Statistics
| Branch: | Tag: | Revision:

root / snf-astakos-app / astakos / im / forms.py @ 262c2717

History | View | Annotate | Download (17.1 kB)

1
# Copyright 2011-2012 GRNET S.A. All rights reserved.
2
#
3
# Redistribution and use in source and binary forms, with or
4
# without modification, are permitted provided that the following
5
# conditions are met:
6
#
7
#   1. Redistributions of source code must retain the above
8
#      copyright notice, this list of conditions and the following
9
#      disclaimer.
10
#
11
#   2. Redistributions in binary form must reproduce the above
12
#      copyright notice, this list of conditions and the following
13
#      disclaimer in the documentation and/or other materials
14
#      provided with the distribution.
15
#
16
# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
17
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
19
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
20
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
23
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
24
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
26
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27
# POSSIBILITY OF SUCH DAMAGE.
28
#
29
# The views and conclusions contained in the software and
30
# documentation are those of the authors and should not be
31
# interpreted as representing official policies, either expressed
32
# or implied, of GRNET S.A.
33
from urlparse import urljoin
34
from datetime import datetime
35

    
36
from django import forms
37
from django.utils.translation import ugettext as _
38
from django.contrib.auth.forms import UserCreationForm, AuthenticationForm, PasswordResetForm
39
from django.core.mail import send_mail
40
from django.contrib.auth.tokens import default_token_generator
41
from django.template import Context, loader
42
from django.utils.http import int_to_base36
43
from django.core.urlresolvers import reverse
44
from django.utils.functional import lazy
45
from django.utils.safestring import mark_safe
46
from django.contrib import messages
47

    
48
from astakos.im.models import AstakosUser, Invitation, get_latest_terms
49
from astakos.im.settings import INVITATIONS_PER_LEVEL, DEFAULT_FROM_EMAIL, BASEURL, SITENAME, RECAPTCHA_PRIVATE_KEY, DEFAULT_CONTACT_EMAIL, RECAPTCHA_ENABLED
50
from astakos.im.widgets import DummyWidget, RecaptchaWidget
51

    
52
# since Django 1.4 use django.core.urlresolvers.reverse_lazy instead
53
from astakos.im.util import reverse_lazy, reserved_email, get_query
54

    
55
import logging
56
import recaptcha.client.captcha as captcha
57

    
58
logger = logging.getLogger(__name__)
59

    
60
class LocalUserCreationForm(UserCreationForm):
61
    """
62
    Extends the built in UserCreationForm in several ways:
63

64
    * Adds email, first_name, last_name, recaptcha_challenge_field, recaptcha_response_field field.
65
    * The username field isn't visible and it is assigned a generated id.
66
    * User created is not active.
67
    """
68
    recaptcha_challenge_field = forms.CharField(widget=DummyWidget)
69
    recaptcha_response_field = forms.CharField(widget=RecaptchaWidget, label='')
70

    
71
    class Meta:
72
        model = AstakosUser
73
        fields = ("email", "first_name", "last_name", "has_signed_terms", "has_signed_terms")
74

    
75
    def __init__(self, *args, **kwargs):
76
        """
77
        Changes the order of fields, and removes the username field.
78
        """
79
        request = kwargs.get('request', None)
80
        if request:
81
            kwargs.pop('request')
82
            self.ip = request.META.get('REMOTE_ADDR',
83
                                       request.META.get('HTTP_X_REAL_IP', None))
84
        
85
        super(LocalUserCreationForm, self).__init__(*args, **kwargs)
86
        self.fields.keyOrder = ['email', 'first_name', 'last_name',
87
                                'password1', 'password2']
88
        if get_latest_terms():
89
            self.fields.keyOrder.append('has_signed_terms')
90
        if RECAPTCHA_ENABLED:
91
            self.fields.keyOrder.extend(['recaptcha_challenge_field',
92
                                         'recaptcha_response_field',])
93

    
94
        if 'has_signed_terms' in self.fields:
95
            # Overriding field label since we need to apply a link
96
            # to the terms within the label
97
            terms_link_html = '<a href="%s" target="_blank">%s</a>' \
98
                    % (reverse('latest_terms'), _("the terms"))
99
            self.fields['has_signed_terms'].label = \
100
                    mark_safe("I agree with %s" % terms_link_html)
101

    
102
    def clean_email(self):
103
        email = self.cleaned_data['email']
104
        if not email:
105
            raise forms.ValidationError(_("This field is required"))
106
        if reserved_email(email):
107
            raise forms.ValidationError(_("This email is already used"))
108
        return email
109

