#!/usr/bin/env python """ This is the class usercontroller of the controller module of the Eventure Portal project. The interface is as specified in the SDD document http://wilma.vub.ac.be/~se4_2006/documents/SDD/sdd.pdf. @author: Eline Philips @since: 04-04-2006 @date: 21-05-2006 """ __version__ = "@version: 0.13 " # Import the CGI module. import cgi import cgitb; cgitb.enable() # Imports. import os import sys sys.path.insert(1, os.path.split(os.getcwd())[0]) # Imports needed for randomizing. import random # Import other python files. from config import configuration from controllers import controller from controllers import emailclass from controllers import objectfiller from controllers import viewcontainer from database import database from database import dataclass from database import fields from errorhandlers import exceptions from models import account from models import address from models import mydate from models import message from models import preferences from models import profile from models import keyword from models import keywordlist from models import transformer from models import user from models import useraccount from models import userdetail from views import exception from wepy import * # This class is derived from the class Controller class UserController(controller.Controller): """ Class usercontroller: this class handles all the user-related requests. This class is derived from the class Controller. """ def __init__(self): """ This method initialises the datamembers. The action table is a dictionary which contains (operation_name, action) pairs. The other datamembers are also initialised. """ self.setActionTable({"subscribe" : self.subscribe, "login" : self.login, "logout" : self.logout, "edit_user" : self.editUser, "lost_password" : self.lostPassword, "lost_password_form" : self.getLostPasswordForm, "change_password" : self.changePassword, "change_password_form" : self.getChangePasswordForm, "unsubscribe" : self.unsubscribe, "unsubscribe_form" : self.getUnsubscribeForm, "find_user" : self.findUser, "find_user_form" : self.getFindUserForm, "send_message" : self.sendMessage, "send_message_form" : self.getSendMessageForm, "login_form" : self.getLoginForm, "receive_messages" : self.getMessages, "get_outbox" : self.getOutbox, "get_message" : self.getMessage, "delete_message" : self.deleteMessage, "add_keyword" : self.addKeyword, "delete_keyword" : self.deleteKeyword, "user_keyword_form" : self.getKeywordForm, "my_user" : self.getUser, "get_delete_user_form" : self.getDeleteUserForm, "delete_user" : self.deleteUser, "add_pending_permission" : self.addPendingPermission, "subscribe_form" : self.getSubscribeForm, "edit_user_form" : self.getEditUserForm}) self.setDatabase(database.Database()) self.setTransformer(transformer.Transformer()) self.setCgi(cgi.FieldStorage()) self.setObjectFiller(objectfiller.ObjectFiller()) self.setEMail(emailclass.EMail()) self.setConfig(self.getDatabase().getConfig()) self.__container_ = viewcontainer.ViewContainer() # Generate random password. def generatePassword(self, number): """ This function generates a random string of length equal to the parameter "number". @param number: the length of the string @type number: int @return: password """ characters= ["0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "u", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z"] password = "" nr = 0 while nr < number: password += random.choice(characters) nr += 1 return password # Check if dict has all keys. def hasKeys(self, dict, *keys): """ This method is the "has_key()" operation of the dictionary for multiple keys. @param dict: the dictionary @type dict: python dictionary datastructure @param keys: number of keys @type key: string @return: boolean true if the dictionary contains all the keys, false otherwise """ for key in keys: if not key in dict: return 0 return 1 # Transform form (cgi) in dictionary. # It is impossible to add extra fields to the form # (retrieved from cgi). This is possible for # dictionaries. def formToDict(self, form): """ This method transforms a form into a python dictionary. @param form: the form which must be transformed @type form: a form datastructure @return: a dictionary """ dict = {} for entry in form: dict[entry] = cgi.escape(form[entry].value, True) return dict # Perform selects the right operation from the action_table # and runs that operation. def perform(self): """ This method forms the hart of the controller. It retrieves the right action from the action table and performs it. """ # Initialise variable. dict = self.formToDict(self.getCgi()) # Check whether the operation is legal. if(self.hasKeys(dict, "operation")) : self.addToContainer(self.getConfig()) self.getActionTable().get(dict\ ["operation"], self.error)() else: if SESSION['username']: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception("HOME", "HOME")) self.generatePage() # Error. def error(self): """ This method is called whenever something goes wrong in the perform method. """ self.addToContainer(exception.Exception("Error", "ERROR")) self.generatePage() # The get all keywords operation. def getAllKeywords(self): """ This method is called whenever all keywords must be given to the viewcontainer. This method calls the "getAllKeywords()" method of the database, which returns the keywords. @return: keywords @raise: GeneralException """ # Initialise variable. database = self.getDatabase() try: keywords = database.getAllKeywords() return keywords except exceptions.GeneralException, e: raise e # The subscribe operation. def subscribe(self): """ This method performs the subscribe action. This method is called by the perform method, whenever the operation is "subscribe". @except: UsernameException whenever the username is already used. @except: FieldException when the number of characters of a field is exceeded """ # Initialisation of some variables. form = self.getCgi() filler = self.getObjectFiller() database = self.getDatabase() e_mail = self.getEMail() config = self.getConfig() dict = self.formToDict(form) # Generate password. password = self.generatePassword(8) # Check whether username exists. if (self.hasKeys(dict, "username") and database.usernameExists(dict["username"])): excep = exceptions.UsernameException(\ "This username already exists.