Mercurial > p > roundup > code
view website/issues/detectors/userauditor.py @ 4587:a2eb4fb3e6d8
New Chameleon templating engine, engine is now configurable.
We now have two configurable templating engines, the old Zope TAL
templates (called zopetal in the config) and the new Chameleon (called
chameleon in the config). A new config-option "template_engine" under
[main] can take these config-options, the default is zopetal.
Thanks to Cheer Xiao for the idea of making this configurable *and*
for the actual implementation!
Cheer Xiao commit log:
- The original TAL engine ported from Zope is thereafter referred to as
"zopetal", in speech and in code
- A new option "template_engine" under [main] introduced
- Zopetal-specific code stripped from cgi/templating.py to form the new
cgi/engine_zopetal.py
- Interface to Chameleon in cgi/engine_chameleon.py
- Engines are supposed to provide a Templates class that mimics the
behavior of the old cgi.templating.Templates. The Templates class is
preferably subclassed from cgi.templating.TemplatesBase.
- New function cgi.templating.get_templates to get the appropriate engine's
Templates instance according to the engine name
| author | Ralf Schlatterbeck <rsc@runtux.com> |
|---|---|
| date | Thu, 23 Feb 2012 18:10:03 +0100 |
| parents | c2d0d3e9099d |
| children | 4f25640b5521 |
line wrap: on
line source
import re # regular expression thanks to: http://www.regular-expressions.info/email.html # this is the "99.99% solution for syntax only". email_regexp = (r"[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*", r"(localhost|(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9]))") email_rfc = re.compile('^' + email_regexp[0] + '@' + email_regexp[1] + '$', re.IGNORECASE) email_local = re.compile('^' + email_regexp[0] + '$', re.IGNORECASE) def valid_address(address): ''' If we see an @-symbol in the address then check against the full RFC syntax. Otherwise it is a local-only address so only check the local part of the RFC syntax. ''' if '@' in address: return email_rfc.match(address) else: return email_local.match(address) def get_addresses(user): ''' iterate over all known addresses in a newvalues dict this takes of the address/alterate_addresses handling ''' if user.has_key('address'): yield user['address'] if user.get('alternate_addresses', None): for address in user['alternate_addresses'].split('\n'): yield address def audit_user_fields(db, cl, nodeid, newvalues): ''' Make sure user properties are valid. - email address is syntactically valid - email address is unique - roles specified exist - timezone is valid ''' for address in get_addresses(newvalues): if not valid_address(address): print newvalues raise ValueError, 'Email address syntax is invalid "%s"'%address check_main = db.user.stringFind(address=address) # make sure none of the alts are owned by anyone other than us (x!=nodeid) check_alts = [x for x in db.user.filter(None, {'alternate_addresses' : address}) if x != nodeid] if check_main or check_alts: raise ValueError, 'Email address %s already in use' % address for rolename in [r.lower().strip() for r in newvalues.get('roles', '').split(',')]: if rolename and not db.security.role.has_key(rolename): raise ValueError, 'Role "%s" does not exist'%rolename tz = newvalues.get('timezone', None) if tz: # if they set a new timezone validate the timezone by attempting to # use it before we store it to the db. import roundup.date import datetime try: TZ = roundup.date.get_timezone(tz) dt = datetime.datetime.now() local = TZ.localize(dt).utctimetuple() except IOError: raise ValueError, 'Timezone "%s" does not exist' % tz except ValueError: raise ValueError, 'Timezone "%s" exceeds valid range [-23...23]' % tz def init(db): # fire before changes are made db.user.audit('set', audit_user_fields) db.user.audit('create', audit_user_fields)