1 # Copyright 2011-2012 GRNET S.A. All rights reserved.
3 # Redistribution and use in source and binary forms, with or
4 # without modification, are permitted provided that the following
7 # 1. Redistributions of source code must retain the above
8 # copyright notice, this list of conditions and the following
11 # 2. Redistributions in binary form must reproduce the above
12 # copyright notice, this list of conditions and the following
13 # disclaimer in the documentation and/or other materials
14 # provided with the distribution.
16 # THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
17 # OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
19 # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
20 # CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21 # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22 # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
23 # USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
24 # AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
26 # ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 # POSSIBILITY OF SUCH DAMAGE.
29 # The views and conclusions contained in the software and
30 # documentation are those of the authors and should not be
31 # interpreted as representing official policies, either expressed
32 # or implied, of GRNET S.A.
33 from urlparse import urljoin
34 from datetime import datetime
36 from django import forms
37 from django.utils.translation import ugettext as _
38 from django.contrib.auth.forms import UserCreationForm, AuthenticationForm, PasswordResetForm
39 from django.core.mail import send_mail
40 from django.contrib.auth.tokens import default_token_generator
41 from django.template import Context, loader
42 from django.utils.http import int_to_base36
43 from django.core.urlresolvers import reverse
44 from django.utils.functional import lazy
45 from django.utils.safestring import mark_safe
46 from django.contrib import messages
48 from astakos.im.models import AstakosUser, Invitation
49 from astakos.im.settings import INVITATIONS_PER_LEVEL, DEFAULT_FROM_EMAIL, SITENAME, RECAPTCHA_PRIVATE_KEY, DEFAULT_CONTACT_EMAIL, RECAPTCHA_ENABLED
50 from astakos.im.widgets import DummyWidget, RecaptchaWidget, ApprovalTermsWidget
52 # since Django 1.4 use django.core.urlresolvers.reverse_lazy instead
53 from astakos.im.util import reverse_lazy, get_latest_terms, reserved_email, get_query
56 import recaptcha.client.captcha as captcha
58 logger = logging.getLogger(__name__)
60 class LocalUserCreationForm(UserCreationForm):
62 Extends the built in UserCreationForm in several ways:
64 * Adds email, first_name, last_name, recaptcha_challenge_field, recaptcha_response_field field.
65 * The username field isn't visible and it is assigned a generated id.
66 * User created is not active.
68 recaptcha_challenge_field = forms.CharField(widget=DummyWidget)
69 recaptcha_response_field = forms.CharField(widget=RecaptchaWidget, label='')
73 fields = ("email", "first_name", "last_name", "has_signed_terms")
74 widgets = {"has_signed_terms":ApprovalTermsWidget(terms_uri=reverse_lazy('latest_terms'))}
76 def __init__(self, *args, **kwargs):
78 Changes the order of fields, and removes the username field.
80 request = kwargs.get('request', None)
83 self.ip = request.META.get('REMOTE_ADDR',
84 request.META.get('HTTP_X_REAL_IP', None))
86 super(LocalUserCreationForm, self).__init__(*args, **kwargs)
87 self.fields.keyOrder = ['email', 'first_name', 'last_name',
88 'password1', 'password2']
89 if get_latest_terms():
90 self.fields.keyOrder.append('has_signed_terms')
92 self.fields.keyOrder.extend(['recaptcha_challenge_field',
93 'recaptcha_response_field',])
95 if 'has_signed_terms' in self.fields:
96 # Overriding field label since we need to apply a link
97 # to the terms within the label
98 terms_link_html = '<a href="%s" target="_blank">%s</a>' \
99 % (reverse('latest_terms'), _("the terms"))
100 self.fields['has_signed_terms'].label = \
101 mark_safe("I agree with %s" % terms_link_html)
103 def clean_email(self):
104 email = self.cleaned_data['email']
106 raise forms.ValidationError(_("This field is required"))
107 if reserved_email(email):
108 raise forms.ValidationError(_("This email is already used"))
111 def clean_has_signed_terms(self):
112 has_signed_terms = self.cleaned_data['has_signed_terms']
113 if not has_signed_terms:
114 raise forms.ValidationError(_('You have to agree with the terms'))
115 return has_signed_terms
117 def clean_recaptcha_response_field(self):
118 if 'recaptcha_challenge_field' in self.cleaned_data:
119 self.validate_captcha()
120 return self.cleaned_data['recaptcha_response_field']
122 def clean_recaptcha_challenge_field(self):
123 if 'recaptcha_response_field' in self.cleaned_data:
124 self.validate_captcha()
125 return self.cleaned_data['recaptcha_challenge_field']
127 def validate_captcha(self):
128 rcf = self.cleaned_data['recaptcha_challenge_field']
129 rrf = self.cleaned_data['recaptcha_response_field']
130 check = captcha.submit(rcf, rrf, RECAPTCHA_PRIVATE_KEY, self.ip)
131 if not check.is_valid:
132 raise forms.ValidationError(_('You have not entered the correct words'))
134 def save(self, commit=True):
136 Saves the email, first_name and last_name properties, after the normal
137 save behavior is complete.
139 user = super(LocalUserCreationForm, self).save(commit=False)
143 logger.info('Created user %s', user)
146 class InvitedLocalUserCreationForm(LocalUserCreationForm):
148 Extends the LocalUserCreationForm: adds an inviter readonly field.
151 inviter = forms.CharField(widget=forms.TextInput(), label=_('Inviter Real Name'))
155 fields = ("email", "first_name", "last_name", "has_signed_terms")
156 widgets = {"has_signed_terms":ApprovalTermsWidget(terms_uri=reverse_lazy('latest_terms'))}
158 def __init__(self, *args, **kwargs):
160 Changes the order of fields, and removes the username field.
162 super(InvitedLocalUserCreationForm, self).__init__(*args, **kwargs)
164 #set readonly form fields
165 ro = ('inviter', 'email', 'username',)
167 self.fields[f].widget.attrs['readonly'] = True
170 def save(self, commit=True):
171 user = super(InvitedLocalUserCreationForm, self).save(commit=False)
172 level = user.invitation.inviter.level + 1
174 user.invitations = INVITATIONS_PER_LEVEL.get(level, 0)
175 user.email_verified = True
180 class ThirdPartyUserCreationForm(forms.ModelForm):
183 fields = ("email", "first_name", "last_name", "third_party_identifier")
184 widgets = {"has_signed_terms":ApprovalTermsWidget(terms_uri=reverse_lazy('latest_terms'))}
186 def __init__(self, *args, **kwargs):
188 Changes the order of fields, and removes the username field.
190 self.request = kwargs.get('request', None)
192 kwargs.pop('request')
193 super(ThirdPartyUserCreationForm, self).__init__(*args, **kwargs)
194 self.fields.keyOrder = ['email', 'first_name', 'last_name', 'third_party_identifier']
195 if get_latest_terms():
196 self.fields.keyOrder.append('has_signed_terms')
197 #set readonly form fields
198 ro = ["third_party_identifier", "first_name", "last_name"]
200 self.fields[f].widget.attrs['readonly'] = True
202 if 'has_signed_terms' in self.fields:
203 # Overriding field label since we need to apply a link
204 # to the terms within the label
205 terms_link_html = '<a href="%s" target="_blank">%s</a>' \
206 % (reverse('latest_terms'), _("the terms"))
207 self.fields['has_signed_terms'].label = \
208 mark_safe("I agree with %s" % terms_link_html)
210 def clean_email(self):
211 email = self.cleaned_data['email']
213 raise forms.ValidationError(_("This field is required"))
214 if reserved_email(email):
215 raise forms.ValidationError(_("This email is already used"))
218 def clean_has_signed_terms(self):
219 has_signed_terms = self.cleaned_data['has_signed_terms']
220 if not has_signed_terms:
221 raise forms.ValidationError(_('You have to agree with the terms'))
222 return has_signed_terms
224 def save(self, commit=True):
225 user = super(ThirdPartyUserCreationForm, self).save(commit=False)
226 user.set_unusable_password()
228 user.provider = get_query(self.request).get('provider')
231 logger.info('Created user %s', user)
234 class InvitedThirdPartyUserCreationForm(ThirdPartyUserCreationForm):
236 Extends the LocalUserCreationForm: adds an inviter readonly field.
238 inviter = forms.CharField(widget=forms.TextInput(), label=_('Inviter Real Name'))
240 def __init__(self, *args, **kwargs):
242 Changes the order of fields, and removes the username field.
244 super(InvitedThirdPartyUserCreationForm, self).__init__(*args, **kwargs)
246 #set readonly form fields
247 ro = ('inviter', 'email',)
249 self.fields[f].widget.attrs['readonly'] = True
251 def save(self, commit=True):
252 user = super(InvitedThirdPartyUserCreationForm, self).save(commit=False)
253 level = user.invitation.inviter.level + 1
255 user.invitations = INVITATIONS_PER_LEVEL.get(level, 0)
256 user.email_verified = True
261 class ShibbolethUserCreationForm(ThirdPartyUserCreationForm):
262 def clean_email(self):
263 email = self.cleaned_data['email']
265 raise forms.ValidationError(_("This field is required"))
266 for user in AstakosUser.objects.filter(email = email):
267 if user.provider == 'shibboleth':
268 raise forms.ValidationError(_("This email is already associated with another shibboleth account."))
