def register_new_user(): """ Create a new account and send email with link to create password. """ if not _using_moin_auth(): return Response('No MoinAuth in auth list', 403) title_name = _('Register New User') FormClass = RegisterNewUserForm if request.method in ['GET', 'HEAD']: form = FormClass.from_defaults() elif request.method == 'POST': form = FormClass.from_flat(request.form) if form.validate(): username = form['username'].value email = form['email'].value user_profile = user.UserProfile() user_profile[ITEMID] = make_uuid() user_profile[NAME] = [ username, ] user_profile[EMAIL] = email user_profile[DISABLED] = False user_profile[ACTION] = ACTION_SAVE users = user.search_users(**{NAME_EXACT: username}) if users: flash(_('User already exists'), 'error') emails = None if app.cfg.user_email_unique: emails = user.search_users(email=email) if emails: flash(_("This email already belongs to somebody else."), 'error') if not (users or emails): user_profile.save() flash(_("Account for %(username)s created", username=username), "info") form = FormClass.from_defaults() u = user.User(auth_username=username) if u.valid: is_ok, msg = u.mail_password_recovery() if not is_ok: flash(msg, "error") else: flash( L_("%(username)s has been sent a password recovery email.", username=username), "info") else: flash( _("%(username)s is an invalid user, no email has been sent.", username=username), "error") return render_template( 'admin/register_new_user.html', title_name=title_name, form=form, )
def userbrowser(): """ User Account Browser """ groups = flaskg.groups member_groups = {} # {username: [list of groups], ...} for groupname in groups: group = groups[groupname] for member in group.members: member_groups[member] = member_groups.get(member, []) + [group.name] revs = user.search_users() # all users user_accounts = [] for rev in revs: user_names = rev.meta[NAME] user_groups = member_groups.get(user_names[0], []) for name in user_names[1:]: user_groups = user_groups + member_groups.get(name, []) subscriptions = rev.meta[SUBSCRIPTIONS] user_accounts.append( dict(uid=rev.meta[ITEMID], name=user_names, fqname=CompositeName(NAMESPACE_USERS, NAME_EXACT, rev.name), email=rev.meta[EMAIL] if EMAIL in rev.meta else rev.meta[EMAIL_UNVALIDATED], disabled=rev.meta[DISABLED], groups=user_groups, subscriptions=subscriptions)) return render_template('admin/userbrowser.html', user_accounts=user_accounts, title_name=_("Users"))
def _special_Known(self, name, dowhat, rightsdict): """ check if user <name> is known to us, that means that there is a valid user account present. works for subscription emails. """ if user.search_users(**{NAME_EXACT: name}): # is a user with this name known? return rightsdict.get(dowhat) return None
def run(self, name, uid, password, all_users, notify, verbose, subject, text, text_file, skip_invalid): flags_given = name or uid or all_users if not flags_given: print('incorrect number of arguments') sys.exit(1) if notify and not app.cfg.mail_enabled: print( "This wiki is not enabled for mail processing. The --notify option requires this. Aborting..." ) sys.exit(1) if text_file: with open(text_file) as f: text = f.read().decode('utf-8') before_wiki() if uid: query = {ITEMID: uid} elif name: query = {NAME_EXACT: name} elif all_users: query = {} # sorting the list so we have some specific, reproducable order uids_metas = sorted([(rev.meta[ITEMID], rev.meta) for rev in user.search_users(**query)]) total = len(uids_metas) for nr, (uid, meta) in enumerate(uids_metas, start=1): name = meta[NAME] email = meta.get(EMAIL) if email is None: email = meta.get(EMAIL_UNVALIDATED) if email is None: raise ValueError( "neither EMAIL nor EMAIL_UNVALIDATED key is present in user profile metadata of uid %r name %r" % (uid, name)) else: email += '[email_unvalidated]' try: set_password(uid, password, notify=notify, skip_invalid=skip_invalid, subject=subject, text=text) except Fault as err: status = "FAILURE: [%s]" % str(err) else: status = "SUCCESS" if verbose: print("uid %s, name %s, email %s (%05d / %05d) %s" % (uid, name, email, nr, total, status))
def _handleContinuationVerify(self): """ Handles the first stage continuation. """ # the consumer object with an in-memory storage oid_consumer = consumer.Consumer(session, self.store) # a dict containing the parsed query string query = {} for key in request.values.keys(): query[key] = request.values.get(key) # the current url (w/o query string) url = get_multistage_continuation_url(self.name, {'oidstage': '1'}) # we get the info about the authentication oid_info = oid_consumer.complete(query, url) # the identity we've retrieved from the response if oid_info.status == consumer.FAILURE: # verification has failed # return an error message with description of error logging.debug("OpenIDError: {0}".format(oid_info.message)) error_message = _('OpenID Error') return CancelLogin(error_message) elif oid_info.status == consumer.CANCEL: logging.debug("OpenID verification cancelled.") # verification was cancelled # return error return CancelLogin(_('OpenID verification cancelled.')) elif oid_info.status == consumer.SUCCESS: logging.debug('OpenID success. id: {0}'.format( oid_info.identity_url)) # we get the provider's url # and the list of trusted providers trusted = self._trusted_providers server = oid_info.endpoint.server_url if server in trusted or not trusted: # the provider is trusted or all providers are trusted # we have successfully authenticated our openid # we get the user with this openid associated to him identity = oid_info.identity_url users = user.search_users(openid=identity) user_obj = users and user.User(uid=users[0].item.itemid, trusted=self.trusted, auth_method=self.name) # if the user actually exists if user_obj: # we get the authenticated user object # success! user_obj.auth_method = self.name flash(_('You have logged in with OpenID.'), "info") return ContinueLogin(user_obj) # there is no user with this openid else: # redirect the user to registration return MultistageRedirectLogin( url_for('frontend.register', _external=True, openid_openid=identity, openid_submit='1')) # not trusted return ContinueLogin(None, _('This OpenID provider is not trusted.')) else: logging.debug("OpenID failure") # the auth failed miserably return CancelLogin(_('OpenID failure.'))