示例#1
0
    def editalias(self, aliasid):
        "Edit alias domain"
        alias = self._get_alias(aliasid)
        if not alias:
            abort(404)

        c.form = EditDomainAlias(request.POST, alias, csrf_context=session)
        c.form.domain.query = Session.query(Domain)\
                            .filter(Domain.id == alias.domain_id)
        if request.method == 'POST' and c.form.validate():
            if update_if_changed(c.form, alias):
                try:
                    edit_alias(alias, c.user, request.host,
                                request.remote_addr)
                    flash(_('The domain alias: %s has been updated') %
                            alias.name)
                    redirect(url('domain-detail', domainid=alias.domain_id))
                except IntegrityError:
                    Session.rollback()
                    msg = _('The update failed')
                    flash_alert(msg)
                    log.info(msg)
            else:
                msg = _('No changes were made to the domain alias')
                flash_info(msg)
                log.info(msg)
                redirect(url('domain-detail', domainid=alias.domain_id))

        c.aliasid = aliasid
        c.domainid = alias.domain_id
        c.domainname = alias.domain.name
        return self.render('/domains/editalias.html')
示例#2
0
 def edit_auth(self, authid):
     "Edit auth server"
     server = self._get_authserver(authid)
     if not server:
         abort(404)
     c.form = AddAuthForm(request.POST, server, csrf_context=session)
     if request.method == 'POST' and c.form.validate():
         kwd = dict(domainid=server.domain_id)
         if auth_update_if_changed(c.form, server):
             try:
                 edit_auth(server, c.user, request.host,
                         request.remote_addr)
                 flash(_('The authentication settings have been updated'))
                 self.invalidate = 1
                 self._get_authserver(authid)
                 kwd['uc'] = 1
                 redirect(url('domain-detail', **kwd))
             except IntegrityError:
                 Session.rollback()
                 msg = _('The authentication settings update failed')
                 flash_alert(msg)
                 log.info(msg)
         else:
             msg = _('No changes were made to the authentication settings')
             flash_info(msg)
             log.info(msg)
             redirect(url('domain-detail', **kwd))
     c.domainid = server.domains.id
     c.domainname = server.domains.name
     c.authid = authid
     return self.render('/domains/editauth.html')
示例#3
0
    def edit(self, userid):
        """GET /accounts/edit/id: Form to edit an existing item"""
        user = self._get_user(userid)
        if not user:
            abort(404)

        c.form = user_update_form(user, c.user, request.POST, session)
        if request.method == 'POST' and c.form.validate():
            kwd = dict(userid=user.id)
            if update_changed(c.form, FORM_FIELDS, user):
                try:
                    update_user(user, c.user, request.host,
                                request.remote_addr)
                    flash(_('The account has been updated'))
                    kwd['uc'] = 1
                except IntegrityError:
                    Session.rollback()
                    flash_alert(
                        _('The account: %(acc)s could not be updated') %
                        dict(acc=user.username))
                if (user.id == c.user.id and c.form.active and
                    c.form.active.data is False):
                    redirect(url('/logout'))
            else:
                flash_info(_('No changes made to the account'))
            redirect(url(controller='accounts', action='detail', **kwd))
        c.fields = FORM_FIELDS
        c.id = userid
        return self.render('/accounts/edit.html')
示例#4
0
 def editdestination(self, destinationid):
     "Edit destination server"
     server = self._get_server(destinationid)
     if not server:
         abort(404)
     c.form = AddDeliveryServerForm(request.POST,
                                     server,
                                     csrf_context=session)
     if request.method == 'POST' and c.form.validate():
         kwd = dict(domainid=server.domain_id)
         if update_if_changed(c.form, server):
             try:
                 update_destination(server, c.user, request.host,
                                     request.remote_addr)
                 self.invalidate = 1
                 self._get_server(destinationid)
                 kwd['uc'] = 1
                 flash(_('The destination server has been updated'))
                 redirect(url('domain-detail', **kwd))
             except IntegrityError:
                 Session.rollback()
                 msg = _('The update failed')
                 flash_alert(msg)
                 log.info(msg)
         else:
             msg = _('No changes were made to the destination server')
             flash_info(msg)
             log.info(msg)
             redirect(url('domain-detail', **kwd))
     c.id = destinationid
     c.domainid = server.domain_id
     return self.render('/domains/editdestination.html')
示例#5
0
    def editalias(self, aliasid):
        "Edit alias domain"
        alias = self._get_alias(aliasid)
        if not alias:
            abort(404)

        c.form = EditDomainAlias(request.POST, alias, csrf_context=session)
        c.form.domain.query = Session.query(Domain)\
                            .filter(Domain.id == alias.domain_id)
        if request.method == 'POST' and c.form.validate():
            if update_if_changed(c.form, alias):
                try:
                    edit_alias(alias, c.user, request.host,
                               request.remote_addr)
                    flash(
                        _('The domain alias: %s has been updated') %
                        alias.name)
                    redirect(url('domain-detail', domainid=alias.domain_id))
                except IntegrityError:
                    Session.rollback()
                    msg = _('The update failed')
                    flash_alert(msg)
                    log.info(msg)
            else:
                msg = _('No changes were made to the domain alias')
                flash_info(msg)
                log.info(msg)
                redirect(url('domain-detail', domainid=alias.domain_id))

        c.aliasid = aliasid
        c.domainid = alias.domain_id
        c.domainname = alias.domain.name
        return self.render('/domains/editalias.html')
示例#6
0
    def editaddress(self, addressid):
        "Edit address"
        address = get_address(addressid)
        if not address:
            abort(404)

        c.form = AddressForm(request.POST, address, csrf_context=session)
        if request.method == 'POST' and c.form.validate():
            try:
                if (address.address != c.form.address.data
                        or address.enabled != c.form.enabled.data):
                    update_address(c.form, address, c.user, request.host,
                                   request.remote_addr)
                    flash(_('The alias address has been updated'))
                else:
                    flash_info(_('No changes were made to the address'))
            except IntegrityError:
                Session.rollback()
                msg = _('The address %(addr)s already exists') % \
                        dict(addr=c.form.address.data)
                flash_alert(msg)
                log.info(msg)
            except NoResultFound:
                domain = c.form.address.data.split('@')[1]
                msg = _('Domain: %(d)s does not belong to you') % \
                        dict(d=domain)
                flash(msg)
                log.info(msg)
            redirect(
                url(controller='accounts',
                    action='detail',
                    userid=address.user_id))
        c.id = addressid
        c.userid = address.user_id
        return self.render('/accounts/editaddress.html')
示例#7
0
文件: settings.py 项目: aureg/baruwa2
    def edit_server(self, serverid):
        "Edit scan server"
        server = self._get_server(serverid)
        if not server:
            abort(404)

