Example #1
0
    def clean(self):
        cleaned_data = self.cleaned_data
        name = cleaned_data.get('name')

        # if the user hasn't selected a lab group from the drop-down list, make sure they have provided all the other fields
        if not name:
            email = cleaned_data.get('email')
            first_name = cleaned_data.get('first_name')
            last_name = cleaned_data.get('last_name')
            email = cleaned_data.get('email')
            phone = cleaned_data.get('phone')
            mailing_address = cleaned_data.get('mailing_address')

            if not email:
                msg = u'Please provide the Faculty Sponsor\'s email address.'
                self._errors["email"] = self.error_class([msg])
                raise forms.ValidationError(msg)

            #require a harvard email address, 
            #might remove later if ldap search is authoritative
            if not email.lower().endswith('harvard.edu'):
                msg = u'Email must end with "harvard.edu".'
                self._errors["email"] = self.error_class([msg])
                raise forms.ValidationError(msg)
                del cleaned_data["email"]

            if not first_name:
                msg = u'Please provide the Faculty Sponsor\'s first name.'
                self._errors["first_name"] = self.error_class([msg])
                raise forms.ValidationError(msg)

            if not last_name:
                msg = u'Please provide the Faculty Sponsor\'s last name.'
                self._errors["last_name"] = self.error_class([msg])
                raise forms.ValidationError(msg)

            if not phone:
                msg = u'Please provide the Faculty Sponsor\'s phone number.'
                self._errors["phone"] = self.error_class([msg])
                raise forms.ValidationError(msg)

            #check if PI is already in the Lab Group list
            pi_search = PIUser.objects.filter(first_name__iexact=first_name, last_name__iexact=last_name)
            if pi_search.count():
                pi = pi_search[0]
                if pi.labgroup_set.all().count():
                    lab_group = pi.labgroup_set.all()[0]
                    msg = u'The Faculty Sponsor you have added is already in the drop-down menu under "%s".' % (lab_group)
                    self._errors["in_list"] = self.error_class([msg])
                    raise forms.ValidationError(msg)
                else:
                    msg = u'The Faculty Sponsor you have entered is already in the system, but they are not associated with a lab group.<br />'
                    msg += u'Please contact <a href="mailto:[email protected]?subject=\'Missing lab for PI %s %s\'">RCHelp</a> for assistance.' % (pi.first_name, pi.last_name)
                    msg = mark_safe(msg)
                    self._errors["in_list"] = self.error_class([msg])
                    raise forms.ValidationError(msg)
            
            #check if PI is not in AD
            ad_result = []
            ldap = LdapConnection()
            #search by email
            email_search = ldap.search_by_email(email)
            #search by first and last name
            name_search = ldap.search_by_firstname_lastname(first_name, last_name)
            ldap.unbind()

            #usernames for piusers must be unique, so check to see if they already have an account
            if email_search:
                msg = ""
                for name in email_search:
                    msg += '{0} {1} ({2}) already has an RC account.<br />  Please <a href="mailto:[email protected]?subject=\'Missing lab group for  {0} {1}\'">send an email to RCHelp</a>.<br />'.format(name[1]['givenName'][0], name[1]['sn'][0], name[1]['mail'][0])
                msg = mark_safe(msg)
                raise forms.ValidationError(msg)
            
            if name_search:
                msg = ""
                for name in name_search:
                    msg += '{0} {1} ({2}) already has an RC account.<br />  Please <a href="mailto:[email protected]?subject=\'Missing lab group for  {0} {1}\'">send an email to RCHelp</a>.<br />'.format(name[1]['givenName'][0], name[1]['sn'][0], name[1]['mail'][0])
                msg = mark_safe(msg)
                raise forms.ValidationError(msg)

        else:
            #if an item from the drop-down menu has been selected, use the pi info from the lab group
            cleaned_data['username'] = name.pi.username
            cleaned_data['password'] = name.pi.password
            cleaned_data['first_name'] = name.pi.first_name
            cleaned_data['last_name'] = name.pi.last_name
            cleaned_data['email'] = name.pi.email
            cleaned_data['phone'] = name.pi.phone
            cleaned_data['mailing_address'] = name.pi.mailing_address

        return cleaned_data
Example #2
0
    def clean(self):
        cleaned_data = self.cleaned_data
        email = cleaned_data.get('email')
        email_confirm = cleaned_data.get('email_confirm')
        first_name = cleaned_data.get('first_name')
        last_name = cleaned_data.get('last_name')
        password = cleaned_data.get('choose_password')
        confirm_password = cleaned_data.get('confirm_password')

        #make sure email and email confirm match
        if email != email_confirm:
            msg = u'Confirmation Email does not match Email.  Please try again.'
            self._errors["email"] = self.error_class("")
            self._errors["email_confirm"] = self.error_class([msg])
            raise forms.ValidationError(msg)

            del cleaned_data["email"]
            del cleaned_data["email_confirm"]

