Synnefo » astakos

docs/build

*.db

*.pyc

.DS_Store

Copyright 2011 GRNET S.A. All rights reserved.

Redistribution and use in source and binary forms, with or

without modification, are permitted provided that the following

conditions are met:

  1. Redistributions of source code must retain the above

     copyright notice, this list of conditions and the following

     disclaimer.

  2. Redistributions in binary form must reproduce the above

     copyright notice, this list of conditions and the following

     disclaimer in the documentation and/or other materials

     provided with the distribution.

THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS

OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR

CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT

LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF

USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED

AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN

ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE

POSSIBILITY OF SUCH DAMAGE.

The views and conclusions contained in the software and

documentation are those of the authors and should not be

interpreted as representing official policies, either expressed

or implied, of GRNET S.A.

global-include */templates/* */fixtures/* */static/*

global-exclude */.DS_Store

include astakos/settings.d/*

prune docs

prune other

README

======

Astakos is an identity management service, built by GRNET using Django (https://www.djangoproject.com/).

Learn more about Astakos at: http://code.grnet.gr/projects/astakos

Consult LICENSE for licensing information.

Documentation

-------------

All docs are in the docs/source directory. The .rst files are perfectly readable in source form.

To build the documentation you need to have Sphinx (http://sphinx.pocoo.org/) installed.

On a typical debian-based Linux system run:

    apt-get install python-django python-django-south python-setuptools python-sphinx python-httplib2

Then run:

    python setup.py build_sphinx

The documentation will be built in the docs/build/html directory.

Also run:

    python setup.py build_sphinx -b text

Then find the plain text version of the docs in docs/build/text.

Running the server

------------------

Make sure you have all required packages installed:

    apt-get install python-django python-setuptools python-sphinx python-httplib2

Then run:

    python manage.py syncdb

    python manage.py migrate im

    python manage.py loaddata admin_user

    python manage.py runserver

Go to:

	http://127.0.0.1:8000/im/admin?user=admin&token=0000

This server is useful during development, but should not be used for deployment.

To deploy Astakos using Apache, take a look at the Administrator Guide in docs.

UPGRADE

=======

0.7.9 -> 0.7.10

---------------

* Update settings.py (BACKEND_*, SERVICE_NAME, *_EMAIL, *_TARGET, IM_*)

* Update 'attributes' table in mysql (backend):

    mysql> update attributes set `key`='ETag' where `key`='hash';

* Upgrade 'im_user' table (im app):

    ALTER TABLE im_user ADD COLUMN 'password' VARCHAR(255);

0.7.10 -> 0.8.0

---------------

* Upgrade 'public' table in mysql (backend):

	* Run: mysqldump pithosdb public > public-table.sql

	* mysql> drop table public;

	* Update the codebase and run the server so the new public table is created

	* From the sql dump above, take the row:

		INSERT INTO `public` VALUES (...);

          Rewrite as:

		INSERT INTO `public`(`path`) VALUES (...);

	  And execute in the database

* Create settings.local with local setting overrides

* Install python-django-south

* Setup south:

    python manage.py syncdb

    python manage.py migrate im 0001 --fake

    python manage.py migrate im

0.8.0 -> 0.8.1

--------------

* Reset 'policy' table in mysql (backend):

    mysql> update policy set `value`='auto' where `key`='versioning';

0.8.1 -> 0.8.2

--------------

* Add the 'X-Forwarded-Protocol' header directive in the apache configuration, as described in the admin guide

* Update 'attributes' table in mysql (backend):

    mysql> CREATE TABLE `attributes_new` (

               `serial` int(11) NOT NULL,

               `domain` varchar(255) COLLATE utf8_bin NOT NULL,

               `key` varchar(255) COLLATE utf8_bin NOT NULL,

               `value` varchar(255) COLLATE utf8_bin DEFAULT NULL,

               PRIMARY KEY (`serial`,`domain`,`key`),

               CONSTRAINT FOREIGN KEY (`serial`) REFERENCES `versions` (`serial`) ON DELETE CASCADE ON UPDATE CASCADE

           ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;

    mysql> insert into attributes_new select `serial`, 'pithos', `key`, `value` from attributes;

    mysql> drop table attributes;

    mysql> alter table attributes_new rename to attributes;

* Update 'versions' table in mysql (backend):

    mysql> create temporary table tmp_uuids as select distinct node, uuid() as `uuid` from versions;

    mysql> alter table versions add column `uuid` varchar(64) DEFAULT '' NOT NULL after `muser`;

    mysql> update versions v, tmp_uuids u set v.`uuid` = u.`uuid` where v.`node` = u.`node`;

    mysql> create index idx_versions_node_uuid on versions(uuid);

# Copyright (c) Django Software Foundation and individual contributors.

# All rights reserved.

# 

# Redistribution and use in source and binary forms, with or without modification,

# are permitted provided that the following conditions are met:

# 

#     1. Redistributions of source code must retain the above copyright notice, 

#        this list of conditions and the following disclaimer.

#     

#     2. Redistributions in binary form must reproduce the above copyright 

#        notice, this list of conditions and the following disclaimer in the

#        documentation and/or other materials provided with the distribution.

# 

#     3. Neither the name of Django nor the names of its contributors may be used

#        to endorse or promote products derived from this software without

#        specific prior written permission.

# 

# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND

# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE

# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR

# ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES

# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON

# ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT

# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS

# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

VERSION = (0, 1, 0, 'alpha', 0)

def get_version():

    version = '%s.%s' % (VERSION[0], VERSION[1])

    if VERSION[2]:

        version = '%s.%s' % (version, VERSION[2])

    if VERSION[3:] == ('alpha', 0):

        version = '%s pre-alpha' % version

    else:

        if VERSION[3] != 'final':

            version = '%s %s %s' % (version, VERSION[3], VERSION[4])

    return version

# Copyright 2011 GRNET S.A. All rights reserved.

# 

# Redistribution and use in source and binary forms, with or

# without modification, are permitted provided that the following

# conditions are met:

# 

#   1. Redistributions of source code must retain the above

#      copyright notice, this list of conditions and the following

#      disclaimer.

# 

#   2. Redistributions in binary form must reproduce the above

#      copyright notice, this list of conditions and the following

#      disclaimer in the documentation and/or other materials

#      provided with the distribution.

# 

# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS

# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR

# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT

# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF

# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED

# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN

# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE

# POSSIBILITY OF SUCH DAMAGE.

# 

# The views and conclusions contained in the software and

# documentation are those of the authors and should not be

# interpreted as representing official policies, either expressed

# or implied, of GRNET S.A.

from traceback import format_exc

from time import time, mktime

from django.conf import settings

from django.http import HttpResponse

from django.utils import simplejson as json

from astakos.im.faults import BadRequest, Unauthorized, ServiceUnavailable

from astakos.im.models import User

import datetime

def render_fault(request, fault):

    if settings.DEBUG or settings.TEST:

        fault.details = format_exc(fault)

    request.serialization = 'text'

    data = '\n'.join((fault.message, fault.details)) + '\n'

    response = HttpResponse(data, status=fault.code)

    return response

def update_response_headers(response):

    response['Content-Type'] = 'application/json; charset=UTF-8'

    response['Content-Length'] = len(response.content)

def authenticate(request):

    # Normal Response Codes: 204

    # Error Response Codes: serviceUnavailable (503)

    #                       badRequest (400)

    #                       unauthorised (401)

    try:

        if request.method != 'GET':

            raise BadRequest('Method not allowed.')

        x_auth_token = request.META.get('HTTP_X_AUTH_TOKEN')

        if not x_auth_token:

            return render_fault(request, BadRequest('Missing X-Auth-Token'))

        try:

            user = User.objects.get(auth_token=x_auth_token)

        except User.DoesNotExist, e:

            return render_fault(request, Unauthorized('Invalid X-Auth-Token')) 

        # Check if the is active.

        if user.state != 'ACTIVE':

            return render_fault(request, Unauthorized('User inactive'))

        # Check if the token has expired.

        if (time() - mktime(user.auth_token_expires.timetuple())) > 0:

            return render_fault(request, Unauthorized('Authentication expired'))

        response = HttpResponse()

        response.status=204

        user_info = user.__dict__

        for k,v in user_info.items():

            if isinstance(v,  datetime.datetime):

                user_info[k] = v.strftime('%a, %d-%b-%Y %H:%M:%S %Z')

        user_info.pop('_state')

        response.content = json.dumps(user_info)

        update_response_headers(response)

        return response

    except BaseException, e:

        fault = ServiceUnavailable('Unexpected error')

        return render_fault(request, fault)

# Copyright 2011 GRNET S.A. All rights reserved.

# 

# Redistribution and use in source and binary forms, with or

# without modification, are permitted provided that the following

# conditions are met:

# 

#   1. Redistributions of source code must retain the above

#      copyright notice, this list of conditions and the following

#      disclaimer.

# 

#   2. Redistributions in binary form must reproduce the above

#      copyright notice, this list of conditions and the following

#      disclaimer in the documentation and/or other materials

#      provided with the distribution.

# 

# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS

# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR

# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT

# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF

# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED

# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN

# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE

# POSSIBILITY OF SUCH DAMAGE.

# 

# The views and conclusions contained in the software and

# documentation are those of the authors and should not be

# interpreted as representing official policies, either expressed

# or implied, of GRNET S.A.

def camelCase(s):

    return s[0].lower() + s[1:]

class Fault(Exception):

    def __init__(self, message='', details='', name=''):

        Exception.__init__(self, message, details, name)

        self.message = message

        self.details = details

        self.name = name or camelCase(self.__class__.__name__)

class BadRequest(Fault):

    code = 400

class Unauthorized(Fault):

    code = 401

class ServiceUnavailable(Fault):

    code = 503

[

    {

        "model": "im.User",

        "pk": 1,

        "fields": {

            "uniq": "admin",

            "password": "admin",

            "level": 0,

            "state": ACTIVE,

            "invitations": 10000,

			"is_admin": true,

            "auth_token": "0000",

            "auth_token_created": "2011-09-11 09:17:14",

            "auth_token_expires": "2012-09-11 09:17:14",

            "created": "2011-09-11",

            "updated": "2011-09-11"

   	    }

    }

]

[

    {

        "model": "im.User",

        "pk": 1,

        "fields": {

            "uniq": "test",

            "level": 0,

            "state": "ACTIVE",

            "invitations": 10000,

            "auth_token": "0000",

            "auth_token_created": "2011-04-07 09:17:14",

            "auth_token_expires": "2015-04-07 09:17:14",

            "created": "2011-02-06",

            "updated": "2011-02-06"

   	    }

    },

    {

        "model": "im.User",

        "pk": 2,

        "fields": {

            "uniq": "verigak",

            "level": 1,

            "state": "ACTIVE",

            "invitations": 3,

            "is_admin": 1,

            "auth_token": "0001",

            "auth_token_created": "2011-04-07 09:17:14",

            "auth_token_expires": "2015-04-07 09:17:14",

            "created": "2011-02-06",

            "updated": "2011-02-06"

   	    }

    },

    {

        "model": "im.User",

        "pk": 3,

        "fields": {

            "uniq": "chazapis",

            "level": 1,

            "state": "ACTIVE",

            "invitations": 3,

            "auth_token": "0002",

            "auth_token_created": "2011-04-07 09:17:14",

            "auth_token_expires": "2015-04-07 09:17:14",

            "created": "2011-02-06",

            "updated": "2011-02-06"

   	    }

    },

    {

        "model": "im.User",

        "pk": 4,

        "fields": {

            "uniq": "gtsouk",

            "level": 1,

            "state": "ACTIVE",

            "invitations": 3,

            "auth_token": "0003",

            "auth_token_created": "2011-04-07 09:17:14",

            "auth_token_expires": "2015-04-07 09:17:14",

            "created": "2011-02-06",

            "updated": "2011-02-06"

   	    }

    },

    {

        "model": "im.User",

        "pk": 5,

        "fields": {

            "uniq": "papagian",

            "level": 1,

            "state": "ACTIVE",

            "invitations": 3,

            "auth_token": "0004",

            "auth_token_created": "2011-04-07 09:17:14",

            "auth_token_expires": "2015-04-07 09:17:14",

            "created": "2011-02-06",

            "updated": "2011-02-06"

   	    }

    },

    {

        "model": "im.User",

        "pk": 6,

        "fields": {

            "uniq": "louridas",

            "level": 1,

            "state": "ACTIVE",

            "invitations": 3,

            "auth_token": "0005",

            "auth_token_created": "2011-04-07 09:17:14",

            "auth_token_expires": "2015-04-07 09:17:14",

            "created": "2011-02-06",

            "updated": "2011-02-06"

   	    }

    },

    {

        "model": "im.User",

        "pk": 7,

        "fields": {

            "uniq": "chstath",

            "level": 1,

            "state": "ACTIVE",

            "invitations": 3,

            "auth_token": "0006",

            "auth_token_created": "2011-04-07 09:17:14",

            "auth_token_expires": "2015-04-07 09:17:14",

            "created": "2011-02-06",

            "updated": "2011-02-06"

   	    }

    },

    {

        "model": "im.User",

        "pk": 8,

        "fields": {

            "uniq": "pkanavos",

            "level": 1,

            "state": "ACTIVE",

            "invitations": 3,

            "auth_token": "0007",

            "auth_token_created": "2011-04-07 09:17:14",

            "auth_token_expires": "2015-04-07 09:17:14",

            "created": "2011-02-06",

            "updated": "2011-02-06"

   	    }

    },

    {

        "model": "im.User",

        "pk": 9,

        "fields": {

            "uniq": "mvasilak",

            "level": 1,

            "state": "ACTIVE",

            "invitations": 3,

            "auth_token": "0008",

            "auth_token_created": "2011-04-07 09:17:14",

            "auth_token_expires": "2015-04-07 09:17:14",

            "created": "2011-02-06",

            "updated": "2011-02-06"

   	    }

    },

    {

        "model": "im.User",

        "pk": 10,

        "fields": {

            "uniq": "διογένης",

            "level": 2,

            "state": "ACTIVE",

            "invitations": 2,

            "auth_token": "0009",

            "auth_token_created": "2011-04-07 09:17:14",

            "auth_token_expires": "2015-04-07 09:17:14",

            "created": "2011-02-06",

            "updated": "2011-02-06"

   	    }

    }

]

