1 # Copyright 2011-2012 GRNET S.A. All rights reserved.
3 # Redistribution and use in source and binary forms, with or
4 # without modification, are permitted provided that the following
7 # 1. Redistributions of source code must retain the above
8 # copyright notice, this list of conditions and the following
11 # 2. Redistributions in binary form must reproduce the above
12 # copyright notice, this list of conditions and the following
13 # disclaimer in the documentation and/or other materials
14 # provided with the distribution.
16 # THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
17 # OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
19 # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
20 # CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21 # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22 # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
23 # USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
24 # AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
26 # ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 # POSSIBILITY OF SUCH DAMAGE.
29 # The views and conclusions contained in the software and
30 # documentation are those of the authors and should not be
31 # interpreted as representing official policies, either expressed
32 # or implied, of GRNET S.A.
33 from urlparse import urljoin
34 from datetime import datetime
36 from django import forms
37 from django.utils.translation import ugettext as _
38 from django.contrib.auth.forms import UserCreationForm, AuthenticationForm, PasswordResetForm
39 from django.core.mail import send_mail
40 from django.contrib.auth.tokens import default_token_generator
41 from django.template import Context, loader
42 from django.utils.http import int_to_base36
43 from django.core.urlresolvers import reverse
44 from django.utils.functional import lazy
45 from django.utils.safestring import mark_safe
46 from django.contrib import messages
47 from django.utils.encoding import smart_str
49 from astakos.im.models import AstakosUser, Invitation, get_latest_terms, EmailChange
50 from astakos.im.settings import INVITATIONS_PER_LEVEL, DEFAULT_FROM_EMAIL, \
51 BASEURL, SITENAME, RECAPTCHA_PRIVATE_KEY, DEFAULT_CONTACT_EMAIL, \
52 RECAPTCHA_ENABLED, LOGGING_LEVEL
53 from astakos.im.widgets import DummyWidget, RecaptchaWidget
54 from astakos.im.functions import send_change_email
56 # since Django 1.4 use django.core.urlresolvers.reverse_lazy instead
57 from astakos.im.util import reverse_lazy, reserved_email, get_query
61 import recaptcha.client.captcha as captcha
62 from random import random
64 logger = logging.getLogger(__name__)
66 class LocalUserCreationForm(UserCreationForm):
68 Extends the built in UserCreationForm in several ways:
70 * Adds email, first_name, last_name, recaptcha_challenge_field, recaptcha_response_field field.
71 * The username field isn't visible and it is assigned a generated id.
72 * User created is not active.
74 recaptcha_challenge_field = forms.CharField(widget=DummyWidget)
75 recaptcha_response_field = forms.CharField(widget=RecaptchaWidget, label='')
79 fields = ("email", "first_name", "last_name", "has_signed_terms", "has_signed_terms")
81 def __init__(self, *args, **kwargs):
83 Changes the order of fields, and removes the username field.
85 request = kwargs.get('request', None)
88 self.ip = request.META.get('REMOTE_ADDR',
89 request.META.get('HTTP_X_REAL_IP', None))
91 super(LocalUserCreationForm, self).__init__(*args, **kwargs)
92 self.fields.keyOrder = ['email', 'first_name', 'last_name',
93 'password1', 'password2']
96 self.fields.keyOrder.extend(['recaptcha_challenge_field',
97 'recaptcha_response_field',])
98 if get_latest_terms():
99 self.fields.keyOrder.append('has_signed_terms')
101 if 'has_signed_terms' in self.fields:
102 # Overriding field label since we need to apply a link
103 # to the terms within the label
104 terms_link_html = '<a href="%s" target="_blank">%s</a>' \
105 % (reverse('latest_terms'), _("the terms"))
106 self.fields['has_signed_terms'].label = \
107 mark_safe("I agree with %s" % terms_link_html)
109 def clean_email(self):
110 email = self.cleaned_data['email']
112 raise forms.ValidationError(_("This field is required"))
113 if reserved_email(email):
114 raise forms.ValidationError(_("This email is already used"))
117 def clean_has_signed_terms(self):
118 has_signed_terms = self.cleaned_data['has_signed_terms']
119 if not has_signed_terms:
120 raise forms.ValidationError(_('You have to agree with the terms'))
121 return has_signed_terms
123 def clean_recaptcha_response_field(self):
124 if 'recaptcha_challenge_field' in self.cleaned_data:
125 self.validate_captcha()
126 return self.cleaned_data['recaptcha_response_field']
128 def clean_recaptcha_challenge_field(self):
129 if 'recaptcha_response_field' in self.cleaned_data:
130 self.validate_captcha()
131 return self.cleaned_data['recaptcha_challenge_field']
133 def validate_captcha(self):
134 rcf = self.cleaned_data['recaptcha_challenge_field']
135 rrf = self.cleaned_data['recaptcha_response_field']
136 check = captcha.submit(rcf, rrf, RECAPTCHA_PRIVATE_KEY, self.ip)
137 if not check.is_valid:
138 raise forms.ValidationError(_('You have not entered the correct words'))
140 def save(self, commit=True):
142 Saves the email, first_name and last_name properties, after the normal
143 save behavior is complete.
145 user = super(LocalUserCreationForm, self).save(commit=False)
149 logger._log(LOGGING_LEVEL, 'Created user %s' % user.email, [])
152 class InvitedLocalUserCreationForm(LocalUserCreationForm):
154 Extends the LocalUserCreationForm: email is readonly.
158 fields = ("email", "first_name", "last_name", "has_signed_terms")
160 def __init__(self, *args, **kwargs):
162 Changes the order of fields, and removes the username field.
164 super(InvitedLocalUserCreationForm, self).__init__(*args, **kwargs)
166 #set readonly form fields
167 ro = ('email', 'username',)
169 self.fields[f].widget.attrs['readonly'] = True
172 def save(self, commit=True):
173 user = super(InvitedLocalUserCreationForm, self).save(commit=False)
174 level = user.invitation.inviter.level + 1
176 user.invitations = INVITATIONS_PER_LEVEL.get(level, 0)
177 user.email_verified = True
182 class ThirdPartyUserCreationForm(forms.ModelForm):
185 fields = ("email", "first_name", "last_name", "third_party_identifier", "has_signed_terms")
187 def __init__(self, *args, **kwargs):
189 Changes the order of fields, and removes the username field.
191 self.request = kwargs.get('request', None)
193 kwargs.pop('request')
194 super(ThirdPartyUserCreationForm, self).__init__(*args, **kwargs)
195 self.fields.keyOrder = ['email', 'first_name', 'last_name', 'third_party_identifier']
196 if get_latest_terms():
197 self.fields.keyOrder.append('has_signed_terms')
198 #set readonly form fields
199 ro = ["third_party_identifier"]
201 self.fields[f].widget.attrs['readonly'] = True
203 if 'has_signed_terms' in self.fields:
204 # Overriding field label since we need to apply a link
205 # to the terms within the label
206 terms_link_html = '<a href="%s" target="_blank">%s</a>' \
207 % (reverse('latest_terms'), _("the terms"))
208 self.fields['has_signed_terms'].label = \
209 mark_safe("I agree with %s" % terms_link_html)
211 def clean_email(self):
212 email = self.cleaned_data['email']
214 raise forms.ValidationError(_("This field is required"))
217 def clean_has_signed_terms(self):
218 has_signed_terms = self.cleaned_data['has_signed_terms']
219 if not has_signed_terms:
220 raise forms.ValidationError(_('You have to agree with the terms'))
221 return has_signed_terms
223 def save(self, commit=True):
224 user = super(ThirdPartyUserCreationForm, self).save(commit=False)
225 user.set_unusable_password()
227 user.provider = get_query(self.request).get('provider')
230 logger._log(LOGGING_LEVEL, 'Created user %s' % user.email, [])
233 class InvitedThirdPartyUserCreationForm(ThirdPartyUserCreationForm):
235 Extends the ThirdPartyUserCreationForm: email is readonly.
237 def __init__(self, *args, **kwargs):
239 Changes the order of fields, and removes the username field.
241 super(InvitedThirdPartyUserCreationForm, self).__init__(*args, **kwargs)
243 #set readonly form fields
246 self.fields[f].widget.attrs['readonly'] = True
248 def save(self, commit=True):
249 user = super(InvitedThirdPartyUserCreationForm, self).save(commit=False)
250 level = user.invitation.inviter.level + 1
252 user.invitations = INVITATIONS_PER_LEVEL.get(level, 0)
253 user.email_verified = True
258 class ShibbolethUserCreationForm(ThirdPartyUserCreationForm):
259 additional_email = forms.CharField(widget=forms.HiddenInput(), label='', required = False)
261 def __init__(self, *args, **kwargs):
262 super(ShibbolethUserCreationForm, self).__init__(*args, **kwargs)
263 self.fields.keyOrder.append('additional_email')
264 # copy email value to additional_mail in case user will change it
266 field = self.fields[name]
267 self.initial['additional_email'] = self.initial.get(name, field.initial)
269 def clean_email(self):
270 email = self.cleaned_data['email']
271 for user in AstakosUser.objects.filter(email = email):
272 if user.provider == 'shibboleth':
273 raise forms.ValidationError(_("This email is already associated with another shibboleth account."))
274 elif not user.is_active:
275 raise forms.ValidationError(_("This email is already associated with an inactive account. \
276 You need to wait to be activated before being able to switch to a shibboleth account."))
277 super(ShibbolethUserCreationForm, self).clean_email()
280 class InvitedShibbolethUserCreationForm(ShibbolethUserCreationForm, InvitedThirdPartyUserCreationForm):
283 class LoginForm(AuthenticationForm):
284 username = forms.EmailField(label=_("Email"))
285 recaptcha_challenge_field = forms.CharField(widget=DummyWidget)
286 recaptcha_response_field = forms.CharField(widget=RecaptchaWidget, label='')
288 def __init__(self, *args, **kwargs):
289 was_limited = kwargs.get('was_limited', False)
290 request = kwargs.get('request', None)
292 self.ip = request.META.get('REMOTE_ADDR',
293 request.META.get('HTTP_X_REAL_IP', None))
295 t = ('request', 'was_limited')
297 if elem in kwargs.keys():
299 super(LoginForm, self).__init__(*args, **kwargs)
301 self.fields.keyOrder = ['username', 'password']
302 if was_limited and RECAPTCHA_ENABLED:
303 self.fields.keyOrder.extend(['recaptcha_challenge_field',
304 'recaptcha_response_field',])
306 def clean_recaptcha_response_field(self):
307 if 'recaptcha_challenge_field' in self.cleaned_data:
308 self.validate_captcha()
309 return self.cleaned_data['recaptcha_response_field']
311 def clean_recaptcha_challenge_field(self):
312 if 'recaptcha_response_field' in self.cleaned_data:
313 self.validate_captcha()
314 return self.cleaned_data['recaptcha_challenge_field']
316 def validate_captcha(self):
317 rcf = self.cleaned_data['recaptcha_challenge_field']
318 rrf = self.cleaned_data['recaptcha_response_field']
319 check = captcha.submit(rcf, rrf, RECAPTCHA_PRIVATE_KEY, self.ip)
320 if not check.is_valid:
321 raise forms.ValidationError(_('You have not entered the correct words'))
323 class ProfileForm(forms.ModelForm):
325 Subclass of ``ModelForm`` for permiting user to edit his/her profile.
326 Most of the fields are readonly since the user is not allowed to change them.
328 The class defines a save method which sets ``is_verified`` to True so as the user
329 during the next login will not to be redirected to profile page.
331 renew = forms.BooleanField(label='Renew token', required=False)
335 fields = ('email', 'first_name', 'last_name', 'auth_token', 'auth_token_expires')
337 def __init__(self, *args, **kwargs):
338 super(ProfileForm, self).__init__(*args, **kwargs)
339 instance = getattr(self, 'instance', None)
340 ro_fields = ('email', 'auth_token', 'auth_token_expires')
341 if instance and instance.id:
342 for field in ro_fields:
343 self.fields[field].widget.attrs['readonly'] = True
345 def save(self, commit=True):
346 user = super(ProfileForm, self).save(commit=False)
347 user.is_verified = True
348 if self.cleaned_data.get('renew'):
354 class FeedbackForm(forms.Form):
356 Form for writing feedback.
358 feedback_msg = forms.CharField(widget=forms.Textarea, label=u'Message')
359 feedback_data = forms.CharField(widget=forms.HiddenInput(), label='',
362 class SendInvitationForm(forms.Form):
364 Form for sending an invitations
367 email = forms.EmailField(required = True, label = 'Email address')
368 first_name = forms.EmailField(label = 'First name')
369 last_name = forms.EmailField(label = 'Last name')
371 class ExtendedPasswordResetForm(PasswordResetForm):
373 Extends PasswordResetForm by overriding save method:
374 passes a custom from_email in send_mail.
376 Since Django 1.3 this is useless since ``django.contrib.auth.views.reset_password``
377 accepts a from_email argument.
379 def clean_email(self):
380 email = super(ExtendedPasswordResetForm, self).clean_email()
382 user = AstakosUser.objects.get(email=email, is_active=True)
383 if not user.has_usable_password():
384 raise forms.ValidationError(_("This account has not a usable password."))
385 except AstakosUser.DoesNotExist, e:
386 raise forms.ValidationError(_('That e-mail address doesn\'t have an associated user account. Are you sure you\'ve registered?'))
389 def save(self, domain_override=None, email_template_name='registration/password_reset_email.html',
390 use_https=False, token_generator=default_token_generator, request=None):
392 Generates a one-use only link for resetting password and sends to the user.
394 for user in self.users_cache:
395 url = reverse('django.contrib.auth.views.password_reset_confirm',
396 kwargs={'uidb36':int_to_base36(user.id),
397 'token':token_generator.make_token(user)})
398 url = urljoin(BASEURL, url)
399 t = loader.get_template(email_template_name)
403 'site_name': SITENAME,
406 'support': DEFAULT_CONTACT_EMAIL
408 from_email = DEFAULT_FROM_EMAIL
409 send_mail(_("Password reset on %s alpha2 testing") % SITENAME,
410 t.render(Context(c)), from_email, [user.email])
412 class EmailChangeForm(forms.ModelForm):
415 fields = ('new_email_address',)
417 def clean_new_email_address(self):
418 addr = self.cleaned_data['new_email_address']
419 if AstakosUser.objects.filter(email__iexact=addr):
420 raise forms.ValidationError(_(u'This email address is already in use. Please supply a different email address.'))
423 def save(self, email_template_name, request, commit=True):
424 ec = super(EmailChangeForm, self).save(commit=False)
425 ec.user = request.user
426 activation_key = hashlib.sha1(str(random()) + smart_str(ec.new_email_address))
427 ec.activation_key=activation_key.hexdigest()
430 send_change_email(ec, request, email_template_name=email_template_name)
432 class SignApprovalTermsForm(forms.ModelForm):
435 fields = ("has_signed_terms",)
437 def __init__(self, *args, **kwargs):
438 super(SignApprovalTermsForm, self).__init__(*args, **kwargs)
440 def clean_has_signed_terms(self):
441 has_signed_terms = self.cleaned_data['has_signed_terms']
442 if not has_signed_terms:
443 raise forms.ValidationError(_('You have to agree with the terms'))
444 return has_signed_terms
446 class InvitationForm(forms.ModelForm):
447 username = forms.EmailField(label=_("Email"))
449 def __init__(self, *args, **kwargs):
450 super(InvitationForm, self).__init__(*args, **kwargs)
454 fields = ('username', 'realname')
456 def clean_username(self):
457 username = self.cleaned_data['username']
459 Invitation.objects.get(username = username)
460 raise forms.ValidationError(_('There is already invitation for this email.'))
461 except Invitation.DoesNotExist: