示例#1
0
文件: login.py 项目: ondratu/morias
def login_mod(req):
    check_login(req)

    login = Login(req.login.id)
    token = do_create_token(req, "/login")

    state = None
    if req.method == "POST":
        check_token(req, req.form.get("token"))
        login.bind(req.form, req.cfg.login_rounds)
        email = login.email if login.email != req.login.email else None
        state = login.pref(req, email=email)

        if 0 < state < 64:
            return generate_page(req, "login/login_mod.html", token=token, item=login, error=state)

        state = 0 if state is None else state
        if email:
            host = "%s (%s)" % (req.remote_host, req.remote_addr)
            send_verify_email(req, login, req.login.email, host=host, browser=req.user_agent)
            state |= REQUEST_FOR_EMAIL
    else:
        email = None
    # endif

    login.get(req)
    req.login = login
    return generate_page(req, "login/login_mod.html", token=token, item=login, state=state, email=email)
示例#2
0
文件: login.py 项目: ondratu/morias
def verify(req, servis_hash):
    login = Login()
    status = login.verify(req, servis_hash)
    if status is True:
        do_login(req, login.simple())
        redirect(req, "/")
    elif status == OK:
        return generate_page(req, "/login/email_verificated.html")
    else:
        return generate_page(req, "/login/email_verificated.html", error=status, item=login)
示例#3
0
文件: new.py 项目: ondratu/morias
def news_locale_detail(req, locale, id):
    new = New(id)

    if not new.get(req):
        raise SERVER_RETURN(state.HTTP_NOT_FOUND)

    return generate_page(req, "news_detail.html", new=new, locale=locale)
示例#4
0
文件: login.py 项目: ondratu/morias
def login(req):
    referer = req.args.getfirst("referer", "", str)

    data = Object(referer=referer, email="")

    if req.method == "POST":
        login = Login()
        login.bind(req.form, req.cfg.login_rounds)

        ip = "ip" in req.form
        if login.find(req):
            do_login(req, login.simple(), ip)
            if referer:
                redirect(req, referer)
            if "admin" in login.rights or "super" in login.rights:
                redirect(req, "/admin")
            redirect(req, "/")

        data.ip = ip
        data.email = login.email
        data.error = BAD_LOGIN

    return generate_page(
        req, "login.html", data=data, sign_up=req.cfg.login_sign_up, password_link=req.cfg.login_forget_password_link
    )
示例#5
0
文件: new.py 项目: ondratu/morias
def admin_news(req):
    check_login(req)
    match_right(req, module_rights)

    show = req.args.getfirst("show", "", uni)

    pager = Pager(sort="desc")
    pager.bind(req.args)

    kwargs = {}

    if show == "ready":
        pager.set_params(show=show)
        kwargs["state"] = 2
        kwargs["public_date"] = 0
    elif show == "drafts":
        pager.set_params(show=show)
        kwargs["state"] = 1
    else:
        show = None

    if not do_check_right(req, "news_editor"):
        kwargs["author_id"] = req.login.id

    rows = New.list(req, pager, **kwargs)
    return generate_page(req, "admin/news.html", pager=pager, rows=rows, show=show)
示例#6
0
def admin_store(req):
    check_login(req)
    check_right(req, module_right)

    pager = Pager(sort='desc')
    pager.bind(req.args)

    show = req.args.getfirst('show', '', uni)
    if show == 'visible':
        kwargs = {'state': STATE_VISIBLE}
        pager.set_params(show=show)
    elif show == 'hidden':
        kwargs = {'state': STATE_HIDDEN}
        pager.set_params(show=show)
    elif show == 'disabled':
        kwargs = {'state': STATE_DISABLED}
        pager.set_params(show=show)
    else:
        kwargs = {}

    items = Item.list(req, pager, **kwargs)

    return generate_page(req, "admin/eshop/store.html",
                         token=create_token(req),
                         pager=pager, items=items, show=show)
示例#7
0
def user_orders(req):
    if not req.login:
        return generate_page(req, "/eshop/orders_for_logined.html")

    check_login(req)
    state = req.args.getfirst('state', -1, int)

