def _wrapped_view(request, *args, **kwargs):
LOGGER.debug("Enters djaoapp.decorators.requires_authenticated")
redirect_url = fail_authenticated(request)
if redirect_url:
verification_key = kwargs.get('verification_key', None)
if verification_key:
contact = Contact.objects.filter(
verification_key=verification_key).first()
if not contact:
# Not a `Contact`, let's try `Role`.
role_model = get_role_model()
try:
role = role_model.objects.filter(
Q(grant_key=verification_key)
| Q(request_key=verification_key)).get()
contact, _ = Contact.objects.update_or_create_token(
role.user)
verification_key = contact.verification_key
except role_model.DoesNotExist:
pass
if contact and has_invalid_password(contact.user):
redirect_url = request.build_absolute_uri(
reverse('registration_activate',
args=(verification_key, )))
return redirect_or_denied(
request,
redirect_url,
redirect_field_name=redirect_field_name)
return view_func(request, *args, **kwargs)
def fail_authenticated(request, verification_key=None):
"""
Decorator for views that checks that the user is authenticated.
``django.contrib.auth.decorators.login_required`` will automatically
redirect to the login page. We wante to redirect to the activation
page when required, as well as raise a ``PermissionDenied``
instead when Content-Type is showing we are dealing with an API request.
"""
redirect = fail_authenticated_default(request)
if redirect:
if verification_key:
contact = Contact.objects.filter(
verification_key=verification_key).first()
if not contact:
# Not a `Contact`, let's try `Role`.
role_model = get_role_model()
try:
role = role_model.objects.filter(
Q(grant_key=verification_key)
| Q(request_key=verification_key)).get()
contact, _ = Contact.objects.update_or_create_token(
role.user)
verification_key = contact.verification_key
except role_model.DoesNotExist:
pass
if contact and has_invalid_password(contact.user):
redirect = request.build_absolute_uri(
reverse('registration_activate',
args=(verification_key, )))
return redirect
def user_relation_added_notice(sender, role, reason=None, **kwargs):
user = role.user
organization = role.organization
if user.email != organization.email:
if user.email:
back_url = reverse('organization_app', args=(organization, ))
if has_invalid_password(user):
if role.grant_key:
contact, _ = Contact.objects.get_or_create_token(
user, verification_key=role.grant_key)
else:
# The User is already in the system but the account
# has never been activated.
contact, _ = Contact.objects.get_or_create_token(
user,
verification_key=organization.generate_role_key(user))
user.save()
back_url = "%s?next=%s" % (reverse(
'registration_activate',
args=(contact.verification_key, )), back_url)
elif role.grant_key:
back_url = reverse('saas_role_grant_accept',
args=(user, role.grant_key))
site = get_current_site()
app = get_current_app()
context = {
'broker': get_broker(),
'app': app,
'back_url': site.as_absolute_uri(back_url),
'organization': organization,
'role': role.role_description.title,
'reason': reason if reason is not None else "",
'user': get_user_context(user)
}
reply_to = organization.email
request_user = kwargs.get('request_user', None)
if request_user:
reply_to = request_user.email
context.update(
{'request_user': get_user_context(request_user)})
LOGGER.debug("[signal] user_relation_added_notice(role=%s,"\
" reason=%s)", role, reason)
if SEND_EMAIL:
get_email_backend(connection=app.get_connection()).send(
from_email=app.get_from_email(),
recipients=[user.email],
reply_to=reply_to,
template=[("notification/%s_role_added.eml" %
role.role_description.slug),
"notification/role_added.eml"],
context=context)
else:
LOGGER.warning(
"%s will not be notified being added to %s"\
"because e-mail address is invalid.", user, organization)
def subscribe_grant_created_notice(sender,
subscription,
reason=None,
invite=False,
request=None,
**kwargs):
if subscription.grant_key:
user_context = get_user_context(request.user if request else None)
organization = subscription.organization
if organization.email:
site = get_current_site()
app = get_current_app()
back_url = site.as_absolute_uri(
reverse('subscription_grant_accept',
args=(
organization,
subscription.grant_key,
)))
manager = organization.with_role(saas_settings.MANAGER).first()
# The following line could as well be `if invite:`
if has_invalid_password(manager):
# The User is already in the system but the account
# has never been activated.
contact, _ = Contact.objects.get_or_create_token(
manager,
verification_key=organization.generate_role_key(manager))
manager.save()
back_url = "%s?next=%s" % (reverse(
'registration_activate',
args=(contact.verification_key, )), back_url)
LOGGER.debug("[signal] subscribe_grant_created_notice("\
" subscription=%s, reason=%s, invite=%s)",
subscription, reason, invite)
if SEND_EMAIL:
get_email_backend(connection=app.get_connection()).send(
from_email=app.get_from_email(),
recipients=[organization.email],
reply_to=user_context['email'],
template='notification/subscription_grant_created.eml',
context={
'broker': get_broker(),
'app': app,
'back_url': back_url,
'organization': organization,
'plan': subscription.plan,
'reason': reason if reason is not None else "",
'invite': invite,
'user': user_context
})
else:
LOGGER.warning(
"%s will not be notified of a subscription grant to %s"\
"because e-mail address is invalid.",
organization, subscription.plan)
def subscribe_grant_created_notice(sender, subscription, reason=None,
invite=False, request=None, **kwargs):
#pylint:disable=too-many-locals
if subscription.grant_key:
user_context = get_user_context(request.user if request else None)
organization = subscription.organization
back_url_base = reverse('subscription_grant_accept',
args=(organization, subscription.grant_key,))
LOGGER.debug("[signal] subscribe_grant_created_notice("\
" subscription=%s, reason=%s, invite=%s)",
subscription, reason, invite)
# We don't use `_notified_recipients` because
# 1. We need the actual User object to update/create a Contact
# 2. We should not send to the organization e-mail address
# because the e-mail there might not be linked to a manager.
managers = organization.with_role(saas_settings.MANAGER)
emails = kwargs.get('emails', None)
if emails:
managers = managers.filter(email__in=emails)
if not managers:
LOGGER.warning(
"%s will not be notified of a subscription grant to %s"\
" because there are no managers to send e-mails to.",
organization, subscription.plan)
for manager in managers:
# The following line could as well be `if invite:`
if has_invalid_password(manager):
# The User is already in the system but the account
# has never been activated.
#pylint:disable=unused-variable
contact, notused = Contact.objects.prepare_email_verification(
manager, manager.email)
back_url = "%s?next=%s" % (reverse('registration_activate',
args=(contact.verification_key,)), back_url_base)
else:
back_url = back_url_base
LOGGER.debug("[signal] would send subscribe_grant_created_notice"\
" for subscription '%s' to '%s'", subscription, manager.email)
if SEND_EMAIL:
site = get_current_site()
app = get_current_app()
_send_notification_email(site, [manager.email],
'notification/subscription_grant_created.eml',
reply_to=user_context['email'],
context={
'broker': get_broker(), 'app': app,
'back_url': site.as_absolute_uri(back_url),
'organization': organization,
'plan': subscription.plan,
'reason': reason if reason is not None else "",
'invite': invite,
'user': user_context})
def role_grant_created_notice(sender, role, reason=None, **kwargs):
user = role.user
organization = role.organization
if user.email != organization.email:
if user.email:
site = get_current_site()
if site:
back_url = reverse('organization_app', args=(organization, ))
if role.grant_key:
back_url = reverse('saas_role_grant_accept',
args=(role.grant_key, ))
if has_invalid_password(user):
reason = _("You have been invited to create an account"\
" to join %(organization)s.") % {
'organization': role.organization.printable_name}
Contact.objects.prepare_email_verification(user,
user.email,
reason=reason)
app = get_current_app()
context = {
'broker': get_broker(),
'app': app,
'back_url': site.as_absolute_uri(back_url),
'organization': organization,
'role': role.role_description.title,
'reason': reason if reason is not None else "",
'user': get_user_context(user)
}
reply_to = organization.email
request_user = kwargs.get('request_user', None)
if request_user:
reply_to = request_user.email
context.update(
{'request_user': get_user_context(request_user)})
LOGGER.debug("[signal] role_grant_created_notice(role=%s,"\
" reason=%s)", role, reason)
if SEND_EMAIL:
_send_notification_email(
site, [user.email],
[("notification/%s_role_grant_created.eml" %
role.role_description.slug),
"notification/role_grant_created.eml"],
reply_to=reply_to,
context=context)
else:
LOGGER.warning(
"%s will not be notified being added to %s"\
" because there is no site domain.", user, organization)
else:
LOGGER.warning(
"%s will not be notified being added to %s"\
" because e-mail address is invalid.", user, organization)
def fail_authenticated(request, verification_key=None):
"""
Decorator for views that checks that the user is authenticated.
``django.contrib.auth.decorators.login_required`` will automatically
redirect to the login page. We wante to redirect to the activation
page when required, as well as raise a ``PermissionDenied``
instead when Content-Type is showing we are dealing with an API request.
"""
try:
app = get_current_app()
#pylint:disable=unused-variable
redirect, matched, session = check_matched(request,
app,
prefixes=DEFAULT_PREFIXES)
except NoRuleMatch:
redirect = fail_authenticated_default(request)
if redirect:
if verification_key:
contact = Contact.objects.filter(
Q(email_verification_key=verification_key)
| Q(phone_verification_key=verification_key)).first()
if not contact:
# Not a `Contact`, let's try `Role`.
role_model = get_role_model()
try:
role = role_model.objects.filter(
Q(grant_key=verification_key)
| Q(request_key=verification_key)).get()
contact, _ = Contact.objects.prepare_email_verification(
role.user, role.user.email)
verification_key = contact.email_verification_key
except role_model.DoesNotExist:
pass
if contact and has_invalid_password(contact.user):
redirect = request.build_absolute_uri(
reverse('registration_activate',
args=(verification_key, )))
return redirect
