def contact(): form = AnonymousContactForm() if form.validate_on_submit(): success = send_contact_mail( sender=form.email.data, subject=form.subject.data, name=form.name.data, message=form.message.data, dormitory_name=form.dormitory.data, ) if success: flash(gettext("Nachricht wurde versandt."), "success") else: flash(gettext("Es gab einen Fehler beim Versenden der Nachricht."), 'error') return redirect(url_for('.index')) elif form.is_submitted(): flash_formerrors(form) elif current_user.is_authenticated: flash( gettext("Sicher, dass Du das anonyme Formular " "benutzen möchtest? Dies ist nur erforderlich, wenn Du " "Administratoren eines anderen Wohnheims " "kontaktieren willst."), 'info') return render_template('anonymous_contact.html', form=form)
def change_mac(): """As user, change the MAC address of your device. """ form = ChangeMACForm() if form.validate_on_submit(): password = form.password.data mac = form.mac.data try: current_user.re_authenticate(password) except PasswordInvalid: flash(gettext("Passwort war inkorrekt!"), "error") else: current_user.mac = mac logger.info('Successfully changed MAC address', extra={'data': {'mac': mac}, 'tags': {'rate_critical': True}}) flash(gettext("MAC-Adresse wurde geändert!"), 'success') flash(gettext("Es kann bis zu 10 Minuten dauern, " "bis die Änderung wirksam ist."), 'info') return redirect(url_for('.index')) elif form.is_submitted(): flash_formerrors(form) form.mac.default = current_user.mac.value return render_template('usersuite/change_mac.html', form=form)
def delete_mail(): """Resets the users forwarding mail attribute in his LDAP entry. """ form = DeleteMailForm() if form.validate_on_submit(): password = form.password.data try: try: del current_user.mail except AttributeError: with current_user.tmp_authentication(password): del current_user.mail except UserNotFound: flash(gettext("Nutzer nicht gefunden!"), "error") except PasswordInvalid: flash(gettext("Passwort war inkorrekt!"), "error") except LDAPConnectionError: flash(gettext("Nicht genügend LDAP-Rechte!"), "error") else: flash(gettext("E-Mail-Adresse wurde zurückgesetzt"), "success") return redirect(url_for('.index')) elif form.is_submitted(): flash_formerrors(form) return render_template('usersuite/delete_mail.html', form=form)
def usersuite_change_mail(): """Changes the users forwarding mail attribute in his LDAP entry. TODO: LDAP schema forbids add/replace 'mail' attribute """ form = ChangeMailForm() if form.validate_on_submit(): password = form.password.data email = form.email.data try: current_user.re_authenticate(password) current_user.change_mail(password, email) except UserNotFound: flash(gettext("Nutzer nicht gefunden!"), "error") except PasswordInvalid: flash(gettext("Passwort war inkorrekt!"), "error") except LDAPConnectionError: flash(gettext("Nicht genügend LDAP-Rechte!"), "error") else: flash(gettext("E-Mail-Adresse wurde geändert"), "success") return redirect(url_for('.usersuite')) elif form.is_submitted(): flash_formerrors(form) return render_template('usersuite/change_mail.html', form=form)
def activate_network_access(): """As user, activate your network access """ form = ActivateNetworkAccessForm() if form.validate_on_submit(): password = form.password.data mac = form.mac.data birthdate = form.birthdate.data host_name = form.host_name.data try: with current_user.tmp_authentication(password): current_user.activate_network_access(password, mac, birthdate, host_name) except PasswordInvalid: flash(gettext("Passwort war inkorrekt!"), "error") except MacAlreadyExists: flash(gettext("MAC-Adresse ist bereits in Verwendung!"), "error") else: logger.info('Successfully activated network access', extra={'data': {'mac': mac, 'birthdate': birthdate, 'host_name': host_name}, 'tags': {'rate_critical': True}}) flash(gettext("Netzwerkzugang wurde aktiviert!"), 'success') flash(gettext("Es kann bis zu 10 Minuten dauern, " "bis der Netzwerkzugang funktioniert."), 'info') return redirect(url_for('.index')) elif form.is_submitted(): flash_formerrors(form) return render_template('usersuite/activate_network_access.html', form=form)
