]>
Commit | Line | Data |
---|---|---|
9137135a MT |
1 | #!/usr/bin/python |
2 | ||
f6e6ff79 | 3 | import datetime |
f6e6ff79 | 4 | |
9137135a MT |
5 | import tornado.locale |
6 | import tornado.web | |
7 | ||
2c909128 | 8 | from .handlers_base import * |
9137135a MT |
9 | |
10 | class UserHandler(BaseHandler): | |
11 | @tornado.web.authenticated | |
12 | def get(self, name=None): | |
13 | user = self.current_user | |
14 | ||
15 | if name: | |
16 | user = self.pakfire.users.get_by_name(name) | |
17 | if not user: | |
18 | raise tornado.web.HTTPError(404, "User does not exist: %s" % name) | |
19 | ||
62c7e7cd | 20 | self.render("user-profile.html", user=user) |
9137135a | 21 | |
f6e6ff79 MT |
22 | |
23 | class UserImpersonateHandler(BaseHandler): | |
9137135a | 24 | @tornado.web.authenticated |
f6e6ff79 MT |
25 | def get(self): |
26 | action = self.get_argument("action", "start") | |
27 | ||
28 | if action == "stop": | |
20d7f5eb MT |
29 | if self.current_user.session: |
30 | self.current_user.session.stop_impersonation() | |
f6e6ff79 MT |
31 | self.redirect("/") |
32 | return | |
33 | ||
34 | # You must be an admin to do this. | |
35 | if not self.current_user.is_admin(): | |
36 | raise tornado.web.HTTPError(403, "You are not allowed to do this.") | |
37 | ||
38 | username = self.get_argument("user", "") | |
39 | user = self.pakfire.users.get_by_name(username) | |
40 | if not user: | |
41 | raise tornado.web.HTTPError(404, "User not found: %s" % username) | |
42 | ||
43 | self.render("user-impersonation.html", user=user) | |
44 | ||
45 | @tornado.web.authenticated | |
46 | def post(self): | |
47 | # You must be an admin to do this. | |
48 | if not self.current_user.is_admin(): | |
49 | raise tornado.web.HTTPError(403, "You are not allowed to do this.") | |
50 | ||
51 | username = self.get_argument("user") | |
52 | user = self.pakfire.users.get_by_name(username) | |
53 | if not user: | |
54 | raise tornado.web.HTTPError(404, "User does not exist: %s" % username) | |
55 | ||
20d7f5eb MT |
56 | if self.current_user.session: |
57 | self.current_user.session.start_impersonation(user) | |
f6e6ff79 MT |
58 | |
59 | # Redirect to start page. | |
60 | self.redirect("/") | |
61 | ||
62 | ||
63 | class UserActionHandler(BaseHandler): | |
64 | def get_user(self, name): | |
9137135a MT |
65 | user = self.pakfire.users.get_by_name(name) |
66 | if not user: | |
67 | raise tornado.web.HTTPError(404) | |
68 | ||
69 | if not self.current_user == user and not self.current_user.is_admin(): | |
70 | raise tornado.web.HTTPError(403) | |
71 | ||
f6e6ff79 MT |
72 | return user |
73 | ||
74 | ||
75 | class UserDeleteHandler(BaseHandler): | |
76 | @tornado.web.authenticated | |
77 | def get(self, name): | |
78 | user = self.get_user(name) | |
79 | ||
9137135a MT |
80 | confirmed = self.get_argument("confirmed", None) |
81 | if confirmed: | |
82 | user.delete() | |
83 | ||
84 | if self.current_user == user: | |
85 | self.redirect("/logout") | |
86 | else: | |
87 | self.redirect("/users") | |
88 | ||
89 | self.render("user-delete.html", user=user) | |
90 | ||
91 | ||
f6e6ff79 MT |
92 | class UserPasswdHandler(UserActionHandler): |
93 | @tornado.web.authenticated | |
94 | def get(self, name, error_msg=None): | |
95 | user = self.get_user(name) | |
96 | ||
97 | self.render("user-profile-passwd.html", user=user, | |
98 | error_msg=error_msg) | |
99 | ||
100 | @tornado.web.authenticated | |
101 | def post(self, name): | |
102 | _ = self.locale.translate | |
103 | ||
104 | # Fetch the user. | |
105 | user = self.get_user(name) | |
106 | ||
107 | # If the user who wants to change the password is not an admin, | |
108 | # he needs to provide the old password. | |
109 | if not self.current_user.is_admin() or self.current_user == user: | |
110 | pass0 = self.get_argument("pass0", None) | |
111 | if not pass0: | |
112 | return self.get(name, error_msg=_("You need to enter you current password.")) | |
113 | ||
114 | if not self.current_user.check_password(pass0): | |
115 | return self.get(name, error_msg=_("The provided account password is wrong.")) | |
116 | ||