# Copyright 2011 GRNET S.A. All rights reserved.

# 

# Redistribution and use in source and binary forms, with or

# without modification, are permitted provided that the following

# conditions are met:

# 

#   1. Redistributions of source code must retain the above

#      copyright notice, this list of conditions and the following

#      disclaimer.

# 

#   2. Redistributions in binary form must reproduce the above

#      copyright notice, this list of conditions and the following

#      disclaimer in the documentation and/or other materials

#      provided with the distribution.

# 

# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS

# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR

# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT

# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF

# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED

# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN

# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE

# POSSIBILITY OF SUCH DAMAGE.

# 

# The views and conclusions contained in the software and

# documentation are those of the authors and should not be

# interpreted as representing official policies, either expressed

# or implied, of GRNET S.A.

from django import forms

from django.utils.translation import ugettext as _

from django.conf import settings

from astakos.im.models import User

openid_providers = (

('Google','https://www.google.com/accounts/o8/id'),

('Yahoo', 'http://yahoo.com/'),

('AOL','http://openid.aol.com/%s/'),

('OpenID', None),

('MyOpenID','http://%s.myopenid.com/'),

('LiveJournal', 'http://%s.livejournal.com/'),

('Flickr', 'http://flickr.com/%s/'),

('Technorati', 'http://technorati.com/people/technorati/%s/'),

('Wordpress', 'http://%s.wordpress.com/'),

('Blogger', 'http://%s.blogspot.com/'),

('Verisign', 'http://%s.pip.verisignlabs.com/'),

('Vidoop', 'http://%s.myvidoop.com/'),

('ClaimID','http://claimid.com/%s')    

)

class RegisterForm(forms.Form):

    uniq = forms.CharField(widget=forms.widgets.TextInput())

    provider = forms.CharField(widget=forms.TextInput(),

                                label=u'Identity Provider')

    email = forms.EmailField(widget=forms.TextInput(),

                             label=_('Email address'))

    realname = forms.CharField(widget=forms.TextInput(),

                                label=u'Real Name')

    def __init__(self, *args, **kwargs):

        super(forms.Form, self).__init__(*args, **kwargs)

        #set readonly form fields

        self.fields['provider'].widget.attrs['readonly'] = True

    def clean_uniq(self):

        """

        Validate that the uniq is alphanumeric and is not already

        in use.

        """

        try:

            user = User.objects.get(uniq__iexact=self.cleaned_data['uniq'])

        except User.DoesNotExist:

            return self.cleaned_data['uniq']

        raise forms.ValidationError(_("A user with that uniq already exists."))

class ShibbolethRegisterForm(RegisterForm):

    pass

class TwitterRegisterForm(RegisterForm):

    pass

class OpenidRegisterForm(RegisterForm):

    openidurl = forms.ChoiceField(widget=forms.Select,

                                  choices=((url, l) for l, url in openid_providers))

class LocalRegisterForm(RegisterForm):

    """ local signup form"""

    password = forms.CharField(widget=forms.PasswordInput(render_value=False),

                                label=_('Password'))

    password2 = forms.CharField(widget=forms.PasswordInput(render_value=False),

                                label=_('Confirm Password'))

    def __init__(self, *args, **kwargs):

        super(LocalRegisterForm, self).__init__(*args, **kwargs)

    def clean_uniq(self):

        """

        Validate that the uniq is alphanumeric and is not already

        in use.

        """

        try:

            user = User.objects.get(uniq__iexact=self.cleaned_data['uniq'])

        except User.DoesNotExist:

            return self.cleaned_data['uniq']

        raise forms.ValidationError(_("A user with that uniq already exists."))

    def clean(self):

        """

        Verifiy that the values entered into the two password fields

        match. Note that an error here will end up in

        ``non_field_errors()`` because it doesn't apply to a single

        field.

        """

        if 'password' in self.cleaned_data and 'password2' in self.cleaned_data:

            if self.cleaned_data['password'] != self.cleaned_data['password2']:

                raise forms.ValidationError(_("The two password fields didn't match."))

        return self.cleaned_data

class InvitedRegisterForm(RegisterForm):

    inviter = forms.CharField(widget=forms.TextInput(),

                                label=_('Inviter Real Name'))

    def __init__(self, *args, **kwargs):

        super(RegisterForm, self).__init__(*args, **kwargs)

        #set readonly form fields

        self.fields['uniq'].widget.attrs['readonly'] = True

        self.fields['inviter'].widget.attrs['readonly'] = True

        self.fields['provider'].widget.attrs['provider'] = True

class InvitedLocalRegisterForm(LocalRegisterForm, InvitedRegisterForm):

    pass

class InvitedOpenidRegisterForm(OpenidRegisterForm, InvitedRegisterForm):

    pass

class InvitedTwitterRegisterForm(TwitterRegisterForm, InvitedRegisterForm):

    pass

class InvitedShibbolethRegisterForm(ShibbolethRegisterForm, InvitedRegisterForm):

    pass

# Copyright 2011 GRNET S.A. All rights reserved.

# 

# Redistribution and use in source and binary forms, with or

# without modification, are permitted provided that the following

# conditions are met:

# 

#   1. Redistributions of source code must retain the above

#      copyright notice, this list of conditions and the following

#      disclaimer.

# 

#   2. Redistributions in binary form must reproduce the above

#      copyright notice, this list of conditions and the following

#      disclaimer in the documentation and/or other materials

#      provided with the distribution.

# 

# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS

# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR

# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT

# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF

# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED

# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN

# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE

# POSSIBILITY OF SUCH DAMAGE.

# 

# The views and conclusions contained in the software and

# documentation are those of the authors and should not be

# interpreted as representing official policies, either expressed

# or implied, of GRNET S.A.

from pithos.backends import connect_backend

def get_quota(user):

    backend = connect_backend()

    quota = backend.get_account_policy(user, user)['quota']

    backend.close()

    return quota

def set_quota(user, quota):

    backend = connect_backend()

    backend.update_account_policy(user, user, {'quota': quota})

    backend.close()

    return quota

# encoding: utf-8

import datetime

from south.db import db

from south.v2 import SchemaMigration

from django.db import models

class Migration(SchemaMigration):

    def forwards(self, orm):

        # Adding model 'User'

        db.create_table('im_user', (

            ('id', self.gf('django.db.models.fields.AutoField')(primary_key=True)),

            ('uniq', self.gf('django.db.models.fields.CharField')(max_length=255, null=True)),

            ('realname', self.gf('django.db.models.fields.CharField')(default='', max_length=255)),

            ('email', self.gf('django.db.models.fields.CharField')(default='', max_length=255)),

            ('affiliation', self.gf('django.db.models.fields.CharField')(default='', max_length=255)),

            ('state', self.gf('django.db.models.fields.CharField')(default='ACTIVE', max_length=16)),

            ('level', self.gf('django.db.models.fields.IntegerField')(default=4)),

            ('invitations', self.gf('django.db.models.fields.IntegerField')(default=0)),

            ('password', self.gf('django.db.models.fields.CharField')(default='', max_length=255)),

            ('is_admin', self.gf('django.db.models.fields.BooleanField')(default=False)),

            ('auth_token', self.gf('django.db.models.fields.CharField')(max_length=32, null=True, blank=True)),

            ('auth_token_created', self.gf('django.db.models.fields.DateTimeField')(null=True)),

            ('auth_token_expires', self.gf('django.db.models.fields.DateTimeField')(null=True)),

            ('created', self.gf('django.db.models.fields.DateTimeField')()),

            ('updated', self.gf('django.db.models.fields.DateTimeField')()),

        ))

        db.send_create_signal('im', ['User'])

        # Adding model 'Invitation'

        db.create_table('im_invitation', (

            ('id', self.gf('django.db.models.fields.AutoField')(primary_key=True)),

            ('inviter', self.gf('django.db.models.fields.related.ForeignKey')(related_name='invitations_sent', null=True, to=orm['im.User'])),

            ('realname', self.gf('django.db.models.fields.CharField')(max_length=255)),

            ('uniq', self.gf('django.db.models.fields.CharField')(max_length=255)),

            ('code', self.gf('django.db.models.fields.BigIntegerField')(db_index=True)),

            ('is_accepted', self.gf('django.db.models.fields.BooleanField')(default=False)),

            ('created', self.gf('django.db.models.fields.DateTimeField')(auto_now_add=True, blank=True)),

            ('accepted', self.gf('django.db.models.fields.DateTimeField')(null=True, blank=True)),

        ))

        db.send_create_signal('im', ['Invitation'])

    def backwards(self, orm):

        # Deleting model 'User'

        db.delete_table('im_user')

        # Deleting model 'Invitation'

        db.delete_table('im_invitation')

    models = {

        'im.invitation': {

            'Meta': {'object_name': 'Invitation'},

            'accepted': ('django.db.models.fields.DateTimeField', [], {'null': 'True', 'blank': 'True'}),

            'code': ('django.db.models.fields.BigIntegerField', [], {'db_index': 'True'}),

            'created': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}),

            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),

            'inviter': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'invitations_sent'", 'null': 'True', 'to': "orm['im.User']"}),

            'is_accepted': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),

            'realname': ('django.db.models.fields.CharField', [], {'max_length': '255'}),

            'uniq': ('django.db.models.fields.CharField', [], {'max_length': '255'})

        },

        'im.user': {

            'Meta': {'object_name': 'User'},

            'affiliation': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255'}),

            'auth_token': ('django.db.models.fields.CharField', [], {'max_length': '32', 'null': 'True', 'blank': 'True'}),

            'auth_token_created': ('django.db.models.fields.DateTimeField', [], {'null': 'True'}),

            'auth_token_expires': ('django.db.models.fields.DateTimeField', [], {'null': 'True'}),

            'created': ('django.db.models.fields.DateTimeField', [], {}),

            'email': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255'}),

            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),

            'invitations': ('django.db.models.fields.IntegerField', [], {'default': '0'}),

            'is_admin': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),

            'level': ('django.db.models.fields.IntegerField', [], {'default': '4'}),

            'password': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255'}),

            'realname': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255'}),

            'state': ('django.db.models.fields.CharField', [], {'default': "'ACTIVE'", 'max_length': '16'}),

            'uniq': ('django.db.models.fields.CharField', [], {'max_length': '255', 'null': 'True'}),

