|
|
|
''' helper functions for schemas '''
|
|
|
|
|
|
|
|
import colander
|
|
|
|
|
|
|
|
from pyramid.csrf import get_csrf_token, check_csrf_token
|
|
|
|
|
|
|
|
from ordr.models import User
|
|
|
|
|
|
|
|
|
|
|
|
@colander.deferred
|
|
|
|
def deferred_csrf_default(node, kw):
|
|
|
|
''' sets the current csrf token '''
|
|
|
|
request = kw.get('request')
|
|
|
|
return get_csrf_token(request)
|
|
|
|
|
|
|
|
|
|
|
|
@colander.deferred
|
|
|
|
def deferred_csrf_validator(node, kw):
|
|
|
|
''' validates a submitted csrf token '''
|
|
|
|
def validate_csrf(node, value):
|
|
|
|
request = kw.get('request')
|
|
|
|
if not check_csrf_token(request, raises=False):
|
|
|
|
raise colander.Invalid(node, 'Bad CSRF token')
|
|
|
|
return validate_csrf
|
|
|
|
|
|
|
|
|
|
|
|
@colander.deferred
|
|
|
|
def deferred_unique_username_validator(node, kw):
|
|
|
|
''' checks if an username is not registered already '''
|
|
|
|
|
|
|
|
def validate_unique_username(node, value):
|
|
|
|
request = kw.get('request')
|
|
|
|
user = request.dbsession.query(User).filter_by(username=value).first()
|
|
|
|
if user is not None:
|
|
|
|
raise colander.Invalid(node, 'User name already registered')
|
|
|
|
return validate_unique_username
|
|
|
|
|
|
|
|
|
|
|
|
@colander.deferred
|
|
|
|
def deferred_unique_email_validator(node, kw):
|
|
|
|
''' checks if an email is not registered already '''
|
|
|
|
email_validator = colander.Email()
|
|
|
|
|
|
|
|
def validate_unique_email(node, value):
|
|
|
|
email_validator(node, value) # raises exception on invalid address
|
|
|
|
request = kw.get('request')
|
|
|
|
user = request.dbsession.query(User).filter_by(email=value).first()
|
|
|
|
if user is not None:
|
|
|
|
if user != getattr(request.context, 'model', None):
|
|
|
|
# allow existing email addresses if
|
|
|
|
# it belongs to the user that is currently edited
|
|
|
|
raise colander.Invalid(node, 'Email address in use')
|
|
|
|
return validate_unique_email
|
|
|
|
|
|
|
|
|
|
|
|
@colander.deferred
|
|
|
|
def deferred_password_validator(node, kw):
|
|
|
|
''' checks password confirmation for settings '''
|
|
|
|
|
|
|
|
def validate_password_confirmation(node, value):
|
|
|
|
request = kw.get('request')
|
|
|
|
if request.user is None or not request.user.check_password(value):
|
|
|
|
raise colander.Invalid(node, 'Wrong password')
|
|
|
|
return validate_password_confirmation
|