def profile_field(request, test_session, admin_user, text_field, discussion): from assembl.models import ProfileField saobj = ProfileField(discussion=discussion, agent_profile=admin_user, configurable_field=text_field, value_data={u'value': u'*****@*****.**'}) test_session.add(saobj) test_session.flush() def fin(): print("Finalizer profile_field") test_session.delete(saobj) test_session.flush() request.addfinalizer(fin) return saobj
def profile_field_for_participant_user(request, test_session, participant1_user, text_field, discussion): from assembl.models import ProfileField saobj = ProfileField(discussion=discussion, agent_profile=participant1_user, configurable_field=text_field, value_data={u'value': u'*****@*****.**'}) test_session.add(saobj) test_session.flush() def fin(): print("Finalizer profile fields for participant1_user") test_session.delete(saobj) test_session.flush() request.addfinalizer(fin) return saobj
def assembl_register_user(request): forget(request) localizer = request.localizer session = AgentProfile.default_db json = request.json logger = logging.getLogger() discussion = discussion_from_request(request) permissions = get_permissions(Everyone, discussion.id if discussion else None) name = json.get('real_name', '').strip() errors = JSONError() if not name or len(name) < 3: errors.add_error( localizer.translate( _("Please use a name of at least 3 characters")), ErrorTypes.SHORT_NAME) password = json.get('password', '').strip() # TODO: Check password strength. maybe pwdmeter? email = None for account in json.get('accounts', ()): email = account.get('email', None) if not is_email(email): errors.add_error( localizer.translate(_("This is not a valid email")), ErrorTypes.INVALID_EMAIL) continue email = EmailString.normalize_email_case(email) # Find agent account to avoid duplicates! if session.query(AbstractAgentAccount).filter_by( email_ci=email).count(): if not discussion.preferences['generic_errors']: errors.add_error( localizer.translate( _("We already have a user with this email.")), ErrorTypes.EXISTING_EMAIL, HTTPConflict.code) else: errors.add_error(localizer.translate(generic_error_message), ErrorTypes.GENERIC, HTTPConflict.code) logger.error( "[User creation]: We already have a user with this email %s" % email) if not email: errors.add_error(localizer.translate(_("No email.")), ErrorTypes.INVALID_EMAIL) username = json.get('username', None) if username: if session.query(Username).filter( func.lower(Username.username) == username.lower()).count(): if not discussion.preferences['generic_errors']: errors.add_error( localizer.translate( _("We already have a user with this username.")), ErrorTypes.EXISTING_USERNAME, HTTPConflict.code) else: errors.add_error(localizer.translate(generic_error_message), ErrorTypes.GENERIC, HTTPConflict.code) logger.error("We already have a user with username %s" % username) if len(username) > 20: errors.add_error( localizer.translate( _("The username must be less than 20 characters.")), ErrorTypes.USERNAME_TOO_LONG, HTTPBadRequest.code) if discussion: check_subscription = discussion.preferences['whitelist_on_register'] whitelist = discussion.preferences['require_email_domain'] if check_subscription and whitelist: status = discussion.check_email(email) if not status: admin_emails = discussion.get_admin_emails() num = len(admin_emails) errors.add_error( localizer.pluralize( _("Your email domain has not been approved for registration. Please contact ${emails} for support." ), _("Your email domain has not been approved for registration. Please contact one of ${emails} for support." ), num, mapping={'emails': ", ".join(admin_emails)})) if errors: raise errors # This logic needs to be above the JSONError checks to ensure that whitelisting is applied # even if the discussion does not have a P_SELF_REGISTER on system.Everyone if discussion and not (P_SELF_REGISTER in permissions or P_SELF_REGISTER_REQUEST in permissions): # Consider it without context discussion = None validate_registration = asbool( config.get('assembl.validate_registration_emails')) old_autoflush = session.autoflush session.autoflush = False try: now = datetime.utcnow() user = User(name=name, password=password, verified=not validate_registration, creation_date=now) session.add(user) session.flush() user.update_from_json(json, user_id=user.id) account = user.accounts[0] email = account.email account.verified = not validate_registration if discussion: agent_status = AgentStatusInDiscussion( agent_profile=user, discussion=discussion, first_visit=now, last_visit=now, user_created_on_this_discussion=True) session.add(agent_status) session.flush() # create the profile fields for custom fields for global_id, value in json.get('profileFields', {}).iteritems(): configurable_field_id = from_global_id(global_id)[1] configurable_field = AbstractConfigurableField.get( configurable_field_id) profile_field = ProfileField( agent_profile=user, configurable_field=configurable_field, discussion=configurable_field.discussion, value_data={u'value': value}) session.add(profile_field) session.flush() if validate_registration: send_confirmation_email(request, account) else: user.verified = True for account in user.accounts: account.verified = True user.successful_login() if asbool(config.get('pyramid.debug_authorization')): # for debugging purposes from assembl.auth.password import email_token print "email token:", request.route_url( 'user_confirm_email', token=email_token(account)) if discussion: check_subscription = discussion.preferences[ 'whitelist_on_register'] maybe_auto_subscribe(user, discussion, check_authorization=check_subscription) session.flush() return CreationResponse(user, Everyone, permissions) finally: session.autoflush = old_autoflush
def assembl_register_user(request): forget(request) localizer = request.localizer session = AgentProfile.default_db json = request.json discussion = discussion_from_request(request) permissions = get_permissions(Everyone, discussion.id if discussion else None) if discussion and not (P_SELF_REGISTER in permissions or P_SELF_REGISTER_REQUEST in permissions): # Consider it without context discussion = None name = json.get('real_name', '').strip() errors = JSONError() if not name or len(name) < 3: errors.add_error( localizer.translate( _("Please use a name of at least 3 characters")), ErrorTypes.SHORT_NAME) password = json.get('password', '').strip() # TODO: Check password strength. maybe pwdmeter? email = None for account in json.get('accounts', ()): email = account.get('email', None) if not is_email(email): errors.add_error( localizer.translate(_("This is not a valid email")), ErrorTypes.INVALID_EMAIL) continue email = EmailString.normalize_email_case(email) # Find agent account to avoid duplicates! if session.query(AbstractAgentAccount).filter_by( email_ci=email).count(): errors.add_error( localizer.translate( _("We already have a user with this email.")), ErrorTypes.EXISTING_EMAIL, HTTPConflict.code) if not email: errors.add_error(localizer.translate(_("No email.")), ErrorTypes.INVALID_EMAIL) username = json.get('username', None) if username: if session.query(Username).filter_by(username=username).count(): errors.add_error( localizer.translate( _("We already have a user with this username.")), ErrorTypes.EXISTING_USERNAME, HTTPConflict.code) if errors: raise errors validate_registration = asbool( config.get('assembl.validate_registration_emails')) old_autoflush = session.autoflush session.autoflush = False try: now = datetime.utcnow() user = User(name=name, password=password, verified=not validate_registration, creation_date=now) session.add(user) session.flush() user.update_from_json(json, user_id=user.id) account = user.accounts[0] email = account.email account.verified = not validate_registration if discussion: agent_status = AgentStatusInDiscussion( agent_profile=user, discussion=discussion, first_visit=now, last_visit=now, user_created_on_this_discussion=True) session.add(agent_status) session.flush() # create the profile fields for custom fields for global_id, value in json.get('profileFields', {}).iteritems(): configurable_field_id = from_global_id(global_id)[1] configurable_field = AbstractConfigurableField.get( configurable_field_id) profile_field = ProfileField( agent_profile=user, configurable_field=configurable_field, discussion=configurable_field.discussion, value_data={u'value': value}) session.add(profile_field) session.flush() if validate_registration: send_confirmation_email(request, account) else: user.verified = True for account in user.accounts: account.verified = True user.successful_login() if asbool(config.get('pyramid.debug_authorization')): # for debugging purposes from assembl.auth.password import email_token print "email token:", request.route_url( 'user_confirm_email', token=email_token(account)) if discussion: maybe_auto_subscribe(user, discussion) session.flush() return CreationResponse(user, Everyone, permissions) finally: session.autoflush = old_autoflush