def clean_email(self): # type: () -> str """Returns the email if and only if the user's email address is allowed to join the realm they are trying to join.""" data = self.cleaned_data['email'] # If the server has a unique open realm, pass if get_unique_open_realm(): return data # If a realm is specified and that realm is open, pass if completely_open(self.domain): return data # If no realm is specified, fail realm = get_valid_realm(data) if realm is None: raise ValidationError(mark_safe(SIGNUP_STRING)) # If it's a clear realm not used for Zephyr mirroring, pass if not realm.is_zephyr_mirror_realm: return data # At this point, the user is trying to join a Zephyr mirroring # realm. We confirm that they are a real account (not a # mailing list), and if so, let them in. if not_mit_mailing_list(data): return data # Otherwise, the user is an MIT mailing list, and we return failure raise ValidationError(mark_safe(SIGNUP_STRING))
def clean_email(self): # type: () -> str """Returns the email if and only if the user's email address is allowed to join the realm they are trying to join.""" email = self.cleaned_data['email'] if get_unique_open_realm(): return email # Otherwise, the user is trying to join a specific realm. realm = self.realm if realm is None and not settings.REALMS_HAVE_SUBDOMAINS: realm = get_realm_by_email_domain(email) if realm is None: if settings.REALMS_HAVE_SUBDOMAINS: raise ValidationError(_("The organization you are trying to join does not exist.")) else: raise ValidationError(_("Your email address does not correspond to any existing organization.")) if realm.invite_required: raise ValidationError(_("Please request an invite from the organization administrator.")) if not email_allowed_for_realm(email, realm): raise ValidationError( _("The organization you are trying to join, %(string_id)s, only allows users with e-mail " "addresses within the organization. Please try a different e-mail address." % {'string_id': realm.string_id})) if realm.is_zephyr_mirror_realm: email_is_not_mit_mailing_list(email) return email
def clean_email(self): data = self.cleaned_data['email'] if (get_unique_open_realm() or completely_open(self.domain) or (has_valid_realm(data) and not_mit_mailing_list(data))): return data raise ValidationError(mark_safe(SIGNUP_STRING))
def clean_email(self): # type: () -> str """Returns the email if and only if the user's email address is allowed to join the realm they are trying to join.""" email = self.cleaned_data['email'] if get_unique_open_realm(): return email # Otherwise, the user is trying to join a specific realm. realm = None if self.string_id: realm = get_realm_by_string_id(self.string_id) elif not settings.REALMS_HAVE_SUBDOMAINS: realm = get_realm_by_email_domain(email) if realm is None: if settings.REALMS_HAVE_SUBDOMAINS: raise ValidationError(_("The organization you are trying to join does not exist.")) else: raise ValidationError(_("Your email address does not correspond to any existing organization.")) if realm.invite_required: raise ValidationError(_("Please request an invite from the organization administrator.")) if not email_allowed_for_realm(email, realm): raise ValidationError( _("The organization you are trying to join, %(string_id)s, only allows users with e-mail " "addresses within the organization. Please try a different e-mail address." % {'string_id': realm.string_id})) if realm.is_zephyr_mirror_realm: email_is_not_mit_mailing_list(email) return email
def clean_email(self): # type: () -> str data = self.cleaned_data['email'] if (get_unique_open_realm() or completely_open(self.domain) or (has_valid_realm(data) and not_mit_mailing_list(data))): return data raise ValidationError(mark_safe(SIGNUP_STRING))