        #require a harvard email address HAVING A HARVARD EMAIL ADDRESS IS NOT NECESSARY
        #if email and not email.lower().endswith('harvard.edu'):
        #    msg = u'Email must end with "harvard.edu".'
        #    self._errors["email"] = self.error_class([msg])
        #    self._errors["email_confirm"] = self.error_class("")
        #    raise forms.ValidationError(msg)
        #    
        #    del cleaned_data["email"]
        #    del cleaned_data["email_confirm"]            

        #check password matches
        if password != confirm_password:
            msg = u'Your passwords don\'t match.  Please retype your password.'
            self._errors["choose_password"] = self.error_class([msg])
            raise forms.ValidationError(msg)
            
            del password
            del confirm_password

        #check that password is complex
        min_password_length = 8
        special_char_set = set(c for c in '~!@#$%^&*()_+')
        number_char_set = set(c for c in '1234567890')

        if ((len(password) < min_password_length) or #too short
            (password == password.lower()) or #all lowercase
            (password == password.upper()) or #all uppercase
            (not any(passchar in special_char_set for passchar in password)) or #no special chars
            (not any(passchar in number_char_set for passchar in password)) #no numbers
            ): 
            msg = u'Passwords must be at least %s characters in length, contain UPPERCASE letters, lowercase letters, at least one special ch@racter and at least 1 number.' % str(min_password_length)
            self._errors["choose_password"] = self.error_class([msg])
            #raise forms.ValidationError(msg)
            
            del password
            del confirm_password

        #check if user is already in AD
        ldap = LdapConnection()
        #search by email
        email_search = ldap.search_by_email(email)
        #search by first and last name
        name_search = ldap.search_by_firstname_lastname(first_name, last_name)

        if email_search:
            msg = ""
            for name in email_search:
                msg += '{0} {1} ({2}) already has an RC account.<br />  If you have forgotten your password and need it to be reset, please <a href="mailto:[email protected]?subject=\'Password Reset Request for {0} {1}\'">send an email to RCHelp</a>.<br />'.format(name[1]['givenName'][0], name[1]['sn'][0], name[1]['mail'][0])
            msg = mark_safe(msg)
            raise forms.ValidationError(msg)

        if name_search:
            msg = ""
            for name in name_search:
                msg += '{0} {1} ({2}) already has an RC account.<br />  If you have forgotten your password and need it to be reset, please <a href="mailto:[email protected]?subject=\'Password Reset Request for {0}\'">send an email to RCHelp</a>.<br />'.format(name[1]['givenName'][0], name[1]['sn'][0], name[1]['mail'][0])
            msg = mark_safe(msg)
            raise forms.ValidationError(msg)

        ldap.unbind()

        return cleaned_data
Example #3
0
    def done(self, form_list, **kwargs):
            
        #Format the data for output and filter out unnecessary instrument fields
        #This is a bit of a pain: form wizard expects a list of dicts - you can't name them.  Which sucks further down in the code...

        data_list = {}
        for form in form_list:
            form_dict = {}
            if form.prefix == 'spinalresources':
                #only add information for selected instruments
                for k,v in form.cleaned_data.iteritems():
                    if ('instruments' in k) and v:
                        #form_dict[k] = v  This doesn't really tell us much
                        instrument_num = k.strip('instruments[')[:-1]
                        form_dict['resource_admins[%s]' % instrument_num] = form.cleaned_data.get('resource_admins[%s]' % instrument_num)
                    if ('lab_administrators' in k) or ('extra_info' in k):
                        form_dict[k] = v
            else:
                for k,v in form.cleaned_data.iteritems():
                    form_dict[k] = v
            data_list.update({form.prefix: form_dict})

        #Save the Request
        request = Request()
        lab_group = None
        for name, form in data_list.iteritems():
            if 'userinfo' in name:
                rcuser = RCUser()
                username = "******" % (form['first_name'][0:1], form['last_name'])
                rcuser.username = username.lower()
                rcuser.password = "******"
                rcuser.first_name = form['first_name']
                rcuser.last_name = form['last_name']
                rcuser.email = form['email']
                rcuser.title = form['title']
                rcuser.phone = form['phone']
                rcuser.department = form['department']
                rcuser.save()
            elif 'piinfo' in name:
                #If the lab was selected from the drop down menu, get the existing pi from the lab group.
                #Otherwise, create a new pi using the form fields.
                if form['name']:
                    piuser = form['name'].pi
                    lab_group = form['name']
                else:
                    piuser = PIUser()
                    username = "******" % (form['first_name'][0:1], form['last_name'])
                    piuser.username = username.lower()
                    piuser.password = "******"
                    piuser.first_name = form['first_name']
                    piuser.last_name = form['last_name']
                    piuser.email = form['email']
                    piuser.phone = form['phone']
                    piuser.mailing_address = form['mailing_address']
                    piuser.save()
            else:
                for k,v in form.iteritems():
                    request.set_attr(k, v)
        request.rcuser = rcuser
        if lab_group:
            lab_group.members.add(rcuser)
            lab_group.save()
        request.pi = piuser
        request.ignore_me = True  #IGNORE ME!
        request.save()

        for k,v in data_list['servicechoices'].iteritems():
            if v:
                service = Service.objects.get(name=k)
                request.services.add(service)
        request.ignore_me = False
        request.save()