    
110
    def clean_has_signed_terms(self):
111
        has_signed_terms = self.cleaned_data['has_signed_terms']
112
        if not has_signed_terms:
113
            raise forms.ValidationError(_('You have to agree with the terms'))
114
        return has_signed_terms
115

    
116
    def clean_recaptcha_response_field(self):
117
        if 'recaptcha_challenge_field' in self.cleaned_data:
118
            self.validate_captcha()
119
        return self.cleaned_data['recaptcha_response_field']
120

    
121
    def clean_recaptcha_challenge_field(self):
122
        if 'recaptcha_response_field' in self.cleaned_data:
123
            self.validate_captcha()
124
        return self.cleaned_data['recaptcha_challenge_field']
125

    
126
    def validate_captcha(self):
127
        rcf = self.cleaned_data['recaptcha_challenge_field']
128
        rrf = self.cleaned_data['recaptcha_response_field']
129
        check = captcha.submit(rcf, rrf, RECAPTCHA_PRIVATE_KEY, self.ip)
130
        if not check.is_valid:
131
            raise forms.ValidationError(_('You have not entered the correct words'))
132

    
133
    def save(self, commit=True):
134
        """
135
        Saves the email, first_name and last_name properties, after the normal
136
        save behavior is complete.
137
        """
138
        user = super(LocalUserCreationForm, self).save(commit=False)
139
        user.renew_token()
140
        if commit:
141
            user.save()
142
            logger.info('Created user %s', user)
143
        return user
144

    
145
class InvitedLocalUserCreationForm(LocalUserCreationForm):
146
    """
147
    Extends the LocalUserCreationForm: email is readonly.
148
    """
149
    class Meta:
150
        model = AstakosUser
151
        fields = ("email", "first_name", "last_name", "has_signed_terms")
152

    
153
    def __init__(self, *args, **kwargs):
154
        """
155
        Changes the order of fields, and removes the username field.
156
        """
157
        super(InvitedLocalUserCreationForm, self).__init__(*args, **kwargs)
158

    
159
        #set readonly form fields
160
        ro = ('email', 'username',)
161
        for f in ro:
162
            self.fields[f].widget.attrs['readonly'] = True
163
        
164

    
165
    def save(self, commit=True):
166
        user = super(InvitedLocalUserCreationForm, self).save(commit=False)
167
        level = user.invitation.inviter.level + 1
168
        user.level = level
169
        user.invitations = INVITATIONS_PER_LEVEL.get(level, 0)
170
        user.email_verified = True
171
        if commit:
172
            user.save()
173
        return user
174

    
175
class ThirdPartyUserCreationForm(forms.ModelForm):
176
    class Meta:
177
        model = AstakosUser
178
        fields = ("email", "first_name", "last_name", "third_party_identifier", "has_signed_terms")
179
    
180
    def __init__(self, *args, **kwargs):
181
        """
182
        Changes the order of fields, and removes the username field.
183
        """
184
        self.request = kwargs.get('request', None)
185
        if self.request:
186
            kwargs.pop('request')
187
        super(ThirdPartyUserCreationForm, self).__init__(*args, **kwargs)
188
        self.fields.keyOrder = ['email', 'first_name', 'last_name', 'third_party_identifier']
189
        if get_latest_terms():
190
            self.fields.keyOrder.append('has_signed_terms')
191
        #set readonly form fields
192
        ro = ["third_party_identifier", "first_name", "last_name"]
193
        for f in ro:
194
            self.fields[f].widget.attrs['readonly'] = True
195
        
196
        if 'has_signed_terms' in self.fields:
197
            # Overriding field label since we need to apply a link
198
            # to the terms within the label
199
            terms_link_html = '<a href="%s" target="_blank">%s</a>' \
200
                    % (reverse('latest_terms'), _("the terms"))
201
            self.fields['has_signed_terms'].label = \
202
                    mark_safe("I agree with %s" % terms_link_html)
203
    
204
    def clean_email(self):
205
        email = self.cleaned_data['email']
206
        if not email:
207
            raise forms.ValidationError(_("This field is required"))
208
        return email
209
    
210
    def clean_has_signed_terms(self):
211
        has_signed_terms = self.cleaned_data['has_signed_terms']
212
        if not has_signed_terms:
213
            raise forms.ValidationError(_('You have to agree with the terms'))
214
        return has_signed_terms
215
    
216
    def save(self, commit=True):
217
        user = super(ThirdPartyUserCreationForm, self).save(commit=False)
218
        user.set_unusable_password()
219
        user.renew_token()
220
        user.provider = get_query(self.request).get('provider')
221
        if commit:
222
            user.save()
223
            logger.info('Created user %s', user)
224
        return user
225

    
226
class InvitedThirdPartyUserCreationForm(ThirdPartyUserCreationForm):
227
    """
228
    Extends the ThirdPartyUserCreationForm: email is readonly.
229
    """
230
    def __init__(self, *args, **kwargs):
231
        """
232
        Changes the order of fields, and removes the username field.
233
        """
234
        super(InvitedThirdPartyUserCreationForm, self).__init__(*args, **kwargs)
235

    
236
        #set readonly form fields
237
        ro = ('email',)
238
        for f in ro:
239
            self.fields[f].widget.attrs['readonly'] = True
240
    
241
    def save(self, commit=True):
242
        user = super(InvitedThirdPartyUserCreationForm, self).save(commit=False)
243
        level = user.invitation.inviter.level + 1
244
        user.level = level
245
        user.invitations = INVITATIONS_PER_LEVEL.get(level, 0)
246
        user.email_verified = True
247
        if commit:
248
            user.save()
249
        return user
250

    
251
class ShibbolethUserCreationForm(ThirdPartyUserCreationForm):
252
    def clean_email(self):
253
        email = self.cleaned_data['email']
254
        for user in AstakosUser.objects.filter(email = email):
255
            if user.provider == 'shibboleth':
256
                raise forms.ValidationError(_("This email is already associated with another shibboleth account."))
257
            elif not user.is_active:
258
                raise forms.ValidationError(_("This email is already associated with an inactive account. \
259
                                              You need to wait to be activated before being able to switch to a shibboleth account."))
260
        super(ShibbolethUserCreationForm, self).clean_email()
261
        return email
262

    
263
class InvitedShibbolethUserCreationForm(ShibbolethUserCreationForm, InvitedThirdPartyUserCreationForm):
264
    pass
265
    
266
class LoginForm(AuthenticationForm):
267
    username = forms.EmailField(label=_("Email"))
268
    recaptcha_challenge_field = forms.CharField(widget=DummyWidget)
269
    recaptcha_response_field = forms.CharField(widget=RecaptchaWidget, label='')
270
    
271
    def __init__(self, *args, **kwargs):
272
        was_limited = kwargs.get('was_limited', False)
273
        request = kwargs.get('request', None)
274
        if request:
275
            self.ip = request.META.get('REMOTE_ADDR',
276
                                       request.META.get('HTTP_X_REAL_IP', None))
277
        
278
        t = ('request', 'was_limited')
279
        for elem in t:
280
            if elem in kwargs.keys():
281
                kwargs.pop(elem)
282
        super(LoginForm, self).__init__(*args, **kwargs)
283
        
284
        self.fields.keyOrder = ['username', 'password']
285
        if was_limited and RECAPTCHA_ENABLED:
286
            self.fields.keyOrder.extend(['recaptcha_challenge_field',
287
                                         'recaptcha_response_field',])
288
    
289
    def clean_recaptcha_response_field(self):
290
        if 'recaptcha_challenge_field' in self.cleaned_data:
291
            self.validate_captcha()
292
        return self.cleaned_data['recaptcha_response_field']
293

    
294
    def clean_recaptcha_challenge_field(self):
295
        if 'recaptcha_response_field' in self.cleaned_data:
296
            self.validate_captcha()
297
        return self.cleaned_data['recaptcha_challenge_field']
298

    
299
    def validate_captcha(self):
300
        rcf = self.cleaned_data['recaptcha_challenge_field']
301
        rrf = self.cleaned_data['recaptcha_response_field']
302
        check = captcha.submit(rcf, rrf, RECAPTCHA_PRIVATE_KEY, self.ip)
303
        if not check.is_valid:
304
            raise forms.ValidationError(_('You have not entered the correct words'))
305

    
306
class ProfileForm(forms.ModelForm):
307
    """
308
    Subclass of ``ModelForm`` for permiting user to edit his/her profile.
309
    Most of the fields are readonly since the user is not allowed to change them.
310

311
    The class defines a save method which sets ``is_verified`` to True so as the user
312
    during the next login will not to be redirected to profile page.
313
    """
314
    renew = forms.BooleanField(label='Renew token', required=False)
315