            'updated': ('django.db.models.fields.DateTimeField', [], {})

        }

    }

    complete_apps = ['im']

# encoding: utf-8

import datetime

from south.db import db

from south.v2 import SchemaMigration

from django.db import models

class Migration(SchemaMigration):

    def forwards(self, orm):

        # Adding field 'User.is_verified'

        db.add_column('im_user', 'is_verified', self.gf('django.db.models.fields.BooleanField')(default=False), keep_default=False)

    def backwards(self, orm):

        # Deleting field 'User.is_verified'

        db.delete_column('im_user', 'is_verified')

    models = {

        'im.invitation': {

            'Meta': {'object_name': 'Invitation'},

            'accepted': ('django.db.models.fields.DateTimeField', [], {'null': 'True', 'blank': 'True'}),

            'code': ('django.db.models.fields.BigIntegerField', [], {'db_index': 'True'}),

            'created': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}),

            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),

            'inviter': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'invitations_sent'", 'null': 'True', 'to': "orm['im.User']"}),

            'is_accepted': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),

            'realname': ('django.db.models.fields.CharField', [], {'max_length': '255'}),

            'uniq': ('django.db.models.fields.CharField', [], {'max_length': '255'})

        },

        'im.user': {

            'Meta': {'object_name': 'User'},

            'affiliation': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255'}),

            'auth_token': ('django.db.models.fields.CharField', [], {'max_length': '32', 'null': 'True', 'blank': 'True'}),

            'auth_token_created': ('django.db.models.fields.DateTimeField', [], {'null': 'True'}),

            'auth_token_expires': ('django.db.models.fields.DateTimeField', [], {'null': 'True'}),

            'created': ('django.db.models.fields.DateTimeField', [], {}),

            'email': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255'}),

            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),

            'invitations': ('django.db.models.fields.IntegerField', [], {'default': '0'}),

            'is_admin': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),

            'is_verified': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),

            'level': ('django.db.models.fields.IntegerField', [], {'default': '4'}),

            'password': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255'}),

            'realname': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255'}),

            'state': ('django.db.models.fields.CharField', [], {'default': "'ACTIVE'", 'max_length': '16'}),

            'uniq': ('django.db.models.fields.CharField', [], {'max_length': '255', 'null': 'True'}),

            'updated': ('django.db.models.fields.DateTimeField', [], {})

        }

    }

    complete_apps = ['im']

# encoding: utf-8

import datetime

from south.db import db

from south.v2 import SchemaMigration

from django.db import models

class Migration(SchemaMigration):

    def forwards(self, orm):

        # Adding field 'User.provider'

        db.add_column('im_user', 'provider', self.gf('django.db.models.fields.CharField')(default='', max_length=255), keep_default=False)

        # Adding field 'User.openidurl'

        db.add_column('im_user', 'openidurl', self.gf('django.db.models.fields.CharField')(default='', max_length=255), keep_default=False)

        # Adding field 'Invitation.is_consumed'

        db.add_column('im_invitation', 'is_consumed', self.gf('django.db.models.fields.BooleanField')(default=False), keep_default=False)

        # Adding field 'Invitation.consumed'

        db.add_column('im_invitation', 'consumed', self.gf('django.db.models.fields.DateTimeField')(null=True, blank=True), keep_default=False)

    def backwards(self, orm):

        # Deleting field 'User.provider'

        db.delete_column('im_user', 'provider')

        # Deleting field 'User.openidurl'

        db.delete_column('im_user', 'openidurl')

        # Deleting field 'Invitation.is_consumed'

        db.delete_column('im_invitation', 'is_consumed')

        # Deleting field 'Invitation.consumed'

        db.delete_column('im_invitation', 'consumed')

    models = {

        'im.invitation': {

            'Meta': {'object_name': 'Invitation'},

            'accepted': ('django.db.models.fields.DateTimeField', [], {'null': 'True', 'blank': 'True'}),

            'code': ('django.db.models.fields.BigIntegerField', [], {'db_index': 'True'}),

            'consumed': ('django.db.models.fields.DateTimeField', [], {'null': 'True', 'blank': 'True'}),

            'created': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}),

            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),

            'inviter': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'invitations_sent'", 'null': 'True', 'to': "orm['im.User']"}),

            'is_accepted': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),

            'is_consumed': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),

            'realname': ('django.db.models.fields.CharField', [], {'max_length': '255'}),

            'uniq': ('django.db.models.fields.CharField', [], {'max_length': '255'})

        },

        'im.user': {

            'Meta': {'object_name': 'User'},

            'affiliation': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255'}),

            'auth_token': ('django.db.models.fields.CharField', [], {'max_length': '32', 'null': 'True', 'blank': 'True'}),

            'auth_token_created': ('django.db.models.fields.DateTimeField', [], {'null': 'True'}),

            'auth_token_expires': ('django.db.models.fields.DateTimeField', [], {'null': 'True'}),

