示例#1
0
 def _to_python(self, value, person):
     "Check whether the value is unique"
     # If the person is new or the value changed,
     if not person or getattr(person, self.fieldName) != value:
         # Make sure the value is unique
         if Session.query(model.Person).filter(getattr(model.Person, self.fieldName) == value).first():
             # Raise
             raise formencode.Invalid(self.errorMessage, value, person)
     # Return
     return value
示例#2
0
 def _to_python(self, value, job):
     'Check whether the value is unique'
     # If the job is new or the value changed,
     if not job or getattr(job, self.fieldName) != value:
         # Make sure the value is unique
         if Session.query(model.Job).filter(getattr(model.Job, self.fieldName)==value).first():
             # Raise
             raise formencode.Invalid(self.errorMessage, value, job)
     # Return
     return value
示例#3
0
 def update_(self):
     "Send update confirmation email"
     # Load
     personID = h.getPersonID()
     # If the person is not logged in,
     if not personID:
         return dict(isOk=0)
     # Prepare
     person = Session.query(model.Person).get(personID)
     # Return
     return changePerson(dict(request.POST), "update", "/people/confirm.mako", person)
示例#4
0
 def login_(self):
     "Process login credentials"
     # Check username
     username = str(request.POST.get("username", ""))
     person = Session.query(model.Person).filter_by(username=username).first()
     # If the username does not exist,
     if not person:
         return dict(isOk=0)
     # Check password
     password_hash = model.hashString(str(request.POST.get("password", "")))
     # If the password is incorrect,
     if password_hash != StringIO.StringIO(person.password_hash).read():
         # Increase and return rejection_count without a requery
         rejection_count = person.rejection_count = person.rejection_count + 1
         Session.commit()
         return dict(isOk=0, rejection_count=rejection_count)
     # If there have been too many rejections,
     if person.rejection_count >= parameter.REJECTION_LIMIT:
         # Expect recaptcha response
         recaptchaChallenge = request.POST.get("recaptcha_challenge_field", "")
         recaptchaResponse = request.POST.get("recaptcha_response_field", "")
         recaptchaPrivateKey = config.get("recaptcha.private", "")
         # Validate
         result = captcha.submit(recaptchaChallenge, recaptchaResponse, recaptchaPrivateKey, h.getRemoteIP())
         # If the response is not valid,
         if not result.is_valid:
             return dict(isOk=0, rejection_count=person.rejection_count)
     # Get minutesOffset from UTC
     minutesOffset = h.getMinutesOffset()
     # Save session
     session["minutesOffset"] = minutesOffset
     session["personID"] = person.id
     session["nickname"] = person.nickname
     session["is_super"] = person.is_super
     session.save()
     # Save person
     person.minutes_offset = minutesOffset
     person.rejection_count = 0
     Session.commit()
     # Return
     return dict(isOk=1)
示例#5
0
def confirmPersonCandidate(ticket):
    "Move changes from the PersonCandidate table into the Person table"
    # Query
    candidate = (
        Session.query(model.PersonCandidate)
        .filter(model.PersonCandidate.ticket == ticket)
        .filter(model.PersonCandidate.when_expired >= datetime.datetime.utcnow())
        .first()
    )
    # If the ticket exists,
    if candidate:
        # If the person exists,
        if candidate.person_id:
            # Update person
            person = Session.query(model.Person).get(candidate.person_id)
            person.username = candidate.username
            person.password_hash = candidate.password_hash
            person.nickname = candidate.nickname
            person.email = candidate.email
            person.email_sms = candidate.email_sms
            # Reset rejection_count
            person.rejection_count = 0
        # If the person does not exist,
        else:
            # Add person
            Session.add(
                model.Person(
                    candidate.username,
                    candidate.password_hash,
                    candidate.nickname,
                    candidate.email,
                    candidate.email_sms,
                )
            )
        # Delete ticket
        Session.delete(candidate)
        # Commit
        Session.commit()
    # Return
    return candidate
示例#6
0
 def update(self):
     "Show account update page"
     # Load
     personID = h.getPersonID()
     # If the person is not logged in,
     if not personID:
         # Return
         return redirect(url("person_login", targetURL=h.encodeURL("/")))
     # Render
     c.isNew = False
     person = Session.query(model.Person).get(personID)
     # Return
     return formencode.htmlfill.render(
         render("/people/change.mako"),
         {
             "username": person.username,
             "nickname": person.nickname,
             "email": person.email,
             "email_sms": person.email_sms,
         },
     )
示例#7
0
 def reset(self):
     "Reset password"
     # Get email
     email = request.POST.get("email")
     # Try to load the person
     person = Session.query(model.Person).filter(model.Person.email == email).first()
     # If the email is not in our database,
     if not person:
         return dict(isOk=0)
     # Reset account
     c.password = store.makeRandomAlphaNumericString(parameter.PASSWORD_LENGTH_AVERAGE)
     return changePerson(
         dict(
             username=person.username,
             password=c.password,
             nickname=person.nickname,
             email=person.email,
             email_sms=person.email_sms,
         ),
         "reset",
         "/people/confirm.mako",
         person,
     )
示例#8
0
 def show(self, jobID):
     'Show specific job'
     c.job = Session.query(model.Job).options(orm.eagerload(model.Job.owner)).get(jobID)
     c.jobID = jobID
     return render('/jobs/show.mako')
示例#9
0
 def index(self):
     'Show information about jobs registered in the database'
     c.jobs = Session.query(model.Job).options(orm.eagerload(model.Job.owner)).order_by(model.Job.when_updated.desc()).all()
     return render('/jobs/index.mako')
示例#10
0
        return render('/jobs/show.mako')


