Revision 1808f7bc
b/snf-astakos-app/astakos/im/activation_backends.py | ||
---|---|---|
90 | 90 |
>>> backend = get_backend() |
91 | 91 |
>>> formCls = backend.get_signup_form(request.POST) |
92 | 92 |
>>> if form.is_valid(): |
93 |
>>> user = form.save(commit=False) |
|
94 |
>>> # this creates auth provider objects |
|
95 |
>>> form.store_user(user) |
|
93 |
>>> user = form.create_user() |
|
96 | 94 |
>>> activation = backend.handle_registration(user) |
97 | 95 |
>>> # activation.status is one of backend.Result.{*} activation result |
98 | 96 |
>>> # types |
b/snf-astakos-app/astakos/im/auth.py | ||
---|---|---|
1 |
# Copyright 2013 GRNET S.A. All rights reserved. |
|
2 |
# |
|
3 |
# Redistribution and use in source and binary forms, with or |
|
4 |
# without modification, are permitted provided that the following |
|
5 |
# conditions are met: |
|
6 |
# |
|
7 |
# 1. Redistributions of source code must retain the above |
|
8 |
# copyright notice, this list of conditions and the following |
|
9 |
# disclaimer. |
|
10 |
# |
|
11 |
# 2. Redistributions in binary form must reproduce the above |
|
12 |
# copyright notice, this list of conditions and the following |
|
13 |
# disclaimer in the documentation and/or other materials |
|
14 |
# provided with the distribution. |
|
15 |
# |
|
16 |
# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS |
|
17 |
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
|
18 |
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
19 |
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR |
|
20 |
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
21 |
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
|
22 |
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF |
|
23 |
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED |
|
24 |
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|
25 |
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
|
26 |
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
27 |
# POSSIBILITY OF SUCH DAMAGE. |
|
28 |
# |
|
29 |
# The views and conclusions contained in the software and |
|
30 |
# documentation are those of the authors and should not be |
|
31 |
# interpreted as representing official policies, either expressed |
|
32 |
# or implied, of GRNET S.A. |
|
33 |
|
|
34 |
import uuid |
|
35 |
import datetime |
|
36 |
from astakos.im import models |
|
37 |
|
|
38 |
|
|
39 |
def _finalize_astakosuser_object(user, has_signed_terms=False): |
|
40 |
user.fix_username() |
|
41 |
if has_signed_terms: |
|
42 |
user.has_signed_terms = True |
|
43 |
user.date_signed_terms = datetime.datetime.now() |
|
44 |
|
|
45 |
user.renew_verification_code() |
|
46 |
user.uuid = str(uuid.uuid4()) |
|
47 |
user.renew_token() |
|
48 |
user.save() |
|
49 |
|
|
50 |
|
|
51 |
def set_local_auth(user): |
|
52 |
user.add_auth_provider('local', auth_backend='astakos') |
|
53 |
|
|
54 |
|
|
55 |
def make_user(email, first_name="", last_name="", password=None, |
|
56 |
has_signed_terms=False): |
|
57 |
# delete previously unverified accounts |
|
58 |
models.AstakosUser.objects.unverified_namesakes(email).delete() |
|
59 |
|
|
60 |
user = models.AstakosUser( |
|
61 |
email=email, first_name=first_name, last_name=last_name, |
|
62 |
is_active=False) |
|
63 |
if password is None: |
|
64 |
user.set_unusable_password() |
|
65 |
else: |
|
66 |
user.set_password(password) |
|
67 |
|
|
68 |
user.date_joined = datetime.datetime.now() |
|
69 |
_finalize_astakosuser_object(user, has_signed_terms) |
|
70 |
return user |
|
71 |
|
|
72 |
|
|
73 |
def make_local_user(email, **kwargs): |
|
74 |
user = make_user(email, **kwargs) |
|
75 |
set_local_auth(user) |
|
76 |
return user |
|
77 |
|
|
78 |
|
|
79 |
def extend_superuser(user): |
|
80 |
extended_user = models.AstakosUser(user_ptr_id=user.pk) |
|
81 |
extended_user.__dict__.update(user.__dict__) |
|
82 |
_finalize_astakosuser_object(extended_user, has_signed_terms=True) |
|
83 |
set_local_auth(extended_user) |
|
84 |
return extended_user |
|
85 |
|
|
86 |
|
|
87 |
def fix_superusers(): |
|
88 |
admins = models.User.objects.filter(is_superuser=True) |
|
89 |
fixed = [] |
|
90 |
for u in admins: |
|
91 |
try: |
|
92 |
models.AstakosUser.objects.get(user_ptr=u.pk) |
|
93 |
except models.AstakosUser.DoesNotExist: |
|
94 |
fixed.append(extend_superuser(u)) |
|
95 |
return fixed |
b/snf-astakos-app/astakos/im/forms.py | ||
---|---|---|
1 |
# Copyright 2011-2012 GRNET S.A. All rights reserved.
|
|
1 |
# Copyright 2011, 2012, 2013 GRNET S.A. All rights reserved.
|
|
2 | 2 |
# |
3 | 3 |
# Redistribution and use in source and binary forms, with or |
4 | 4 |
# without modification, are permitted provided that the following |
... | ... | |
58 | 58 |
from astakos.im.util import reserved_verified_email, model_to_dict |
59 | 59 |
from astakos.im import auth_providers |
60 | 60 |
from astakos.im import settings |
61 |
from astakos.im import auth |
|
61 | 62 |
|
62 | 63 |
import astakos.im.messages as astakos_messages |
63 | 64 |
|
... | ... | |
73 | 74 |
re.IGNORECASE) |
74 | 75 |
|
75 | 76 |
|
76 |
class StoreUserMixin(object): |
|
77 |
|
|
78 |
def store_user(self, user, request=None): |
|
79 |
""" |
|
80 |
WARNING: this should be wrapped inside a transactional view/method. |
|
81 |
""" |
|
82 |
user.save() |
|
83 |
self.post_store_user(user, request) |
|
84 |
return user |
|
85 |
|
|
86 |
def post_store_user(self, user, request): |
|
87 |
""" |
|
88 |
Interface method for descendant backends to be able to do stuff within |
|
89 |
the transaction enabled by store_user. |
|
90 |
""" |
|
91 |
pass |
|
92 |
|
|
93 |
|
|
94 |
class LocalUserCreationForm(UserCreationForm, StoreUserMixin): |
|
77 |
class LocalUserCreationForm(UserCreationForm): |
|
95 | 78 |
""" |
96 | 79 |
Extends the built in UserCreationForm in several ways: |
97 | 80 |
|
... | ... | |
177 | 160 |
raise forms.ValidationError(_( |
178 | 161 |
astakos_messages.CAPTCHA_VALIDATION_ERR)) |
179 | 162 |
|
180 |
def post_store_user(self, user, request=None): |
|
181 |
""" |
|
182 |
Interface method for descendant backends to be able to do stuff within |
|
183 |
the transaction enabled by store_user. |
|
184 |
""" |
|
185 |
user.add_auth_provider('local', auth_backend='astakos') |
|
186 |
user.set_password(self.cleaned_data['password1']) |
|
163 |
def create_user(self): |
|
164 |
try: |
|
165 |
data = self.cleaned_data |
|
166 |
except AttributeError: |
|
167 |
self.is_valid() |
|
168 |
data = self.cleaned_data |
|
187 | 169 |
|
188 |
def save(self, commit=True, **kwargs): |
|
189 |
""" |
|
190 |
Saves the email, first_name and last_name properties, after the normal |
|
191 |
save behavior is complete. |
|
192 |
""" |
|
193 |
user = super(LocalUserCreationForm, self).save(commit=False, **kwargs) |
|
194 |
user.has_signed_terms = True |
|
195 |
user.date_signed_terms = datetime.now() |
|
196 |
user.renew_token() |
|
197 |
if commit: |
|
198 |
user.save(**kwargs) |
|
199 |
logger.info('Created user %s', user.log_display) |
|
170 |
user = auth.make_local_user( |
|
171 |
email=data['email'], password=data['password1'], |
|
172 |
first_name=data['first_name'], last_name=data['last_name'], |
|
173 |
has_signed_terms=True) |
|
200 | 174 |
return user |
201 | 175 |
|
202 | 176 |
|
203 |
class ThirdPartyUserCreationForm(forms.ModelForm, StoreUserMixin):
|
|
177 |
class ThirdPartyUserCreationForm(forms.ModelForm): |
|
204 | 178 |
email = forms.EmailField( |
205 | 179 |
label='Contact email', |
206 | 180 |
help_text='This is needed for contact purposes. ' |
... | ... | |
264 | 238 |
def _get_pending_user(self): |
265 | 239 |
return PendingThirdPartyUser.objects.get(token=self.third_party_token) |
266 | 240 |
|
267 |
def post_store_user(self, user, request=None): |
|
241 |
def create_user(self): |
|
242 |
try: |
|
243 |
data = self.cleaned_data |
|
244 |
except AttributeError: |
|
245 |
self.is_valid() |
|
246 |
data = self.cleaned_data |
|
247 |
|
|
248 |
user = auth.make_user( |
|
249 |
email=data["email"], |
|
250 |
first_name=data["first_name"], last_name=data["last_name"], |
|
251 |
has_signed_terms=True) |
|
268 | 252 |
pending = self._get_pending_user() |
269 | 253 |
provider = pending.get_provider(user) |
270 | 254 |
provider.add_to_user() |
271 | 255 |
pending.delete() |
272 |
|
|
273 |
def save(self, commit=True, **kwargs): |
|
274 |
user = super(ThirdPartyUserCreationForm, self).save(commit=False, |
|
275 |
**kwargs) |
|
276 |
user.set_unusable_password() |
|
277 |
user.renew_token() |
|
278 |
user.has_signed_terms = True |
|
279 |
user.date_signed_terms = datetime.now() |
|
280 |
if commit: |
|
281 |
user.save(**kwargs) |
|
282 |
logger.info('Created user %s' % user.log_display) |
|
283 | 256 |
return user |
284 | 257 |
|
285 | 258 |
|
b/snf-astakos-app/astakos/im/management/commands/fix-superusers.py | ||
---|---|---|
34 | 34 |
from optparse import make_option |
35 | 35 |
from datetime import datetime |
36 | 36 |
|
37 |
from django.db import transaction |
|
37 | 38 |
from django.core.management.base import NoArgsCommand, CommandError |
38 | 39 |
|
39 |
from astakos.im.models import fix_superusers
|
|
40 |
from astakos.im.auth import fix_superusers
|
|
40 | 41 |
|
41 | 42 |
|
42 | 43 |
class Command(NoArgsCommand): |
43 | 44 |
help = "Transform superusers created by syncdb into AstakosUser instances" |
44 | 45 |
|
46 |
@transaction.commit_on_success |
|
45 | 47 |
def handle(self, **options): |
46 | 48 |
try: |
47 |
fix_superusers() |
|
49 |
fixed = fix_superusers() |
|
50 |
count = len(fixed) |
|
51 |
if count != 0: |
|
52 |
self.stdout.write("Fixed %s superuser(s).\n" % count) |
|
53 |
else: |
|
54 |
self.stdout.write("No superuser needed a fix.\n") |
|
48 | 55 |
except BaseException, e: |
49 | 56 |
raise CommandError(e) |
b/snf-astakos-app/astakos/im/management/commands/user-add.py | ||
---|---|---|
1 |
# Copyright 2012 GRNET S.A. All rights reserved. |
|
1 |
# Copyright 2012, 2013 GRNET S.A. All rights reserved.
|
|
2 | 2 |
# |
3 | 3 |
# Redistribution and use in source and binary forms, with or |
4 | 4 |
# without modification, are permitted provided that the following |
... | ... | |
40 | 40 |
from django.core.exceptions import ValidationError |
41 | 41 |
|
42 | 42 |
from astakos.im.models import AstakosUser, get_latest_terms |
43 |
from astakos.im.auth import make_local_user |
|
43 | 44 |
|
44 | 45 |
|
45 | 46 |
class Command(BaseCommand): |
... | ... | |
84 | 85 |
except ValidationError: |
85 | 86 |
raise CommandError("Invalid email") |
86 | 87 |
|
87 |
if get_latest_terms() is not None: |
|
88 |
has_signed_terms = False |
|
89 |
date_signed_terms = None |
|
90 |
else: |
|
91 |
has_signed_terms = True |
|
92 |
date_signed_terms = datetime.now() |
|
88 |
has_signed_terms = not(get_latest_terms()) |
|
93 | 89 |
|
94 | 90 |
try: |
95 |
u = AstakosUser(email=email, |
|
96 |
first_name=first_name, |
|
97 |
last_name=last_name, |
|
98 |
has_signed_terms=has_signed_terms, |
|
99 |
date_signed_terms=date_signed_terms, |
|
