Revision 0778f7e1
b/pithos/im/target/invitation.py | ||
---|---|---|
37 | 37 |
|
38 | 38 |
from django.conf import settings |
39 | 39 |
from django.http import HttpResponseBadRequest |
40 |
from django.core.urlresolvers import reverse |
|
41 |
from django.utils.http import urlencode |
|
42 | 40 |
|
43 | 41 |
from pithos.im.models import Invitation |
44 | 42 |
from pithos.im.target.util import get_or_create_user, prepare_response |
... | ... | |
63 | 61 |
invitation.inviter.level + 1) |
64 | 62 |
|
65 | 63 |
next = request.GET.get('next') |
66 |
if settings.FORCE_PROFILE_UPDATE and not user.is_verified: |
|
67 |
params = urlencode({'next': next}) |
|
68 |
next = reverse('pithos.im.views.users_profile', args=(user.id,)) |
|
69 |
next = next + '?' + params |
|
70 | 64 |
|
71 | 65 |
return prepare_response(request, user, next, 'renew' in request.GET) |
b/pithos/im/target/local.py | ||
---|---|---|
34 | 34 |
from django.http import HttpResponse, HttpResponseRedirect, HttpResponseBadRequest |
35 | 35 |
from django.conf import settings |
36 | 36 |
from django.template.loader import render_to_string |
37 |
from django.core.urlresolvers import reverse |
|
38 |
from django.utils.http import urlencode |
|
39 | 37 |
|
40 | 38 |
from pithos.im.target.util import prepare_response |
41 | 39 |
from pithos.im.models import User |
... | ... | |
64 | 62 |
return HttpResponseBadRequest('Unverified account') |
65 | 63 |
|
66 | 64 |
next = request.POST.get('next') |
67 |
if settings.FORCE_PROFILE_UPDATE and not user.is_verified: |
|
68 |
params = urlencode({'next': next}) |
|
69 |
next = reverse('pithos.im.views.users_profile', args=(user.id,)) |
|
70 |
next = next + '?' + params |
|
71 | 65 |
|
72 | 66 |
return prepare_response(request, user, next) |
73 | 67 |
|
b/pithos/im/target/shibboleth.py | ||
---|---|---|
33 | 33 |
|
34 | 34 |
from django.http import HttpResponseBadRequest |
35 | 35 |
from django.core.urlresolvers import reverse |
36 |
from django.utils.http import urlencode |
|
37 |
from django.conf import settings |
|
38 | 36 |
|
39 | 37 |
from pithos.im.target.util import get_or_create_user, prepare_response |
40 | 38 |
|
... | ... | |
69 | 67 |
|
70 | 68 |
affiliation = tokens.get(Tokens.SHIB_EP_AFFILIATION, '') |
71 | 69 |
|
72 |
user = get_or_create_user(eppn, realname, affiliation, 0) |
|
73 |
next = request.GET.get('next') |
|
74 | 70 |
if settings.FORCE_PROFILE_UPDATE and not user.is_verified: |
75 | 71 |
params = urlencode({'next': next}) |
76 | 72 |
next = reverse('pithos.im.views.users_profile', args=(user.id,)) |
77 | 73 |
next = next + '?' + params |
78 | 74 |
|
79 | 75 |
return prepare_response(request, |
80 |
user,
|
|
81 |
next,
|
|
76 |
get_or_create_user(eppn, realname, affiliation, 0),
|
|
77 |
request.GET.get('next'),
|
|
82 | 78 |
'renew' in request.GET) |
b/pithos/im/target/twitter.py | ||
---|---|---|
115 | 115 |
uniq = '%s@twitter.com' % access_token['screen_name'] |
116 | 116 |
realname = access_token['user_id'] |
117 | 117 |
|
118 |
user = get_or_create_user(uniq, realname, 'Twitter', 0) |
|
119 |
next = request_token.get('next') |
|
120 |
if settings.FORCE_PROFILE_UPDATE and not user.is_verified: |
|
121 |
params = urlencode({'next': next}) |
|
122 |
next = reverse('pithos.im.views.users_profile', args=(user.id,)) |
|
123 |
next = next + '?' + params |
|
124 |
|
|
125 |
return prepare_response(request, user, next) |
|
118 |
return prepare_response(request, |
|
119 |
get_or_create_user(uniq, realname, 'Twitter', 0), |
|
120 |
request_token.get('next')) |
b/pithos/im/target/util.py | ||
---|---|---|
40 | 40 |
from django.conf import settings |
41 | 41 |
from django.http import HttpResponse |
42 | 42 |
from django.utils.http import urlencode |
43 |
