From 1d30b6b9b4413313abe1dca3bf9d4e01cdbb7979 Mon Sep 17 00:00:00 2001 From: Donald Stufft Date: Sun, 21 Jul 2013 02:08:59 -0400 Subject: Use the is_active parameter to toggle users ability to submit --- store.py | 17 +++++++++++++++++ webui.py | 4 ++++ 2 files changed, 21 insertions(+) diff --git a/store.py b/store.py index 7c1b684..385a624 100644 --- a/store.py +++ b/store.py @@ -1653,6 +1653,23 @@ class Store: ) return otkv + def user_active(self, username): + """ + Determines if the user is active (allowed to login) + """ + cursor = self.get_cursor() + sql = "SELECT is_active FROM accounts_user WHERE username = %s" + safe_execute(cursor, sql, (username,)) + return cursor.fetchone()[0] + + def activate_user(self, username): + """ + Activates the given user + """ + cursor = self.get_cursor() + sql = "UPDATE accounts_user SET is_active = TRUE WHERE username = %s" + safe_execute(cursor, sql, (username,)) + _User = FastResultRow('name password email gpg_keyid last_login!') def get_user(self, name): ''' Retrieve info about the user from the database. diff --git a/webui.py b/webui.py index 1c3a305..055f085 100644 --- a/webui.py +++ b/webui.py @@ -625,6 +625,8 @@ class WebUI: raise Unauthorised if self.store.get_otk(self.username): raise Unauthorised, "Incomplete registration; check your email" + if not self.store.user_active(self.username): + raise Unauthorised("Inactive User") # handle the action if action in '''debug home browse rss index search submit doap @@ -2807,6 +2809,8 @@ class WebUI: return # OK, delete the key self.store.delete_otk(info['otk']) + user = self.store.get_user_by_otk(info['otk']) + self.store.activate_user(user["name"]) self.write_template('message.pt', title='Registration complete', message='You are now registered.', url='%s?:action=login' % self.url_path, -- cgit v1.2.1