"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "share/roundup/templates/classic/detectors/userauditor.py" between
roundup-1.6.1.tar.gz and roundup-2.0.0.tar.gz

About: Roundup is an highly customisable issue-tracking system with command-line, web and e-mail interfaces (written in Python).

userauditor.py  (roundup-1.6.1):userauditor.py  (roundup-2.0.0)
skipping to change at line 30 skipping to change at line 30
# #
import re import re
# regular expression thanks to: http://www.regular-expressions.info/email.html # regular expression thanks to: http://www.regular-expressions.info/email.html
# this is the "99.99% solution for syntax only". # this is the "99.99% solution for syntax only".
email_regexp = (r"[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+) *", r"(localhost|(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z 0-9]))") email_regexp = (r"[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+) *", r"(localhost|(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z 0-9]))")
email_rfc = re.compile('^' + email_regexp[0] + '@' + email_regexp[1] + '$', re.I GNORECASE) email_rfc = re.compile('^' + email_regexp[0] + '@' + email_regexp[1] + '$', re.I GNORECASE)
email_local = re.compile('^' + email_regexp[0] + '$', re.IGNORECASE) email_local = re.compile('^' + email_regexp[0] + '$', re.IGNORECASE)
valid_username = re.compile('^[a-z0-9_@!%.+-]+$', re.IGNORECASE)
def valid_address(address): def valid_address(address):
''' If we see an @-symbol in the address then check against the full ''' If we see an @-symbol in the address then check against the full
RFC syntax. Otherwise it is a local-only address so only check RFC syntax. Otherwise it is a local-only address so only check
the local part of the RFC syntax. the local part of the RFC syntax.
''' '''
if '@' in address: if '@' in address:
return email_rfc.match(address) return email_rfc.match(address)
else: else:
return email_local.match(address) return email_local.match(address)
def get_addresses(user): def get_addresses(user):
''' iterate over all known addresses in a newvalues dict ''' iterate over all known addresses in a newvalues dict
this takes of the address/alterate_addresses handling this takes of the address/alterate_addresses handling
''' '''
if user.has_key('address'): if 'address' in user:
yield user['address'] yield user['address']
if user.get('alternate_addresses', None): if user.get('alternate_addresses', None):
for address in user['alternate_addresses'].split('\n'): for address in user['alternate_addresses'].split('\n'):
yield address yield address
def audit_user_fields(db, cl, nodeid, newvalues): def audit_user_fields(db, cl, nodeid, newvalues):
''' Make sure user properties are valid. ''' Make sure user properties are valid.
- email address is syntactically valid - email address is syntactically valid
- email address is unique - email address is unique
- roles specified exist - roles specified exist
- timezone is valid - timezone is valid
- username matches A-z0-9_-.@!+% (email symbols)
''' '''
if 'username' in newvalues:
if not valid_username.match(newvalues['username']):
raise ValueError("Username/Login Name must consist only of the lette
rs a-z (any case), digits 0-9 and the symbols: @._-!+%")
for address in get_addresses(newvalues): for address in get_addresses(newvalues):
if not valid_address(address): if not valid_address(address):
raise ValueError, 'Email address syntax is invalid "%s"'%address raise ValueError('Email address syntax is invalid "%s"'%address)
check_main = db.user.stringFind(address=address) check_main = db.user.stringFind(address=address)
# make sure none of the alts are owned by anyone other than us (x!=nodei d) # make sure none of the alts are owned by anyone other than us (x!=nodei d)
check_alts = [x for x in db.user.filter(None, {'alternate_addresses' : a ddress}) if x != nodeid] check_alts = [x for x in db.user.filter(None, {'alternate_addresses' : a ddress}) if x != nodeid]
if check_main or check_alts: if check_main or check_alts:
raise ValueError, 'Email address %s already in use' % address raise ValueError('Email address %s already in use' % address)
newroles = newvalues.get('roles') newroles = newvalues.get('roles')
if newroles: if newroles:
for rolename in [r.lower().strip() for r in newroles.split(',')]: for rolename in [r.lower().strip() for r in newroles.split(',')]:
if rolename and not db.security.role.has_key(rolename): if rolename and rolename not in db.security.role:
raise ValueError, 'Role "%s" does not exist'%rolename raise ValueError('Role "%s" does not exist'%rolename)
tz = newvalues.get('timezone', None) tz = newvalues.get('timezone', None)
if tz: if tz:
# if they set a new timezone validate the timezone by attempting to # if they set a new timezone validate the timezone by attempting to
# use it before we store it to the db. # use it before we store it to the db.
import roundup.date import roundup.date
import datetime import datetime
try: try:
TZ = roundup.date.get_timezone(tz) TZ = roundup.date.get_timezone(tz)
dt = datetime.datetime.now() dt = datetime.datetime.now()
local = TZ.localize(dt).utctimetuple() local = TZ.localize(dt).utctimetuple()
except IOError: except IOError:
raise ValueError, 'Timezone "%s" does not exist' % tz raise ValueError('Timezone "%s" does not exist' % tz)
except ValueError: except ValueError:
raise ValueError, 'Timezone "%s" exceeds valid range [-23...23]' % t z raise ValueError('Timezone "%s" exceeds valid range [-23...23]' % tz )
def init(db): def init(db):
# fire before changes are made # fire before changes are made
db.user.audit('set', audit_user_fields) db.user.audit('set', audit_user_fields)
db.user.audit('create', audit_user_fields) db.user.audit('create', audit_user_fields)
# vim: sts=4 sw=4 et si # vim: sts=4 sw=4 et si
 End of changes. 9 change blocks. 
7 lines changed or deleted 15 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)