def contact(): """Contact form for logged in users. Currently sends an e-mail to the support mailing list as '[Usersuite] Category: Subject' with userid and message. """ form = ContactForm() if form.validate_on_submit(): types = { 'stoerung': "Störung", 'finanzen': "Finanzen", 'eigene-technik': "Eigene Technik" } success = send_usersuite_contact_mail(category=types.get( form.type.data, "Allgemein"), subject=form.subject.data, message=form.message.data) if success: flash(gettext("Nachricht wurde versandt."), "success") else: flash( gettext("Es gab einen Fehler beim Versenden der Nachricht. " "Bitte schicke uns direkt eine E-Mail an {}".format( current_user.datasource.support_mail)), 'error') return redirect(url_for('.index')) elif form.is_submitted(): flash_formerrors(form) form.email.default = "{uid}@{server}".format( uid=current_user.uid, server=current_user.datasource.mail_server) return render_template("usersuite/contact.html", form=form)
def login(): """Login page for users """ form = LoginForm() if form.validate_on_submit(): dormitory = dormitory_from_name(form.dormitory.data) username = form.username.data password = form.password.data remember = form.remember.data User = dormitory.datasource.user_class try: user = User.authenticate(username, password) except (UserNotFound, PasswordInvalid): flash(gettext("Anmeldedaten fehlerhaft!"), "error") else: if isinstance(user, User): session['dormitory'] = dormitory.name login_user(user, remember=remember) logger.info('Authentication successful') flash(gettext("Anmeldung erfolgreich!"), "success") elif form.is_submitted(): flash_formerrors(form) if current_user.is_authenticated: return redirect(url_for('usersuite.usersuite')) return render_template('login.html', form=form, unsupported=unsupported_dormitories)
def change_mail(): """Frontend page to change the user's mail address""" form = ChangeMailForm() if form.validate_on_submit(): password = form.password.data email = form.email.data try: try: current_user.mail = email except AttributeError: with current_user.tmp_authentication(password): current_user.mail = email except UserNotFound: flash(gettext("Nutzer nicht gefunden!"), "error") except PasswordInvalid: flash(gettext("Passwort war inkorrekt!"), "error") except LDAPConnectionError: flash(gettext("Nicht genügend LDAP-Rechte!"), "error") else: flash(gettext("E-Mail-Adresse wurde geändert"), "success") return redirect(url_for('.index')) elif form.is_submitted(): flash_formerrors(form) return render_template('usersuite/change_mail.html', form=form)
def contact(): form = AnonymousContactForm() if form.validate_on_submit(): from_mail = form.email.data subject = "[Kontakt] {}".format(form.subject.data) message = "Name: {0}\n\n{1}".format(form.name.data, form.message.data) dormitory = dormitory_from_name(form.dormitory.data) support_mail = dormitory.datasource.support_mail if send_mail(from_mail, support_mail, subject, message): flash(gettext("Nachricht wurde versandt."), "success") else: flash(gettext("Es gab einen Fehler beim Versenden der Nachricht."), 'error') return redirect(url_for(".index")) elif form.is_submitted(): flash_formerrors(form) elif current_user.is_authenticated: flash( gettext("Sicher, dass Du das anonyme Formular " "benutzen möchtest? Dies ist nur erforderlich, wenn Du " "Administratoren eines anderen Wohnheims " "kontaktieren willst."), 'info') return render_template('anonymous_contact.html', form=form)
def contact(): form = AnonymousContactForm() if form.validate_on_submit(): success = send_contact_mail( author=form.email.data, subject=form.subject.data, name=form.name.data, message=form.message.data, dormitory_name=form.dormitory.data, ) if success: flash(gettext("Nachricht wurde versandt."), "success") else: flash(gettext("Es gab einen Fehler beim Versenden der Nachricht."), 'error') return redirect(url_for('.index')) elif form.is_submitted(): flash_formerrors(form) elif current_user.is_authenticated: flash(gettext("Sicher, dass Du das anonyme Formular " "benutzen möchtest? Dies ist nur erforderlich, wenn Du " "Administratoren eines anderen Wohnheims " "kontaktieren willst."), 'info') return render_template('anonymous_contact.html', form=form)
def usersuite_change_password(): """Lets the user change his password. Requests the old password once (in case someone forgot to logout for example) and the new password two times. If the new password was entered correctly twice, LDAP performs a bind with the old credentials at the users DN and submits the passwords to modify_password(). This way each user can edit only his own data. Error code "-1" is an incorrect old or empty password. TODO: set a minimum character limit for new passwords. """ form = ChangePasswordForm() if form.validate_on_submit(): old = form.old.data new = form.new.data try: current_user.re_authenticate(old) current_user.change_password(old, new) except PasswordInvalid: flash(gettext("Altes Passwort war inkorrekt!"), "error") else: flash(gettext("Passwort wurde geändert"), "success") return redirect(url_for(".usersuite")) elif form.is_submitted(): flash_formerrors(form) return render_template("usersuite/change_password.html", form=form)
def hosting(action=None): """Change various settings for Helios. """ if action == "confirm": current_user.userdb.drop() flash(gettext("Deine Datenbank wurde gelöscht."), 'success') return redirect(url_for('.hosting')) form = HostingForm() if form.validate_on_submit(): if form.action.data == "create": current_user.userdb.create(form.password.data) flash(gettext("Deine Datenbank wurde erstellt."), 'success') else: current_user.userdb.change_password(form.password.data) elif form.is_submitted(): flash_formerrors(form) try: user_has_db = current_user.userdb.has_db except NotImplementedError: abort(403) return render_template('usersuite/hosting.html', form=form, user_has_db=user_has_db, action=action)
def change_mac(): """As user, change the MAC address of your device. """ form = ChangeMACForm() if form.validate_on_submit(): password = form.password.data mac = form.mac.data host_name = form.host_name.data try: with current_user.tmp_authentication(password): current_user.change_mac_address(mac, host_name) except PasswordInvalid: flash(gettext("Passwort war inkorrekt!"), "error") except MacAlreadyExists: flash(gettext("MAC-Adresse ist bereits in Verwendung!"), "error") else: logger.info('Successfully changed MAC address', extra={'data': {'mac': mac}, 'tags': {'rate_critical': True}}) flash(gettext("MAC-Adresse wurde geändert!"), 'success') flash(gettext("Es kann bis zu 24 Stunden (!) dauern, " "bis die Änderung wirksam ist."), 'info') return redirect(url_for('.index')) elif form.is_submitted(): flash_formerrors(form) form.mac.default = current_user.mac.value return render_template('usersuite/change_mac.html', form=form)
def contact(): form = AnonymousContactForm() if form.validate_on_submit(): from_mail = form.email.data subject = "[Kontakt] {}".format(form.subject.data) message = "Name: {0}\n\n{1}".format(form.name.data, form.message.data) dormitory = dormitory_from_name(form.dormitory.data) support_mail = dormitory.datasource.support_mail if send_mail(from_mail, support_mail, subject, message): flash(gettext("Nachricht wurde versandt."), "success") else: flash(gettext("Es gab einen Fehler beim Versenden der Nachricht."), 'error') return redirect(url_for(".index")) elif form.is_submitted(): flash_formerrors(form) elif current_user.is_authenticated: flash(gettext("Sicher, dass Du das anonyme Formular " "benutzen möchtest? Dies ist nur erforderlich, wenn Du " "Administratoren eines anderen Wohnheims " "kontaktieren willst."), 'info') return render_template('anonymous_contact.html', form=form)
def login(): """Login page for users """ form = LoginForm() if form.validate_on_submit(): dormitory = backends.get_dormitory(form.dormitory.data) username = form.username.data password = form.password.data remember = form.remember.data User = dormitory.datasource.user_class valid_suffix = "@{}".format(dormitory.datasource.mail_server) if username.endswith(valid_suffix): username = username[:-len(valid_suffix)] try: user = User.authenticate(username, password) except InvalidCredentials as e: cause = "username" if isinstance(e, UserNotFound) else "password" logger.info( "Authentication failed: Wrong %s", cause, extra={'tags': { 'user': username, 'rate_critical': True }}) flash(gettext("Anmeldedaten fehlerhaft!"), "error") else: if isinstance(user, User): session['dormitory'] = dormitory.name login_user(user, remember=remember) logger.info('Authentication successful', extra={'tags': { 'user': username }}) flash(gettext("Anmeldung erfolgreich!"), "success") elif form.is_submitted(): flash_formerrors(form) if current_user.is_authenticated: # `url_redirect` would not be bad here because this would allow for URL # injection using the `next` parameter return redirect(url_for('usersuite.index')) return render_template('login.html', form=form, unsupported=backends.premature_dormitories)
