def load(self): if not self._loaded: #TODO: bullet-proof code, assert kcd_user and return an error code in case of none kcd_user = KcdUser.get_by(user_id = self._user_id, kws_id = self._workspace_id) self._notif_policy = kcd_user.notif_policy self._loaded = True pass
def show(self, workspace_id, email_id): ws = c.workspace if not ws: log.warn("InvitationController().show(): Workspace %s does not exist." % ( workspace_id ) ) abort(403) invitation = Invitation.get_by(email_id = email_id) if not invitation: log.warn("InvitationController().show(): No invitation '%s' for workspace %s" \ % ( email_id, workspace_id ) ) ui_error(code="invitation_link_not_valid") return render('message/show.mako') #abort(403) if 'user_id' in session: if session['user_id'] == invitation.user_id: # User is already logged - redirect. redirect_to(url('teambox', workspace_id = session['workspace_id'])) else: # User is logged as another user - unlog. init_session(c.workspace, reinit=True) if (ws.id==invitation.kws_id): ### Temp workaround to show notification management page for users with no passwords. ### session['tmp_notif_user_id'] = invitation.user_id session.save() c.notif_flag = True ### End workaround ### if ws.secured: c.email_id = email_id kcd_user = KcdUser.get_by(user_id = invitation.user_id, kws_id = invitation.kws_id) if not kcd_user: log.warn("kcd user " + str(invitation.user_id) + " for workspace " + str(workspace_id) + " not found in database") abort(403) if kcd_user.pwd: #prompt for password and for credentials download c.show_pass = True pass else: #prompt for credintials download c.show_pass = False pass return render('/invitation/show.mako') else: #authorize self._login(invitation) else: abort(403)
def set_user(self, workspace_id): if 'member_password' in session and 'user_id' in request.params: password = session['member_password'] del session['member_password'] del session['same_pwd_members'] session.save() user = KcdUser.get_by(user_id = request.params['user_id'], pwd=password, kws_id=workspace_id) if(user): self._invite_and_login(user, workspace_id, password) else: abort(403) else: abort(403)
def create(self, workspace_id): email_id = None if 'email_id' in request.params: email_id = request.params['email_id'] else: abort(403) ws = c.workspace invitation = Invitation.get_by(email_id = email_id) if (ws and invitation and ws.id==invitation.kws_id): kcd_user = KcdUser.get_by(user_id = invitation.user_id, kws_id = invitation.kws_id) if(kcd_user and kcd_user.pwd and ('password' in request.params) and request.params['password']==kcd_user.pwd): self._login(invitation, kcd_user.pwd) else: ui_flash_error(message="You have not provided a valid password.") redirect_to(url('invite_show', workspace_id=workspace_id, email_id=email_id)) else: abort(403)