def census_send_auth_task(pk, ip, config=None, userids=None, **kwargs):
"""
Send an auth token to census
"""
from .models import AuthEvent, ACL
e = get_object_or_404(AuthEvent, pk=pk)
if e.status != "started":
print("event is stopped, ignoring request..")
return
census = []
if userids is None:
census = ACL.objects.filter(perm="vote",
object_type="AuthEvent",
object_id=str(pk))
census = [i.user.user.id for i in census]
else:
census = userids
extend_errors = plugins.call("extend_send_message", e, len(census), kwargs)
if extend_errors:
# Only can return one error at least for now
return extend_errors[0]
send_codes.apply_async(args=[census, ip, config])
def resend_auth_code(self, ae, request):
req = json.loads(request.body.decode('utf-8'))
msg = ''
if req.get('tlf'):
req['tlf'] = get_cannonical_tlf(req.get('tlf'))
tlf = req.get('tlf')
if isinstance(tlf, str):
tlf = tlf.strip()
msg += check_field_type(self.tlf_definition, tlf, 'authenticate')
msg += check_field_value(self.tlf_definition, tlf, 'authenticate')
if msg:
return self.error("Incorrect data", error_codename="invalid_credentials")
try:
u = User.objects.get(userdata__tlf=tlf, userdata__event=ae, is_active=True)
except:
return self.error("Incorrect data", error_codename="invalid_credentials")
msg = check_pipeline(
request,
ae,
'resend-auth-pipeline',
Sms.PIPELINES['resend-auth-pipeline'])
if msg:
return self.error("Incorrect data", error_codename="invalid_credentials")
result = plugins.call("extend_send_sms", ae, 1)
if result:
return self.error("Incorrect data", error_codename="invalid_credentials")
send_codes.apply_async(args=[[u.id,], get_client_ip(request)])
return {'status': 'ok'}
def register(self, ae, request):
req = json.loads(request.body.decode('utf-8'))
msg = check_pipeline(request, ae)
if msg:
return self.error("Incorrect data",
error_codename="invalid_credentials")
# create the user as active? Usually yes, but the execute_pipeline call inside
# check_fields_in_request might modify this
req['active'] = True
msg = ''
if req.get('tlf'):
req['tlf'] = get_cannonical_tlf(req.get('tlf'))
tlf = req.get('tlf')
if isinstance(tlf, str):
tlf = tlf.strip()
msg += check_field_type(self.tlf_definition, tlf)
msg += check_field_value(self.tlf_definition, tlf)
msg += check_fields_in_request(req, ae)
if msg:
return self.error("Incorrect data",
error_codename="invalid_credentials")
# get active from req, this value might have changed in check_fields_in_requests
active = req.pop('active')
msg_exist = exist_user(req, ae, get_repeated=True)
if msg_exist:
u = msg_exist.get('user')
if u.is_active:
return self.error("Incorrect data",
error_codename="invalid_credentials")
else:
u = create_user(req, ae, active)
msg += give_perms(u, ae)
if msg:
return self.error("Incorrect data",
error_codename="invalid_credentials")
elif not active:
# Note, we are not calling to extend_send_sms because we are not
# sending the code in here
return {'status': 'ok'}
result = plugins.call("extend_send_sms", ae, 1)
if result:
return self.error("Incorrect data",
error_codename="invalid_credentials")
send_codes.apply_async(args=[[
u.id,
], get_client_ip(request)])
return {'status': 'ok'}
def post(self, request, pk):
permission_required(request.user, 'AuthEvent', 'edit', pk)
ae = get_object_or_404(AuthEvent, pk=pk)
req = json.loads(request.body.decode('utf-8'))
for uid in req.get('user-ids'):
u = get_object_or_404(User, pk=uid, userdata__event=ae)
u.is_active = self.activate
u.save()
if self.activate:
send_codes.apply_async(args=[[u for u in req.get('user-ids')], get_client_ip(request)])
return json_response()
def post(self, request, pk):
permission_required(request.user, 'AuthEvent', 'edit', pk)
ae = get_object_or_404(AuthEvent, pk=pk)
req = json.loads(request.body.decode('utf-8'))
for uid in req.get('user-ids'):
u = get_object_or_404(User, pk=uid, userdata__event=ae)
u.is_active = self.activate
u.save()
if self.activate:
send_codes.apply_async(args=[[u for u in req.get('user-ids')],
get_client_ip(request)])
return json_response()
def post(self, request, pk):
permission_required(request.user, 'AuthEvent', 'edit', pk)
ae = get_object_or_404(AuthEvent, pk=pk)
req = parse_json_request(request)
user_ids = req.get('user-ids', [])
check_contract(CONTRACTS['list_of_ints'], user_ids)
for uid in user_ids:
u = get_object_or_404(User, pk=uid, userdata__event=ae)
u.is_active = self.activate
u.save()
if self.activate:
send_codes.apply_async(args=[[u for u in user_ids],
get_client_ip(request)])
return json_response()
def register(self, ae, request):
req = json.loads(request.body.decode('utf-8'))
msg = check_pipeline(request, ae)
if msg:
return self.error("Incorrect data", error_codename="invalid_credentials")
# create the user as active? Usually yes, but the execute_pipeline call inside
# check_fields_in_request might modify this
req['active'] = True
msg = ''
if req.get('tlf'):
req['tlf'] = get_cannonical_tlf(req.get('tlf'))
tlf = req.get('tlf')
if isinstance(tlf, str):
tlf = tlf.strip()
msg += check_field_type(self.tlf_definition, tlf)
msg += check_field_value(self.tlf_definition, tlf)
msg += check_fields_in_request(req, ae)
if msg:
return self.error("Incorrect data", error_codename="invalid_credentials")
# get active from req, this value might have changed in check_fields_in_requests
active = req.pop('active')
msg_exist = exist_user(req, ae, get_repeated=True)
if msg_exist:
u = msg_exist.get('user')
if u.is_active:
return self.error("Incorrect data", error_codename="invalid_credentials")
else:
u = create_user(req, ae, active)
msg += give_perms(u, ae)
if msg:
return self.error("Incorrect data", error_codename="invalid_credentials")
elif not active:
# Note, we are not calling to extend_send_sms because we are not
# sending the code in here
return {'status': 'ok'}
result = plugins.call("extend_send_sms", ae, 1)
if result:
return self.error("Incorrect data", error_codename="invalid_credentials")
send_codes.apply_async(args=[[u.id,], get_client_ip(request)])
return {'status': 'ok'}
def post(self, request, pk):
permission_required(request.user, 'AuthEvent', ['edit', 'census-activation'], pk)
ae = get_object_or_404(AuthEvent, pk=pk)
req = parse_json_request(request)
user_ids = req.get('user-ids', [])
check_contract(CONTRACTS['list_of_ints'], user_ids)
for uid in user_ids:
u = get_object_or_404(User, pk=uid, userdata__event=ae)
u.is_active = self.activate
u.save()
if self.activate:
send_codes.apply_async(
args=[
[u for u in user_ids],
get_client_ip(request),
ae.auth_method
])
return json_response()
def census_send_auth_task(pk, ip, config=None, userids=None, auth_method=None, sender_uid=None, **kwargs):
"""
Send an auth token to census
"""
from .models import AuthEvent, ACL, UserData
e = get_object_or_404(AuthEvent, pk=pk)
# If the auth_method is not set, use the default authmethod for the election
if auth_method is None:
auth_method = e.auth_method
new_census = []
if sender_uid is not None:
print("Sender user id = %d" % sender_uid)
census = []
if userids is None:
new_census = ACL.objects.filter(perm="vote", object_type="AuthEvent", object_id=str(pk))
else:
users = User.objects.filter(id__in=userids)
userdata = UserData.objects.filter(user__in=users)
new_census = ACL.objects.filter(perm="vote", object_type="AuthEvent", object_id=str(pk), user__in=userdata)
census = []
if e.auth_method == auth_method:
census = [i.user.user.id for i in new_census]
else:
for item in new_census:
if "sms" == auth_method and item.user.tlf:
census.append(item.user.user.id)
elif "email" == auth_method and item.user.user.email:
census.append(item.user.user.id)
extend_errors = plugins.call("extend_send_message", e, len(census), kwargs)
if extend_errors:
# Only can return one error at least for now
return extend_errors[0]
send_codes.apply_async(args=[census, ip, auth_method, config])
def register(self, ae, request):
req = json.loads(request.body.decode('utf-8'))
msg = check_pipeline(request, ae)
if msg:
return msg
msg = ''
if req.get('tlf'):
req['tlf'] = get_cannonical_tlf(req.get('tlf'))
tlf = req.get('tlf')
if isinstance(tlf, str):
tlf = tlf.strip()
msg += check_field_type(self.tlf_definition, tlf)
msg += check_field_value(self.tlf_definition, tlf)
msg += check_fields_in_request(req, ae)
if msg:
data = {'status': 'nok', 'msg': msg}
return data
msg_exist = exist_user(req, ae, get_repeated=True)
if msg_exist:
u = msg_exist.get('user')
if u.is_active:
msg += msg_exist.get('msg') + "Already registered."
codes = Code.objects.filter(user=u.userdata).count()
if codes > settings.SEND_CODES_SMS_MAX:
msg += msg_exist.get('msg') + "Maximun number of codes sent."
else:
u = create_user(req, ae)
msg += give_perms(u, ae)
if msg:
data = {'status': 'nok', 'msg': msg}
return data
result = plugins.call("extend_send_sms", ae, 1)
if result:
return {'status': 'nok', 'msg': result}
send_codes.apply_async(args=[[
u.id,
]])
return {'status': 'ok'}
def register(self, ae, request):
req = json.loads(request.body.decode('utf-8'))
msg = check_pipeline(request, ae)
if msg:
return msg
msg = ''
email = req.get('email')
if isinstance(email, str):
email = email.strip()
msg += check_field_type(self.email_definition, email)
msg += check_field_value(self.email_definition, email)
msg += check_fields_in_request(req, ae)
if msg:
data = {'status': 'nok', 'msg': msg}
return data
msg_exist = exist_user(req, ae, get_repeated=True)
if msg_exist:
u = msg_exist.get('user')
if u.is_active:
msg += msg_exist.get('msg') + "Already registered."
codes = Code.objects.filter(user=u.userdata).count()
if codes > settings.SEND_CODES_EMAIL_MAX:
msg += msg_exist.get('msg') + "Maximun number of codes sent."
else:
u = edit_user(u, req, ae)
else:
u = create_user(req, ae)
msg += give_perms(u, ae)
if msg:
data = {'status': 'nok', 'msg': msg}
return data
send_codes.apply_async(args=[[
u.id,
]])
return {'status': 'ok'}
def census_send_auth_task(pk, ip, config=None, userids=None):
"""
Send an auth token to census
"""
e = get_object_or_404(AuthEvent, pk=pk)
if e.status != "started":
print("event is stopped, ignoring request..")
return
census = []
if userids is None:
census = ACL.objects.filter(perm="vote", object_type="AuthEvent", object_id=str(pk))
census = [i.user.user.id for i in census]
else:
census = userids
if e.auth_method == "sms":
msg = plugins.call("extend_send_sms", e, len(census))
if msg:
return msg
send_codes.apply_async(args=[census, ip, config])
def resend_auth_code(self, ae, request):
req = json.loads(request.body.decode('utf-8'))
msg = ''
if req.get('tlf'):
req['tlf'] = get_cannonical_tlf(req.get('tlf'))
tlf = req.get('tlf')
if isinstance(tlf, str):
tlf = tlf.strip()
msg += check_field_type(self.tlf_definition, tlf, 'authenticate')
msg += check_field_value(self.tlf_definition, tlf, 'authenticate')
if msg:
return self.error("Incorrect data",
error_codename="invalid_credentials")
try:
u = User.objects.get(userdata__tlf=tlf,
userdata__event=ae,
is_active=True)
except:
return self.error("Incorrect data",
error_codename="invalid_credentials")
msg = check_pipeline(request, ae, 'resend-auth-pipeline',
Sms.PIPELINES['resend-auth-pipeline'])
if msg:
return self.error("Incorrect data",
error_codename="invalid_credentials")
result = plugins.call("extend_send_sms", ae, 1)
if result:
return self.error("Incorrect data",
error_codename="invalid_credentials")
send_codes.apply_async(args=[[
u.id,
], get_client_ip(request)])
return {'status': 'ok'}
def census_send_auth_task(pk, ip, config=None, userids=None):
"""
Send an auth token to census
"""
e = get_object_or_404(AuthEvent, pk=pk)
if e.status != "started":
print("event is stopped, ignoring request..")
