diff options
-rw-r--r-- | app.py | 51 | ||||
-rw-r--r-- | forms.py | 9 | ||||
-rw-r--r-- | templates/admin_create_account.html | 19 | ||||
-rw-r--r-- | templates/admin_index.html | 8 | ||||
-rw-r--r-- | templates/admin_view_blacklist.html | 19 | ||||
-rw-r--r-- | templates/base.html | 3 | ||||
-rw-r--r-- | utils.py | 22 |
7 files changed, 119 insertions, 12 deletions
@@ -84,17 +84,7 @@ def register(): #TODO: check for double mails form = RegisterForm(request.form, csrf_enabled=False) if request.method == 'POST' and form.validate(): - username = form.username.data - mail = form.mail.data - - confirm_token = make_confirmation('register', (username, mail)) - confirm_link = url_for('register_complete', token=confirm_token, _external=True) - - body = render_template('mail/register.txt', username=username, - mail=mail, link=confirm_link) - - send_mail(mail, u'E-Mail-Adresse bestätigen', body, - sender=app.config.get('MAIL_CONFIRM_SENDER')) + send_register_confirmation_mail(form.username.data, form.mail.data) flash(u'Es wurde eine E-Mail an die angegebene Adresse geschickt, ' u'um diese zu überprüfen. Bitte folge den Anweisungen in der ' @@ -277,6 +267,43 @@ def about(): return {} +@app.route('/admin') +@templated('admin_index.html') +def admin(): + return {} + + +@app.route('/admin/create_account', methods=['GET', 'POST']) +@templated('admin_create_account.html') +@admin_required +def admin_create_account(): + form = AdminCreateAccountForm() + if request.method == 'POST' and form.validate(): + send_register_confirmation_mail(form.username.data, form.mail.data) + + flash(u'Mail versandt.', 'success') + return redirect(url_for('index')) + return {'form': form} + +@app.route('/admin/view_blacklist') +@app.route('/admin/view_blacklist/<start>') +@templated('admin_view_blacklist.html') +@admin_required +def admin_view_blacklist(start=''): + entries = app.username_blacklist + if start: + entries = [e for e in entries if e.startswith(start)] + + next_letters = set(e[len(start)] for e in entries if len(e) > len(start)) + + return { + 'entries': entries, + 'start': start, + 'next_letters': next_letters, + } + + + @app.errorhandler(403) @app.errorhandler(404) def errorhandler(e): @@ -290,7 +317,7 @@ def debug(): # we need the app to exist before initializing the forms from forms import RegisterForm, RegisterCompleteForm, LoginForm, SettingsForm,\ - LostPasswordForm + LostPasswordForm, AdminCreateAccountForm if __name__ == '__main__': @@ -31,6 +31,15 @@ class RegisterForm(Form): #TODO pass +class AdminCreateAccountForm(RegisterForm): + def validate_username(form, field): + try: + g.ldap.get_by_uid(field.data) + except NoSuchUserError: + return + else: + raise ValidationError(u'Dieser Benutzername ist schon vergeben') + class RegisterCompleteForm(Form): password = PasswordField('Passwort', [validators.Required(), diff --git a/templates/admin_create_account.html b/templates/admin_create_account.html new file mode 100644 index 0000000..744cbef --- /dev/null +++ b/templates/admin_create_account.html @@ -0,0 +1,19 @@ +{%- extends 'base.html' %} +{%- from '_macros.html' import render_field, render_submit, render_csrf %} +{%- set title = 'Account erstellen' %} +{%- block content %} +<p> + Hier kannst du einen Account erstellen, auch wenn der gewünschte + Benutzername in der Blacklist steht. +</p> +<p> + Der Benutzer bekommt eine Mail, mit der er sich dann ganz normal + ein Passwort setzen kann. +</p> +<form action="" method="post" class="form-horizontal"> + {{ render_field(form.username, autofocus="autofocus") }} + {{ render_field(form.mail) }} + {{ render_submit(value='Link verschicken')}} + {{ render_csrf(form) }} +</form> +{%- endblock %} diff --git a/templates/admin_index.html b/templates/admin_index.html new file mode 100644 index 0000000..6275bcc --- /dev/null +++ b/templates/admin_index.html @@ -0,0 +1,8 @@ +{%- extends 'base.html' %} +{%- set title = 'Admin-Interface' %} +{%- block content %} +<ul> + <li><a href="{{ url_for('admin_create_account') }}">Account erstellen</a></li> + <li><a href="{{ url_for('admin_view_blacklist') }}">Blacklist anzeigen</a></li> +</ul> +{%- endblock %} diff --git a/templates/admin_view_blacklist.html b/templates/admin_view_blacklist.html new file mode 100644 index 0000000..4f203f6 --- /dev/null +++ b/templates/admin_view_blacklist.html @@ -0,0 +1,19 @@ +{%- extends 'base.html' %} +{%- set title = 'Blacklist anzeigen' %} +{%- block content %} +<nav> + <ul> + {%- if start %} + <li><a href="{{ url_for('admin_view_blacklist') }}">Alle</a></li> + {%- endif %} + {%- for l in next_letters %} + <li><a href="{{ url_for('admin_view_blacklist', start=start+l) }}">{{ l }}</a></li> + {%- endfor %} + </ul> +</nav> +<ul> + {%- for e in entries %} + <li>{{ e }}</li> + {%- endfor %} +</ul> +{%- endblock %} diff --git a/templates/base.html b/templates/base.html index 4f2b22b..4123d7f 100644 --- a/templates/base.html +++ b/templates/base.html @@ -33,6 +33,9 @@ <ul> {%- if g.user %} <li>Angemeldet als <strong>{{ g.user.uid }}</strong></li> + {%- if g.user.uid in config.get('ADMIN_USERS', []) %} + <li><a href="{{ url_for('admin') }}">Admin</a></li> + {%- endif %} <li><a href="{{ url_for('logout') }}">Abmelden</a></li> {%- else %} <li>Nicht angemeldet</li> @@ -45,6 +45,16 @@ def login_required(f): return f(*args, **kwargs) return login_required_ +def admin_required(f): + @wraps(f) + def admin_required_(*args, **kwargs): + if not g.user: + raise Forbidden(u'Bitte einloggen!') + if g.user.uid not in current_app.config.get('ADMIN_USERS', []): + raise Forbidden(u'Du bist kein Admin.') + return f(*args, **kwargs) + return admin_required_ + def logout_required(f): @wraps(f) def logout_required_(*args, **kwargs): @@ -186,7 +196,19 @@ class Service(object): def __repr__(self): return '<Service %s>' % self.id + def ensure_utf8(s): if isinstance(s, unicode): s = s.encode('utf8') return s + + +def send_register_confirmation_mail(username, mail): + confirm_token = make_confirmation('register', (username, mail)) + confirm_link = url_for('register_complete', token=confirm_token, _external=True) + + body = render_template('mail/register.txt', username=username, + mail=mail, link=confirm_link) + + send_mail(mail, u'E-Mail-Adresse bestätigen', body, + sender=current_app.config.get('MAIL_CONFIRM_SENDER')) |