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() sys.exit(0); if len(dict["username"]) >= fields.g_username: excep = exceptions.FieldException("A username cannot exceed "\ + `fields.g_username` + " characters.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() else: # Create empty objects. the_address = address.Address() the_date = mydate.Date() the_detail = userdetail.UserDetail() the_profile = profile.Profile() the_account = useraccount.UserAccount() old_user = user.User() # The permission of the user is initially euqal to "member". old_user.setUserPermission("member") # Initialise the account with the password. the_account.setUserAccountPassword(password) try: new_user = filler.setUser(dict, the_address, the_date, the_detail, the_profile, the_account, old_user) # Add the user to the database. database.addUser(new_user) # Send the password by e-mail to the user. new_account = new_user.getUserAccount() e_mail.setEMailHost(config.getSmtpHost()) e_mail.setEMailFrom(config.getEMail()) e_mail.setEMailTo(new_account.getAccountEMail()) e_mail.setEMailSubject("eVenture: password") message = "Hey " message += dict["username"] message += ", \n Thanks for subscribing to our website! \n Your password is: " message += password e_mail.setEMailBody(message) e_mail.send() # View. self.addToContainer(new_user) self.generatePage() except exceptions.RequiredFieldsException, e: self.addToContainer(exception.Exception(e.value)) self.generatePage() except exceptions.FieldException, e: self.addToContainer(exception.Exception(e.value)) self.generatePage() # The get subscribe form operation. def getSubscribeForm(self): """ This method is called by the perform method, whenever the operation is "subscribe_form". """ self.setContainerOperation("subscribe_form") self.setContainerEdit("yes") self.addToContainer(exception.Exception("", "")) self.generatePage() # The login operation. def login(self): """ This method performs the login action. This method is called by the perform method, whenever the operation is "login". @except: UsernameException whenever the username doesn't exist @except: PasswordException when the given password isn't correct """ # Initialise some variables. form = self.getCgi() dict = self.formToDict(form) database = self.getDatabase() # Check whether the username and password are filled in. if not(self.hasKeys(dict, "username") and self.hasKeys(dict, "password")): excep = exceptions.RequiredFieldsException(\ "Not all the required fields are filled in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() else: # Initialise some variables. the_username = dict["username"] the_password = dict["password"] try: # Check the user and the password. database.checkUserPass(the_username, the_password) # Check whether there's no session running. if SESSION['username']: text = "You can't log in, because " + SESSION['username'] \ + ' is still logged in.' self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(text)) self.generatePage() else: # Initialize session. SESSION.initialize() PAGE.start() SESSION['username'] = the_username SESSION['level'] = database.getPermission(the_username) # View. self.setContainerEdit("yes") self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception("You are logged in.")) self.generatePage() except exceptions.UsernameException, e: self.addToContainer(exception.Exception(e.value)) self.generatePage() except exceptions.PasswordException, e: self.addToContainer(exception.Exception(e.value)) self.generatePage() # The get login form operation. def getLoginForm(self): """ This method is called by the perform method, whenever the operation is "login_form". """ self.setContainerOperation("login_form") self.setContainerEdit("yes") self.addToContainer(exception.Exception("", "")) self.generatePage() # The logout operation. def logout(self): """ This method performs the logout action. This method is called by the perform method, whenever the operation is "logout". @except: FileException whenever the file doesn't exist """ # Check whether user is logged in. if SESSION['username']: try: SESSION.destroy() self.addToContainer(exception.Exception("You are logged out.")) self.generatePage() except exceptions.FileException, e: self.addToContainer(exception.Exception(e.value)) self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.generatePage() else: excep = exceptions.NotLoggedInException("You can't logout \ because you are not logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The unsubscribe operation. def unsubscribe(self): """ This method performs the unsubscribe action. This method is called by the perform method, whenever the operation is "unsubscribe". """ # Initialise variable. database = self.getDatabase() # Check whether user is logged in. if SESSION['username']: database.deleteUser(SESSION['username']) SESSION.destroy() self.addToContainer(exception.Exception("You are unsubscribed.")) self.generatePage() else: excep = exceptions.NotLoggedInException("You can't unsubscribe \ because you are not logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The get unsubscribe form. def getUnsubscribeForm(self): """ This method performs the get unsubscribe form action. This method is called by the perform method, whenever the operation is "unsubscribe_form". """ # Initialise variable. database = self.getDatabase() # Check whether user is logged in. if SESSION['username']: self.setContainerEdit("yes") self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.setContainerOperation("unsubscribe_form") self.addToContainer(exception.Exception("", "")) self.generatePage() else: excep = exceptions.NotLoggedInException("You can't unsubscribe \ because you are not logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The edit user operation. def editUser(self): """ This method performs the edit user action. This method is called by the perform method, whenever the operation is "edit_user". @except: RequiredFieldsException whenever not all the required fields are filled in @except: GeneralException when an exception is thrown in the database @except: FieldException when the number of characters of a field is exceeded """ form = self.getCgi() database = self.getDatabase() filler = self.getObjectFiller() dict = self.formToDict(form) # Check whether user is logged in. if SESSION['username']: try: # Fill in the username (this is a required field for # the set user operation of the object filler). dict["username"] = SESSION['username'] # The old user data (retrieved from the database). old_user = database.getUser(SESSION['username']) old_account = old_user.getUserAccount() old_profile = old_user.getUserProfile() old_detail = old_profile.getProfileDetail() old_date = old_detail.getUserDetailDateOfBirth() old_address = old_detail.getDetailAddress() new_user = filler.setUser(dict, old_detail.getDetailAddress(), old_date, old_detail, old_profile, old_account, old_user) # Change in the database new_account = new_user.getUserAccount() new_profile = new_user.getUserProfile() new_detail = new_profile.getProfileDetail() database.setUserAccount(new_account) database.setUserDetail(SESSION['username'], new_detail) database.setUserAddress(SESSION['username'], new_detail.getDetailAddress()) self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(new_user) self.generatePage() except exceptions.RequiredFieldsException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() except exceptions.GeneralException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() except exceptions.FieldException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() else: excep = exceptions.NotLoggedInException("You can't change your \ profile because you are not logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The get edit user form operation. def getEditUserForm(self): """ This method performs the get edit user form action. This method is called by the perform method, whenever the operation is "edit_user_form". @except: GeneralException whenever an exception is thrown in the database """ # Initialise variable. database = self.getDatabase() # Check whether user is logged in. if SESSION['username']: try: old_user = database.getUser(SESSION['username']) self.setContainerEdit("yes") self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(old_user) self.generatePage() except exceptions.GeneralException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() else: excep = exceptions.NotLoggedInException("You can't change your \ profile because you are not logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The get keyword form. def getKeywordForm(self): """ This method performs the get keyword form action. This method is called by the perform method, whenever the operation is "user_keyword_form". @except: GeneralException whenever an exception is thrown in the database """ # Initialise variable. database = self.getDatabase() if SESSION['username']: try: keywords = self.getAllKeywords() old_profile = database.getUserProfile(SESSION['username']) prefs = preferences.Preferences(keywords) self.setContainerEdit("yes") self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.setContainerOperation("user_keyword_form") self.addToContainer(prefs) self.addToContainer(old_profile) self.generatePage() except exceptions.GeneralException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() else: excep = exceptions.NotLoggedInException("You can't edit \ your keywords because you are not logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The add keyword operation. def addKeyword(self): """ This method performs the add keyword action. This method is called by the perform method, whenever the operation is "add_keyword". @except: UsernameException whenever an exception is thrown in the database @except: GeneralException whenever an exception is thrown in the database """ # Initialise variables. database = self.getDatabase() form = self.getCgi() filler = self.getObjectFiller() dict = self.formToDict(form) # Check whether user is logged in. if SESSION['username']: try: # Check whether the dictionary contains the key "keyword". # This is a necessary field of the cgi form. if self.hasKeys(dict, "keyword"): try: new_keyword = keyword.Keyword(dict["keyword"]) database.addUserPreference(SESSION['username'], new_keyword) self.getKeywordForm() except exceptions.UsernameException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() else: excep = exceptions.RequiredFieldsException(\ "Not all the required fields are filled in.") self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(excep.value)) self.generatePage() except exceptions.GeneralException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() else: excep = exceptions.NotLoggedInException(\ "You can't add keywords because you're not logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The delete keyword operation. def