return
census = []
if userids is None:
census = ACL.objects.filter(perm="vote",
object_type="AuthEvent",
object_id=str(pk))
census = [i.user.user.id for i in census]
else:
census = userids
if e.auth_method == "sms":
msg = plugins.call("extend_send_sms", e, len(census))
if msg:
return msg
send_codes.apply_async(args=[census, ip, config])
def register(self, ae, request):
req = json.loads(request.body.decode('utf-8'))
msg = check_pipeline(request, ae)
if msg:
return msg
# create the user as active? Usually yes, but the execute_pipeline call inside
# check_fields_in_request might modify this
req['active'] = True
reg_match_fields = []
if ae.extra_fields is not None:
reg_match_fields = [
f for f in ae.extra_fields
if "match_census_on_registration" in f and f['match_census_on_registration']
]
# NOTE the fields of type "fill_if_empty_on_registration" need
# to be empty, otherwise the user is already registered.
reg_fill_empty_fields = []
if ae.extra_fields is not None:
reg_fill_empty_fields = [
f for f in ae.extra_fields
if "fill_if_empty_on_registration" in f and f['fill_if_empty_on_registration']
]
msg = ''
email = req.get('email')
if isinstance(email, str):
email = email.strip()
email = email.replace(" ", "")
msg += check_field_type(self.email_definition, email)
msg += check_field_value(self.email_definition, email)
msg += check_fields_in_request(req, ae)
if msg:
return self.error("Incorrect data", error_codename="invalid_credentials")
# get active from req, this value might have changed in check_fields_in_requests
active = req.pop('active')
if len(reg_match_fields) > 0 or len(reg_fill_empty_fields) > 0:
# is the email a match field?
match_email = False
match_email_element = None
for extra in ae.extra_fields:
if 'name' in extra and 'email' == extra['name'] and "match_census_on_registration" in extra and extra['match_census_on_registration']:
match_email = True
match_email_element = extra
break
# if the email is not a match field, and there already is a user
# with that email, reject the registration request
if not match_email and User.objects.filter(email=email, userdata__event=ae, is_active=True).count() > 0:
return self.error("Incorrect data", error_codename="invalid_credentials")
# lookup in the database if there's any user with the match fields
# NOTE: we assume reg_match_fields are unique in the DB and required
search_email = email if match_email else ""
if match_email:
reg_match_fields.remove(match_email_element)
q = Q(userdata__event=ae,
is_active=False,
email=search_email)
# Check the reg_match_fields
for reg_match_field in reg_match_fields:
# Filter with Django's JSONfield
reg_name = reg_match_field['name']
req_field_data = req.get(reg_name)
if reg_name and req_field_data:
q = q & Q(userdata__metadata__contains={reg_name: req_field_data})
else:
return self.error("Incorrect data", error_codename="invalid_credentials")
# Check that the reg_fill_empty_fields are empty, otherwise the user
# is already registered
for reg_empty_field in reg_fill_empty_fields:
# Filter with Django's JSONfield
reg_name = reg_empty_field['name']
# Note: the register query _must_ contain a value for these fields
if reg_name and reg_name in req and req[reg_name]:
q = q & Q(userdata__metadata__contains={reg_name: ""})
else:
return self.error("Incorrect data", error_codename="invalid_credentials")
user_found = None
user_list = User.objects.filter(q)
if 1 == user_list.count():
user_found = user_list[0]
# check that the unique:True extra fields are actually unique
uniques = []
for extra in ae.extra_fields:
if 'unique' in extra.keys() and extra.get('unique'):
uniques.append(extra['name'])
if len(uniques) > 0:
base_uq = Q(userdata__event=ae, is_active=True)
base_list = User.objects.exclude(id = user_found.id)
for reg_name in uniques:
req_field_data = req.get(reg_name)
if reg_name and req_field_data:
uq = base_q & Q(userdata__metadata__contains={reg_name: req_field_data})
repeated_list = base_list.filter(uq)
if repeated_list.count() > 0:
return self.error("Incorrect data", error_codename="invalid_credentials")
# user needs to exist
if user_found is None:
return self.error("Incorrect data", error_codename="invalid_credentials")
for reg_empty_field in reg_fill_empty_fields:
reg_name = reg_empty_field['name']
if reg_name in req:
user_found.userdata.metadata[reg_name] = req.get(reg_name)
user_found.userdata.save()
if not match_email:
user_found.email = email
user_found.save()
u = user_found
else:
msg_exist = exist_user(req, ae, get_repeated=True)
if msg_exist:
return self.error("Incorrect data", error_codename="invalid_credentials")
else:
u = create_user(req, ae, active)
msg += give_perms(u, ae)
if msg:
return self.error("Incorrect data", error_codename="invalid_credentials")
elif not active:
# Note, we are not calling to extend_send_sms because we are not
# sending the code in here
return {'status': 'ok'}
send_codes.apply_async(args=[[u.id,], get_client_ip(request),'email'])
return {'status': 'ok'}
