added a /weave-delete-account page so the full server is 100% standalone
authorTarek Ziade <tarek@ziade.org>
Fri, 10 Dec 2010 10:58:22 +0100
changeset 434 fcf462caf0cf4fe5ccdb87ceab942eecd9e941d5
parent 433 36c7b4005bbb3ba3a950a5e8f744ff466675301e
child 435 1f64a96fe1932965d718db85457f4740f2c8e0a8
push id29
push usertziade@mozilla.com
push dateFri, 10 Dec 2010 09:58:50 +0000
added a /weave-delete-account page so the full server is 100% standalone
MANIFEST.in
setup.py
syncserver/__init__.py
syncserver/controllers.py
syncserver/templates/base.mako
syncserver/templates/delete_account.mako
--- a/MANIFEST.in
+++ b/MANIFEST.in
@@ -1,2 +1,3 @@
 include *.cfg *.ini *.wsgi *.sh
 recursive-include etc *.conf
+recursice-include syncserver/templates *.mako
--- a/setup.py
+++ b/setup.py
@@ -41,9 +41,10 @@ entry_points = """
 [paste.app_factory]
 main = syncserver:make_app
 
 [paste.app_install]
 main = paste.script.appinstall:Installer
 """
 
 setup(name='SyncServer', version=0.1, packages=['syncserver'],
-      install_requires=install_requires, entry_points=entry_points)
+      install_requires=install_requires, entry_points=entry_points
+      package_data={'servereg': ['templates/*.mako']})
--- a/syncserver/__init__.py
+++ b/syncserver/__init__.py
@@ -32,19 +32,25 @@
 # the provisions above, a recipient may use your version of this file under
 # the terms of any one of the MPL, the GPL or the LGPL.
 #
 # ***** END LICENSE BLOCK *****
 """
 Application entry point.
 """
 from services.baseapp import set_app
+from syncserver.controllers import MainController
 
 # XXX alternatively we should use Paste composite feature here
 from syncreg.wsgiapp import urls as reg_urls, controllers as reg_controllers
 from syncstorage.wsgiapp import (StorageServerApp,
                                  controllers as storage_controllers,
                                  urls as storage_urls)
 
-urls = reg_urls + storage_urls
+
+urls = [('GET', '/weave-delete-account', 'main', 'delete_account_form'),
+        ('POST', '/weave-delete-account', 'main', 'do_delete_account')]
+
+urls = urls + reg_urls + storage_urls
 reg_controllers.update(storage_controllers)
+reg_controllers['main'] = MainController
 
