def new_language(request, project, component):
obj = get_component(request, project, component)
user = request.user
form_class = get_new_language_form(request, obj)
can_add = obj.can_add_new_language(user)
if request.method == "POST":
form = form_class(obj, request.POST)
if form.is_valid():
result = obj
langs = form.cleaned_data["lang"]
kwargs = {
"user": user,
"author": user,
"component": obj,
"details": {},
}
with obj.repository.lock:
for language in Language.objects.filter(code__in=langs):
kwargs["details"]["language"] = language.code
if can_add:
translation = obj.add_new_language(
language, request, create_translations=False
)
if translation:
kwargs["translation"] = translation
if len(langs) == 1:
result = translation
Change.objects.create(
action=Change.ACTION_ADDED_LANGUAGE, **kwargs
)
elif obj.new_lang == "contact":
Change.objects.create(
action=Change.ACTION_REQUESTED_LANGUAGE, **kwargs
)
messages.success(
request,
_(
"A request for a new translation has been "
"sent to the project's maintainers."
),
)
if not obj.create_translations(request=request):
messages.warning(
request, _("The translation will be updated in the background.")
)
if user.has_perm("component.edit", obj):
reset_rate_limit("language", request)
return redirect(result)
messages.error(request, _("Please fix errors in the form."))
else:
form = form_class(obj)
return render(
request,
"new-language.html",
{"object": obj, "project": obj.project, "form": form, "can_add": can_add},
)
def user_remove(request):
is_confirmation = "remove_confirm" in request.session
if is_confirmation:
if request.method == "POST":
remove_user(request.user, request)
rotate_token(request)
logout(request)
messages.success(request, _("Your account has been removed."))
return redirect("home")
confirm_form = EmptyConfirmForm(request)
elif request.method == "POST":
confirm_form = PasswordConfirmForm(request, request.POST)
if confirm_form.is_valid():
reset_rate_limit("remove", request)
store_userid(request, remove=True)
request.GET = {"email": request.user.email}
return social_complete(request, "email")
else:
confirm_form = PasswordConfirmForm(request)
return render(
request,
"accounts/removal.html",
{
"confirm_form": confirm_form,
"is_confirmation": is_confirmation
},
)
def user_remove(request):
is_confirmation = 'remove_confirm' in request.session
if is_confirmation:
if request.method == 'POST':
remove_user(request.user, request)
rotate_token(request)
logout(request)
messages.success(request, _('Your account has been removed.'))
return redirect('home')
confirm_form = EmptyConfirmForm(request)
elif request.method == 'POST':
confirm_form = PasswordConfirmForm(request, request.POST)
if confirm_form.is_valid():
reset_rate_limit('remove', request)
store_userid(request, remove=True)
request.GET = {'email': request.user.email}
return social_complete(request, 'email')
else:
confirm_form = PasswordConfirmForm(request)
return render(
request,
'accounts/removal.html',
{
'confirm_form': confirm_form,
'is_confirmation': is_confirmation
},
)
def setUp(self):
super(SearchViewTest, self).setUp()
self.translation = self.component.translation_set.get(
language_code='cs')
self.translate_url = self.translation.get_translate_url()
self.update_fulltext_index()
reset_rate_limit('search', address='127.0.0.1')
def setUp(self):
super().setUp()
self.translation = self.component.translation_set.get(
language_code="cs")
self.translate_url = self.translation.get_translate_url()
self.update_fulltext_index()
reset_rate_limit("search", address="127.0.0.1")
def clean(self):
username = self.cleaned_data.get("username")
password = self.cleaned_data.get("password")
if username and password:
if not check_rate_limit("login", self.request):
raise forms.ValidationError(
_("Too many authentication attempts from this location."))
self.user_cache = authenticate(self.request,
username=username,
password=password)
if self.user_cache is None:
for user in try_get_user(username, True):
audit = AuditLog.objects.create(
user,
self.request,
"failed-auth",
method="password",
name=username,
)
audit.check_rate_limit(self.request)
rotate_token(self.request)
raise forms.ValidationError(
self.error_messages["invalid_login"], code="invalid_login")
if not self.user_cache.is_active:
raise forms.ValidationError(self.error_messages["inactive"],
code="inactive")
AuditLog.objects.create(self.user_cache,
self.request,
"login",
method="password",
name=username)
adjust_session_expiry(self.request)
reset_rate_limit("login", self.request)
return self.cleaned_data
def clean(self):
username = self.cleaned_data.get('username')
password = self.cleaned_data.get('password')
if username and password:
if not check_rate_limit('login', self.request):
raise forms.ValidationError(
_('Too many authentication attempts from this location!')
)
self.user_cache = authenticate(
self.request, username=username, password=password
)
if self.user_cache is None:
for user in try_get_user(username, True):
audit = AuditLog.objects.create(
user,
self.request,
'failed-auth',
method='Password',
name=username,
)
audit.check_rate_limit(self.request)
rotate_token(self.request)
raise forms.ValidationError(
self.error_messages['invalid_login'], code='invalid_login'
)
if not self.user_cache.is_active:
raise forms.ValidationError(
self.error_messages['inactive'], code='inactive'
)
AuditLog.objects.create(
self.user_cache, self.request, 'login', method='Password', name=username
)
reset_rate_limit('login', self.request)
return self.cleaned_data
def setUp(self):
super(SearchViewTest, self).setUp()
self.translation = self.component.translation_set.get(
language_code='cs'
)
self.translate_url = self.translation.get_translate_url()
self.update_fulltext_index()
reset_rate_limit('search', address='127.0.0.1')
def test_add_mail(self, fails=False):
"""Adding mail to existing account."""
# Create user
self.perform_registration()
# Check adding e-mail page
response = self.client.post(reverse('social:begin', args=('email', )),
follow=True)
self.assertContains(response, 'Register e-mail')
# Try invalid address first
response = self.client.post(reverse('email_login'),
{'email': 'invalid'})
self.assertContains(response, 'has-error')
# Add e-mail account
response = self.client.post(reverse('email_login'),
{'email': '*****@*****.**'},
follow=True)
self.assertRedirects(response, reverse('email-sent'))
if fails:
self.assertEqual(len(mail.outbox), 1)
self.assert_notify_mailbox(mail.outbox[0])
return
# Verify confirmation mail
url = self.assert_registration_mailbox()
response = self.client.get(url, follow=True)
self.assertRedirects(response, reverse('confirm'))
# Enter wrong password
user = User.objects.get(username='******')
reset_rate_limit('confirm', user=user)
response = self.client.post(reverse('confirm'),
{'password': '******'})
self.assertContains(response, 'You have entered an invalid password.')
# Correct password
response = self.client.post(reverse('confirm'),
{'password': '******'},
follow=True)
self.assertRedirects(response,
'{0}#account'.format(reverse('profile')))
# Check database models
user = User.objects.get(username='******')
self.assertEqual(
VerifiedEmail.objects.filter(social__user=user).count(), 2)
self.assertTrue(
VerifiedEmail.objects.filter(social__user=user,
email='*****@*****.**').exists())
# Check notification
notification = mail.outbox.pop()
self.assert_notify_mailbox(notification)
def test_add_mail(self, fails=False):
"""Adding mail to existing account."""
# Create user
self.perform_registration()
# Check adding e-mail page
response = self.client.post(reverse("social:begin", args=("email", )),
follow=True)
self.assertContains(response, "Register e-mail")
# Try invalid address first
response = self.client.post(reverse("email_login"),
{"email": "invalid"})
self.assertContains(response, "has-error")
# Add e-mail account
response = self.client.post(reverse("email_login"),
{"email": "*****@*****.**"},
follow=True)
self.assertRedirects(response, reverse("email-sent"))
if fails:
self.assertEqual(len(mail.outbox), 1)
self.assert_notify_mailbox(mail.outbox[0])
return
# Verify confirmation mail
url = self.assert_registration_mailbox()
response = self.client.get(url, follow=True)
self.assertRedirects(response, reverse("confirm"))
# Enter wrong password
user = User.objects.get(username="******")
reset_rate_limit("confirm", user=user)
response = self.client.post(reverse("confirm"),
{"password": "******"})
self.assertContains(response, "You have entered an invalid password.")
# Correct password
response = self.client.post(reverse("confirm"),
{"password": "******"},
follow=True)
self.assertRedirects(response,
"{0}#account".format(reverse("profile")))
# Check database models
user = User.objects.get(username="******")
self.assertEqual(
VerifiedEmail.objects.filter(social__user=user).count(), 2)
self.assertTrue(
VerifiedEmail.objects.filter(social__user=user,
email="*****@*****.**").exists())
# Check notification
notification = mail.outbox.pop()
self.assert_notify_mailbox(notification)
def clean(self):
username = self.cleaned_data.get("username")
password = self.cleaned_data.get("password")
if username and password:
if not check_rate_limit("login", self.request):
lockout_period = get_rate_setting("login", "LOCKOUT") // 60
raise forms.ValidationError(
ngettext(
(
"Too many authentication attempts from this location. "
"Please try again in %d minute."
),
(
"Too many authentication attempts from this location. "
"Please try again in %d minutes."
