Mercurial > kallithea
annotate pylons_app/controllers/users.py @ 52:25e516447a33
implemented autentication
| author | marcink |
|---|---|
| date | Thu, 08 Apr 2010 12:00:06 +0200 |
| parents | 73f413946c14 |
| children | 3f65447f6c02 |
| rev | line source |
|---|---|
|
47
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
1 import logging |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
2 |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
3 from pylons import request, response, session, tmpl_context as c, url, app_globals as g |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
4 from pylons.controllers.util import abort, redirect |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
5 |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
6 from pylons_app.lib.base import BaseController, render |
|
49
3ada2f409c1c
Added sqlalchemy support
Marcin Kuzminski <marcin@python-blog.com>
parents:
48
diff
changeset
|
7 from formencode import htmlfill |
|
3ada2f409c1c
Added sqlalchemy support
Marcin Kuzminski <marcin@python-blog.com>
parents:
48
diff
changeset
|
8 from pylons_app.model import meta |
|
3ada2f409c1c
Added sqlalchemy support
Marcin Kuzminski <marcin@python-blog.com>
parents:
48
diff
changeset
|
9 from pylons_app.model.db import Users, UserLogs |
| 52 | 10 from pylons_app.lib.auth import authenticate |
|
50
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
11 import crypt |
| 52 | 12 |
|
47
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
13 log = logging.getLogger(__name__) |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
14 |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
15 class UsersController(BaseController): |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
16 """REST Controller styled on the Atom Publishing Protocol""" |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
17 # To properly map this controller, ensure your config/routing.py |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
18 # file has a resource setup: |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
19 # map.resource('user', 'users') |
|
50
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
20 |
| 52 | 21 @authenticate |
|
47
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
22 def __before__(self): |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
23 c.staticurl = g.statics |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
24 c.admin_user = session.get('admin_user') |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
25 c.admin_username = session.get('admin_username') |
|
49
3ada2f409c1c
Added sqlalchemy support
Marcin Kuzminski <marcin@python-blog.com>
parents:
48
diff
changeset
|
26 self.sa = meta.Session |
|
47
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
27 |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
28 def index(self, format='html'): |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
29 """GET /users: All items in the collection""" |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
30 # url('users') |
|
48
8e250e86a670
Css fixes, implemented removal of users, and display draft
Marcin Kuzminski <marcin@python-blog.com>
parents:
47
diff
changeset
|
31 |
|
49
3ada2f409c1c
Added sqlalchemy support
Marcin Kuzminski <marcin@python-blog.com>
parents:
48
diff
changeset
|
32 c.users_list = self.sa.query(Users).all() |
|
48
8e250e86a670
Css fixes, implemented removal of users, and display draft
Marcin Kuzminski <marcin@python-blog.com>
parents:
47
diff
changeset
|
33 return render('/users.html') |
|
47
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
34 |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
35 def create(self): |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
36 """POST /users: Create a new item""" |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
37 # url('users') |
|
50
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
38 params = dict(request.params) |
|
47
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
39 |
|
50
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
40 try: |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
41 new_user = Users() |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
42 new_user.active = params.get('active', False) |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
43 new_user.username = params.get('username') |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
44 new_user.password = crypt.crypt(params.get('password'), '6a') |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
45 new_user.admin = False |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
46 self.sa.add(new_user) |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
47 self.sa.commit() |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
48 except: |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
49 self.sa.rollback() |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
50 raise |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
51 |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
52 return redirect(url('users')) |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
53 |
|
47
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
54 def new(self, format='html'): |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
55 """GET /users/new: Form to create a new item""" |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
56 # url('new_user') |
|
50
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
57 return render('/user_add.html') |
|
47
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
58 |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
59 def update(self, id): |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
60 """PUT /users/id: Update an existing item""" |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
61 # Forms posted to this method should contain a hidden field: |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
62 # <input type="hidden" name="_method" value="PUT" /> |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
63 # Or using helpers: |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
64 # h.form(url('user', id=ID), |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
65 # method='put') |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
66 # url('user', id=ID) |
|
50
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
67 params = dict(request.params) |
|
47
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
68 |
|
50
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
69 try: |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
70 new_user = self.sa.query(Users).get(id) |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
71 new_user.active = params.get('active') |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
72 new_user.username = params.get('username') |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
73 print params |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
74 if params.get('new_password'): |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
75 new_user.password = crypt.crypt(params.get('new_password'), '6a') |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
76 self.sa.add(new_user) |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
77 self.sa.commit() |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
78 except: |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
79 self.sa.rollback() |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
80 raise |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
81 |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
82 return redirect(url('users')) |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
83 |
|
47
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
84 def delete(self, id): |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
85 """DELETE /users/id: Delete an existing item""" |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
86 # Forms posted to this method should contain a hidden field: |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
87 # <input type="hidden" name="_method" value="DELETE" /> |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
88 # Or using helpers: |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
89 # h.form(url('user', id=ID), |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
90 # method='delete') |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
91 # url('user', id=ID) |
|
48
8e250e86a670
Css fixes, implemented removal of users, and display draft
Marcin Kuzminski <marcin@python-blog.com>
parents:
47
diff
changeset
|
92 try: |
|
49
3ada2f409c1c
Added sqlalchemy support
Marcin Kuzminski <marcin@python-blog.com>
parents:
48
diff
changeset
|
93 self.sa.delete(self.sa.query(Users).get(id)) |
|
3ada2f409c1c
Added sqlalchemy support
Marcin Kuzminski <marcin@python-blog.com>
parents:
48
diff
changeset
|
94 self.sa.commit() |
|
48
8e250e86a670
Css fixes, implemented removal of users, and display draft
Marcin Kuzminski <marcin@python-blog.com>
parents:
47
diff
changeset
|
95 except: |
|
49
3ada2f409c1c
Added sqlalchemy support
Marcin Kuzminski <marcin@python-blog.com>
parents:
48
diff
changeset
|
96 self.sa.rollback() |
|
48
8e250e86a670
Css fixes, implemented removal of users, and display draft
Marcin Kuzminski <marcin@python-blog.com>
parents:
47
diff
changeset
|
97 raise |
|
8e250e86a670
Css fixes, implemented removal of users, and display draft
Marcin Kuzminski <marcin@python-blog.com>
parents:
47
diff
changeset
|
98 return redirect(url('users')) |
|
8e250e86a670
Css fixes, implemented removal of users, and display draft
Marcin Kuzminski <marcin@python-blog.com>
parents:
47
diff
changeset
|
99 |
|
47
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
100 def show(self, id, format='html'): |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
101 """GET /users/id: Show a specific item""" |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
102 # url('user', id=ID) |
|
50
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
103 |
|
48
8e250e86a670
Css fixes, implemented removal of users, and display draft
Marcin Kuzminski <marcin@python-blog.com>
parents:
47
diff
changeset
|
104 |
|
47
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
105 def edit(self, id, format='html'): |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
106 """GET /users/id/edit: Form to edit an existing item""" |
|
f6ac79182600
Added rest controllers for repos and users,
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
107 # url('edit_user', id=ID) |
|
50
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
108 c.user = self.sa.query(Users).get(id) |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
109 |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
110 return htmlfill.render( |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
111 render('/user_edit.html'), |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
112 defaults=c.user.__dict__, |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
113 encoding="UTF-8", |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
114 force_defaults=False |
|
73f413946c14
user managment implementation continued update/delete/create works
Marcin Kuzminski <marcin@python-blog.com>
parents:
49
diff
changeset
|
115 ) |