CPI Ordering System (the old version)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.

64 lines
2.1 KiB

''' helper functions for schemas '''
import colander
from pyramid.csrf import get_csrf_token, check_csrf_token
from ordr.models import User
@colander.deferred
def deferred_csrf_default(node, kw):
''' sets the current csrf token '''
request = kw.get('request')
return get_csrf_token(request)
@colander.deferred
def deferred_csrf_validator(node, kw):
''' validates a submitted csrf token '''
def validate_csrf(node, value):
request = kw.get('request')
if not check_csrf_token(request, raises=False):
raise colander.Invalid(node, 'Bad CSRF token')
return validate_csrf
@colander.deferred
def deferred_unique_username_validator(node, kw):
''' checks if an username is not registered already '''
def validate_unique_username(node, value):
request = kw.get('request')
user = request.dbsession.query(User).filter_by(username=value).first()
if user is not None:
raise colander.Invalid(node, 'User name already registered')
return validate_unique_username
@colander.deferred
def deferred_unique_email_validator(node, kw):
''' checks if an email is not registered already '''
email_validator = colander.Email()
def validate_unique_email(node, value):
email_validator(node, value) # raises exception on invalid address
request = kw.get('request')
user = request.dbsession.query(User).filter_by(email=value).first()
if user not in (None, request.context.model):
# allow existing email addresses if
# it belongs to the user that is currently edited
raise colander.Invalid(node, 'Email address in use')
return validate_unique_email
@colander.deferred
def deferred_password_validator(node, kw):
''' checks password confirmation for settings '''
def validate_password_confirmation(node, value):
request = kw.get('request')
if request.user is None or not request.user.check_password(value):
raise colander.Invalid(node, 'Wrong password')
return validate_password_confirmation