def update_user_quota(self, user, user_role): if user.permissions.role_quota(): quota = get_quota_from_string(user.permissions.role_quota()) logger.info('Set quota[%d] for user: %s, role[%s]' % (quota, user.username, user_role)) seafile_api.set_role_quota(user_role, quota) else: return
def _handle_login_form_valid(request, user, redirect_to, remember_me): if UserOptions.objects.passwd_change_required(user.username): redirect_to = reverse('auth_password_change') request.session['force_passwd_change'] = True if user.permissions.role_quota(): user_role = get_user_role(user) quota = get_quota_from_string(user.permissions.role_quota()) seafile_api.set_role_quota(user_role, quota) # password is valid, log user in request.session['remember_me'] = remember_me return log_user_in(request, user, redirect_to)
def update_user_role(self, user, parse_result): role = parse_result.get('role', '') if role: User.objects.update_role(user.username, role) # update user role quota role_quota = get_enabled_role_permissions_by_role( role)['role_quota'] if role_quota: quota = get_quota_from_string(role_quota) seafile_api.set_role_quota(role, quota) return SHIBBOLETH_AFFILIATION_ROLE_MAP = getattr( settings, 'SHIBBOLETH_AFFILIATION_ROLE_MAP', False) if not SHIBBOLETH_AFFILIATION_ROLE_MAP: return if user.username in SHIBBOLETH_AFFILIATION_ROLE_MAP: role = SHIBBOLETH_AFFILIATION_ROLE_MAP[user.username] elif 'patterns' in SHIBBOLETH_AFFILIATION_ROLE_MAP: patterns = SHIBBOLETH_AFFILIATION_ROLE_MAP['patterns'] try: ordered_patterns = OrderedDict(patterns) except Exception as e: logger.error(e) return for key in ordered_patterns: if fnmatch(user.username, key): role = ordered_patterns[key] break else: return if role: User.objects.update_role(user.email, role) # update user role quota role_quota = get_enabled_role_permissions_by_role( role)['role_quota'] if role_quota: quota = get_quota_from_string(role_quota) seafile_api.set_role_quota(role, quota)
def update_user_role(self, user_info): """ Specific for Shibboleth """ affiliation = user_info.get('affiliation', '') if not affiliation: return for e in affiliation.split(';'): role = self._get_role_by_affiliation(e) if not role: continue # update user role ccnet_api.update_role_emailuser(user_info['email'], role) # update user role quota role_quota = get_enabled_role_permissions_by_role( role)['role_quota'] if role_quota: quota = get_quota_from_string(role_quota) seafile_api.set_role_quota(role, quota)
def oauth_callback(request): """ Step 3: Retrieving an access token. The user has been redirected back from the provider to your registered callback URL. With this redirection comes an authorization code included in the redirect URL. We will use that to obtain an access token. """ session = OAuth2Session(client_id=CLIENT_ID, scope=SCOPE, state=request.session.get('oauth_state', None), redirect_uri=REDIRECT_URL) try: token = session.fetch_token( TOKEN_URL, client_secret=CLIENT_SECRET, authorization_response=request.get_full_path()) if 'user_id' in session._client.__dict__['token']: # used for sjtu.edu.cn # https://xjq12311.gitbooks.io/sjtu-engtc/content/ user_id = session._client.__dict__['token']['user_id'] user_info_resp = session.get(USER_INFO_URL + '?user_id=%s' % user_id) else: user_info_url = USER_INFO_URL if ACCESS_TOKEN_IN_URI: code = request.GET.get('code') user_info_url = USER_INFO_URL + '?access_token=%s&code=%s' % ( token['access_token'], code) user_info_resp = session.get(user_info_url) except Exception as e: logger.error(e) return render_error(request, _('Error, please contact administrator.')) def format_user_info(user_info_resp): logger.info('user info resp: %s' % user_info_resp.text) error = False user_info = {} user_info_json = user_info_resp.json() for item, attr in list(ATTRIBUTE_MAP.items()): required, user_attr = attr value = user_info_json.get(item, '') if value: # ccnet email if user_attr == 'email': user_info[user_attr] = value if is_valid_email(str(value)) else \ '%s@%s' % (str(value), PROVIDER_DOMAIN) else: user_info[user_attr] = value elif required: error = True return user_info, error user_info, error = format_user_info(user_info_resp) if error: logger.error('Required user info not found.') logger.error(user_info) return render_error(request, _('Error, please contact administrator.')) # seahub authenticate user email = user_info['email'] try: user = auth.authenticate(remote_user=email) except User.DoesNotExist: user = None except Exception as e: logger.error(e) return render_error(request, _('Error, please contact administrator.')) if not user or not user.is_active: logger.error('User %s not found or inactive.' % email) # a page for authenticate user failed return render_error(request, _('User %s not found.') % email) # User is valid. Set request.user and persist user in the session # by logging the user in. request.user = user auth.login(request, user) # update user's profile name = user_info['name'] if 'name' in user_info else '' contact_email = user_info['contact_email'] if 'contact_email' in user_info else '' profile = Profile.objects.get_profile_by_user(email) if not profile: profile = Profile(user=email) if name: profile.nickname = name.strip() profile.save() if contact_email: profile.contact_email = contact_email.strip() profile.save() if CUSTOM_GET_USER_ROLE: remote_role_value = user_info.get('role', '') if remote_role_value: role = custom_get_user_role(remote_role_value) # update user role ccnet_api.update_role_emailuser(user_info['email'], role) # update user role quota role_quota = get_enabled_role_permissions_by_role(role)['role_quota'] if role_quota: quota = get_quota_from_string(role_quota) seafile_api.set_role_quota(role, quota) # generate auth token for Seafile client api_token = get_api_token(request) # redirect user to home page response = HttpResponseRedirect(request.session.get('oauth_redirect', '/')) response.set_cookie('seahub_auth', email + '@' + api_token.key) return response
def update_user_quota(self, user, user_role): if user.permissions.role_quota(): quota = get_quota_from_string(user.permissions.role_quota()) seafile_api.set_role_quota(user_role, quota) else: return