def test_inactive_external_users_can_not_request_login_key(self):
data = {"submit_type": "new_key", "email": "*****@*****.**"}
form = NewKeyForm(data)
self.assertFalse(form.is_valid())
self.assertIn("Inactive users cannot request login keys.",
form.errors["email"])
def index(request):
"""Main entry page into EvaP providing all the login options available. The username/password
login is thought to be used for internal users, e.g. by connecting to a LDAP directory.
The login key mechanism is meant to be used to include external participants, e.g. visiting
students or visiting contributors.
"""
# parse the form data into the respective form
submit_type = request.POST.get("submit_type", "no_submit")
new_key_form = NewKeyForm(request.POST if submit_type == "new_key" else None)
login_username_form = LoginUsernameForm(request, request.POST if submit_type == "login_username" else None)
# process form data
if request.method == 'POST':
if new_key_form.is_valid():
# user wants a new login key
profile = new_key_form.get_user()
profile.ensure_valid_login_key()
profile.save()
EmailTemplate.send_login_url_to_user(new_key_form.get_user())
messages.success(request, _("We sent you an email with a one-time login URL. Please check your inbox."))
return redirect('evaluation:index')
elif login_username_form.is_valid():
# user would like to login with username and password and passed password test
auth.login(request, login_username_form.get_user())
# clean up our test cookie
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
# if not logged in by now, render form
if not request.user.is_authenticated:
# set test cookie to verify whether they work in the next step
request.session.set_test_cookie()
template_data = dict(new_key_form=new_key_form, login_username_form=login_username_form)
return render(request, "index.html", template_data)
else:
user, __ = UserProfile.objects.get_or_create(username=request.user.username)
# check for redirect variable
redirect_to = request.GET.get("next", None)
if redirect_to is not None:
return redirect(redirect_to)
# redirect user to appropriate start page
if request.user.is_reviewer:
return redirect('staff:semester_view', Semester.active_semester().id)
if request.user.is_manager:
return redirect('staff:index')
elif request.user.is_grade_publisher:
return redirect('grades:semester_view', Semester.active_semester().id)
elif user.is_student:
return redirect('student:index')
elif user.is_contributor_or_delegate:
return redirect('contributor:index')
else:
return redirect('results:index')
def index(request):
"""Main entry page into EvaP providing all the login options available. The username/password
login is thought to be used for internal users, e.g. by connecting to a LDAP directory.
The login key mechanism is meant to be used to include external participants, e.g. visiting
students or visiting contributors.
"""
# parse the form data into the respective form
submit_type = request.POST.get("submit_type", "no_submit")
new_key_form = NewKeyForm(request.POST if submit_type == "new_key" else None)
login_username_form = LoginUsernameForm(request, request.POST if submit_type == "login_username" else None)
# process form data
if request.method == 'POST':
if new_key_form.is_valid():
# user wants a new login key
profile = new_key_form.get_user()
profile.ensure_valid_login_key()
profile.save()
EmailTemplate.send_login_url_to_user(new_key_form.get_user())
messages.success(request, _("We sent you an email with a one-time login URL. Please check your inbox."))
return redirect('evaluation:index')
elif login_username_form.is_valid():
# user would like to login with username and password and passed password test
auth.login(request, login_username_form.get_user())
# clean up our test cookie
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
# if not logged in by now, render form
if not request.user.is_authenticated:
# set test cookie to verify whether they work in the next step
request.session.set_test_cookie()
template_data = dict(new_key_form=new_key_form, login_username_form=login_username_form)
return render(request, "index.html", template_data)
else:
user, __ = UserProfile.objects.get_or_create(username=request.user.username)
# check for redirect variable
redirect_to = request.GET.get("next", None)
if redirect_to is not None:
return redirect(redirect_to)
# redirect user to appropriate start page
if request.user.is_reviewer:
return redirect('staff:semester_view', Semester.active_semester().id)
if request.user.is_staff:
return redirect('staff:index')
elif request.user.is_grade_publisher:
return redirect('grades:semester_view', Semester.active_semester().id)
elif user.is_student:
return redirect('student:index')
elif user.is_contributor_or_delegate:
return redirect('contributor:index')
else:
return redirect('results:index')
def index(request):
new_key_form = NewKeyForm(request.POST or None)
if request.method == 'POST':
if new_key_form.is_valid():
# user wants a new login key
try:
user = User.objects.get(email__iexact=new_key_form.cleaned_data['email'])
profile = user.get_profile()
profile.generate_logon_key()
profile.save()
EmailTemplate.get_logon_key_template().send_user(user)
except User.DoesNotExist:
messages.warning(request, _(u"No user with this e-mail address was found."))
if not request.user.is_active:
return render_to_response(
"index.html",
dict(
new_key_form=new_key_form
),
context_instance=RequestContext(request))
else:
# redirect user to appropriate start page
if request.user.is_staff:
return redirect('evap.fsr.views.index')
elif request.user.get_profile().is_lecturer:
return redirect('evap.lecturer.views.index')
else:
return redirect('evap.student.views.index')
def index(request):
"""Main entry page into EvaP providing all the login options available. The OpenID login is thought to be used for
internal users. The login key mechanism is meant to be used to include external participants, e.g. visiting
students or visiting contributors. A login with email and password is available if OpenID is deactivated.
"""
# parse the form data into the respective form
submit_type = request.POST.get("submit_type", "no_submit")
new_key_form = NewKeyForm(request.POST if submit_type ==
"new_key" else None)
login_email_form = LoginEmailForm(
request, request.POST if submit_type == "login_email" else None)
# process form data
if request.method == 'POST':
if new_key_form.is_valid():
# user wants a new login key
profile = new_key_form.get_user()
profile.ensure_valid_login_key()
profile.save()
EmailTemplate.send_login_url_to_user(new_key_form.get_user())
messages.success(
request,
_("We sent you an email with a one-time login URL. Please check your inbox."
))
return redirect('evaluation:index')
if login_email_form.is_valid():
# user would like to login with email and password and passed password test
auth.login(request, login_email_form.get_user())
# clean up our test cookie
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
return redirect('evaluation:index')
# if not logged in by now, render form
if not request.user.is_authenticated:
# set test cookie to verify whether they work in the next step
request.session.set_test_cookie()
template_data = dict(
new_key_form=new_key_form,
login_email_form=login_email_form,
openid_active=settings.ACTIVATE_OPEN_ID_LOGIN,
)
return render(request, "index.html", template_data)
# the cached navbar might contain CSRF tokens that are invalid after a new login
delete_navbar_cache_for_users([request.user])
# check for redirect variable
redirect_to = request.GET.get("next", None)
if redirect_to is not None:
return redirect(redirect_to)
return redirect_user_to_start_page(request.user)
def test_inactive_external_users_can_not_request_login_key(self):
data = {
"submit_type": "new_key",
"email": "*****@*****.**"
}
form = NewKeyForm(data)
self.assertFalse(form.is_valid())
self.assertIn("Inactive users cannot request login keys.", form.errors["email"])
def index(request):
"""Main entry page into EvaP providing all the login options available. THe username/password
login is thought to be used for internal users, e.g. by connecting to a LDAP directory.
The login key mechanism is meant to be used to include external participants, e.g. visiting
students or visiting contributors.
"""
# parse the form data into the respective form
submit_type = request.POST.get("submit_type", "no_submit")
new_key_form = NewKeyForm(request.POST if submit_type == "new_key" else None)
login_key_form = LoginKeyForm(request.POST if submit_type == "login_key" else None)
login_username_form = LoginUsernameForm(request, request.POST if submit_type == "login_username" else None)
# process form data
if request.method == 'POST':
if new_key_form.is_valid():
# user wants a new login key
profile = new_key_form.get_user()
profile.generate_login_key()
profile.save()
EmailTemplate.get_login_key_template().send_to_user(new_key_form.get_user(), cc=False)
messages.success(request, _(u"Successfully sent email with new login key."))
elif login_key_form.is_valid():
# user would like to login with a login key and passed key test
auth_login(request, login_key_form.get_user())
elif login_username_form.is_valid():
# user would like to login with username and password and passed password test
auth_login(request, login_username_form.get_user())
# clean up our test cookie
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
# if not logged in by now, render form
if not request.user.is_authenticated():
# set test cookie to verify whether they work in the next step
request.session.set_test_cookie()
template_data = dict(new_key_form=new_key_form, login_key_form=login_key_form, login_username_form=login_username_form)
return render(request, "index.html", template_data)
else:
user, created = UserProfile.objects.get_or_create(username=request.user.username)
# check for redirect variable
redirect_to = request.GET.get("next", None)
if redirect_to is not None:
if redirect_to.startswith("/staff/"):
if request.user.is_staff:
return redirect(redirect_to)
elif redirect_to.startswith("/contributor/"):
if user.is_contributor:
return redirect(redirect_to)
elif redirect_to.startswith("/student/"):
if user.is_participant:
return redirect(redirect_to)
else:
return redirect(redirect_to)
# redirect user to appropriate start page
if request.user.is_staff:
return redirect('evap.staff.views.index')
elif user.is_editor_or_delegate:
return redirect('evap.contributor.views.index')
elif user.is_participant:
return redirect('evap.student.views.index')
else:
return redirect('evap.results.views.index')
def index(request):
"""Main entry page into EvaP providing all the login options available. THe username/password
login is thought to be used for internal users, e.g. by connecting to a LDAP directory.
The login key mechanism is meant to be used to include external participants, e.g. visiting
students or visiting contributors.
"""
# parse the form data into the respective form
submit_type = request.POST.get("submit_type", "no_submit")
new_key_form = NewKeyForm(request.POST if submit_type ==
"new_key" else None)
login_key_form = LoginKeyForm(request.POST if submit_type ==
"login_key" else None)
login_username_form = LoginUsernameForm(
request, request.POST if submit_type == "login_username" else None)
# process form data
if request.method == 'POST':
if new_key_form.is_valid():
# user wants a new login key
profile = new_key_form.get_profile()
profile.generate_login_key()
profile.save()
EmailTemplate.get_login_key_template().send_user(
new_key_form.get_user())
messages.success(request,
_(u"Successfully sent email with new login key."))
elif login_key_form.is_valid():
# user would like to login with a login key and passed key test
auth_login(request, login_key_form.get_user())
elif login_username_form.is_valid():
# user would like to login with username and password and passed password test
auth_login(request, login_username_form.get_user())
# clean up our test cookie
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
# if not logged in by now, render form
if not request.user.is_active:
# set test cookie to verify whether they work in the next step
request.session.set_test_cookie()
return render_to_response("index.html",
dict(
new_key_form=new_key_form,
login_key_form=login_key_form,
login_username_form=login_username_form),
context_instance=RequestContext(request))
else:
# check for redirect variable
next = request.GET.get("next", None)
if not next is None:
if next.startswith("/fsr/"):
if request.user.is_staff:
return redirect(next)
elif next.startswith("/contributor/"):
if UserProfile.get_for_user(request.user).is_contributor:
return redirect(next)
else:
return redirect(next)
# redirect user to appropriate start page
if request.user.is_staff:
return redirect('evap.fsr.views.index')
elif UserProfile.get_for_user(request.user).is_editor_or_delegate:
return redirect('evap.contributor.views.index')
else:
return redirect('evap.student.views.index')