            'created': ('django.db.models.fields.DateTimeField', [], {}),

            'email': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255'}),

            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),

            'invitations': ('django.db.models.fields.IntegerField', [], {'default': '0'}),

            'is_admin': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),

            'is_verified': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),

            'level': ('django.db.models.fields.IntegerField', [], {'default': '4'}),

            'openidurl': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255'}),

            'password': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255'}),

            'provider': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255'}),

            'realname': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255'}),

            'state': ('django.db.models.fields.CharField', [], {'default': "'PENDING'", 'max_length': '16'}),

            'uniq': ('django.db.models.fields.CharField', [], {'max_length': '255', 'null': 'True'}),

            'updated': ('django.db.models.fields.DateTimeField', [], {})

        }

    }

    complete_apps = ['im']

# Copyright 2011 GRNET S.A. All rights reserved.

# 

# Redistribution and use in source and binary forms, with or

# without modification, are permitted provided that the following

# conditions are met:

# 

#   1. Redistributions of source code must retain the above

#      copyright notice, this list of conditions and the following

#      disclaimer.

# 

#   2. Redistributions in binary form must reproduce the above

#      copyright notice, this list of conditions and the following

#      disclaimer in the documentation and/or other materials

#      provided with the distribution.

# 

# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS

# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR

# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT

# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF

# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED

# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN

# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE

# POSSIBILITY OF SUCH DAMAGE.

# 

# The views and conclusions contained in the software and

# documentation are those of the authors and should not be

# interpreted as representing official policies, either expressed

# or implied, of GRNET S.A.

import logging

import hashlib

from time import asctime

from datetime import datetime, timedelta

from base64 import b64encode

from django.conf import settings

from django.db import models

from astakos.im.interface import get_quota, set_quota

from hashlib import new as newhasher

class User(models.Model):

    ACCOUNT_STATE = (

        ('ACTIVE', 'Active'),

        ('DELETED', 'Deleted'),

        ('SUSPENDED', 'Suspended'),

        ('UNVERIFIED', 'Unverified'),

        ('PENDING', 'Pending')

    )

    uniq = models.CharField('Unique ID', max_length=255, null=True)

    realname = models.CharField('Real Name', max_length=255, default='')

    email = models.CharField('Email', max_length=255, default='')

    affiliation = models.CharField('Affiliation', max_length=255, default='')

    provider = models.CharField('Provider', max_length=255, default='')

    state = models.CharField('Account state', choices=ACCOUNT_STATE,

                                max_length=16, default='PENDING')

    #for invitations

    level = models.IntegerField('Inviter level', default=4)

    invitations = models.IntegerField('Invitations left', default=0)

    #for local

    password = models.CharField('Password', max_length=255, default='')

    is_admin = models.BooleanField('Admin?', default=False)

    auth_token = models.CharField('Authentication Token', max_length=32,

                                    null=True, blank=True)

    auth_token_created = models.DateTimeField('Token creation date',

                                                null=True)

    auth_token_expires = models.DateTimeField('Token expiration date',

                                                null=True)

    created = models.DateTimeField('Creation date')

    updated = models.DateTimeField('Update date')

    is_verified = models.BooleanField('Verified?', default=False)

    openidurl = models.CharField('OpenID url', max_length=255, default='')

    @property

    def quota(self):

        return get_quota(self.uniq)

    @quota.setter

    def quota(self, value):

        set_quota(self.uniq, value)

    @property

    def invitation(self):

        try:

            return Invitation.objects.get(uniq=self.uniq)

        except Invitation.DoesNotExist:

            return None

    def save(self, update_timestamps=True, **kwargs):

        if update_timestamps:

            if not self.id:

                self.created = datetime.now()

            self.updated = datetime.now()

        super(User, self).save(**kwargs)

        #invitation consume

        if self.invitation and not self.invitation.is_consumed:

            self.invitation.consume()

    def renew_token(self):

        md5 = hashlib.md5()

        md5.update(self.uniq)

        md5.update(self.realname.encode('ascii', 'ignore'))

        md5.update(asctime())

        self.auth_token = b64encode(md5.digest())

        self.auth_token_created = datetime.now()

        self.auth_token_expires = self.auth_token_created + \

                                  timedelta(hours=settings.AUTH_TOKEN_DURATION)

    def __unicode__(self):

        return self.uniq

class Invitation(models.Model):

    inviter = models.ForeignKey(User, related_name='invitations_sent',

                                null=True)

    realname = models.CharField('Real name', max_length=255)

    uniq = models.CharField('Unique ID', max_length=255)

    code = models.BigIntegerField('Invitation code', db_index=True)

    #obsolete: we keep it just for transfering the data

    is_accepted = models.BooleanField('Accepted?', default=False)

    is_consumed = models.BooleanField('Consumed?', default=False)

    created = models.DateTimeField('Creation date', auto_now_add=True)

    #obsolete: we keep it just for transfering the data

    accepted = models.DateTimeField('Acceptance date', null=True, blank=True)

    consumed = models.DateTimeField('Consumption date', null=True, blank=True)

    def consume(self):

        self.is_consumed = True

        self.consumed = datetime.now()

        self.save()

    def __unicode__(self):

        return '%s -> %s [%d]' % (self.inviter, self.uniq, self.code)

/*!

