def on_user_updated(sender, instance, **kwargs): # pylint: disable=unused-argument """ Check for retired usernames. """ # Check only at User creation time and when not raw. if not instance.id and not kwargs['raw']: prefix_to_check = getattr(settings, 'RETIRED_USERNAME_PREFIX', None) if prefix_to_check: # Check for username that's too close to retired username format. if instance.username.startswith(prefix_to_check): raise AccountValidationError( USERNAME_EXISTS_MSG_FMT.format(username=instance.username), field="username" ) # Check for a retired username. if is_username_retired(instance.username): raise AccountValidationError( USERNAME_EXISTS_MSG_FMT.format(username=instance.username), field="username" ) # Check for a retired email. if is_email_retired(instance.email): raise AccountValidationError( EMAIL_EXISTS_MSG_FMT.format(username=instance.email), field="email" )
def on_user_updated(sender, instance, **kwargs): # pylint: disable=unused-argument """ Check for retired usernames. """ # Check only at User creation time and when not raw. if not instance.id and not kwargs['raw']: prefix_to_check = getattr(settings, 'RETIRED_USERNAME_PREFIX', None) if prefix_to_check: # Check for username that's too close to retired username format. if instance.username.startswith(prefix_to_check): raise AccountValidationError( USERNAME_EXISTS_MSG_FMT.format(username=instance.username), field="username") # Check for a retired username. if is_username_retired(instance.username): raise AccountValidationError( USERNAME_EXISTS_MSG_FMT.format(username=instance.username), field="username") # Check for a retired email. if is_email_retired(instance.email): raise AccountValidationError( EMAIL_EXISTS_MSG_FMT.format(username=instance.email), field="email")
def test_is_email_retired_is_retired(retirement_user): """ Check functionality of is_email_retired when email is retired """ original_email = retirement_user.email retired_email = get_retired_email_by_email(retirement_user.email) # Fake email retirement. retirement_user.email = retired_email retirement_user.save() assert is_email_retired(original_email)
def test_is_email_retired_is_retired(retirement_user): """ Check functionality of is_email_retired when email is retired """ original_email = retirement_user.email retired_email = get_retired_email_by_email(retirement_user.email) # Fake email retirement. retirement_user.email = retired_email retirement_user.save() assert is_email_retired(original_email)
def enroll_email(course_id, student_email, auto_enroll=False, email_students=False, email_params=None, language=None): """ Enroll a student by email. `student_email` is student's emails e.g. "*****@*****.**" `auto_enroll` determines what is put in CourseEnrollmentAllowed.auto_enroll if auto_enroll is set, then when the email registers, they will be enrolled in the course automatically. `email_students` determines if student should be notified of action by email. `email_params` parameters used while parsing email templates (a `dict`). `language` is the language used to render the email. returns two EmailEnrollmentState's representing state before and after the action. """ previous_state = EmailEnrollmentState(course_id, student_email) enrollment_obj = None if previous_state.user: # if the student is currently unenrolled, don't enroll them in their # previous mode # for now, White Labels use 'shoppingcart' which is based on the # "honor" course_mode. Given the change to use "audit" as the default # course_mode in Open edX, we need to be backwards compatible with # how White Labels approach enrollment modes. if CourseMode.is_white_label(course_id): course_mode = CourseMode.DEFAULT_SHOPPINGCART_MODE_SLUG else: course_mode = None if previous_state.enrollment: course_mode = previous_state.mode enrollment_obj = CourseEnrollment.enroll_by_email(student_email, course_id, course_mode) if email_students: email_params['message_type'] = 'enrolled_enroll' email_params['email_address'] = student_email email_params['full_name'] = previous_state.full_name send_mail_to_student(student_email, email_params, language=language) elif not is_email_retired(student_email): cea, _ = CourseEnrollmentAllowed.objects.get_or_create(course_id=course_id, email=student_email) cea.auto_enroll = auto_enroll cea.save() if email_students: email_params['message_type'] = 'allowed_enroll' email_params['email_address'] = student_email send_mail_to_student(student_email, email_params, language=language) after_state = EmailEnrollmentState(course_id, student_email) return previous_state, after_state, enrollment_obj
def enroll_email(course_id, student_email, auto_enroll=False, email_students=False, email_params=None, language=None): """ Enroll a student by email. `student_email` is student's emails e.g. "*****@*****.**" `auto_enroll` determines what is put in CourseEnrollmentAllowed.auto_enroll if auto_enroll is set, then when the email registers, they will be enrolled in the course automatically. `email_students` determines if student should be notified of action by email. `email_params` parameters used while parsing email templates (a `dict`). `language` is the language used to render the email. returns two EmailEnrollmentState's representing state before and after the action. """ previous_state = EmailEnrollmentState(course_id, student_email) enrollment_obj = None if previous_state.user: # if the student is currently unenrolled, don't enroll them in their # previous mode # for now, White Labels use 'shoppingcart' which is based on the # "honor" course_mode. Given the change to use "audit" as the default # course_mode in Open edX, we need to be backwards compatible with # how White Labels approach enrollment modes. if CourseMode.is_white_label(course_id): course_mode = CourseMode.DEFAULT_SHOPPINGCART_MODE_SLUG else: course_mode = None if previous_state.enrollment: course_mode = previous_state.mode enrollment_obj = CourseEnrollment.enroll_by_email(student_email, course_id, course_mode) if email_students: email_params['message_type'] = 'enrolled_enroll' email_params['email_address'] = student_email email_params['full_name'] = previous_state.full_name send_mail_to_student(student_email, email_params, language=language) elif not is_email_retired(student_email): cea, _ = CourseEnrollmentAllowed.objects.get_or_create(course_id=course_id, email=student_email) cea.auto_enroll = auto_enroll cea.save() if email_students: email_params['message_type'] = 'allowed_enroll' email_params['email_address'] = student_email send_mail_to_student(student_email, email_params, language=language) after_state = EmailEnrollmentState(course_id, student_email) return previous_state, after_state, enrollment_obj
