def new_language(request, project, component): obj = get_component(request, project, component) user = request.user form_class = get_new_language_form(request, obj) can_add = obj.can_add_new_language(user) if request.method == "POST": form = form_class(obj, request.POST) if form.is_valid(): result = obj langs = form.cleaned_data["lang"] kwargs = { "user": user, "author": user, "component": obj, "details": {}, } with obj.repository.lock: for language in Language.objects.filter(code__in=langs): kwargs["details"]["language"] = language.code if can_add: translation = obj.add_new_language( language, request, create_translations=False ) if translation: kwargs["translation"] = translation if len(langs) == 1: result = translation Change.objects.create( action=Change.ACTION_ADDED_LANGUAGE, **kwargs ) elif obj.new_lang == "contact": Change.objects.create( action=Change.ACTION_REQUESTED_LANGUAGE, **kwargs ) messages.success( request, _( "A request for a new translation has been " "sent to the project's maintainers." ), ) if not obj.create_translations(request=request): messages.warning( request, _("The translation will be updated in the background.") ) if user.has_perm("component.edit", obj): reset_rate_limit("language", request) return redirect(result) messages.error(request, _("Please fix errors in the form.")) else: form = form_class(obj) return render( request, "new-language.html", {"object": obj, "project": obj.project, "form": form, "can_add": can_add}, )
def user_remove(request): is_confirmation = "remove_confirm" in request.session if is_confirmation: if request.method == "POST": remove_user(request.user, request) rotate_token(request) logout(request) messages.success(request, _("Your account has been removed.")) return redirect("home") confirm_form = EmptyConfirmForm(request) elif request.method == "POST": confirm_form = PasswordConfirmForm(request, request.POST) if confirm_form.is_valid(): reset_rate_limit("remove", request) store_userid(request, remove=True) request.GET = {"email": request.user.email} return social_complete(request, "email") else: confirm_form = PasswordConfirmForm(request) return render( request, "accounts/removal.html", { "confirm_form": confirm_form, "is_confirmation": is_confirmation }, )
def user_remove(request): is_confirmation = 'remove_confirm' in request.session if is_confirmation: if request.method == 'POST': remove_user(request.user, request) rotate_token(request) logout(request) messages.success(request, _('Your account has been removed.')) return redirect('home') confirm_form = EmptyConfirmForm(request) elif request.method == 'POST': confirm_form = PasswordConfirmForm(request, request.POST) if confirm_form.is_valid(): reset_rate_limit('remove', request) store_userid(request, remove=True) request.GET = {'email': request.user.email} return social_complete(request, 'email') else: confirm_form = PasswordConfirmForm(request) return render( request, 'accounts/removal.html', { 'confirm_form': confirm_form, 'is_confirmation': is_confirmation }, )
def setUp(self): super(SearchViewTest, self).setUp() self.translation = self.component.translation_set.get( language_code='cs') self.translate_url = self.translation.get_translate_url() self.update_fulltext_index() reset_rate_limit('search', address='127.0.0.1')
def setUp(self): super().setUp() self.translation = self.component.translation_set.get( language_code="cs") self.translate_url = self.translation.get_translate_url() self.update_fulltext_index() reset_rate_limit("search", address="127.0.0.1")
def clean(self): username = self.cleaned_data.get("username") password = self.cleaned_data.get("password") if username and password: if not check_rate_limit("login", self.request): raise forms.ValidationError( _("Too many authentication attempts from this location.")) self.user_cache = authenticate(self.request, username=username, password=password) if self.user_cache is None: for user in try_get_user(username, True): audit = AuditLog.objects.create( user, self.request, "failed-auth", method="password", name=username, ) audit.check_rate_limit(self.request) rotate_token(self.request) raise forms.ValidationError( self.error_messages["invalid_login"], code="invalid_login") if not self.user_cache.is_active: raise forms.ValidationError(self.error_messages["inactive"], code="inactive") AuditLog.objects.create(self.user_cache, self.request, "login", method="password", name=username) adjust_session_expiry(self.request) reset_rate_limit("login", self.request) return self.cleaned_data
