Add script to create accounts (for usernames that are in the blacklist)

6 files changed, 84 insertions, 7 deletions

diff --git a/account.py b/account.py
index bd837d9..14af184 100644
--- a/account.py
+++ b/account.py
@@ -96,7 +96,7 @@ class AccountService:
     def get_by_uid(self, uid):
         """
         Find a single user by uid. Unlike find_by_uid, don't return a list but
-        raise ValueError if there is no such user.
+        raise NoSuchUserError if there is no such user.
         """
         users = self.find_by_uid(uid)
         if len(users) != 1:
@@ -104,6 +104,17 @@ class AccountService:
 
         return users[0]
 
+    def get_by_mail(self, mail):
+        """
+        Find a single user by mail. Unlike find_by_mail, don't return a list but
+        raise NoSuchUserError if there is no such user.
+        """
+        users = self.find_by_mail(mail)
+        if len(users) != 1:
+            raise NoSuchUserError('No such user')
+
+        return users[0]
+
     def find_by_uid(self, uid, wildcard=False):
         return self.find({'uid': uid}, wildcard)
 
diff --git a/app.py b/app.py
index dfe3b5a..adc2eb8 100644
--- a/app.py
+++ b/app.py
@@ -23,6 +23,8 @@ def ldap_connect():
     g.ldap = account.AccountService(app.config['LDAP_HOST'], app.config['LDAP_BASE_DN'],
         app.config['LDAP_ADMIN_USER'], app.config['LDAP_ADMIN_PASS'], app.all_services)
 
+@app.before_request
+def initialize_user():
     g.user = None
 
     if 'username' in session and 'password' in session:
@@ -100,7 +102,7 @@ def register():
 @templated('register_complete.html')
 @logout_required
 def register_complete(token):
-    #TODO: check for double uids
+    #TODO: check for double uids and mail
     username, mail = http_verify_confirmation('register', token.encode('ascii'), timeout=3*24*60*60)
 
 
diff --git a/contrib/create_account.py b/contrib/create_account.py
new file mode 100755
index 0000000..cb4392a
--- /dev/null
+++ b/contrib/create_account.py
@@ -0,0 +1,62 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+import sys
+from os.path import dirname, abspath
+sys.path.append(dirname(dirname(abspath(__file__))))
+
+from account import AccountService, NoSuchUserError
+from app import app
+from flask import g, url_for
+from utils import make_confirmation
+
+"""
+Create an account.
+
+The default operation is to send an activation mail to the given address. So
+the only difference to the register form on the website is that the username
+blacklist is not checked.
+The user can click the link and enter a password to finish account creation.
+
+Usage:
+    $0 username email
+"""
+
+def main(username, mail):
+    service = AccountService(app.config['LDAP_HOST'], app.config['LDAP_BASE_DN'],
+        app.config['LDAP_ADMIN_USER'], app.config['LDAP_ADMIN_PASS'],
+        app.all_services)
+
+    try:
+        service.get_by_uid(username)
+    except NoSuchUserError:
+        pass
+    else:
+        raise CreationError(u'There is already a user named %s' % username)
+
+    try:
+        u = service.get_by_mail(mail)
+    except NoSuchUserError:
+        pass
+    else:
+        raise CreationError(u'There is already a user with email %s (uid: %s)' % (mail, u.uid))
+
+    confirm_token = make_confirmation('register', (username, mail))
+    confirm_link = url_for('register_complete', token=confirm_token, _external=True)
+
+    print confirm_link
+
+
+class CreationError(ValueError):
+    pass
+
+
+if __name__ == '__main__':
+    if len(sys.argv) == 3:
+        #XXX: I have the strong feeling that could be done better
+        try:
+            with app.test_request_context(base_url='http://%s/' % (app.config['SERVER_NAME'] or 'localhost')):
+                main(*sys.argv[1:])
+        except CreationError, e:
+            print 'Error:', e
+    else:
+        print "Usage: %s username email" % sys.argv[0]
diff --git a/default_settings.py b/default_settings.py
index 002cc0c..e9ae578 100644
--- a/default_settings.py
+++ b/default_settings.py
@@ -8,6 +8,8 @@ MAIL_CONFIRM_SENDER = 'spline accounts <noreply@account.spline.de>'
 
 SENDMAIL_COMMAND = '/usr/sbin/sendmail'
 
+SERVER_NAME = 'localhost:5000'
+
 LDAP_HOST = 'ldap://localhost:5678'
 LDAP_BASE_DN = [('dc','account'),('dc','spline'),('dc','inf'),('dc','fu-berlin'),('dc','de')]
 LDAP_ADMIN_USER = 'admin'
diff --git a/forms.py b/forms.py
index 063412b..4d57d63 100644
--- a/forms.py
+++ b/forms.py
@@ -24,13 +24,13 @@ class RegisterForm(Form):
 
                     raise ValidationError(Markup(u'Dieser Benutzername ist momentan nicht erlaubt. '
                                           u'<a href="%s">Weitere Informationen</a>' % url_for('about')))
-                else:
-                    print 'not in blacklist: %r' % field.data
-            else:
-                print 'no blacklist'
         else:
             raise ValidationError(u'Dieser Benutzername ist schon vergeben')
 
+    def validate_mail(form, field):
+        #TODO
+        pass
+
 
 class RegisterCompleteForm(Form):
     password = PasswordField('Passwort', [validators.Required(),
diff --git a/static/layout.css b/static/layout.css
index eea7452..5f6b4ad 100644
--- a/static/layout.css
+++ b/static/layout.css
@@ -18,7 +18,7 @@ nav ul li {
     display: inline;
 }
 nav ul li:not(:last-child):after {
-    content: " · ";
+    content: "  ·  ";
     color: #aaa;
 }