def clean_email(self): # type: () -> str """Returns the email if and only if the user's email address is allowed to join the realm they are trying to join.""" email = self.cleaned_data['email'] # If the server has a unique open realm, pass if get_unique_open_realm(): return email # If a realm is specified and that realm is open, pass if completely_open(self.domain): return email # If the subdomain encodes a complete open realm, pass subdomain_realm = get_realm_by_string_id(self.subdomain) if (subdomain_realm is not None and completely_open(subdomain_realm.domain)): return email # If no realm is specified, fail realm = get_valid_realm(email) if realm is None: raise ValidationError(mark_safe(SIGNUP_STRING)) if realm.is_zephyr_mirror_realm: email_is_not_mit_mailing_list(email) return email
def add_settings(request): # type: (HttpRequest) -> Dict[str, Any] if hasattr(request, "user") and hasattr(request.user, "realm"): realm = request.user.realm elif settings.REALMS_HAVE_SUBDOMAINS: subdomain = get_subdomain(request) realm = get_realm(subdomain) else: # This will return None if there is no unique, open realm. realm = get_unique_open_realm() if realm is not None: realm_uri = realm.uri realm_name = realm.name realm_icon = get_realm_icon_url(realm) realm_description = realm.description or "The coolest place in the universe." else: realm_uri = settings.SERVER_URI realm_name = None realm_icon = None realm_description = None return { 'realms_have_subdomains': settings.REALMS_HAVE_SUBDOMAINS, 'custom_logo_url': settings.CUSTOM_LOGO_URL, 'register_link_disabled': settings.REGISTER_LINK_DISABLED, 'login_link_disabled': settings.LOGIN_LINK_DISABLED, 'about_link_disabled': settings.ABOUT_LINK_DISABLED, 'show_oss_announcement': settings.SHOW_OSS_ANNOUNCEMENT, 'zulip_admin': settings.ZULIP_ADMINISTRATOR, 'terms_of_service': settings.TERMS_OF_SERVICE, 'privacy_policy': settings.PRIVACY_POLICY, 'login_url': settings.HOME_NOT_LOGGED_IN, 'only_sso': settings.ONLY_SSO, 'external_api_path': settings.EXTERNAL_API_PATH, 'external_api_uri': settings.EXTERNAL_API_URI, 'external_host': settings.EXTERNAL_HOST, 'external_uri_scheme': settings.EXTERNAL_URI_SCHEME, 'realm_uri': realm_uri, 'realm_name': realm_name, 'realm_icon': realm_icon, 'realm_description': realm_description, 'server_uri': settings.SERVER_URI, 'api_site_required': settings.EXTERNAL_API_PATH != "api.zulip.com", 'email_integration_enabled': settings.EMAIL_GATEWAY_BOT != "", 'email_gateway_example': settings.EMAIL_GATEWAY_EXAMPLE, 'open_realm_creation': settings.OPEN_REALM_CREATION, 'password_auth_enabled': password_auth_enabled(realm), 'dev_auth_enabled': dev_auth_enabled(realm), 'google_auth_enabled': google_auth_enabled(realm), 'github_auth_enabled': github_auth_enabled(realm), 'any_oauth_backend_enabled': any_oauth_backend_enabled(realm), 'development_environment': settings.DEVELOPMENT, 'support_email': settings.ZULIP_ADMINISTRATOR, 'find_team_link_disabled': settings.FIND_TEAM_LINK_DISABLED, 'password_min_length': settings.PASSWORD_MIN_LENGTH, 'password_min_quality': settings.PASSWORD_MIN_ZXCVBN_QUALITY, 'zulip_version': ZULIP_VERSION, }
def get_realm_from_request(request): # type: (HttpRequest) -> Optional[Realm] if hasattr(request, "user") and hasattr(request.user, "realm"): return request.user.realm elif settings.REALMS_HAVE_SUBDOMAINS: subdomain = get_subdomain(request) return get_realm(subdomain) # This will return None if there is no unique, open realm. return get_unique_open_realm()
def clean_email(self): # type: () -> str """Returns the email if and only if the user's email address is allowed to join the realm they are trying to join.""" email = self.cleaned_data['email'] if get_unique_open_realm(): return email # Otherwise, the user is trying to join a specific realm. realm = self.realm from_multiuse_invite = self.from_multiuse_invite if realm is None and not settings.REALMS_HAVE_SUBDOMAINS: realm = get_realm_by_email_domain(email) if realm is None: if settings.REALMS_HAVE_SUBDOMAINS: raise ValidationError( _("The organization you are trying to " "join using {email} does not " "exist.").format(email=email)) else: raise ValidationError( _("Your email address, {email}, does not " "correspond to any existing " "organization.").format(email=email)) if not from_multiuse_invite and realm.invite_required: raise ValidationError( _("Please request an invite for {email} " "from the organization " "administrator.").format(email=email)) if not email_allowed_for_realm(email, realm): raise ValidationError( _("Your email address, {email}, is not in one of the domains " "that are allowed to register for accounts in this organization." ).format(string_id=realm.string_id, email=email)) validate_email_for_realm(realm, email) if realm.is_zephyr_mirror_realm: email_is_not_mit_mailing_list(email) return email
def clean_email(self): # type: () -> str """Returns the email if and only if the user's email address is allowed to join the realm they are trying to join.""" email = self.cleaned_data['email'] if get_unique_open_realm(): return email # Otherwise, the user is trying to join a specific realm. realm = self.realm if realm is None and not settings.REALMS_HAVE_SUBDOMAINS: realm = get_realm_by_email_domain(email) if realm is None: if settings.REALMS_HAVE_SUBDOMAINS: raise ValidationError(_("The organization you are trying to " "join using {email} does not " "exist.").format(email=email)) else: raise ValidationError(_("Your email address, {email}, does not " "correspond to any existing " "organization.").format(email=email)) if realm.invite_required: raise ValidationError(_("Please request an invite for {email} " "from the organization " "administrator.").format(email=email)) if not email_allowed_for_realm(email, realm): raise ValidationError( _("Your email address, {email}, is not in one of the domains " "that are allowed to register for accounts in this organization.").format( string_id=realm.string_id, email=email)) if realm.is_zephyr_mirror_realm: email_is_not_mit_mailing_list(email) return email
def accounts_register(request): # type: (HttpRequest) -> HttpResponse key = request.POST['key'] confirmation = Confirmation.objects.get(confirmation_key=key) prereg_user = confirmation.content_object email = prereg_user.email realm_creation = prereg_user.realm_creation try: existing_user_profile = get_user_profile_by_email(email) except UserProfile.DoesNotExist: existing_user_profile = None validators.validate_email(email) # If OPEN_REALM_CREATION is enabled all user sign ups should go through the # special URL with domain name so that REALM can be identified if multiple realms exist unique_open_realm = get_unique_open_realm() if unique_open_realm is not None: realm = unique_open_realm domain = realm.domain elif prereg_user.referred_by: # If someone invited you, you are joining their realm regardless # of your e-mail address. realm = prereg_user.referred_by.realm domain = realm.domain if not email_allowed_for_realm(email, realm): return render_to_response("zerver/closed_realm.html", {"closed_domain_name": realm.name}) elif prereg_user.realm: # You have a realm set, even though nobody referred you. This # happens if you sign up through a special URL for an open # realm. domain = prereg_user.realm.domain realm = get_realm(domain) else: domain = resolve_email_to_domain(email) realm = get_realm(domain) if realm and realm.deactivated: # The user is trying to register for a deactivated realm. Advise them to # contact support. return render_to_response("zerver/deactivated.html", {"deactivated_domain_name": realm.name, "zulip_administrator": settings.ZULIP_ADMINISTRATOR}) try: if existing_user_profile is not None and existing_user_profile.is_mirror_dummy: # Mirror dummy users to be activated must be inactive is_inactive(email) else: # Other users should not already exist at all. user_email_is_unique(email) except ValidationError: return HttpResponseRedirect(reverse('django.contrib.auth.views.login') + '?email=' + urllib.parse.quote_plus(email)) name_validated = False full_name = None if request.POST.get('from_confirmation'): try: del request.session['authenticated_full_name'] except KeyError: pass if realm is not None and realm.is_zephyr_mirror_realm and domain == "mit.edu": # for MIT users, we can get an authoritative name from Hesiod hesiod_name = compute_mit_user_fullname(email) form = RegistrationForm( initial={'full_name': hesiod_name if "@" not in hesiod_name else ""}) name_validated = True elif settings.POPULATE_PROFILE_VIA_LDAP: for backend in get_backends(): if isinstance(backend, LDAPBackend): ldap_attrs = _LDAPUser(backend, backend.django_to_ldap_username(email)).attrs try: ldap_full_name = ldap_attrs[settings.AUTH_LDAP_USER_ATTR_MAP['full_name']][0] request.session['authenticated_full_name'] = ldap_full_name name_validated = True # We don't use initial= here, because if the form is # complete (that is, no additional fields need to be # filled out by the user) we want the form to validate, # so they can be directly registered without having to # go through this interstitial. form = RegistrationForm({'full_name': ldap_full_name}) # FIXME: This will result in the user getting # validation errors if they have to enter a password. # Not relevant for ONLY_SSO, though. break except TypeError: # Let the user fill out a name and/or try another backend form = RegistrationForm() elif 'full_name' in request.POST: form = RegistrationForm( initial={'full_name': request.POST.get('full_name')} ) else: form = RegistrationForm() else: postdata = request.POST.copy() if name_changes_disabled(realm): # If we populate profile information via LDAP and we have a # verified name from you on file, use that. Otherwise, fall # back to the full name in the request. try: postdata.update({'full_name': request.session['authenticated_full_name']}) name_validated = True except KeyError: pass form = RegistrationForm(postdata) if not password_auth_enabled(realm): form['password'].field.required = False if form.is_valid(): if password_auth_enabled(realm): password = form.cleaned_data['password'] else: # SSO users don't need no passwords password = None if realm_creation: string_id = form.cleaned_data['realm_subdomain'] realm_name = form.cleaned_data['realm_name'] org_type = int(form.cleaned_data['realm_org_type']) domain = split_email_to_domain(email) realm = do_create_realm(string_id, realm_name, org_type=org_type, domain=domain)[0] set_default_streams(realm, settings.DEFAULT_NEW_REALM_STREAMS) full_name = form.cleaned_data['full_name'] short_name = email_to_username(email) first_in_realm = len(UserProfile.objects.filter(realm=realm, is_bot=False)) == 0 # FIXME: sanitize email addresses and fullname if existing_user_profile is not None and existing_user_profile.is_mirror_dummy: try: user_profile = existing_user_profile do_activate_user(user_profile) do_change_password(user_profile, password) do_change_full_name(user_profile, full_name) except UserProfile.DoesNotExist: user_profile = do_create_user(email, password, realm, full_name, short_name, prereg_user=prereg_user, tos_version=settings.TOS_VERSION, newsletter_data={"IP": request.META['REMOTE_ADDR']}) else: user_profile = do_create_user(email, password, realm, full_name, short_name, prereg_user=prereg_user, tos_version=settings.TOS_VERSION, newsletter_data={"IP": request.META['REMOTE_ADDR']}) if first_in_realm: do_change_is_admin(user_profile, True) if realm_creation and settings.REALMS_HAVE_SUBDOMAINS: # Because for realm creation, registration happens on the # root domain, we need to log them into the subdomain for # their new realm. return redirect_and_log_into_subdomain(realm, full_name, email) # This dummy_backend check below confirms the user is # authenticating to the correct subdomain. return_data = {} # type: Dict[str, bool] auth_result = authenticate(username=user_profile.email, realm_subdomain=realm.subdomain, return_data=return_data, use_dummy_backend=True) if return_data.get('invalid_subdomain'): # By construction, this should never happen. logging.error("Subdomain mismatch in registration %s: %s" % ( realm.subdomain, user_profile.email,)) return redirect('/') login(request, auth_result) return HttpResponseRedirect(realm.uri + reverse('zerver.views.home')) return render_to_response('zerver/register.html', {'form': form, 'company_name': domain, 'email': email, 'key': key, 'full_name': request.session.get('authenticated_full_name', None), 'lock_name': name_validated and name_changes_disabled(realm), # password_auth_enabled is normally set via our context processor, # but for the registration form, there is no logged in user yet, so # we have to set it here. 'creating_new_team': realm_creation, 'realms_have_subdomains': settings.REALMS_HAVE_SUBDOMAINS, 'password_auth_enabled': password_auth_enabled(realm), }, request=request)
def accounts_register(request): # type: (HttpRequest) -> HttpResponse key = request.POST['key'] confirmation = Confirmation.objects.get(confirmation_key=key) prereg_user = confirmation.content_object email = prereg_user.email realm_creation = prereg_user.realm_creation try: existing_user_profile = get_user_profile_by_email(email) except UserProfile.DoesNotExist: existing_user_profile = None validators.validate_email(email) # If OPEN_REALM_CREATION is enabled all user sign ups should go through the # special URL with domain name so that REALM can be identified if multiple realms exist unique_open_realm = get_unique_open_realm() if unique_open_realm is not None: realm = unique_open_realm elif prereg_user.referred_by: # If someone invited you, you are joining their realm regardless # of your e-mail address. realm = prereg_user.referred_by.realm elif prereg_user.realm: # You have a realm set, even though nobody referred you. This # happens if you sign up through a special URL for an open realm. realm = prereg_user.realm elif realm_creation: # For creating a new realm, there is no existing realm or domain realm = None elif settings.REALMS_HAVE_SUBDOMAINS: realm = get_realm(get_subdomain(request)) else: realm = get_realm_by_email_domain(email) if realm and not email_allowed_for_realm(email, realm): return render(request, "zerver/closed_realm.html", context={"closed_domain_name": realm.name}) if realm and realm.deactivated: # The user is trying to register for a deactivated realm. Advise them to # contact support. return render(request, "zerver/deactivated.html", context={ "deactivated_domain_name": realm.name, "zulip_administrator": settings.ZULIP_ADMINISTRATOR }) try: if existing_user_profile is not None and existing_user_profile.is_mirror_dummy: # Mirror dummy users to be activated must be inactive is_inactive(email) else: # Other users should not already exist at all. user_email_is_unique(email) except ValidationError: return HttpResponseRedirect( reverse('django.contrib.auth.views.login') + '?email=' + urllib.parse.quote_plus(email)) name_validated = False full_name = None if request.POST.get('from_confirmation'): try: del request.session['authenticated_full_name'] except KeyError: pass if realm is not None and realm.is_zephyr_mirror_realm: # For MIT users, we can get an authoritative name from Hesiod. # Technically we should check that this is actually an MIT # realm, but we can cross that bridge if we ever get a non-MIT # zephyr mirroring realm. hesiod_name = compute_mit_user_fullname(email) form = RegistrationForm( initial={ 'full_name': hesiod_name if "@" not in hesiod_name else "" }) name_validated = True elif settings.POPULATE_PROFILE_VIA_LDAP: for backend in get_backends(): if isinstance(backend, LDAPBackend): ldap_attrs = _LDAPUser( backend, backend.django_to_ldap_username(email)).attrs try: ldap_full_name = ldap_attrs[ settings.AUTH_LDAP_USER_ATTR_MAP['full_name']][0] request.session[ 'authenticated_full_name'] = ldap_full_name name_validated = True # We don't use initial= here, because if the form is # complete (that is, no additional fields need to be # filled out by the user) we want the form to validate, # so they can be directly registered without having to # go through this interstitial. form = RegistrationForm({'full_name': ldap_full_name}) # FIXME: This will result in the user getting # validation errors if they have to enter a password. # Not relevant for ONLY_SSO, though. break except TypeError: # Let the user fill out a name and/or try another backend form = RegistrationForm() elif 'full_name' in request.POST: form = RegistrationForm( initial={'full_name': request.POST.get('full_name')}) else: form = RegistrationForm() else: postdata = request.POST.copy() if name_changes_disabled(realm): # If we populate profile information via LDAP and we have a # verified name from you on file, use that. Otherwise, fall # back to the full name in the request. try: postdata.update( {'full_name': request.session['authenticated_full_name']}) name_validated = True except KeyError: pass form = RegistrationForm(postdata) if not password_auth_enabled(realm): form['password'].field.required = False if form.is_valid(): if password_auth_enabled(realm): password = form.cleaned_data['password'] else: # SSO users don't need no passwords password = None if realm_creation: string_id = form.cleaned_data['realm_subdomain'] realm_name = form.cleaned_data['realm_name'] org_type = int(form.cleaned_data['realm_org_type']) realm = do_create_realm(string_id, realm_name, org_type=org_type)[0] set_default_streams(realm, settings.DEFAULT_NEW_REALM_STREAMS) full_name = form.cleaned_data['full_name'] short_name = email_to_username(email) first_in_realm = len( UserProfile.objects.filter(realm=realm, is_bot=False)) == 0 # FIXME: sanitize email addresses and fullname if existing_user_profile is not None and existing_user_profile.is_mirror_dummy: user_profile = existing_user_profile do_activate_user(user_profile) do_change_password(user_profile, password) do_change_full_name(user_profile, full_name) else: user_profile = do_create_user( email, password, realm, full_name, short_name, prereg_user=prereg_user, tos_version=settings.TOS_VERSION, newsletter_data={"IP": request.META['REMOTE_ADDR']}) if first_in_realm: do_change_is_admin(user_profile, True) if realm_creation and settings.REALMS_HAVE_SUBDOMAINS: # Because for realm creation, registration happens on the # root domain, we need to log them into the subdomain for # their new realm. return redirect_and_log_into_subdomain(realm, full_name, email) # This dummy_backend check below confirms the user is # authenticating to the correct subdomain. return_data = {} # type: Dict[str, bool] auth_result = authenticate(username=user_profile.email, realm_subdomain=realm.subdomain, return_data=return_data, use_dummy_backend=True) if return_data.get('invalid_subdomain'): # By construction, this should never happen. logging.error("Subdomain mismatch in registration %s: %s" % ( realm.subdomain, user_profile.email, )) return redirect('/') login(request, auth_result) return HttpResponseRedirect(realm.uri + reverse('zerver.views.home.home')) return render( request, 'zerver/register.html', context={ 'form': form, 'email': email, 'key': key, 'full_name': request.session.get('authenticated_full_name', None), 'lock_name': name_validated and name_changes_disabled(realm), # password_auth_enabled is normally set via our context processor, # but for the registration form, there is no logged in user yet, so # we have to set it here. 'creating_new_team': realm_creation, 'realms_have_subdomains': settings.REALMS_HAVE_SUBDOMAINS, 'password_auth_enabled': password_auth_enabled(realm), 'MAX_REALM_NAME_LENGTH': str(Realm.MAX_REALM_NAME_LENGTH), 'MAX_NAME_LENGTH': str(UserProfile.MAX_NAME_LENGTH), 'MAX_PASSWORD_LENGTH': str(form.MAX_PASSWORD_LENGTH), 'MAX_REALM_SUBDOMAIN_LENGTH': str(Realm.MAX_REALM_SUBDOMAIN_LENGTH) })
def get_unique_open_realm_test(request): return json_success({'realm':get_unique_open_realm().name})
def finish_baidu_oauth2(request): error = request.GET.get('error') if error == 'access_denied': return redirect('/') elif error is not None: logging.warning('Error from baidu oauth2 login %r', request.GET) return HttpResponse(status=400) # value, hmac_value = request.GET.get('state').split(':') # if hmac_value != google_oauth2_csrf(request, value): # logging.warning('baidu oauth2 CSRF error') # return HttpResponse(status=400) code = request.GET.get('code') ask_token_uri = 'https://openapi.baidu.com/oauth/2.0/token?grant_type=authorization_code&code='+code+'&client_id='+\ settings.BAIDU_OAUTH_CLIENT_ID+'&client_secret='+settings.BAIDU_OAUTH_SECRET+\ '&redirect_uri=http://localhost:9991/login/baidu/complete/' resp = requests.get( ask_token_uri ) #check whether get right access token #if resp.status_code == 400: # logging.warning('User error converting baidu oauth2 login to token') # return HttpResponse(status=400) #elif resp.status_code != 200: # raise Exception('Could not convert baidu oauth2 code to access_token') try: body = extract_json_response(resp) access_token = body['access_token'] except: raise Exception('Could not get baidu acess_token.') ask_info_uri = 'https://openapi.baidu.com/rest/2.0/passport/users/getLoggedInUser?access_token='+access_token resp_info = requests.post( ask_info_uri ) try: body = extract_json_response(resp_info) uid = body['uid'] uname= body['uname'] except: raise Exception('Could not get baidu uid.') email = Association.get_email_by_account('baidu', uid) if email == None : #reigister full_name = uname short_name = '----' password = None fake_email = uid + '@baidu.com' Association.create_association(fake_email,'baidu',uid) realm = get_unique_open_realm() user_profile = do_create_user(fake_email, password, realm, full_name, short_name) user_profile = authenticate(username=fake_email, use_dummy_backend=True) # may be non-meaningful login(request, user_profile) else: user_profile = authenticate(username=email, use_dummy_backend=True) login(request, user_profile) #if request.user.is_authenticated(): #return json_success({'email':request.user.email, 'baiduid':uid}) # else : # return json_error("user is not authenticated!") return HttpResponseRedirect("%s%s" % (settings.EXTERNAL_URI_SCHEME, request.get_host()))
def zulip_default_context(request): # type: (HttpRequest) -> Dict[str, Any] """Context available to all Zulip Jinja2 templates that have a request passed in. Designed to provide the long list of variables at the bottom of this function in a wide range of situations: logged-in or logged-out, subdomains or not, etc. The main variable in the below is whether we know the realm, which is the case if there is only one realm, or we're on a REALMS_HAVE_SUBDOMAINS subdomain, or the user is logged in. """ if hasattr(request, "user") and hasattr(request.user, "realm"): realm = request.user.realm elif settings.REALMS_HAVE_SUBDOMAINS: subdomain = get_subdomain(request) realm = get_realm(subdomain) else: # This will return None if there is no unique, open realm. realm = get_unique_open_realm() if realm is not None: realm_uri = realm.uri realm_name = realm.name realm_icon = get_realm_icon_url(realm) realm_description = realm.description or "The coolest place in the universe." else: realm_uri = settings.SERVER_URI realm_name = None realm_icon = None realm_description = None return { 'realms_have_subdomains': settings.REALMS_HAVE_SUBDOMAINS, 'custom_logo_url': settings.CUSTOM_LOGO_URL, 'register_link_disabled': settings.REGISTER_LINK_DISABLED, 'login_link_disabled': settings.LOGIN_LINK_DISABLED, 'about_link_disabled': settings.ABOUT_LINK_DISABLED, 'show_oss_announcement': settings.SHOW_OSS_ANNOUNCEMENT, 'zulip_admin': settings.ZULIP_ADMINISTRATOR, 'terms_of_service': settings.TERMS_OF_SERVICE, 'privacy_policy': settings.PRIVACY_POLICY, 'login_url': settings.HOME_NOT_LOGGED_IN, 'only_sso': settings.ONLY_SSO, 'external_api_path': settings.EXTERNAL_API_PATH, 'external_api_uri': settings.EXTERNAL_API_URI, 'external_host': settings.EXTERNAL_HOST, 'external_uri_scheme': settings.EXTERNAL_URI_SCHEME, 'realm_uri': realm_uri, 'realm_name': realm_name, 'realm_icon': realm_icon, 'realm_description': realm_description, 'server_uri': settings.SERVER_URI, 'api_site_required': settings.EXTERNAL_API_PATH != "api.zulip.com", 'email_integration_enabled': settings.EMAIL_GATEWAY_BOT != "", 'email_gateway_example': settings.EMAIL_GATEWAY_EXAMPLE, 'open_realm_creation': settings.OPEN_REALM_CREATION, 'password_auth_enabled': password_auth_enabled(realm), 'dev_auth_enabled': dev_auth_enabled(realm), 'google_auth_enabled': google_auth_enabled(realm), 'github_auth_enabled': github_auth_enabled(realm), 'any_oauth_backend_enabled': any_oauth_backend_enabled(realm), 'no_auth_enabled': not auth_enabled_helper(list(AUTH_BACKEND_NAME_MAP.keys()), realm), 'development_environment': settings.DEVELOPMENT, 'support_email': settings.ZULIP_ADMINISTRATOR, 'find_team_link_disabled': settings.FIND_TEAM_LINK_DISABLED, 'password_min_length': settings.PASSWORD_MIN_LENGTH, 'password_min_quality': settings.PASSWORD_MIN_ZXCVBN_QUALITY, 'zulip_version': ZULIP_VERSION, }