def project_modify(request, application_id): try: app = ProjectApplication.objects.get(id=application_id) except ProjectApplication.DoesNotExist: raise Http404 user = request.user if not (user.owns_application(app) or user.is_project_admin(app.id)): m = _(astakos_messages.NOT_ALLOWED) raise PermissionDenied(m) if not user.is_project_admin(): owner = app.owner ok, limit = check_pending_app_quota(owner, precursor=app) if not ok: m = _(astakos_messages.PENDING_APPLICATION_LIMIT_MODIFY) % limit messages.error(request, m) next = reverse('astakos.im.views.project_list') next = restrict_next(next, domain=settings.COOKIE_DOMAIN) return redirect(next) details_fields = ["name", "homepage", "description", "start_date", "end_date", "comments"] membership_fields = ["member_join_policy", "member_leave_policy", "limit_on_members_number"] resource_catalog, resource_groups = _resources_catalog(for_project=True) if resource_catalog is False: # on fail resource_groups contains the result object result = resource_groups messages.error(request, 'Unable to retrieve system resources: %s' % result.reason) extra_context = { 'resource_catalog': resource_catalog, 'resource_groups': resource_groups, 'show_form': True, 'details_fields': details_fields, 'update_form': True, 'membership_fields': membership_fields } response = None with ExceptionHandler(request): response = _update_object( request, object_id=application_id, template_name='im/projects/projectapplication_form.html', summary_template_name='im/projects/projectapplication_form_summary.html', extra_context=extra_context, post_save_redirect=reverse('project_list'), form_class=ProjectApplicationForm, msg=_("The %(verbose_name)s has been received and is under " "consideration.")) if response is not None: return response next = reverse('astakos.im.views.project_list') next = restrict_next(next, domain=settings.COOKIE_DOMAIN) return redirect(next)
def project_modify(request, application_id): try: app = ProjectApplication.objects.get(id=application_id) except ProjectApplication.DoesNotExist: raise Http404 user = request.user if not (user.owns_application(app) or user.is_project_admin(app.id)): m = _(astakos_messages.NOT_ALLOWED) raise PermissionDenied(m) if not user.is_project_admin(): owner = app.owner ok, limit = check_pending_app_quota(owner, precursor=app) if not ok: m = _(astakos_messages.PENDING_APPLICATION_LIMIT_MODIFY) % limit messages.error(request, m) next = reverse('astakos.im.views.project_list') next = restrict_next(next, domain=settings.COOKIE_DOMAIN) return redirect(next) details_fields = ["name", "homepage", "description", "start_date", "end_date", "comments"] membership_fields = ["member_join_policy", "member_leave_policy", "limit_on_members_number"] resource_catalog, resource_groups = _resources_catalog(for_project=True) if resource_catalog is False: # on fail resource_groups contains the result object result = resource_groups messages.error(request, 'Unable to retrieve system resources: %s' % result.reason) extra_context = { 'resource_catalog': resource_catalog, 'resource_groups': resource_groups, 'show_form': True, 'details_fields': details_fields, 'update_form': True, 'membership_fields': membership_fields } response = None with ExceptionHandler(request): response = _update_object( request, object_id=application_id, template_name='im/projects/projectapplication_form.html', extra_context=extra_context, post_save_redirect=reverse('project_list'), form_class=ProjectApplicationForm, msg=_("The %(verbose_name)s has been received and is under " "consideration.")) if response is not None: return response next = reverse('astakos.im.views.project_list') next = restrict_next(next, domain=settings.COOKIE_DOMAIN) return redirect(next)
def project_add(request): user = request.user if not user.is_project_admin(): ok, limit = check_pending_app_quota(user) if not ok: m = _(astakos_messages.PENDING_APPLICATION_LIMIT_ADD) % limit messages.error(request, m) next = reverse('astakos.im.views.project_list') next = restrict_next(next, domain=settings.COOKIE_DOMAIN) return redirect(next) details_fields = ["name", "homepage", "description", "start_date", "end_date", "comments"] membership_fields = ["member_join_policy", "member_leave_policy", "limit_on_members_number"] resource_catalog, resource_groups = _resources_catalog(for_project=True) if resource_catalog is False: # on fail resource_groups contains the result object result = resource_groups messages.error(request, 'Unable to retrieve system resources: %s' % result.reason) extra_context = { 'resource_catalog': resource_catalog, 'resource_groups': resource_groups, 'show_form': True, 'details_fields': details_fields, 'membership_fields': membership_fields} response = None with ExceptionHandler(request): response = _create_object( request, template_name='im/projects/projectapplication_form.html', summary_template_name='im/projects/projectapplication_form_summary.html', extra_context=extra_context, post_save_redirect=reverse('project_list'), form_class=ProjectApplicationForm, msg=_("The %(verbose_name)s has been received and " "is under consideration."), ) if response is not None: return response next = reverse('astakos.im.views.project_list') next = restrict_next(next, domain=settings.COOKIE_DOMAIN) return redirect(next)
def edit_profile(request, template_name='im/profile.html', extra_context=None): """ Allows a user to edit his/her profile. In case of GET request renders a form for displaying the user information. In case of POST updates the user informantion and redirects to ``next`` url parameter if exists. If the user isn't logged in, redirects to settings.LOGIN_URL. **Arguments** ``template_name`` A custom template to use. This is optional; if not specified, this will default to ``im/profile.html``. ``extra_context`` An dictionary of variables to add to the template context. **Template:** im/profile.html or ``template_name`` keyword argument. **Settings:** The view expectes the following settings are defined: * LOGIN_URL: login uri """ extra_context = extra_context or {} form = ProfileForm(instance=request.user, session_key=request.session.session_key) extra_context['next'] = request.GET.get('next') if request.method == 'POST': form = ProfileForm(request.POST, instance=request.user, session_key=request.session.session_key) if form.is_valid(): try: prev_token = request.user.auth_token user = form.save(request=request) next = restrict_next(request.POST.get('next'), domain=settings.COOKIE_DOMAIN) msg = _(astakos_messages.PROFILE_UPDATED) messages.success(request, msg) if form.email_changed: msg = _(astakos_messages.EMAIL_CHANGE_REGISTERED) messages.success(request, msg) if form.password_changed: msg = _(astakos_messages.PASSWORD_CHANGED) messages.success(request, msg) if next: return redirect(next) else: return redirect(reverse('edit_profile')) except ValueError, ve: messages.success(request, ve)
def login(request): """ If there is no `next` request parameter returns 400 (BAD REQUEST). Otherwise, if `next` request parameter is not among the allowed schemes, returns 403 (Forbidden). If the request user is authenticated and has signed the approval terms, redirects to `next` request parameter. If not, redirects to approval terms in order to return back here after agreeing with the terms. Otherwise, redirects to login in order to return back here after successful login. """ next = request.GET.get('next') if not next: return HttpResponseBadRequest('Missing next parameter') if not restrict_next(next, allowed_schemes=REDIRECT_ALLOWED_SCHEMES): return HttpResponseForbidden(_( astakos_messages.NOT_ALLOWED_NEXT_PARAM)) force = request.GET.get('force', None) response = HttpResponse() if force == '' and request.user.is_authenticated(): logout(request) if request.user.is_authenticated(): # if user has not signed the approval terms # redirect to approval terms with next the request path if not request.user.signed_terms: # first build next parameter parts = list(urlsplit(request.build_absolute_uri())) params = dict(parse_qsl(parts[3], keep_blank_values=True)) parts[3] = urlencode(params) next = urlunsplit(parts) # build url location parts[2] = reverse('latest_terms') params = {'next': next} parts[3] = urlencode(params) url = urlunsplit(parts) return WebloginHttpResponseRedirect(url) renew = request.GET.get('renew', None) if renew == '': request.user.renew_token(flush_sessions=True, current_key=request.session.session_key) try: request.user.save() except ValidationError, e: return WebloginHttpResponseBadRequest(e) # authenticate before login user = authenticate(username=request.user.username, auth_token=request.user.auth_token) auth_login(request, user) logger.info('Token reset for %s' % user.username) parts = list(urlsplit(next)) parts[3] = urlencode({ 'uuid': request.user.uuid, 'token': request.user.auth_token }) url = urlunsplit(parts) return WebloginHttpResponseRedirect(url)
def project_add(request): user = request.user if not user.is_project_admin(): ok, limit = check_pending_app_quota(user) if not ok: m = _(astakos_messages.PENDING_APPLICATION_LIMIT_ADD) % limit messages.error(request, m) next = reverse('astakos.im.views.project_list') next = restrict_next(next, domain=settings.COOKIE_DOMAIN) return redirect(next) details_fields = ["name", "homepage", "description", "start_date", "end_date", "comments"] membership_fields = ["member_join_policy", "member_leave_policy", "limit_on_members_number"] resource_catalog, resource_groups = _resources_catalog(for_project=True) if resource_catalog is False: # on fail resource_groups contains the result object result = resource_groups messages.error(request, 'Unable to retrieve system resources: %s' % result.reason) extra_context = { 'resource_catalog': resource_catalog, 'resource_groups': resource_groups, 'show_form': True, 'details_fields': details_fields, 'membership_fields': membership_fields} response = None with ExceptionHandler(request): response = _create_object( request, template_name='im/projects/projectapplication_form.html', extra_context=extra_context, post_save_redirect=reverse('project_list'), form_class=ProjectApplicationForm, msg=_("The %(verbose_name)s has been received and " "is under consideration."), ) if response is not None: return response next = reverse('astakos.im.views.project_list') next = restrict_next(next, domain=settings.COOKIE_DOMAIN) return redirect(next)
def project_cancel_member(request, memb_id): next = request.GET.get('next') if not next: next = reverse('astakos.im.views.project_list') with ExceptionHandler(request): _project_cancel_member(request, memb_id) next = restrict_next(next, domain=settings.COOKIE_DOMAIN) return redirect(next)
def project_join(request, chain_id): next = request.GET.get('next') if not next: next = reverse('astakos.im.views.project_detail', args=(chain_id, )) with ExceptionHandler(request): _project_join(request, chain_id) next = restrict_next(next, domain=settings.COOKIE_DOMAIN) return redirect(next)
def project_cancel(request, chain_id): next = request.GET.get('next') if not next: next = reverse('astakos.im.views.project_list') with ExceptionHandler(request): _project_cancel(request, chain_id) next = restrict_next(next, domain=settings.COOKIE_DOMAIN) return redirect(next)
def redirect_to_next(request, default_resolve, *args, **kwargs): next = kwargs.pop('next', None) if not next: default = restrict_reverse(default_resolve, *args, restrict_domain=settings.COOKIE_DOMAIN, **kwargs) next = request.GET.get('next', default) next = restrict_next(next, domain=settings.COOKIE_DOMAIN) return redirect(next)
def project_add(request): user = request.user if not user.is_project_admin(): ok, limit = check_pending_app_quota(user) if not ok: m = _(astakos_messages.PENDING_APPLICATION_LIMIT_ADD) % limit messages.error(request, m) next = reverse('astakos.im.views.project_list') next = restrict_next(next, domain=settings.COOKIE_DOMAIN) return redirect(next) details_fields = ["name", "homepage", "description", "start_date", "end_date", "comments"] membership_fields = ["member_join_policy", "member_leave_policy", "limit_on_members_number"] resource_catalog, resource_groups = _resources_catalog() if resource_catalog is False: # on fail resource_groups contains the result object result = resource_groups messages.error(request, 'Unable to retrieve system resources: %s' % result.reason) extra_context = { 'resource_catalog': resource_catalog, 'resource_groups': resource_groups, 'show_form': True, 'details_fields': details_fields, 'membership_fields': membership_fields} response = None with ExceptionHandler(request): response = create_app_object(request, extra_context=extra_context) if response is not None: return response next = reverse('astakos.im.views.project_list') next = restrict_next(next, domain=settings.COOKIE_DOMAIN) return redirect(next)
def _approval_terms_post(request, template_name, terms, extra_context): next = restrict_next(request.POST.get('next'), domain=settings.COOKIE_DOMAIN) if not next: next = reverse('index') form = SignApprovalTermsForm(request.POST, instance=request.user) if not form.is_valid(): return render_response(template_name, terms=terms, approval_terms_form=form, context_instance=get_context( request, extra_context)) user = form.save() return HttpResponseRedirect(next)
def project_app_cancel(request, application_id): next = request.GET.get('next') chain_id = None with ExceptionHandler(request): chain_id = _project_app_cancel(request, application_id) if not next: if chain_id: next = reverse('astakos.im.views.project_detail', args=(chain_id,)) else: next = reverse('astakos.im.views.project_list') next = restrict_next(next, domain=settings.COOKIE_DOMAIN) return redirect(next)
def _approval_terms_post(request, template_name, terms, extra_context): next = restrict_next( request.POST.get('next'), domain=settings.COOKIE_DOMAIN ) if not next: next = reverse('index') form = SignApprovalTermsForm(request.POST, instance=request.user) if not form.is_valid(): return render_response(template_name, terms=terms, approval_terms_form=form, context_instance=get_context(request, extra_context)) user = form.save() return HttpResponseRedirect(next)
def logout(request, template='registration/logged_out.html', extra_context=None): """ Wraps `django.contrib.auth.logout`. """ extra_context = extra_context or {} response = HttpResponse() if request.user.is_authenticated(): email = request.user.email auth_logout(request) else: response['Location'] = reverse('index') response.status_code = 301 return response next = restrict_next( request.GET.get('next'), domain=settings.COOKIE_DOMAIN ) if next: response['Location'] = next response.status_code = 302 elif settings.LOGOUT_NEXT: response['Location'] = settings.LOGOUT_NEXT response.status_code = 301 else: last_provider = request.COOKIES.get( 'astakos_last_login_method', 'local') try: provider = auth.get_provider(last_provider) except auth.InvalidProvider: provider = auth.get_provider('local') message = provider.get_logout_success_msg extra = provider.get_logout_success_extra_msg if extra: message += "<br />" + extra messages.success(request, message) response['Location'] = reverse('index') response.status_code = 301 return response
def login(request): """ If there is no ``next`` request parameter redirects to astakos index page displaying an error message. If the request user is authenticated and has signed the approval terms, redirects to `next` request parameter. If not, redirects to approval terms in order to return back here after agreeing with the terms. Otherwise, redirects to login in order to return back here after successful login. """ next = request.GET.get('next') if not next: next = reverse('index') if not restrict_next(next, allowed_schemes=REDIRECT_ALLOWED_SCHEMES): return HttpResponseForbidden(_( astakos_messages.NOT_ALLOWED_NEXT_PARAM)) force = request.GET.get('force', None) response = HttpResponse() if force == '' and request.user.is_authenticated(): logout(request) if request.user.is_authenticated(): # if user has not signed the approval terms # redirect to approval terms with next the request path if not request.user.signed_terms: # first build next parameter parts = list(urlsplit(request.build_absolute_uri())) params = dict(parse_qsl(parts[3], keep_blank_values=True)) parts[3] = urlencode(params) next = urlunsplit(parts) # build url location parts[2] = reverse('latest_terms') params = {'next': next} parts[3] = urlencode(params) url = urlunsplit(parts) response['Location'] = url response.status_code = 302 return response renew = request.GET.get('renew', None) if renew == '': request.user.renew_token( flush_sessions=True, current_key=request.session.session_key ) try: request.user.save() except ValidationError, e: return HttpResponseBadRequest(e) # authenticate before login user = authenticate( username=request.user.username, auth_token=request.user.auth_token ) auth_login(request, user) logger.info('Token reset for %s' % user.username) parts = list(urlsplit(next)) parts[3] = urlencode({ 'uuid': request.user.uuid, 'token': request.user.auth_token }) url = urlunsplit(parts) response['Location'] = url response.status_code = 302 return response
if not term: messages.error(request, _(astakos_messages.NO_APPROVAL_TERMS)) return HttpResponseRedirect(reverse('index')) try: f = open(term.location, 'r') except IOError: messages.error(request, _(astakos_messages.GENERIC_ERROR)) return render_response( template_name, context_instance=get_context(request, extra_context)) terms = f.read() if request.method == 'POST': next = restrict_next( request.POST.get('next'), domain=settings.COOKIE_DOMAIN ) if not next: next = reverse('index') form = SignApprovalTermsForm(request.POST, instance=request.user) if not form.is_valid(): return render_response(template_name, terms=terms, approval_terms_form=form, context_instance=get_context(request, extra_context)) user = form.save() return HttpResponseRedirect(next) else: form = None if request.user.is_authenticated() and not request.user.signed_terms:
if not term: messages.error(request, _(astakos_messages.NO_APPROVAL_TERMS)) return HttpResponseRedirect(reverse('index')) try: f = open(term.location, 'r') except IOError: messages.error(request, _(astakos_messages.GENERIC_ERROR)) return render_response(template_name, context_instance=get_context( request, extra_context)) terms = f.read() if request.method == 'POST': next = restrict_next(request.POST.get('next'), domain=settings.COOKIE_DOMAIN) if not next: next = reverse('index') form = SignApprovalTermsForm(request.POST, instance=request.user) if not form.is_valid(): return render_response(template_name, terms=terms, approval_terms_form=form, context_instance=get_context( request, extra_context)) user = form.save() return HttpResponseRedirect(next) else: form = None if request.user.is_authenticated() and not request.user.signed_terms: form = SignApprovalTermsForm(instance=request.user)
def edit_profile(request, template_name='im/profile.html', extra_context=None): """ Allows a user to edit his/her profile. In case of GET request renders a form for displaying the user information. In case of POST updates the user informantion and redirects to ``next`` url parameter if exists. If the user isn't logged in, redirects to settings.LOGIN_URL. **Arguments** ``template_name`` A custom template to use. This is optional; if not specified, this will default to ``im/profile.html``. ``extra_context`` An dictionary of variables to add to the template context. **Template:** im/profile.html or ``template_name`` keyword argument. **Settings:** The view expectes the following settings are defined: * LOGIN_URL: login uri """ request.user = AstakosUser.objects.select_for_update().\ get(id=request.user.id) extra_context = extra_context or {} form = ProfileForm( instance=request.user, session_key=request.session.session_key ) extra_context['next'] = request.GET.get('next') if request.method == 'POST': form = ProfileForm( request.POST, instance=request.user, session_key=request.session.session_key ) if form.is_valid(): try: prev_token = request.user.auth_token user = form.save(request=request) next = restrict_next( request.POST.get('next'), domain=settings.COOKIE_DOMAIN ) msg = _(astakos_messages.PROFILE_UPDATED) messages.success(request, msg) if form.email_changed: msg = _(astakos_messages.EMAIL_CHANGE_REGISTERED) messages.success(request, msg) if form.password_changed: msg = _(astakos_messages.PASSWORD_CHANGED) messages.success(request, msg) if next: return redirect(next) else: return redirect(reverse('edit_profile')) except ValueError, ve: messages.success(request, ve)