def _wrapped_view(request, *args, **kwargs): LOGGER.debug("Enters djaoapp.decorators.requires_authenticated") redirect_url = fail_authenticated(request) if redirect_url: verification_key = kwargs.get('verification_key', None) if verification_key: contact = Contact.objects.filter( verification_key=verification_key).first() if not contact: # Not a `Contact`, let's try `Role`. role_model = get_role_model() try: role = role_model.objects.filter( Q(grant_key=verification_key) | Q(request_key=verification_key)).get() contact, _ = Contact.objects.update_or_create_token( role.user) verification_key = contact.verification_key except role_model.DoesNotExist: pass if contact and has_invalid_password(contact.user): redirect_url = request.build_absolute_uri( reverse('registration_activate', args=(verification_key, ))) return redirect_or_denied( request, redirect_url, redirect_field_name=redirect_field_name) return view_func(request, *args, **kwargs)
def fail_authenticated(request, verification_key=None): """ Decorator for views that checks that the user is authenticated. ``django.contrib.auth.decorators.login_required`` will automatically redirect to the login page. We wante to redirect to the activation page when required, as well as raise a ``PermissionDenied`` instead when Content-Type is showing we are dealing with an API request. """ redirect = fail_authenticated_default(request) if redirect: if verification_key: contact = Contact.objects.filter( verification_key=verification_key).first() if not contact: # Not a `Contact`, let's try `Role`. role_model = get_role_model() try: role = role_model.objects.filter( Q(grant_key=verification_key) | Q(request_key=verification_key)).get() contact, _ = Contact.objects.update_or_create_token( role.user) verification_key = contact.verification_key except role_model.DoesNotExist: pass if contact and has_invalid_password(contact.user): redirect = request.build_absolute_uri( reverse('registration_activate', args=(verification_key, ))) return redirect
def user_relation_added_notice(sender, role, reason=None, **kwargs): user = role.user organization = role.organization if user.email != organization.email: if user.email: back_url = reverse('organization_app', args=(organization, )) if has_invalid_password(user): if role.grant_key: contact, _ = Contact.objects.get_or_create_token( user, verification_key=role.grant_key) else: # The User is already in the system but the account # has never been activated. contact, _ = Contact.objects.get_or_create_token( user, verification_key=organization.generate_role_key(user)) user.save() back_url = "%s?next=%s" % (reverse( 'registration_activate', args=(contact.verification_key, )), back_url) elif role.grant_key: back_url = reverse('saas_role_grant_accept', args=(user, role.grant_key)) site = get_current_site() app = get_current_app() context = { 'broker': get_broker(), 'app': app, 'back_url': site.as_absolute_uri(back_url), 'organization': organization, 'role': role.role_description.title, 'reason': reason if reason is not None else "", 'user': get_user_context(user) } reply_to = organization.email request_user = kwargs.get('request_user', None) if request_user: reply_to = request_user.email context.update( {'request_user': get_user_context(request_user)}) LOGGER.debug("[signal] user_relation_added_notice(role=%s,"\ " reason=%s)", role, reason) if SEND_EMAIL: get_email_backend(connection=app.get_connection()).send( from_email=app.get_from_email(), recipients=[user.email], reply_to=reply_to, template=[("notification/%s_role_added.eml" % role.role_description.slug), "notification/role_added.eml"], context=context) else: LOGGER.warning( "%s will not be notified being added to %s"\ "because e-mail address is invalid.", user, organization)
def subscribe_grant_created_notice(sender, subscription, reason=None, invite=False, request=None, **kwargs): if subscription.grant_key: user_context = get_user_context(request.user if request else None) organization = subscription.organization if organization.email: site = get_current_site() app = get_current_app() back_url = site.as_absolute_uri( reverse('subscription_grant_accept', args=( organization, subscription.grant_key, ))) manager = organization.with_role(saas_settings.MANAGER).first() # The following line could as well be `if invite:` if has_invalid_password(manager): # The User is already in the system but the account # has never been activated. contact, _ = Contact.objects.get_or_create_token( manager, verification_key=organization.generate_role_key(manager)) manager.save() back_url = "%s?next=%s" % (reverse( 'registration_activate', args=(contact.verification_key, )), back_url) LOGGER.debug("[signal] subscribe_grant_created_notice("\ " subscription=%s, reason=%s, invite=%s)", subscription, reason, invite) if SEND_EMAIL: get_email_backend(connection=app.get_connection()).send( from_email=app.get_from_email(), recipients=[organization.email], reply_to=user_context['email'], template='notification/subscription_grant_created.eml', context={ 'broker': get_broker(), 'app': app, 'back_url': back_url, 'organization': organization, 'plan': subscription.plan, 'reason': reason if reason is not None else "", 'invite': invite, 'user': user_context }) else: LOGGER.warning( "%s will not be notified of a subscription grant to %s"\ "because e-mail address is invalid.", organization, subscription.plan)