def usersuite_change_mac(): """As user, change the MAC address of your device. """ form = ChangeMACForm() userinfo = current_user.get_information() if form.validate_on_submit(): password = form.password.data mac = form.mac.data try: current_user.re_authenticate(password) except PasswordInvalid: flash(gettext("Passwort war inkorrekt!"), "error") else: current_user.change_mac_address(userinfo['mac']['value'], mac) logger.info('Successfully changed MAC address', extra={'data': {'mac': mac}}) flash(gettext("MAC-Adresse wurde geändert!"), 'success') from_mail = "{}@{}".format(current_user.uid, current_datasource().mail_server) support_mail = current_datasource().support_mail subject = ("[Usersuite] {} hat seine/ihre MAC-Adresse " "geändert".format(current_user.uid)) message = ( "Nutzer {name} ({uid}) hat seine/ihre MAC-Adresse geändert." "\nAlte MAC: {old_mac}\nNeue MAC: {new_mac}".format( name=current_user.name, uid=current_user.uid, old_mac=userinfo['mac']['value'], new_mac=mac ) ) if not send_mail(from_mail, support_mail, subject, message): logger.error("Mac notification mail could not be sent") return redirect(url_for('.usersuite')) elif form.is_submitted(): flash_formerrors(form) form.mac.default = userinfo['mac']['value'] return render_template('usersuite/change_mac.html', form=form)
def login(): """Login page for users """ form = LoginForm() if form.validate_on_submit(): dormitory = backends.get_dormitory(form.dormitory.data) username = form.username.data password = form.password.data remember = form.remember.data User = dormitory.datasource.user_class valid_suffix = "@{}".format(dormitory.datasource.mail_server) if username.endswith(valid_suffix): username = username[:-len(valid_suffix)] try: user = User.authenticate(username, password) except InvalidCredentials as e: cause = "username" if isinstance(e, UserNotFound) else "password" logger.info("Authentication failed: Wrong %s", cause, extra={ 'tags': {'user': username, 'rate_critical': True} }) flash(gettext("Anmeldedaten fehlerhaft!"), "error") else: if isinstance(user, User): session['dormitory'] = dormitory.name login_user(user, remember=remember) logger.info('Authentication successful', extra={'tags': {'user': username}}) flash(gettext("Anmeldung erfolgreich!"), "success") elif form.is_submitted(): flash_formerrors(form) if current_user.is_authenticated: # `url_redirect` would not be bad here because this would allow for URL # injection using the `next` parameter return redirect(url_for('usersuite.index')) return render_template('login.html', form=form, unsupported=backends.premature_dormitories)
def change_use_cache(): """As user, change your usage of the cache. """ form = ChangeUseCacheForm() if form.validate_on_submit(): use_cache = bool(form.use_cache.data) current_user.use_cache = use_cache if use_cache: flash(gettext("Cache-Nutzung wurde aktiviert!"), 'success') else: flash(gettext("Cache-Nutzung wurde deaktiviert!"), 'success') flash(gettext("Es kann bis zu 10 Minuten dauern, " "bis die Änderung wirksam ist."), 'info') return redirect(url_for('.index')) elif form.is_submitted(): flash_formerrors(form) return render_template('usersuite/change_use_cache.html', form=form)
def change_password(): """Frontend page to change the user's password""" form = ChangePasswordForm() if form.validate_on_submit(): old = form.old.data new = form.new.data try: current_user.re_authenticate(old) current_user.change_password(old, new) except PasswordInvalid: flash(gettext("Altes Passwort war inkorrekt!"), "error") else: flash(gettext("Passwort wurde geändert"), "success") return redirect(url_for('.index')) elif form.is_submitted(): flash_formerrors(form) return render_template("usersuite/change_password.html", form=form)