    
316
    class Meta:
317
        model = AstakosUser
318
        fields = ('email', 'first_name', 'last_name', 'auth_token', 'auth_token_expires')
319

    
320
    def __init__(self, *args, **kwargs):
321
        super(ProfileForm, self).__init__(*args, **kwargs)
322
        instance = getattr(self, 'instance', None)
323
        ro_fields = ('email', 'auth_token', 'auth_token_expires')
324
        if instance and instance.id:
325
            for field in ro_fields:
326
                self.fields[field].widget.attrs['readonly'] = True
327

    
328
    def save(self, commit=True):
329
        user = super(ProfileForm, self).save(commit=False)
330
        user.is_verified = True
331
        if self.cleaned_data.get('renew'):
332
            user.renew_token()
333
        if commit:
334
            user.save()
335
        return user
336

    
337
class FeedbackForm(forms.Form):
338
    """
339
    Form for writing feedback.
340
    """
341
    feedback_msg = forms.CharField(widget=forms.Textarea, label=u'Message')
342
    feedback_data = forms.CharField(widget=forms.HiddenInput(), label='',
343
                                    required=False)
344

    
345
class SendInvitationForm(forms.Form):
346
    """
347
    Form for sending an invitations
348
    """
349

    
350
    email = forms.EmailField(required = True, label = 'Email address')
351
    first_name = forms.EmailField(label = 'First name')
352
    last_name = forms.EmailField(label = 'Last name')
353

    
354
class ExtendedPasswordResetForm(PasswordResetForm):
355
    """
356
    Extends PasswordResetForm by overriding save method:
357
    passes a custom from_email in send_mail.
358

359
    Since Django 1.3 this is useless since ``django.contrib.auth.views.reset_password``
360
    accepts a from_email argument.
361
    """
362
    def clean_email(self):
363
        email = super(ExtendedPasswordResetForm, self).clean_email()
364
        try:
365
            user = AstakosUser.objects.get(email=email, is_active=True)
366
            if not user.has_usable_password():
367
                raise forms.ValidationError(_("This account has not a usable password."))
368
        except AstakosUser.DoesNotExist, e:
369
            raise forms.ValidationError(_('That e-mail address doesn\'t have an associated user account. Are you sure you\'ve registered?'))
370
        return email
371
    
372
    def save(self, domain_override=None, email_template_name='registration/password_reset_email.html',
373
             use_https=False, token_generator=default_token_generator, request=None):
374
        """
375
        Generates a one-use only link for resetting password and sends to the user.
376
        """
377
        for user in self.users_cache:
378
            url = reverse('django.contrib.auth.views.password_reset_confirm',
379
                          kwargs={'uidb36':int_to_base36(user.id),
380
                                  'token':token_generator.make_token(user)})
381
            url = urljoin(BASEURL, url)
382
            t = loader.get_template(email_template_name)
383
            c = {
384
                'email': user.email,
385
                'url': url,
386
                'site_name': SITENAME,
387
                'user': user,
388
                'baseurl': BASEURL,
389
                'support': DEFAULT_CONTACT_EMAIL
390
            }
391
            from_email = DEFAULT_FROM_EMAIL
392
            send_mail(_("Password reset on %s alpha2 testing") % SITENAME,
393
                t.render(Context(c)), from_email, [user.email])
394

    
395
class SignApprovalTermsForm(forms.ModelForm):
396
    class Meta:
397
        model = AstakosUser
398
        fields = ("has_signed_terms",)
399

    
400
    def __init__(self, *args, **kwargs):
401
        super(SignApprovalTermsForm, self).__init__(*args, **kwargs)
402

    
403
    def clean_has_signed_terms(self):
404
        has_signed_terms = self.cleaned_data['has_signed_terms']
405
        if not has_signed_terms:
406
            raise forms.ValidationError(_('You have to agree with the terms'))
407
        return has_signed_terms
408

    
409
class InvitationForm(forms.ModelForm):
410
    username = forms.EmailField(label=_("Email"))
411
    
412
    def __init__(self, *args, **kwargs):
413
        super(InvitationForm, self).__init__(*args, **kwargs)
414
    
415
    class Meta:
416
        model = Invitation
417
        fields = ('username', 'realname')
418
    
419
    def clean_username(self):
420
        username = self.cleaned_data['username']
421
        try:
422
            Invitation.objects.get(username = username)
423
            raise forms.ValidationError(_('There is already invitation for this email.'))
424
        except Invitation.DoesNotExist:
425
            pass
426
        return username