def merge_duplicate_users(): print('Starting {}...'.format(sys._getframe().f_code.co_name)) start = timezone.now() from framework.mongo.handlers import database duplicates = database.user.aggregate([{ "$group": { "_id": "$username", "ids": { "$addToSet": "$_id" }, "count": { "$sum": 1 } } }, { "$match": { "count": { "$gt": 1 } } }, { "$sort": { "count": -1 } }]).get('result') # [ # { # 'count': 5, # '_id': '*****@*****.**', # 'ids': [ # 'listo','fidst','hatma','tchth','euser','name!' # ] # } # ] print('Found {} duplicate usernames.'.format(len(duplicates))) for duplicate in duplicates: print('Found {} copies of {}'.format(len(duplicate.get('ids')), duplicate.get('_id'))) if duplicate.get('_id'): # _id is an email address, merge users keeping the one that was logged into last users = list( MODMUser.find(MQ('_id', 'in', duplicate.get('ids'))).sort('-last_login')) best_match = users.pop() for user in users: print('Merging user {} into user {}'.format( user._id, best_match._id)) best_match.merge_user(user) else: # _id is null, set all usernames to their guid users = MODMUser.find(MQ('_id', 'in', duplicate.get('ids'))) for user in users: print('Setting username for {}'.format(user._id)) user.username = user._id user.save() print('Done with {} in {} seconds...'.format( sys._getframe().f_code.co_name, (timezone.now() - start).total_seconds()))
def unsubscribe_mailchimp(list_name, user_id, username=None, send_goodbye=True): """Unsubscribe a user from a mailchimp mailing list given its name. :param str list_name: mailchimp mailing list name :param str user_id: current user's id :param str username: current user's email (required for merged users) :raises: ListNotSubscribed if user not already subscribed """ user = User.load(user_id) m = get_mailchimp_api() list_id = get_list_id_from_name(list_name=list_name) m.lists.unsubscribe(id=list_id, email={'email': username or user.username}, send_goodbye=send_goodbye) # Update mailing_list user field if user.mailchimp_mailing_lists is None: user.mailchimp_mailing_lists = {} user.save() user.mailchimp_mailing_lists[list_name] = False user.save()
def populate_conferences(): for meeting, attrs in MEETING_DATA.iteritems(): meeting = meeting.strip() admin_emails = attrs.pop("admins") admin_objs = [] for email in admin_emails: try: user = User.find_one(Q("username", "iexact", email)) admin_objs.append(user) except ModularOdmException: raise RuntimeError("Username {0!r} is not registered.".format(email)) conf = Conference(endpoint=meeting, admins=admin_objs, **attrs) try: conf.save() except ModularOdmException: print("{0} Conference already exists. Updating existing record...".format(meeting)) conf = Conference.find_one(Q("endpoint", "eq", meeting)) for key, value in attrs.items(): setattr(conf, key, value) conf.admins = admin_objs changed_fields = conf.save() if changed_fields: print("Changed: {}".format(changed_fields)) else: print("Added new Conference: {}".format(meeting))
def test_send_digest_called_with_correct_args(self, mock_send_mail, mock_callback): d = factories.NotificationDigestFactory( user_id=factories.UserFactory()._id, timestamp=datetime.datetime.utcnow(), message='Hello', node_lineage=[factories.ProjectFactory()._id] ) d.save() user_groups = group_digest_notifications_by_user() send_digest(user_groups) assert_true(mock_send_mail.called) assert_equals(mock_send_mail.call_count, len(user_groups)) last_user_index = len(user_groups) - 1 user = User.load(user_groups[last_user_index]['user_id']) digest_notification_ids = [message['_id'] for message in user_groups[last_user_index]['info']] args, kwargs = mock_send_mail.call_args assert_equal(kwargs['to_addr'], user.username) assert_equal(kwargs['mimetype'], 'html') assert_equal(kwargs['mail'], mails.DIGEST) assert_equal(kwargs['name'], user.fullname) message = group_messages_by_node(user_groups[last_user_index]['info']) assert_equal(kwargs['message'], message) assert_equal(kwargs['callback'], mock_callback.si(digest_notification_ids=digest_notification_ids))
