.exception('Error rendering section %s: %s', type(self).__name__, e) if asbool(tg.config.get('debug')): raise else: return ''
def display(self, *a, **kw): """ Renders the section using the context from :meth:`prepare_context` and the :attr:`template`, if :meth:`check_display` returns True. If overridden or this base class is not used, this method should return either plain text (which will be escaped) or a `jinja2.Markup` instance. """ if not self.check_display(): return '' try: tmpl = g.jinja2_env.get_template(self.template) context = self.prepare_context({ 'h': h, 'c': c, 'g': g, 'user': self.user, 'config': tg.config, 'auth': AuthenticationProvider.get(request), }) return Markup(tmpl.render(context)) except Exception as e: log.exception('Error rendering profile section %s: %s', type(self).__name__, e) if asbool(tg.config.get('debug')): raise else: return ''
def search_users(self, q=None, f=None, page=0, limit=None, **kw): fields = [('username', 'username'), ('display_name', 'display name')] add_fields = aslist(tg.config.get('search.user.additional_search_fields'), ',') r = self._search(M.User, fields, add_fields, q, f, page, limit, **kw) r['objects'] = [dict(u, status=h.get_user_status(u['object'])) for u in r['objects']] r['search_results_template'] = 'allura:templates/site_admin_search_users_results.html' r['additional_display_fields'] = \ aslist(tg.config.get('search.user.additional_display_fields'), ',') r['provider'] = AuthenticationProvider.get(request) return r
def index(self, **kw): user = c.project.user_project_of if not user: raise exc.HTTPNotFound() provider = AuthenticationProvider.get(request) sections = [section(user, c.project) for section in c.app.profile_sections] return dict( user=user, reg_date=provider.user_registration_date(user), sections=sections)
def index(self, **kw): user = c.project.user_project_of if not user: raise exc.HTTPNotFound() provider = AuthenticationProvider.get(request) sections = [ section(user, c.project) for section in c.app.profile_sections ] return dict(user=user, reg_date=provider.user_registration_date(user), sections=sections)
def execute(cls, options): auth_provider = AuthenticationProvider.get(None) for i, chunk in enumerate(chunked_find(M.User, {})): log.info('Backfilling login details for chunk #%s', i) for u in chunk: try: u.backfill_login_details(auth_provider) session(u).flush(u) except Exception: log.exception('Error backfilling on user %s', u) log.info('Finished backfilling previous login details')
def __json__(self): auth_provider = AuthenticationProvider.get(request) return dict( username=self.user.username, name=self.user.display_name, joined=auth_provider.user_registration_date(self.user), localization=self.user.get_pref('localization')._deinstrument(), sex=self.user.get_pref('sex'), telnumbers=self.user.get_pref('telnumbers')._deinstrument(), skypeaccount=self.user.get_pref('skypeaccount'), webpages=self.user.get_pref('webpages')._deinstrument(), availability=self.user.get_pref('availability')._deinstrument())
def search_users(self, q=None, f=None, page=0, limit=None, **kw): fields = [('username', 'username'), ('display_name', 'display name')] add_fields = aslist( tg.config.get('search.user.additional_search_fields'), ',') r = self._search(M.User, fields, add_fields, q, f, page, limit, **kw) r['objects'] = [ dict(u, status=h.get_user_status(u['object'])) for u in r['objects'] ] r['search_results_template'] = 'allura:templates/site_admin_search_users_results.html' r['additional_display_fields'] = \ aslist(tg.config.get('search.user.additional_display_fields'), ',') r['provider'] = AuthenticationProvider.get(request) return r
def execute(cls, options): auth_provider = AuthenticationProvider.get(None) for i, chunk in enumerate(chunked_find(M.User, {}, pagesize=2)): log.info('Backfilling login details for chunk #%s', i) for u in chunk: try: u.backfill_login_details(auth_provider) except Exception: log.exception('Error backfilling on user %s', u) main_orm_session.clear() # AuditLog and User objs main_explicitflush_orm_session.clear( ) # UserLoginDetails objs, already flushed individually log.info('Finished backfilling previous login details')
def _default(self, username, limit=25, page=0): user = M.User.by_username(username) if not user or user.is_anonymous(): raise HTTPNotFound() projects = user.my_projects().all() audit_log = self._audit_log(user, limit, page) info = { 'user': user, 'status': h.get_user_status(user), 'projects': projects, 'audit_log': audit_log, } p = AuthenticationProvider.get(request) info.update(p.user_details(user)) return info
def disable_users(cls, usernames): auth_provider = AuthenticationProvider.get(request=None) # would be nice to use the BatchIndexer extension around this but that only works for artifacts not users for username in usernames: user = M.User.query.get(username=username) if not user: log.info('Could not find user: %s', username) elif user.disabled: log.info('User is already disabled: %s', username) session(user).expunge(user) else: log.info('Disabling user: %s', username) auth_provider.disable_user(user) session(user).flush(user)
def execute(cls, options): provider = ProjectRegistrationProvider.get() auth_provider = AuthenticationProvider.get(Request.blank('/')) for proj in options.projects: proj = cls.get_project(proj) if proj: if proj.is_user_project: # disable user as well user = proj.user_project_of if user: auth_provider.disable_user(user, audit=False) msg = u'Account disabled because user-project was specified for deletion. Reason: {}'.format( options.reason) log_entry = h.auditlog_user(msg, user=user) session(log_entry).flush(log_entry) else: log.info('Could not find associated user for user-project %s', proj.shortname) log.info('Purging %s Reason: %s', proj.url(), options.reason) provider.purge_project(proj, disable_users=options.disable_users, reason=options.reason)
def reconfirm_auth(func, *args, **kwargs): ''' A decorator to require the user to reconfirm their login. Useful for sensitive pages. ''' from allura.lib.plugin import AuthenticationProvider if request.POST.get('password'): if AuthenticationProvider.get(request).validate_password(c.user, request.POST['password']): session['auth-reconfirmed'] = datetime.utcnow() session.save() kwargs.pop('password', None) else: c.form_errors['password'] = '******' allowed_timedelta = timedelta(seconds=asint(config.get('auth.reconfirm.seconds', 60))) last_reconfirm = session.get('auth-reconfirmed', datetime.min) if datetime.utcnow() - last_reconfirm <= allowed_timedelta: return func(*args, **kwargs) else: return render({}, 'jinja', "allura:templates/reconfirm_auth.html")
def execute(cls, options): provider = ProjectRegistrationProvider.get() auth_provider = AuthenticationProvider.get(Request.blank('/')) for proj in options.projects: proj = cls.get_project(proj) if proj: if proj.is_user_project: # disable user as well user = proj.user_project_of if user: auth_provider.disable_user(user, audit=False) msg = u'Account disabled because user-project was specified for deletion. Reason: {}'.format( options.reason) log_entry = h.auditlog_user(msg, user=user) session(log_entry).flush(log_entry) else: log.info( 'Could not find associated user for user-project %s', proj.shortname) log.info('Purging %s Reason: %s', proj.url(), options.reason) provider.purge_project(proj, disable_users=options.disable_users, reason=options.reason)
def index(self, **kw): user = c.project.user_project_of if not user: raise exc.HTTPNotFound() provider = AuthenticationProvider.get(request) return dict(user=user, reg_date=provider.user_registration_date(user))