        c.form = ServerForm(request.POST, server, csrf_context=session)
        c.id = server.id
        if request.POST and c.form.validate():
            if (server.hostname != c.form.hostname.data or
                server.enabled != c.form.enabled.data):
                try:
                    server.hostname = c.form.hostname.data
                    server.enabled = c.form.enabled.data
                    Session.add(server)
                    Session.commit()
                    update_serial.delay()
                    info = HOSTUPDATE_MSG % dict(n=server.hostname)
                    audit_log(c.user.username,
                            2, info, request.host,
                            request.remote_addr, datetime.now())
                    flash(_('The scanning server has been updated'))
                except IntegrityError:
                    Session.rollback()
                    flash(_('Update of server failed'))
            else:
                flash_info(_('No changes were made to the server'))
            redirect(url(controller='settings'))
        return render('/settings/editserver.html')
示例#8
0
    def delete(self, userid):
        """/accounts/delete/id"""
        user = self._get_user(userid)
        if not user:
            abort(404)

        c.form = EditUserForm(request.POST, user, csrf_context=session)
        c.form.domains.query = Session.query(Domain)
        if request.POST and c.form.validate():
            username = user.username
            Session.delete(user)
            Session.commit()
            update_serial.delay()
            flash(_('The account has been deleted'))
            info = DELETEACCOUNT_MSG % dict(u=username)
            audit_log(c.user.username, 4, info, request.host,
                      request.remote_addr, now())
            if userid == c.user.id:
                redirect(url('/logout'))
            redirect(url(controller='accounts', action='index'))
        else:
            flash_info(
                _('The account: %(a)s and all associated data'
                  ' will be deleted, This action is not reversible.') %
                dict(a=user.username))
        c.fields = FORM_FIELDS
        c.id = userid
        return render('/accounts/delete.html')
示例#9
0
    def edit(self, orgid):
        "Edit an organization"
        org = self._get_org(orgid)
        if not org:
            abort(404)

        c.form = OrgForm(request.POST, org, csrf_context=session)
        c.form.domains.query = Session.query(Domain)
        c.form.admins.query = Session.query(User).filter(
                                User.account_type == 2)
        c.id = org.id
        if request.POST and c.form.validate():
            updated = False
            for field in c.form:
                if (field.name != 'csrf_token' and
                    field.data != getattr(org, field.name)):
                    setattr(org, field.name, field.data)
                    updated = True
            if updated:
                try:
                    Session.add(org)
                    Session.commit()
                    info = UPDATEORG_MSG % dict(o=org.name)
                    audit_log(c.user.username,
                            2, info, request.host,
                            request.remote_addr, datetime.now())
                    flash(_('The organization has been updated'))
                except IntegrityError:
                    Session.rollback()
                    flash(_('The organization could not be updated'))
            else:
                flash_info(_('No changes made, Organization not updated'))
            redirect(url(controller='organizations'))
        return render('/organizations/edit.html')
示例#10
0
 def editdestination(self, destinationid):
     "Edit destination server"
     server = self._get_server(destinationid)
     if not server:
         abort(404)
     c.form = AddDeliveryServerForm(request.POST,
                                    server,
                                    csrf_context=session)
     if request.method == 'POST' and c.form.validate():
         kwd = dict(domainid=server.domain_id)
         if update_if_changed(c.form, server):
             try:
                 update_destination(server, c.user, request.host,
                                    request.remote_addr)
                 self.invalidate = 1
                 self._get_server(destinationid)
                 kwd['uc'] = 1
                 flash(_('The destination server has been updated'))
                 redirect(url('domain-detail', **kwd))
             except IntegrityError:
                 Session.rollback()
                 msg = _('The update failed')
                 flash_alert(msg)
                 log.info(msg)
         else:
             msg = _('No changes were made to the destination server')
             flash_info(msg)
             log.info(msg)
             redirect(url('domain-detail', **kwd))
     c.id = destinationid
     c.domainid = server.domain_id
     return self.render('/domains/editdestination.html')
示例#11
0
 def edit_auth(self, authid):
     "Edit auth server"
     server = self._get_authserver(authid)
     if not server:
         abort(404)
     c.form = AddAuthForm(request.POST, server, csrf_context=session)
     if request.method == 'POST' and c.form.validate():
         kwd = dict(domainid=server.domain_id)
         if auth_update_if_changed(c.form, server):
             try:
                 edit_auth(server, c.user, request.host,
                           request.remote_addr)
                 flash(_('The authentication settings have been updated'))
                 self.invalidate = 1
                 self._get_authserver(authid)
                 kwd['uc'] = 1
                 redirect(url('domain-detail', **kwd))
             except IntegrityError:
                 Session.rollback()
                 msg = _('The authentication settings update failed')
                 flash_alert(msg)
                 log.info(msg)
         else:
             msg = _('No changes were made to the authentication settings')
             flash_info(msg)
             log.info(msg)
             redirect(url('domain-detail', **kwd))
     c.domainid = server.domains.id
     c.domainname = server.domains.name
     c.authid = authid
     return self.render('/domains/editauth.html')
示例#12
0
    def edit(self, domainid):
        "Edit a domain"
        domain = self._get_domain(domainid)
        if not domain:
            abort(404)

        c.id = domainid
        c.form = domain_update_form(c.user, request.POST, domain,
                                get_organizations, session)
        if request.method == 'POST' and c.form.validate():
            kwd = dict(domainid=domain.id)
            if domain_update_if_changed(c.form, domain):
                try:
                    update_domain(domain, c.user, request.host,
                                    request.remote_addr)
                    flash(_('The domain: %(dom)s has been updated') %
                        dict(dom=domain.name))
                    kwd['uc'] = 1
                except IntegrityError:
                    Session.rollback()
                    msg = _('The domain %(dom)s could not be updated') % \
                            dict(dom=domain.name)
                    flash(msg)
                    log.info(msg)
            else:
                msg = _('No changes were made to the domain')
                flash_info(msg)
                log.info(msg)
            redirect(url('domain-detail', **kwd))
        return self.render('/domains/edit.html')
示例#13
0
    def edit(self, domainid):
        "Edit a domain"
        domain = self._get_domain(domainid)
        if not domain:
            abort(404)