def populate_conferences(): for meeting, attrs in MEETING_DATA.iteritems(): meeting = meeting.strip() admin_emails = attrs.pop('admins', []) admin_objs = [] for email in admin_emails: try: user = User.find_one(Q('username', 'iexact', email)) admin_objs.append(user) except ModularOdmException: raise RuntimeError('Username {0!r} is not registered.'.format(email)) custom_fields = attrs.pop('field_names', {}) conf = Conference( endpoint=meeting, admins=admin_objs, **attrs ) conf.field_names.update(custom_fields) try: conf.save() except ModularOdmException: conf = Conference.find_one(Q('endpoint', 'eq', meeting)) for key, value in attrs.items(): if isinstance(value, dict): current = getattr(conf, key) current.update(value) setattr(conf, key, current) else: setattr(conf, key, value) conf.admins = admin_objs changed_fields = conf.save() if changed_fields: print('Updated {}: {}'.format(meeting, changed_fields)) else: print('Added new Conference: {}'.format(meeting))
def send_users_email(send_type): """Find pending Emails and amalgamates them into a single Email. :param send_type :return: """ grouped_emails = get_users_emails(send_type) if not grouped_emails: return for group in grouped_emails: user = User.load(group['user_id']) if not user: log_exception() continue info = group['info'] notification_ids = [message['_id'] for message in info] sorted_messages = group_by_node(info) if sorted_messages: mails.send_mail( to_addr=user.username, mimetype='html', mail=mails.DIGEST, name=user.fullname, message=sorted_messages, callback=remove_notifications(email_notification_ids=notification_ids) )
def send_users_email(send_type): """Find pending Emails and amalgamates them into a single Email. :param send_type :return: """ grouped_emails = get_users_emails(send_type) if not grouped_emails: return for group in grouped_emails: user = User.load(group['user_id']) if not user: log_exception() continue info = group['info'] notification_ids = [message['_id'] for message in info] sorted_messages = group_by_node(info) if sorted_messages: mails.send_mail(to_addr=user.username, mimetype='html', mail=mails.DIGEST, name=user.fullname, message=sorted_messages, callback=remove_notifications( email_notification_ids=notification_ids))
def get_contributors(self, obj): contributor_info = [] if is_anonymized(self.context["request"]): return contributor_info contributor_ids = obj.get("contributors", None) params_node = obj.get("node", None) if contributor_ids: for contrib_id in contributor_ids: user = User.load(contrib_id) unregistered_name = None if user.unclaimed_records.get(params_node): unregistered_name = user.unclaimed_records[params_node].get("name", None) contributor_info.append( { "id": contrib_id, "full_name": user.fullname, "given_name": user.given_name, "middle_names": user.middle_names, "family_name": user.family_name, "unregistered_name": unregistered_name, "active": user.is_active, } ) return contributor_info
def get_contributors(self, obj): contributor_info = [] if is_anonymized(self.context['request']): return contributor_info contributor_ids = obj.get('contributors', None) params_node = obj.get('node', None) if contributor_ids: for contrib_id in contributor_ids: user = User.load(contrib_id) unregistered_name = None if user.unclaimed_records.get(params_node): unregistered_name = user.unclaimed_records[params_node].get('name', None) contributor_info.append({ 'id': contrib_id, 'full_name': user.fullname, 'given_name': user.given_name, 'middle_names': user.middle_names, 'family_name': user.family_name, 'unregistered_name': unregistered_name, 'active': user.is_active }) return contributor_info
def send_digest(grouped_digests): """ Send digest emails and remove digests for sent messages in a callback. :param grouped_digests: digest notification messages from the past 24 hours grouped by user :return: """ for group in grouped_digests: user = User.load(group['user_id']) if not user: sentry.log_exception() sentry.log_message("A user with this username does not exist.") return info = group['info'] digest_notification_ids = [message['_id'] for message in info] sorted_messages = group_messages_by_node(info) if sorted_messages: logger.info('Sending email digest to user {0!r}'.format(user)) mails.send_mail( to_addr=user.username, mimetype='html', mail=mails.DIGEST, name=user.fullname, message=sorted_messages, callback=remove_sent_digest_notifications.si( digest_notification_ids=digest_notification_ids))
def get_queryset(self): log = self.get_log() associated_contrib_ids = log.params.get('contributors') if associated_contrib_ids is None: return [] associated_users = User.find(Q('_id', 'in', associated_contrib_ids)) return associated_users
def authenticate(self, request): client = cas.get_client() # Returns a CAS server client try: auth_header_field = request.META["HTTP_AUTHORIZATION"] auth_token = cas.parse_auth_header(auth_header_field) except (cas.CasTokenError, KeyError): return None # If no token in header, then this method is not applicable # Found a token; query CAS for the associated user id try: cas_auth_response = client.profile(auth_token) except cas.CasHTTPError: raise exceptions.NotAuthenticated( _('User provided an invalid OAuth2 access token')) if cas_auth_response.authenticated is False: raise exceptions.NotAuthenticated( _('CAS server failed to authenticate this token')) user_id = cas_auth_response.user user = User.load(user_id) if user is None: raise exceptions.AuthenticationFailed( _('Could not find the user associated with this token')) check_user(user) return user, cas_auth_response
def populate_conferences(): for meeting, attrs in MEETING_DATA.iteritems(): meeting = meeting.strip() admin_emails = attrs.pop('admins', []) admin_objs = [] for email in admin_emails: try: user = User.find_one(Q('username', 'iexact', email)) admin_objs.append(user) except ModularOdmException: raise RuntimeError('Username {0!r} is not registered.'.format(email)) conf = Conference( endpoint=meeting, admins=admin_objs, **attrs ) try: conf.save() except ModularOdmException: conf = Conference.find_one(Q('endpoint', 'eq', meeting)) for key, value in attrs.items(): setattr(conf, key, value) conf.admins = admin_objs changed_fields = conf.save() if changed_fields: print('Updated {}: {}'.format(meeting, changed_fields)) else: print('Added new Conference: {}'.format(meeting))
def populate_conferences(): for meeting, attrs in MEETING_DATA.iteritems(): meeting = meeting.strip() admin_emails = attrs.pop('admins') admin_objs = [] for email in admin_emails: try: user = User.find_one(Q('username', 'iexact', email)) admin_objs.append(user) except ModularOdmException: raise RuntimeError('Username {0!r} is not registered.'.format(email)) conf = Conference( endpoint=meeting, admins=admin_objs, **attrs ) try: conf.save() except ModularOdmException: print('{0} Conference already exists. Updating existing record...'.format(meeting)) conf = Conference.find_one(Q('endpoint', 'eq', meeting)) for key, value in attrs.items(): setattr(conf, key, value) conf.admins = admin_objs changed_fields = conf.save() if changed_fields: print('Changed: {}'.format(changed_fields))
def subscribe_mailchimp(list_name, user_id): user = User.load(user_id) m = get_mailchimp_api() list_id = get_list_id_from_name(list_name=list_name) if user.mailchimp_mailing_lists is None: user.mailchimp_mailing_lists = {} try: m.lists.subscribe( id=list_id, email={'email': user.username}, merge_vars={ 'fname': user.given_name, 'lname': user.family_name, }, double_optin=False, update_existing=True, ) except mailchimp.ValidationError as error: sentry.log_exception() sentry.log_message(error.message) user.mailchimp_mailing_lists[list_name] = False else: user.mailchimp_mailing_lists[list_name] = True finally: user.save()
def send_digest(grouped_digests): """ Send digest emails and remove digests for sent messages in a callback. :param grouped_digests: digest notification messages from the past 24 hours grouped by user :return: """ for group in grouped_digests: user = User.load(group['user_id']) if not user: sentry.log_exception() sentry.log_message("A user with this username does not exist.") return info = group['info'] digest_notification_ids = [message['_id'] for message in info] sorted_messages = group_messages_by_node(info) if sorted_messages: logger.info('Sending email digest to user {0!r}'.format(user)) mails.send_mail( to_addr=user.username, mimetype='html', mail=mails.DIGEST, name=user.fullname, message=sorted_messages, callback=remove_sent_digest_notifications.si( digest_notification_ids=digest_notification_ids ) )
def update_comments_viewed_timestamp(): users = User.find(Q('comments_viewed_timestamp', 'ne', None) & Q('comments_viewed_timestamp', 'ne', {})) for user in users: if user.comments_viewed_timestamp: timestamps = {} dirty = False for node_id in user.comments_viewed_timestamp: node_timestamps = user.comments_viewed_timestamp[node_id] if isinstance(node_timestamps, dict): # node timestamp if node_timestamps.get('node', None): timestamps[node_id] = node_timestamps['node'] dirty = True # file timestamps file_timestamps = node_timestamps.get('files', None) if file_timestamps: for file_id in file_timestamps: timestamps[file_id] = file_timestamps[file_id] dirty = True else: timestamps[node_id] = node_timestamps if dirty: user.comments_viewed_timestamp = timestamps user.save() logger.info('Migrated timestamp for user {0}'.format(user._id))
def save_bare_system_tags(page_size=10000): print('Starting save_bare_system_tags...') start = timezone.now() things = list(MODMNode.find(MQ( 'system_tags', 'ne', [])).sort('-_id')) + list( MODMUser.find(MQ('system_tags', 'ne', [])).sort('-_id')) system_tag_ids = [] for thing in things: for system_tag in thing.system_tags: system_tag_ids.append(system_tag) unique_system_tag_ids = set(system_tag_ids) total = len(unique_system_tag_ids) system_tags = [] for system_tag_id in unique_system_tag_ids: system_tags.append(Tag(name=system_tag_id, system=True)) created_system_tags = Tag.objects.bulk_create(system_tags) print('MODM System Tags: {}'.format(total)) print('django system tags: {}'.format( Tag.objects.filter(system=True).count())) print('Done with {} in {} seconds...'.format( sys._getframe().f_code.co_name, (timezone.now() - start).total_seconds()))
def subscribe_mailchimp(list_name, user_id): user = User.load(user_id) m = get_mailchimp_api() list_id = get_list_id_from_name(list_name=list_name) if user.mailing_lists is None: user.mailing_lists = {} try: m.lists.subscribe( id=list_id, email={'email': user.username}, merge_vars={ 'fname': user.given_name, 'lname': user.family_name, }, double_optin=False, update_existing=True, ) except mailchimp.ValidationError as error: sentry.log_exception() sentry.log_message(error.message) user.mailing_lists[list_name] = False else: user.mailing_lists[list_name] = True finally: user.save()
def before_request(): from framework.auth import authenticate from framework.auth.core import User from framework.auth import cas # Central Authentication Server Ticket Validation and Authentication ticket = request.args.get('ticket') if ticket: service_url = furl.furl(request.url) service_url.args.pop('ticket') # Attempt autn wih CAS, and return a proper redirect response return cas.make_response_from_ticket(ticket=ticket, service_url=service_url.url) # Central Authentication Server OAuth Bearer Token authorization = request.headers.get('Authorization') if authorization and authorization.startswith('Bearer '): client = cas.get_client() try: access_token = cas.parse_auth_header(authorization) except cas.CasTokenError as err: # NOTE: We assume that the request is an AJAX request return jsonify({'message_short': 'Invalid Bearer token', 'message_long': err.args[0]}), http.UNAUTHORIZED cas_resp = client.profile(access_token) if cas_resp.authenticated: user = User.load(cas_resp.user) return authenticate(user, access_token=access_token, response=None) return make_response('', http.UNAUTHORIZED) if request.authorization: # TODO: Fix circular import from framework.auth.core import get_user user = get_user( email=request.authorization.username, password=request.authorization.password ) # Create empty session # TODO: Shoudn't need to create a session for Basic Auth session = Session() if user: session.data['auth_user_username'] = user.username session.data['auth_user_id'] = user._primary_key session.data['auth_user_fullname'] = user.fullname else: # Invalid key: Not found in database session.data['auth_error_code'] = http.FORBIDDEN set_session(session) return cookie = request.cookies.get(settings.COOKIE_NAME) if cookie: try: session_id = itsdangerous.Signer(settings.SECRET_KEY).unsign(cookie) session = Session.load(session_id) or Session(_id=session_id) set_session(session) return except: pass
def test_all_users_have_wiki_osfstorage_enabled(self): all_user_count = User.find().count() results = AddonSnapshot().get_events() osfstorage_res = [res for res in results if res["provider"]["name"] == "osfstorage"][0] wiki_res = [res for res in results if res["provider"]["name"] == "osfstorage"][0] assert_equal(osfstorage_res["users"]["enabled"], all_user_count) assert_equal(wiki_res["users"]["enabled"], all_user_count)
def test_all_users_have_wiki_osfstorage_enabled(self): all_user_count = User.find().count() results = AddonSnapshot().get_events() osfstorage_res = [res for res in results if res['provider']['name'] == 'osfstorage'][0] wiki_res = [res for res in results if res['provider']['name'] == 'osfstorage'][0] assert_equal(osfstorage_res['users']['enabled'], all_user_count) assert_equal(wiki_res['users']['enabled'], all_user_count)
def update_comments_viewed_timestamp(): users = User.find(Q('comments_viewed_timestamp', 'ne', None) | Q('comments_viewed_timestamp', 'ne', {})) for user in users: if user.comments_viewed_timestamp: for node in user.comments_viewed_timestamp: user.comments_viewed_timestamp[node] = {'node': user.comments_viewed_timestamp[node]} user.save() logger.info('Migrated timestamp for user {0}'.format(user._id))
def get_targets(): logger.info('Acquiring targets...') targets = [ u for u in User.find() if Node.find( Q('is_bookmark_collection', 'eq', True) & Q('is_deleted', 'eq', False) & Q('creator', 'eq', u._id)).count() > 1 ] logger.info('Found {} target users.'.format(len(targets))) return targets
def authenticate(self, request): cookie_val = request.COOKIES.get(settings.COOKIE_NAME) if not cookie_val: return None session = get_session_from_cookie(cookie_val) if not session: return None user_id = session.data.get('auth_user_id') user = User.load(user_id) if user: return user, None return None
def test_all_users_have_wiki_osfstorage_enabled(self): all_user_count = User.find().count() results = AddonSnapshot().get_events() osfstorage_res = [ res for res in results if res['provider']['name'] == 'osfstorage' ][0] wiki_res = [ res for res in results if res['provider']['name'] == 'osfstorage' ][0] assert_equal(osfstorage_res['users']['enabled'], all_user_count) assert_equal(wiki_res['users']['enabled'], all_user_count)
def update_comments_viewed_timestamp(): users = User.find( Q('comments_viewed_timestamp', 'ne', None) | Q('comments_viewed_timestamp', 'ne', {})) for user in users: if user.comments_viewed_timestamp: for node in user.comments_viewed_timestamp: user.comments_viewed_timestamp[node] = { 'node': user.comments_viewed_timestamp[node] } user.save() logger.info('Migrated timestamp for user {0}'.format(user._id))
def reject_draft(request, draft_pk): draft = get_draft_obj(draft_pk) # TODO[lauren]: add proper authorizers to DraftRegistrationApproval # need to pass self, user, and token # user should be the admin user = osf_user.load('dsmpw') draftRegistrationApproval = draft[0].approval draftRegistrationApproval.add_authorizer(user) token = draftRegistrationApproval.approval_state[user._id]['rejection_token'] draftRegistrationApproval.reject(user, token) draftRegistrationApproval.save() response = serialize_draft_registration_approval(draftRegistrationApproval) return HttpResponse(json.dumps(response), content_type='application/json')
def populate_conferences(dev=False): if dev: Conference.remove() date_format = '%b %d %Y' for meeting, attrs in MEETING_DATA.iteritems(): meeting = meeting.strip() admin_emails = attrs.pop('admins', []) admin_objs = [] if not dev: for email in admin_emails: try: user = User.find_one(Q('username', 'iexact', email)) admin_objs.append(user) except ModularOdmException: raise RuntimeError('Username {0!r} is not registered.'.format(email)) # Convert string into datetime object try: attrs['end_date'] = datetime.strptime(attrs.get('end_date'), date_format) attrs['start_date'] = datetime.strptime(attrs.get('start_date'), date_format) except TypeError: print '** Meeting {} does not have a start or end date. **'.format(meeting) custom_fields = attrs.pop('field_names', {}) conf = Conference( endpoint=meeting, admins=admin_objs, **attrs ) conf.field_names.update(custom_fields) try: conf.save() except ModularOdmException: conf = Conference.find_one(Q('endpoint', 'eq', meeting)) for key, value in attrs.items(): if isinstance(value, dict): current = getattr(conf, key) current.update(value) setattr(conf, key, current) else: setattr(conf, key, value) conf.admins = admin_objs changed_fields = conf.save() if changed_fields: print('Updated {}: {}'.format(meeting, changed_fields)) else: print('Added new Conference: {}'.format(meeting))
def get_or_create_user(fullname, address, is_spam=False): """Get or create user by email address. :param str fullname: User full name :param str address: User email address :param bool is_spam: User flagged as potential spam :return: Tuple of (user, created) """ user = get_user(email=address) if user: return user, False else: password = str(uuid.uuid4()) user = User.create_confirmed(address, password, fullname) user.verification_key = generate_verification_key() if is_spam: user.system_tags.append('is_spam') return user, True