271 class InvitedShibbolethUserCreationForm(ShibbolethUserCreationForm, InvitedThirdPartyUserCreationForm):
274 class LoginForm(AuthenticationForm):
275 username = forms.EmailField(label=_("Email"))
276 recaptcha_challenge_field = forms.CharField(widget=DummyWidget)
277 recaptcha_response_field = forms.CharField(widget=RecaptchaWidget, label='')
279 def __init__(self, *args, **kwargs):
280 was_limited = kwargs.get('was_limited', False)
281 request = kwargs.get('request', None)
283 self.ip = request.META.get('REMOTE_ADDR',
284 request.META.get('HTTP_X_REAL_IP', None))
286 t = ('request', 'was_limited')
288 if elem in kwargs.keys():
290 super(LoginForm, self).__init__(*args, **kwargs)
292 self.fields.keyOrder = ['username', 'password']
293 if was_limited and RECAPTCHA_ENABLED:
294 self.fields.keyOrder.extend(['recaptcha_challenge_field',
295 'recaptcha_response_field',])
297 def clean_recaptcha_response_field(self):
298 if 'recaptcha_challenge_field' in self.cleaned_data:
299 self.validate_captcha()
300 return self.cleaned_data['recaptcha_response_field']
302 def clean_recaptcha_challenge_field(self):
303 if 'recaptcha_response_field' in self.cleaned_data:
304 self.validate_captcha()
305 return self.cleaned_data['recaptcha_challenge_field']
307 def validate_captcha(self):
308 rcf = self.cleaned_data['recaptcha_challenge_field']
309 rrf = self.cleaned_data['recaptcha_response_field']
310 check = captcha.submit(rcf, rrf, RECAPTCHA_PRIVATE_KEY, self.ip)
311 if not check.is_valid:
312 raise forms.ValidationError(_('You have not entered the correct words'))
314 class ProfileForm(forms.ModelForm):
316 Subclass of ``ModelForm`` for permiting user to edit his/her profile.
317 Most of the fields are readonly since the user is not allowed to change them.
319 The class defines a save method which sets ``is_verified`` to True so as the user
320 during the next login will not to be redirected to profile page.
322 renew = forms.BooleanField(label='Renew token', required=False)
326 fields = ('email', 'first_name', 'last_name', 'auth_token', 'auth_token_expires')
328 def __init__(self, *args, **kwargs):
329 super(ProfileForm, self).__init__(*args, **kwargs)
330 instance = getattr(self, 'instance', None)
331 ro_fields = ('email', 'auth_token', 'auth_token_expires')
332 if instance and instance.id:
333 for field in ro_fields:
334 self.fields[field].widget.attrs['readonly'] = True
336 def save(self, commit=True):
337 user = super(ProfileForm, self).save(commit=False)
338 user.is_verified = True
339 if self.cleaned_data.get('renew'):
345 class FeedbackForm(forms.Form):
347 Form for writing feedback.
349 feedback_msg = forms.CharField(widget=forms.Textarea, label=u'Message')
350 feedback_data = forms.CharField(widget=forms.HiddenInput(), label='',
353 class SendInvitationForm(forms.Form):
355 Form for sending an invitations
358 email = forms.EmailField(required = True, label = 'Email address')
359 first_name = forms.EmailField(label = 'First name')
360 last_name = forms.EmailField(label = 'Last name')
362 class ExtendedPasswordResetForm(PasswordResetForm):
364 Extends PasswordResetForm by overriding save method:
365 passes a custom from_email in send_mail.
367 Since Django 1.3 this is useless since ``django.contrib.auth.views.reset_password``
368 accepts a from_email argument.
370 def clean_email(self):
371 email = super(ExtendedPasswordResetForm, self).clean_email()
373 user = AstakosUser.objects.get(email=email, is_active=True)
374 if not user.has_usable_password():
375 raise forms.ValidationError(_("This account has not a usable password."))
376 except AstakosUser.DoesNotExist, e:
377 raise forms.ValidationError(_('That e-mail address doesn\'t have an associated user account. Are you sure you\'ve registered?'))
380 def save(self, domain_override=None, email_template_name='registration/password_reset_email.html',
381 use_https=False, token_generator=default_token_generator, request=None):
383 Generates a one-use only link for resetting password and sends to the user.
385 for user in self.users_cache:
386 url = reverse('django.contrib.auth.views.password_reset_confirm',
387 kwargs={'uidb36':int_to_base36(user.id),
388 'token':token_generator.make_token(user)})
389 url = request.build_absolute_uri(url)
390 t = loader.get_template(email_template_name)
394 'site_name': SITENAME,
396 'baseurl': request.build_absolute_uri(),
397 'support': DEFAULT_CONTACT_EMAIL
399 from_email = DEFAULT_FROM_EMAIL
400 send_mail(_("Password reset on %s alpha2 testing") % SITENAME,
401 t.render(Context(c)), from_email, [user.email])
403 class SignApprovalTermsForm(forms.ModelForm):
406 fields = ("has_signed_terms",)
408 def __init__(self, *args, **kwargs):
409 super(SignApprovalTermsForm, self).__init__(*args, **kwargs)
411 def clean_has_signed_terms(self):
412 has_signed_terms = self.cleaned_data['has_signed_terms']
413 if not has_signed_terms:
414 raise forms.ValidationError(_('You have to agree with the terms'))
415 return has_signed_terms
417 class InvitationForm(forms.ModelForm):
418 username = forms.EmailField(label=_("Email"))
420 def __init__(self, *args, **kwargs):
421 super(InvitationForm, self).__init__(*args, **kwargs)
425 fields = ('username', 'realname')
427 def clean_username(self):
428 username = self.cleaned_data['username']
430 Invitation.objects.get(username = username)
431 raise forms.ValidationError(_('There is already invitation for this email.'))
432 except Invitation.DoesNotExist: