Example #1
0
 def test_are_datetimes_close(self):
     initial_time = datetime.datetime(2016, 12, 1, 0, 0, 0)
     with self.swap(feconf, 'PROXIMAL_TIMEDELTA_SECS', 2):
         self.assertTrue(
             utils.are_datetimes_close(
                 datetime.datetime(2016, 12, 1, 0, 0, 1), initial_time))
         self.assertFalse(
             utils.are_datetimes_close(
                 datetime.datetime(2016, 12, 1, 0, 0, 3), initial_time))
Example #2
0
 def test_are_datetimes_close(self):
     initial_time = datetime.datetime(2016, 12, 1, 0, 0, 0)
     with self.swap(feconf, 'PROXIMAL_TIMEDELTA_SECS', 2):
         self.assertTrue(utils.are_datetimes_close(
             datetime.datetime(2016, 12, 1, 0, 0, 1),
             initial_time))
         self.assertFalse(utils.are_datetimes_close(
             datetime.datetime(2016, 12, 1, 0, 0, 3),
             initial_time))
Example #3
0
    def __init__(self, request, response):  # pylint: disable=super-init-not-called
        # Set self.request, self.response and self.app.
        self.initialize(request, response)

        self.start_time = datetime.datetime.utcnow()

        # Initializes the return dict for the handlers.
        self.values = {}

        self.user = current_user_services.get_current_user()
        self.user_id = current_user_services.get_user_id(
            self.user) if self.user else None
        self.username = None
        self.has_seen_editor_tutorial = False
        self.partially_logged_in = False
        self.values['profile_picture_data_url'] = None
        self.preferred_site_language_code = None

        if self.user_id:
            email = current_user_services.get_user_email(self.user)
            user_settings = user_services.get_or_create_user(
                self.user_id, email)
            self.values['user_email'] = user_settings.email

            if (self.REDIRECT_UNFINISHED_SIGNUPS
                    and not user_services.has_fully_registered(self.user_id)):
                _clear_login_cookies(self.response.headers)
                self.partially_logged_in = True
                self.user_id = None
            else:
                self.username = user_settings.username
                self.preferred_site_language_code = (
                    user_settings.preferred_site_language_code)
                self.values['username'] = self.username
                self.values['profile_picture_data_url'] = (
                    user_settings.profile_picture_data_url)
                if user_settings.last_started_state_editor_tutorial:
                    self.has_seen_editor_tutorial = True
                # In order to avoid too many datastore writes, we do not bother
                # recording a log-in if the current time is sufficiently close
                # to the last log-in time.
                if (user_settings.last_logged_in is None
                        or not utils.are_datetimes_close(
                            datetime.datetime.utcnow(),
                            user_settings.last_logged_in)):
                    user_services.record_user_logged_in(self.user_id)

        self.is_moderator = rights_manager.Actor(self.user_id).is_moderator()
        self.is_admin = rights_manager.Actor(self.user_id).is_admin()
        self.is_super_admin = (
            current_user_services.is_current_user_super_admin())

        self.values['is_moderator'] = self.is_moderator
        self.values['is_admin'] = self.is_admin
        self.values['is_super_admin'] = self.is_super_admin

        if self.request.get('payload'):
            self.payload = json.loads(self.request.get('payload'))
        else:
            self.payload = None
Example #4
0
    def __init__(self, request, response):  # pylint: disable=super-init-not-called
        # Set self.request, self.response and self.app.
        self.initialize(request, response)

        self.start_time = datetime.datetime.utcnow()