117 | pass1 = self.get_argument("pass1", "") | |
118 | pass2 = self.get_argument("pass2", "") | |
119 | ||
120 | error_msg = None | |
121 | ||
122 | # The password must at least have 8 characters. | |
123 | if not pass1 == pass2: | |
124 | error_msg = _("The given passwords do not match.") | |
125 | elif len(pass1) == 0: | |
126 | error_msg = _("The password was blank.") | |
127 | else: | |
128 | accepted, score = backend.users.check_password_strength(pass1) | |
129 | if not accepted: | |
130 | error_msg = _("The given password is too weak.") | |
131 | ||
132 | if error_msg: | |
133 | return self.get(name, error_msg=error_msg) | |
134 | ||
135 | # Update the password. | |
136 | user.set_passphrase(pass1) | |
137 | ||
138 | self.render("user-profile-passwd-ok.html", user=user) | |
139 | ||
140 | ||
9137135a | 141 | class UserEditHandler(BaseHandler): |
9137135a MT |
142 | @tornado.web.authenticated |
143 | def get(self, name): | |
144 | user = self.pakfire.users.get_by_name(name) | |
145 | if not user: | |
146 | raise tornado.web.HTTPError(404) | |
147 | ||
148 | if not self.current_user == user and not self.current_user.is_admin(): | |
149 | raise tornado.web.HTTPError(403) | |
150 | ||
cd870d0a | 151 | self.render("user-profile-edit.html", user=user) |
9137135a MT |
152 | |
153 | @tornado.web.authenticated | |
154 | def post(self, name): | |
155 | _ = self.locale.translate | |
156 | ||
157 | user = self.pakfire.users.get_by_name(name) | |
158 | if not user: | |
159 | raise tornado.web.HTTPError(404) | |
160 | ||
161 | email = self.get_argument("email", user.email) | |
162 | realname = self.get_argument("realname", user.realname) | |
163 | pass1 = self.get_argument("pass1", None) | |
164 | pass2 = self.get_argument("pass2", None) | |
165 | locale = self.get_argument("locale", "") | |
166 | ||
167 | # Only an admin can alter the state of a user. | |
168 | if self.current_user.is_admin(): | |
169 | state = self.get_argument("state", user.state) | |
170 | else: | |
171 | state = user.state | |
172 | ||
173 | # Collect error messages | |
174 | msgs = [] | |
175 | ||
176 | if not email: | |
177 | msgs.append(_("No email address provided.")) | |
178 | elif not "@" in email: | |
179 | msgs.append(_("Email address is invalid.")) | |
180 | ||
181 | # Check if the passphrase is okay. | |
182 | if pass1 and not len(pass1) >= 8: | |
183 | msgs.append(_("Password has less than 8 characters.")) | |
184 | elif not pass1 == pass2: | |
185 | msgs.append(_("Passwords do not match.")) | |
186 | ||
9137135a MT |
187 | if msgs: |
188 | self.render("user-profile-edit-fail.html", messages=msgs) | |
189 | return | |
190 | ||
191 | # Everything is okay, we can save the new settings. | |
192 | user.locale = locale | |
193 | user.email = email | |
194 | user.realname = realname | |
195 | if pass1: | |
196 | user.passphrase = pass1 | |
197 | user.state = state | |
198 | ||
f6e6ff79 MT |
199 | # Get the timezone settings. |
200 | tz = self.get_argument("timezone", None) | |
201 | user.timezone = tz | |
202 | ||
9137135a MT |
203 | if not user.activated: |
204 | self.render("user-profile-need-activation.html", user=user) | |
205 | return | |
206 | ||
207 | self.redirect("/user/%s" % user.name) | |
208 | ||
209 | ||
210 | class UsersHandler(BaseHandler): | |
211 | @tornado.web.authenticated | |
212 | def get(self): | |
3da206e1 | 213 | users = self.pakfire.users.get_all() |
9137135a | 214 | |
3da206e1 | 215 | self.render("user-list.html", users=users) |
9137135a MT |
216 | |
217 | ||
f6e6ff79 | 218 | class UsersBuildsHandler(BaseHandler): |
f6e6ff79 | 219 | def get(self, name=None): |
eedc6432 MT |
220 | if name is None: |
221 | user = self.current_user | |
222 | else: | |
f6e6ff79 MT |
223 | user = self.pakfire.users.get_by_name(name) |
224 | if not user: | |
225 | raise tornado.web.HTTPError(404, "User not found: %s" % name) | |
f6e6ff79 | 226 | |
f6e6ff79 | 227 | # Get a list of the builds this user has built. |
1104bcbf | 228 | builds = self.pakfire.builds.get_by_user(user) |
f6e6ff79 MT |
229 | |
230 | self.render("user-profile-builds.html", user=user, builds=builds) |