from django.core.urlresolvers import reverse |
|
43 | 44 |
|
44 | 45 |
from pithos.im.models import User |
45 | 46 |
|
... | ... | |
76 | 77 |
if renew or user.auth_token_expires < datetime.datetime.now(): |
77 | 78 |
user.renew_token() |
78 | 79 |
user.save() |
80 |
|
|
79 | 81 |
if next: |
80 | 82 |
# TODO: Avoid redirect loops. |
81 | 83 |
parts = list(urlsplit(next)) |
... | ... | |
84 | 86 |
parts[3] = urlencode({'user': user.uniq, 'token': user.auth_token}) |
85 | 87 |
next = urlunsplit(parts) |
86 | 88 |
|
89 |
if settings.FORCE_PROFILE_UPDATE and not user.is_verified: |
|
90 |
params = '' |
|
91 |
if next: |
|
92 |
params = '?' + urlencode({'next': next}) |
|
93 |
next = reverse('pithos.im.views.users_profile') + params |
|
94 |
|
|
87 | 95 |
response = HttpResponse() |
88 | 96 |
expire_fmt = user.auth_token_expires.strftime('%a, %d-%b-%Y %H:%M:%S %Z') |
89 | 97 |
cookie_value = quote(user.uniq + '|' + user.auth_token) |
b/pithos/im/templates/users_profile.html | ||
---|---|---|
8 | 8 |
|
9 | 9 |
{% block body %} |
10 | 10 |
|
11 |
<form action="{% url pithos.im.views.users_edit user.id %}" method="post">
|
|
11 |
<form action="{% url pithos.im.views.users_edit%}" method="post"> |
|
12 | 12 |
<div class="clearfix"> |
13 | 13 |
<label for="user-id">ID</label> |
14 | 14 |
<div class="input"> |
b/pithos/im/urls.py | ||
---|---|---|
51 | 51 |
(r'^admin/invitations/?$', 'invitations_list'), |
52 | 52 |
(r'^admin/invitations/export/?$', 'invitations_export'), |
53 | 53 |
|
54 |
(r'^profile/(\d+)/?$', 'users_profile'),
|
|
55 |
(r'^profile/(\d+)/edit/?$', 'users_edit'),
|
|
54 |
(r'^profile/?$', 'users_profile'), |
|
55 |
(r'^profile/edit/?$', 'users_edit'), |
|
56 | 56 |
) |
57 | 57 |
|
58 | 58 |
urlpatterns += patterns('pithos.im.target', |
b/pithos/im/views.py | ||
---|---|---|
76 | 76 |
return func(request, *args) |
77 | 77 |
return wrapper |
78 | 78 |
|
79 |
def requires_my_login(func): |
|
80 |
@wraps(func) |
|
81 |
def wrapper(request, *args): |
|
82 |
print '>', request.user, args |
|
83 |
if not settings.BYPASS_ADMIN_AUTH: |
|
84 |
if not request.user: |
|
85 |
next = urlencode({'next': request.build_absolute_uri()}) |
|
86 |
login_uri = reverse(index) + '?' + next |
|
87 |
return HttpResponseRedirect(login_uri) |
|
88 |
else: |
|
89 |
user = User.objects.get(uniq=request.user) |
|
90 |
if user.id != int(args[0]): |
|
91 |
next = urlencode({'next': request.build_absolute_uri()}) |
|
92 |
login_uri = reverse(index) + '?' + next |
|
93 |
return HttpResponseRedirect(login_uri) |
|
94 |
return func(request, *args) |
|
95 |
return wrapper |
|
96 |
|
|
97 |
|
|
98 | 79 |
def requires_admin(func): |
99 | 80 |
@wraps(func) |
100 | 81 |
def wrapper(request, *args): |
... | ... | |
474 | 455 |
user.save() |
475 | 456 |
return redirect(users_info, user.id) |
476 | 457 |
|
477 |
@requires_my_login
|
|
478 |
def users_profile(request, user_id):
|
|
458 |
@requires_login |
|
459 |
def users_profile(request): |
|
479 | 460 |
next = request.GET.get('next') |
480 |
user = User.objects.get(id=user_id)
|
|
461 |
user = User.objects.get(uniq=request.user)
|
|
481 | 462 |
states = [x[0] for x in User.ACCOUNT_STATE] |
482 | 463 |
return render_response('users_profile.html', |
483 | 464 |
user=user, |
484 | 465 |
states=states, |
485 | 466 |
next=next) |
486 | 467 |
|
487 |
@requires_my_login
|
|
488 |
def users_edit(request, user_id):
|
|
489 |
user = User.objects.get(id=user_id)
|
|
468 |
@requires_login |
|
469 |
def users_edit(request): |
|
470 |
user = User.objects.get(uniq=request.user)
|
|
490 | 471 |
user.realname = request.POST.get('realname') |
491 | 472 |
user.affiliation = request.POST.get('affiliation') |
492 | 473 |
user.is_verified = True |
Also available in: Unified diff