def add_metadata(name): """ Admin can save metadata for selected user. Regular user can save their own metadata. Redirects to public profile page for selected user. """ user = user_repo.get_by_name(name=name) (can_update, disabled_fields) = can_update_user_info(current_user, user) if not can_update: abort(403) form_data = get_form_data(request, user, disabled_fields) form = UserPrefMetadataForm(form_data, can_update=(can_update, disabled_fields)) form.set_upref_mdata_choices() if not form.validate(): if current_user.id == user.id: user_dict = cached_users.get_user_summary(user.name) else: user_dict = cached_users.public_get_user_summary(user.name) projects_contributed = cached_users.projects_contributed_cached( user.id) projects_created = cached_users.published_projects_cached(user.id) total_projects_contributed = '{} / {}'.format( cached_users.n_projects_contributed(user.id), n_published()) percentage_tasks_completed = user_dict['n_answers'] * 100 / ( n_total_tasks() or 1) if current_user.is_authenticated and current_user.admin: draft_projects = cached_users.draft_projects(user.id) projects_created.extend(draft_projects) title = "%s · User Profile" % user.name flash("Please fix the errors", 'message') return render_template( '/account/public_profile.html', title=title, user=user, projects=projects_contributed, projects_created=projects_created, total_projects_contributed=total_projects_contributed, percentage_tasks_completed=percentage_tasks_completed, form=form, input_form=True, can_update=can_update, upref_mdata_enabled=bool(app_settings.upref_mdata)) user_pref, metadata = get_user_pref_and_metadata(name, form) user.info['metadata'] = metadata ensure_data_access_assignment_from_form(user.info, form) user.user_pref = user_pref user_repo.update(user) cached_users.delete_user_pref_metadata(user.name) cached_users.delete_user_access_levels_by_id(user.id) delete_memoized(get_user_preferences, user.id) flash("Input saved successfully", "info") return redirect(url_for('account.profile', name=name))
def test_ensure_data_access_assignment_from_form(self): class TestForm: data_access = namedtuple('data_access', ['data']) form = TestForm() form.data_access.data = ['L5'] with patch.dict(data_access.data_access_levels, self.patched_levels()): assert_raises(BadRequest, data_access.ensure_data_access_assignment_from_form, dict(), form) form.data_access.data = ['L3'] with patch.dict(data_access.data_access_levels, self.patched_levels()): data = dict() data_access.ensure_data_access_assignment_from_form(data, form) assert data['data_access'] == ['L3']
def register(): """ Register method for creating a PYBOSSA account. Returns a Jinja2 template """ if current_app.config.get('LDAP_HOST', False): return abort(404) if not app_settings.upref_mdata: form = RegisterForm(request.body) else: form = RegisterFormWithUserPrefMetadata(request.body) form.set_upref_mdata_choices() form.project_slug.choices = get_project_choices() msg = "I accept receiving emails from %s" % current_app.config.get('BRAND') form.consent.label = msg if request.method == 'POST': form.generate_password() if request.method == 'POST' and form.validate(): if app_settings.upref_mdata: user_pref, metadata = get_user_pref_and_metadata( form.name.data, form) account = dict(fullname=form.fullname.data, name=form.name.data, email_addr=form.email_addr.data, password=form.password.data, consent=form.consent.data, user_type=form.user_type.data) account['user_pref'] = user_pref account['metadata'] = metadata else: account = dict(fullname=form.fullname.data, name=form.name.data, email_addr=form.email_addr.data, password=form.password.data, consent=form.consent.data) ensure_data_access_assignment_from_form(account, form) confirm_url = get_email_confirmation_url(account) if current_app.config.get('ACCOUNT_CONFIRMATION_DISABLED'): project_slugs = form.project_slug.data create_account(account, project_slugs=project_slugs) flash(gettext('Created user succesfully!'), 'success') return redirect_content_type(url_for("home.home")) msg = dict(subject='Welcome to %s!' % current_app.config.get('BRAND'), recipients=[account['email_addr']], body=render_template('/account/email/validate_account.md', user=account, confirm_url=confirm_url)) msg['html'] = markdown(msg['body']) mail_queue.enqueue(send_mail, msg) data = dict(template='account/account_validation.html', title=gettext("Account validation"), status='sent') return handle_content_type(data) if request.method == 'POST' and not form.validate(): flash(gettext('Please correct the errors'), 'error') data = dict(template='account/register.html', title=gettext("Register"), form=form) return handle_content_type(data)