def post(self, request, username_or_email):
"""Allows support staff to disable a user's account."""
user = get_user_model().objects.get(
Q(username=username_or_email) | Q(email=username_or_email))
comment = request.data.get("comment")
if user.has_usable_password():
user.set_unusable_password()
UserPasswordToggleHistory.objects.create(user=user,
comment=comment,
created_by=request.user,
disabled=True)
else:
user.set_password(generate_password(length=25))
UserPasswordToggleHistory.objects.create(user=user,
comment=comment,
created_by=request.user,
disabled=False)
user.save()
if user.has_usable_password():
password_status = _('Usable')
msg = _('User Enabled Successfully')
else:
password_status = _('Unusable')
msg = _('User Disabled Successfully')
return JsonResponse({'success_msg': msg, 'status': password_status})
def save(self, retirement):
"""
When the form is POSTed we double-check the retirment status
and perform the necessary steps to cancel the retirement
request.
"""
if retirement.current_state.state_name != 'PENDING':
self.add_error(
None,
# Translators: 'current_state' is a string from an enumerated list indicating the learner's retirement
# state. Example: FORUMS_COMPLETE
"Retirement requests can only be cancelled for users in the PENDING state."
" Current request state for '{original_username}': {current_state}"
.format(original_username=retirement.original_username,
current_state=retirement.current_state.state_name))
raise ValidationError('Retirement is in the wrong state!')
# Load the user record using the retired email address -and- change the email address back.
retirement.user.email = retirement.original_email
# Reset users password so they can request a password reset and log in again.
retirement.user.set_password(generate_password(length=25))
retirement.user.save()
# Delete the user retirement status record.
# No need to delete the accompanying "permanent" retirement request record - it gets done via Django signal.
retirement.delete()
def test_chars(self):
char = '!'
password = generate_password(length=12, chars=(char, ))
assert any((c.isdigit for c in password))
assert any((c.isalpha for c in password))
assert (char * 10) == password[2:]
def handle(self, *args, **options):
"""
Execute the command.
"""
email_address = options['email_address'].lower()
try:
# Load the user retirement status.
retirement_status = UserRetirementStatus.objects.select_related('current_state').select_related('user').get(
original_email=email_address
)
except UserRetirementStatus.DoesNotExist:
raise CommandError(u"No retirement request with email address '{}' exists.".format(email_address))
# Check if the user has started the retirement process -or- not.
if retirement_status.current_state.state_name != 'PENDING':
raise CommandError(
u"Retirement requests can only be cancelled for users in the PENDING state."
u" Current request state for '{}': {}".format(
email_address,
retirement_status.current_state.state_name
)
)
# Load the user record using the retired email address -and- change the email address back.
retirement_status.user.email = email_address
retirement_status.user.set_password(generate_password(length=25))
retirement_status.user.save()
# Delete the user retirement status record.
# No need to delete the accompanying "permanent" retirement request record - it gets done via Django signal.
retirement_status.delete()
print(u"Successfully cancelled retirement request for user with email address '{}'.".format(email_address))
def test_unusable_password(self):
"""
Ensure that a user's password is set to an unusable_password.
"""
user = User.objects.create(username=TEST_USERNAME, email=TEST_EMAIL)
assert [(TEST_USERNAME, TEST_EMAIL)] == [(u.username, u.email)
for u in User.objects.all()]
user.set_password(generate_password())
user.save()
# Run once without passing --unusable-password and make sure the password is usable
call_command('manage_user', TEST_USERNAME, TEST_EMAIL)
user = User.objects.get(username=TEST_USERNAME, email=TEST_EMAIL)
assert user.has_usable_password()
# Make sure the user now has an unusable_password
call_command('manage_user', TEST_USERNAME, TEST_EMAIL,
'--unusable-password')
user = User.objects.get(username=TEST_USERNAME, email=TEST_EMAIL)
assert not user.has_usable_password()
# check idempotency
call_command('manage_user', TEST_USERNAME, TEST_EMAIL,
'--unusable-password')
assert not user.has_usable_password()
def test_chars(self):
char = '!'
password = generate_password(length=12, chars=(char, ))
self.assertTrue(any(c.isdigit for c in password))
self.assertTrue(any(c.isalpha for c in password))
self.assertEqual(char * 10, password[2:])
def post(self, request, username_or_email):
"""Allows support staff to disable a user's account."""
