def login_context(request: HttpRequest) -> Dict[str, Any]: realm = get_realm_from_request(request) if realm is None: realm_description = None realm_invite_required = False realm_web_public_access_enabled = False else: realm_description = get_realm_rendered_description(realm) realm_invite_required = realm.invite_required # We offer web-public access only if the realm has actual web # public streams configured, in addition to having it enabled. realm_web_public_access_enabled = realm.allow_web_public_streams_access( ) context: Dict[str, Any] = { "realm_invite_required": realm_invite_required, "realm_description": realm_description, "require_email_format_usernames": require_email_format_usernames(realm), "password_auth_enabled": password_auth_enabled(realm), "two_factor_authentication_enabled": settings.TWO_FACTOR_AUTHENTICATION_ENABLED, "realm_web_public_access_enabled": realm_web_public_access_enabled, } if realm is not None and realm.description: context["OPEN_GRAPH_TITLE"] = realm.name context["OPEN_GRAPH_DESCRIPTION"] = get_realm_text_description(realm) # Add the keys for our standard authentication backends. no_auth_enabled = True for auth_backend_name in AUTH_BACKEND_NAME_MAP: name_lower = auth_backend_name.lower() key = f"{name_lower}_auth_enabled" is_enabled = auth_enabled_helper([auth_backend_name], realm) context[key] = is_enabled if is_enabled: no_auth_enabled = False context["external_authentication_methods"] = get_external_method_dicts( realm) context["no_auth_enabled"] = no_auth_enabled # Include another copy of external_authentication_methods in page_params for use # by the desktop client. We expand it with IDs of the <button> elements corresponding # to the authentication methods. context["page_params"] = dict( external_authentication_methods=get_external_method_dicts(realm), ) for auth_dict in context["page_params"]["external_authentication_methods"]: auth_dict["button_id_suffix"] = "auth_button_{}".format( auth_dict["name"]) return context
def login_context(request: HttpRequest) -> Dict[str, Any]: realm = get_realm_from_request(request) if realm is None: realm_description = None realm_invite_required = False else: realm_description = get_realm_rendered_description(realm) realm_invite_required = realm.invite_required context: Dict[str, Any] = { 'realm_invite_required': realm_invite_required, 'realm_description': realm_description, 'require_email_format_usernames': require_email_format_usernames(realm), 'password_auth_enabled': password_auth_enabled(realm), 'any_social_backend_enabled': any_social_backend_enabled(realm), 'two_factor_authentication_enabled': settings.TWO_FACTOR_AUTHENTICATION_ENABLED, } if realm is not None and realm.description: context['OPEN_GRAPH_TITLE'] = realm.name context['OPEN_GRAPH_DESCRIPTION'] = get_realm_text_description(realm) # Add the keys for our standard authentication backends. no_auth_enabled = True for auth_backend_name in AUTH_BACKEND_NAME_MAP: name_lower = auth_backend_name.lower() key = f"{name_lower}_auth_enabled" is_enabled = auth_enabled_helper([auth_backend_name], realm) context[key] = is_enabled if is_enabled: no_auth_enabled = False context['external_authentication_methods'] = get_external_method_dicts( realm) context['no_auth_enabled'] = no_auth_enabled # Include another copy of external_authentication_methods in page_params for use # by the desktop client. We expand it with IDs of the <button> elements corresponding # to the authentication methods. context['page_params'] = dict( external_authentication_methods=get_external_method_dicts(realm), ) for auth_dict in context['page_params']['external_authentication_methods']: auth_dict['button_id_suffix'] = "auth_button_{}".format( auth_dict['name']) return context
def remote_user_sso( request: HttpRequest, mobile_flow_otp: Optional[str] = REQ(default=None), desktop_flow_otp: Optional[str] = REQ(default=None), next: str = REQ(default="/"), ) -> HttpResponse: subdomain = get_subdomain(request) try: realm: Optional[Realm] = get_realm(subdomain) except Realm.DoesNotExist: realm = None if not auth_enabled_helper([ZulipRemoteUserBackend.auth_backend_name], realm): return config_error(request, "remote_user_backend_disabled") try: remote_user = request.META["REMOTE_USER"] except KeyError: return config_error(request, "remote_user_header_missing") # Django invokes authenticate methods by matching arguments, and this # authentication flow will not invoke LDAP authentication because of # this condition of Django so no need to check if LDAP backend is # enabled. validate_login_email(remote_user_to_email(remote_user)) # Here we support the mobile and desktop flow for REMOTE_USER_BACKEND; we # validate the data format and then pass it through to # login_or_register_remote_user if appropriate. validate_otp_params(mobile_flow_otp, desktop_flow_otp) if realm is None: user_profile = None else: user_profile = authenticate(remote_user=remote_user, realm=realm) if user_profile is not None: assert isinstance(user_profile, UserProfile) email = remote_user_to_email(remote_user) data_dict = ExternalAuthDataDict( email=email, mobile_flow_otp=mobile_flow_otp, desktop_flow_otp=desktop_flow_otp, redirect_to=next, ) if realm: data_dict["subdomain"] = realm.subdomain else: data_dict["subdomain"] = "" # realm creation happens on root subdomain result = ExternalAuthResult(user_profile=user_profile, data_dict=data_dict) return login_or_register_remote_user(request, result)
