''' helper functions for schemas ''' import colander from pyramid.csrf import get_csrf_token, check_csrf_token from ordr.models import User @colander.deferred def deferred_csrf_default(node, kw): ''' sets the current csrf token ''' request = kw.get('request') return get_csrf_token(request) @colander.deferred def deferred_csrf_validator(node, kw): ''' validates a submitted csrf token ''' def validate_csrf(node, value): request = kw.get('request') if not check_csrf_token(request, raises=False): raise colander.Invalid(node, 'Bad CSRF token') return validate_csrf @colander.deferred def deferred_unique_username_validator(node, kw): ''' checks if an username is not registered already ''' def validate_unique_username(node, value): request = kw.get('request') user = request.dbsession.query(User).filter_by(username=value).first() if user is not None: raise colander.Invalid(node, 'User name already registered') return validate_unique_username @colander.deferred def deferred_unique_email_validator(node, kw): ''' checks if an email is not registered already ''' email_validator = colander.Email() def validate_unique_email(node, value): email_validator(node, value) # raises exception on invalid address request = kw.get('request') user = request.dbsession.query(User).filter_by(email=value).first() if user not in (None, request.context.model): # allow existing email addresses if # it belongs to the user that is currently edited raise colander.Invalid(node, 'Email address in use') return validate_unique_email @colander.deferred def deferred_password_validator(node, kw): ''' checks password confirmation for settings ''' def validate_password_confirmation(node, value): request = kw.get('request') if request.user is None or not request.user.check_password(value): raise colander.Invalid(node, 'Wrong password') return validate_password_confirmation