user = get_user_model().objects.get(
Q(username=username_or_email) | Q(email=username_or_email))
if user.has_usable_password():
user.set_unusable_password()
else:
user.set_password(generate_password(length=25))
user.save()
if user.has_usable_password():
password_status = _('Usable')
msg = _('User Enabled Successfully')
else:
password_status = _('Unusable')
msg = _('User Disabled Successfully')
return JsonResponse({'success_msg': msg, 'status': password_status})
def post(self, request, **kwargs):
#logs.info('request-->%s', request.__dict__)
popular_topic_list = []
data = request.data
if 'HTTP_KEY' and 'HTTP_SECRET' in request.data:
popular_topic_list = []
#logs.info('key and secret parameter in header')
key = data.get('HTTP_KEY')
secret = data.get('HTTP_SECRET')
#logs.info('key, secret %s,%s',key,secret)
#from provider.oauth2.models import Client
from oauth2_provider.models import Application
cliet_obj = Application.objects.filter(client_id=key,
client_secret=secret)
if not cliet_obj:
popular_topic_dict = {}
popular_topic_dict["result"] = "Invalid Key and Secret"
popular_topic_list.append(popular_topic_dict)
return JsonResponse(popular_topic_list, status=200, safe=False)
else:
popular_topic_dict = {}
popular_topic_dict["result"] = "Invalid Key and Secret"
popular_topic_list.append(popular_topic_dict)
return JsonResponse(popular_topic_list, status=200, safe=False)
generated_password = generate_password()
if 'emailid' in request.data:
email = data.get("emailid", "")
name = data.get('name', "")
user_present = User.objects.filter(email=email)
if user_present:
user_present = user_present[0]
mandatory_fields = [
"username", "emailid", "password", "name", "phone",
"user_type", "specialization", "hcspecialization",
"pincode", "country", "state", "city",
"csrfmiddlewaretoken"
]
extradata = {}
vfields = request.data
for key in vfields:
if key not in mandatory_fields:
extradata[key] = vfields[key]
update_userprofile = UserProfile.objects.filter(
user=user_present).update(name=name)
user_data = extrafields.objects.get(user=user_present)
if len(user_data.user_extra_data) > 0:
if '{' in user_data.user_extra_data:
logs.info('before -----> %s',
user_data.user_extra_data)
data = user_data.user_extra_data.replace("\'", "\"")
logs.info('before1 -----> %s', data)
already_extradata = json.loads(data)
logs.info('before2 -----> %s', already_extradata)
all_extra_data = already_extradata.update(extradata)
logs.info('before3 -----> %s', already_extradata)
update_user_extradata = extrafields.objects.filter(
user_id=user_present).update(
user_extra_data=already_extradata)
else:
update_user_extradata = extrafields.objects.filter(
user_id=user_present).update(user_extra_data=extradata)
return Response(data={
'status': 200,
'sucess': 1,
'message': 'Registration successfully'
},
status=200)
else:
if request.method == 'POST':
mandatory_fields = [
"username", "emailid", "password", "name", "phone",
"user_type", "specialization", "hcspecialization",
"pincode", "country", "state", "city",
"csrfmiddlewaretoken"
]
extradata = {}
vfields = request.data
for key in vfields:
if key not in mandatory_fields:
extradata[key] = vfields[key]
email = data.get("emailid", "")
password = '******'
name = data.get('name', "")
phone = data.get('phone', "")
user_type = "dr"
pincode = data.get('pincode', "")
country = data.get('country', "")
state = data.get('state', "")
city = data.get('city', "")
is_active = True
username = email.split('@')
uname = username[0]
uname = uname.replace('.', '-')
try:
username_validation = User.objects.get(username=uname)
if username_validation:
date = datetime.datetime.now()
curr_time = date.strftime('%f')
username = uname + '_' + curr_time
except ObjectDoesNotExist:
username = uname
#logs.info(u'username--> %s', username)
form = AccountCreationForm(data={
'username': username,
'email': email,
'password': password,
'name': name,
},
tos_required=False)
restricted = settings.FEATURES.get(
'RESTRICT_AUTOMATIC_AUTH', True)
try:
user, profile, reg = do_create_account(form)
logs.info(u'user-----> %s,%s', user, profile)
except (AccountValidationError, ValidationError):