# Helpers

def changeJob(valueByName, ownerID, job=None):
    'Validate values and send confirmation email if values are okay'
    try:
        # Validate form
        form = JobForm().to_python(valueByName, job)
    except formencode.Invalid, error:
        return dict(isOk=0, errorByID=error.unpack_errors())
    # If the job does not exist, add it
    if not job:
        job = model.Job()
        Session.add(job)
    # Set fields
    job.title = form['title'].strip()
    job.budget = form['budget']
    job.description = form['description'].strip()
    job.when_updated = datetime.datetime.utcnow()
    job.owner_id = ownerID
    # Commit
    Session.commit()
    # Return
    return dict(isOk=1, jobID=job.id)


# Validators

class Unique(formencode.validators.FancyValidator):
示例#11
0
def purgeExpiredPersonCandidates():
    "Delete candidates that have expired"
    Session.execute(
        model.person_candidates_table.delete().where(model.PersonCandidate.when_expired < datetime.datetime.utcnow())
    )
示例#12
0
 def index(self):
     "Show information about people registered in the database"
     c.people = Session.query(model.Person).all()
     return render("/people/index.mako")
示例#13
0
def changePerson(valueByName, action, templatePath, person=None):
    "Validate values and send confirmation email if values are okay"
    try:
        # Validate form
        form = PersonForm().to_python(valueByName, person)
    except formencode.Invalid, error:
        return dict(isOk=0, errorByID=error.unpack_errors())
    else:
        # Purge expired candidates
        purgeExpiredPersonCandidates()
        # Prepare candidate
        candidate = model.PersonCandidate(
            form["username"], model.hashString(form["password"]), form["nickname"], form["email"], form["email_sms"]
        )
        candidate.person_id = person.id if person else None
        candidate.ticket = store.makeRandomUniqueTicket(parameter.TICKET_LENGTH, Session.query(model.PersonCandidate))
        candidate.when_expired = datetime.datetime.utcnow() + datetime.timedelta(days=parameter.TICKET_LIFESPAN_IN_DAYS)
        Session.add(candidate)
        Session.commit()
        # Prepare recipient
        toByValue = dict(nickname=form["nickname"], email=form["email"])
        # Prepare subject
        subject = "[%s] Confirm %s" % (parameter.SITE_NAME, action)
        # Prepare body
        c.candidate = candidate
        c.username = form["username"]
        c.action = action
        body = render(templatePath)
        # Send
        try:
            smtp.sendMessage(