def subscribe_grant_created_notice(sender, subscription, reason=None, invite=False, request=None, **kwargs): #pylint:disable=too-many-locals if subscription.grant_key: user_context = get_user_context(request.user if request else None) organization = subscription.organization back_url_base = reverse('subscription_grant_accept', args=(organization, subscription.grant_key,)) LOGGER.debug("[signal] subscribe_grant_created_notice("\ " subscription=%s, reason=%s, invite=%s)", subscription, reason, invite) # We don't use `_notified_recipients` because # 1. We need the actual User object to update/create a Contact # 2. We should not send to the organization e-mail address # because the e-mail there might not be linked to a manager. managers = organization.with_role(saas_settings.MANAGER) emails = kwargs.get('emails', None) if emails: managers = managers.filter(email__in=emails) if not managers: LOGGER.warning( "%s will not be notified of a subscription grant to %s"\ " because there are no managers to send e-mails to.", organization, subscription.plan) for manager in managers: # The following line could as well be `if invite:` if has_invalid_password(manager): # The User is already in the system but the account # has never been activated. #pylint:disable=unused-variable contact, notused = Contact.objects.prepare_email_verification( manager, manager.email) back_url = "%s?next=%s" % (reverse('registration_activate', args=(contact.verification_key,)), back_url_base) else: back_url = back_url_base LOGGER.debug("[signal] would send subscribe_grant_created_notice"\ " for subscription '%s' to '%s'", subscription, manager.email) if SEND_EMAIL: site = get_current_site() app = get_current_app() _send_notification_email(site, [manager.email], 'notification/subscription_grant_created.eml', reply_to=user_context['email'], context={ 'broker': get_broker(), 'app': app, 'back_url': site.as_absolute_uri(back_url), 'organization': organization, 'plan': subscription.plan, 'reason': reason if reason is not None else "", 'invite': invite, 'user': user_context})
def role_grant_created_notice(sender, role, reason=None, **kwargs): user = role.user organization = role.organization if user.email != organization.email: if user.email: site = get_current_site() if site: back_url = reverse('organization_app', args=(organization, )) if role.grant_key: back_url = reverse('saas_role_grant_accept', args=(role.grant_key, )) if has_invalid_password(user): reason = _("You have been invited to create an account"\ " to join %(organization)s.") % { 'organization': role.organization.printable_name} Contact.objects.prepare_email_verification(user, user.email, reason=reason) app = get_current_app() context = { 'broker': get_broker(), 'app': app, 'back_url': site.as_absolute_uri(back_url), 'organization': organization, 'role': role.role_description.title, 'reason': reason if reason is not None else "", 'user': get_user_context(user) } reply_to = organization.email request_user = kwargs.get('request_user', None) if request_user: reply_to = request_user.email context.update( {'request_user': get_user_context(request_user)}) LOGGER.debug("[signal] role_grant_created_notice(role=%s,"\ " reason=%s)", role, reason) if SEND_EMAIL: _send_notification_email( site, [user.email], [("notification/%s_role_grant_created.eml" % role.role_description.slug), "notification/role_grant_created.eml"], reply_to=reply_to, context=context) else: LOGGER.warning( "%s will not be notified being added to %s"\ " because there is no site domain.", user, organization) else: LOGGER.warning( "%s will not be notified being added to %s"\ " because e-mail address is invalid.", user, organization)
def fail_authenticated(request, verification_key=None): """ Decorator for views that checks that the user is authenticated. ``django.contrib.auth.decorators.login_required`` will automatically redirect to the login page. We wante to redirect to the activation page when required, as well as raise a ``PermissionDenied`` instead when Content-Type is showing we are dealing with an API request. """ try: app = get_current_app() #pylint:disable=unused-variable redirect, matched, session = check_matched(request, app, prefixes=DEFAULT_PREFIXES) except NoRuleMatch: redirect = fail_authenticated_default(request) if redirect: if verification_key: contact = Contact.objects.filter( Q(email_verification_key=verification_key) | Q(phone_verification_key=verification_key)).first() if not contact: # Not a `Contact`, let's try `Role`. role_model = get_role_model() try: role = role_model.objects.filter( Q(grant_key=verification_key) | Q(request_key=verification_key)).get() contact, _ = Contact.objects.prepare_email_verification( role.user, role.user.email) verification_key = contact.email_verification_key except role_model.DoesNotExist: pass if contact and has_invalid_password(contact.user): redirect = request.build_absolute_uri( reverse('registration_activate', args=(verification_key, ))) return redirect