# if restricted:
# return HttpResponseForbidden(_('Account modification not allowed.'))
# Attempt to retrieve the existing user.
# user = User.objects.get(username=username)
# user.email = email
# user.set_password(password)
# user.is_active = is_active
# user.save()
# profile = UserProfile.objects.get(user=user)
# reg = Registration.objects.get(user=user)
# except PermissionDenied:
registration_log = third_party_user_registration_log(
email=email,
status=
'Account creation not allowed either the user is already registered or email-id not valid',
data=request.data)
registration_log.save()
# if is_active:
# reg.activate()
# reg.save()
# ensure parental consent threshold is met
year = datetime.date.today().year
age_limit = settings.PARENTAL_CONSENT_AGE_LIMIT
profile.year_of_birth = (year - age_limit) - 1
profile.save()
user_extrainfo = extrafields(phone=phone,
rcountry=country,
rstate=state,
rcity=city,
rpincode=pincode,
user_type=user_type,
user=user,
user_extra_data=extradata)
user_extrainfo.save()
#logs.info('extrainfo --> %s',user_extrainfo)
create_comments_service_user(user)
create_or_set_user_attribute_created_on_site(
user, request.site)
user_signup_source = UserSignupSource(
user=user, site='vkonnecthealth.koa.docmode.org')
user_signup_source.save()
registration_log = third_party_user_registration_log(
email=email, status='succesful', data=request.data)
registration_log.save()
home_ongoing_course_list = []
home_ongoing_course_dict = {}
home_ongoing_course_dict['response'] = "Success"
logs.info(u'user--> %s,%s,%s', user, profile, reg)
compose_and_send_activation_email(user, profile, reg)
return Response(data={
'status': 200,
'sucess': 1,
'message': 'Registration successfully'
},
status=200)
#return HttpResponse('Registration successfully')
else:
home_ongoing_course_list = []
home_ongoing_course_dict = {}
home_ongoing_course_dict['response'] = "Failed"
registration_log = third_party_user_registration_log(
email=email, status='failed', data=request.POST.dict())
registration_logs.save()
return Response(data={
'status': 400,
'message': 'Registration failed'
},
status=200)
else:
return Response(data={
'status': 400,
'message': 'Email id is not present'
},
status=200)
def auto_auth(request): # pylint: disable=too-many-statements
"""
Create or configure a user account, then log in as that user.
Enabled only when
settings.FEATURES['AUTOMATIC_AUTH_FOR_TESTING'] is true.
Accepts the following querystring parameters:
* `username`, `email`, and `password` for the user account
* `full_name` for the user profile (the user's full name; defaults to the username)
* `staff`: Set to "true" to make the user global staff.
* `course_id`: Enroll the student in the course with `course_id`
* `roles`: Comma-separated list of roles to grant the student in the course with `course_id`
* `no_login`: Define this to create the user but not login
* `redirect`: Set to "true" will redirect to the `redirect_to` value if set, or
course home page if course_id is defined, otherwise it will redirect to dashboard
* `redirect_to`: will redirect to to this url
* `is_active` : make/update account with status provided as 'is_active'
* `should_manually_verify`: Whether the created user should have their identification verified
If username, email, or password are not provided, use
randomly generated credentials.
"""
# Generate a unique name to use if none provided
generated_username = uuid.uuid4().hex[0:30]
generated_password = generate_password()
# Use the params from the request, otherwise use these defaults
username = request.GET.get('username', generated_username)
password = request.GET.get('password', generated_password)
email = request.GET.get('email', username + "@example.com")
full_name = request.GET.get('full_name', username)
is_staff = _str2bool(request.GET.get('staff', False))
is_superuser = _str2bool(request.GET.get('superuser', False))
course_id = request.GET.get('course_id')
redirect_to = request.GET.get('redirect_to')
is_active = _str2bool(request.GET.get('is_active', True))
# Valid modes: audit, credit, honor, no-id-professional, professional, verified
enrollment_mode = request.GET.get('enrollment_mode', 'honor')
# Whether to add a manual ID verification record for the user (can
# be helpful for bypassing certain gated features)
should_manually_verify = _str2bool(
request.GET.get('should_manually_verify', False))
# Parse roles, stripping whitespace, and filtering out empty strings
roles = _clean_roles(request.GET.get('roles', '').split(','))
course_access_roles = _clean_roles(
request.GET.get('course_access_roles', '').split(','))
redirect_when_done = _str2bool(request.GET.get('redirect',
'')) or redirect_to
login_when_done = 'no_login' not in request.GET
restricted = settings.FEATURES.get('RESTRICT_AUTOMATIC_AUTH', True)
if is_superuser and restricted:
return HttpResponseForbidden(_('Superuser creation not allowed'))
form = AccountCreationForm(data={
'username': username,
'email': email,
'password': password,
'name': full_name,
},
tos_required=False)
# Attempt to create the account.
# If successful, this will return a tuple containing
# the new user object.
try:
user, profile, reg = do_create_account(form)
except (AccountValidationError, ValidationError):
if restricted:
return HttpResponseForbidden(
_('Account modification not allowed.'))
# Attempt to retrieve the existing user.
user = User.objects.get(username=username)
user.email = email
user.set_password(password)
user.is_active = is_active
user.save()
profile = UserProfile.objects.get(user=user)
reg = Registration.objects.get(user=user)
except PermissionDenied:
return HttpResponseForbidden(_('Account creation not allowed.'))
user.is_staff = is_staff
user.is_superuser = is_superuser
user.save()
if is_active:
reg.activate()
reg.save()
if should_manually_verify:
ManualVerification.objects.get_or_create(user=user, status="approved")
# ensure parental consent threshold is met
year = datetime.date.today().year
age_limit = settings.PARENTAL_CONSENT_AGE_LIMIT
profile.year_of_birth = (year - age_limit) - 1
profile.save()
create_or_set_user_attribute_created_on_site(user, request.site)
# Enroll the user in a course
course_key = None
if course_id:
course_key = CourseLocator.from_string(course_id)
CourseEnrollment.enroll(user, course_key, mode=enrollment_mode)
# Apply the roles
for role in roles:
assign_role(course_key, user, role)
for role in course_access_roles:
CourseAccessRole.objects.update_or_create(user=user,
course_id=course_key,
org=course_key.org,
role=role)
# Log in as the user
if login_when_done:
user = authenticate_new_user(request, username, password)
django_login(request, user)
create_comments_service_user(user)
if redirect_when_done:
if redirect_to:
# Redirect to page specified by the client
redirect_url = redirect_to
elif course_id:
# Redirect to the course homepage (in LMS) or outline page (in Studio)
try:
redirect_url = reverse(course_home_url_name(course_key),
kwargs={'course_id': course_id})
except NoReverseMatch:
redirect_url = reverse('course_handler',
kwargs={'course_key_string': course_id})
else:
# Redirect to the learner dashboard (in LMS) or homepage (in Studio)
try:
redirect_url = reverse('dashboard')
except NoReverseMatch:
redirect_url = reverse('home')
return redirect(redirect_url)
else:
response = JsonResponse({
'created_status':
'Logged in' if login_when_done else 'Created',
'username':
username,
'email':
email,
'password':
password,
'user_id':
user.id,
'anonymous_id':
anonymous_id_for_user(user, None),
})
response.set_cookie('csrftoken', csrf(request)['csrf_token'])
return response
def test_default_args(self):
password = generate_password()
assert 12 == len(password)
assert any((c.isdigit for c in password))
assert any((c.isalpha for c in password))
def test_min_length(self):
with pytest.raises(ValueError):
generate_password(length=7)
def test_length(self):
length = 25
assert length == len(generate_password(length=length))
def test_default_args(self):
password = generate_password()
self.assertEqual(12, len(password))
self.assertTrue(any(c.isdigit for c in password))
self.assertTrue(any(c.isalpha for c in password))
def create_account_with_params(request, params):
"""
Given a request and a dict of parameters (which may or may not have come
from the request), create an account for the requesting user, including
creating a comments service user object and sending an activation email.
This also takes external/third-party auth into account, updates that as
necessary, and authenticates the user for the request's session.
Does not return anything.
Raises AccountValidationError if an account with the username or email
specified by params already exists, or ValidationError if any of the given
parameters is invalid for any other reason.
Issues with this code:
* It is non-transactional except where explicitly wrapped in atomic to
alleviate deadlocks and improve performance. This means failures at
different places in registration can leave users in inconsistent
states.
* Third-party auth passwords are not verified. There is a comment that
they are unused, but it would be helpful to have a sanity check that
they are sane.
