How to use the taguette.validate.user_login function in taguette

To help you get started, we’ve selected a few taguette examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github remram44 / taguette / taguette / web / api.py View on Github external
if not privileges.can_edit_members():
            self.set_status(403)
            return self.send_json({'error': "Unauthorized"})

        # Get all members
        members = (
            self.db.query(database.ProjectMember)
            .filter(database.ProjectMember.project_id == project.id)
        ).all()
        members = {member.user_login: member for member in members}

        # Go over the JSON patch and update
        obj = self.get_json()
        commands = []
        for login, user in obj.items():
            login = validate.user_login(login)
            if login == self.current_user:
                logger.warning("User tried to change own privileges")
                continue
            if not user and login in members:
                self.db.delete(members[login])
                cmd = database.Command.member_remove(
                    self.current_user, project.id,
                    login,
                )
                self.db.add(cmd)
                commands.append(cmd)
            else:
                try:
                    privileges = database.Privileges[user['privileges']]
                except KeyError:
                    self.set_status(400)
github remram44 / taguette / taguette / web / views.py View on Github external
def post(self):
        if not self.application.config['MULTIUSER']:
            raise HTTPError(404)
        login = self.get_body_argument('login')
        try:
            login = validate.user_login(login)
        except validate.InvalidFormat:
            logger.info("Login: invalid login")
        else:
            password = self.get_body_argument('password')
            user = self.db.query(database.User).get(login)
            if user is None:
                logger.info("Login: non-existent user")
            elif not user.check_password(password):
                logger.info("Login: invalid password for %r", user.login)
            else:
                self.login(user.login)
                return self._go_to_next()

        return self.render(
            'login.html', register=False,
            next=self.get_argument('next', ''),
github remram44 / taguette / taguette / migrations / versions / bce44849c2f2_lowercase_logins.py View on Github external
op.execute('UPDATE users SET login = lower(login);')
    # Should update via the cascade:
    # op.execute('UPDATE project_members SET user_login = lower(user_login);')
    # op.execute('UPDATE commands SET user_login = lower(user_login);')

    # Check that logins pass new validation requirements
    bind = op.get_bind()
    session = Session(bind=bind)
    logins = session.execute('''\
        SELECT login FROM users;
    ''')
    error = False
    for row in logins:
        login, = row
        try:
            changed = validate.user_login(login)
        except validate.InvalidFormat:
            error = True
            print("User login %r does not abide to new restrictions" % login,
                  file=sys.stderr)
        else:
            if changed != login:
                raise ValueError("Login %r is still not canonical after "
                                 "migration, please report this bug!" % login)
    if error:
        raise ValueError("Some user logins do not pass validation")
    session.close()
github remram44 / taguette / taguette / web / api.py View on Github external
def post(self):
        if not self.application.config['MULTIUSER']:
            raise HTTPError(404)
        login = self.get_json()['login']
        try:
            login = validate.user_login(login)
        except validate.InvalidFormat:
            pass
        else:
            user = self.db.query(database.User).get(login)
            if user is not None:
                return self.send_json({'exists': True})
        return self.send_json({'exists': False})
github remram44 / taguette / taguette / web / views.py View on Github external
def post(self):
        if not self.application.config['MULTIUSER']:
            raise HTTPError(404)
        if not self.application.config['REGISTRATION_ENABLED']:
            raise HTTPError(403)
        try:
            login = self.get_body_argument('login')
            password1 = self.get_body_argument('password1')
            password2 = self.get_body_argument('password2')
            login = validate.user_login(login)
            validate.user_password(password1)
            email = self.get_body_argument('email', '')
            if email:
                validate.user_email(email)
            if password1 != password2:
                raise validate.InvalidFormat(_f("Passwords do not match"))
            if self.db.query(database.User).get(login) is not None:
                raise validate.InvalidFormat(_f("User name is taken"))
            if (email and
                    self.db.query(database.User)
                    .filter(database.User.email == email).count() > 0):
                raise validate.InvalidFormat(_f("Email address is already "
                                                "used"))
            user = database.User(login=login)
            user.set_password(password1)
            if email: