def authenticate(self, email, username, password, options):
"""
See abstract method documentation.
"""
if not options['redact_username_in_logs']:
log.debug("LDAP authenticate: email is %s", email)
log.debug("LDAP authenticate: username is %s", username)
log.debug("LDAP authenticate: options are %s", options)
failure_mode, params = self.ldap_search(email, username, options)
if not params:
return failure_mode, '', ''
# allow to skip authentication to allow for pre-populating users
if not options.get('no_password_check', False):
params['password'] = password
if not self._authenticate(params, options):
return failure_mode, '', ''
# check whether the user is a member of a specified group/domain/...
if 'search-memberof-filter' in options:
search_filter = _get_subs(options, 'search-memberof-filter',
params)
if not any(search_filter in ad_node_name
for ad_node_name in params['memberOf']):
return failure_mode, '', ''
attributes = {}
if self.auto_create_roles_or_groups:
attributes['roles'] = params[self.role_search_option]
return (True, _get_subs(options, 'auto-register-email', params),
transform_publicname(
_get_subs(options, 'auto-register-username',
params)), attributes)
def create(self,
trans,
cntrller='user',
redirect_url='',
refresh_frames=[],
**kwd):
params = util.Params(kwd)
# If the honeypot field is not empty we are dealing with a bot.
honeypot_field = params.get('bear_field', '')
if honeypot_field != '':
return trans.show_error_message(
"You've been flagged as a possible bot. If you are not, please try registering again and fill the form out carefully. <a target=\"_top\" href=\"%s\">Go to the home page</a>."
) % url_for('/')
message = util.restore_text(params.get('message', ''))
status = params.get('status', 'done')
use_panels = util.string_as_bool(kwd.get('use_panels', True))
email = util.restore_text(params.get('email', ''))
# Do not sanitize passwords, so take from kwd
# instead of params ( which were sanitized )
password = kwd.get('password', '')
confirm = kwd.get('confirm', '')
username = util.restore_text(params.get('username', ''))
subscribe = params.get('subscribe', '')
subscribe_checked = CheckboxField.is_checked(subscribe)
referer = trans.request.referer or ''
redirect = kwd.get('redirect', referer).strip()
is_admin = trans.user_is_admin
success = False
show_user_prepopulate_form = False
if not trans.app.config.allow_user_creation and not trans.user_is_admin:
message = 'User registration is disabled. Please contact your local Galaxy administrator for an account.'
if trans.app.config.error_email_to is not None:
message += ' Contact: %s' % trans.app.config.error_email_to
status = 'error'
else:
# check user is allowed to register
message, status = trans.app.auth_manager.check_registration_allowed(
email, username, password)
if not message:
# Create the user, save all the user info and login to Galaxy
if params.get('create_user_button', False):
# Check email and password validity
message = self.__validate(trans, email, password, confirm,
username)
if not message:
# All the values are valid
message, status, user, success = self.__register(
trans, subscribe_checked=subscribe_checked, **kwd)
if success and not is_admin:
# The handle_user_login() method has a call to the history_set_default_permissions() method
# (needed when logging in with a history), user needs to have default permissions set before logging in
trans.handle_user_login(user)
trans.log_event("User created a new account")
trans.log_event("User logged in")
else:
status = 'error'
registration_warning_message = trans.app.config.registration_warning_message
if success:
if is_admin:
redirect_url = web.url_for(
'/admin/users?status=success&message=Created new user account.'
)
else:
redirect_url = web.url_for('/')
return trans.fill_template(
'/webapps/tool_shed/user/register.mako',
cntrller=cntrller,
email=email,
username=transform_publicname(trans, username),
subscribe_checked=subscribe_checked,
show_user_prepopulate_form=show_user_prepopulate_form,
use_panels=use_panels,
redirect=redirect,
redirect_url=redirect_url,
refresh_frames=refresh_frames,
registration_warning_message=registration_warning_message,
message=message,
status=status)