示例#1
0
    def _PUT(self, *param, **params):
        user_id = param[0]
        if not validates_param_id(self, user_id):
            self.logger.debug("Failed to update account. the value of parameter is invalid.")
            return web.notfound(self.view.alert)

        if not validates_user(self):
            self.logger.debug("Failed to update account. the value of input is invalid.")
            return web.badrequest(self.view.alert)

        user = findby1(self.orm, user_id)
        if not user:
            self.logger.debug("Failed to update account. No such account - id=%s" % user_id)
            return web.notfound()

        cmp_user = findby1email(self.orm, self.input.email)
        if not cmp_user is None:
            if int(user_id) != cmp_user.id:
                self.logger.debug("Failed to update account. The same mail address '%s' already exist - user='******'" % (self.input.email, cmp_user.nickname))
                return web.conflict(web.ctx.path)

        user.nickname = self.input.nickname
        user.email = self.input.email
        user.languages = self.input.languages

        if not is_empty(self.input.new_password):
            if compare_password(self, user) == False:
                return web.badrequest(self.view.alert)

            (password, salt) = sha1encrypt(self.input.new_password)
            user.password = password
            user.salt = salt

        update(self.orm, user)
        return web.seeother(web.ctx.path)
示例#2
0
    def wrapper(self, *args, **kwargs):

        if web.ctx.path[0:6] == '/data/':
            languages = unicode(karesansui.config['application.default.locale'])
            if web.ctx.env.has_key('HTTP_AUTHORIZATION'):
                _http_auth = web.ctx.env['HTTP_AUTHORIZATION'].strip()
                if _http_auth[:5] == 'Basic':
                    email, password = b64decode(_http_auth[6:].strip()).split(':')
                    session = web.ctx.orm
                    user = findby1email(session, email)
                    languages = user.languages

            self._ = mako_translation(languages=[ unicode(languages), ])
            return func(self, *args, **kwargs)

        if karesansui_database_exists() is False:
            return web.tempredirect(web.ctx.path + "init", absolute=False)

        if web.ctx.env.has_key('HTTP_AUTHORIZATION'):
            (user, email) = login()

            if user:
                self.me = user

                # Logout
                fname = '%s%s' % (LOGOUT_FILE_PREFIX, self.me.email,)
                if os.access(fname, os.F_OK):
                    os.unlink(fname)
                    return web.unauthorized()

                # Login: Success
                if user.languages in self.languages:
                    x = self.languages.index(user.languages)
                    self.languages.pop(x)
                    
                self.languages.insert(0, user.languages)
                self.logger.info('user_id=%s,lang=%s : Method=%s - Basic Authentication=Success' %
                                  (self.me.id, ','.join(self.languages), self.__method__))
                
                # __init__#self._ update!!
                self._ = mako_translation(languages=self.languages)
                return func(self, *args, **kwargs)
            else:
                 # Login: Failure
                self.logger.info('user=%s : Method=%s - Basic Authentication=Failure' %
                                  (email, self.__method__))
                return web.unauthorized()
        else:
            # Login: Anonymous
            self.logger.info('user=anonymous : Method=%s - Basic Authentication=Anonymous' %
                              (self.__method__))
            return web.unauthorized()
示例#3
0
文件: user.py 项目: goura/karesansui
    def _POST(self, *param, **params):
        if not validates_user(self):
            self.logger.debug("Failed to create account. the values of input are invalid.")
            return web.badrequest(self.view.alert)

        user = findby1email(self.orm, self.input.email)
        if user:
            self.logger.debug("Failed to create account. The same mail address '%s' already exist - user='******'" % (self.input.email, user.nickname))
            return web.conflict(web.ctx.path)

        (password, salt) = sha1encrypt(self.input.new_password)

        new_user = new(self.input.email,
                       password,
                       salt,
                       self.input.nickname,
                       self.input.languages
                       )

        save(self.orm, new_user)
        return web.created(None)
示例#4
0
    def _POST(self, *param, **params):
        if not validates_user(self):
            self.logger.debug("Failed to create account. the values of input are invalid.")
            return web.badrequest(self.view.alert)

        user = findby1email(self.orm, self.input.email)
        if user:
            self.logger.debug("Failed to create account. The same mail address '%s' already exist - user='******'" % (self.input.email, user.nickname))
            return web.conflict(web.ctx.path)

        (password, salt) = sha1encrypt(self.input.new_password)

        new_user = new(self.input.email,
                       password,
                       salt,
                       self.input.nickname,
                       self.input.languages
                       )

        save(self.orm, new_user)
        return web.created(None)
示例#5
0
    def _PUT(self, *param, **params):
        user_id = param[0]
        if not validates_param_id(self, user_id):
            self.logger.debug(
                "Failed to update account. the value of parameter is invalid.")
            return web.notfound(self.view.alert)

        if not validates_user(self):
            self.logger.debug(
                "Failed to update account. the value of input is invalid.")
            return web.badrequest(self.view.alert)

        user = findby1(self.orm, user_id)
        if not user:
            self.logger.debug(
                "Failed to update account. No such account - id=%s" % user_id)
            return web.notfound()

        cmp_user = findby1email(self.orm, self.input.email)
        if not cmp_user is None:
            if int(user_id) != cmp_user.id:
                self.logger.debug(
                    "Failed to update account. The same mail address '%s' already exist - user='******'"
                    % (self.input.email, cmp_user.nickname))
                return web.conflict(web.ctx.path)

        user.nickname = self.input.nickname
        user.email = self.input.email
        user.languages = self.input.languages

        if not is_empty(self.input.new_password):
            if compare_password(self, user) == False:
                return web.badrequest(self.view.alert)

            (password, salt) = sha1encrypt(self.input.new_password)
            user.password = password
            user.salt = salt

        update(self.orm, user)
        return web.seeother(web.ctx.path)
示例#6
0
文件: me.py 项目: AdUser/karesansui
    def _PUT(self, *param, **params):
        if not validates_me(self):
            return web.badrequest(self.view.alert)
        
        if self.me.id != int(self.input.id):
            self.logger.info("Update account is failed, "
                             "posted ID parameter is different from me ID "
                             "- posted ID %s, me ID %s" % (self.input.id, self.me.id))
            return web.badrequest(_('ID is wrong. Your ID is not %s.') % self.input.id)

        me = findby1(self.orm, self.input.id)
        if not me:
            self.logger.debug("Update account is failed, "
                              "Did not exist account - id=%s" % self.input.id)
            return web.notfound()

        cmp_user = findby1email(self.orm, self.input.email)
        if not cmp_user is None:
            if me.id != cmp_user.id:
                self.logger.info("Update account is failed, "
                                 "Already exists mail address "
                                 "- %s, %s" % (me, cmp_user))
                return web.conflict(web.ctx.path) 

        if self.input.password:
            if compare_password(self, self.me) is False:
                return web.badrequest(self.view.alert)
            (password, salt) = sha1encrypt(self.input.new_password)
            me.password = password
            me.salt = salt
        me.email = self.input.email
        me.languages = self.input.languages 
        me.nickname = self.input.nickname
        dba_update(self.orm, me)
        self.me = me
        return web.seeother(web.ctx.path)
示例#7
0
    def wrapper(self, *args, **kwargs):

        if web.ctx.path[0:6] == '/data/':
            languages = unicode(
                karesansui.config['application.default.locale'])
            if web.ctx.env.has_key('HTTP_AUTHORIZATION'):
                _http_auth = web.ctx.env['HTTP_AUTHORIZATION'].strip()
                if _http_auth[:5] == 'Basic':
                    email, password = b64decode(
                        _http_auth[6:].strip()).split(':')
                    session = web.ctx.orm
                    user = findby1email(session, email)
                    languages = user.languages

            self._ = mako_translation(languages=[
                unicode(languages),
            ])
            return func(self, *args, **kwargs)

        if karesansui_database_exists() is False:
            return web.tempredirect(web.ctx.path + "init", absolute=False)

        if not web.ctx.env.has_key('HTTP_AUTHORIZATION'):
            if web.ctx.env.has_key('Authorization'):
                web.ctx.env['HTTP_AUTHORIZATION'] = web.ctx.env[
                    'Authorization']

        if web.ctx.env.has_key('HTTP_AUTHORIZATION'):
            (user, email) = login()

            if user:
                self.me = user

                # Logout
                fname = '%s%s' % (
                    LOGOUT_FILE_PREFIX,
                    self.me.email,
                )
                if os.access(fname, os.F_OK):
                    os.unlink(fname)
                    return web.unauthorized()

                # Login: Success
                if user.languages in self.languages:
                    x = self.languages.index(user.languages)
                    self.languages.pop(x)

                self.languages.insert(0, user.languages)
                self.logger.info(
                    'user_id=%s,lang=%s : Method=%s - Basic Authentication=Success'
                    % (self.me.id, ','.join(self.languages), self.__method__))

                # __init__#self._ update!!
                self._ = mako_translation(languages=self.languages)
                return func(self, *args, **kwargs)
            else:
                # Login: Failure
                self.logger.info(
                    'user=%s : Method=%s - Basic Authentication=Failure' %
                    (email, self.__method__))
                return web.unauthorized()
        else:
            # Login: Anonymous
            self.logger.info(
                'user=anonymous : Method=%s - Basic Authentication=Anonymous' %
                (self.__method__))
            return web.unauthorized()