),
lockout_period,
)
% lockout_period
)
self.user_cache = authenticate(
self.request, username=username, password=password
)
if self.user_cache is None:
for user in try_get_user(username, True):
audit = AuditLog.objects.create(
user,
self.request,
"failed-auth",
method="password",
name=username,
)
audit.check_rate_limit(self.request)
rotate_token(self.request)
raise forms.ValidationError(
self.error_messages["invalid_login"], code="invalid_login"
)
if not self.user_cache.is_active or self.user_cache.is_bot:
raise forms.ValidationError(
self.error_messages["inactive"], code="inactive"
)
AuditLog.objects.create(
self.user_cache, self.request, "login", method="password", name=username
)
adjust_session_expiry(self.request)
reset_rate_limit("login", self.request)
return self.cleaned_data
def clean(self):
username = self.cleaned_data.get('username')
password = self.cleaned_data.get('password')
if username and password:
if not check_rate_limit('login', self.request):
raise forms.ValidationError(
_('Too many authentication attempts from this location!')
)
self.user_cache = authenticate(
self.request,
username=username,
password=password
)
if self.user_cache is None:
for user in try_get_user(username, True):
notify_account_activity(
user,
self.request,
'failed-auth',
method=ugettext('Password'),
name=username,
)
rotate_token(self.request)
raise forms.ValidationError(
self.error_messages['invalid_login'],
code='invalid_login',
)
elif not self.user_cache.is_active:
raise forms.ValidationError(
self.error_messages['inactive'],
code='inactive',
)
else:
notify_account_activity(
self.user_cache,
self.request,
'login',
method=ugettext('Password'),
name=username,
)
reset_rate_limit('login', self.request)
return self.cleaned_data
def setUp(self):
# Ensure no rate limits are there
reset_rate_limit('test', address='1.2.3.4')
def setUp(self):
super(ViewTest, self).setUp()
reset_rate_limit('login', address='127.0.0.1')
reset_rate_limit('message', address='127.0.0.1')
def setUp(self):
super(ViewTest, self).setUp()
reset_rate_limit('login', address='127.0.0.1')
reset_rate_limit('message', address='127.0.0.1')
def setUp(self):
super().setUp()
reset_rate_limit("registration", address="127.0.0.1")
reset_rate_limit("login", address="127.0.0.1")
def setUp(self):
super(BaseRegistrationTest, self).setUp()
reset_rate_limit('registration', address='127.0.0.1')
reset_rate_limit('login', address='127.0.0.1')
def setUp(self):
super(BaseRegistrationTest, self).setUp()
reset_rate_limit('registration', address='127.0.0.1')
reset_rate_limit('login', address='127.0.0.1')
def reset_rate(self):
reset_rate_limit("language", user=self.user)
def setUp(self):
# Ensure no rate limits are there
reset_rate_limit('test', self.get_request())
def setUp(self):
# Ensure no rate limits are there
reset_rate_limit('test', address='1.2.3.4')
def setUp(self):
super().setUp()
reset_rate_limit("login", address="127.0.0.1")
reset_rate_limit("message", address="127.0.0.1")
def test_add_mail(self, fails=False):
"""Adding mail to existing account."""
# Create user
self.perform_registration()
# Check adding email page
response = self.client.post(
reverse('social:begin', args=('email',)),
follow=True,
)
self.assertContains(response, 'Register email')
# Try invalid address first
response = self.client.post(
reverse('email_login'),
{'email': 'invalid'},
)
self.assertContains(response, 'has-error')
# Add email account
response = self.client.post(
reverse('email_login'),
{'email': '*****@*****.**'},
follow=True,
)
self.assertRedirects(response, reverse('email-sent'))
if fails:
self.assertEqual(len(mail.outbox), 1)
self.assert_notify_mailbox(mail.outbox[0])
return
# Verify confirmation mail
url = self.assert_registration_mailbox()
response = self.client.get(url, follow=True)
self.assertRedirects(response, reverse('confirm'))
# Enter wrong password
user = User.objects.get(username='******')
reset_rate_limit('confirm', user=user)
response = self.client.post(
reverse('confirm'),
{'password': '******'}
)
self.assertContains(response, 'You have entered an invalid password.')
# Correct password
response = self.client.post(
reverse('confirm'),
{'password': '******'},
follow=True
)
self.assertRedirects(
response, '{0}#account'.format(reverse('profile'))
)
# Check database models
user = User.objects.get(username='******')
self.assertEqual(
VerifiedEmail.objects.filter(social__user=user).count(), 2
)
self.assertTrue(
VerifiedEmail.objects.filter(
social__user=user, email='*****@*****.**'
).exists()
)
# Check notification
notification = mail.outbox.pop()
self.assert_notify_mailbox(notification)