        c.id = domainid
        c.form = domain_update_form(c.user, request.POST, domain,
                                    get_organizations, session)
        if request.method == 'POST' and c.form.validate():
            kwd = dict(domainid=domain.id)
            if domain_update_if_changed(c.form, domain):
                try:
                    update_domain(domain, c.user, request.host,
                                  request.remote_addr)
                    flash(
                        _('The domain: %(dom)s has been updated') %
                        dict(dom=domain.name))
                    kwd['uc'] = 1
                except IntegrityError:
                    Session.rollback()
                    msg = _('The domain %(dom)s could not be updated') % \
                            dict(dom=domain.name)
                    flash(msg)
                    log.info(msg)
            else:
                msg = _('No changes were made to the domain')
                flash_info(msg)
                log.info(msg)
            redirect(url('domain-detail', **kwd))
        return self.render('/domains/edit.html')
示例#14
0
    def edit(self, orgid):
        "Edit an organization"
        org = get_org(orgid)
        if not org:
            abort(404)

        c.id = org.id
        c.form = org_add_form(request.POST, session, org)
        if request.method == 'POST' and c.form.validate():
            if update_if_changed(c.form, org):
                try:
                    edit_org(org, c.user, request.host, request.remote_addr)
                    msg = _('The organization has been updated')
                    flash(msg)
                    log.info(msg)
                except IntegrityError:
                    Session.rollback()
                    msg = _('The organization could not be updated')
                    flash(msg)
                    log.info(msg)
            else:
                msg = _('No changes made, Organization not updated')
                flash_info(msg)
                log.info(msg)
            redirect(url(controller='organizations'))
        return self.render('/organizations/edit.html')
示例#15
0
    def delete(self, userid):
        """/accounts/delete/id"""
        user = self._get_user(userid)
        if not user:
            abort(404)

        c.form = EditUserForm(request.POST, user, csrf_context=session)
        del c.form.domains

        if request.POST and c.form.validate():
            username = user.username
            user_id = unicode(user.id)
            Session.delete(user)
            Session.commit()
            update_serial.delay()
            flash(_('The account has been deleted'))
            info = DELETEACCOUNT_MSG % dict(u=username)
            audit_log(c.user.username,
                    4, unicode(info), request.host,
                    request.remote_addr, now())
            if userid == user_id:
                redirect(url('/logout'))
            redirect(url(controller='accounts', action='index'))
        else:
            flash_info(_('The account: %(a)s and all associated data'
                ' will be deleted, This action is not reversible.') %
                dict(a=user.username))
        c.fields = FORM_FIELDS
        c.id = userid
        return render('/accounts/delete.html')
示例#16
0
    def edit(self, orgid):
        "Edit an organization"
        org = get_org(orgid)
        if not org:
            abort(404)

        c.id = org.id
        c.form = org_add_form(request.POST, session, org)
        if request.method == 'POST' and c.form.validate():
            if update_if_changed(c.form, org):
                try:
                    edit_org(org, c.user, request.host, request.remote_addr)
                    msg = _('The organization has been updated')
                    flash(msg)
                    log.info(msg)
                except IntegrityError:
                    Session.rollback()
                    msg = _('The organization could not be updated')
                    flash(msg)
                    log.info(msg)
            else:
                msg = _('No changes made, Organization not updated')
                flash_info(msg)
                log.info(msg)
            redirect(url(controller='organizations'))
        return self.render('/organizations/edit.html')
示例#17
0
    def edit(self, orgid):
        "Edit an organization"
        org = self._get_org(orgid)
        if not org:
            abort(404)

        c.form = OrgForm(request.POST, org, csrf_context=session)
        c.form.domains.query = Session.query(Domain)
        c.form.admins.query = Session.query(User).filter(
            User.account_type == 2)
        c.id = org.id
        if request.POST and c.form.validate():
            updated = False
            for field in c.form:
                if (field.name != 'csrf_token'
                        and field.data != getattr(org, field.name)):
                    setattr(org, field.name, field.data)
                    updated = True
            if updated:
                try:
                    Session.add(org)
                    Session.commit()
                    info = UPDATEORG_MSG % dict(o=org.name)
                    audit_log(c.user.username, 2, info, request.host,
                              request.remote_addr, datetime.now())
                    flash(_('The organization has been updated'))
                except IntegrityError:
                    Session.rollback()
                    flash(_('The organization could not be updated'))
            else:
                flash_info(_('No changes made, Organization not updated'))
            redirect(url(controller='organizations'))
        return render('/organizations/edit.html')
示例#18
0
    def editaddress(self, addressid):
        "Edit address"
        address = get_address(addressid)
        if not address:
            abort(404)

        c.form = AddressForm(request.POST, address, csrf_context=session)
        if request.method == 'POST' and c.form.validate():
            try:
                if (address.address != c.form.address.data or
                    address.enabled != c.form.enabled.data):
                    update_address(c.form, address, c.user,
                                request.host, request.remote_addr)
                    flash(_('The alias address has been updated'))
                else:
                    flash_info(_('No changes were made to the address'))
            except IntegrityError:
                Session.rollback()
                msg = _('The address %(addr)s already exists') % \
                        dict(addr=c.form.address.data)
                flash_alert(msg)
                log.info(msg)
            except NoResultFound:
                domain = c.form.address.data.split('@')[1]
                msg = _('Domain: %(d)s does not belong to you') % \
                        dict(d=domain)
                flash(msg)
                log.info(msg)
            redirect(url(controller='accounts', action='detail',
            userid=address.user_id))
        c.id = addressid
        c.userid = address.user_id
        return self.render('/accounts/editaddress.html')
示例#19
0
文件: domains.py 项目: aureg/baruwa2
    def editalias(self, aliasid):
        "Edit alias domain"
        alias = self._get_alias(aliasid)
        if not alias:
            abort(404)

        c.form = EditDomainAlias(request.POST, alias, csrf_context=session)
        c.form.domain.query = Session.query(Domain).filter(Domain.id == alias.domain_id)
        if request.POST and c.form.validate():
            updated = False
            for field in c.form:
                if field.name != "csrf_token" and field.data != getattr(alias, field.name):
                    setattr(alias, field.name, field.data)
                    updated = True
            if updated:
                try:
                    Session.add(alias)
                    Session.commit()
                    update_serial.delay()
                    info = UPDATEDOMALIAS_MSG % dict(d=alias.name)
                    audit_log(c.user.username, 2, info, request.host, request.remote_addr, datetime.now())
                    flash(_("The domain alias: %s has been updated") % alias.name)
                    redirect(url("domain-detail", domainid=alias.domain_id))
                except IntegrityError:
                    Session.rollback()
                    flash_alert(_("The update failed"))
            else:
                flash_info(_("No changes were made to the domain alias"))
                redirect(url("domain-detail", domainid=alias.domain_id))

        c.aliasid = aliasid
        c.domainid = alias.domain_id
        c.domainname = alias.domain.name
        return render("/domains/editalias.html")
示例#20
0
文件: domains.py 项目: aureg/baruwa2
 def editdestination(self, destinationid):
     "Edit destination server"
     server = self._get_server(destinationid)
     if not server:
         abort(404)
     c.form = AddDeliveryServerForm(request.POST, server, csrf_context=session)
     if request.POST and c.form.validate():
         updated = False
         kw = dict(domainid=server.domain_id)
         for field in c.form:
             if field.name != "csrf_token" and field.data != getattr(server, field.name):
                 setattr(server, field.name, field.data)
                 updated = True
         if updated:
             try:
                 Session.add(server)
                 Session.commit()
                 flash(_("The destination server has been updated"))
                 info = UPDATEDELSVR_MSG % dict(d=server.domains.name, ds=server.address)
                 audit_log(c.user.username, 2, info, request.host, request.remote_addr, datetime.now())
                 self.invalidate = 1
                 self._get_server(destinationid)
                 redirect(url("domain-detail", **kw))
             except IntegrityError:
                 Session.rollback()
                 flash_alert(_("The update failed"))
         else:
             flash_info(_("No changes were made to the destination server"))
             redirect(url("domain-detail", **kw))
     c.id = destinationid
     c.domainid = server.domain_id
     return render("/domains/editdestination.html")
示例#21
0
    def edit(self, userid):
        """GET /accounts/edit/id: Form to edit an existing item"""
        user = self._get_user(userid)
        if not user:
            abort(404)

        c.form = user_update_form(user, c.user, request.POST, session)
        if request.method == 'POST' and c.form.validate():
            kwd = dict(userid=user.id)
            if update_changed(c.form, FORM_FIELDS, user):
                try:
                    update_user(user, c.user, request.host,
                                request.remote_addr)
                    flash(_('The account has been updated'))
                    kwd['uc'] = 1
                except IntegrityError:
                    Session.rollback()
                    flash_alert(
                        _('The account: %(acc)s could not be updated') %
                        dict(acc=user.username))
                if (user.id == c.user.id and c.form.active
                        and c.form.active.data is False):
                    redirect(url('/logout'))
            else:
                flash_info(_('No changes made to the account'))
            redirect(url(controller='accounts', action='detail', **kwd))
        c.fields = FORM_FIELDS
        c.id = userid
        return self.render('/accounts/edit.html')
示例#22
0
    def edit_server(self, serverid):
        "Edit scan server"
        server = self._get_server(serverid)
        if not server:
            abort(404)

        c.form = ServerForm(request.POST, server, csrf_context=session)
        c.id = server.id
        if request.POST and c.form.validate():
            if (server.hostname != c.form.hostname.data
                    or server.enabled != c.form.enabled.data):
                try:
                    server.hostname = c.form.hostname.data
                    server.enabled = c.form.enabled.data
                    Session.add(server)
                    Session.commit()
                    update_serial.delay()
                    info = HOSTUPDATE_MSG % dict(n=server.hostname)
                    audit_log(c.user.username, 2, info, request.host,
                              request.remote_addr, now())
                    flash(_('The scanning server has been updated'))
                except IntegrityError:
                    Session.rollback()
                    flash(_('Update of server failed'))
            else:
                flash_info(_('No changes were made to the server'))
            redirect(url(controller='settings'))
        return render('/settings/editserver.html')
示例#23
0
    def edit(self, userid):
        """GET /accounts/edit/id: Form to edit an existing item"""
        user = self._get_user(userid)
        if not user:
            abort(404)

        c.form = EditUserForm(request.POST, user, csrf_context=session)
        c.form.domains.query = Session.query(Domain)
        if c.user.is_domain_admin:
            c.form.domains.query = Session.query(Domain).join(dom_owns,
                                    (oas, dom_owns.c.organization_id ==
                                    oas.c.organization_id))\
                                    .filter(oas.c.user_id == c.user.id)

        if user.account_type != 3 or c.user.is_peleb:
            del c.form.domains
        if c.user.is_peleb:
            del c.form.username
            del c.form.email
            del c.form.active

        if request.POST and c.form.validate():
            update = False
            kwd = dict(userid=userid)
            for attr in FORM_FIELDS:
                field = getattr(c.form, attr)
                if field and field.data != getattr(user, attr):
                    setattr(user, attr, field.data)
                    update = True
            if update:
                try:
                    Session.add(user)
                    Session.commit()
                    update_serial.delay()
                    flash(_('The account has been updated'))
                    kwd['uc'] = 1
                    info = UPDATEACCOUNT_MSG % dict(u=user.username)
                    audit_log(c.user.username,
                            2, unicode(info), request.host,
                            request.remote_addr, now())
                except IntegrityError:
                    Session.rollback()
                    flash_alert(
                    _('The account: %(acc)s could not be updated') %
                    dict(acc=user.username))
                if (user.id == c.user.id and c.form.active and
                    c.form.active.data == False):
                    redirect(url('/logout'))
            else:
                flash_info(_('No changes made to the account'))
            redirect(url(controller='accounts', action='detail',
                    **kwd))
        c.fields = FORM_FIELDS
        c.id = userid
        return render('/accounts/edit.html')
示例#24
0
 def edit(self, domainid):
     "Edit a domain"
     domain = self._get_domain(domainid)
     if not domain:
         abort(404)
     c.form = AddDomainForm(request.POST, domain, csrf_context=session)
     if c.user.is_superadmin:
         c.form.organizations.query_factory = self._get_organizations
     else:
         del c.form.organizations
     c.id = domainid
     if request.POST and c.form.validate():
         updated = False
         kw = {'domainid': domain.id}
         for field in c.form:
             intfields = [
                 'spam_actions', 'highspam_actions', 'delivery_mode',
                 'report_every'
             ]
             if (field.name in intfields
                     and int(field.data) == getattr(domain, field.name)):
                 continue
             if (field.name != 'csrf_token'
                     and field.data != getattr(domain, field.name)):
                 setattr(domain, field.name, field.data)
                 updated = True
         if updated:
             try:
                 Session.add(domain)
                 Session.commit()
                 update_serial.delay()
                 info = UPDATEDOMAIN_MSG % dict(d=domain.name)
                 audit_log(c.user.username, 2, info, request.host,
                           request.remote_addr, now())
                 flash(
                     _('The domain: %(dom)s has been updated') %
                     dict(dom=domain.name))
                 kw['uc'] = 1
             except IntegrityError:
                 Session.rollback()
                 flash(
                     _('The domain %(dom)s could not be updated') %
                     dict(dom=domain.name))
         else:
             flash_info(_('No changes were made to the domain'))
         redirect(url('domain-detail', **kw))
     return render('/domains/edit.html')
示例#25
0
    def editaddress(self, addressid):
        "Edit address"
        address = self._get_address(addressid)
        if not address:
            abort(404)

