def create_user(self, claims): """Return object for a newly created user account.""" # Overriding lib's logic, use preferred_username from oidc as username username = claims.get( import_from_settings('OIDC_USERNAME_ATTRIBUTE', 'preferred_username'), '') email = claims.get('email', '') first_name = claims.get('given_name', '') last_name = claims.get('family_name', '') if not username: if not email: LOG.debug( "OpenID Connect no username and email while creating new user" ) return None username = default_username_algo(email) return self.UserModel.objects.create_user( username=username, email=email, first_name=first_name, last_name=last_name, is_superuser=self.is_hue_superuser(claims))
def create_user(self, claims): """ Create a user account for the given claims. This method is overridden to ensure we create a user account which will work in the DUA world. """ username = claims.get("preferred_username", default_username_algo(claims["email"])) user = self.UserModel(username=username, email=claims["email"]) user._disable_account_creation = True user.set_unusable_password() user.save() extra = {} if claims.get("zoneinfo"): extra["timezone"] = claims["zoneinfo"] if claims.get("locale"): extra["language"] = claims["locale"] Account.create(**{ "request": self.request, "user": user, "create_email": False, **extra, }) if claims.get("email_verified", False): EmailAddress.objects.create( email=user.email, verified=True, primary=True, ) else: EmailAddress.objects.add_email(user, user.email, confirm=True) return user
def handle(self, *args, **options): email = options['email'] if not email: email = input('Email: ').strip() if ' ' in email or email.count('@') != 1: raise CommandError(f'Invalid email {email!r}') try: user = User.objects.get(email__iexact=email) except User.DoesNotExist: username_algo = import_from_settings('OIDC_USERNAME_ALGO', None) if username_algo: username = username_algo(email) else: username = default_username_algo(email) user = User.objects.create( username=username, email=email, ) user.set_unusable_password() self.stdout.write(self.style.WARNING('User created')) user.is_superuser = not user.is_superuser user.is_active = True # just to be sure user.save() if user.is_superuser: self.stdout.write( self.style.SUCCESS(f'{email} PROMOTED to superuser')) else: self.stdout.write( self.style.WARNING(f'{email} DEMOTED to superuser'))
def handle(self, *args, **options): jsonfile = options['jsonfile'] if jsonfile: with open(jsonfile) as f: users = json.load(f) else: # Reading from stdin is convenient since the host and # docker don't necessary share filesystem. users = json.load(sys.stdin) self.stdout.write(self.style.SUCCESS(f'Import {len(users)} users')) uploaders = Group.objects.get(name='Uploaders') count_creations = 0 for email in users: try: user = User.objects.get(email=email) except User.DoesNotExist: username_algo = import_from_settings('OIDC_USERNAME_ALGO', None) if username_algo: username = username_algo(email) else: username = default_username_algo(email) user = User.objects.create( username=username, email=email, ) user.set_unusable_password() self.stdout.write( self.style.SUCCESS(f'User created ({user.email})')) # Put the user in the Uploaders group so they can have # the right permissions they need when they generate # their API tokens. user.groups.add(uploaders) tokens = users[email] if not tokens: self.stdout.write( self.style.WARNING( f'{user.email} has no active API tokens')) for token in tokens: if Token.objects.filter(user=user, key=token['key']): continue Token.objects.create(user=user, key=token['key'], notes=token['notes'], expires_at=token['expires']) count_creations += 1 self.stdout.write( self.style.SUCCESS(f'Created {count_creations} API tokens'))
def create_user(self, claims): """Return object for a newly created user account.""" # Overriding lib's logic, use preferred_username from oidc as username username = claims.get(import_from_settings('OIDC_USERNAME_ATTRIBUTE', 'preferred_username'), '') email = claims.get('email', '') first_name = claims.get('given_name', '') last_name = claims.get('family_name', '') if not username: if not email: LOG.debug("OpenID Connect no username and email while creating new user") return None username = default_username_algo(email) return self.UserModel.objects.create_user(username=username, email=email, first_name=first_name, last_name=last_name, is_superuser=self.is_hue_superuser(claims))
def run_test(self, data, expected): actual = default_username_algo(data) self.assertEqual(actual, expected) self.assertEqual(type(actual), type(expected))