def test_setup(test):
"""Create some models needed for the tests."""
ututi.tests.setUp(test)
setUpUser()
uni = LocationTag.get(u'uni')
dep = LocationTag(u'department', u'dep', u'', uni, member_policy='PUBLIC')
meta.Session.add(dep)
meta.Session.commit()
u = User.get('*****@*****.**', uni)
meta.set_active_user(u.id)
g = Group('moderators', u'Moderatoriai', LocationTag.get(u'vu'), date.today(), u'U2ti moderatoriai.')
role = GroupMembershipType.get('administrator')
gm = GroupMember()
gm.user = u
gm.group = g
gm.role = role
meta.Session.add(g)
meta.Session.add(gm)
meta.Session.add(Subject(u'subject', u'A Generic subject', uni, u''))
meta.Session.commit()
meta.set_active_user(u.id)
def register_teacher(self, location):
# bounce existing users to different action
if c.user is not None:
redirect(location.url(action='register_teacher_existing'))
if not hasattr(self, 'form_result'):
return htmlfill.render(self._register_teacher_form())
email = self.form_result['email']
if User.get(email, location):
h.flash(_('The email you entered is registered in Ututi. '
'Please login to proceed.'))
destination = location.url(action='register_teacher_existing')
redirect(url(controller='home', action='login', email=email,
came_from=destination))
# lookup/create registration entry and send confirmation code to user
registration = UserRegistration.create_or_update(location, email)
registration.teacher = True
meta.Session.commit()
registration.send_confirmation_email()
# show confirmation page
c.email = email
return render('registration/email_approval.mako')
def _try_to_login(self, name, email, google_id=None, facebook_id=None,
fb_access_token=None):
assert bool(google_id) != bool(facebook_id)
if google_id:
user = User.get_byopenid(google_id)
elif facebook_id:
user = User.get_byfbid(facebook_id)
if user is not None:
# Existing user, log him in and proceed.
if facebook_id and not user.logo:
user.update_logo_from_facebook()
meta.Session.commit()
sign_in_user(user)
redirect(c.came_from or url(controller='home', action='index'))
else:
# Facebook needs to be asked for the email separately.
if facebook_id:
name, email = self._facebook_name_and_email(facebook_id,
fb_access_token)
if not email:
h.flash(_('Facebook did not provide your email address.'))
redirect(c.came_from or url(controller='home', action='index'))
# This user has never logged in using FB/Google before.
user = User.get_global(email)
if user is None:
h.flash(_('Login failed. Please login using your username and bind your account first.'))
redirect(url(controller='home', action='login'))
else:
# Existing user logging in using FB/Google.
if google_id:
h.flash(_('Your Google account "%s" has been linked to your existing Ututi account.') % email)
user.openid = google_id
elif facebook_id:
h.flash(_('Your Facebook account "%s" has been linked to your existing Ututi account.') % email)
user.facebook_id = facebook_id
bind_group_invitations(user)
if not user.logo:
user.update_logo_from_facebook()
meta.Session.commit()
sign_in_user(user)
redirect(c.came_from or url(controller='home', action='index'))
def google_verify(self):
openid_session = session.get("openid_session", {})
openid_store = None # stateless
cons = Consumer(openid_session, openid_store)
info = cons.complete(request.params,
url('google_verify', qualified=True))
display_identifier = info.getDisplayIdentifier()
if info.status == consumer.SUCCESS:
identity_url = info.identity_url
if 'linking_to_user' in session:
user = User.get_byid(session.pop('linking_to_user'))
if not User.get_byopenid(identity_url):
user.openid = identity_url
meta.Session.commit()
h.flash(_('Linked to Google account.'))
else:
h.flash(_('This Google account is already linked to another Ututi account.'))
