Revision 4f8e7c6d
b/aai/middleware.py | ||
---|---|---|
34 | 34 |
from synnefo.aai.shibboleth import Tokens, register_shibboleth_user |
35 | 35 |
import time |
36 | 36 |
|
37 |
DONT_CHECK = getattr(settings, "AAI_SKIP_AUTH_URLS", ['/api', '/invitations/login'])
|
|
37 |
DONT_CHECK = getattr(settings, "AAI_SKIP_AUTH_URLS", ['/api', '/invitations/']) |
|
38 | 38 |
|
39 | 39 |
class SynnefoAuthMiddleware(object): |
40 | 40 |
|
b/invitations/invitations.py | ||
---|---|---|
33 | 33 |
import datetime |
34 | 34 |
import base64 |
35 | 35 |
import urllib |
36 |
import re |
|
36 | 37 |
|
37 | 38 |
from django.conf import settings |
38 | 39 |
from django.core.exceptions import ValidationError |
39 | 40 |
from django.db import transaction |
40 |
from django.http import HttpResponse, HttpResponseRedirect |
|
41 |
from django.http import HttpResponse, HttpResponseRedirect, HttpResponseBadRequest, HttpResponseServerError
|
|
41 | 42 |
from django.template.context import RequestContext |
42 | 43 |
from django.template.loader import render_to_string |
43 | 44 |
from django.core.validators import validate_email |
... | ... | |
128 | 129 |
invitation['target'] = inv.target.uniq |
129 | 130 |
invitation['accepted'] = inv.accepted |
130 | 131 |
invitation['sent'] = inv.created |
132 |
invitation['id'] = inv.id |
|
131 | 133 |
|
132 | 134 |
invitations.append(invitation) |
133 | 135 |
|
... | ... | |
267 | 269 |
|
268 | 270 |
return url |
269 | 271 |
|
272 |
|
|
273 |
def resend(request): |
|
274 |
""" |
|
275 |
Resend an invitation that has been already sent |
|
276 |
""" |
|
277 |
|
|
278 |
if not request.method == 'POST': |
|
279 |
return method_not_allowed(request) |
|
280 |
|
|
281 |
invid = request.POST["invid"] |
|
282 |
|
|
283 |
matcher = re.compile('^[0-9]+$') |
|
284 |
|
|
285 |
# XXX: Assumes numeric DB keys |
|
286 |
if not matcher.match(invid): |
|
287 |
return HttpResponseBadRequest("Invalid content for parameter [invid]") |
|
288 |
|
|
289 |
try: |
|
290 |
inv = Invitations.objects.get(id = invid) |
|
291 |
except Exception: |
|
292 |
return HttpResponseBadRequest("Invitation to resend does not exist") |
|
293 |
|
|
294 |
if not request.user == inv.source: |
|
295 |
return HttpResponseBadRequest("Invitation does not belong to user") |
|
296 |
|
|
297 |
try: |
|
298 |
send_invitation(inv) |
|
299 |
except Exception: |
|
300 |
return HttpResponseServerError("Error sending invitation email") |
|
301 |
|
|
302 |
return HttpResponse("Invitation has been resent") |
|
303 |
|
|
270 | 304 |
def get_invitee_level(source): |
271 | 305 |
return get_user_inv_level(source) + 1 |
272 | 306 |
|
b/invitations/tests.py | ||
---|---|---|
89 | 89 |
self.assertEqual(inv.target.max_invitations, |
90 | 90 |
settings.INVITATIONS_PER_LEVEL[1]) |
91 | 91 |
|
92 |
|
|
92 | 93 |
def test_invitation_login(self): |
93 | 94 |
""" |
94 | 95 |
Basic login by invitation checks |
... | ... | |
167 | 168 |
self.assertTrue(False) |
168 | 169 |
|
169 | 170 |
|
171 |
def test_resend_invitation(self): |
|
172 |
""" |
|
173 |
Tests the resend invitation method |
|
174 |
""" |
|
175 |
inv = self._add_invitation() |
|
176 |
|
|
177 |
resp = self.client.post("/invitations/resend", |
|
178 |
{'invid':inv.id}, |
|
179 |
**{'HTTP_X_AUTH_TOKEN': self.token}) |
|
180 |
self.assertEquals(resp.status_code, 200) |
|
181 |
|
|
182 |
|
|
183 |
resp = self.client.post("/invitations/resend", |
|
184 |
{'invid':'1;delete from db_invitations;'}, |
|
185 |
**{'HTTP_X_AUTH_TOKEN': self.token}) |
|
186 |
self.assertEquals(resp.status_code, 400) |
|
187 |
|
|
188 |
resp = self.client.post("/invitations/resend", |
|
189 |
{'invid':inv.id}, |
|
190 |
**{'HTTP_X_AUTH_TOKEN': inv.target.auth_token}) |
|
191 |
self.assertEquals(resp.status_code, 400) |
|
192 |
|
|
193 |
|
|
170 | 194 |
def _add_invitation(self): |
171 | 195 |
source = SynnefoUser.objects.filter(auth_token = self.token)[0] |
172 | 196 |
invitations.add_invitation(source, "Test", "test@gmail.com") |
b/invitations/urls.py | ||
---|---|---|
34 | 34 |
urlpatterns = patterns('', |
35 | 35 |
url(r'^$', 'synnefo.invitations.invitations.inv_demux', name="invitations"), |
36 | 36 |
(r'^static/(.*)$', 'django.views.static.serve', {'document_root': os.path.join(os.path.dirname(__file__), 'static')}), |
37 |
(r'^login/?$', 'synnefo.invitations.invitations.login') |
|
37 |
(r'^login/?$', 'synnefo.invitations.invitations.login'), |
|
38 |
(r'^resend/?$', 'synnefo.invitations.invitations.resend'), |
|
38 | 39 |
) |
Also available in: Unified diff