deleteKeyword(self): """ This method performs the delete keyword action. This method is called by the perform method, whenever the operation is "delete_keyword". @except: GeneralException whenever an exception is thrown in the database """ # Initialise variables. database = self.getDatabase() form = self.getCgi() filler = self.getObjectFiller() dict = self.formToDict(form) # Check whether user is logged in. if SESSION['username']: try: if self.hasKeys(dict, "keyword"): try: new_keyword = keyword.Keyword(dict["keyword"]) database.deleteUserPreference(SESSION['username'], new_keyword) self.getKeywordForm() except exceptions.GeneralException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() else: excep = exceptions.RequiredFieldsException(\ "Not all the required fields are filled in.") self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(excep.value)) self.generatePage() except exceptions.GeneralException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() else: excep = exceptions.NotLoggedInException(\ "You can't delete keywords because you're not logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The get user operation. def getUser(self): """ This method performs the get user action. This method is called by the perform method, whenever the operation is "my_user". @except: UsernameException whenever the username isn't correct """ # Initialise variable. database = self.getDatabase() # Check whether user is logged in. if SESSION['username']: try: new_user = database.getUser(SESSION['username']) self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(new_user) self.generatePage() except exceptions.UsernameException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() else: excep = exceptions.NotLoggedInException("You can't change your \ profile because you are not logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The lost password operation. def lostPassword(self): """ This method performs the lost password action. This method is called by the perform method, whenever the operation is "lost_password". """ # Initialise variables. form = self.getCgi() database = self.getDatabase() filler = self.getObjectFiller() e_mail = self.getEMail() dict = self.formToDict(form) config = self.getConfig() # Generate password. password = self.generatePassword(8) # Check whether the username field is filled in # and whether this username exists. if (self.hasKeys(dict, "username") and \ database.usernameExists(dict["username"])): # Change the password in the database. database.setPassword(dict["username"], password) new_account = database.getUserAccount(dict["username"]) # Send the new password by e-mail to the user. e_mail.setEMailHost(config.getSmtpHost()) e_mail.setEMailFrom(config.getEMail()) e_mail.setEMailTo(new_account.getAccountEMail()) e_mail.setEMailSubject("eVenture: new password") message = "Hey " message += dict["username"] message += ", \n Your new password is: " message += password e_mail.setEMailBody(message) e_mail.send() # View. self.addToContainer(exception.Exception("Your new password will be \ send by e-mail.")) self.generatePage() else: excep = exceptions.UsernameException(\ "This username doesn't exist.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The get lost password form. def getLostPasswordForm(self): """ This method performs the get change password form. This method is called by the perform method, whenever the operation is "lost_password_form". """ self.setContainerOperation("lost_password_form") self.setContainerEdit("yes") if SESSION['username']: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception("", "")) self.generatePage() # The change password operation. def changePassword(self): """ This method performs the change password action. This method is called by the perform method, whenever the operation is "change_password". @except: RequiredFieldsException whenever not all the required fields are filled in @except: PasswordException whenever the old password isn't correct """ # Initialise variables. form = self.getCgi() database = self.getDatabase() filler = self.getObjectFiller() dict = self.formToDict(form) # Check whether user is logged in. if SESSION['username']: old_account = database.getUserAccount(SESSION['username']) # Fill in the username (this is a required field for # the set account operation of the object filler). dict["username"] = SESSION['username'] try: new_account = filler.setPassword(dict, old_account) database.setPassword(SESSION['username'], \ new_account.getUserAccountPassword()) self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(\ "Your password is changed.")) self.generatePage() except exceptions.RequiredFieldsException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() except exceptions.PasswordException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() else: excep = exceptions.NotLoggedInException(\ "You can't change your password because you are not logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The get change password form operation. def getChangePasswordForm(self): """ This method performs the get change password form. This method is called by the perform method, whenever the operation is "change_password_form". """ # Check whether user is logged in. if SESSION['username']: self.setContainerOperation("change_password_form") self.setContainerEdit("yes") self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception()) self.generatePage() else: excep = exceptions.NotLoggedInException(\ "You can't change your password because you aren't logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The send message operation. def sendMessage(self): """ This method performs the send message action. This method is called by the