|
|
|
|
''' Resources (sub) package, used to connect URLs to views '''
|
|
|
|
|
|
|
|
|
|
import deform
|
|
|
|
|
|
|
|
|
|
from pyramid.security import Allow, Everyone, DENY_ALL
|
|
|
|
|
|
|
|
|
|
from ordr.models.account import Token, TokenSubject
|
|
|
|
|
from ordr.schemas.account import RegistrationSchema
|
|
|
|
|
|
|
|
|
|
from .helpers import BaseChildResource
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class RegistrationTokenResource(BaseChildResource):
|
|
|
|
|
''' Resource for vaildating a new registered user's email
|
|
|
|
|
|
|
|
|
|
:param pyramid.request.Request request: the current request object
|
|
|
|
|
:param str name: the name of the resource
|
|
|
|
|
:param parent: the parent resouce
|
|
|
|
|
'''
|
|
|
|
|
|
|
|
|
|
nav_active = 'registration'
|
|
|
|
|
|
|
|
|
|
def __acl__(self):
|
|
|
|
|
''' access controll list for the resource '''
|
|
|
|
|
return [(Allow, Everyone, 'view'), DENY_ALL]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class RegistrationResource(BaseChildResource):
|
|
|
|
|
''' The resource for new user registration
|
|
|
|
|
|
|
|
|
|
:param pyramid.request.Request request: the current request object
|
|
|
|
|
:param str name: the name of the resource
|
|
|
|
|
:param parent: the parent resouce
|
|
|
|
|
'''
|
|
|
|
|
|
|
|
|
|
nav_active = 'registration'
|
|
|
|
|
|
|
|
|
|
def __acl__(self):
|
|
|
|
|
''' access controll list for the resource '''
|
|
|
|
|
return [(Allow, Everyone, 'view'), DENY_ALL]
|
|
|
|
|
|
|
|
|
|
def __getitem__(self, key):
|
|
|
|
|
''' returns a resource for a valid registration token '''
|
|
|
|
|
token = Token.retrieve(self.request, key, TokenSubject.REGISTRATION)
|
|
|
|
|
if token is None:
|
|
|
|
|
raise KeyError(f'Token {key} not found')
|
|
|
|
|
return RegistrationTokenResource(name=key, parent=self, model=token)
|
|
|
|
|
|
|
|
|
|
def get_registration_form(self, **kwargs):
|
|
|
|
|
''' returns the registration form'''
|
|
|
|
|
settings = {
|
|
|
|
|
'buttons': (
|
|
|
|
|
deform.Button(name='create', title='Create Account'),
|
|
|
|
|
deform.Button(
|
|
|
|
|
title='Cancel',
|
|
|
|
|
type='link',
|
|
|
|
|
value=self.request.resource_url(self.request.root),
|
|
|
|
|
css_class='btn btn-outline-secondary'
|
|
|
|
|
)
|
|
|
|
|
),
|
|
|
|
|
}
|
|
|
|
|
settings.update(kwargs)
|
|
|
|
|
return self._prepare_form(RegistrationSchema, **settings)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class PasswordResetTokenResource(BaseChildResource):
|
|
|
|
|
''' Resource for the reset password link
|
|
|
|
|
|
|
|
|
|
:param pyramid.request.Request request: the current request object
|
|
|
|
|
:param str name: the name of the resource
|
|
|
|
|
:param parent: the parent resouce
|
|
|
|
|
'''
|
|
|
|
|
|
|
|
|
|
nav_active = None
|
|
|
|
|
|
|
|
|
|
def __acl__(self):
|
|
|
|
|
''' access controll list for the resource '''
|
|
|
|
|
return [(Allow, Everyone, 'view'), DENY_ALL]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class PasswordResetResource(BaseChildResource):
|
|
|
|
|
''' The resource for resetting a forgotten password
|
|
|
|
|
|
|
|
|
|
:param pyramid.request.Request request: the current request object
|
|
|
|
|
:param str name: the name of the resource
|
|
|
|
|
:param parent: the parent resouce
|
|
|
|
|
'''
|
|
|
|
|
|
|
|
|
|
nav_active = None
|
|
|
|
|
|
|
|
|
|
def __acl__(self):
|
|
|
|
|
''' access controll list for the resource '''
|
|
|
|
|
return [(Allow, Everyone, 'view'), DENY_ALL]
|
|
|
|
|
|
|
|
|
|
def __getitem__(self, key):
|
|
|
|
|
''' returns a resource for a valid reset password token '''
|
|
|
|
|
token = Token.retrieve(self.request, key, TokenSubject.RESET_PASSWORD)
|
|
|
|
|
if token is None:
|
|
|
|
|
raise KeyError(f'Token {key} not found')
|
|
|
|
|
return PasswordResetTokenResource(name=key, parent=self, model=token)
|