        c.form = AddressForm(request.POST, address, csrf_context=session)
        if request.POST and c.form.validate():
            try:
                if (address.address != c.form.address.data
                        or address.enabled != c.form.enabled.data):
                    if c.user.is_domain_admin:
                        # check if they own the domain
                        domain = c.form.address.data.split('@')[1]
                        domain = Session.query(Domain).options(
                                    joinedload('organizations')).join(
                                    dom_owns, (oas,
                                    dom_owns.c.organization_id ==
                                    oas.c.organization_id))\
                                    .filter(oas.c.user_id == c.user.id)\
                                    .filter(Domain.name == domain).one()
                    address.address = c.form.address.data
                    address.enabled = c.form.enabled.data
                    Session.add(address)
                    Session.commit()
                    update_serial.delay()
                    info = ADDRUPDATE_MSG % dict(a=address.address,
                                                 ac=address.user.username)
                    audit_log(c.user.username, 2, info, request.host,
                              request.remote_addr, now())
                    flash(_('The alias address has been updated'))
                else:
                    flash_info(_('No changes were made to the address'))
            except IntegrityError:
                flash_alert(
                    _('The address %(addr)s already exists') %
                    dict(addr=c.form.address.data))
            except NoResultFound:
                flash(
                    _('Domain: %(d)s does not belong to you') % dict(d=domain))
            redirect(
                url(controller='accounts',
                    action='detail',
                    userid=address.user_id))
        c.id = addressid
        c.userid = address.user_id
        return render('/accounts/editaddress.html')
示例#26
0
    def editaddress(self, addressid):
        "Edit address"
        address = self._get_address(addressid)
        if not address:
            abort(404)

        c.form = AddressForm(request.POST, address, csrf_context=session)
        if request.POST and c.form.validate():
            try:
                if (address.address != c.form.address.data or
                    address.enabled != c.form.enabled.data):
                    if c.user.is_domain_admin:
                        # check if they own the domain
                        domain = c.form.address.data.split('@')[1]
                        domain = Session.query(Domain).options(
                                    joinedload('organizations')).join(
                                    dom_owns, (oas,
                                    dom_owns.c.organization_id ==
                                    oas.c.organization_id))\
                                    .filter(oas.c.user_id == c.user.id)\
                                    .filter(Domain.name == domain).one()
                    address.address = c.form.address.data
                    address.enabled = c.form.enabled.data
                    Session.add(address)
                    Session.commit()
                    update_serial.delay()
                    info = ADDRUPDATE_MSG % dict(a=address.address,
                                                ac=address.user.username)
                    audit_log(c.user.username,
                            2, unicode(info), request.host,
                            request.remote_addr, now())
                    flash(_('The alias address has been updated'))
                else:
                    flash_info(_('No changes were made to the address'))
            except IntegrityError:
                Session.rollback()
                flash_alert(_('The address %(addr)s already exists') %
                dict(addr=c.form.address.data))
            except NoResultFound:
                flash(_('Domain: %(d)s does not belong to you') %
                    dict(d=domain))
            redirect(url(controller='accounts', action='detail',
            userid=address.user_id))
        c.id = addressid
        c.userid = address.user_id
        return render('/accounts/editaddress.html')
示例#27
0
    def edit(self, userid):
        """GET /accounts/edit/id: Form to edit an existing item"""
        user = self._get_user(userid)
        if not user:
            abort(404)

