def _PUT(self, *param, **params):
user_id = param[0]
if not validates_param_id(self, user_id):
self.logger.debug("Failed to update account. the value of parameter is invalid.")
return web.notfound(self.view.alert)
if not validates_user(self):
self.logger.debug("Failed to update account. the value of input is invalid.")
return web.badrequest(self.view.alert)
user = findby1(self.orm, user_id)
if not user:
self.logger.debug("Failed to update account. No such account - id=%s" % user_id)
return web.notfound()
cmp_user = findby1email(self.orm, self.input.email)
if not cmp_user is None:
if int(user_id) != cmp_user.id:
self.logger.debug("Failed to update account. The same mail address '%s' already exist - user='******'" % (self.input.email, cmp_user.nickname))
return web.conflict(web.ctx.path)
user.nickname = self.input.nickname
user.email = self.input.email
user.languages = self.input.languages
if not is_empty(self.input.new_password):
if compare_password(self, user) == False:
return web.badrequest(self.view.alert)
(password, salt) = sha1encrypt(self.input.new_password)
user.password = password
user.salt = salt
update(self.orm, user)
return web.seeother(web.ctx.path)
def wrapper(self, *args, **kwargs):
if web.ctx.path[0:6] == '/data/':
languages = unicode(karesansui.config['application.default.locale'])
if web.ctx.env.has_key('HTTP_AUTHORIZATION'):
_http_auth = web.ctx.env['HTTP_AUTHORIZATION'].strip()
if _http_auth[:5] == 'Basic':
email, password = b64decode(_http_auth[6:].strip()).split(':')
session = web.ctx.orm
user = findby1email(session, email)
languages = user.languages
self._ = mako_translation(languages=[ unicode(languages), ])
return func(self, *args, **kwargs)
if karesansui_database_exists() is False:
return web.tempredirect(web.ctx.path + "init", absolute=False)
if web.ctx.env.has_key('HTTP_AUTHORIZATION'):
(user, email) = login()
if user:
self.me = user
# Logout
fname = '%s%s' % (LOGOUT_FILE_PREFIX, self.me.email,)
if os.access(fname, os.F_OK):
os.unlink(fname)
return web.unauthorized()
# Login: Success
if user.languages in self.languages:
x = self.languages.index(user.languages)
self.languages.pop(x)
self.languages.insert(0, user.languages)
self.logger.info('user_id=%s,lang=%s : Method=%s - Basic Authentication=Success' %
(self.me.id, ','.join(self.languages), self.__method__))
# __init__#self._ update!!
self._ = mako_translation(languages=self.languages)
return func(self, *args, **kwargs)
else:
# Login: Failure
self.logger.info('user=%s : Method=%s - Basic Authentication=Failure' %
(email, self.__method__))
return web.unauthorized()
else:
# Login: Anonymous
self.logger.info('user=anonymous : Method=%s - Basic Authentication=Anonymous' %
(self.__method__))
return web.unauthorized()
def _POST(self, *param, **params):
if not validates_user(self):
self.logger.debug("Failed to create account. the values of input are invalid.")
return web.badrequest(self.view.alert)
user = findby1email(self.orm, self.input.email)
if user:
self.logger.debug("Failed to create account. The same mail address '%s' already exist - user='******'" % (self.input.email, user.nickname))
return web.conflict(web.ctx.path)
(password, salt) = sha1encrypt(self.input.new_password)
new_user = new(self.input.email,
password,
salt,
self.input.nickname,
self.input.languages
)
save(self.orm, new_user)
return web.created(None)
def _POST(self, *param, **params):
if not validates_user(self):
self.logger.debug("Failed to create account. the values of input are invalid.")
return web.badrequest(self.view.alert)
user = findby1email(self.orm, self.input.email)
if user:
self.logger.debug("Failed to create account. The same mail address '%s' already exist - user='******'" % (self.input.email, user.nickname))
return web.conflict(web.ctx.path)
(password, salt) = sha1encrypt(self.input.new_password)
new_user = new(self.input.email,
password,
salt,
self.input.nickname,
self.input.languages
)
save(self.orm, new_user)
return web.created(None)
def _PUT(self, *param, **params):
user_id = param[0]
if not validates_param_id(self, user_id):
self.logger.debug(
"Failed to update account. the value of parameter is invalid.")