100 |
is_superuser=options['is_superuser']) |
|
101 |
u.set_password(password) |
|
102 |
u.save() |
|
91 |
user = make_local_user( |
|
92 |
email, first_name=first_name, last_name=last_name, |
|
93 |
password=password, has_signed_terms=has_signed_terms) |
|
94 |
if options['is_superuser']: |
|
95 |
user.is_superuser = True |
|
96 |
user.save() |
|
103 | 97 |
|
104 | 98 |
except BaseException, e: |
105 | 99 |
raise CommandError(e) |
... | ... | |
111 | 105 |
self.stdout.write('\n') |
112 | 106 |
|
113 | 107 |
try: |
114 |
u.add_auth_provider('local') |
|
115 |
map(u.add_permission, options['permissions']) |
|
116 |
map(u.add_group, options['groups']) |
|
108 |
map(user.add_permission, options['permissions']) |
|
109 |
map(user.add_group, options['groups']) |
|
117 | 110 |
except BaseException, e: |
118 | 111 |
raise CommandError(e) |
b/snf-astakos-app/astakos/im/management/commands/user-modify.py | ||
---|---|---|
361 | 361 |
m = "A user with this email address already exists." |
362 | 362 |
raise CommandError(m) |
363 | 363 |
|
364 |
user.email = newemail
|
|
364 |
user.set_email(newemail)
|
|
365 | 365 |
user.save() |
366 | 366 |
|
367 | 367 |
def confirm(self): |
b/snf-astakos-app/astakos/im/models.py | ||
---|---|---|
337 | 337 |
qextra = Q(**kwargs) |
338 | 338 |
return self.filter((qemail | qusername) & qextra).exists() |
339 | 339 |
|
340 |
def unverified_namesakes(self, email_or_username): |
|
341 |
q = Q(email__iexact=email_or_username) |
|
342 |
q |= Q(username__iexact=email_or_username) |
|
343 |
return self.filter(q & Q(email_verified=False)) |
|
344 |
|
|
340 | 345 |
def verified_user_exists(self, email_or_username): |
341 | 346 |
return self.user_exists(email_or_username, email_verified=True) |
342 | 347 |
|
... | ... | |
465 | 470 |
|
466 | 471 |
objects = AstakosUserManager() |
467 | 472 |
|
468 |
def __init__(self, *args, **kwargs): |
|
469 |
super(AstakosUser, self).__init__(*args, **kwargs) |
|
470 |
if not self.id: |
|
471 |
self.is_active = False |
|
472 |
|
|
473 | 473 |
@property |
474 | 474 |
def realname(self): |
475 | 475 |
return '%s %s' % (self.first_name, self.last_name) |
... | ... | |
529 | 529 |
return AstakosUserQuota.objects.select_related("resource").\ |
530 | 530 |
get(user=self, resource__name=resource) |
531 | 531 |
|
532 |
def update_uuid(self): |
|
533 |
while not self.uuid: |
|
534 |
uuid_val = str(uuid.uuid4()) |
|
535 |
try: |
|
536 |
AstakosUser.objects.get(uuid=uuid_val) |
|
537 |
except AstakosUser.DoesNotExist: |
|
538 |
self.uuid = uuid_val |
|
539 |
return self.uuid |
|
532 |
def fix_username(self): |
|
533 |
self.username = self.email.lower() |
|
534 |
|
|
535 |
def set_email(self, email): |
|
536 |
self.email = email |
|
537 |
self.fix_username() |
|
540 | 538 |
|
541 | 539 |
def save(self, update_timestamps=True, **kwargs): |
542 | 540 |
if update_timestamps: |
543 |
if not self.id: |
|
544 |
self.date_joined = datetime.now() |
|
545 | 541 |
self.updated = datetime.now() |
546 | 542 |
|
547 |
self.update_uuid() |
|
548 |
|
|
549 |
if not self.verification_code: |
|
550 |
self.renew_verification_code() |
|
551 |
|
|
552 |
# username currently matches email |
|
553 |
if self.username != self.email.lower(): |
|
554 |
self.username = self.email.lower() |
|
555 |
|
|
556 | 543 |
super(AstakosUser, self).save(**kwargs) |
557 | 544 |
|
558 | 545 |
def renew_verification_code(self): |
... | ... | |
1093 | 1080 |
# update user |
1094 | 1081 |
user = AstakosUser.objects.get(pk=email_change.user_id) |
1095 | 1082 |
old_email = user.email |
1096 |
user.email = email_change.new_email_address
|
|
1083 |
user.set_email(email_change.new_email_address)