def reject_draft(request, draft_pk): draft = get_draft_obj(draft_pk) # TODO[lauren]: add proper authorizers to DraftRegistrationApproval # need to pass self, user, and token # user should be the admin user = osf_user.load('dsmpw') draftRegistrationApproval = draft[0].approval draftRegistrationApproval.add_authorizer(user) token = draftRegistrationApproval.approval_state[ user._id]['rejection_token'] draftRegistrationApproval.reject(user, token) draftRegistrationApproval.save() response = serialize_draft_registration_approval(draftRegistrationApproval) return HttpResponse(json.dumps(response), content_type='application/json')
def ensure_external_identity_uniqueness(provider, identity, user=None): from framework.auth.core import User # avoid circular import users_with_identity = User.find(Q('external_identity.{}.{}'.format(provider, identity), 'ne', None)) for existing_user in users_with_identity: if user and user._id == existing_user._id: continue if existing_user.external_identity[provider][identity] == 'VERIFIED': if user and user.external_identity.get(provider, {}).get(identity, {}): user.external_identity[provider].pop(identity) if user.external_identity[provider] == {}: user.external_identity.pop(provider) user.save() # Note: This won't work in v2 because it rolls back transactions when status >= 400 raise ValidationError('Another user has already claimed this external identity') existing_user.external_identity[provider].pop(identity) if existing_user.external_identity[provider] == {}: existing_user.external_identity.pop(provider) existing_user.save() return
def unsubscribe_mailchimp(list_name, user_id): """Unsubscribe a user from a mailchimp mailing list given its name. :param str list_name: mailchimp mailing list name :param str username: current user's email :raises: ListNotSubscribed if user not already subscribed """ user = User.load(user_id) m = get_mailchimp_api() list_id = get_list_id_from_name(list_name=list_name) m.lists.unsubscribe(id=list_id, email={'email': user.username}) # Update mailing_list user field if user.mailing_lists is None: user.mailing_lists = {} user.save() user.mailing_lists[list_name] = False user.save()
def populate_conferences(email): for meeting, attrs in MEETING_DATA.iteritems(): admin_objs = [] try: user = User.find_one(Q('username', 'iexact', email)) admin_objs.append(user) except ModularOdmException: raise RuntimeError('Username {0!r} is not registered.'.format(email)) conf = Conference( endpoint=meeting, admins=admin_objs, **attrs ) try: conf.save() except ModularOdmException: print('{0} Conference already exists. Updating existing record...'.format(meeting)) conf = Conference.find_one(Q('endpoint', 'eq', meeting)) for key, value in attrs.items(): setattr(conf, key, value) conf.admins = admin_objs conf.save()
def unsubscribe_mailchimp(list_name, user_id): """Unsubscribe a user from a mailchimp mailing list given its name. :param str list_name: mailchimp mailing list name :param str username: current user's email :raises: ListNotSubscribed if user not already subscribed """ user = User.load(user_id) m = get_mailchimp_api() list_id = get_list_id_from_name(list_name=list_name) m.lists.unsubscribe(id=list_id, email={"email": user.username}) # Update mailing_list user field if user.mailing_lists is None: user.mailing_lists = {} user.save() user.mailing_lists[list_name] = False user.save()
def test_user_with_claim_url_registers_new_account(self, mock_session): # Assume that the unregistered user data is already stored in the session mock_session.data = { 'unreg_user': { 'uid': self.user._primary_key, 'pid': self.project._primary_key, 'token': self.user.get_unclaimed_record( self.project._primary_key)['token'] } } res2 = self.app.get('/account/') # Fills in Register form form = res2.forms['registerForm'] form['register-fullname'] = 'tester' form['register-username'] = '******' form['register-username2'] = '*****@*****.**' form['register-password'] = '******' form['register-password2'] = 'testing' res3 = form.submit() assert_in('Registration successful.', res3.body) assert_in('Successfully claimed contributor', res3.body) u = User.find(Q('username', 'eq', '*****@*****.**'))[0] key = ApiKeyFactory() u.api_keys.append(key) u.save() u.auth = ('test', key._primary_key) self.app.get( u.get_confirmation_url('*****@*****.**')).follow(auth=u.auth) # Confirms their email address self.project.reload() self.user.reload() u.reload() assert_not_in(self.user._primary_key, self.project.contributors) assert_equal(2, len(self.project.contributors)) # user is now a contributor to self.project assert_in(u._primary_key, self.project.contributors)
def register_unconfirmed(username, password, fullname, campaign=None): user = get_user(email=username) if not user: user = User.create_unconfirmed( username=username, password=password, fullname=fullname, campaign=campaign, ) user.save() signals.unconfirmed_user_created.send(user) elif not user.is_registered: # User is in db but not registered user.add_unconfirmed_email(username) user.set_password(password) user.fullname = fullname user.update_guessed_names() user.save() else: raise DuplicateEmailError('User {0!r} already exists'.format(username)) return user
def get_or_create_user(fullname, address, reset_password=True, is_spam=False): """ Get or create user by fullname and email address. :param str fullname: user full name :param str address: user email address :param boolean reset_password: ask user to reset their password :param bool is_spam: user flagged as potential spam :return: tuple of (user, created) """ user = get_user(email=address) if user: return user, False else: password = str(uuid.uuid4()) user = User.create_confirmed(address, password, fullname) if password: user.verification_key_v2 = generate_verification_key(verification_type='password') if is_spam: user.system_tags.append('is_spam') return user, True
def get_or_create_user(fullname, address, reset_password=True, is_spam=False): """ Get or create user by fullname and email address. :param str fullname: user full name :param str address: user email address :param boolean reset_password: ask user to reset their password :param bool is_spam: user flagged as potential spam :return: tuple of (user, created) """ user = get_user(email=address) if user: return user, False else: password = str(uuid.uuid4()) user = User.create_confirmed(address, password, fullname) if password: user.verification_key_v2 = generate_verification_key( verification_type='password') if is_spam: user.system_tags.append('is_spam') return user, True
def authenticate(self, request): client = cas.get_client() # Returns a CAS server client try: auth_header_field = request.META["HTTP_AUTHORIZATION"] auth_token = cas.parse_auth_header(auth_header_field) except (cas.CasTokenError, KeyError): return None # If no token in header, then this method is not applicable # Found a token; query CAS for the associated user id try: resp = client.profile(auth_token) except cas.CasHTTPError: raise exceptions.NotAuthenticated('User provided an invalid OAuth2 access token') if resp.authenticated is False: raise exceptions.NotAuthenticated('CAS server failed to authenticate this token') user_id = resp.user user = User.load(user_id) if user is None: raise exceptions.AuthenticationFailed("Could not find the user associated with this token") return user, auth_token
def ensure_external_identity_uniqueness(provider, identity, user=None): from framework.auth.core import User # avoid circular import users_with_identity = User.find( Q('external_identity.{}.{}'.format(provider, identity), 'ne', None)) for existing_user in users_with_identity: if user and user._id == existing_user._id: continue if existing_user.external_identity[provider][identity] == 'VERIFIED': if user and user.external_identity.get(provider, {}).get( identity, {}): user.external_identity[provider].pop(identity) if user.external_identity[provider] == {}: user.external_identity.pop(provider) user.save( ) # Note: This won't work in v2 because it rolls back transactions when status >= 400 raise ValidationError( 'Another user has already claimed this external identity') existing_user.external_identity[provider].pop(identity) if existing_user.external_identity[provider] == {}: existing_user.external_identity.pop(provider) existing_user.save() return