* The user-facing text is rather unfriendly (e.g. "Username must be a
minimum of two characters long" rather than "Please use a username of
at least two characters").
* Duplicate email raises a ValidationError (rather than the expected
AccountValidationError). Duplicate username returns an inconsistent
user message (i.e. "An account with the Public Username '{username}'
already exists." rather than "It looks like {username} belongs to an
existing account. Try again with a different username.") The two checks
occur at different places in the code; as a result, registering with
both a duplicate username and email raises only a ValidationError for
email only.
"""
# Copy params so we can modify it; we can't just do dict(params) because if
# params is request.POST, that results in a dict containing lists of values
params = dict(list(params.items()))
# allow to define custom set of required/optional/hidden fields via configuration
extra_fields = configuration_helpers.get_value(
'REGISTRATION_EXTRA_FIELDS',
getattr(settings, 'REGISTRATION_EXTRA_FIELDS', {}))
if is_registration_api_v1(request):
if 'confirm_email' in extra_fields:
del extra_fields['confirm_email']
# registration via third party (Google, Facebook) using mobile application
# doesn't use social auth pipeline (no redirect uri(s) etc involved).
# In this case all related info (required for account linking)
# is sent in params.
# `third_party_auth_credentials_in_api` essentially means 'request
# is made from mobile application'
third_party_auth_credentials_in_api = 'provider' in params
is_third_party_auth_enabled = third_party_auth.is_enabled()
if is_third_party_auth_enabled and (pipeline.running(request) or
third_party_auth_credentials_in_api):
params["password"] = generate_password()
# in case user is registering via third party (Google, Facebook) and pipeline has expired, show appropriate
# error message
if is_third_party_auth_enabled and ('social_auth_provider' in params
and not pipeline.running(request)):
raise ValidationError({
'session_expired': [
_(u"Registration using {provider} has timed out.").format(
provider=params.get('social_auth_provider'))
]
})
extended_profile_fields = configuration_helpers.get_value(
'extended_profile_fields', [])
# Can't have terms of service for certain SHIB users, like at Stanford
registration_fields = getattr(settings, 'REGISTRATION_EXTRA_FIELDS', {})
tos_required = (registration_fields.get('terms_of_service') != 'hidden'
or registration_fields.get('honor_code') != 'hidden')
form = AccountCreationForm(
data=params,
extra_fields=extra_fields,
extended_profile_fields=extended_profile_fields,
do_third_party_auth=False,
tos_required=tos_required,
)
custom_form = get_registration_extension_form(data=params)
# Perform operations within a transaction that are critical to account creation
with outer_atomic(read_committed=True):
# first, create the account
(user, profile, registration) = do_create_account(form, custom_form)
third_party_provider, running_pipeline = _link_user_to_third_party_provider(
is_third_party_auth_enabled,
third_party_auth_credentials_in_api,
user,
request,
params,
)
new_user = authenticate_new_user(request, user.username,
form.cleaned_data['password'])
django_login(request, new_user)
request.session.set_expiry(0)
# Check if system is configured to skip activation email for the current user.
skip_email = _skip_activation_email(
user,
running_pipeline,
third_party_provider,
)
if skip_email:
registration.activate()
else:
compose_and_send_activation_email(user, profile, registration)
# Perform operations that are non-critical parts of account creation
create_or_set_user_attribute_created_on_site(user, request.site)
preferences_api.set_user_preference(user, LANGUAGE_KEY, get_language())
if settings.FEATURES.get('ENABLE_DISCUSSION_EMAIL_DIGEST'):
try:
enable_notifications(user)
except Exception: # pylint: disable=broad-except
log.exception(
u"Enable discussion notifications failed for user {id}.".
format(id=user.id))
_track_user_registration(user, profile, params, third_party_provider)
# Announce registration
REGISTER_USER.send(sender=None, user=user, registration=registration)
create_comments_service_user(user)
try:
_record_registration_attributions(request, new_user)
# Don't prevent a user from registering due to attribution errors.
except Exception: # pylint: disable=broad-except
log.exception('Error while attributing cookies to user registration.')