    kwargs = {'client_id': req.login.id}
    if state >= 0:
        kwargs['state'] = state

    pager = Pager(sort='desc')
    items = Order.list(req, pager, **kwargs)

    return generate_page(req, "/eshop/orders.html", pager=pager, items=items,
                         state=state)
示例#8
0
文件: login.py 项目: ondratu/morias
def sign_up(req):
    if req.method == "POST":
        robot = True if req.form.getfirst("robot", "", str) else False
        qid = int(req.form.getfirst("qid", "0", str), 16)
        question, answer = robot_questions[qid]
        check = req.form.getfirst("answer", "", str) == answer

        login = Login()
        login.bind(req.form, req.cfg.login_rounds)

        if robot or not check:
            return generate_page(
                req,
                "/login/login_mod.html",
                item=login,
                question=question,
                answer=answer,
                check=check,
                qid=hex(qid),
                form=req.form,
            )

        error = login.add(req, True)
        if error:
            return generate_page(
                req,
                "/login/login_mod.html",
                item=login,
                error=error,
                question=question,
                answer=answer,
                check=check,
                qid=hex(qid),
                form=req.form,
                password_link=req.cfg.login_forget_password_link,
            )

        send_login_created(req, login)
        return generate_page(req, "/login/waiting_for_verification.html", item=login)
    # endif

    qid = randint(0, len(robot_questions) - 1)
    question, answer = robot_questions[qid]
    return generate_page(
        req, "/login/login_mod.html", item=Object(), question=question, answer=answer, qid=hex(qid), form=Object()
    )
示例#9
0
文件: new.py 项目: ondratu/morias
def news_list(req, locale=None):
    locale = locale if locale else get_lang(req)

    pager = Pager(limit=5, sort="desc", order="create_date")
    pager.bind(req.args)

    rows = New.list(req, pager, body=True, public=1, locale=(locale, ""))
    return generate_page(req, "news_list.html", pager=pager, rows=rows, lang=locale)
示例#10
0
文件: new.py 项目: ondratu/morias
def admin_news_add(req):
    check_login(req)
    match_right(req, module_rights)

    new = New()
    if req.method == "POST":
        new.bind(req.form, req.login.id)
        error = new.add(req)

        if error:
            return generate_page(req, "admin/news_mod.html", new=new, error=error)

        redirect(req, "/admin/news/%d" % new.id)
    # end

    new.state = 2 if do_check_right(req, "news_editor") else 1
    return generate_page(req, "admin/news_mod.html", new=new)
示例#11
0
def admin_item_mod(req, id):
    check_login(req)
    check_right(req, module_right)

    item = Item(id)
    if req.method == 'POST':
        check_token(req, req.form.get('token'))
        item.bind(req.form)
        error = item.mod(req)
        if error != item:
            return generate_page(req, "admin/eshop/item_mod.html",
                                 item=item, error=error)

    if not item.get(req):    # still fresh data
        raise SERVER_RETURN(state.HTTP_NOT_FOUND)

    return generate_page(req, "admin/eshop/item_mod.html",
                         token=create_token(req), item=item)
示例#12
0
def eshop_orders_eshop(req):
    do_check_mgc(req)
    pager = Pager()
    pager.bind(req.args)

    items = Item.list(req, pager, state=STATE_VISIBLE)
    return generate_page(req, "eshop/eshop.html",
                         token=create_token(req),
                         cfg_currency=req.cfg.eshop_currency,
                         pager=pager, items=items)
示例#13
0
def eshop_orders_detail(req, id):
    do_check_mgc(req)
    item = Item(id)
    if not item.get(req):
        raise SERVER_RETURN(state.HTTP_NOT_FOUND)
    item.attachments = Attachment.list(req, Pager(),
                                       object_type='eshop_item', object_id=id)
    return generate_page(req, "eshop/item_detail.html",
                         token=create_token(req),
                         item=item, cfg_currency=req.cfg.eshop_currency)
示例#14
0
def admin_item_add(req):
    check_login(req)
    check_right(req, module_right)

    item = Item()
    if req.method == 'POST':
        check_token(req, req.form.get('token'), uri='/admin/eshop/store/add')
        item.bind(req.form)
        error = item.add(req)

        if error != item:
            return generate_page(req, "admin/eshop/item_mod.html",
                                 item=item, error=error)

        redirect(req, '/admin/eshop/store/%d' % item.id)
    # endif

    return generate_page(req, "admin/eshop/item_mod.html",
                         token=create_token(req), item=item)
示例#15
0
文件: new.py 项目: ondratu/morias
def admin_news_mod(req, id):
    check_login(req)
    match_right(req, module_rights)

    new = New(id)
    if not new.get(req):
        raise SERVER_RETURN(state.HTTP_NOT_FOUND)
    if not do_check_right(req, "news_editor") and new.author_id != req.login.id:
        raise SERVER_RETURN(state.HTTP_FORBIDDEN)

    if req.method == "POST":
        new.bind(req.form)
        error = new.mod(req)
        if error != new:
            return generate_page(req, "admin/news_mod.html", new=new, error=error)

        if not new.get(req):
            raise SERVER_RETURN(state.HTTP_NOT_FOUND)

    return generate_page(req, "admin/news_mod.html", new=new)
示例#16
0
文件: login.py 项目: ondratu/morias
def admin_logins(req):
    check_login(req)
    check_right(req, R_ADMIN)

    error = req.args.getfirst("error", 0, int)

    pager = Pager(sort="asc", order="email")
    pager.bind(req.args)

    rows = Login.list(req, pager)
    return generate_page(
        req, "admin/logins.html", token=do_create_token(req, "/admin/logins"), pager=pager, rows=rows, error=error
    )
示例#17
0
文件: login.py 项目: ondratu/morias
def forgotten_password(req):
    if req.method == "POST":
        robot = True if req.form.getfirst("robot", "", str) else False
        qid = int(req.form.getfirst("qid", "0", str), 16)
        question, answer = robot_questions[qid]
        check = req.form.getfirst("answer", "", str) == answer

        login = Login()
        login.email = req.form.getfirst("email", "", str).strip()

        if robot or not check or not login.check_email():
            return generate_page(
                req,
                "/login/forgotten_password.html",
                ttl=req.cfg.login_ttl_of_password_link,
                form=req.form,
                question=question,
                answer=answer,
                check=check,
                qid=hex(qid),
            )

        login.log_in_link(req)
        host = "%s (%s)" % (req.remote_host, req.remote_addr)
        send_log_in_link(req, login, host=host, browser=req.user_agent)
        return generate_page(req, "/login/verify_link_send.html", item=login)

    qid = randint(0, len(robot_questions) - 1)
    question, answer = robot_questions[qid]
    return generate_page(
        req,
        "/login/forgotten_password.html",
        ttl=req.cfg.login_ttl_of_password_link,
        form=Object(),
        question=question,
        answer=answer,
        qid=hex(qid),
    )
示例#18
0
文件: login.py 项目: ondratu/morias
def admin_logins_add(req):
    check_login(req)
    check_right(req, R_ADMIN)
    token = do_create_token(req, "/admin/logins/add")

    if req.method == "POST":
        check_token(req, req.form.get("token"))
        login = Login()
        login.bind(req.form, req.cfg.login_rounds)
        if not req.cfg.login_created_verify_link:
            login.enabled = 1
        login.rights = ["user"]
        error = login.add(req)

        if error:
            return generate_page(req, "admin/logins_mod.html", token=token, rights=rights, item=login, error=error)

        if req.cfg.login_created_verify_link:
            send_login_created(req, login)
        redirect(req, "/admin/logins/%d" % login.id)
    # endif

    return generate_page(req, "admin/logins_mod.html", token=token, rights=rights)
示例#19
0
文件: login.py 项目: ondratu/morias
def admin_logins_mod(req, id):
    check_login(req)
    check_right(req, R_ADMIN)
    token = do_create_token(req, "/admin/logins/%d" % id)

    login = Login(id)
    if req.login.id == login.id:  # not good idea to remove
        raise SERVER_RETURN(state.HTTP_FORBIDDEN)  # rights himself