        c.form = EditUserForm(request.POST, user, csrf_context=session)
        c.form.domains.query = Session.query(Domain)
        if user.account_type != 3 or c.user.is_peleb:
            del c.form.domains
        if c.user.is_peleb:
            del c.form.username
            del c.form.email
            del c.form.active
        if request.POST and c.form.validate():
            update = False
            kwd = dict(userid=userid)
            for attr in FORM_FIELDS:
                field = getattr(c.form, attr)
                if field and field.data != getattr(user, attr):
                    setattr(user, attr, field.data)
                    update = True
            if update:
                try:
                    Session.add(user)
                    Session.commit()
                    update_serial.delay()
                    flash(_('The account has been updated'))
                    kwd['uc'] = 1
                    info = UPDATEACCOUNT_MSG % dict(u=user.username)
                    audit_log(c.user.username, 2, info, request.host,
                              request.remote_addr, now())
                except IntegrityError:
                    Session.rollback()
                    flash_alert(
                        _('The account: %(acc)s could not be updated') %
                        dict(acc=user.username))
                if (user.id == c.user.id and c.form.active
                        and c.form.active.data == False):
                    redirect(url('/logout'))
            else:
                flash_info(_('No changes made to the account'))
            redirect(url(controller='accounts', action='detail', **kwd))
        c.fields = FORM_FIELDS
        c.id = userid
        return render('/accounts/edit.html')
示例#28
0
 def edit_auth(self, authid):
     "Edit auth server"
     server = self._get_authserver(authid)
     if not server:
         abort(404)
     c.form = AddAuthForm(request.POST, server, csrf_context=session)
     #del c.form.protocol
     if request.POST and c.form.validate():
         updated = False
         kw = dict(domainid=server.domain_id)
         for field in c.form:
             if field.name == 'protocol' or field.name == 'csrf_token':
                 continue
             if (field.data != getattr(server, field.name)
                 and field.data != ''):
                 setattr(server, field.name, field.data)
                 updated = True
             if (field.name == 'user_map_template' and
                 field.data != getattr(server, field.name)):
                 setattr(server, field.name, field.data)
                 updated = True
         if updated:
             try:
                 Session.add(server)
                 Session.commit()
                 flash(_('The authentication settings have been updated'))
                 self.invalidate = 1
                 self._get_authserver(authid)
                 info = UPDATEAUTHSVR_MSG % dict(d=server.domains.name,
                                                 ds=server.address)
                 audit_log(c.user.username,
                         2, unicode(info), request.host,
                         request.remote_addr, now())
                 redirect(url('domain-detail', **kw))
             except IntegrityError:
                 Session.rollback()
                 flash_alert(_('The authentication settings update failed'))
         else:
             flash_info(_('No changes were made to the '
                         'authentication settings'))
             redirect(url('domain-detail', **kw))
     c.domainid = server.domains.id
     c.domainname = server.domains.name
     c.authid = authid
     return render('/domains/editauth.html')
示例#29
0
 def edit_auth(self, authid):
     "Edit auth server"
     server = self._get_authserver(authid)
     if not server:
         abort(404)
     c.form = AddAuthForm(request.POST, server, csrf_context=session)
     #del c.form.protocol
     if request.POST and c.form.validate():
         updated = False
         kw = dict(domainid=server.domain_id)
         for field in c.form:
             if field.name == 'protocol' or field.name == 'csrf_token':
                 continue
             if (field.data != getattr(server, field.name)
                     and field.data != ''):
                 setattr(server, field.name, field.data)
                 updated = True
             if (field.name == 'user_map_template'
                     and field.data != getattr(server, field.name)):
                 setattr(server, field.name, field.data)
                 updated = True
         if updated:
             try:
                 Session.add(server)
                 Session.commit()
                 flash(_('The authentication settings have been updated'))
                 self.invalidate = 1
                 self._get_authserver(authid)
                 info = UPDATEAUTHSVR_MSG % dict(d=server.domains.name,
                                                 ds=server.address)
                 audit_log(c.user.username, 2, info, request.host,
                           request.remote_addr, now())
                 redirect(url('domain-detail', **kw))
             except IntegrityError:
                 Session.rollback()
                 flash_alert(_('The authentication settings update failed'))
         else:
             flash_info(
                 _('No changes were made to the '
                   'authentication settings'))
             redirect(url('domain-detail', **kw))
     c.domainid = server.domains.id
     c.domainname = server.domains.name
     c.authid = authid
     return render('/domains/editauth.html')
示例#30
0
 def edit(self, domainid):
     "Edit a domain"
     domain = self._get_domain(domainid)
     if not domain:
         abort(404)
     c.form = EditDomainForm(request.POST, domain, csrf_context=session)
     if c.user.is_superadmin:
         c.form.organizations.query_factory = self._get_organizations
     else:
         del c.form.organizations
     c.id = domainid
     if request.POST and c.form.validate():
         updated = False
         kw = {'domainid': domain.id}
         for field in c.form:
             intfields = ['spam_actions', 'highspam_actions',
                         'delivery_mode', 'report_every']
             if (field.name in intfields and
                 int(field.data) == getattr(domain, field.name)):
                 continue
             if (field.name != 'csrf_token' and
                 field.data != getattr(domain, field.name)):
                 setattr(domain, field.name, field.data)
                 updated = True
         if updated:
             try:
                 Session.add(domain)
                 Session.commit()
                 update_serial.delay()
                 info = UPDATEDOMAIN_MSG % dict(d=domain.name)
                 audit_log(c.user.username,
                         2, unicode(info), request.host,
                         request.remote_addr, now())
                 flash(_('The domain: %(dom)s has been updated') %
                     dict(dom=domain.name))
                 kw['uc'] = 1
             except IntegrityError:
                 Session.rollback()
                 flash(_('The domain %(dom)s could not be updated') %
                     dict(dom=domain.name))
         else:
             flash_info(_('No changes were made to the domain'))
         redirect(url('domain-detail', **kw))
     return render('/domains/edit.html')
示例#31
0
    def new_server(self):
        "Add scan server"
        c.form = ServerForm(request.POST, csrf_context=session)
        if request.POST and c.form.validate():
            try:
                server = Server(hostname=c.form.hostname.data,
                                enabled=c.form.enabled.data)
                Session.add(server)
                Session.commit()
                info = HOSTADD_MSG % dict(n=server.hostname)
                audit_log(c.user.username, 3, info, request.host,
                          request.remote_addr, now())
                flash(_('The scanning server has been added'))
                redirect(url(controller='settings'))
            except IntegrityError:
                Session.rollback()
                flash_info(_('The server already exists'))

        return render('/settings/addserver.html')
示例#32
0
    def delete(self, userid):
        """/accounts/delete/id"""
        user = self._get_user(userid)
        if not user:
            abort(404)

        c.form = EditUserForm(request.POST, user, csrf_context=session)
        del c.form.domains
        if request.method == 'POST':
            if c.form.validate():
                delete_user(user, c.user, request.host, request.remote_addr)
                flash(_('The account has been deleted'))
                redirect(url(controller='accounts', action='index'))
        else:
            flash_info(_('The account: %(a)s and all associated data'
                ' will be deleted, This action is not reversible.') %
                dict(a=user.username))
        c.fields = FORM_FIELDS
        c.id = userid
        return self.render('/accounts/delete.html')
示例#33
0
    def delete(self, userid):
        """/accounts/delete/id"""
        user = self._get_user(userid)
        if not user:
            abort(404)

        c.form = EditUserForm(request.POST, user, csrf_context=session)
        del c.form.domains
        if request.method == 'POST':
            if c.form.validate():
                delete_user(user, c.user, request.host, request.remote_addr)
                flash(_('The account has been deleted'))
                redirect(url(controller='accounts', action='index'))
        else:
            flash_info(
                _('The account: %(a)s and all associated data'
                  ' will be deleted, This action is not reversible.') %
                dict(a=user.username))
        c.fields = FORM_FIELDS
        c.id = userid
        return self.render('/accounts/delete.html')
示例#34
0
文件: settings.py 项目: aureg/baruwa2
    def new_server(self):
        "Add scan server"
        c.form = ServerForm(request.POST, csrf_context=session)
        if request.POST and c.form.validate():
            try:
                server = Server(
                    hostname=c.form.hostname.data,
                    enabled=c.form.enabled.data
                )
                Session.add(server)
                Session.commit()
                info = HOSTADD_MSG % dict(n=server.hostname)
                audit_log(c.user.username,
                        3, info, request.host,
                        request.remote_addr, datetime.now())
                flash(_('The scanning server has been added'))
                redirect(url(controller='settings'))
            except IntegrityError:
                Session.rollback()
                flash_info(_('The server already exists'))