# TODO: there is no error checking here to see that the user actually logged in successfully,
# and is not yet an active user.
if new_user is not None:
AUDIT_LOG.info(u"Login success on new account creation - {0}".format(
new_user.username))
return new_user
def custom_registration_without_zerobounce(request):
generated_password = generate_password()
mandatory_fields = [
"username",
"emailid",
"password",
"name",
"phone",
"user_type",
"specialization",
"hcspecialization",
"pincode",
"country",
"state",
"city",
"csrfmiddlewaretoken",
]
extradata = {}
if request.is_ajax():
if request.method == "POST":
vfields = request.POST
for key in vfields:
if key not in mandatory_fields:
extradata[key] = vfields[key]
uname = request.POST.get("username", "")
email = request.POST.get("emailid", "")
password = request.POST.get("password", generated_password)
if "fname" and "lname" in request.POST:
fname = request.POST.get("fname", "")
lname = request.POST.get("lname", "")
full_name = fname + " " + lname
else:
full_name = request.POST.get("name", "")
phone = request.POST.get("phone", "")
user_type = "dr"
specialization = request.POST.get("specialization", "")
hcspecialization = request.POST.get("hcspecialization", "")
pincode = request.POST.get("pincode", "")
country = request.POST.get("country", "")
state = request.POST.get("state", "")
city = request.POST.get("city", "")
is_active = str2bool(request.POST.get("is_active", True))
try:
username_validation = User.objects.get(username=uname)
if username_validation:
date = datetime.datetime.now()
curr_time = date.strftime("%f")
username = uname + "_" + curr_time
except ObjectDoesNotExist:
username = uname
log.info("username--> %s", username)
form = AccountCreationForm(
data={
"username": username,
"email": email,
"password": password,
"name": full_name,
},
tos_required=False,
)
restricted = settings.FEATURES.get("RESTRICT_AUTOMATIC_AUTH", True)
try:
user, profile, reg = custom_do_create_account(form)
except (AccountValidationError, ValidationError):
# if restricted:
# return HttpResponseForbidden(_('Account modification not allowed.'))
# Attempt to retrieve the existing user.
# user = User.objects.get(username=username)
# user.email = email
# user.set_password(password)
# user.is_active = is_active
# user.save()
# profile = UserProfile.objects.get(user=user)
# reg = Registration.objects.get(user=user)
# except PermissionDenied:
return JsonResponse(
{
"status": "403",
"msg": "Account creation not allowed either the username is already taken.",
}
)
# ensure parental consent threshold is met
year = datetime.date.today().year
age_limit = settings.PARENTAL_CONSENT_AGE_LIMIT
profile.year_of_birth = (year - age_limit) - 1
profile.save()
user_extrainfo = extrafields(
phone=phone,
rcountry=country,
rstate=state,
rcity=city,
rpincode=pincode,
user_type=user_type,
specialization_id=specialization,
hcspecialization_id=hcspecialization,
user_extra_data=extradata,
user=user,
)
user_extrainfo.save()
new_user = authenticate_new_user(request, user.username, password)
django_login(request, new_user)
request.session.set_expiry(604800)
# log.info(u'details--> %s,%s,%s', user, profile,reg)
create_comments_service_user(user)
create_or_set_user_attribute_created_on_site(user, request.site)
if "viatris" in str(request.site):
log.info("newmail12%s", request.site)
viatris_send_activation_email(user, profile, reg, request.site)
else:
log.info("oldmail %s", request.site)
compose_and_send_activation_email(user, profile, reg)
messages.success(request, "Kol registration successful.")
response = JsonResponse(
{
"success": True,
"userid": user.id,
"mobile": phone,
"email": email,
"name": full_name,
"signupdate": datetime.date.today(),
"usertype": "dr",
"pincode": pincode,
"country": country,
"redirect_url": "https://mylan.learn.docmode.org/register?next=/oauth2/authorize/confirm",
}
)
return set_logged_in_cookies(request, response, new_user)
else:
messages.success(request, "Welcome to KOL registration page.")