def clean(self): username = self.cleaned_data.get('username') password = self.cleaned_data.get('password') if username and password: if not check_rate_limit('login', self.request): raise forms.ValidationError( _('Too many authentication attempts from this location!') ) self.user_cache = authenticate( self.request, username=username, password=password ) if self.user_cache is None: for user in try_get_user(username, True): audit = AuditLog.objects.create( user, self.request, 'failed-auth', method='Password', name=username, ) audit.check_rate_limit(self.request) rotate_token(self.request) raise forms.ValidationError( self.error_messages['invalid_login'], code='invalid_login' ) if not self.user_cache.is_active: raise forms.ValidationError( self.error_messages['inactive'], code='inactive' ) AuditLog.objects.create( self.user_cache, self.request, 'login', method='Password', name=username ) reset_rate_limit('login', self.request) return self.cleaned_data
def setUp(self): super(SearchViewTest, self).setUp() self.translation = self.component.translation_set.get( language_code='cs' ) self.translate_url = self.translation.get_translate_url() self.update_fulltext_index() reset_rate_limit('search', address='127.0.0.1')
def test_add_mail(self, fails=False): """Adding mail to existing account.""" # Create user self.perform_registration() # Check adding e-mail page response = self.client.post(reverse('social:begin', args=('email', )), follow=True) self.assertContains(response, 'Register e-mail') # Try invalid address first response = self.client.post(reverse('email_login'), {'email': 'invalid'}) self.assertContains(response, 'has-error') # Add e-mail account response = self.client.post(reverse('email_login'), {'email': '*****@*****.**'}, follow=True) self.assertRedirects(response, reverse('email-sent')) if fails: self.assertEqual(len(mail.outbox), 1) self.assert_notify_mailbox(mail.outbox[0]) return # Verify confirmation mail url = self.assert_registration_mailbox() response = self.client.get(url, follow=True) self.assertRedirects(response, reverse('confirm')) # Enter wrong password user = User.objects.get(username='******') reset_rate_limit('confirm', user=user) response = self.client.post(reverse('confirm'), {'password': '******'}) self.assertContains(response, 'You have entered an invalid password.') # Correct password response = self.client.post(reverse('confirm'), {'password': '******'}, follow=True) self.assertRedirects(response, '{0}#account'.format(reverse('profile'))) # Check database models user = User.objects.get(username='******') self.assertEqual( VerifiedEmail.objects.filter(social__user=user).count(), 2) self.assertTrue( VerifiedEmail.objects.filter(social__user=user, email='*****@*****.**').exists()) # Check notification notification = mail.outbox.pop() self.assert_notify_mailbox(notification)
def test_add_mail(self, fails=False): """Adding mail to existing account.""" # Create user self.perform_registration() # Check adding e-mail page response = self.client.post(reverse("social:begin", args=("email", )), follow=True) self.assertContains(response, "Register e-mail") # Try invalid address first response = self.client.post(reverse("email_login"), {"email": "invalid"}) self.assertContains(response, "has-error") # Add e-mail account response = self.client.post(reverse("email_login"), {"email": "*****@*****.**"}, follow=True) self.assertRedirects(response, reverse("email-sent")) if fails: self.assertEqual(len(mail.outbox), 1) self.assert_notify_mailbox(mail.outbox[0]) return # Verify confirmation mail url = self.assert_registration_mailbox() response = self.client.get(url, follow=True) self.assertRedirects(response, reverse("confirm")) # Enter wrong password user = User.objects.get(username="******") reset_rate_limit("confirm", user=user) response = self.client.post(reverse("confirm"), {"password": "******"}) self.assertContains(response, "You have entered an invalid password.") # Correct password response = self.client.post(reverse("confirm"), {"password": "******"}, follow=True) self.assertRedirects(response, "{0}#account".format(reverse("profile"))) # Check database models user = User.objects.get(username="******") self.assertEqual( VerifiedEmail.objects.filter(social__user=user).count(), 2) self.assertTrue( VerifiedEmail.objects.filter(social__user=user, email="*****@*****.**").exists()) # Check notification notification = mail.outbox.pop() self.assert_notify_mailbox(notification)
