def signup_user_oauth():
username = g.user_info["sub"]
email_address = g.user_info["email"]
password = ''.join([
random.choice(string.ascii_letters + string.digits) for n in range(32)
]) # received_form_response.get("password")
organization = None #received_form_response.get("organization")
testing = False # received_form_response.get("testing")
if not (username and email_address):
return error_response(
message="Please make sure you have added values for all the fields"
)
if not is_email(email_address, check_dns=True):
return error_response(message="Invalid email.")
if testing: # our pytest is hitting this API, so don't create the user
return success_response()
new_user = User(username=username,
password=password,
email_address=email_address,
organization=organization)
user_uuid = new_user.insert_into_db(datastore.get_client())
return new_user
def clean(self):
"""Checks that reminders are not set in the past"""
if (self.email == '' and self.phone_number == ''):
raise ValidationError('Email and phone both cannot be empty')
if not self.email == '':
if not is_email(self.email, check_dns=True):
raise ValidationError('Invalid email')
if not self.phone_number == '':
if not self.validate_mobile():
raise ValidationError('Invalid phone number')
if self.date == '':
raise ValidationError('Date cannot be empty')
if self.time == '':
raise ValidationError('Time cannot be empty')
if len(str(self.time).split(":")) == 1:
raise ValidationError('Time should be of the format "HH:MM:SS"')
if self.message == "":
raise ValidationError('Message cannot be empty')
reminder_time = arrow.get(datetime.datetime.combine(self.date, self.time), self.time_zone.zone)
if reminder_time < arrow.utcnow():
raise ValidationError('You cannot schedule a reminder for the past. Please check your time and time_zone')
def validate_email(email):
if not isinstance(email, str):
raise ValidationError('invalid email %s' % email)
if not email:
raise ValidationError('email is required')
if not is_email(email):
raise ValidationError('invalid email %s' % email)
def canonical_email(email,
lowercase=False,
strip_periods=False,
substitute_domains={}):
"""
Return a canonical representation of an email address to facilitate string
comparison::
>>> canonical_email('Example <*****@*****.**>')
'*****@*****.**'
>>> canonical_email('*****@*****.**', lowercase=True, strip_periods=True)
'*****@*****.**'
"""
# Example <*****@*****.**> --> [email protected]
name, addr = parseaddr(email)
if not is_email(addr):
return
# [email protected] --> example+extra, Example.com
mailbox, domain = addr.split('@', 1)
# example+extra --> example
if '+' in mailbox:
mailbox = mailbox[:mailbox.find('+')]
if strip_periods and '.' in mailbox:
mailbox = mailbox.replace('.', '')
if lowercase:
mailbox = mailbox.lower()
# Example.com --> example.com
domain = domain.lower()
# googlemail.com --> gmail.com
if domain in substitute_domains:
domain = substitute_domains[domain]
# example, example.com --> [email protected]
return '%s@%s' % (mailbox, domain)
def extract_name(x):
is_valid_email = pyisemail.is_email(x['author_email'])
email_name = x['author_email'].split(
'@')[0] if is_valid_email else ''
name_from_email_name = parser.parse_name(email_name)
return pd.Series(
[is_valid_email, email_name, name_from_email_name])
def emailSplicer():
email = input("Type your email here: ")
stripedEmail = email.strip()
search = is_email(email)
result = is_email(email, diagnose=True)
if search == True:
username = stripedEmail[:stripedEmail.index("@")]
domainname = stripedEmail[stripedEmail.index("@") + 1:]
output = "Your username is '{}' and your domain name is '@{}'".format(
username, domainname)
print(output)
else:
print("--------------------------------------")
print("Invalid email address")
print("--------------------------------------")
emailSplicer()
def signup():
received_form_response = json.loads(request.data.decode('utf-8'))
username = received_form_response.get("username")
email_address = received_form_response.get("email_address")
password = received_form_response.get("password")
organization = received_form_response.get("organization")
if not (username and email_address and password):
return error_response(
message="Please make sure you have added values for all the fields"
)
if not is_email(email_address, check_dns=True):
return error_response(message="Invalid email.")
user_uuid = User(
username=username,
password=password,
email_address=email_address,
organization=organization).insert_into_db(datastore_client)
if user_uuid:
return success_response()
else:
return error_response(message="User creation failed.")
def validate_single_value(self, key, value, pref_data, data_type):
# TODO: Validation for the datatypes.
# Types: (bool|json|int|(list_of_)?(string|text|scalar|url|email|domain|locale))
if data_type == "bool":
assert isinstance(value, bool), "Not a boolean"
elif data_type == "int":
assert isinstance(value, int), "Not an integer"
elif data_type == "json":
pass # no check
else:
assert isinstance(value, (str, unicode)), "Not a string"
if data_type in ("string", "text"):
pass
elif data_type == "scalar":
assert value in pref_data.get("scalar_values", ()), (
"value not allowed: " + value)
elif data_type == "url":
from urlparse import urlparse
assert urlparse(value).scheme in (
'http', 'https'), "Not a HTTP URL"
elif data_type == "email":
from pyisemail import is_email
assert is_email(value), "Not an email"
elif data_type == "locale":
pass # TODO
elif data_type == "domain":
from pyisemail.validators.dns_validator import DNSValidator
v = DNSValidator()
assert v.is_valid(value), "Not a valid domain"
else:
raise RuntimeError("Invalid data_type: " + data_type)
def is_new_allowed():
node = str(request.form['node'])
'''
nodes = str(values.get('nodes'))
nodes.replace(" ", "").split(',')
'''
if is_email(node):
conn = sqlite3.connect('veuen.db')
c = conn.cursor()
c.execute("""CREATE TABLE IF NOT EXISTS PodenVeure
(node text
)""")
conn.commit()
c.execute("SELECT * FROM PodenVeure")
nodes = c.fetchall()
lnodes = []
for elem in nodes:
lnodes.append(elem)
if elem[0] == node:
return "Error: Node no vàlid", 400
c.execute("INSERT INTO PodenVeure VALUES (?)", (node, ))
conn.commit()
conn.close()
lnodes.append(node)
response = {'nodes': lnodes}
return jsonify(response), 201
else:
return "Error: Node no vàlid", 400
def add_multiple_users_csv(csv_file, discussion_id, with_role):
r = reader(csv_file)
localizer = get_localizer()
for i, l in enumerate(r):
if not len(l):
# tolerate empty lines
continue
if len(l) != 3:
raise RuntimeError(localizer.translate(_(
"The CSV file must have three columns")))
(name, email, password) = [x.decode('utf-8').strip() for x in l]
if not is_email(email):
if i == 0:
# Header
continue
raise RuntimeError(localizer.translate(_(
"Not an email: <%s> at line %d")) % (email, i))
if len(name) < 5:
raise RuntimeError(localizer.translate(_(
"Name too short: <%s> at line %d")) % (name, i))
if len(password) < 4:
raise RuntimeError(localizer.translate(_(
"Password too short: <%s> at line %d")) % (password, i))
add_user(
name, email, password, None, True, localrole=with_role,
discussion=discussion_id, change_old_password=False)
return i
def generate_message_id(self, source_post_id):
# Feed post ids are supposed to be globally unique.
# They may or may not be emails.
if is_email(source_post_id):
return source_post_id
# Invalid source_post_id.
return "%s_feed@%s" % (self.flatten_source_post_id(
source_post_id, 5), urlparse(self.url).hostname)
def __call__(self, form, field):
try:
diagnosis = is_email(field.data, check_dns=True, diagnose=True)
except (dns.resolver.Timeout, dns.resolver.NoNameservers):
return
if diagnosis.code == 0:
return
else:
raise wtforms.validators.StopValidation(self.message or _(diagnosis.message))
def __call__(self, form, field):
emails = EMAIL_RE.findall(deobfuscate_email(field.data or u''))
for email in emails:
try:
diagnosis = is_email(email, check_dns=True, diagnose=True)
if diagnosis.code == 0:
raise wtforms.validators.StopValidation(self.message)
except (dns.resolver.Timeout, dns.resolver.NoNameservers):
pass
def generate_message_id(self, source_post_id):
# Feed post ids are supposed to be globally unique.
# They may or may not be emails.
if is_email(source_post_id):
return source_post_id
# Invalid source_post_id.
return "%s_feed@%s" % (
self.flatten_source_post_id(source_post_id, 5),
urlparse(self.url).hostname)
def nickname_search_eng(request):
s_for_nick = '''GitHub
GitLab
Lastfm
Pastebin
Reddit
Twitter
Yahoo
Instagram'''
s_for_email = """Lastfm
Pastebin
Pinterest
Spotify
Twitter
GitHub
Instagram"""
if request.method == "POST":
nick = str(request.POST.get("formovka"))
if len(nick) < 5:
info_all = []
exceptform = NicknameFormExcept_eng()
context = {'info': info_all, 'form': exceptform}
return render(request, 'landing/eng/nickname2.html', context)
if nick.find('@') == -1 and nick.isdigit() == True:
info_all = []
exceptform = NicknameFormExcept_eng()
context = {'info': info_all, 'form': exceptform}
return render(request, 'landing/eng/nickname2.html', context)
d = {}
if is_email(nick):
for i in s_for_email.split():
d[i] = "+"
else:
for i in s_for_nick.split():
d[i] = "+"
result = subprocess.run(['socialscan', '-a', nick],
stdout=subprocess.PIPE)
r = result.stdout.split()[3:-9]
info_all = list(map(lambda x: x.decode("utf-8"), r))
else:
info_all = []
d = {}
for i in info_all:
d[i] = "-"
info_all = d
phoneform = NicknameForm_eng()
context = {'info': info_all, 'form': phoneform}
return render(request, 'landing/eng/nickname2.html', context)
def __call__(self, form, field):
emails = EMAIL_RE.findall(deobfuscate_email(field.data or ''))
for email in emails:
try:
diagnosis = is_email(email, check_dns=True, diagnose=True)
if diagnosis.code == 0:
raise StopValidation(self.message)
except (dns.resolver.Timeout, dns.resolver.NoNameservers):
pass
def __call__(self, form, field):
try:
diagnosis = is_email(field.data, check_dns=True, diagnose=True)
except (dns.resolver.Timeout, dns.resolver.NoNameservers):
return
if diagnosis.code == 0:
return
else:
raise StopValidation(self.message or _(diagnosis.message))
def upgrade(pyramid_env):
# Do stuff with the app's models here.
from assembl import models as m
db = m.get_session_maker()()
with transaction.manager:
for acc in db.query(m.AbstractAgentAccount):
if not acc.email:
continue
if not is_email(acc.email):
acc.verified = False
else:
acc.email = EmailString.normalize_email_case(acc.email)
for user in db.query(m.User).filter(m.User.preferred_email != None):
if not is_email(user.preferred_email):
user.preferred_email = None
else:
user.preferred_email = EmailString.normalize_email_case(
user.preferred_email)
def send_email(to_addr=None, from_addr=None, message_body=None):
""" Send the contact information to an email address
:param to_addr: The email address to send to
:type to_addr: str
:param from_addr: The email address to send from
:type from_addr: str
:param message_body: Body of the email to send
:type message_body: str
:returns: requests.Response
"""
if to_addr:
if not isinstance(to_addr, str):
raise TypeError('to_addr must be a string')
if not is_email(to_addr):
raise ValueError('to_addr must be a valid email address')
else:
to_addr = DEFAULT_CONTACT_EMAIL
if not isinstance(from_addr, str):
raise TypeError('from_addr must be a string')
if not is_email(from_addr):
raise ValueError('from_addr must be a valid email address')
if not isinstance(message_body, str) or not message_body:
raise TypeError('message_body must be a string')
fdate = datetime.datetime.now().strftime('%B %d, %Y at %I:%M:%S %p')
return requests.post(
url='%s/messages' % MAILGUN_URL,
auth=('api', '%s' % MAILGUN_KEY),
data={
'to': to_addr,
'from': 'Contact Form <%s>' % from_addr,
'subject': 'Adrenaline Rush Contact Form - %s' % fdate,
'text': '%s\r\n\r\n%s said:\r\n\r\n%s' % (
fdate, from_addr, message_body),
'html': '%s<br /><br />%s (<a href="mailto:%s?%s">%s</a>) said:<br /><br />%s' % (
fdate, from_addr, from_addr, parse.urlencode(query={
'subject': 'RE: Adrenaline Rush Contact Form - %s' % fdate
}), from_addr, html.escape(s=message_body).replace('\n', '<br />')),
})
def test_without_diagnosis(self):
result = is_email(self.address)
expected = create_diagnosis(self.diagnosis) < self.threshold
self.assertEqual(
result,
expected,
("%s (%s): Got %s, but expected %s."
% (self.id, self.address, result, expected))
)
def test_with_diagnosis(self):
result = is_email(self.address, diagnose=True)
expected = create_diagnosis(self.diagnosis)
self.assertEqual(
result,
expected,
("%s (%s): Got %s, but expected %s."
% (self.id, self.address, result, expected))
)
def __call__(self, form, field) -> None:
try:
diagnosis = is_email(field.data, check_dns=True, diagnose=True)
except (dns.resolver.Timeout, dns.resolver.NoNameservers):
return
if diagnosis.code in (
0, 3, 4): # 0 is valid, 3 is DNS No NS, 4 is DNS timeout
return
raise StopValidation(self.message or diagnosis.message
or self.default_message)
def process_bind_param(self, value, dialect):
if not value:
return value
value = self.normalize_to_type(value, dialect)
if '%' in value:
# LIKE search string
return value
if not is_email(value):
raise ValueError(value+" is not a valid email")
value = self.normalize_email_case(value)
return value
def process_bind_param(self, value, dialect):
if not value:
return value
value = self.normalize_to_type(value, dialect)
if '%' in value:
# LIKE search string
return value
if not is_email(value):
raise ValueError(value + " is not a valid email")
value = self.normalize_email_case(value)
return value
def api():
if request.method == 'POST':
email1 = request.form["email"]
verify = is_email(email1, check_dns=True)
if verify == True:
ver = "Valid"
else:
ver = "Invalid"
return f'''
<h1>The email is: {ver} email</h1>'''
return '''
def api():
if request.method == 'POST':
email1 = request.form["email"]
verify = is_email(email1, check_dns=True)
if verify == True:
ver = "Valid"
else:
ver = "Invalid"
a = {email1: ver}
return jsonify(a)
return render_template("home.html")
def post_agent(request):
agent_id = request.matchdict['id']
agent = AgentProfile.get_instance(agent_id)
current_user = authenticated_userid(request)
if current_user != agent.id:
# Only allow post by self.
raise HTTPUnauthorized()
redirect = False
username = request.params.get('username', '').strip()
session = AgentProfile.db
localizer = request.localizer
errors = []
if username and (
agent.username is None or username != agent.username):
# check if exists
if session.query(Username).filter_by(username=username).count():
errors.append(localizer.translate(_(
'The username %s is already used')) % (username,))
else:
old_username = agent.username
if old_username is not None:
# free existing username
session.delete(old_username)
session.flush()
# add new username
session.add(Username(username=username, user=agent))
name = request.params.get('name', '').strip()
if name:
agent.name = name
p1, p2 = (request.params.get('password1', '').strip(),
request.params.get('password2', '').strip())
if p1 != p2:
errors.append(localizer.translate(_(
'The passwords are not identical')))
elif p1:
agent.set_password(p1)
add_email = request.params.get('add_email', '').strip()
if add_email:
if not is_email(add_email):
return dict(get_default_context(request),
error=localizer.translate(_(
"This is not a valid email")))
# No need to check presence since not validated yet
email = EmailAccount(
email=add_email, profile=agent)
session.add(email)
if redirect:
return HTTPFound(location=request.route_url(
'profile_user', type='u', identifier=username))
profile = session.query(User).get(agent_id)
return {}
def ValidateEmails(sEmails, sOutputFile, bMX=False, bVerbose=False):
bFile = False
if len(sOutputFile) > 0:
fOut = open(sOutputFile, "w")
bFile = True
iCnt = 0
for sEmail in sEmails:
iCnt = iCnt + 1
try:
print("\r%i" % (iCnt))
sOutputLine = ""
sEmail_1 = ""
# email_validator
try:
v = validate_email(sEmail) # validate and get info
sEmail_1 = v["email"] # replace with normalized form
except EmailNotValidError as e:
sEmail_1 = ""
# is_email
try:
if is_email(sEmail, check_dns=True):
sEmail_2 = sEmail
else:
sEmail_2 = ""
except:
sEmail_2 = ""
# flanker
try:
sEmail_3 = ""
if bMX:
sEmail_3 = address.validate_address(sEmail).address
else:
sEmail_3 = address.parse(sEmail).address
if sEmail_3 is None:
sEmail_3 = ""
except:
sEmail_3 = ""
# Resultado
if bVerbose:
print('Procesando: %s - 1: %s - 2: %s - 3: %s' %
(sEmail, sEmail_1, sEmail_2, sEmail_3))
sOutputLine = sEmail + '|' + sEmail_1 + '|' + sEmail_2 + '|' + sEmail_3 + '\n'
if len(sOutputFile) > 0:
#print(sOutputLine);
fOut.write(sOutputLine)
else:
print(sOutputLine)
except Exception as e:
sEmail = ""
print(e)
if len(sOutputFile) > 0:
fOut.close()
return
def validate_email_or_phone(value):
import pyisemail
v = re.sub(r'\s+', '', value or '')
if v is None or len(v) == 0:
return None, 'please enter an email or phone'
if pyisemail.is_email(v):
return v.lower(), None
if is_email(v):
return None, 'invalid email'
v = re.sub(r'\D', '', v)
if len(v) == 10:
return '({}) {}-{}'.format(v[0:3], v[3:6], v[6:]), None
return None, 'invalid phone'
def parse_email(self, email: str) -> ParsedEmail:
lower_email = email.lower()
parsed_email = ParsedEmail(**su.empty_dict(PARSED_EMAIL_FIELDS))
parsed_email.email = lower_email
parsed_email.valid = pyisemail.is_email(lower_email)
email_parts = lower_email.split('@')
parsed_email.name = email_parts[0]
if len(email_parts) == 2:
parsed_email.domain = email_parts[1]
else:
parsed_email.domain = ''
parsed_email.parsed_name = self.parse_name(parsed_email.name)
return parsed_email
def parse_email(self, email: str) -> ParsedEmail:
lower_email = email.lower()
parsed_email = ParsedEmail(**su.empty_dict(PARSED_EMAIL_FIELDS))
parsed_email.email = lower_email
parsed_email.valid = pyisemail.is_email(lower_email)
email_parts = lower_email.split('@')
parsed_email.name = email_parts[0]
if len(email_parts) == 2:
parsed_email.domain = email_parts[1]
else:
parsed_email.domain = ''
parsed_email.parsed_name = self.parse_name(parsed_email.name)
return parsed_email
def usercp():
#check if the user is logged in
if "user_id" not in session:
return render_template("error.html", message="You must be logged in!")
#double check if the user exists
user = db.execute("SELECT * FROM users WHERE id = :id", {"id": session["user_id"]}).fetchone()
if user is None:
return render_template("error.html", message="No user found using that id.")
if request.method == "POST":
#get the form details
try:
email = request.form.get("email")
password = request.form.get("old-password")
new_password = request.form.get("new-password")
conf_password = request.form.get("conf-password")
except Exception:
return render_template("error.html", message="Something went wrong ...")
#first of all, check if the (old) password is right
if check_password_hash(user.password, password):
if email != user.email: #if the user decided to change the email
#check if an account with the provided email already exists in the database
account = db.execute("SELECT * FROM users WHERE email = :email", {"email": email}).fetchone()
if account is not None:
return render_template("error.html", message="An account already exists with this email. Please use a different email address.")
#check if the email is valid using is_email from pyisemail
if not is_email(email):
return render_template("error.html", message="Invalid email. Please provide a valid email address to continue.")
db.execute("UPDATE users SET email = :email WHERE id = :userid", {"email": email, "userid": user.id})
db.commit()
if len(new_password) > 0: #if the user decided to change the password
if new_password == conf_password:
new_password = generate_password_hash(new_password)
db.execute("UPDATE users SET password = :password WHERE id = :userid", {"password": new_password, "userid": user.id})
db.commit()
else:
return render_template("error.html", message="Please enter the same password for 'New Password' and 'Confirm Password'.")
return render_template("success.html", message="Profile updated!")
else:
return render_template("error.html", message="Wrong password!")
return render_template("usercp.html", user=user)
def add_multiple_users_csv(request,
csv_file,
discussion_id,
with_role,
send_password_change=False,
message_subject=None,
text_message=None,
html_message=None,
sender_name=None,
resend_if_not_logged_in=False):
r = reader(csv_file, skipinitialspace=True)
localizer = request.localizer
for i, row in enumerate(r):
if not len(row):
# tolerate empty lines
continue
row = [x.decode('utf-8').strip() for x in row]
if len(row) != 2:
raise RuntimeError(
localizer.translate(_("The CSV file must have two columns")))
(name, email) = row
if not is_email(email):
if i == 0:
# Header
continue
raise RuntimeError(
localizer.translate(_("Not an email: <%s> at line %d")) %
(email, i))
if len(name) < 5:
raise RuntimeError(
localizer.translate(_("Name too short: <%s> at line %d")) %
(name, i))
(user, created_user, created_localrole) = add_user(
name,
email,
None,
None,
True,
localrole=with_role,
discussion=discussion_id,
change_old_password=False,
send_password_change=send_password_change,
resend_if_not_logged_in=resend_if_not_logged_in,
text_message=text_message,
html_message=html_message,
sender_name=sender_name,
message_subject=message_subject,
request=request)
return i
def crawl(self):
emails = []
urls = self.googlesearch()
for url in urls:
EMAIL_REGEX = r'[a-zA-Z0-9.\-_+#~!$&\',;=:]+' + '@' + r'[a-zA-Z0-9.-]*'
data = self.request(url)
data = data.decode("ISO-8859-1")
data = self.replace(data)
for re_match in re.finditer(EMAIL_REGEX, data):
try:
address = re_match.group()
bool_result_with_dns = is_email(address, check_dns=True)
detailed_result_with_dns = is_email(address,
check_dns=True,
diagnose=True)
if bool_result_with_dns:
emails.append(address)
except requests.exceptions.ConnectionError:
print("connection refused")
except:
pass
return emails
def validate_email(self):
"""Email validator."""
field = self.email
errors = []
exists = self.query.filter_by(email=field).count()
if exists:
errors.append("email already used")
if not is_email(field, check_dns=True):
errors.append("email is invalid")
if field != self.email1:
errors.append("emails do not match")
if errors:
self.errors["email"] = errors
def signup():
from run import app
form = SignupForm(request.form)
if form.validate_on_submit():
if is_email(form.email.data):
# Check if user exists
user = User.query.filter_by(email=form.email.data).first()
if user is None:
expires = int(time.time()) + 86400
hmac_hash = hmac.new(
app.config.get('HMAC_KEY', ''),
"%s|%s" % (form.email.data, expires)
).hexdigest()
# New user
template = app.jinja_env.get_or_select_template(
'email/registration_email.txt')
message = template.render(
url=url_for(
'.complete_signup',
email=form.email.data,
expires=expires,
mac=hmac_hash,
_external=True
)
)
else:
# Existing user
template = app.jinja_env.get_or_select_template(
'email/registration_existing.txt')
message = template.render(
url=url_for('.reset', _external=True),
name=user.name
)
if g.mailer.send_simple_message({
"to": form.email.data,
"subject": "CCExtractor CI platform registration",
"text": message
}):
flash('Email sent for verification purposes. Please check '
'your mailbox', 'success')
form = SignupForm(None)
else:
flash('Could not send email', 'error-message')
else:
flash('Invalid email address!', 'error-message')
return {
'form': form
}
def view_cv():
email = request.form['email']
if is_email(email):
conn = sqlite3.connect('veuen.db')
c = conn.cursor()
c.execute("SELECT * FROM PodenVeure")
nodes = c.fetchall()
for i in range(len(nodes)):
for elem in nodes[i]:
if email in elem:
response = {'Resposta': 'Valida'}
conn.close()
return jsonify(response), 201
else:
response = {'Resposta': ' No valida'}
return jsonify(response), 400
def is_valid_email_address(email: str, check_dns=False, diagnose=False) -> bool:
"""
Return True if given email address is syntactically valid.
This implementation will refuse to accept unusual elements such as quoted
strings, as they are unlikely to appear in real-world use.
:param bool check_dns: Optionally, check for existence of MX records
:param bool diagnose: In case of errors only, return the diagnosis
"""
if email:
result = is_email(email, check_dns=check_dns, diagnose=True)
if result.diagnosis_type in ('VALID', 'NO_NAMESERVERS', 'DNS_TIMEDOUT'):
return True
return result if diagnose else False
return False
def signup():
"""Create a user account.
.. :quickref: Authentication; Create account
:reqheader Accept: application/json
:<json string username: Users login name
:<json string email_address: Users email address
:<json string password: Users password
:<json string organization: Users organization (self chosen)
**Example response**:
.. sourcecode:: json
{
"response_code": 200
}
"""
received_form_response = json.loads(request.data.decode('utf-8'))
username = received_form_response.get("username")
email_address = received_form_response.get("email_address")
password = received_form_response.get("password")
organization = received_form_response.get("organization")
testing = received_form_response.get("testing")
if not (username and email_address and password):
return error_response(
message="Please make sure you have added values for all the fields"
)
if not is_email(email_address, check_dns=True):
return error_response(message="Invalid email.")
if testing: # our pytest is hitting this API, so don't create the user
return success_response()
user_uuid = User(username=username,
password=password,
email_address=email_address,
organization=organization).insert_into_db(
datastore.get_client())
if user_uuid:
return success_response()
else:
return error_response(message="User creation failed.")
def put(self, data):
client, ip, sender, recipients, msg = data
subject = self.decode_header(msg['subject'])
for recipient in recipients:
if not is_email(recipient):
logger.error('[{client}:{ip}] {sender} => {recipient}: "{subject}"'.format(
client=client, ip=ip, sender=sender, recipient=recipient, subject=subject))
continue
logger.info('[{client}:{ip}] {sender} => {recipient}: "{subject}"'.format(
client=client, ip=ip, sender=sender, recipient=recipient, subject=subject))
try:
domain = recipient.split('@')[-1]
answer = dns.resolver.query(domain, 'MX')
server = answer[0].exchange.to_text(omit_final_dot=True)
logger.debug('[{client}:{ip}] MX({recipient}) = {server}'.format(
client=client, ip=ip,
recipient=recipient,
server=server))
except Exception as err:
logger.error('[{client}:{ip}] Query MX({recipient}): {err}'.format(
client=client, ip=ip,
recipient=recipient, err=err))
continue
try:
mta = smtplib.SMTP(host=server, timeout=20)
mta.sendmail(from_addr=sender, to_addrs=recipient, msg=msg.as_string())
mta.quit()
except smtplib.SMTPException as err:
logger.error(
'[{client}:{ip}] SMTP Error: {sender} => {recipient}: "{subject}"\nreason: {reason}'.format(
client=client, ip=ip,
sender=sender,
recipient=recipient,
subject=subject,
reason=err
)
)
logger.debug('============\n{mail}\n============'
.format(mail=self.brief_mail(msg)))
except Exception as err:
logger.error('[{client}:{ip}] System Error: {err}'.format(client=client, ip=ip, err=err))
def _cfg_emails(value):
"""Parse a list of emails separated by comma, colons, semicolons or spaces.
Args:
value (object): if list or tuple, use verbatim; else split
Returns:
list: validated emails
"""
import pyisemail
try:
if not isinstance(value, (list, tuple)):
value = re.split(r'[,;:\s]+', value)
except Exception:
pkcli.command_error('{}: invalid email list', value)
for v in value:
if not pyisemail.is_email(value):
pkcli.command_error('{}: invalid email', v)
def add_multiple_users_csv(
request, csv_file, discussion_id, with_role,
send_password_change=False, message_subject=None,
text_message=None, html_message=None):
r = reader(csv_file)
localizer = request.localizer
for i, l in enumerate(r):
if not len(l):
# tolerate empty lines
continue
l = [x.decode('utf-8').strip() for x in l]
if send_password_change:
if len(l) != 2:
raise RuntimeError(localizer.translate(_(
"The CSV file must have two columns")))
(name, email) = l
password = base64.urlsafe_b64encode(urandom(8))
else:
if len(l) != 3:
raise RuntimeError(localizer.translate(_(
"The CSV file must have three columns")))
(name, email, password) = l
if not is_email(email):
if i == 0:
# Header
continue
raise RuntimeError(localizer.translate(_(
"Not an email: <%s> at line %d")) % (email, i))
if len(name) < 5:
raise RuntimeError(localizer.translate(_(
"Name too short: <%s> at line %d")) % (name, i))
if len(password) < 4:
raise RuntimeError(localizer.translate(_(
"Password too short: <%s> at line %d")) % (password, i))
(user, is_new) = add_user(
name, email, password, None, True, localrole=with_role,
discussion=discussion_id, change_old_password=False)
if is_new and send_password_change:
from assembl.views.auth.views import send_change_password_email
from assembl.models import Discussion
discussion = Discussion.get(discussion_id)
send_change_password_email(
request, user, email, subject=message_subject,
text_body=text_message, html_body=html_message,
discussion=discussion)
return i
def add_multiple_users_csv(
request, csv_file, discussion_id, with_role,
send_password_change=False, message_subject=None,
text_message=None, html_message=None, sender_name=None,
resend_if_not_logged_in=False):
r = reader(csv_file, skipinitialspace=True)
localizer = request.localizer
for i, row in enumerate(r):
if not len(row):
# tolerate empty lines
continue
row = [x.decode('utf-8').strip() for x in row]
if len(row) != 2:
raise RuntimeError(localizer.translate(_(
"The CSV file must have two columns")))
(name, email) = row
if not is_email(email):
if i == 0:
# Header
continue
raise RuntimeError(localizer.translate(_(
"Not an email: <%s> at line %d")) % (email, i))
if len(name) < 5:
raise RuntimeError(localizer.translate(_(
"Name too short: <%s> at line %d")) % (name, i))
(user, created_user, created_localrole) = add_user(
name, email, None, None, True, localrole=with_role,
discussion=discussion_id, change_old_password=False)
status_in_discussion = None
if send_password_change and not (created_user or created_localrole):
status_in_discussion = user.get_status_in_discussion(discussion_id)
if send_password_change and (
created_user or created_localrole or (
resend_if_not_logged_in and (
status_in_discussion is None or
not status_in_discussion.first_visit))):
from assembl.views.auth.views import send_change_password_email
from assembl.models import Discussion
discussion = Discussion.get(discussion_id)
send_change_password_email(
request, user, email, subject=message_subject,
text_body=text_message, html_body=html_message,
discussion=discussion, sender_name=sender_name, welcome=True)
return i
def signup():
"""
route for handling the signup page
"""
from run import app
form = SignupForm(request.form)
if form.validate_on_submit():
if is_email(form.email.data):
# Check if user exists
user = User.query.filter_by(email=form.email.data).first()
if user is None:
expires = int(time.time()) + 86400
content_to_hash = "{email}|{expiry}".format(email=form.email.data, expiry=expires)
hmac_hash = generate_hmac_hash(app.config.get('HMAC_KEY', ''), content_to_hash)
# New user
template = app.jinja_env.get_or_select_template('email/registration_email.txt')
message = template.render(url=url_for(
'.complete_signup', email=form.email.data, expires=expires, mac=hmac_hash, _external=True)
)
else:
# Existing user
template = app.jinja_env.get_or_select_template('email/registration_existing.txt')
message = template.render(url=url_for('.reset', _external=True), name=user.name)
if g.mailer.send_simple_message({
"to": form.email.data,
"subject": "CCExtractor CI platform registration",
"text": message
}):
flash('Email sent for verification purposes. Please check your mailbox', 'success')
form = SignupForm(None)
else:
flash('Could not send email', 'error-message')
else:
flash('Invalid email address!', 'error-message')
return {
'form': form
}
def upgrade(pyramid_env):
# quick wins: emails and assembl.
with context.begin_transaction():
op.execute("""UPDATE post
SET message_id = substring(message_id, 2, length(message_id)-2)
WHERE message_id LIKE '<%>'""")
op.execute("""UPDATE imported_post
SET source_post_id = substring(source_post_id, 2, length(source_post_id)-2)
WHERE source_post_id LIKE '<%>'""")
op.execute("""UPDATE email
SET in_reply_to = substring(in_reply_to, 2, length(in_reply_to)-2)
WHERE in_reply_to LIKE '<%>'""")
op.execute("""UPDATE post
SET message_id = concat(
substring(message_id, 10, length(message_id)), '_assembl@%s')
WHERE message_id LIKE 'urn:uuid:%%'""" % (
config.get('public_hostname'),))
# Do stuff with the app's models here.
from assembl import models as m
db = m.get_session_maker()()
accepted = (
pyisemail.diagnosis.valid_diagnosis.ValidDiagnosis(),
pyisemail.diagnosis.rfc5322_diagnosis.RFC5322Diagnosis('LOCAL_TOOLONG'))
with transaction.manager:
for id, email in db.execute("SELECT id, message_id FROM post"):
if pyisemail.is_email(email, diagnose=True) in accepted:
continue
c = m.Content.get(id)
if isinstance(c, m.ImportedPost):
c.message_id = c.source.generate_message_id(c.source_post_id)
elif isinstance(c, m.AssemblPost):
c.message_id = c.generate_message_id()
else:
print "ERROR: Pure post", id
def extract_name(x):
is_valid_email = pyisemail.is_email(x['author_email'])
email_name = x['author_email'].split('@')[
0] if is_valid_email else ''
name_from_email_name = parser.parse_name(email_name)
return pd.Series([is_valid_email, email_name, name_from_email_name])
def validate_single_value(self, key, value, pref_data, data_type):
# TODO: Validation for the datatypes.
# base_type: (bool|json|int|string|text|scalar|url|email|domain|locale|langstr|permission|role)
# type: base_type|list_of_(type)|dict_of_(base_type)_to_(type)
if data_type.startswith("list_of_"):
assert isinstance(value, (list, tuple)), "Not a list"
return [
self.validate_single_value(key, val, pref_data, data_type[8:])
for val in value]
elif data_type.startswith("dict_of_"):
assert isinstance(value, (dict)), "Not a dict"
key_type, value_type = data_type[8:].split("_to_", 1)
assert "_" not in key_type
return {
self.validate_single_value(key, k, pref_data, key_type):
self.validate_single_value(key, v, pref_data, value_type)
for (k, v) in value.iteritems()}
elif data_type == "langstr":
# Syntactic sugar for dict_of_locale_to_string
assert isinstance(value, (dict)), "Not a dict"
return {
self.validate_single_value(key, k, pref_data, "locale"):
self.validate_single_value(key, v, pref_data, "string")
for (k, v) in value.iteritems()}
elif data_type == "bool":
assert isinstance(value, bool), "Not a boolean"
elif data_type == "int":
assert isinstance(value, int), "Not an integer"
elif data_type == "json":
pass # no check
else:
assert isinstance(value, (str, unicode)), "Not a string"
if data_type in ("string", "text"):
pass
elif data_type == "scalar":
assert value in pref_data.get("scalar_values", ()), (
"value not allowed: " + value)
elif data_type == "url":
condition = False
parsed_val = urlparse(value)
val = parsed_val.netloc
while not condition:
# Whilst not an address, requested feature
if value in ("*",):
condition = True
break
elif not bool(parsed_val.scheme):
# Must have a scheme, as defined a definition of a URI
break
elif not val.strip():
# No empty strings allowed
break
elif is_valid_ipv4_address(val):
condition = True
break
elif is_valid_ipv6_address(val):
condition = True
break
else:
# Must be a regular URL then. TODO: Check that the location has a DNS record
condition = True
break
assert condition, "Not a valid URL. Must follow the specification of a URI."
elif data_type == "email":
from pyisemail import is_email
assert is_email(value), "Not an email"
elif data_type == "locale":
pass # TODO
elif data_type == "permission":
assert value in ASSEMBL_PERMISSIONS
elif data_type == "role":
if value not in SYSTEM_ROLES:
from .auth import Role
assert self.db.query(Role).filter_by(
name=value).count() == 1, "Unknown role"
elif data_type == "domain":
from pyisemail.validators.dns_validator import DNSValidator
v = DNSValidator()
assert v.is_valid(value), "Not a valid domain"
value = value.lower()
else:
raise RuntimeError("Invalid data_type: " + data_type)
return value
def assembl_register_view(request):
slug = request.matchdict.get('discussion_slug', "")
p_slug = "/" + slug if slug else ""
next_view = handle_next_view(request)
if not request.params.get('email'):
if request.scheme == "http"\
and asbool(config.get("accept_secure_connection")):
raise HTTPFound("https://" + request.host + request.path_qs)
response = dict(get_default_context(request),
slug_prefix=p_slug)
if request.GET.get('error', None):
response['error'] = request.GET['error']
return response
forget(request)
session = AgentProfile.default_db
localizer = request.localizer
name = request.params.get('name', '').strip()
password = request.params.get('password', '').strip()
password2 = request.params.get('password2', '').strip()
email = request.params.get('email', '').strip()
if not is_email(email):
return dict(get_default_context(request),
slug_prefix=p_slug,
error=localizer.translate(_(
"This is not a valid email")))
# Find agent account to avoid duplicates!
if session.query(AbstractAgentAccount).filter_by(
email=email, verified=True).count():
return dict(get_default_context(request),
slug_prefix=p_slug,
error=localizer.translate(_(
"We already have a user with this email.")))
if password != password2:
return dict(get_default_context(request),
slug_prefix=p_slug,
error=localizer.translate(_(
"The passwords should be identical")))
# TODO: Validate password quality
# otherwise create.
validate_registration = asbool(config.get(
'assembl.validate_registration_emails'))
user = User(
name=name,
password=password,
verified=not validate_registration,
creation_date=datetime.utcnow()
)
email_account = EmailAccount(
email=email,
verified=not validate_registration,
profile=user
)
session.add(user)
session.add(email_account)
discussion = discussion_from_request(request)
if discussion:
now = datetime.utcnow()
agent_status = AgentStatusInDiscussion(
agent_profile=user, discussion=discussion,
user_created_on_this_discussion=True)
session.add(agent_status)
session.flush()
if not validate_registration:
if asbool(config.get('pyramid.debug_authorization')):
# for debugging purposes
from assembl.auth.password import email_token
print "email token:", request.route_url(
'user_confirm_email', ticket=email_token(email_account))
headers = remember(request, user.id)
user.last_login = datetime.utcnow()
request.response.headerlist.extend(headers)
# TODO: Tell them to expect an email.
request.session.pop('next_view')
return HTTPFound(location=next_view)
return HTTPFound(location=maybe_contextual_route(
request, 'confirm_emailid_sent', email_account_id=email_account.id))
def assembl_profile(request):
session = AgentProfile.default_db
localizer = request.localizer
profile = get_profile(request)
id_type = request.matchdict.get('type').strip()
logged_in = authenticated_userid(request)
save = request.method == 'POST'
# if some other user
if not profile or not logged_in or logged_in != profile.id:
if save:
raise HTTPUnauthorized()
# Add permissions to view a profile?
return render_to_response(
'assembl:templates/view_profile.jinja2',
dict(get_default_context(request),
profile=profile,
user=logged_in and session.query(User).get(logged_in)))
confirm_email = request.params.get('confirm_email', None)
if confirm_email:
return HTTPFound(location=request.route_url(
'confirm_emailid_sent', email_account_id=int(confirm_email)))
errors = []
if save:
user_id = profile.id
redirect = False
username = request.params.get('username', '').strip()
if username and (
profile.username is None
or username != profile.username.username):
# check if exists
if session.query(Username).filter_by(username=username).count():
errors.append(localizer.translate(_(
'The username %s is already used')) % (username,))
else:
old_username = profile.username
if old_username is not None:
# free existing username
session.delete(old_username)
session.flush()
# add new username
session.add(Username(username=username, user=profile))
if id_type == 'u':
redirect = True
name = request.params.get('name', '').strip()
if name:
profile.name = name
p1, p2 = (request.params.get('password1', '').strip(),
request.params.get('password2', '').strip())
if p1 != p2:
errors.append(localizer.translate(_(
'The passwords are not identical')))
elif p1:
profile.password_p = p1
add_email = request.params.get('add_email', '').strip()
if add_email:
if not is_email(add_email):
return dict(get_default_context(request),
error=localizer.translate(_(
"This is not a valid email")))
# No need to check presence since not validated yet
email = EmailAccount(
email=add_email, profile=profile)
session.add(email)
if redirect:
return HTTPFound(location=request.route_url(
'profile_user', type='u', identifier=username))
profile = session.query(User).get(user_id)
unverified_emails = [
(ea, session.query(AbstractAgentAccount).filter_by(
email=ea.email, verified=True).first())
for ea in profile.email_accounts if not ea.verified]
return render_to_response(
'assembl:templates/profile.jinja2',
dict(get_default_context(request),
error='<br />'.join(errors),
unverified_emails=unverified_emails,
providers=request.registry.settings['login_providers'],
google_consumer_key=request.registry.settings.get(
'google.consumer_key', ''),
the_user=profile,
user=session.query(User).get(logged_in)))
def test_without_diagnosis(self, mocked_method):
result = is_email('*****@*****.**', check_dns=True)
expected = False
self.assertEqual(result, expected)
def test_with_diagnosis(self, mocked_method):
result = is_email('*****@*****.**', check_dns=True, diagnose=True)
expected = DNSDiagnosis('NO_RECORD')
self.assertEqual(result, expected)
def assembl_register_user(request):
forget(request)
localizer = request.localizer
session = AgentProfile.default_db
json = request.json
logger = logging.getLogger()
discussion = discussion_from_request(request)
permissions = get_permissions(
Everyone, discussion.id if discussion else None)
name = json.get('real_name', '').strip()
errors = JSONError()
if not name or len(name) < 3:
errors.add_error(localizer.translate(_(
"Please use a name of at least 3 characters")),
ErrorTypes.SHORT_NAME)
password = json.get('password', '').strip()
# TODO: Check password strength. maybe pwdmeter?
email = None
for account in json.get('accounts', ()):
email = account.get('email', None)
if not is_email(email):
errors.add_error(localizer.translate(_(
"This is not a valid email")),
ErrorTypes.INVALID_EMAIL)
continue
email = EmailString.normalize_email_case(email)
# Find agent account to avoid duplicates!
if session.query(AbstractAgentAccount).filter_by(
email_ci=email).count():
if not discussion.preferences['generic_errors']:
errors.add_error(localizer.translate(_(
"We already have a user with this email.")),
ErrorTypes.EXISTING_EMAIL,
HTTPConflict.code)
else:
errors.add_error(localizer.translate(
generic_error_message),
ErrorTypes.GENERIC,
HTTPConflict.code)
logger.error("[User creation]: We already have a user with this email %s" % email)
if not email:
errors.add_error(localizer.translate(_("No email.")),
ErrorTypes.INVALID_EMAIL)
username = json.get('username', None)
if username:
if session.query(Username).filter(
func.lower(Username.username) == username.lower()).count():
if not discussion.preferences['generic_errors']:
errors.add_error(localizer.translate(_(
"We already have a user with this username.")),
ErrorTypes.EXISTING_USERNAME,
HTTPConflict.code)
else:
errors.add_error(localizer.translate(
generic_error_message),
ErrorTypes.GENERIC,
HTTPConflict.code)
logger.error("We already have a user with username %s" % username)
if len(username) > 20:
errors.add_error(localizer.translate(_(
"The username must be less than 20 characters.")),
ErrorTypes.USERNAME_TOO_LONG,
HTTPBadRequest.code)
if discussion:
check_subscription = discussion.preferences['whitelist_on_register']
whitelist = discussion.preferences['require_email_domain']
if check_subscription and whitelist:
status = discussion.check_email(email)
if not status:
admin_emails = discussion.get_admin_emails()
num = len(admin_emails)
errors.add_error(
localizer.pluralize(
_("Your email domain has not been approved for registration. Please contact ${emails} for support."),
_("Your email domain has not been approved for registration. Please contact one of ${emails} for support."),
num,
mapping={'emails': ", ".join(admin_emails)}
)
)
if errors:
raise errors
# This logic needs to be above the JSONError checks to ensure that whitelisting is applied
# even if the discussion does not have a P_SELF_REGISTER on system.Everyone
if discussion and not (
P_SELF_REGISTER in permissions or
P_SELF_REGISTER_REQUEST in permissions):
# Consider it without context
discussion = None
validate_registration = asbool(config.get(
'assembl.validate_registration_emails'))
old_autoflush = session.autoflush
session.autoflush = False
try:
now = datetime.utcnow()
user = User(
name=name,
password=password,
verified=not validate_registration,
creation_date=now
)
session.add(user)
session.flush()
user.update_from_json(json, user_id=user.id)
account = user.accounts[0]
email = account.email
account.verified = not validate_registration
if discussion:
agent_status = AgentStatusInDiscussion(
agent_profile=user, discussion=discussion,
first_visit=now, last_visit=now,
user_created_on_this_discussion=True)
session.add(agent_status)
session.flush()
# create the profile fields for custom fields
for global_id, value in json.get('profileFields', {}).iteritems():
configurable_field_id = from_global_id(global_id)[1]
configurable_field = AbstractConfigurableField.get(configurable_field_id)
profile_field = ProfileField(
agent_profile=user,
configurable_field=configurable_field,
discussion=configurable_field.discussion,
value_data={ u'value': value }
)
session.add(profile_field)
session.flush()
if validate_registration:
send_confirmation_email(request, account)
else:
user.verified = True
for account in user.accounts:
account.verified = True
user.successful_login()
if asbool(config.get('pyramid.debug_authorization')):
# for debugging purposes
from assembl.auth.password import email_token
print "email token:", request.route_url(
'user_confirm_email', token=email_token(account))
if discussion:
check_subscription = discussion.preferences['whitelist_on_register']
maybe_auto_subscribe(user, discussion, check_authorization=check_subscription)
session.flush()
return CreationResponse(user, Everyone, permissions)
finally:
session.autoflush = old_autoflush
def validate_email(email):
diagnosis = is_email(email, diagnose=True, check_dns=True)
if diagnosis.diagnosis_type != 'VALID':
raise forms.ValidationError(
diagnosis.diagnosis_type, code=diagnosis.code
)
def main():
global all_roles
parser = argparse.ArgumentParser()
parser.add_argument("configuration", help="configuration file")
parser.add_argument("-f", help="json file with user information.", type=argparse.FileType('r'))
parser.add_argument("--force", help="Overwrite existing user",
action="store_true")
parser.add_argument("-m", "--email", help="email")
parser.add_argument("-n", "--name", help="full name")
parser.add_argument("-u", "--username",
help="username (optional, s for system username)")
parser.add_argument("-p", "--password", help="password")
parser.add_argument("-r", "--role", default="r:sysadmin",
help="global user role (default: r:sysdamin.)")
parser.add_argument("-l", "--localrole",
help="local user role")
parser.add_argument("-d", "--discussion",
help="slug of discussion context for local user role")
args = parser.parse_args()
env = bootstrap(args.configuration)
settings = get_appsettings(args.configuration, 'assembl')
set_config(settings)
configure_zmq(settings['changes.socket'], False)
configure_model_watcher(env['registry'], 'assembl')
engine = configure_engine(settings, True)
from assembl.models import Role
from assembl.auth.util import add_user
all_roles = {r.name: r for r in Role.default_db.query(Role).all()}
if args.f:
userinfo = load(args.f)
if isinstance(userinfo, dict):
validate_dict(userinfo)
with transaction.manager:
add_user(**userinfo)
elif isinstance(userinfo, list):
for ui in userinfo:
validate_dict(ui)
with transaction.manager:
for ui in userinfo:
add_user(**ui)
else:
print "Not a valid user file"
exit()
while not args.name:
args.name = raw_input("Full name:")
while not args.email or not is_email(args.email):
args.email = raw_input("Email address:")
if not args.username:
print "You did not set a username. Enter an empty string"\
" for no username, or simply s for your system username, '%s'"\
% (getuser(),)
args.username = raw_input()
if args.username.lower() == 's':
args.username = getuser()
while not args.password:
password = getpass("Password:"******"Confirm password:"******"Role %s does not exist" % (args.role, )
if args.localrole:
assert args.localrole in all_roles,\
"Role %s does not exist" % (args.localrole, )
assert bool(args.localrole) == bool(args.discussion),\
"local role and discussion have to be defined together."
with transaction.manager:
add_user(**vars(args))
def assembl_register_view(request):
slug = request.matchdict.get('discussion_slug', "")
next_view = handle_next_view(request)
if not request.params.get('email'):
if request.scheme == "http"\
and asbool(config.get("accept_secure_connection")):
return HTTPFound(get_global_base_url(True) + request.path_qs)
response = get_login_context(request)
return response
forget(request)
session = AgentProfile.default_db
localizer = request.localizer
name = request.params.get('name', '').strip()
if not name or len(name) < 3:
return dict(get_default_context(request),
error=localizer.translate(_(
"Please use a name of at least 3 characters")))
password = request.params.get('password', '').strip()
password2 = request.params.get('password2', '').strip()
email = request.params.get('email', '').strip()
if not is_email(email):
return dict(get_default_context(request),
error=localizer.translate(_(
"This is not a valid email")))
email = EmailString.normalize_email_case(email)
# Find agent account to avoid duplicates!
if session.query(AbstractAgentAccount).filter_by(
email_ci=email, verified=True).count():
return dict(get_default_context(request),
error=localizer.translate(_(
"We already have a user with this email.")))
if password != password2:
return dict(get_default_context(request),
error=localizer.translate(_(
"The passwords should be identical")))
# TODO: Validate password quality
# otherwise create.
validate_registration = asbool(config.get(
'assembl.validate_registration_emails'))
user = User(
name=name,
password=password,
verified=not validate_registration,
creation_date=datetime.utcnow()
)
email_account = EmailAccount(
email=email,
verified=not validate_registration,
profile=user
)
session.add(user)
session.add(email_account)
discussion = discussion_from_request(request)
if discussion:
permissions = get_permissions(Everyone, discussion.id)
if not (P_SELF_REGISTER in permissions or
P_SELF_REGISTER_REQUEST in permissions):
discussion = None
if discussion:
_now = datetime.utcnow()
agent_status = AgentStatusInDiscussion(
agent_profile=user, discussion=discussion,
first_visit=_now, last_visit=_now,
user_created_on_this_discussion=True)
session.add(agent_status)
session.flush()
if not validate_registration:
if asbool(config.get('pyramid.debug_authorization')):
# for debugging purposes
from assembl.auth.password import email_token
print "email token:", request.route_url(
'user_confirm_email', token=email_token(email_account))
headers = remember(request, user.id)
user.successful_login()
request.response.headerlist.extend(headers)
if discussion:
maybe_auto_subscribe(user, discussion)
# TODO: Tell them to expect an email.
return HTTPFound(location=next_view)
return HTTPFound(location=maybe_contextual_route(
request, 'confirm_emailid_sent', email_account_id=email_account.id))
def discussion_admin(request):
user_id = get_non_expired_user_id(request)
if not user_id:
return HTTPFound(location='/login?next=/admin/discussions/')
session = User.default_db
context = dict(
get_default_context(request),
discussions=session.query(Discussion))
if request.method == 'POST':
g = lambda x: request.POST.get(x, None)
(topic, slug, admin_sender, name, host, port,
ssl, folder, password, username, homepage) = (
g('topic'),
g('slug'),
g('admin_sender'),
g('mbox_name'),
g('host'),
g('port'),
True if g('ssl') == 'on' else False,
g('folder'),
g('password'),
g('username'),
g('homepage')
)
errors = []
if not admin_sender:
errors.append("Please specify the admin_sender")
elif not is_email(admin_sender):
errors.append("Please specify a valid email for admin_sender")
if not slug:
errors.append("Please specify a slug")
if not username:
errors.append("Please specify a user name")
if not password:
errors.append("Please specify the user's password")
if errors:
context['errors'] = errors
else:
discussion = Discussion(
topic=topic,
creator_id=user_id,
slug=slug
)
# Could raise an exception if there is no/incorrect scheme passed
discussion.homepage = homepage
session.add(discussion)
discussion.invoke_callbacks_after_creation()
create_default_discussion_data(discussion)
mailbox_class = (
MailingList if g('mailing_list_address') else IMAPMailbox)
mailbox = mailbox_class(
name=name,
host=host,
port=int(port),
username=username,
use_ssl=ssl,
folder=folder,
admin_sender=admin_sender,
password=password,
)
if(g('mailing_list_address')):
mailbox.post_email_address = g('mailing_list_address')
mailbox.discussion = discussion
return render_to_response(
'admin/discussions.jinja2',
context,
request=request)
