def save(self): """ Generate a random username before falling back to parent signup form """ while True: username = sha_constructor(str(random.random())).hexdigest()[:5] try: get_user_model().objects.get(username__iexact=username) except get_user_model().DoesNotExist: break self.cleaned_data['username'] = username return super(SignupFormOnlyEmail, self).save()
def __init__(self, user, *args, **kwargs): """ The current ``user`` is needed for initialisation of this form so that we can check if the email address is still free and not always returning ``True`` for this query because it's the users own e-mail address. """ super(ChangeEmailForm, self).__init__(*args, **kwargs) if not isinstance(user, get_user_model()): raise TypeError, "user must be an instance of %s" % get_user_model().__name__ else: self.user = user
def check_permissions(self): """ Checks that all permissions are set correctly for the users. :return: A set of users whose permissions was wrong. """ # Variable to supply some feedback changed_permissions = [] changed_users = [] warnings = [] # Check that all the permissions are available. for model, perms in ASSIGNED_PERMISSIONS.items(): if model == 'profile': model_obj = get_profile_model() else: model_obj = get_user_model() model_content_type = ContentType.objects.get_for_model(model_obj) for perm in perms: try: Permission.objects.get(codename=perm[0], content_type=model_content_type) except Permission.DoesNotExist: changed_permissions.append(perm[1]) Permission.objects.create(name=perm[1], codename=perm[0], content_type=model_content_type) # it is safe to rely on settings.ANONYMOUS_USER_ID since it is a # requirement of django-guardian for user in get_user_model().objects.exclude(id=settings.ANONYMOUS_USER_ID): try: user_profile = user.get_profile() except ObjectDoesNotExist: warnings.append(_("No profile found for %(username)s") \ % {'username': user.username}) else: all_permissions = get_perms(user, user_profile) + get_perms(user, user) for model, perms in ASSIGNED_PERMISSIONS.items(): if model == 'profile': perm_object = user.get_profile() else: perm_object = user for perm in perms: if perm[0] not in all_permissions: assign(perm[0], user, perm_object) changed_users.append(user) return (changed_permissions, changed_users, warnings)
def clean_email(self): """ Validate that the e-mail address is unique. """ if get_user_model().objects.filter(email__iexact=self.cleaned_data['email']): if UserenaSignup.objects.filter(user__email__iexact=self.cleaned_data['email']).exclude(activation_key=userena_settings.USERENA_ACTIVATED): raise forms.ValidationError(_('This email is already in use but not confirmed. Please check you email for verification steps.')) raise forms.ValidationError(_('This email is already in use. Please supply a different email.')) return self.cleaned_data['email']
def clean_email(self): """ Validate that the email is not already registered with another user """ if self.cleaned_data['email'].lower() == self.user.email: raise forms.ValidationError(_(u'You\'re already known under this email.')) if get_user_model().objects.filter(email__iexact=self.cleaned_data['email']).exclude(email__iexact=self.user.email): raise forms.ValidationError(_(u'This email is already in use. Please supply a different email.')) return self.cleaned_data['email']
def authenticate(self, identification, password=None, check_password=True): """ Authenticates a user through the combination email/username with password. :param identification: A string containing the username or e-mail of the user that is trying to authenticate. :password: Optional string containing the password for the user. :param check_password: Boolean that defines if the password should be checked for this user. Always keep this ``True``. This is only used by userena at activation when a user opens a page with a secret hash. :return: The signed in :class:`User`. """ User = get_user_model() if email_re.search(identification): try: user = User.objects.get(email__iexact=identification) except User.DoesNotExist: return None else: try: user = User.objects.get(username__iexact=identification) except User.DoesNotExist: return None if check_password: if user.check_password(password): return user return None else: return user
def clean_username(self): """ Validate that the username is alphanumeric and is not already in use. Also validates that the username is not listed in ``USERENA_FORBIDDEN_USERNAMES`` list. """ try: user = get_user_model().objects.get(username__iexact=self.cleaned_data['username']) except get_user_model().DoesNotExist: pass else: if UserenaSignup.objects.filter(user__username__iexact=self.cleaned_data['username']).exclude(activation_key=userena_settings.USERENA_ACTIVATED): raise forms.ValidationError(_('This username is already taken but not confirmed. Please check you email for verification steps.')) raise forms.ValidationError(_('This username is already taken.')) if self.cleaned_data['username'].lower() in userena_settings.USERENA_FORBIDDEN_USERNAMES: raise forms.ValidationError(_('This username is not allowed.')) return self.cleaned_data['username']
def create_user(self, username, email, password, active=False, send_email=True): """ A simple wrapper that creates a new :class:`User`. :param username: String containing the username of the new user. :param email: String containing the email address of the new user. :param password: String containing the password for the new user. :param active: Boolean that defines if the user requires activation by clicking on a link in an e-mail. Defaults to ``False``. :param send_email: Boolean that defines if the user should be sent an email. You could set this to ``False`` when you want to create a user in your own code, but don't want the user to activate through email. :return: :class:`User` instance representing the new user. """ now = get_datetime_now() new_user = get_user_model().objects.create_user( username, email, password) new_user.is_active = active new_user.save() userena_profile = self.create_userena_profile(new_user) # All users have an empty profile profile_model = get_profile_model() try: new_profile = new_user.get_profile() except profile_model.DoesNotExist: new_profile = profile_model(user=new_user) new_profile.save(using=self._db) # Give permissions to view and change profile for perm in ASSIGNED_PERMISSIONS['profile']: assign(perm[0], new_user, new_profile) # Give permissions to view and change itself for perm in ASSIGNED_PERMISSIONS['user']: assign(perm[0], new_user, new_user) if send_email: userena_profile.send_activation_email() return new_user
def delete_expired_users(self): """ Checks for expired users and delete's the ``User`` associated with it. Skips if the user ``is_staff``. :return: A list containing the deleted users. """ deleted_users = [] for user in get_user_model().objects.filter(is_staff=False, is_active=False): if user.userena_signup.activation_key_expired(): deleted_users.append(user) user.delete() return deleted_users
def test_signin_redirect(self): """ Test redirect function which should redirect the user after a succesfull signin. """ # Test with a requested redirect self.failUnlessEqual(signin_redirect(redirect='/accounts/'), '/accounts/') # Test with only the user specified user = get_user_model().objects.get(pk=1) self.failUnlessEqual(signin_redirect(user=user), '/accounts/%s/' % user.username) # The ultimate fallback, probably never used self.failUnlessEqual(signin_redirect(), settings.LOGIN_REDIRECT_URL)
def can_view_profile(self, user): """ Can the :class:`User` view this profile? Returns a boolean if a user has the rights to view the profile of this user. Users are divided into four groups: ``Open`` Everyone can view your profile ``Closed`` Nobody can view your profile. ``Registered`` Users that are registered on the website and signed in only. ``Admin`` Special cases like superadmin and the owner of the profile. Through the ``privacy`` field a owner of an profile can define what they want to show to whom. :param user: A Django :class:`User` instance. """ # Simple cases first, we don't want to waste CPU and DB hits. # Everyone. if self.privacy == 'open': return True # Registered users. elif self.privacy == 'registered' \ and isinstance(user, get_user_model()): return True # Checks done by guardian for owner and admins. elif 'view_profile' in get_perms(user, self): return True # Fallback to closed profile. return False
def test_change_email_form(self): user = get_user_model().objects.get(pk=1) invalid_data_dicts = [ # No change in e-mail address {'data': {'email': '*****@*****.**'}, 'error': ('email', [u'You\'re already known under this email.'])}, # An e-mail address used by another {'data': {'email': '*****@*****.**'}, 'error': ('email', [u'This email is already in use. Please supply a different email.'])}, ] for invalid_dict in invalid_data_dicts: form = forms.ChangeEmailForm(user, data=invalid_dict['data']) self.failIf(form.is_valid()) self.assertEqual(form.errors[invalid_dict['error'][0]], invalid_dict['error'][1]) # Test a valid post form = forms.ChangeEmailForm(user, data={'email': '*****@*****.**'}) self.failUnless(form.is_valid())
def test_save_msg(self): """ Test valid data """ valid_data = {'to': 'john, jane', 'body': 'Body'} form = ComposeForm(data=valid_data) self.failUnless(form.is_valid()) # Save the form. sender = get_user_model().objects.get(username='******') msg = form.save(sender) # Check if the values are set correctly self.failUnlessEqual(msg.body, valid_data['body']) self.failUnlessEqual(msg.sender, sender) self.failUnless(msg.sent_at) # Check recipients self.failUnlessEqual(msg.recipients.all()[0].username, 'jane') self.failUnlessEqual(msg.recipients.all()[1].username, 'john')
def clean(self, value): super(CommaSeparatedUserField, self).clean(value) names = set(value.split(',')) names_set = set([name.strip() for name in names]) users = list(get_user_model().objects.filter(username__in=names_set)) # Check for unknown names. unknown_names = names_set ^ set([user.username for user in users]) recipient_filter = self._recipient_filter invalid_users = [] if recipient_filter is not None: for r in users: if recipient_filter(r) is False: users.remove(r) invalid_users.append(r.username) if unknown_names or invalid_users: humanized_usernames = ', '.join(list(unknown_names) + invalid_users) raise forms.ValidationError(_("The following usernames are incorrect: %(users)s.") % {'users': humanized_usernames}) return users
def get_user(self, user_id): User = get_user_model() try: return User.objects.get(pk=user_id) except User.DoesNotExist: return None
from django.test import TestCase from django.core.urlresolvers import reverse from django.conf import settings from apps.userena.contrib.umessages.forms import ComposeForm from apps.userena.contrib.umessages.models import Message, MessageRecipient from apps.userena.utils import get_user_model User = get_user_model() class MessagesViewsTests(TestCase): fixtures = ["users", "messages"] def _test_login(self, named_url, **kwargs): """ Test that the view requires login """ response = self.client.get(reverse(named_url, **kwargs)) self.assertEqual(response.status_code, 302) def test_compose(self): """ A ``GET`` to the compose view """ # Login is required. self._test_login("userena_umessages_compose") # Sign in client = self.client.login(username="******", password="******") response = self.client.get(reverse("userena_umessages_compose")) self.assertEqual(response.status_code, 200) self.assertTemplateUsed(response, "umessages/message_form.html")
from django.contrib import admin from django.contrib.auth.admin import UserAdmin from django.utils.translation import ugettext as _ from guardian.admin import GuardedModelAdmin from apps.userena.models import UserenaSignup from apps.userena.utils import get_profile_model, get_user_model class UserenaSignupInline(admin.StackedInline): model = UserenaSignup max_num = 1 class UserenaAdmin(UserAdmin, GuardedModelAdmin): inlines = [UserenaSignupInline, ] list_display = ('username', 'email', 'first_name', 'last_name', 'is_staff', 'is_active', 'date_joined') list_filter = ('is_staff', 'is_superuser', 'is_active') admin.site.unregister(get_user_model()) admin.site.register(get_user_model(), UserenaAdmin) admin.site.register(get_profile_model())