def update_comments_viewed_timestamp(): users = User.find( Q('comments_viewed_timestamp', 'ne', None) & Q('comments_viewed_timestamp', 'ne', {})) for user in users: if user.comments_viewed_timestamp: timestamps = {} for node_id in user.comments_viewed_timestamp: node_timestamps = user.comments_viewed_timestamp[node_id] # node timestamp if node_timestamps.get('node', None): timestamps[node_id] = node_timestamps['node'] # file timestamps file_timestamps = node_timestamps.get('files', None) if file_timestamps: for file_id in file_timestamps: timestamps[file_id] = file_timestamps[file_id] user.comments_viewed_timestamp = timestamps user.save() logger.info('Migrated timestamp for user {0}'.format(user._id))
def test_user_with_claim_url_registers_new_account(self, mock_session): # Assume that the unregistered user data is already stored in the session mock_session.data = { 'unreg_user': { 'uid': self.user._primary_key, 'pid': self.project._primary_key, 'token': self.user.get_unclaimed_record( self.project._primary_key)['token'] } } res2 = self.app.get('/account/') # Fills in Register form form = res2.forms['registerForm'] form['register-fullname'] = 'tester' form['register-username'] = '******' form['register-username2'] = '*****@*****.**' form['register-password'] = '******' form['register-password2'] = 'testing' res3 = form.submit() assert_in('Registration successful.', res3.body) assert_in('Successfully claimed contributor', res3.body) u = User.find(Q('username', 'eq', '*****@*****.**'))[0] key = ApiKeyFactory() u.api_keys.append(key) u.save() u.auth = ('test', key._primary_key) self.app.get(u.get_confirmation_url('*****@*****.**')).follow(auth=u.auth) # Confirms their email address self.project.reload() self.user.reload() u.reload() assert_not_in(self.user._primary_key, self.project.contributors) assert_equal(2, len(self.project.contributors)) # user is now a contributor to self.project assert_in(u._primary_key, self.project.contributors)
def get_targets(): """Return a QuerySet containing confirmed Users who have unclaimed records.""" return User.find(QUERY)
def get_queryset(self): return User.find(Q('_id', 'eq', self.context['request'].user._id))
def tearDown(self): super(TestNodeCount, self).tearDown() Node.remove() User.remove()
def get_queryset(self): return User.find(Q("_id", "eq", self.context["request"].user._id))
def before_request(): from framework import sentry from framework.auth import cas from framework.auth.core import User from framework.auth import authenticate from framework.routing import json_renderer # Central Authentication Server Ticket Validation and Authentication ticket = request.args.get('ticket') if ticket: service_url = furl.furl(request.url) service_url.args.pop('ticket') # Attempt autn wih CAS, and return a proper redirect response return cas.make_response_from_ticket(ticket=ticket, service_url=service_url.url) # Central Authentication Server OAuth Bearer Token authorization = request.headers.get('Authorization') if authorization and authorization.startswith('Bearer '): client = cas.get_client() try: access_token = cas.parse_auth_header(authorization) cas_resp = client.profile(access_token) except cas.CasError as err: sentry.log_exception() # NOTE: We assume that the request is an AJAX request return json_renderer(err) if cas_resp.authenticated: user = User.load(cas_resp.user) return authenticate(user, access_token=access_token, response=None) return make_response('', http.UNAUTHORIZED) if request.authorization: # TODO: Fix circular import from framework.auth.core import get_user user = get_user(email=request.authorization.username, password=request.authorization.password) # Create empty session # TODO: Shoudn't need to create a session for Basic Auth session = Session() if user: session.data['auth_user_username'] = user.username session.data['auth_user_id'] = user._primary_key session.data['auth_user_fullname'] = user.fullname else: # Invalid key: Not found in database session.data['auth_error_code'] = http.FORBIDDEN set_session(session) return cookie = request.cookies.get(settings.COOKIE_NAME) if cookie: try: session_id = itsdangerous.Signer( settings.SECRET_KEY).unsign(cookie) session = Session.load(session_id) or Session(_id=session_id) set_session(session) return except: pass
def get_users(): """Get all users who will be subscribed to the OSF General mailing list.""" # Exclude unconfirmed and unregistered users # NOTE: Unclaimed and unconfirmed users have is_registered=False return User.find(Q('is_registered', 'eq', True))
def tearDown(self): super(TestNodeLogAnalytics, self).tearDown() Node.remove() User.remove()
def get_user(self, user_id): return User.load(user_id)