    done = None
    if req.method == "POST":
        check_token(req, req.form.get("token"))
        login.bind(req.form, req.cfg.login_rounds)
        done = login.mod(req)

        if 0 < done < 64:
            return generate_page(req, "admin/logins_mod.html", token=token, rights=rights, item=login, error=done)
        # endif
    # endif

    if not login.get(req):
        raise SERVER_RETURN(state.HTTP_NOT_FOUND)
    return generate_page(req, "admin/logins_mod.html", token=token, rights=rights, item=login, state=done)
示例#20
0
def user_addresses(req):
    check_login(req)

    if req.method == 'GET':
        return generate_page(req, "user/addresses.html",
                             cfg_region=req.cfg.addresses_region,
                             cfg_country=req.cfg.addresses_country)

    # req.method == 'PUT'       # ajax put
    addresses = Addresses.bind(req.json)
    addresses.mod(req, req.login.id)

    req.login.get(req)
    req.content_type = 'application/json'
    return json.dumps(req.login.data.get('addresses', {}))
示例#21
0
文件: user.py 项目: ondratu/morias
def root(req):
    check_login(req)

    no_section = Menu("")
    no_section.items = list(item for item in user_sections if isitem(item))

    x_menu = Menu(user_sections.label)
    x_menu.append(no_section)
    x_menu.items += [item for item in user_sections if ismenu(item)]

    x_menu = correct_menu(req, x_menu)

    # if there is only one link, redirect to it
    if len(x_menu) == 1 and len(x_menu[0]) == 1:
        redirect(req, x_menu[0][0].uri)

    return generate_page(req, "user/user.html", user_sections=x_menu)
示例#22
0
文件: admin.py 项目: ondratu/morias
def root(req):
    check_login(req)
    check_right(req, 'admin')

    no_section = Menu('')
    no_section.items = list(item for item in admin_sections if isitem(item))

    x_menu = Menu(admin_sections.label)
    x_menu.append(no_section)
    x_menu.items += [item for item in admin_sections if ismenu(item)]

    x_menu = correct_menu(req, x_menu)

    # if there is only one link, redirect to it
    if len(x_menu) == 1 and len(x_menu[0]) == 1:
        redirect(req, x_menu[0][0].uri)
    return generate_page(req, "admin/admin.html", admin_sections=x_menu)
示例#23
0
def admin_orders_mod(req, id):
    check_login(req)
    check_right(req, module_right)

    order = Order(id)
    if order.get(req) is None:
        raise SERVER_RETURN(state.HTTP_NOT_FOUND)

    cfg = Object()
    cfg.addresses_country = req.cfg.addresses_country
    cfg.addresses_region = req.cfg.addresses_region
    cfg.eshop_currency = req.cfg.eshop_currency

    order.calculate()
    return generate_page(req, "admin/eshop/orders_mod.html",
                         token=create_token(req),
                         order=order, cfg=cfg)
示例#24
0
def admin_codebook_view(req, codebook):
    check_login(req)
    check_right(req, module_right)

    Codebook = build_class(codebook)
    search = req.args.getfirst('search', fce=nuni)

    pager = Pager(order='value')
    pager.bind(req.args)

    if search:
        pager.set_params(search=search)

    items = Codebook.list(req, Codebook, pager, search=search)

    return generate_page(req, "admin/codebook.html",
                         token=create_token(req), codebook=codebook,
                         pager=pager, items=items, search=search)
示例#25
0
def admin_orders(req):
    check_login(req)
    check_right(req, module_right)

    state = req.args.getfirst('state', -1, int)
    client = req.args.getfirst('client', '', uni)

    kwargs = {}
    if state >= 0:
        kwargs['state'] = state
    if client:
        kwargs['client'] = client

    pager = Pager(sort='desc')
    items = Order.list(req, pager, **kwargs)

    return generate_page(req, "admin/eshop/orders.html", pager=pager,
                         items=items, state=state, client=client)
示例#26
0
def eshop_cart_address(req, cart=None, error=None):
    do_check_mgc(req)
    cart = cart or ShoppingCart(req)