|
|
1097 | 1084 |
user.save() |
1098 | 1085 |
email_change.delete() |
1099 | 1086 |
msg = "User %s changed email from %s to %s" |
... | ... | |
1987 | 1974 |
### SIGNALS ### |
1988 | 1975 |
################ |
1989 | 1976 |
|
1990 |
def create_astakos_user(u): |
|
1991 |
try: |
|
1992 |
AstakosUser.objects.get(user_ptr=u.pk) |
|
1993 |
except AstakosUser.DoesNotExist: |
|
1994 |
extended_user = AstakosUser(user_ptr_id=u.pk) |
|
1995 |
extended_user.__dict__.update(u.__dict__) |
|
1996 |
extended_user.save() |
|
1997 |
if not extended_user.has_auth_provider('local'): |
|
1998 |
extended_user.add_auth_provider('local') |
|
1999 |
except BaseException, e: |
|
2000 |
logger.exception(e) |
|
2001 |
|
|
2002 |
|
|
2003 |
def fix_superusers(): |
|
2004 |
# Associate superusers with AstakosUser |
|
2005 |
admins = User.objects.filter(is_superuser=True) |
|
2006 |
for u in admins: |
|
2007 |
create_astakos_user(u) |
|
2008 |
|
|
2009 |
|
|
2010 |
def user_post_save(sender, instance, created, **kwargs): |
|
2011 |
if not created: |
|
2012 |
return |
|
2013 |
create_astakos_user(instance) |
|
2014 |
post_save.connect(user_post_save, sender=User) |
|
2015 |
|
|
2016 |
|
|
2017 |
def astakosuser_post_save(sender, instance, created, **kwargs): |
|
2018 |
pass |
|
2019 |
|
|
2020 |
post_save.connect(astakosuser_post_save, sender=AstakosUser) |
|
2021 |
|
|
2022 |
|
|
2023 | 1977 |
def resource_post_save(sender, instance, created, **kwargs): |
2024 | 1978 |
pass |
2025 | 1979 |
|
... | ... | |
2029 | 1983 |
def renew_token(sender, instance, **kwargs): |
2030 | 1984 |
if not instance.auth_token: |
2031 | 1985 |
instance.renew_token() |
2032 |
pre_save.connect(renew_token, sender=AstakosUser) |
|
2033 | 1986 |
pre_save.connect(renew_token, sender=Component) |
b/snf-astakos-app/astakos/im/tests/api.py | ||
---|---|---|
408 | 408 |
def setUp(self): |
409 | 409 |
backend = activation_backends.get_backend() |
410 | 410 |
|
411 |
self.user1 = AstakosUser.objects.create( |
|
412 |
email='test1', email_verified=True, moderated=True, |
|
413 |
has_signed_terms=True, |
|
411 |
self.user1 = get_local_user( |
|
412 |
'test1@example.org', email_verified=True, moderated=True, |
|
414 | 413 |
is_rejected=False) |
415 | 414 |
backend.activate_user(self.user1) |
416 | 415 |
assert self.user1.is_active is True |
417 | 416 |
|
418 |
self.user2 = AstakosUser.objects.create( |
|
419 |
email='test2', email_verified=True, moderated=True, |
|
420 |
has_signed_terms=True, |
|
417 |
self.user2 = get_local_user( |
|
418 |
'test2@example.org', email_verified=True, moderated=True, |
|
421 | 419 |
is_rejected=False) |
422 | 420 |
backend.activate_user(self.user2) |
423 | 421 |
assert self.user2.is_active is True |
... | ... | |
611 | 609 |
|
612 | 610 |
class UserCatalogsTest(TestCase): |
613 | 611 |
def test_get_uuid_displayname_catalogs(self): |
614 |
self.user = AstakosUser.objects.create( |
|
615 |
email='test1', email_verified=True, moderated=True, |
|
616 |
has_signed_terms=True, |
|
617 |
is_rejected=False) |
|
612 |
self.user = get_local_user( |
|
613 |
'test1@example.org', email_verified=True, moderated=True, |
|
614 |
is_rejected=False, is_active=False) |
|
618 | 615 |
|
619 | 616 |
client = Client() |
620 | 617 |
url = reverse('astakos.api.user.get_uuid_displayname_catalogs') |
b/snf-astakos-app/astakos/im/tests/auth.py | ||
---|---|---|
1 | 1 |
# -*- coding: utf-8 -*- |
2 |
# Copyright 2011 GRNET S.A. All rights reserved. |
|
2 |
# Copyright 2011, 2012, 2013 GRNET S.A. All rights reserved.
|
|
3 | 3 |
# |
4 | 4 |
# Redistribution and use in source and binary forms, with or |
5 | 5 |
# without modification, are permitted provided that the following |
... | ... | |
434 | 434 |
|
435 | 435 |
form = forms.LocalUserCreationForm(data) |
436 | 436 |
self.assertTrue(form.is_valid()) |
437 |
user = form.save() |
|
438 |
form.store_user(user, {}) |
|
437 |
user = form.create_user() |
|
439 | 438 |
|
440 | 439 |
u = AstakosUser.objects.get() |
441 | 440 |
self.assertEqual(u.email, 'kPap@synnefo.org') |
... | ... | |
657 | 656 |
# she can't because account is not active yet |
658 | 657 |
self.assertContains(r, "Changing password is not") |
659 | 658 |
|
659 |
def test_fix_superuser(self): |
|
660 |
u = User.objects.create(username="dummy", email="email@example.org", |
|
661 |
first_name="Super", last_name="User", |
|
662 |
is_superuser=True) |
|
663 |
User.objects.create(username="dummy2", email="email2@example.org", |
|
664 |
first_name="Other", last_name="User") |
|
665 |
fixed = auth_functions.fix_superusers() |
|
666 |
self.assertEqual(len(fixed), 1) |
|
667 |
fuser = fixed[0] |
|
668 |
self.assertEqual(fuser.email, fuser.username) |
|
669 |
|
|
660 | 670 |
|
661 | 671 |
class UserActionsTests(TestCase): |
662 | 672 |
|
... | ... | |
789 | 799 |
Pending = PendingThirdPartyUser |
790 | 800 |
User = AstakosUser |
791 | 801 |
|
792 |
User.objects.create(email="newuser@synnefo.org")
|
|
802 |
auth_functions.make_user("newuser@synnefo.org")
|
|
793 | 803 |
get_local_user("olduser@synnefo.org") |
794 | 804 |
cl_olduser = ShibbolethClient() |
795 | 805 |
get_local_user("olduser2@synnefo.org") |
... | ... | |
946 | 956 |
|
947 | 957 |
@im_settings(IM_MODULES=['local', 'shibboleth']) |
948 | 958 |
def test_create(self): |
949 |
user = AstakosUser.objects.create(email="kpap@synnefo.org")
|
|
950 |
user2 = AstakosUser.objects.create(email="kpap2@synnefo.org")
|
|
959 |
user = auth_functions.make_user(email="kpap@synnefo.org")
|
|
960 |
user2 = auth_functions.make_user(email="kpap2@synnefo.org")
|
|
951 | 961 |
|
952 | 962 |
module = 'shibboleth' |
953 | 963 |
identifier = 'SHIB_UUID' |
... | ... | |
1000 | 1010 |
CREATION_GROUPS_POLICY=['localgroup-create', |
1001 | 1011 |
'group-create']) |
1002 | 1012 |
def test_add_groups(self): |
1003 |
user = AstakosUser.objects.create(email="kpap@synnefo.org")
|
|
1013 |
user = auth_functions.make_user("kpap@synnefo.org")
|
|
1004 | 1014 |
provider = auth.get_provider('shibboleth', user, 'test123') |
1005 | 1015 |
provider.add_to_user() |
1006 | 1016 |
user = AstakosUser.objects.get() |
... | ... | |
1037 | 1047 |
settings.ASTAKOS_AUTH_PROVIDER_GOOGLE_ADD_GROUPS_POLICY = \ |
1038 | 1048 |
['google-user'] |
1039 | 1049 |
|
1040 |
user = AstakosUser.objects.create(email="kpap@synnefo.org")
|
|
1050 |
user = auth_functions.make_user("kpap@synnefo.org")
|
|
1041 | 1051 |
user.groups.add(group_old) |
1042 | 1052 |
user.add_auth_provider('local') |
1043 | 1053 |
|
1044 |
user2 = AstakosUser.objects.create(email="kpap2@synnefo.org")
|
|
1054 |
user2 = auth_functions.make_user("kpap2@synnefo.org")
|
|
1045 | 1055 |
user2.add_auth_provider('shibboleth', identifier='shibid') |
1046 | 1056 |
|
1047 |
user3 = AstakosUser.objects.create(email="kpap3@synnefo.org")
|
|
1057 |
user3 = auth_functions.make_user("kpap3@synnefo.org")
|
|
1048 | 1058 |
user3.groups.add(group_old) |
1049 | 1059 |
user3.add_auth_provider('local') |
1050 | 1060 |
user3.add_auth_provider('shibboleth', identifier='1234') |
... | ... | |
1109 | 1119 |
@im_settings(IM_MODULES=['local', 'shibboleth']) |
1110 | 1120 |
def test_create_http(self): |
1111 | 1121 |
# this should be wrapped inside a transaction |
1112 |
user = AstakosUser(email="test@test.com") |
|
1113 |
user.save() |
|
1122 |
user = auth_functions.make_user(email="test@test.com") |
|
1114 | 1123 |
provider = auth_providers.get_provider('shibboleth', user, |
1115 | 1124 |
'test@academia.test') |
1116 | 1125 |
provider.add_to_user() |
... | ... | |
1120 | 1129 |
user.get_auth_provider('local') |
1121 | 1130 |
|
1122 | 1131 |
settings.ASTAKOS_AUTH_PROVIDER_SHIBBOLETH_CREATE_POLICY = False |
1123 |
user = AstakosUser(email="test2@test.com") |
|
1124 |
user.save() |
|
1132 |
user = auth_functions.make_user("test2@test.com") |
|
1125 | 1133 |
provider = auth_providers.get_provider('shibboleth', user, |
1126 | 1134 |
'test@shibboleth.com', |
1127 | 1135 |
**{'info': {'name': |
... | ... | |
1255 | 1263 |
'password2': '123' |
1256 | 1264 |
} |
1257 | 1265 |
form = backend.get_signup_form('local', user_data) |
1258 |
user = form.save(commit=False) |
|
1259 |
form.store_user(user) |
|
1266 |
user = form.create_user() |
|
1260 | 1267 |
self.assertEqual(user.is_active, False) |
1261 | 1268 |
self.assertEqual(user.email_verified, False) |
1262 | 1269 |
|
... | ... | |
1311 | 1318 |
} |
1312 | 1319 |
form = backend.get_signup_form(provider='local', |
1313 | 1320 |
initial_data=user_data) |
1314 |
user = form.save(commit=False) |
|
1315 |
form.store_user(user) |
|
1321 |
user = form.create_user() |
|
1316 | 1322 |
self.assertEqual(user.is_active, False) |
1317 | 1323 |
self.assertEqual(user.email_verified, False) |
1318 | 1324 |
|
b/snf-astakos-app/astakos/im/tests/common.py | ||
---|---|---|
1 |
# Copyright 2011 GRNET S.A. All rights reserved. |
|
1 |
# Copyright 2011, 2012, 2013 GRNET S.A. All rights reserved.
|
|
2 | 2 |
# |
3 | 3 |
# Redistribution and use in source and binary forms, with or |
4 | 4 |
# without modification, are permitted provided that the following |
... | ... | |
54 | 54 |
from astakos.im import settings as astakos_settings |
55 | 55 |
from astakos.im import forms |
56 | 56 |
from astakos.im import activation_backends |
57 |
from astakos.im import auth as auth_functions |
|
57 | 58 |
|
58 | 59 |
from urllib import quote |
59 | 60 |
from datetime import timedelta |
... | ... | |
145 | 146 |
|
146 | 147 |
|
147 | 148 |
def get_local_user(username, **kwargs): |
148 |
try: |
|
149 |
return AstakosUser.objects.get(email=username) |
|
150 |
except: |
|
151 |
user_params = { |
|
152 |
'username': username, |
|
153 |
'email': username, |
|
154 |
'is_active': True, |
|
155 |
'activation_sent': datetime.now(), |
|
156 |
'has_signed_terms': True, |
|
157 |
'date_signed_terms': datetime.now(), |
|
158 |
'email_verified': True |
|
159 |
} |
|
160 |
user_params.update(kwargs) |
|
161 |
user = AstakosUser(**user_params) |
|
162 |
user.set_password(kwargs.get('password', 'password')) |
|
163 |
user.renew_verification_code() |
|
164 |
user.save() |
|
165 |
user.add_auth_provider('local', auth_backend='astakos') |
|
166 |
if kwargs.get('is_active', True): |
|
167 |
user.is_active = True |
|
168 |
else: |
|
169 |
user.is_active = False |
|
170 |
user.save() |
|
171 |
return user |
|
149 |
try: |
|
150 |
return AstakosUser.objects.get(email=username) |
|
151 |
except: |
|
152 |
user = auth_functions.make_local_user(email=username, |
|
153 |
has_signed_terms=True) |
|
154 |
user.set_password(kwargs.pop('password', 'password')) |
|
155 |
|
|
156 |
for key, value in kwargs.iteritems(): |
|
157 |
setattr(user, key, value) |
|
158 |
user.save() |
|
159 |
|
|
160 |
if kwargs.get("is_active", True): |
|
161 |
backend = activation_backends.get_backend() |
|
162 |
backend.verify_user(user, user.verification_code) |
|
163 |
backend.accept_user(user) |
|
164 |
|
|
165 |
return user |
|
172 | 166 |
|
173 | 167 |