redirect(url(controller='profile', action='login_settings'))
name = '%s %s' % (request.params.get('openid.ext1.value.firstname'),
request.params.get('openid.ext1.value.lastname'))
email = request.params.get('openid.ext1.value.email')
return self._try_to_login(name, email, google_id=identity_url)
elif info.status == consumer.FAILURE and display_identifier:
# In the case of failure, if info is non-None, it is the
# URL that we were verifying. We include it in the error
# message to help the user figure out what happened.
fmt = _("Verification of %s failed: %s")
message = fmt % (display_identifier, cgi.escape(info.message))
elif info.status == consumer.CANCEL:
message = _('Verification cancelled')
elif info.status == consumer.SETUP_NEEDED:
if info.setup_url:
message = _('<a href=%s>Setup needed</a>') % (
quoteattr(info.setup_url),)
else:
# This means auth didn't succeed, but you're welcome to try
# non-immediate mode.
message = _('Setup needed')
else:
message = _('Authentication failed: %s') % info.message
# TODO: log info.status and info.message
h.flash(message)
redirect(c.came_from or url(controller='federation', action='index'))
def setUpModeratorGroup():
u = User.get('*****@*****.**', LocationTag.get(u'uni'))
meta.set_active_user(u.id)
g = Group('moderators', u'Moderatoriai', LocationTag.get(u'uni'), date.today(), u'U2ti moderatoriai.')
g.moderators = True
g.add_member(u, True)
meta.Session.add(g)
meta.Session.commit()
meta.set_active_user(u.id)
def get_user(self, id=None):
try:
id = int(id)
except (ValueError, TypeError):
abort(404)
user = User.get_byid(id)
if user is None:
abort(404)
redirect(user.url())
def _bind_user(self, user, flash=True):
"""Bind user to FB/Google account (retrieve info from session)."""
if session.get('confirmed_openid'):
if User.get_byopenid(session['confirmed_openid']):
# This rarely happens, but we have to check to avoid an error.
if flash:
h.flash(_('This Google account is already linked to another Ututi account.'))
return
user.openid = session['confirmed_openid']
if flash:
h.flash(_('Your Google account has been associated with your Ututi account.'))
elif session.get('confirmed_facebook_id'):
if User.get_byfbid(session['confirmed_facebook_id']):
# This rarely happens, but we have to check to avoid an error.
if flash:
h.flash(_('This Facebook account is already linked to another Ututi account.'))
return
user.facebook_id = int(session['confirmed_facebook_id'])
user.update_logo_from_facebook()
if flash:
h.flash(_('Your Facebook account has been associated with your Ututi account.'))
def test_setup(test):
"""Create some models needed for the tests."""
ututi.tests.setUp(test)
setUpUser()
u = User.get('*****@*****.**', LocationTag.get(u'uni'))
meta.set_active_user(u.id)
g = Group('moderators', u'Moderatoriai', LocationTag.get(u'vu'), date.today(), u'U2ti moderatoriai.')
meta.Session.add(g)
meta.Session.commit()
meta.set_active_user(u.id)
def login(self, location):
email = request.POST.get('login')
password = request.POST.get('password')
remember = True if request.POST.get('remember', None) else False
destination = c.came_from or location.url(action='index')
if password is not None:
user = User.authenticate(location, email, password.encode('utf-8'))
c.header = _('Wrong username or password!')
c.message = _('You seem to have entered your username and password wrong, please try again!')
if user is not None:
from ututi.lib.security import sign_in_user
sign_in_user(user, long_session=remember)
redirect(str(destination))
return render('location/login.mako')
def facebook_bind_proxy(self):
if c.user is not None:
fb_user = facebook.get_user_from_cookie(request.cookies,
config['facebook.appid'], config['facebook.secret'])
if not fb_user:
h.flash(_("Failed to link Facebook account"))
else:
facebook_id = int(fb_user['uid'])
if not User.get_byfbid(facebook_id):
c.user.facebook_id = facebook_id
c.user.update_logo_from_facebook()
meta.Session.commit()
h.flash(_("Linked to Facebook account."))