    # get method returns HTML Form
    cfg = Object()
    cfg.addresses_country = req.cfg.addresses_country
    cfg.addresses_region = req.cfg.addresses_region
    cfg.eshop_currency = req.cfg.eshop_currency
    # all defined transportation (for universal use):
    for key, val in req.cfg.__dict__.items():
        if key.startswith('eshop_transportation_'):
            cfg.__dict__[key[6:]] = val
        elif key.startswith('eshop_payment_'):
            cfg.__dict__[key[6:]] = val

    # GET method only view shopping cart - no store was needed
    return generate_page(req, "eshop/shopping_address.html",
                         token=create_token(req),
                         cfg=cfg, cart=cart, error=error)
示例#27
0
def eshop_cart_pay_and_order(req):
    do_check_mgc(req)
    check_token(req, req.form.get('token'), uri='/eshop/cart/recapitulation')
    cart = ShoppingCart(req)
    # TODO: payment page if could be (paypal, card, transfer)
    order = Order.from_cart(cart)
    if not order:
        redirect(req, '/eshop')
    order.client_id = req.login.id if req.login else None
    retval = order.add(req)
    if retval == order:
        cart.clean(req)
        send_order_status(req, order)
        return generate_page(req, "eshop/shopping_accept.html",
                             order=order)
    if retval[0] == EMPTY_ITEMS:
        redirect(req, '/eshop')
    if retval[0] == NOT_ENOUGH_ITEMS:
        cart.set_not_enought(retval[1])
        cart.store(req)
        redirect(req, '/eshop/cart')
示例#28
0
def eshop_cart(req):
    do_check_mgc(req)
    cart = ShoppingCart(req)

    if req.method == 'PATCH':
        check_token(req, req.json.get('token'), uri='/eshop/cart')
        cart.merge_items(req.json.get('items', []))
        req.content_type = 'application/json'
        cart.store(req)     # store shopping cart
        cart.calculate()
        return json.dumps({'cart': cart.dict()})

    cart.calculate()
    if req.is_xhr:
        check_origin(req)
        req.content_type = 'application/json'
        return json.dumps({'cart': cart.dict()})

    # GET method only view shopping cart - no store was needed
    return generate_page(req, "eshop/shopping_cart.html",
                         token=create_token(req),
                         cfg_currency=req.cfg.eshop_currency, cart=cart)
示例#29
0
def admin_login_addresses(req, id):
    check_login(req)
    check_right(req, module_right)

    login = Login(id)

    if req.method == 'GET':
        if not login.get(req):
            raise SERVER_RETURN(state.HTTP_NOT_FOUND)

        return generate_page(req, "admin/logins_addresses.html",
                             item=login,
                             cfg_region=req.cfg.addresses_region,
                             cfg_country=req.cfg.addresses_country)

    # req.method == 'PUT'       # ajax put
    addresses = Addresses.bind(req.json)
    if not addresses.mod(req, id) is None:
        raise SERVER_RETURN(state.HTTP_NOT_FOUND)

    login.get(req)
    req.content_type = 'application/json'
    return json.dumps(login.data.get('addresses', {}))
示例#30
0
def user_orders_detail(req, id):
    sha = req.args.getfirst('sha', '', str)
    if not sha and not req.login:
        raise SERVER_RETURN(state.HTTP_FORBIDDEN)

    order = Order(id)
    if order.get(req) is None:
        raise SERVER_RETURN(state.HTTP_NOT_FOUND)
    order.sha = sha1(str(order.create_date)).hexdigest()

    if (sha and sha != order.sha):
        raise SERVER_RETURN(state.HTTP_FORBIDDEN)
    # if sha is set, you can see to order
    if (not sha and req.login and order.client_id != req.login.id):
        raise SERVER_RETURN(state.HTTP_FORBIDDEN)

    cfg = Object()
    cfg.addresses_country = req.cfg.addresses_country
    cfg.addresses_region = req.cfg.addresses_region
    cfg.eshop_currency = req.cfg.eshop_currency

    order.calculate()
    return generate_page(req, "eshop/orders_detail.html",
                         order=order, sha=sha, cfg=cfg)