def test_get_or_create_user_already_exists(self):
backend = DekiUserBackend()
deki_user = DekiUser(13, 'hobo', 'Hobo McKee', '*****@*****.**', 'http://www.audienceoftwo.com/pics/upload/v1i6hobo.jpg')
user = backend.get_or_create_user(deki_user)
self.assertEquals(user.username, 'hobo')
self.assertEquals(2, user.id)
self.assertEquals(3, user.get_profile().id)
self.assertEquals(13, user.get_profile().deki_user_id)
def test_get_or_create_user_already_exists(self):
backend = DekiUserBackend()
deki_user = DekiUser(
13, 'hobo', 'Hobo McKee', '*****@*****.**',
'http://www.audienceoftwo.com/pics/upload/v1i6hobo.jpg')
user = backend.get_or_create_user(deki_user)
self.assertEquals(user.username, 'hobo')
self.assertEquals(2, user.id)
self.assertEquals(3, user.get_profile().id)
self.assertEquals(13, user.get_profile().deki_user_id)
def clean_email(self):
try:
return super(PasswordResetForm, self).clean_email()
except forms.ValidationError as e:
email = self.cleaned_data["email"]
deki_user = DekiUserBackend.get_deki_user_by_email(email)
if deki_user is None:
raise e
else:
user = DekiUserBackend.get_or_create_user(deki_user)
self.users_cache = User.objects.filter(email__iexact=email)
return user.email
raise e
def browserid_verify(request):
"""Process a submitted BrowserID assertion.
If valid, try to find either a Django or MindTouch user that matches the
verified email address. If neither is found, we bounce to a profile
creation page (ie. browserid_register)."""
redirect_to = (_clean_next_url(request) or
getattr(settings, 'LOGIN_REDIRECT_URL', reverse('home')))
redirect_to_failure = (_clean_next_url(request) or
getattr(settings, 'LOGIN_REDIRECT_URL_FAILURE', reverse('home')))
failure_resp = set_browserid_explained(
HttpResponseRedirect(redirect_to_failure))
# If the form's not valid, then this is a failure.
form = BrowserIDForm(data=request.POST)
if not form.is_valid():
return failure_resp
# If the BrowserID assersion is not valid, then this is a failure.
result = _verify_browserid(form, request)
if not result:
return failure_resp
# So far, so good: We have a verified email address. But, no user, yet.
email = result['email']
user = None
# Look for first most recently used Django account, use if found.
user = _get_latest_user_with_email(email)
# If no Django account, look for a MindTouch account by email. But, only if
# there's a MindTouch API available. If found, auto-create the user.
if not user and settings.DEKIWIKI_ENDPOINT:
deki_user = DekiUserBackend.get_deki_user_by_email(email)
if deki_user:
user = DekiUserBackend.get_or_create_user(deki_user)
# If we got a user from either the Django or MT paths, complete login for
# Django and MT and redirect.
if user:
user.backend = 'django_browserid.auth.BrowserIDBackend'
auth.login(request, user)
return set_browserid_explained(
_redirect_with_mindtouch_login(redirect_to, user.username))
# Retain the verified email in a session, redirect to registration page.
request.session[SESSION_VERIFIED_EMAIL] = email
request.session[SESSION_REDIRECT_TO] = redirect_to
return set_browserid_explained(
HttpResponseRedirect(reverse('users.browserid_register')))
def browserid_verify(request):
"""Process a submitted BrowserID assertion.
If valid, try to find either a Django or MindTouch user that matches the
verified email address. If neither is found, we bounce to a profile
creation page (ie. browserid_register)."""
redirect_to = (_clean_next_url(request) or
getattr(settings, 'LOGIN_REDIRECT_URL', reverse('home')))
redirect_to_failure = (_clean_next_url(request) or
getattr(settings, 'LOGIN_REDIRECT_URL_FAILURE', reverse('home')))
failure_resp = set_browserid_explained(
HttpResponseRedirect(redirect_to_failure))
# If the form's not valid, then this is a failure.
form = BrowserIDForm(data=request.POST)
if not form.is_valid():
return failure_resp
# If the BrowserID assersion is not valid, then this is a failure.
result = _verify_browserid(form, request)
if not result:
return failure_resp
# So far, so good: We have a verified email address. But, no user, yet.
email = result['email']
user = None
# Look for first most recently used Django account, use if found.
user = _get_latest_user_with_email(email)
# If no Django account, look for a MindTouch account by email. But, only if
# there's a MindTouch API available. If found, auto-create the user.
if not user and settings.DEKIWIKI_ENDPOINT:
deki_user = DekiUserBackend.get_deki_user_by_email(email)
if deki_user:
user = DekiUserBackend.get_or_create_user(deki_user)
# If we got a user from either the Django or MT paths, complete login for
# Django and MT and redirect.
if user:
user.backend = 'django_browserid.auth.BrowserIDBackend'
auth.login(request, user)
return set_browserid_explained(
_redirect_with_mindtouch_login(redirect_to, user.username))
# Retain the verified email in a session, redirect to registration page.
request.session[SESSION_VERIFIED_EMAIL] = email
request.session[SESSION_REDIRECT_TO] = redirect_to
return set_browserid_explained(
HttpResponseRedirect(reverse('users.browserid_register')))
def clean_email(self):
try:
return super(PasswordResetForm, self).clean_email()
except forms.ValidationError as e:
if not settings.DEKIWIKI_ENDPOINT:
# Skip MindTouch API, if unavailable.
raise e
email = self.cleaned_data["email"]
deki_user = DekiUserBackend.get_deki_user_by_email(email)
if deki_user is None:
raise e
else:
user = DekiUserBackend.get_or_create_user(deki_user)
self.users_cache = User.objects.filter(email__iexact=email)
return user.email
raise e
def clean_email(self):
try:
return super(PasswordResetForm, self).clean_email()
except forms.ValidationError as e:
if not settings.DEKIWIKI_ENDPOINT:
# Skip MindTouch API, if unavailable.
raise e
email = self.cleaned_data["email"]
deki_user = DekiUserBackend.get_deki_user_by_email(email)
if deki_user is None:
raise e
else:
user = DekiUserBackend.get_or_create_user(deki_user)
self.users_cache = User.objects.filter(email__iexact=email)
return user.email
raise e
def get_django_user_id_for_deki_id(self, deki_user_id):
"""Given a Deki user ID, come up with a Django user object whether we
need to migrate it first or just fetch it."""
# If we don't already have this Deki user cached, look up or migrate
if deki_user_id not in self.user_ids:
# Look up the user straight from the database
self.cur.execute("SELECT * FROM users AS u WHERE u.user_id = %s",
(deki_user_id,))
r = list(self._query_dicts(self.cur))
if not len(r):
# HACK: If, for some reason the user is missing from MindTouch,
# just put and use the superuser. Seems to happen mainly for
# user #0, which is probably superuser anyway.
return self.get_superuser_id()
# Build a DekiUser object from the database record, and make sure
# it's active.
user = r[0]
deki_user = DekiUser(id=user['user_id'],
username=user['user_name'],
fullname=user['user_real_name'],
email=user['user_email'],
gravatar='',)
deki_user.is_active = True
# Scan user grants for admin roles to set Django flags.
self.cur.execute("""SELECT * FROM user_grants AS ug
WHERE user_id = %s""",
(deki_user_id,))
is_admin = False
for rg in self._query_dicts(self.cur):
if rg['role_id'] in self.admin_role_ids:
is_admin = True
deki_user.is_superuser = deki_user.is_staff = is_admin
# Finally get/create Django user and cache it.
user = DekiUserBackend.get_or_create_user(deki_user,
sync_attrs=[])
self.user_ids[deki_user_id] = user.pk
return self.user_ids[deki_user_id]
def browserid_verify(request):
"""Process a submitted BrowserID assertion.
If valid, try to find either a Django or MindTouch user that matches the
verified email address. If neither is found, we bounce to a profile
creation page (ie. browserid_register)."""
redirect_to = (_clean_next_url(request) or
getattr(settings, 'LOGIN_REDIRECT_URL', reverse('home')))
redirect_to_failure = (_clean_next_url(request) or
getattr(settings, 'LOGIN_REDIRECT_URL_FAILURE', reverse('home')))
failure_resp = set_browserid_explained(
HttpResponseRedirect(redirect_to_failure))
# If the form's not valid, then this is a failure.
form = BrowserIDForm(data=request.POST)
if not form.is_valid():
return failure_resp
# If the BrowserID assersion is not valid, then this is a failure.
result = _verify_browserid(form, request)
if not result:
return failure_resp
# So far, so good: We have a verified email address. But, no user, yet.
email = result['email']
user = None
# TODO: This user lookup and create stuff probably belongs in the model:
# If user is authenticated, change their email
if request.user.is_authenticated():
user = _get_latest_user_with_email(email)
# If a user with the email already exists, don't change
if user and user != request.user:
messages.error(request, 'That email already belongs to another '
'user.')
return set_browserid_explained(
HttpResponseRedirect(reverse('users.change_email')))
else:
user = request.user
user.email = email
user.save()
redirect_to = reverse('devmo_profile_edit', args=[user.username, ])
else:
# Look for first most recently used Django account, use if found.
user = _get_latest_user_with_email(email)
# If no Django account, look for a MindTouch account by email.
# If found, auto-create the user.
if not user:
deki_user = DekiUserBackend.get_deki_user_by_email(email)
if deki_user:
user = DekiUserBackend.get_or_create_user(deki_user)
# If we got a user from either the Django or MT paths, complete login for
# Django and MT and redirect.
if user:
user.backend = 'django_browserid.auth.BrowserIDBackend'
auth.login(request, user)
return set_browserid_explained(
_redirect_with_mindtouch_login(redirect_to, user.username))
# Retain the verified email in a session, redirect to registration page.
request.session[SESSION_VERIFIED_EMAIL] = email
request.session[SESSION_REDIRECT_TO] = redirect_to
return set_browserid_explained(
HttpResponseRedirect(reverse('users.browserid_register')))