        # Initializes the return dict for the handlers.
        self.values = {}

        self.gae_id = current_user_services.get_current_gae_id()
        self.user_id = None
        self.username = None
        self.partially_logged_in = False

        if self.gae_id:
            user_settings = user_services.get_user_settings_by_gae_id(
                self.gae_id, strict=False)
            if user_settings is None:
                email = current_user_services.get_current_user_email()
                user_settings = user_services.create_new_user(
                    self.gae_id, email)
            self.values['user_email'] = user_settings.email
            self.user_id = user_settings.user_id

            if (self.REDIRECT_UNFINISHED_SIGNUPS
                    and not user_services.has_fully_registered(
                        user_settings.user_id)):
                _clear_login_cookies(self.response.headers)
                self.partially_logged_in = True
            else:
                self.username = user_settings.username
                self.values['username'] = self.username
                # In order to avoid too many datastore writes, we do not bother
                # recording a log-in if the current time is sufficiently close
                # to the last log-in time.
                if (user_settings.last_logged_in is None
                        or not utils.are_datetimes_close(
                            datetime.datetime.utcnow(),
                            user_settings.last_logged_in)):
                    user_services.record_user_logged_in(self.user_id)

        self.role = (feconf.ROLE_ID_GUEST
                     if self.user_id is None else user_settings.role)
        self.user = user_services.UserActionsInfo(self.user_id)

        self.is_super_admin = (
            current_user_services.is_current_user_super_admin())

        self.values['iframed'] = False
        self.values['is_moderator'] = user_services.is_at_least_moderator(
            self.user_id)
        self.values['is_admin'] = user_services.is_admin(self.user_id)
        self.values['is_topic_manager'] = (user_services.is_topic_manager(
            self.user_id))
        self.values['is_super_admin'] = self.is_super_admin

        if self.request.get('payload'):
            self.payload = json.loads(self.request.get('payload'))
        else:
            self.payload = None
Example #5
0
    def __init__(self, request, response):  # pylint: disable=super-init-not-called
        # Set self.request, self.response and self.app.
        self.initialize(request, response)

        self.start_time = datetime.datetime.utcnow()

        # Initializes the return dict for the handlers.
        self.values = {}

        self.user = current_user_services.get_current_user()
        self.user_id = current_user_services.get_user_id(
            self.user) if self.user else None
        self.username = None
        self.has_seen_editor_tutorial = False
        self.partially_logged_in = False
        self.values['profile_picture_data_url'] = None
        self.preferred_site_language_code = None

        if self.user_id:
            email = current_user_services.get_user_email(self.user)
            user_settings = user_services.get_or_create_user(
                self.user_id, email)
            self.values['user_email'] = user_settings.email

            if (self.REDIRECT_UNFINISHED_SIGNUPS and not
                    user_services.has_fully_registered(self.user_id)):
                _clear_login_cookies(self.response.headers)
                self.partially_logged_in = True
                self.user_id = None
            else:
                self.username = user_settings.username
                self.preferred_site_language_code = (
                    user_settings.preferred_site_language_code)
                self.values['username'] = self.username
                self.values['profile_picture_data_url'] = (
                    user_settings.profile_picture_data_url)
                if user_settings.last_started_state_editor_tutorial:
                    self.has_seen_editor_tutorial = True
                # In order to avoid too many datastore writes, we do not bother
                # recording a log-in if the current time is sufficiently close
                # to the last log-in time.
                if (user_settings.last_logged_in is None or
                        not utils.are_datetimes_close(
                            datetime.datetime.utcnow(),
                            user_settings.last_logged_in)):
                    user_services.record_user_logged_in(self.user_id)

        self.is_moderator = rights_manager.Actor(self.user_id).is_moderator()
        self.is_admin = rights_manager.Actor(self.user_id).is_admin()
        self.is_super_admin = (
            current_user_services.is_current_user_super_admin())

        self.values['is_moderator'] = self.is_moderator
        self.values['is_admin'] = self.is_admin
        self.values['is_super_admin'] = self.is_super_admin

        if self.request.get('payload'):
            self.payload = json.loads(self.request.get('payload'))
        else:
            self.payload = None
Example #6
0
    def __init__(self, request, response):  # pylint: disable=super-init-not-called
        # Set self.request, self.response and self.app.
        self.initialize(request, response)

        self.start_time = datetime.datetime.utcnow()

        # Initializes the return dict for the handlers.
        self.values = {}

        # TODO(#13155): Remove the if-else part once all the handlers have had
        # schema validation implemented.
        if self.request.get('payload'):
            self.payload = json.loads(self.request.get('payload'))
        else:
            self.payload = None
        self.iframed = False

        self.user_id = None
        self.username = None
        self.email = None
        self.partially_logged_in = False
        self.user_is_scheduled_for_deletion = False
        self.current_user_is_super_admin = False
        self.normalized_request = None
        self.normalized_payload = None

        try:
            auth_claims = auth_services.get_auth_claims_from_request(request)
        except auth_domain.StaleAuthSessionError:
            auth_services.destroy_auth_session(self.response)
            self.redirect(user_services.create_login_url(self.request.uri))
            return
        except auth_domain.InvalidAuthSessionError:
            logging.exception('User session is invalid!')
            auth_services.destroy_auth_session(self.response)
            self.redirect(user_services.create_login_url(self.request.uri))
            return
        else:
            self.current_user_is_super_admin = (
                auth_claims is not None and auth_claims.role_is_super_admin)

        if auth_claims:
            auth_id = auth_claims.auth_id
            user_settings = user_services.get_user_settings_by_auth_id(auth_id)
            if user_settings is None:
                # If the user settings are not yet created and the request leads
                # to signup page create a new user settings. Otherwise logout
                # the not-fully registered user.
                email = auth_claims.email
                if 'signup?' in self.request.uri:
                    user_settings = (
                        user_services.create_new_user(auth_id, email))
                else:
                    logging.exception(
                        'Cannot find user %s with email %s on page %s' % (
                            auth_id, email, self.request.uri))
                    auth_services.destroy_auth_session(self.response)
                    return

            self.email = user_settings.email
            self.values['user_email'] = user_settings.email
            self.user_id = user_settings.user_id

            if user_settings.deleted:
                self.user_is_scheduled_for_deletion = user_settings.deleted
            elif (self.REDIRECT_UNFINISHED_SIGNUPS and
                  not user_services.has_fully_registered_account(self.user_id)):
                self.partially_logged_in = True
            else:
                self.username = user_settings.username
                self.values['username'] = self.username
                # In order to avoid too many datastore writes, we do not bother
                # recording a log-in if the current time is sufficiently close
                # to the last log-in time.
                if (user_settings.last_logged_in is None or
                        not utils.are_datetimes_close(
                            datetime.datetime.utcnow(),
                            user_settings.last_logged_in)):
                    user_services.record_user_logged_in(self.user_id)

        self.roles = (
            [feconf.ROLE_ID_GUEST]
            if self.user_id is None else user_settings.roles)
        self.user = user_services.get_user_actions_info(self.user_id)

        if not self._is_requested_path_currently_accessible_to_user():
            auth_services.destroy_auth_session(self.response)
            return

        self.values['is_super_admin'] = self.current_user_is_super_admin
Example #7
0
    def __init__(self, request, response):  # pylint: disable=super-init-not-called
        # Set self.request, self.response and self.app.
        self.initialize(request, response)

        self.start_time = datetime.datetime.utcnow()

        # Initializes the return dict for the handlers.
        self.values = {}

        if self.request.get('payload'):
            self.payload = json.loads(self.request.get('payload'))
        else:
            self.payload = None
        self.iframed = False

        auth_claims = auth_services.get_auth_claims_from_request(request)
        self.current_user_is_super_admin = (auth_claims is not None and
                                            auth_claims.role_is_super_admin)

        if (feconf.ENABLE_MAINTENANCE_MODE
                and not self.current_user_is_super_admin):
            return

        self.user_id = None
        self.username = None
        self.partially_logged_in = False
        self.user_is_scheduled_for_deletion = False

        if auth_claims:
            auth_id = auth_claims.auth_id
            user_settings = user_services.get_user_settings_by_auth_id(auth_id)
            if user_settings is None:
                # If the user settings are not yet created and the request leads
                # to signup page create a new user settings. Otherwise logout
                # the not-fully registered user.
                email = auth_claims.email
                if 'signup?' in self.request.uri:
                    user_settings = (user_services.create_new_user(
                        auth_id, email))
                else:
                    logging.error(
                        'Cannot find user %s with email %s on page %s' %
                        (auth_id, email, self.request.uri))
                    auth_services.destroy_auth_session(self.response)
                    return

            self.values['user_email'] = user_settings.email
            self.user_id = user_settings.user_id

            if user_settings.deleted:
                self.user_is_scheduled_for_deletion = user_settings.deleted
            elif (self.REDIRECT_UNFINISHED_SIGNUPS
                  and not user_services.has_fully_registered_account(
                      self.user_id)):
                self.partially_logged_in = True
            else:
                self.username = user_settings.username
                self.values['username'] = self.username
                # In order to avoid too many datastore writes, we do not bother
                # recording a log-in if the current time is sufficiently close
                # to the last log-in time.
                if (user_settings.last_logged_in is None
                        or not utils.are_datetimes_close(
                            datetime.datetime.utcnow(),
                            user_settings.last_logged_in)):
                    user_services.record_user_logged_in(self.user_id)

        self.role = (feconf.ROLE_ID_GUEST
                     if self.user_id is None else user_settings.role)
        self.user = user_services.get_user_actions_info(self.user_id)

        self.values['is_moderator'] = (user_services.is_at_least_moderator(
            self.user_id))
        self.values['is_admin'] = user_services.is_admin(self.user_id)
        self.values['is_topic_manager'] = (user_services.is_topic_manager(
            self.user_id))
        self.values['is_super_admin'] = self.current_user_is_super_admin
Example #8
0
    def __init__(self, request, response):  # pylint: disable=super-init-not-called
        # Set self.request, self.response and self.app.
        self.initialize(request, response)

        self.start_time = datetime.datetime.utcnow()

        # Initializes the return dict for the handlers.
        self.values = {}

        if self.request.get('payload'):
            self.payload = json.loads(self.request.get('payload'))
        else:
            self.payload = None
        self.iframed = False

        self.is_super_admin = user_services.is_current_user_super_admin()
        if feconf.ENABLE_MAINTENANCE_MODE and not self.is_super_admin:
            return

        self.gae_id = user_services.get_current_gae_id()
        self.user_id = None
        self.username = None
        self.partially_logged_in = False
        self.user_is_scheduled_for_deletion = False

        # TODO(#11462): This part should be moved to the service layer when we
        # migrate to Firebase.
        if self.gae_id:
            user_settings = user_services.get_user_settings_by_gae_id(
                self.gae_id, strict=False)
            if user_settings is None:
                # If the user settings are not yet created and the request leads
                # to signup page create a new user settings. Otherwise logout
                # the not-fully registered user.
                email = user_services.get_current_user_email()
                if 'signup?' in self.request.uri:
                    user_settings = user_services.create_new_user(
                        self.gae_id, email)
                else:
                    logging.error(
                        'Cannot find user %s with email %s on page %s' %
                        (self.gae_id, email, self.request.uri))
                    _clear_login_cookies(self.response.headers)
                    return

            self.values['user_email'] = user_settings.email
            self.user_id = user_settings.user_id

            if user_settings.deleted:
                self.user_is_scheduled_for_deletion = user_settings.deleted
            elif (self.REDIRECT_UNFINISHED_SIGNUPS
                  and not user_services.has_fully_registered_account(
                      user_settings.user_id)):
                self.partially_logged_in = True
            else:
                self.username = user_settings.username
                self.values['username'] = self.username
                # In order to avoid too many datastore writes, we do not bother
                # recording a log-in if the current time is sufficiently close
                # to the last log-in time.
                if (user_settings.last_logged_in is None
                        or not utils.are_datetimes_close(
                            datetime.datetime.utcnow(),
                            user_settings.last_logged_in)):
                    user_services.record_user_logged_in(self.user_id)

        self.role = (feconf.ROLE_ID_GUEST
                     if self.user_id is None else user_settings.role)
        self.user = user_services.UserActionsInfo(self.user_id)

        self.values['is_moderator'] = user_services.is_at_least_moderator(
            self.user_id)
        self.values['is_admin'] = user_services.is_admin(self.user_id)
        self.values['is_topic_manager'] = (user_services.is_topic_manager(
            self.user_id))
        self.values['is_super_admin'] = self.is_super_admin