def test_is_email_retired_is_retired(): """ Check functionality of is_email_retired when email is retired """ user = UserFactory() original_email = user.email retired_email = get_retired_email_by_email(user.email) # Fake email retirement. user.email = retired_email user.save() assert is_email_retired(original_email)
def test_is_email_retired_is_retired(): """ Check functionality of is_email_retired when email is retired """ user = UserFactory() original_email = user.email retired_email = get_retired_email_by_email(user.email) # Fake email retirement. user.email = retired_email user.save() assert is_email_retired(original_email)
def clean_email(self): """ This is a literal copy from Django 1.4.5's django.contrib.auth.forms.PasswordResetForm Except removing the requirement of active users Validates that a user exists with the given email address. """ email = self.cleaned_data["email"] #The line below contains the only change, removing is_active=True self.users_cache = User.objects.filter(email__iexact=email) ########### Edraak Specific ############# # Allow retired users to get reset my password email retirement_status = None if is_email_retired(email): retirement_status = UserRetirementStatus.objects.filter( original_email=email, current_state__state_name='PENDING').first() if retirement_status: retirement_status.user.email = retirement_status.original_email retirement_status.user.username = retirement_status.original_username retirement_status.user.name = retirement_status.original_name self.users_cache = [retirement_status.user] if not len(self.users_cache): raise forms.ValidationError(self.error_messages['unknown']) if (retirement_status is None) and any( (user.password.startswith(UNUSABLE_PASSWORD_PREFIX)) for user in self.users_cache): raise forms.ValidationError(self.error_messages['unusable']) # if not len(self.users_cache): # raise forms.ValidationError(self.error_messages['unknown']) # if any((user.password.startswith(UNUSABLE_PASSWORD_PREFIX)) # for user in self.users_cache): # raise forms.ValidationError(self.error_messages['unusable']) ########### End of Edraak Specific ########## return email
def test_is_email_retired_not_retired(retirement_user): """ Check functionality of is_email_retired when email is not retired """ assert not is_email_retired(retirement_user.email)
def test_is_email_retired_not_retired(retirement_user): """ Check functionality of is_email_retired when email is not retired """ assert not is_email_retired(retirement_user.email)
def password_change_request_handler(request): """Handle password change requests originating from the account page. Uses the Account API to email the user a link to the password reset page. Note: The next step in the password reset process (confirmation) is currently handled by student.views.password_reset_confirm_wrapper, a custom wrapper around Django's password reset confirmation view. Args: request (HttpRequest) Returns: HttpResponse: 200 if the email was sent successfully HttpResponse: 400 if there is no 'email' POST parameter HttpResponse: 403 if the client has been rate limited HttpResponse: 405 if using an unsupported HTTP method Example usage: POST /account/password """ limiter = BadRequestRateLimiter() if limiter.is_rate_limit_exceeded(request): AUDIT_LOG.warning("Password reset rate limit exceeded") return HttpResponseForbidden() user = request.user # Prefer logged-in user's email email = user.email if user.is_authenticated else request.POST.get('email') if email: try: request_password_change(email, request.is_secure()) if is_email_retired(email): email = get_retired_email_by_email(email) user = user if user.is_authenticated else User.objects.get( email=email) destroy_oauth_tokens(user) except UserNotFound: AUDIT_LOG.info("Invalid password reset attempt") # Increment the rate limit counter limiter.tick_bad_request_counter(request) # If enabled, send an email saying that a password reset was attempted, but that there is # no user associated with the email if configuration_helpers.get_value( 'ENABLE_PASSWORD_RESET_FAILURE_EMAIL', settings.FEATURES['ENABLE_PASSWORD_RESET_FAILURE_EMAIL']): site = get_current_site() message_context = get_base_template_context(site) message_context.update({ 'failed': True, 'request': request, # Used by google_analytics_tracking_pixel 'email_address': email, }) msg = PasswordReset().personalize( recipient=Recipient(username='', email_address=email), language=settings.LANGUAGE_CODE, user_context=message_context, ) ace.send(msg) except UserAPIInternalError as err: log.exception( 'Error occured during password change for user {email}: {error}' .format(email=email, error=err)) return HttpResponse(_( "Some error occured during password change. Please try again"), status=500) return HttpResponse(status=200) else: return HttpResponseBadRequest(_("No email address provided."))
def test_is_email_retired_not_retired(): """ Check functionality of is_email_retired when email is not retired """ user = UserFactory() assert not is_email_retired(user.email)
def test_is_email_retired_not_retired(): """ Check functionality of is_email_retired when email is not retired """ user = UserFactory() assert not is_email_retired(user.email)