def get(self, granted):
department = granted.reviewer.auth.department
return bcap.bcapResponse({
'getBasic': bcap.regrant('get-basic', department),
'getReviewer': bcap.regrant('get-reviewer', granted),
'getApplicants': bcap.regrant('get-applicants', granted)
})
def get(self, granted):
department = granted.reviewer.auth.department
return bcap.bcapResponse({
'getBasic': bcap.regrant('get-basic', department),
'getReviewer': bcap.regrant('get-reviewer', granted),
'getApplicants': bcap.regrant('get-applicants', granted),
'numApplicants': Applicant.objects.filter(
department=granted.reviewer.department
).count()
})
def post(self, grantable, args):
refs = grantable.department.findRefs(args['email'])
for r in refs:
ref = r['reference']
submitcap = bcap.regrant('launch-reference', ref)
submitlink = '%s/submit-reference/#%s' % (bcap.this_server_url_prefix(), submitcap.serialize())
r['submitlink'] = submitlink
del r['reference']
launchCap = bcap.regrant('stash-applicant', ref.applicant)
launchurl = '%s/applicant/#%s' % \
(bcap.this_server_url_prefix(), launchCap.serialize())
r['launch'] = launchurl
return bcap.bcapResponse(refs)
def post(self, granted, args):
response = self.checkPostArgs(args)
if response != 'OK':
return response
email = args['email']
name = args['name']
institution = args['institution']
applicant = granted.applicant
found = applicant.getReferencesOfEmail(email)
if len(found) > 0:
return self.exceptionResponse('You have already asked this person to write you a letter. If you wish to contact this person, please do so outside the Resume system.')
if name == '':
return self.exceptionResponse('No name was provided, please provide a name for the letter writer')
if email == '':
return self.exceptionResponse('No email was provided, please provide an email for the reference request')
ref = Reference(applicant=applicant, submitted=0, filesize=0,\
name=name, institution=institution, email=email,\
department=applicant.department)
ref.save()
if applicant.position.autoemail:
sendResponse = sendReferenceRequest(applicant, ref)
if 'error' in sendResponse:
return sendResponse['error']
resp = ref.to_json()
resp['reminder'] = bcap.regrant('remind-reference', ref)
return bcap.bcapResponse(resp)
def plt_login(request):
if request.method != 'POST':
return HttpResponseNotAllowed(['POST'])
args = bcap.dataPostProcess(request.read())
if not args.has_key('username'):
return logWith404(logger, 'plt_login: post data missing username')
if not args.has_key('password'):
return logWith404(logger, 'plt_login: post data missing password')
username = args['username']
rawpassword = args['password']
credentials = PltCredentials.objects.filter(username=username)
if len(credentials) > 1:
return logWith404(logger, 'plt_login: fatal error: duplicate credentials', level='error')
if len(credentials) == 0:
return bcap.bcapResponse({'loggedIn' : False})
c = credentials[0]
hashed_password = get_hashed(rawpassword, c.salt)
if hashed_password != c.hashed_password:
return bcap.bcapResponse({'loggedIn' : False})
session_id = str(uuid.uuid4())
session = BelaySession(session_id=session_id, account=c.account)
session.save()
response = {
'station': bcap.Capability(c.account.station_url),
'makeStash': bcap.regrant('make-stash', c.account)
}
return bcap.bcapResponse(response)
def post(self, grantable, args):
username = grantable.pendingaccount.email
rawpassword = args['password']
if len(username) > 200:
return logWith404(logger, 'create_plt_account: bad username')
if len(rawpassword) < 8:
return logWith404(logger, 'create_plt_account: bad password')
salt = str(uuid.uuid4())
hashed_password = get_hashed(rawpassword, salt)
station_cap = newStationCap()
account = BelayAccount(station_url=station_cap.serialize())
account.save()
credentials = PltCredentials(username=username, \
salt=salt, \
hashed_password=hashed_password, \
account=account)
credentials.save()
session_id = str(uuid.uuid4())
session = BelaySession(session_id=session_id, account=account)
session.save()
grantable.pendingaccount.delete()
response = {
'station': station_cap,
'makeStash': bcap.regrant('make-stash', account)
}
return bcap.bcapResponse(response)
def get(self, granted):
applicant = granted.applicant
return bcap.bcapResponse({
'public_data' : 'Applicant review page for %s' % applicant.fullname(),
'private_data' : bcap.regrant('launch-app-review', applicant),
'domain': bcap.this_server_url_prefix(),
'url' : '/appreview',
})
def get(self, granted):
ua = granted.unverifiedapplicant
email = ua.email
create_cap = bcap.regrant('add-verified-applicant', ua)
return bcap.bcapResponse({
'email': email,
'create': create_cap,
})
def glogin_landing(request):
if request.method == 'GET':
d = request.GET
else:
d = request.POST
maybe_client_key = check_pending(request.path_info)
if not maybe_client_key:
return logWith404(logger, "Bad pending: %s" % request.path_info, level='error')