def contact(): form = AnonymousContactForm() if form.validate_on_submit(): from_mail = form.email.data subject = "[Kontakt] {}".format(form.subject.data) message = form.message.data dormitory = dormitory_from_name(form.dormitory.data) support_mail = dormitory.datasource.support_mail if send_mail(from_mail, support_mail, subject, message): flash(gettext("Nachricht wurde versandt."), "success") else: flash(gettext("Es gab einen Fehler beim Versenden der Nachricht."), 'error') return redirect(url_for(".index")) elif form.is_submitted(): flash_formerrors(form) return render_template('anonymous_contact.html', form=form)
def contact_official(): form = OfficialContactForm() if form.validate_on_submit(): success = send_official_contact_mail( sender=form.email.data, subject=form.subject.data, name=form.name.data, message=form.message.data, ) if success: flash(gettext("Nachricht wurde versandt."), "success") else: flash(gettext("Es gab einen Fehler beim Versenden der Nachricht."), 'error') return redirect(url_for('.index')) elif form.is_submitted(): flash_formerrors(form) return render_template('official_contact.html', form=form)
def usersuite_contact(): """Contact form for logged in users. Currently sends an e-mail to the support mailing list as '[Usersuite] Category: Subject' with userid and message. """ form = ContactForm() support_mail = current_datasource().support_mail from_mail = "{}@{}".format(current_user.uid, current_datasource().mail_server) if form.validate_on_submit(): types = { 'stoerung': "Störung", 'finanzen': "Finanzen", 'eigene-technik': "Eigene Technik" } cat = types.get(form.type.data, "Allgemein") subject = "[Usersuite] {0}: {1}".format(cat, form.subject.data) message_text = "Nutzerlogin: {0}\n\n".format(current_user.uid) \ + form.message.data if send_mail(from_mail, support_mail, subject, message_text): flash(gettext("Nachricht wurde versandt."), "success") else: flash( gettext("Es gab einen Fehler beim Versenden der Nachricht. " "Bitte schicke uns direkt eine E-Mail an {}".format( support_mail)), 'error') return redirect(url_for(".usersuite")) elif form.is_submitted(): flash_formerrors(form) form.email.default = from_mail return render_template("usersuite/contact.html", form=form)
def usersuite_contact(): """Contact form for logged in users. Currently sends an e-mail to the support mailing list as '[Usersuite] Category: Subject' with userid and message. """ form = ContactForm() support_mail = current_datasource().support_mail from_mail = "{}@{}".format(current_user.uid, current_datasource().mail_server) if form.validate_on_submit(): types = { 'stoerung': "Störung", 'finanzen': "Finanzen", 'eigene-technik': "Eigene Technik" } cat = types.get(form.type.data, "Allgemein") subject = "[Usersuite] {0}: {1}".format(cat, form.subject.data) message_text = "Nutzerlogin: {0}\n\n{1}".format(current_user.uid, form.message.data) if send_mail(from_mail, support_mail, subject, message_text): flash(gettext("Nachricht wurde versandt."), "success") else: flash(gettext("Es gab einen Fehler beim Versenden der Nachricht. " "Bitte schicke uns direkt eine E-Mail an {}".format( support_mail)), 'error') return redirect(url_for(".usersuite")) elif form.is_submitted(): flash_formerrors(form) form.email.default = from_mail return render_template("usersuite/contact.html", form=form)
def contact(): """Contact form for logged in users. Currently sends an e-mail to the support mailing list as '[Usersuite] Category: Subject' with userid and message. """ form = ContactForm() if form.validate_on_submit(): types = { 'stoerung': "Störung", 'finanzen': "Finanzen", 'eigene-technik': "Eigene Technik" } success = send_usersuite_contact_mail( category=types.get(form.type.data, "Allgemein"), subject=form.subject.data, message=form.message.data ) if success: flash(gettext("Nachricht wurde versandt."), "success") else: flash(gettext("Es gab einen Fehler beim Versenden der Nachricht. " "Bitte schicke uns direkt eine E-Mail an {}" .format(current_user.datasource.support_mail)), 'error') return redirect(url_for('.index')) elif form.is_submitted(): flash_formerrors(form) form.email.default = "{uid}@{server}".format( uid=current_user.uid, server=current_user.datasource.mail_server ) return render_template("usersuite/contact.html", form=form)
def contact_official(): form = OfficialContactForm() if form.validate_on_submit(): success = send_official_contact_mail( author=form.email.data, subject=form.subject.data, name=form.name.data, message=form.message.data, ) if success: flash(gettext("Nachricht wurde versandt."), "success") else: flash(gettext("Es gab einen Fehler beim Versenden der Nachricht."), 'error') return redirect(url_for('.index')) elif form.is_submitted(): flash_formerrors(form) return render_template( 'official_contact.html', form=form )
def index(): """Usersuite landing page with user account information and traffic overview. """ info = current_user.finance_information last_update = info.last_update if info else None finance_update_string = ( " ({}: {})".format(gettext("Stand"), format_date(last_update, 'short', rebase=False)) if last_update else "" ) descriptions = OrderedDict([ ('id', gettext("Nutzer-ID")), ('realname', gettext("Voller Name")), ('login', gettext("Accountname")), ('status', gettext("Mitgliedsschaftsstatus")), ('address', gettext("Aktuelles Zimmer")), ('ips', gettext("Aktuelle IP-Adresse")), ('mac', gettext("Aktuelle MAC-Adresse")), ('mail', gettext("E-Mail-Weiterleitung")), ('use_cache', gettext("Cache-Nutzung")), ('hostname', gettext("Hostname")), ('hostalias', gettext("Hostalias")), ('userdb_status', gettext("MySQL Datenbank")), ('finance_balance', gettext("Kontostand") + finance_update_string), ]) try: rows = current_user.generate_rows(descriptions) except DBQueryEmpty as e: logger.error('Userinfo DB query could not be finished', extra={'data': {'exception_args': e.args}, 'stack': True}) flash(gettext("Es gab einen Fehler bei der Datenbankanfrage!"), "error") return redirect(url_for('generic.index')) payment_form = PaymentForm() if payment_form.validate_on_submit(): months = payment_form.months.data else: months = payment_form.months.default flash_formerrors(payment_form) datasource = current_user.datasource context = dict(rows=rows, webmailer_url=datasource.webmailer_url, payment_details=render_payment_details(current_user.payment_details(), months), girocode=generate_epc_qr_code(current_user.payment_details(), months)) if current_user.has_connection: context.update( show_traffic_data=True, traffic_user=current_user, ) if info and info.has_to_pay: context.update( show_transaction_log=True, last_update=info.last_update, balance=info.balance.raw_value, logs=info.history, ) return render_template("usersuite/index.html", payment_form=payment_form, **context)
def index(): """Usersuite landing page with user account information and traffic overview. """ info = current_user.finance_information last_update = info.last_update if info else None finance_update_string = (" ({}: {})".format( gettext("Stand"), format_date(last_update, 'short', rebase=False)) if last_update else "") descriptions = OrderedDict([ ('id', gettext("Nutzer-ID")), ('realname', gettext("Voller Name")), ('login', gettext("Accountname")), ('status', gettext("Mitgliedsschaftsstatus")), ('address', gettext("Aktuelles Zimmer")), ('ips', gettext("Aktuelle IP-Adresse")), ('mac', gettext("Aktuelle MAC-Adresse")), ('mail', gettext("E-Mail-Weiterleitung")), ('use_cache', gettext("Cache-Nutzung")), ('hostname', gettext("Hostname")), ('hostalias', gettext("Hostalias")), ('userdb_status', gettext("MySQL Datenbank")), ('finance_balance', gettext("Kontostand") + finance_update_string), ]) try: rows = current_user.generate_rows(descriptions) except DBQueryEmpty as e: logger.error('Userinfo DB query could not be finished', extra={ 'data': { 'exception_args': e.args }, 'stack': True }) flash(gettext("Es gab einen Fehler bei der Datenbankanfrage!"), "error") return redirect(url_for('generic.index')) payment_form = PaymentForm() if payment_form.validate_on_submit(): months = payment_form.months.data else: months = payment_form.months.default flash_formerrors(payment_form) datasource = current_user.datasource context = dict( rows=rows, webmailer_url=datasource.webmailer_url, payment_details=render_payment_details(current_user.payment_details(), months), girocode=generate_epc_qr_code(current_user.payment_details(), months)) if current_user.has_connection: context.update( show_traffic_data=True, traffic_user=current_user, ) if info and info.has_to_pay: context.update( show_transaction_log=True, last_update=info.last_update, balance=info.balance.raw_value, logs=info.history, ) return render_template("usersuite/index.html", payment_form=payment_form, **context)