perform method, whenever the operation is "send_message". @except: UsernamException when a user wants to send a message to him/herself @except: RequiredFieldsException whenever not all the required fields are filled in @except: FieldException when the number of characters of a field is exceeded """ # Initialise variables. form = self.getCgi() filler = self.getObjectFiller() dict = self.formToDict(form) database = self.getDatabase() # Check whether the user is logged in. if SESSION['username']: old_message = message.Message() # Fill in the from (this is a required field for # the set message operation of the object filler). dict["from"] = SESSION['username'] # Check whether the username exists. if self.hasKeys(dict, "to") and database.usernameExists(dict["to"]): try: new_message = filler.setMessage(dict, old_message) database.addMessage(SESSION['username'], new_message) self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(\ "Your message has been sent.")) self.generatePage() except exceptions.RequiredFieldsException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() except exceptions.UsernameException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() except exceptions.FieldException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() else: excep = exceptions.UsernameException(\ "This username doesn't exist.") self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(excep.value)) self.generatePage() else: excep = exceptions.NotLoggedInException(\ "You can't send a message because you are not logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The get send message form operation. def getSendMessageForm(self): """ This method performs the get send message form action. This method is called by the perform method, whenever the operation is "send_message_form". """ # Check whether user is logged in. if SESSION['username']: self.setContainerOperation("send_message_form") self.setContainerEdit("yes") self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception()) self.generatePage() else: excep = exceptions.NotLoggedInException(\ "You can't send a message because you aren't logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The get messages operation. def getMessages(self): """ This method performs the get messages (inbox) action. This method is called by the perform method, whenever the operation is "receive_messages". @except: GeneralException when an exception is thrown in the database """ # Initialise variable database = self.getDatabase() # Check whether user is logged in. if SESSION['username']: try: messages = database.getReceivedMessages(SESSION['username']) self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.setContainerOperation("inbox") self.addToContainer(messages) self.generatePage() except exceptions.GeneralException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() else: excep = exceptions.NotLoggedInException(\ "You can't see your inbox because you are not logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The delete message operation. def deleteMessage(self): """ This method performs the delete message action. This method is called by the perform method, whenever the operation is "delete_message". @except: GeneralException when an exception is thrown in the database """ # Initialise variables. database = self.getDatabase() form = self.getCgi() dict = self.formToDict(form) filler = self.getObjectFiller() # Check whether user is logged in. if SESSION['username']: try: new_message = filler.getMessage(dict, message.Message()) database.deleteMessage(SESSION['username'], new_message) self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(\ "This message is deleted.")) self.generatePage() except exceptions.GeneralException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() else: excep = exceptions.NotLoggedInException(\ "You can't delete the message because you are not logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The get outbox operation. def getOutbox(self): """ This method performs the get outbox action. This emthod is called by the perform method, whenever the operation is "get_outbox". @except: GeneralException when an exception is thrown in the database """ # Initialise variable. database = self.getDatabase() # Check whether user is logged in. if SESSION['username']: try: messages = database.getSentMessages(SESSION['username']) self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.setContainerOperation("outbox") self.addToContainer(messages) self.generatePage() except exceptions.GeneralException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() else: excep = exceptions.NotLoggedInException(\ "You can't see your inbox because you are not logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The get message operation. def getMessage(self): """ This method performs the get message action. This method is called by the perform method, whenever the operation is "get_message". @except: GeneralException when an exception is thrown in the database """ # Initialise variables. form = self.getCgi() filler = self.getObjectFiller() dict = self.formToDict(form) database = self.getDatabase() # Check whether user is logged in. if SESSION['username']: try: new_message = filler.getMessage(dict, message.Message()) # When the message is one of the onbox and the status # (of the receiver) is "new", the status must change. # This isn't necessary for messages of the outbox, # because the senderStatus is initialised with "read". if dict["status"] == "new" and dict["kind"] == "inbox": database.readMessage(new_message) new_message.setMessageReceiverStatus("read") self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(new_message) self.generatePage() except