else:
h.flash(_('This Facebook account is already linked to another Ututi account.'))
redirect(c.redirect_to or url('frontpage'))
def test_setup(test):
"""Create some models needed for the tests."""
ututi.tests.setUp(test)
setUpUser()
u = User.get('*****@*****.**', LocationTag.get('uni'))
meta.set_active_user(u.id)
g = Group('moderators', u'Moderatoriai', LocationTag.get(u'uni'), date.today(), u'U2ti moderatoriai.')
role = GroupMembershipType.get('administrator')
gm = GroupMember()
gm.user = u
gm.group = g
gm.role = role
meta.Session.add(g)
meta.Session.add(gm)
meta.Session.commit()
def google_verify(self, registration):
openid_session = session.get("openid_session", {})
openid_store = None # stateless
cons = Consumer(openid_session, openid_store)
current_url = registration.url(action='google_verify', qualified=True)
info = cons.complete(request.params, current_url)
display_identifier = info.getDisplayIdentifier()
if info.status == consumer.SUCCESS:
identity_url = info.identity_url
if User.get_byopenid(identity_url, registration.location):
message = _('This Google account is already linked to another Ututi account.')
else:
registration.openid = identity_url
if not registration.fullname:
registration.fullname = '%s %s' % (
request.params.get('openid.ext1.value.firstname'),
request.params.get('openid.ext1.value.lastname'))
email = request.params.get('openid.ext1.value.email')
registration.openid_email = email
meta.Session.commit()
message = _('Linked to Google account.')
elif info.status == consumer.FAILURE and display_identifier:
# In the case of failure, if info is non-None, it is the
# URL that we were verifying. We include it in the error
# message to help the user figure out what happened.
fmt = _("Verification of %s failed: %s")
message = fmt % (display_identifier, cgi.escape(info.message))
elif info.status == consumer.CANCEL:
message = _('Verification cancelled')
elif info.status == consumer.SETUP_NEEDED:
if info.setup_url:
message = _('<a href=%s>Setup needed</a>') % quoteattr(info.setup_url),
else:
# This means auth didn't succeed, but you're welcome to try
# non-immediate mode.
message = _('Setup needed')
else:
message = _('Authentication failed: %s') % info.message
# TODO: log info.status and info.message
h.flash(message)
redirect(registration.url(action='personal_info'))
def register(self, location):
if not hasattr(self, 'form_result'):
return htmlfill.render(self._register_form())
email = self.form_result['email']
# redirect to login if user is registered in this university
if User.get(email, location.root):
h.flash(_('The email you entered is registered in Ututi. '
'Please login to proceed.'))
redirect(url(controller='home', action='login', email=email))
# lookup/create registration entry and send confirmation code to user
registration = UserRegistration.create_or_update(location, email)
meta.Session.commit()
registration.send_confirmation_email()
# show confirmation page
c.email = email
return render('registration/email_approval.mako')
def link_facebook(self, registration):
fb_user = facebook.get_user_from_cookie(request.cookies,
config['facebook.appid'], config['facebook.secret'])
if not fb_user:
h.flash(_("Failed to link Facebook account"))
else:
facebook_id = int(fb_user['uid'])
fb_access_token = fb_user['access_token']
if not User.get_byfbid(facebook_id, registration.location):
registration.facebook_id = facebook_id
registration.update_logo_from_facebook()
name, email = self._facebook_name_and_email(facebook_id, fb_access_token)
if not registration.fullname:
registration.fullname = name
registration.facebook_email = email
meta.Session.commit()
h.flash(_("Linked to Facebook account."))
else:
h.flash(_('This Facebook account is already linked to another user.'))
redirect(registration.url(action='personal_info'))
def validate_python(self, value, state):
# If there are users in selected locations and this user are not current
# user, we will show some Error.
for user in User.get_all(c.user.username):
if user.location == value and user.id != c.user.id:
raise Invalid(self.message('duplicated', state), value, state)