def post(self, request, code=None, case_id=None, *args, **kwargs):
self.update_session(request, request.POST.dict())
errors = validate(request.session["registration"], self.validators)
redirect_postfix = f"{code}/{case_id}/" if code and case_id else ""
if not errors:
return redirect(f"/accounts/register/3/{redirect_postfix}")
else:
return redirect(f"/accounts/register/2/{redirect_postfix}")
def get(self, request, *args, **kwargs):
"""
:param self: A Tweets instance
:param request: An HttpRequest
"""
try:
if "keyword" not in request.GET:
return HttpResponseBadRequest("keyword required")
keyword = request.GET.get("keyword")
schema = {'type': 'string', 'default': 'halo'}
utils.validate(keyword, schema)
result = Stubs.getTweets(request, keyword, )
if type(result) is tuple:
result, headers, status = result
else:
headers = {}
status = 200
# The result may contain fields with date or datetime values that will not
# pass JSON validation. We first create the response, and then maybe validate
# the response content against the schema.
response = JsonResponse(result, status=status, safe=False)
maybe_validate_result(response.content, self.GET_RESPONSE_SCHEMA)
for key, val in headers.items():
response[key] = val
return response
except PermissionDenied as pd:
LOGGER.exception("403")
return HttpResponseForbidden("Permission Denied: {}".format(str(pd)))
except ObjectDoesNotExist as dne:
LOGGER.exception("404")
return HttpResponseNotFound("Not Found: {}".format(str(dne)))
except ValidationError as ve:
LOGGER.exception("400")
return HttpResponseBadRequest("Parameter validation failed: {}".format(ve.message))
except ValueError as ve:
LOGGER.exception("400")
return HttpResponseBadRequest("Parameter validation failed: {}".format(ve))
except Exception as e:
LOGGER.exception("500")
return JsonResponse(str(e), status=500, safe=False)
def test_email_validator(self):
for email, is_valid, description in self.test_cases:
with self.subTest(email=email, is_valid=is_valid, description=description):
errors = validate(data={"email": email}, validators=base_registration_validators)
email_errors = errors.get("email")
if is_valid:
self.assertIsNone(email_errors, description)
else:
self.assertIsNotNone(email_errors, description)
def post(self,
request,
code=None,
case_id=None,
*args,
**kwargs): # noqa: C901
self.default_session(request)
redirect_postfix = f"{code}/{case_id}/" if code and case_id else ""
request.session["registration"].update(request.POST.dict())
errors = validate(request.session["registration"],
registration_validators)
if request.session["registration"].get("password") != request.session[
"registration"].get("password_confirm"):
errors["password_confirm"] = "Passwords do not match"
if not request.session["registration"].get("email"):
errors["email"] = "Email is required"
if not errors:
session_reg = request.session.get("registration", {})
if (session_reg.get("code") and session_reg.get("case_id")
and session_reg.get("confirm_invited_org") is True):
invitee_sec_group = get(request.session["registration"],
"invite/organisation_security_group")
if invitee_sec_group == SECURITY_GROUP_THIRD_PARTY_USER:
# Use the third party invitee's organisation
organisation_id = get(request.session["registration"],
"invite/contact/organisation/id")
else:
organisation_id = get(request.session["registration"],
"invite/organisation/id")
organisation = self.trusted_client.get_organisation(
organisation_id=organisation_id)
field_map = {
"id": "organisation_id",
"name": "organisation_name",
"address": "organisation_address",
}
out = {}
organisation_country_code = get(organisation, "country/code")
if organisation_country_code:
out["organisation_country_code"] = organisation_country_code
out["uk_company"] = "yes" if organisation_country_code == "GB" else "no"
for field, value in organisation.items():
out_field = field_map.get(field) or field
out[out_field] = value
self.update_session(request, out)
if organisation_country_code:
return redirect("/accounts/register/3/")
return redirect("/accounts/register/2/")
elif (session_reg.get("code") and session_reg.get("case_id")
and not session_reg.get("confirm_invited_org")):
return redirect(f"/accounts/register/2/{redirect_postfix}")
return redirect("/accounts/register/2/")
return redirect(f"/accounts/register/{redirect_postfix}?error")
def test_password_validator(self):
for password, is_valid, description in self.password_validation_test_cases:
with self.subTest(password=password,
is_valid=is_valid,
description=description):
errors = validate(data={"password": password},
validators=registration_validators)
password_errors = errors.get("password")
if is_valid:
self.assertIsNone(password_errors)
else:
self.assertIsNotNone(password_errors)
def post(self, request, code=None, case_id=None, *args, **kwargs):
redirect_postfix = f"{code}/{case_id}/" if code and case_id else ""
if "registration" not in request.session:
return redirect(f"/accounts/register/{redirect_postfix}")
self.update_session(request, request.POST.dict())
errors = validate(request.session["registration"], self.validators)
if not errors:
return redirect(f"/accounts/register/5/{redirect_postfix}")
else:
request.session["registration"]["errors"] = errors
request.session.modified = True
return redirect(f"/accounts/register/4/{redirect_postfix}")
def post(self, request, code=None, case_id=None, *args, **kwargs):
redirect_postfix = f"{code}/{case_id}/" if code and case_id else ""
if "registration" not in request.session:
return redirect(f"/accounts/register/{redirect_postfix}")
self.update_session(request, request.POST.dict())
request.session["registration"].pop("errors", None) # Clear existing
errors = validate(request.session["registration"],
self.validators) or {}
if get(request.session["registration"], "uk_company") == "no":
errors.update(
validate(request.session["registration"],
self.country_validator) or {})
if not errors:
next_page = ("5" if request.session["registration"].get(
"same_contact_address") == "yes" else "4")
return redirect(
f"/accounts/register/{next_page}/{redirect_postfix}")
else:
request.session["registration"]["errors"] = errors
request.session.modified = True
return redirect(f"/accounts/register/3/{redirect_postfix}")
def post(self,
request,
code=None,
case_id=None,
*args,
**kwargs): # noqa: C901
redirect_postfix = f"{code}/{case_id}/" if code and case_id else ""
if "registration" not in request.session:
return redirect("/accounts/register/")
self.update_session(request, request.POST.dict())
# prepend http to the url if not provided
_website = request.session["registration"].get("organisation_website")
if _website and not _website.startswith("http"):
request.session["registration"][
"organisation_website"] = "http://" + _website
request.session.modified = True
errors = validate(request.session["registration"], self.validators)
if not errors:
if "countries" in request.session["registration"]:
del request.session["registration"]["countries"]
if all([
bool(request.session["registration"].get(key))
for key in self.required_fields
]):
session_reg = request.session["registration"]
response = self.trusted_client.register_public(**session_reg)
if response.get("success"):
request.session.modified = True
if settings.AUTO_LOGIN:
auth_response = self.trusted_client.authenticate(
session_reg["email"], session_reg["password"])
if auth_response:
if auth_response.get("needs_verify"):
request.session["registration"] = {}
return redirect("/email/verify/")
elif auth_response.get("token"):
request.session.clear()
request.session["token"] = auth_response[
"token"]
request.session["user"] = auth_response["user"]
return redirect("/dashboard/?welcome=true")
else:
request.session["registration"]["errors"] = response.get(
"error")
request.session.modified = True
return redirect(f"/accounts/register/5/{redirect_postfix}")
def post(self, request, *args, **kwargs): # noqa: C901
email = request.POST.get("email")
password = request.POST.get("password")
code = request.POST.get("code")
short_code = request.POST.get("short_code")
case_id = request.POST.get("case_id")
errors = validate({"email": email, "password": password}, base_registration_validators)
if errors:
request.session["errors"] = errors
return redirect("/accounts/login/?error")
try:
response = self.trusted_client.authenticate(
email,
password,
user_agent=request.META["HTTP_USER_AGENT"],
ip_address=request.META["REMOTE_ADDR"],
code=code,
case_id=case_id,
)
if response and response.get("token"):
# TODO: Temporary application state initialisation
request.session.clear()
request.session["application"] = {}
# TODO: Tmp app state end
# Force 2fa for every public login
request.session["force_2fa"] = True
request.session["token"] = response["token"]
request.session["user"] = response["user"]
request.session["version"] = response.get("version")
redirection_url = request.POST.get("next") or "/dashboard/"
if len(request.session["user"].get("organisations", [])) == 1:
request.session["organisation_id"] = request.session["user"]["organisations"][
0
]["id"]
request.session.modified = True
request.session.cycle_key()
return internal_redirect(redirection_url, "/dashboard/")
else:
if case_id and code:
return redirect(f"/accounts/login/{code}/{case_id}/?error=t")
elif short_code:
return redirect(f"/accounts/login/?error=t&short_code={short_code}")
else:
return redirect("/accounts/login/?error=t")
except Exception as exc:
detail = ""
if hasattr(exc, "response"):
try:
if exc.response.status_code == 401:
try:
detail = exc.response.json().get("detail")
except Exception:
detail = """You have entered an incorrect email address or password.
Please try again or click on the
Forgotten password link below."""
else:
response = exc.response.json()
detail = response.get("detail")
except json.decoder.JSONDecodeError:
detail = exc.response.text
else:
detail = str(exc)
request.session["errors"] = {"email": detail}
request.session.modified = True
if case_id and code:
return redirect(f"/accounts/login/{code}/{case_id}/?error")
else:
return redirect("/accounts/login/?error")
def maybe_validate_result(result_string, schema):
if VALIDATE_RESPONSES:
try:
utils.validate(json.loads(result_string, encoding="utf8"), schema)
except ValidationError as e:
LOGGER.error(e.message)