        #Save the LabAdmins and InstrumentRequests
        for name, form in data_list.iteritems():
            if name == 'spinalresources':
                for k,v in form.iteritems():
                    if 'resource_admins' in k:
                        instrument_request = InstrumentRequest()
                        resource_name, resource_group, resource_administrators = v.split(" | ")
                        instrument_request.resource_name = resource_name
                        instrument_request.resource_group = resource_group
                        instrument_request.resource_administrators = resource_administrators
                        instrument_request.request = request
                        instrument_request.save()

                    if ((k == 'lab_administrators') and v) or ((k == 'extra_info') and v):
                        lab_administrator = LabAdministrator() #request only one admin for all resources
                        if (k == 'lab_administrators') and (v != ""):
                            lab_admin_email, lab_admin_name = v.split(" - ")
                            lab_administrator.lab_administrator_name = lab_admin_name
                            lab_administrator.lab_administrator_email = lab_admin_email
                        if (k == 'extra_info' and v != ""):
                            lab_administrator.extra_info = v
                        lab_administrator.request = request
                        lab_administrator.save()

        #create RT Ticket
        subject_text = "Account Request for %s %s" % (data_list['userinfo']['first_name'], data_list['userinfo']['last_name'])
        ticket_text = ""
        ticket_text += " To approve or reject this request, click here:\n"
        ticket_text += " http://%s/admin/requestapp/request/%s/\n" % ('127.0.0.1:8000', request.pk) # change url
        ticket_text += " \n"
        ticket_text += " User Info:\n"
        ticket_text += " - First Name: %s\n" % (data_list['userinfo']['first_name'])
        ticket_text += " - Last Name: %s\n" % (data_list['userinfo']['last_name'])
        ticket_text += " - Email: %s\n" % (data_list['userinfo']['email'])
        ticket_text += " - Phone: %s\n" % (data_list['userinfo']['phone'])
        ticket_text += " \n"
        ticket_text += " Faculty Sponsor:\n"
        if not data_list['piinfo']['name']:
            #lab does not exist, RC needs to create this lab
            ticket_text += " This is a new PI/Lab Group.  Please use the Django Admin to create this group.\n"
        ticket_text += " - PI First Name: %s\n" % (data_list['piinfo']['first_name'])
        ticket_text += " - PI Last Name: %s\n" % (data_list['piinfo']['last_name'])
        ticket_text += " - PI Email: %s\n" % (data_list['piinfo']['email'])
        ticket_text += " - PI Mailing Address: %s\n" % (data_list['piinfo']['mailing_address'])
        ticket_text += " \n"
        ticket_text += " Services:\n"
        if data_list['servicechoices']['Instrument Sign-Up']:
            ticket_text += " User needs instrument access.  See below.\n"

        if data_list['servicechoices']['Storage']:
            ticket_text += " User needs network storage.  See below.\n"


        if data_list['servicechoices']['Other']:
            ticket_text += " User has other needs.  See below.\n"

        if 'spinalresources' in data_list:
            ticket_text += " Spinal Resources\n"
            for k,v in data_list['spinalresources'].iteritems():
                if (('lab_administrators' in k) or 
                    ('extra_info' in k)):
                    ticket_text += " - %s: %s\n" % (k,v)
                else:
                    ticket_text += " - %s\n" % (v)

        if 'storage' in data_list:
            ticket_text += " Storage\n"
            for k,v in data_list['storage'].iteritems():
                ticket_text += " - %s: %s\n" % (k, v)

        if 'otherinfo' in data_list:
            ticket_text += " Other Comments\n"
            for k,v in data_list['otherinfo'].iteritems(): 
                ticket_text += " - %s: %s\n" % (k, v)

        tracker = rt.Rt(RT_URI, RT_USER, RT_PW)
        tracker.login()
        ticket_num = tracker.create_ticket(Queue='AccountRequest', Subject=subject_text, Text=ticket_text)
        tracker.logout()

        if ticket_num:
            request.rt_ticket_number = ticket_num
            request.save()

        #Add user to AD
        ldap_conn = LdapConnection()
        cn = str("%s %s" % (data_list['userinfo']['first_name'], data_list['userinfo']['last_name']))
        email = str(data_list['userinfo']['email'])
        phone = str(data_list['userinfo']['phone'])
        title = str(data_list['userinfo']['title'])
        department = str(data_list['userinfo']['department'])
        ldap_conn.add_user(cn, email, phone, title, department)
        pw = str(data_list['userinfo']['choose_password'])
        ldap_conn.set_password(cn, pw)
        #ldap_conn.enable_new_user(cn)
        ldap_conn.unbind()
        
        return render_to_response('formtools/wizard/done.html', {'data_list': data_list},)