 make_app = set_app(urls, reg_controllers, klass=StorageServerApp)
new file mode 100644
--- /dev/null
+++ b/syncserver/controllers.py
@@ -0,0 +1,90 @@
+# ***** BEGIN LICENSE BLOCK *****
+# Version: MPL 1.1/GPL 2.0/LGPL 2.1
+#
+# The contents of this file are subject to the Mozilla Public License Version
+# 1.1 (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+# http://www.mozilla.org/MPL/
+#
+# Software distributed under the License is distributed on an "AS IS" basis,
+# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+# for the specific language governing rights and limitations under the
+# License.
+#
+# The Original Code is Sync Server
+#
+# The Initial Developer of the Original Code is Mozilla Foundation.
+# Portions created by the Initial Developer are Copyright (C) 2010
+# the Initial Developer. All Rights Reserved.
+#
+# Contributor(s):
+#   Tarek Ziade (tarek@mozilla.com)
+#
+# Alternatively, the contents of this file may be used under the terms of
+# either the GNU General Public License Version 2 or later (the "GPL"), or
+# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+# in which case the provisions of the GPL or the LGPL are applicable instead
+# of those above. If you wish to allow use of your version of this file only
+# under the terms of either the GPL or the LGPL, and not to allow others to
+# use your version of this file under the terms of the MPL, indicate your
+# decision by deleting the provisions above and replace them with the notice
+# and other provisions required by the GPL or the LGPL. If you do not delete
+# the provisions above, a recipient may use your version of this file under
+# the terms of any one of the MPL, the GPL or the LGPL.
+#
+# ***** END LICENSE BLOCK *****
+"""
+User controller. Implements all APIs from:
+
+https://wiki.mozilla.org/Labs/Weave/User/1.0/API
+
+"""
+import os
+
+from webob.response import Response
+from mako.lookup import TemplateLookup
+
+from services.util import valid_password, text_response, html_response
+from syncreg.util import render_mako
+
+_TPL_DIR = os.path.join(os.path.dirname(__file__), 'templates')
+_lookup = TemplateLookup(directories=[_TPL_DIR],
+                         module_directory=_TPL_DIR)  # XXX defined in prod
+
+
+class MainController(object):
+
+    def __init__(self, app):
+        self.app = app
+        self.auth = app.auth.backend
+
+    def delete_account_form(self, request, **kw):
+        """Returns a form for deleting the account"""
+        template = _lookup.get_template('delete_account.mako')
+        return html_response(template.render())
+
+    def do_delete_account(self, request):
+        """Do the delete."""
+        user_name = request.POST.get('username')
+        password = request.POST.get('password')
+        if user_name is None or password is None:
+            return text_response('Missing data')
+
+        user_id = self.auth.authenticate_user(user_name, password)
+        if user_id is None:
+            return text_response('Bad credentials')
+
+        # data deletion
+        self.app.get_storage(request).delete_user(user_id)
+
+        # user deletion (ldap etc.)
+        user_id = self.auth.get_user_id(user_name)
+        if user_id is not None:
+            res = self.auth.delete_user(user_id, password)
+        else:
+            res = True
+
+        if res:
+            return text_response('Account removed.')
+        else:
+            return text_response('Deletion failed.')
new file mode 100644
--- /dev/null
+++ b/syncserver/templates/base.mako
@@ -0,0 +1,34 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en">
+<head>
+  <title>Mozilla Labs / Weave / Forgot Password</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+    <link rel='stylesheet' href='/media/forgot_password.css' type='text/css' media='all' />
+</head>
+<body>
+  <div id="content">
+    <div id="top">
+      <img src="/media/weave-logo.png" alt="Weave for Firefox" />
+    </div>
+    <div id="bottom">
+      <div><img src="/media/table-top.png" alt="" /></div>
+
+      <div class="table_middle">
+        <div class="title">Password Reset</div>
+        <div class="details">
+          ${self.body()}
+        </div>
+      </div>
+    <div id="footer">
+      <div class="legal">
+        &copy; 2010 Mozilla
+        <br />
+        <span>
+          <a href="http://www.mozilla.com/en-US/about/legal.html">Legal Notices</a> |
+          <a href="http://www.mozilla.com/en-US/privacy-policy.html">Privacy Policy</a>
+        </span>
+      </div>
+    </div>
+  </div>
+</body>
+</html>
new file mode 100644
--- /dev/null
+++ b/syncserver/templates/delete_account.mako
@@ -0,0 +1,23 @@
+<%inherit file="base.mako"/>
+<p>
+ To permanently delete your Firefox Sync account and all copies of your data stored on our servers, please enter your username and password and click Permanently Delete My Account.
+</p>
+ %if error:
+ <div class="error">${error}</div>
+ %endif
+ <form class="mainForm" name="deleteAccount" id="deleteAccount"
+    action="/weave-delete-account" method="post">
+  <p>
+  <label>Username:
+    <input type="text" name="username" id="user_name" size="20"/>
+   </label>
+  </p>
+  <label>Password:
+    <input type="password" name="password" id="user_pass" size="20"/>
+   </label>
+  </p>
+
+  <input type="submit" id="pchange" name="pchange"
+         value="Permanently Delete My Account"/>
+ </form>
+</p>