 * Bootstrap v1.3.0

 *

 * Copyright 2011 Twitter, Inc

 * Licensed under the Apache License v2.0

 * http://www.apache.org/licenses/LICENSE-2.0

 *

 * Designed and built with all the love in the world @twitter by @mdo and @fat.

 * Date: Thu Sep 22 12:52:42 PDT 2011

 */

/* Reset.less

 * Props to Eric Meyer (meyerweb.com) for his CSS reset file. We're using an adapted version here	that cuts out some of the reset HTML elements we will never need here (i.e., dfn, samp, etc).

 * ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- */

html, body {

  margin: 0;

  padding: 0;

}

h1,

h2,

h3,

h4,

h5,

h6,

p,

blockquote,

pre,

a,

abbr,

acronym,

address,

cite,

code,

del,

dfn,

em,

img,

q,

s,

samp,

small,

strike,

strong,

sub,

sup,

tt,

var,

dd,

dl,

dt,

li,

ol,

ul,

fieldset,

form,

label,

legend,

button,

table,

caption,

tbody,

tfoot,

thead,

tr,

th,

td {

  margin: 0;

  padding: 0;

  border: 0;

  font-weight: normal;

  font-style: normal;

  font-size: 100%;

  line-height: 1;

  font-family: inherit;

}

table {

  border-collapse: collapse;

  border-spacing: 0;

}

ol, ul {

  list-style: none;

}

q:before,

q:after,

blockquote:before,

blockquote:after {

  content: "";

}

html {

  overflow-y: scroll;

  font-size: 100%;

  -webkit-text-size-adjust: 100%;

  -ms-text-size-adjust: 100%;

}

a:focus {

  outline: thin dotted;

}

a:hover, a:active {

  outline: 0;

}

article,

aside,

details,

figcaption,

figure,

footer,

header,

hgroup,

nav,

section {

  display: block;

}

audio, canvas, video {

  display: inline-block;

  *display: inline;

  *zoom: 1;

}

audio:not([controls]) {

  display: none;

}

sub, sup {

  font-size: 75%;

  line-height: 0;

  position: relative;

  vertical-align: baseline;

}

sup {

  top: -0.5em;

}

sub {

  bottom: -0.25em;

}

img {

  border: 0;

  -ms-interpolation-mode: bicubic;

}

button,

input,

select,

textarea {

  font-size: 100%;

  margin: 0;

  vertical-align: baseline;

  *vertical-align: middle;

}

button, input {

  line-height: normal;

  *overflow: visible;

}

button::-moz-focus-inner, input::-moz-focus-inner {

  border: 0;

  padding: 0;

}

button,

input[type="button"],

input[type="reset"],

input[type="submit"] {

  cursor: pointer;

  -webkit-appearance: button;

}

input[type="search"] {

  -webkit-appearance: textfield;

  -webkit-box-sizing: content-box;

  -moz-box-sizing: content-box;

  box-sizing: content-box;

}

input[type="search"]::-webkit-search-decoration {

  -webkit-appearance: none;

}

textarea {

  overflow: auto;

  vertical-align: top;

}

/* Variables.less

 * Variables to customize the look and feel of Bootstrap

 * ----------------------------------------------------- */

/* Variables.less

 * Snippets of reusable CSS to develop faster and keep code readable

 * ----------------------------------------------------------------- */

/*

 * Scaffolding

 * Basic and global styles for generating a grid system, structural layout, and page templates

 * ------------------------------------------------------------------------------------------- */

html, body {

  background-color: #ffffff;

}

body {

  margin: 0;

  font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;

  font-size: 13px;

  font-weight: normal;

  line-height: 18px;

  color: #404040;

}

.container {

  width: 940px;

  margin-left: auto;

  margin-right: auto;

  zoom: 1;

}

.container:before, .container:after {

  display: table;

  content: "";

  zoom: 1;

  *display: inline;

}

.container:after {

  clear: both;

}

.container-fluid {

  position: relative;

  min-width: 940px;

  padding-left: 20px;

  padding-right: 20px;

  zoom: 1;

}

.container-fluid:before, .container-fluid:after {

  display: table;

  content: "";

  zoom: 1;

  *display: inline;

}

.container-fluid:after {

  clear: both;

}

.container-fluid > .sidebar {

  float: left;

  width: 220px;

}

.container-fluid > .content {

  margin-left: 240px;

}

a {

  color: #0069d6;

  text-decoration: none;

  line-height: inherit;

  font-weight: inherit;

}

a:hover {

  color: #00438a;

  text-decoration: underline;

}

.pull-right {

  float: right;

}

.pull-left {

  float: left;

}

.hide {

  display: none;

}

.show {

  display: block;

}

.row {

  zoom: 1;

  margin-left: -20px;

}

.row:before, .row:after {

  display: table;

  content: "";

  zoom: 1;

  *display: inline;

}

.row:after {