def post(self):
username = self.get_argument("email", "").strip().lower()
password = self.get_argument("newpass", "")
info = {}
for info_column in ("name", "affiliation", "address", "phone"):
hold = self.get_argument(info_column, None)
if hold:
info[info_column] = hold
created = False
try:
created = User.create(username, password, info)
except QiitaDBDuplicateError:
msg = "Email already registered as a user"
if created:
info = created.info
try:
# qiita_config.base_url doesn't have a / at the end, but the
# qiita_config.portal_dir has it at the beginning but not at
# the end. This constructs the correct URL
url = qiita_config.base_url + qiita_config.portal_dir
send_email(
username, "QIITA: Verify Email Address", "Please "
"click the following link to verify email address: "
"%s/auth/verify/%s?email=%s\n\nBy clicking you are "
"accepting our term and conditions: "
"%s/iframe/?iframe=qiita-terms" %
(url, info['user_verify_code'], url_escape(username), url))
except Exception:
msg = ("Unable to send verification email. Please contact the "
"qiita developers at <a href='mailto:qiita.help"
"@gmail.com'>[email protected]</a>")
self.redirect(u"%s/?level=danger&message=%s" %
(qiita_config.portal_dir, url_escape(msg)))
return
msg = ("<h3>User Successfully Created</h3><p>Your Qiita account "
"has been successfully created. An email has been sent to "
"the email address you provided. This email contains "
"instructions on how to activate your account.</p>"
"<p>If you don't receive your activation email within a "
"couple of minutes, check your spam folder. If you still "
"don't see it, send us an email at <a "
"href=\"mailto:[email protected]\">[email protected]"
"</a>.</p>")
self.redirect(u"%s/?level=success&message=%s" %
(qiita_config.portal_dir, url_escape(msg)))
else:
error_msg = u"?error=" + url_escape(msg)
self.redirect(u"%s/auth/create/%s" %
(qiita_config.portal_dir, error_msg))
def post(self):
message = ""
level = ""
page = "lost_pass.html"
user_id = None
try:
user = User(self.get_argument("email"))
except QiitaDBUnknownIDError:
message = "ERROR: Unknown user."
level = "danger"
else:
user_id = user.id
user.generate_reset_code()
info = user.info
try:
# qiita_config.base_url doesn't have a / at the end, but the
# qiita_config.portal_dir has it at the beginning but not at
# the end. This constructs the correct URL
url = qiita_config.base_url + qiita_config.portal_dir
send_email(
user.id, "Qiita: Password Reset", "Please go to "
"the following URL to reset your password: \n"
"%s/auth/reset/%s \nYou "
"have 30 minutes from the time you requested a "
"reset to change your password. After this period, "
"you will have to request another reset." %
(url, info["pass_reset_code"]))
message = ("Check your email for the reset code.")
level = "success"
page = "index.html"
except Exception as e:
message = ("Unable to send email. Error has been registered. "
"Your password has not been reset.")
level = "danger"
LogEntry.create('Runtime',
"Unable to send forgot password "
"email: %s" % str(e),
info={'User': user.id})
self.render(page, user=user_id, message=message, level=level)
def artifact_patch_request(user,
artifact_id,
req_op,
req_path,
req_value=None,
req_from=None):
"""Modifies an attribute of the artifact
Parameters
----------
user : qiita_db.user.User
The user performing the patch operation
artifact_id : int
Id of the artifact in which the patch operation is being performed
req_op : str
The operation to perform on the artifact
req_path : str
The prep information and attribute to patch
req_value : str, optional
The value that needs to be modified
req_from : str, optional
The original path of the element
Raises
------
QiitaHTTPError
If `req_op` != 'replace'
If the path parameter is incorrect
If missing req_value
If the attribute to replace is not known
"""
if req_op == 'replace':
req_path = [v for v in req_path.split('/') if v]
if len(req_path) != 1:
raise QiitaHTTPError(404, 'Incorrect path parameter')
attribute = req_path[0]
# Check if the user actually has access to the artifact
artifact = Artifact(artifact_id)
check_artifact_access(user, artifact)
if not req_value:
raise QiitaHTTPError(404, 'Missing value to replace')
if attribute == 'name':
artifact.name = req_value
return
elif attribute == 'visibility':
if req_value not in get_visibilities():
raise QiitaHTTPError(
400, 'Unknown visibility value: %s' % req_value)
if (req_value == 'private' and qiita_config.require_approval
and not user.level == 'admin'):
raise QiitaHTTPError(
403, 'User does not have permissions '
'to approve change')
try:
artifact.visibility = req_value
except Exception as e:
raise QiitaHTTPError(403, str(e).replace('\n', '<br/>'))
sid = artifact.study.id
if artifact.visibility == 'awaiting_approval':
email_to = '*****@*****.**'
subject = ('QIITA: Artifact %s awaiting_approval. Study %d, '
'Prep %d' %
(artifact_id, sid, artifact.prep_templates[0].id))
message = ('%s requested approval. <a '
'href="https://qiita.ucsd.edu/study/description/'
'%d">Study %d</a>.' % (user.email, sid, sid))
try:
send_email(email_to, subject, message)
except Exception:
msg = ("Couldn't send email to admins, please email us "
"directly to <a href='mailto:{0}'>{0}</a>.".format(
email_to))
raise QiitaHTTPError(400, msg)
else:
msg = '%s changed artifact %s (study %d) to %s' % (
user.email, artifact_id, sid, req_value)
LogEntry.create('Warning', msg)
else:
# We don't understand the attribute so return an error
raise QiitaHTTPError(
404, 'Attribute "%s" not found. Please, '
'check the path parameter' % attribute)
else:
raise QiitaHTTPError(
400, 'Operation "%s" not supported. Current '
'supported operations: replace' % req_op)