|
174 | 168 |
def get_mailbox(email): |
b/snf-astakos-app/astakos/im/tests/projects.py | ||
---|---|---|
57 | 57 |
register.update_resources([(r, 1024)]) |
58 | 58 |
|
59 | 59 |
# create user |
60 |
self.user1 = get_local_user("test@grnet.gr", moderated=True) |
|
61 |
quotas.qh_sync_user(self.user1) |
|
62 |
self.user2 = get_local_user("test2@grnet.gr", moderated=True) |
|
60 |
self.user1 = get_local_user("test@grnet.gr") |
|
61 |
self.user2 = get_local_user("test2@grnet.gr") |
|
63 | 62 |
self.user2.uuid = "uuid2" |
64 | 63 |
self.user2.save() |
65 |
quotas.qh_sync_user(self.user2) |
|
66 |
self.user3 = get_local_user("test3@grnet.gr", moderated=True) |
|
67 |
quotas.qh_sync_user(self.user3) |
|
64 |
self.user3 = get_local_user("test3@grnet.gr") |
|
68 | 65 |
|
69 | 66 |
astakos = Component.objects.create(name="astakos") |
70 | 67 |
register.add_service(astakos, "astakos_account", "account", []) |
... | ... | |
621 | 618 |
self.member_client = get_user_client("member@synnefo.org") |
622 | 619 |
self.member2_client = get_user_client("member2@synnefo.org") |
623 | 620 |
|
624 |
quotas.qh_sync_new_users(AstakosUser.objects.all()) |
|
625 |
|
|
626 | 621 |
def tearDown(self): |
627 | 622 |
Service.objects.all().delete() |
628 | 623 |
ProjectApplication.objects.all().delete() |
b/snf-astakos-app/astakos/im/views/im.py | ||
---|---|---|
1 |
# Copyright 2011-2012 GRNET S.A. All rights reserved.
|
|
1 |
# Copyright 2011, 2012, 2013 GRNET S.A. All rights reserved.
|
|
2 | 2 |
# |
3 | 3 |
# Redistribution and use in source and binary forms, with or |
4 | 4 |
# without modification, are permitted provided that the following |
... | ... | |
464 | 464 |
**form_kwargs) |
465 | 465 |
|
466 | 466 |
if form.is_valid(): |
467 |
user = form.save(commit=False) |
|
468 |
|
|
469 |
# delete previously unverified accounts |
|
470 |
if AstakosUser.objects.user_exists(user.email): |
|
471 |
AstakosUser.objects.get_by_identifier(user.email).delete() |
|
472 |
|
|
473 |
# store_user so that user auth providers get initialized |
|
474 |
form.store_user(user, request) |
|
467 |
user = form.create_user() |
|
475 | 468 |
result = activation_backend.handle_registration(user) |
476 | 469 |
if result.status == \ |
477 | 470 |
activation_backend.Result.PENDING_MODERATION: |
b/snf-astakos-app/astakos/test/stress.py | ||
---|---|---|
49 | 49 |
from django.db import transaction |
50 | 50 |
from astakos.im.models import AstakosUser |
51 | 51 |
from astakos.im.functions import ProjectError |
52 |
from astakos.im import quotas |
|
52 |
from astakos.im import auth |
|
53 |
from astakos.im import activation_backends |
|
53 | 54 |
from views import submit, approve, join, leave |
54 | 55 |
|
56 |
|
|
55 | 57 |
USERS = {} |
56 | 58 |
PROJECTS = {} |
57 | 59 |
|
... | ... | |
78 | 80 |
|
79 | 81 |
def new_user(): |
80 | 82 |
email = random_email() |
81 |
defaults = {'first_name': random_name(), |
|
82 |
'last_name': random_name(), |
|
83 |
'is_active': True, |
|
84 |
} |
|
85 |
u, created = AstakosUser.objects.get_or_create( |
|
86 |
email=email, defaults=defaults) |
|
87 |
if created: |
|
88 |
quotas.qh_sync_user(u) |
|
83 |
backend = activation_backends.get_backend() |
|
84 |
try: |
|
85 |
AstakosUser.objects.get(email=email) |
|
86 |
return None |
|
87 |
except AstakosUser.DoesNotExist: |
|
88 |
u = auth.make_local_user(email, first_name=random_name(), |
|
89 |
last_name=random_name()) |
|
90 |
backend.verify_user(u, u.verification_code) |
|
91 |
backend.accept_user(u) |
|
89 | 92 |
return u |
90 |
return None |
|
91 | 93 |
|
92 | 94 |
|
93 | 95 |
@transaction.commit_on_success |
Also available in: Unified diff