        return render('/settings/addserver.html')
示例#35
0
    def editalias(self, aliasid):
        "Edit alias domain"
        alias = self._get_alias(aliasid)
        if not alias:
            abort(404)

        c.form = EditDomainAlias(request.POST, alias, csrf_context=session)
        c.form.domain.query = Session.query(Domain)\
                            .filter(Domain.id==alias.domain_id)
        if request.POST and c.form.validate():
            updated = False
            for field in c.form:
                if (field.name != 'csrf_token'
                        and field.data != getattr(alias, field.name)):
                    setattr(alias, field.name, field.data)
                    updated = True
            if updated:
                try:
                    Session.add(alias)
                    Session.commit()
                    update_serial.delay()
                    info = UPDATEDOMALIAS_MSG % dict(d=alias.name)
                    audit_log(c.user.username, 2, info, request.host,
                              request.remote_addr, now())
                    flash(
                        _('The domain alias: %s has been updated') %
                        alias.name)
                    redirect(url('domain-detail', domainid=alias.domain_id))
                except IntegrityError:
                    Session.rollback()
                    flash_alert(_('The update failed'))
            else:
                flash_info(_('No changes were made to the domain alias'))
                redirect(url('domain-detail', domainid=alias.domain_id))

        c.aliasid = aliasid
        c.domainid = alias.domain_id
        c.domainname = alias.domain.name
        return render('/domains/editalias.html')
示例#36
0
文件: domains.py 项目: aureg/baruwa2
 def edit(self, domainid):
     "Edit a domain"
     domain = self._get_domain(domainid)
     if not domain:
         abort(404)
     c.form = AddDomainForm(request.POST, domain, csrf_context=session)
     if c.user.is_superadmin:
         c.form.organizations.query_factory = self._get_organizations
     else:
         del c.form.organizations
     c.id = domainid
     if request.POST and c.form.validate():
         updated = False
         kw = {"domainid": domain.id}
         for field in c.form:
             intfields = ["spam_actions", "highspam_actions", "delivery_mode", "report_every"]
             if field.name in intfields and int(field.data) == getattr(domain, field.name):
                 continue
             if field.name != "csrf_token" and field.data != getattr(domain, field.name):
                 setattr(domain, field.name, field.data)
                 updated = True
         if updated:
             try:
                 Session.add(domain)
                 Session.commit()
                 update_serial.delay()
                 info = UPDATEDOMAIN_MSG % dict(d=domain.name)
                 audit_log(c.user.username, 2, info, request.host, request.remote_addr, datetime.now())
                 flash(_("The domain: %(dom)s has been updated") % dict(dom=domain.name))
                 kw["uc"] = 1
             except IntegrityError:
                 Session.rollback()
                 flash(_("The domain %(dom)s could not be updated") % dict(dom=domain.name))
         else:
             flash_info(_("No changes were made to the domain"))
         redirect(url("domain-detail", **kw))
     return render("/domains/edit.html")
示例#37
0
 def editdestination(self, destinationid):
     "Edit destination server"
     server = self._get_server(destinationid)
     if not server:
         abort(404)
     c.form = AddDeliveryServerForm(request.POST,
                                    server,
                                    csrf_context=session)
     if request.POST and c.form.validate():
         updated = False
         kw = dict(domainid=server.domain_id)
         for field in c.form:
             if (field.name != 'csrf_token'
                     and field.data != getattr(server, field.name)):
                 setattr(server, field.name, field.data)
                 updated = True
         if updated:
             try:
                 Session.add(server)
                 Session.commit()
                 flash(_('The destination server has been updated'))
                 info = UPDATEDELSVR_MSG % dict(d=server.domains.name,
                                                ds=server.address)
                 audit_log(c.user.username, 2, info, request.host,
                           request.remote_addr, now())
                 self.invalidate = 1
                 self._get_server(destinationid)
                 redirect(url('domain-detail', **kw))
             except IntegrityError:
                 Session.rollback()
                 flash_alert(_('The update failed'))
         else:
             flash_info(_('No changes were made to the destination server'))
             redirect(url('domain-detail', **kw))
     c.id = destinationid
     c.domainid = server.domain_id
     return render('/domains/editdestination.html')
示例#38
0
    def section(self, serverid=1, sectionid='1'):
        "Settings section"
        server = self._get_server(serverid)
        if not server:
            abort(404)

        if not int(sectionid) in CONFIG_SECTIONS:
            abort(404)

        c.serverid = serverid
        c.sectionid = sectionid
        c.scanner = server
        c.sections = CONFIG_SECTIONS
        c.form = settings_forms[sectionid](request.POST, csrf_context=session)
        if not request.method == 'POST':
            for field in c.form:
                if (sectionid == '1' and '_' in field.name
                    and not field.name == 'csrf_token'):
                    internal = global_settings_dict[field.name]
                else:
                    internal = field.name
                conf = self._get_setting(serverid, internal)
                if conf:
                    attr = getattr(c.form, field.name)
                    attr.data = conf.value

        updated = None
        if request.method == 'POST' and c.form.validate():
            for field in c.form:
                if field.type == 'SelectMultipleField' or \
                        (field.data and not field.name == 'csrf_token'):
                    if sectionid == '1':
                        if '_' in field.name:
                            external = global_settings_dict[field.name]
                            internal = external
                        else:
                            external = CONFIG_RE.sub(u'',
                                        unicode(field.label.text))
                            internal = field.name
                    else:
                        external = CONFIG_RE.sub(u'',
                                    unicode(field.label.text))
                        internal = field.name
                    conf = self._get_setting(serverid, internal)
                    if conf is None:
                        if (field.type == 'SelectMultipleField' and
                            len(field.data) and field.data != field.default)\
                            or (field.type != 'SelectMultipleField' and
                                field.data != field.default):
                            check_field(field)
                            conf = ConfigSettings(
                                        internal=internal,
                                        external=external,
                                        section=sectionid
                                    )
                            conf.value = field.data
                            conf.server = server
                            updated = True
                            Session.add(conf)
                            Session.commit()
                            subs = dict(svr=server.hostname,
                                        s=external,
                                        a=conf.value)
                            info = auditmsgs.HOSTSETTING_MSG % subs
                            audit_log(c.user.username,
                                    3, unicode(info), request.host,
                                    request.remote_addr,
                                    arrow.utcnow().datetime)
                    else:
                        subs = dict(svr=conf.server.hostname,
                                    s=external,
                                    a=conf.value)
                        info = auditmsgs.HOSTSETTING_MSG % subs
                        check_value = get_check_value(field.type, conf.value)
                        if check_value != field.data:
                            # stored value not equal to updated value
                            if (field.type == 'SelectMultipleField' and
                                len(field.data) and
                                field.data != field.default) or \
                                (field.type != 'SelectMultipleField' and
                                field.data != field.default):
                                # not a default, we can update
                                check_field(field)
                                conf.value = field.data
                                updated = True
                                Session.add(conf)
                                Session.commit()
                                audit_log(c.user.username,
                                    2, unicode(info), request.host,
                                    request.remote_addr,
                                    arrow.utcnow().datetime)
                            else:
                                # is the default lets delete the stored value
                                Session.delete(conf)
                                Session.commit()
                                updated = True
                                audit_log(c.user.username,
                                        4, unicode(info), request.host,
                                        request.remote_addr,
                                        arrow.utcnow().datetime)