# 11.4.2 Verifying directly with the OpenID Provider
# 11.4.2.1. Request Parameters
# . openid.mode
# Value: "check_authentication"
# . Exact copies of all fields from the authentication response, except
# for "openid.mode".
# http://openid.net/specs/openid-authentication-2_0.html#check_auth
verify = {}
for e in d:
verify[e] = d[e]
verify['openid.mode'] = 'check_authentication'
try:
f = urllib2.urlopen("https://www.google.com/accounts/o8/ud", urllib.urlencode(verify))
beginning = str(f.read()[0:13])
if(beginning != 'is_valid:true'):
return bcap.bcapResponse('fail')
except urllib2.HTTPError as e:
logger.error("ErrorResponse: %s" % e.read())
return bcap.bcapNullResponse()
identity = d['openid.identity']
email = d['openid.ext1.value.email']
q = GoogleCredentials.objects.filter(identity=identity)
if len(q) == 0:
station_cap = newStationCap()
account = BelayAccount(station_url=station_cap.serialize())
account.save()
gc = GoogleCredentials(account=account, identity=identity)
gc.save()
else:
account = q[0].account
session_id = str(uuid.uuid4())
session = BelaySession(account=account, session_id=session_id)
session.save()
response = render_to_response('glogin.html', {
'clientkey': maybe_client_key,
'station': account.station_url,
'make_stash': bcap.regrant('make-stash', account).serialize(),
'site_name': settings.SITE_NAME,
'email': email
})
return response
def get(self, granted):
pair = granted.apprevpair
a_json = pair.applicant.cached_json()
references = pair.applicant.getReferencesModel()
refjson = []
for r in references:
rjson = r.to_json()
rjson['getLetter'] = bcap.regrant('get-letter', r)
refjson.append(rjson)
a_json['refletters'] = refjson
return bcap.bcapResponse(a_json)
def get(self, granted):
uu = granted.unverifieduser
email = uu.email
create_cap = bcap.regrant('add-reviewer', uu)
response = {
'email': email,
'create': create_cap
}
maybeBelayAccount = uu.belay_account()
if maybeBelayAccount:
response['createBelay'] = maybeBelayAccount
return bcap.bcapResponse(response)
def post(self, grantable, args):
applicants = grantable.department.findApplicants(args['email'])
apps = []
for a in applicants:
a_json = {}
a_json['name'] = a.fullname()
launchCap = bcap.regrant('stash-applicant', a)
launchurl = '%s/applicant/#%s' % \
(bcap.this_server_url_prefix(), launchCap.serialize())
a_json['launch'] = launchurl
apps.append(a_json)
return bcap.bcapResponse(apps)
def get(self, granted):
applicant = granted.applicant
department = applicant.department
references = applicant.getReferencesModel()
reminders = { }
for r in references:
reminders[r.email] = bcap.regrant('remind-reference', r)
resp = {\
'getBasic' : bcap.grant('get-applicant-basic', department),\
'reminders' : reminders,
'requestReference' : bcap.grant('request-reference', applicant),\
'submitContactInfo' : bcap.grant('submit-contact-info', applicant),\
'submitStatement' : bcap.grant('submit-statement', applicant),\
'setReady' : bcap.grant('applicant-ready', applicant),\
'updateName' : bcap.grant('update-applicant-name', applicant),\
'get' : bcap.grant('get-applicant', applicant)\
}
return bcap.bcapResponse(resp)
def create_plt_account(request):
if request.method != 'POST':
return HttpResponseNotAllowed(['POST'])
args = bcap.dataPostProcess(request.read())
if not args.has_key('username'):
return logWith404(logger, 'create_plt_account: post data missing username')
if not args.has_key('password'):
return logWith404(logger, 'create_plt_account: post data missing password')
username = args['username']
rawpassword = args['password']
if len(username) > 20:
return logWith404(logger, 'create_plt_account: bad username')
if len(rawpassword) < 8:
return logWith404(logger, 'create_plt_account: bad password')
salt = str(uuid.uuid4())
hashed_password = get_hashed(rawpassword, salt)
station_cap = newStationCap()
account = BelayAccount(station_url=station_cap.serialize())
account.save()
credentials = PltCredentials(username=username, \
salt=salt, \
hashed_password=hashed_password, \
account=account)
credentials.save()
session_id = str(uuid.uuid4())
session = BelaySession(session_id=session_id, account=account)
session.save()
response = {
'station': station_cap,
'makeStash': bcap.regrant('make-stash', account)
}
return bcap.bcapResponse(response)
def get(self, grantable):
launchCap = bcap.regrant('launch-applicant', grantable.applicant)
return bcap.bcapResponse(launchCap)