context = {"errors": "welcome", "csrf": csrf(request)["csrf_token"]}
return render_to_response("associations/custom_registration.html", context)
def new_kol_registration(request):
generated_password = generate_password()
user = request.user
if user.is_staff:
if request.method == "POST":
username = request.POST.get("username", "")
email = request.POST.get("emailid", "")
password = request.POST.get("password", generated_password)
full_name = request.POST.get("name", "")
phone = request.POST.get("phone", "")
user_type = request.POST.get("user_type", "")
specialization = request.POST.get("specialization", "")
hcspecialization = request.POST.get("hcspecialization", "")
pincode = request.POST.get("pincode", "")
country = request.POST.get("country", "")
state = request.POST.get("state", "")
city = request.POST.get("city", "")
is_active = str2bool(request.POST.get("is_active", True))
form = AccountCreationForm(
data={
"username": username,
"email": email,
"password": password,
"name": full_name,
},
tos_required=False,
)
restricted = settings.FEATURES.get("RESTRICT_AUTOMATIC_AUTH", True)
try:
user, profile, reg = custom_do_create_account(form)
except (AccountValidationError, ValidationError):
# if restricted:
# return HttpResponseForbidden(_('Account modification not allowed.'))
# Attempt to retrieve the existing user.
# user = User.objects.get(username=username)
# user.email = email
# user.set_password(password)
# user.is_active = is_active
# user.save()
# profile = UserProfile.objects.get(user=user)
# reg = Registration.objects.get(user=user)
# except PermissionDenied:
return HttpResponseForbidden(
"Account creation not allowed either the user is already registered or email-id not valid."
)
if is_active:
reg.activate()
reg.save()
# ensure parental consent threshold is met
year = datetime.date.today().year
age_limit = settings.PARENTAL_CONSENT_AGE_LIMIT
profile.year_of_birth = (year - age_limit) - 1
profile.save()
user_extrainfo = extrafields(
phone=phone,
rcountry=country,
rstate=state,
rcity=city,
rpincode=pincode,
user_type=user_type,
specialization_id=specialization,
hcspecialization_id=hcspecialization,
user=user,
)
user_extrainfo.save()
create_comments_service_user(user)
create_or_set_user_attribute_created_on_site(user, request.site)
messages.success(request, "Kol registration successful.")
context = {"errors": "welcome", "csrf": csrf(request)["csrf_token"]}
return render_to_response("associations/new_kol_registration.html", context)
else:
messages.success(request, "Welcome to KOL registration page.")
context = {"errors": "welcome", "csrf": csrf(request)["csrf_token"]}
return render_to_response("associations/new_kol_registration.html", context)
def test_length(self):
length = 25
self.assertEqual(length, len(generate_password(length=length)))
def handle(self, username, email, is_remove, is_staff, is_superuser,
groups, unusable_password, initial_password_hash, *args,
**options):
if is_remove:
return self._handle_remove(username, email)
old_groups, new_groups = set(), set()
user, created = get_user_model().objects.get_or_create(
username=username, defaults={'email': email})
if created:
if initial_password_hash:
if not is_password_usable(initial_password_hash):
raise CommandError(
'The password hash provided for user {} is invalid.'.
format(username))
user.password = initial_password_hash
else:
# Set the password to a random, unknown, but usable password
# allowing self-service password resetting. Cases where unusable
# passwords are required, should be explicit, and will be handled below.
user.set_password(generate_password(length=25))
self.stderr.write(_('Created new user: "******"').format(user))
else:
# NOTE, we will not update the email address of an existing user.
self.stderr.write(_('Found existing user: "******"').format(user))
self._check_email_match(user, email)
old_groups = set(user.groups.all())
self._maybe_update(user, 'is_staff', is_staff)
self._maybe_update(user, 'is_superuser', is_superuser)
# Set unusable password if specified
if unusable_password and user.has_usable_password():
self.stderr.write(
_('Setting unusable password for user "{}"').format(user))
user.set_unusable_password()
# Ensure the user has a profile
try:
__ = user.profile
except UserProfile.DoesNotExist:
UserProfile.objects.create(user=user)
self.stderr.write(
_('Created new profile for user: "******"').format(user))
# resolve the specified groups
for group_name in groups or set():
try:
group = Group.objects.get(name=group_name) # pylint: disable=no-member
new_groups.add(group)
except Group.DoesNotExist:
# warn, but move on.
self.stderr.write(
_('Could not find a group named "{}" - skipping.').format(
group_name))
add_groups = new_groups - old_groups
remove_groups = old_groups - new_groups
self.stderr.write(
_('Adding user "{username}" to groups {group_names}').format(
username=user.username,
group_names=[g.name for g in add_groups]))
self.stderr.write(
_('Removing user "{username}" from groups {group_names}').format(
username=user.username,
group_names=[g.name for g in remove_groups]))
user.groups.set(new_groups)
user.save()
def test_min_length(self):
with self.assertRaises(ValueError):
generate_password(length=7)