def clean(self): username = self.cleaned_data.get("username") password = self.cleaned_data.get("password") if username and password: if not check_rate_limit("login", self.request): lockout_period = get_rate_setting("login", "LOCKOUT") // 60 raise forms.ValidationError( ngettext( ( "Too many authentication attempts from this location. " "Please try again in %d minute." ), ( "Too many authentication attempts from this location. " "Please try again in %d minutes." ), lockout_period, ) % lockout_period ) self.user_cache = authenticate( self.request, username=username, password=password ) if self.user_cache is None: for user in try_get_user(username, True): audit = AuditLog.objects.create( user, self.request, "failed-auth", method="password", name=username, ) audit.check_rate_limit(self.request) rotate_token(self.request) raise forms.ValidationError( self.error_messages["invalid_login"], code="invalid_login" ) if not self.user_cache.is_active or self.user_cache.is_bot: raise forms.ValidationError( self.error_messages["inactive"], code="inactive" ) AuditLog.objects.create( self.user_cache, self.request, "login", method="password", name=username ) adjust_session_expiry(self.request) reset_rate_limit("login", self.request) return self.cleaned_data
def clean(self): username = self.cleaned_data.get('username') password = self.cleaned_data.get('password') if username and password: if not check_rate_limit('login', self.request): raise forms.ValidationError( _('Too many authentication attempts from this location!') ) self.user_cache = authenticate( self.request, username=username, password=password ) if self.user_cache is None: for user in try_get_user(username, True): notify_account_activity( user, self.request, 'failed-auth', method=ugettext('Password'), name=username, ) rotate_token(self.request) raise forms.ValidationError( self.error_messages['invalid_login'], code='invalid_login', ) elif not self.user_cache.is_active: raise forms.ValidationError( self.error_messages['inactive'], code='inactive', ) else: notify_account_activity( self.user_cache, self.request, 'login', method=ugettext('Password'), name=username, ) reset_rate_limit('login', self.request) return self.cleaned_data
def setUp(self): # Ensure no rate limits are there reset_rate_limit('test', address='1.2.3.4')
def setUp(self): super(ViewTest, self).setUp() reset_rate_limit('login', address='127.0.0.1') reset_rate_limit('message', address='127.0.0.1')
def setUp(self): super(ViewTest, self).setUp() reset_rate_limit('login', address='127.0.0.1') reset_rate_limit('message', address='127.0.0.1')
def setUp(self): super().setUp() reset_rate_limit("registration", address="127.0.0.1") reset_rate_limit("login", address="127.0.0.1")
def setUp(self): super(BaseRegistrationTest, self).setUp() reset_rate_limit('registration', address='127.0.0.1') reset_rate_limit('login', address='127.0.0.1')
def setUp(self): super(BaseRegistrationTest, self).setUp() reset_rate_limit('registration', address='127.0.0.1') reset_rate_limit('login', address='127.0.0.1')
def reset_rate(self): reset_rate_limit("language", user=self.user)
def setUp(self): # Ensure no rate limits are there reset_rate_limit('test', self.get_request())
def setUp(self): # Ensure no rate limits are there reset_rate_limit('test', address='1.2.3.4')
def setUp(self): super().setUp() reset_rate_limit("login", address="127.0.0.1") reset_rate_limit("message", address="127.0.0.1")
def test_add_mail(self, fails=False): """Adding mail to existing account.""" # Create user self.perform_registration() # Check adding email page response = self.client.post( reverse('social:begin', args=('email',)), follow=True, ) self.assertContains(response, 'Register email') # Try invalid address first response = self.client.post( reverse('email_login'), {'email': 'invalid'}, ) self.assertContains(response, 'has-error') # Add email account response = self.client.post( reverse('email_login'), {'email': '*****@*****.**'}, follow=True, ) self.assertRedirects(response, reverse('email-sent')) if fails: self.assertEqual(len(mail.outbox), 1) self.assert_notify_mailbox(mail.outbox[0]) return # Verify confirmation mail url = self.assert_registration_mailbox() response = self.client.get(url, follow=True) self.assertRedirects(response, reverse('confirm')) # Enter wrong password user = User.objects.get(username='******') reset_rate_limit('confirm', user=user) response = self.client.post( reverse('confirm'), {'password': '******'} ) self.assertContains(response, 'You have entered an invalid password.') # Correct password response = self.client.post( reverse('confirm'), {'password': '******'}, follow=True ) self.assertRedirects( response, '{0}#account'.format(reverse('profile')) ) # Check database models user = User.objects.get(username='******') self.assertEqual( VerifiedEmail.objects.filter(social__user=user).count(), 2 ) self.assertTrue( VerifiedEmail.objects.filter( social__user=user, email='*****@*****.**' ).exists() ) # Check notification notification = mail.outbox.pop() self.assert_notify_mailbox(notification)