Revision d2633501 snf-astakos-app/astakos/im/views.py
b/snf-astakos-app/astakos/im/views.py | ||
---|---|---|
52 | 52 |
from django.utils.http import urlencode |
53 | 53 |
from django.db.utils import IntegrityError |
54 | 54 |
from django.contrib.auth.views import password_change |
55 |
from django.core.exceptions import ValidationError |
|
55 |
from django.core.exceptions import ValidationError, PermissionDenied
|
|
56 | 56 |
from django.views.decorators.http import require_http_methods |
57 | 57 |
|
58 | 58 |
from astakos.im.models import AstakosUser, Invitation, ApprovalTerms |
... | ... | |
69 | 69 |
DEFAULT_CONTACT_EMAIL, DEFAULT_FROM_EMAIL, COOKIE_DOMAIN, IM_MODULES, |
70 | 70 |
SITENAME, LOGOUT_NEXT, LOGGING_LEVEL |
71 | 71 |
) |
72 |
from astakos.im import settings |
|
73 |
from astakos.im import auth_providers |
|
72 | 74 |
|
73 | 75 |
logger = logging.getLogger(__name__) |
74 | 76 |
|
... | ... | |
85 | 87 |
response = HttpResponse(html, status=status) |
86 | 88 |
return response |
87 | 89 |
|
90 |
def requires_auth_provider(provider_id, **perms): |
|
91 |
""" |
|
92 |
""" |
|
93 |
def decorator(func, *args, **kwargs): |
|
94 |
@wraps(func) |
|
95 |
def wrapper(request, *args, **kwargs): |
|
96 |
provider = auth_providers.get_provider(provider_id) |
|
97 |
|
|
98 |
if not provider or not provider.is_active(): |
|
99 |
raise PermissionDenied |
|
100 |
|
|
101 |
if provider: |
|
102 |
for pkey, value in perms.iteritems(): |
|
103 |
attr = 'is_available_for_%s' % pkey.lower() |
|
104 |
if getattr(provider, attr)() != value: |
|
105 |
raise PermissionDenied |
|
106 |
return func(request, *args) |
|
107 |
return wrapper |
|
108 |
return decorator |
|
109 |
|
|
88 | 110 |
|
89 | 111 |
def requires_anonymous(func): |
90 | 112 |
""" |
... | ... | |
295 | 317 |
elif request.method == "GET": |
296 | 318 |
request.user.is_verified = True |
297 | 319 |
request.user.save() |
320 |
|
|
321 |
# existing providers |
|
322 |
user_providers = request.user.get_active_auth_providers() |
|
323 |
|
|
324 |
# providers that user can add |
|
325 |
user_available_providers = request.user.get_available_auth_providers() |
|
326 |
|
|
298 | 327 |
return render_response(template_name, |
299 | 328 |
profile_form = form, |
329 |
user_providers = user_providers, |
|
330 |
user_available_providers = user_available_providers, |
|
300 | 331 |
context_instance = get_context(request, |
301 | 332 |
extra_context)) |
302 | 333 |
|
... | ... | |
341 | 372 |
return HttpResponseRedirect(reverse('astakos.im.views.edit_profile')) |
342 | 373 |
|
343 | 374 |
provider = get_query(request).get('provider', 'local') |
375 |
if not auth_providers.get_provider(provider).is_available_for_create(): |
|
376 |
raise PermissionDenied |
|
377 |
|
|
344 | 378 |
id = get_query(request).get('id') |
345 | 379 |
try: |
346 | 380 |
instance = AstakosUser.objects.get(id=id) if id else None |
... | ... | |
361 | 395 |
result = backend.handle_activation(user) |
362 | 396 |
status = messages.SUCCESS |
363 | 397 |
message = result.message |
364 |
user.save() |
|
398 |
|
|
399 |
form.store_user(user, request) |
|
400 |
|
|
365 | 401 |
if 'additional_email' in form.cleaned_data: |
366 | 402 |
additional_email = form.cleaned_data['additional_email'] |
367 | 403 |
if additional_email != user.email: |
... | ... | |
616 | 652 |
|
617 | 653 |
|
618 | 654 |
def send_activation(request, user_id, template_name='im/login.html', extra_context=None): |
655 |
|
|
656 |
if settings.MODERATION_ENABLED: |
|
657 |
raise PermissionDenied |
|
658 |
|
|
619 | 659 |
extra_context = extra_context or {} |
620 | 660 |
try: |
621 | 661 |
u = AstakosUser.objects.get(id=user_id) |
... | ... | |
630 | 670 |
messages.error(request, e) |
631 | 671 |
return render_response( |
632 | 672 |
template_name, |
633 |
login_form = LoginForm(request=request),
|
|
673 |
login_form = LoginForm(request=request), |
|
634 | 674 |
context_instance = get_context( |
635 | 675 |
request, |
636 | 676 |
extra_context |
637 | 677 |
) |
638 | 678 |
) |
639 |
|
|
679 |
|
|
680 |
@require_http_methods(["GET", "POST"]) |
|
681 |
@login_required |
|
682 |
@signed_terms_required |
|
683 |
def remove_auth_provider(request, pk): |
|
684 |
provider = request.user.auth_providers.get(pk=pk) |
|
685 |
print provider |
|
686 |
if provider.can_remove(): |
|
687 |
provider.delete() |
|
688 |
return HttpResponseRedirect(reverse('edit_profile')) |
|
689 |
else: |
|
690 |
messages.error(_('Authentication method cannot be removed')) |
|
691 |
return HttpResponseRedirect(reverse('edit_profile')) |
|
692 |
|
Also available in: Unified diff