return web.notfound(self.view.alert)
if not validates_user(self):
self.logger.debug(
"Failed to update account. the value of input is invalid.")
return web.badrequest(self.view.alert)
user = findby1(self.orm, user_id)
if not user:
self.logger.debug(
"Failed to update account. No such account - id=%s" % user_id)
return web.notfound()
cmp_user = findby1email(self.orm, self.input.email)
if not cmp_user is None:
if int(user_id) != cmp_user.id:
self.logger.debug(
"Failed to update account. The same mail address '%s' already exist - user='******'"
% (self.input.email, cmp_user.nickname))
return web.conflict(web.ctx.path)
user.nickname = self.input.nickname
user.email = self.input.email
user.languages = self.input.languages
if not is_empty(self.input.new_password):
if compare_password(self, user) == False:
return web.badrequest(self.view.alert)
(password, salt) = sha1encrypt(self.input.new_password)
user.password = password
user.salt = salt
update(self.orm, user)
return web.seeother(web.ctx.path)
def _PUT(self, *param, **params):
if not validates_me(self):
return web.badrequest(self.view.alert)
if self.me.id != int(self.input.id):
self.logger.info("Update account is failed, "
"posted ID parameter is different from me ID "
"- posted ID %s, me ID %s" % (self.input.id, self.me.id))
return web.badrequest(_('ID is wrong. Your ID is not %s.') % self.input.id)
me = findby1(self.orm, self.input.id)
if not me:
self.logger.debug("Update account is failed, "
"Did not exist account - id=%s" % self.input.id)
return web.notfound()
cmp_user = findby1email(self.orm, self.input.email)
if not cmp_user is None:
if me.id != cmp_user.id:
self.logger.info("Update account is failed, "
"Already exists mail address "
"- %s, %s" % (me, cmp_user))
return web.conflict(web.ctx.path)
if self.input.password:
if compare_password(self, self.me) is False:
return web.badrequest(self.view.alert)
(password, salt) = sha1encrypt(self.input.new_password)
me.password = password
me.salt = salt
me.email = self.input.email
me.languages = self.input.languages
me.nickname = self.input.nickname
dba_update(self.orm, me)
self.me = me
return web.seeother(web.ctx.path)
def wrapper(self, *args, **kwargs):
if web.ctx.path[0:6] == '/data/':
languages = unicode(
karesansui.config['application.default.locale'])
if web.ctx.env.has_key('HTTP_AUTHORIZATION'):
_http_auth = web.ctx.env['HTTP_AUTHORIZATION'].strip()
if _http_auth[:5] == 'Basic':
email, password = b64decode(
_http_auth[6:].strip()).split(':')
session = web.ctx.orm
user = findby1email(session, email)
languages = user.languages
self._ = mako_translation(languages=[
unicode(languages),
])
return func(self, *args, **kwargs)
if karesansui_database_exists() is False:
return web.tempredirect(web.ctx.path + "init", absolute=False)
if not web.ctx.env.has_key('HTTP_AUTHORIZATION'):
if web.ctx.env.has_key('Authorization'):
web.ctx.env['HTTP_AUTHORIZATION'] = web.ctx.env[
'Authorization']
if web.ctx.env.has_key('HTTP_AUTHORIZATION'):
(user, email) = login()
if user:
self.me = user
# Logout
fname = '%s%s' % (
LOGOUT_FILE_PREFIX,
self.me.email,
)
if os.access(fname, os.F_OK):
os.unlink(fname)
return web.unauthorized()
# Login: Success
if user.languages in self.languages:
x = self.languages.index(user.languages)
self.languages.pop(x)
self.languages.insert(0, user.languages)
self.logger.info(
'user_id=%s,lang=%s : Method=%s - Basic Authentication=Success'
% (self.me.id, ','.join(self.languages), self.__method__))
# __init__#self._ update!!
self._ = mako_translation(languages=self.languages)
return func(self, *args, **kwargs)
else:
# Login: Failure
self.logger.info(
'user=%s : Method=%s - Basic Authentication=Failure' %
(email, self.__method__))
return web.unauthorized()
else:
# Login: Anonymous
self.logger.info(
'user=anonymous : Method=%s - Basic Authentication=Anonymous' %
(self.__method__))
return web.unauthorized()