exceptions.GeneralException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() else: excep = exceptions.NotLoggedInException(\ "You can't see your message because you are not logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The find user operation. def findUser(self): """ This method performs the find user action. This method is called by the perform method, whenever the operation is "find_user". @except: UsernameException when the username doesn't exist """ # Initialise variables. form = self.getCgi() dict = self.formToDict(form) database = self.getDatabase() # Check whether user is logged in. if SESSION['username']: # Check whether the "username" fiels is filled in; # this is a required field for this action. if self.hasKeys(dict, "username"): try: new_user = database.getUser(dict["username"]) self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(new_user) self.generatePage() except exceptions.UsernameException, e: self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(e.value)) self.generatePage() else: excep = exceptions.RequiredFieldsException(\ "Not all the required fields are filled in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() else: excep = exceptions.NotLoggedInException(\ "You can't find other users because you are not logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The delete user form. def getDeleteUserForm(self): """ This method performs the get delete user form action. This method is called by the perform method, whenever the operation is "get_delete_user_form". """ # Initialise variables. form = self.getCgi() dict = self.formToDict(form) level = SESSION['level'] # Check whether user is logged in. if SESSION['username']: # Check whether the user has the right permission. if (level == "moderator" or level == "administrator"): self.setContainerOperation("delete_user_form") self.setContainerEdit("yes") self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception("", "")) self.generatePage() else: excep = exceptions.PermissionException("You don't have the \ permission to delete a user.") self.addToContainer(exception.Exception(excep.value)) self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.generatePage() else: excep = exceptions.NotLoggedInException(\ "You can't delete users because you aren't logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The delete user operation. def deleteUser(self): """ This method performs the delete user action. This method is called by the perform method, whenever the operation is "delete_user". """ # Initialise variables. form = self.getCgi() database = self.getDatabase() dict = self.formToDict(form) level = SESSION['level'] # Check whether user is logged in. if SESSION['username']: # Check whether user has the right permission. if (level == "moderator" or level == "administrator"): # Check whether all the required fields are filled in. if self.hasKeys(dict, "username"): # You can't delete yourself. if dict["username"] == SESSION['username']: excep = exceptions.GeneralException("You can't delete\ yourself.") self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(excep.value)) self.generatePage() else: database.deleteUser(dict["username"]) self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception("The user is \ deleted.")) self.generatePage() else: excep = exceptions.RequiredFieldsException("Not all the\ required fields are filled in.") self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(excep.value)) self.generatePage() else: excep = exceptions.PermissionException("You don't have the \ permission to delete a user.") self.addToContainer(exception.Exception(excep.value)) self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.generatePage() else: excep = exceptions.NotLoggedInException(\ "You can't delete users because you aren't logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The add pending permission operation. def addPendingPermission(self): """ This method performs the add pending permission action. This method is called by the perform method, whenever the operation is "add_pending_permission". """ # Initialise variables. form = self.getCgi() database = self.getDatabase() dict = self.formToDict(form) level = SESSION['level'] # Check whether user is logged in. if SESSION['username']: # Check whether all the required fields are filled in. if self.hasKeys(dict, "username", "permission"): database.addPendingPermission(dict["username"], dict["permission"]) self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception("Your request \ will be processed.")) self.generatePage() else: excep = exceptions.RequiredFieldsException("Not all the\ required fields are filled in.") self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception(excep.value)) self.generatePage() else: excep = exceptions.NotLoggedInException("You can't ask to \ change your permission because you aren't logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # The get find user form. def getFindUserForm(self): """ This method performs the get find user form action. This method is called by the perform method, whenever the operation is "find_user_form". """ # Check whether user is logged in. if SESSION['username']: self.setContainerOperation("find_user_form") self.setContainerEdit("yes") self.setContainerLogin("yes") self.setContainerLevel(SESSION['level']) self.addToContainer(exception.Exception("", "")) self.generatePage() else: excep = exceptions.NotLoggedInException(\ "You can't search for users because you aren't logged in.") self.addToContainer(exception.Exception(excep.value)) self.generatePage() # Initialise new usercontroller object # and call the perform action. user_controller = UserController() user_controller.perform()