            if updated:
                flash(_('%(settings)s updated') % dict(
                    settings=CONFIG_SECTIONS[int(sectionid)]))
                create_ms_settings.apply_async(exchange=FANOUT_XCHG)
                update_serial.delay()
            else:
                flash_info(_('No configuration changes made'))
            # redirect(url('settings-scanner', serverid=serverid))
        elif request.method == 'POST' and not c.form.validate():
            msg = _("Error detected, check the settings below")
            flash_alert(msg)
            log.info(msg)
        return self.render('/settings/section.html')
示例#39
0
文件: settings.py 项目: aureg/baruwa2
    def section(self, serverid=1, sectionid='1'):
        "Settings section"
        server = self._get_server(serverid)
        if not server:
            abort(404)

        if not int(sectionid) in CONFIG_SECTIONS:
            abort(404)

        c.serverid = serverid
        c.sectionid = sectionid
        c.scanner = server
        c.sections = CONFIG_SECTIONS
        c.form = settings_forms[sectionid](request.POST, csrf_context=session)
        if not request.POST:
            for field in c.form:
                if (sectionid == '1' and '_' in field.name
                    and not field.name == 'csrf_token'):
                    internal = global_settings_dict[field.name]
                else:
                    internal = field.name
                conf = self._get_setting(serverid, internal)
                if conf:
                    attr = getattr(c.form, field.name)
                    attr.data = conf.value

        updated = None
        if request.POST and c.form.validate():
            for field in c.form:
                if field.data and not field.name == 'csrf_token':
                    if sectionid == '1':
                        if '_' in field.name:
                            external = global_settings_dict[field.name]
                            internal = external
                        else:
                            external = CONFIG_RE.sub('', field.label.text)
                            internal = field.name
                    else:
                        external = CONFIG_RE.sub('', field.label.text)
                        internal = field.name
                    conf = self._get_setting(serverid, internal)
                    if conf is None:
                        if field.data != field.default:
                            conf = ConfigSettings(
                                        internal=internal,
                                        external=external,
                                        section=sectionid
                                    )
                            conf.value = field.data
                            conf.server = server
                            updated = True
                            Session.add(conf)
                            Session.commit()
                            subs = dict(svr=server.hostname,
                                        s=external,
                                        a=conf.value)
                            info = HOSTSETTING_MSG % subs
                            audit_log(c.user.username,
                                    3, info, request.host,
                                    request.remote_addr, datetime.now())
                    else:
                        if conf.value != field.data:
                            conf.value = field.data
                            updated = True
                            Session.add(conf)
                            Session.commit()
                            subs = dict(svr=conf.server.hostname,
                                        s=external,
                                        a=conf.value)
                            info = HOSTSETTING_MSG % subs
                            audit_log(c.user.username,
                                    2, info, request.host,
                                    request.remote_addr, datetime.now())
            if updated:
                flash(_('%(settings)s updated') % dict(
                settings=CONFIG_SECTIONS[int(sectionid)]))
                update_serial.delay()
            else:
                flash_info(_('No configuration changes made'))
            #redirect(url('settings-scanner', serverid=serverid))
        return render('/settings/section.html')
示例#40
0
    def section(self, serverid=1, sectionid='1'):
        "Settings section"
        server = self._get_server(serverid)
        if not server:
            abort(404)

        if not int(sectionid) in CONFIG_SECTIONS:
            abort(404)

        c.serverid = serverid
        c.sectionid = sectionid
        c.scanner = server
        c.sections = CONFIG_SECTIONS
        c.form = settings_forms[sectionid](request.POST, csrf_context=session)
        if not request.POST:
            for field in c.form:
                if (sectionid == '1' and '_' in field.name
                        and not field.name == 'csrf_token'):
                    internal = global_settings_dict[field.name]
                else:
                    internal = field.name
                conf = self._get_setting(serverid, internal)
                if conf:
                    attr = getattr(c.form, field.name)
                    attr.data = conf.value

        updated = None
        if request.POST and c.form.validate():
            for field in c.form:
                if field.data and not field.name == 'csrf_token':
                    if sectionid == '1':
                        if '_' in field.name:
                            external = global_settings_dict[field.name]
                            internal = external
                        else:
                            external = CONFIG_RE.sub(u'',
                                                     unicode(field.label.text))
                            internal = field.name
                    else:
                        external = CONFIG_RE.sub(u'',
                                                 unicode(field.label.text))
                        internal = field.name
                    conf = self._get_setting(serverid, internal)
                    if conf is None:
                        if field.data != field.default:
                            conf = ConfigSettings(internal=internal,
                                                  external=external,
                                                  section=sectionid)
                            conf.value = field.data
                            conf.server = server
                            updated = True
                            Session.add(conf)
                            Session.commit()
                            subs = dict(svr=server.hostname,
                                        s=external,
                                        a=conf.value)
                            info = HOSTSETTING_MSG % subs
                            audit_log(c.user.username, 3, info, request.host,
                                      request.remote_addr, now())
                    else:
                        if conf.value != field.data:
                            conf.value = field.data
                            updated = True
                            Session.add(conf)
                            Session.commit()
                            subs = dict(svr=conf.server.hostname,
                                        s=external,
                                        a=conf.value)
                            info = HOSTSETTING_MSG % subs
                            audit_log(c.user.username, 2, info, request.host,
                                      request.remote_addr, now())
            if updated:
                flash(
                    _('%(settings)s updated') %
                    dict(settings=CONFIG_SECTIONS[int(sectionid)]))
                update_serial.delay()
            else:
                flash_info(_('No configuration changes made'))
            #redirect(url('settings-scanner', serverid=serverid))
        return render('/settings/section.html')