def remote_user_sso( request: HttpRequest, mobile_flow_otp: Optional[str] = REQ(default=None), desktop_flow_otp: Optional[str] = REQ(default=None) ) -> HttpResponse: subdomain = get_subdomain(request) try: realm = get_realm(subdomain) # type: Optional[Realm] except Realm.DoesNotExist: realm = None if not auth_enabled_helper([ZulipRemoteUserBackend.auth_backend_name], realm): return redirect_to_config_error("remoteuser/backend_disabled") try: remote_user = request.META["REMOTE_USER"] except KeyError: return redirect_to_config_error( "remoteuser/remote_user_header_missing") # Django invokes authenticate methods by matching arguments, and this # authentication flow will not invoke LDAP authentication because of # this condition of Django so no need to check if LDAP backend is # enabled. validate_login_email(remote_user_to_email(remote_user)) # Here we support the mobile and desktop flow for REMOTE_USER_BACKEND; we # validate the data format and then pass it through to # login_or_register_remote_user if appropriate. validate_otp_params(mobile_flow_otp, desktop_flow_otp) subdomain = get_subdomain(request) if realm is None: user_profile = None else: user_profile = authenticate(remote_user=remote_user, realm=realm) redirect_to = request.GET.get('next', '') return login_or_register_remote_user(request, remote_user, user_profile, mobile_flow_otp=mobile_flow_otp, desktop_flow_otp=desktop_flow_otp, realm=realm, redirect_to=redirect_to)
def login_context(request: HttpRequest) -> Dict[str, Any]: realm = get_realm_from_request(request) if realm is None: realm_description = None realm_invite_required = False else: realm_description = get_realm_rendered_description(realm) realm_invite_required = realm.invite_required context = { 'realm_invite_required': realm_invite_required, 'realm_description': realm_description, 'require_email_format_usernames': require_email_format_usernames(realm), 'password_auth_enabled': password_auth_enabled(realm), 'any_oauth_backend_enabled': any_oauth_backend_enabled(realm), 'two_factor_authentication_enabled': settings.TWO_FACTOR_AUTHENTICATION_ENABLED, } # type: Dict[str, Any] # Add the keys for our standard authentication backends. no_auth_enabled = True social_backends = [] for auth_backend_name in AUTH_BACKEND_NAME_MAP: name_lower = auth_backend_name.lower() key = "%s_auth_enabled" % (name_lower,) is_enabled = auth_enabled_helper([auth_backend_name], realm) context[key] = is_enabled if is_enabled: no_auth_enabled = False # Now add the enabled social backends to the social_backends # list used to generate buttons for login/register pages. backend = AUTH_BACKEND_NAME_MAP[auth_backend_name] if not is_enabled or backend not in SOCIAL_AUTH_BACKENDS: continue social_backends.append({ 'name': backend.name, 'display_name': backend.auth_backend_name, 'login_url': reverse('login-social', args=(backend.name,)), 'signup_url': reverse('signup-social', args=(backend.name,)), 'sort_order': backend.sort_order, }) context['social_backends'] = sorted(social_backends, key=lambda x: x['sort_order'], reverse=True) context['no_auth_enabled'] = no_auth_enabled return context
def login_context(request: HttpRequest) -> Dict[str, Any]: realm = get_realm_from_request(request) if realm is None: realm_description = None realm_invite_required = False else: realm_description = get_realm_rendered_description(realm) realm_invite_required = realm.invite_required context = { 'realm_invite_required': realm_invite_required, 'realm_description': realm_description, 'require_email_format_usernames': require_email_format_usernames(realm), 'password_auth_enabled': password_auth_enabled(realm), 'any_social_backend_enabled': any_social_backend_enabled(realm), 'two_factor_authentication_enabled': settings.TWO_FACTOR_AUTHENTICATION_ENABLED, } # type: Dict[str, Any] if realm is not None and realm.description: context['OPEN_GRAPH_TITLE'] = realm.name context['OPEN_GRAPH_DESCRIPTION'] = get_realm_text_description(realm) # Add the keys for our standard authentication backends. no_auth_enabled = True for auth_backend_name in AUTH_BACKEND_NAME_MAP: name_lower = auth_backend_name.lower() key = "%s_auth_enabled" % (name_lower, ) is_enabled = auth_enabled_helper([auth_backend_name], realm) context[key] = is_enabled if is_enabled: no_auth_enabled = False context['external_authentication_methods'] = get_external_method_dicts( realm) context['no_auth_enabled'] = no_auth_enabled return context
def get_auth_backends_data(request: HttpRequest) -> Dict[str, Any]: """Returns which authentication methods are enabled on the server""" subdomain = get_subdomain(request) try: realm = Realm.objects.get(string_id=subdomain) except Realm.DoesNotExist: # If not the root subdomain, this is an error if subdomain != Realm.SUBDOMAIN_FOR_ROOT_DOMAIN: raise JsonableError(_("Invalid subdomain")) # With the root subdomain, it's an error or not depending # whether ROOT_DOMAIN_LANDING_PAGE (which indicates whether # there are some realms without subdomains on this server) # is set. if settings.ROOT_DOMAIN_LANDING_PAGE: raise JsonableError(_("Subdomain required")) else: realm = None result = { "password": password_auth_enabled(realm), } for auth_backend_name in AUTH_BACKEND_NAME_MAP: key = auth_backend_name.lower() result[key] = auth_enabled_helper([auth_backend_name], realm) return result
def zulip_default_context(request): # type: (HttpRequest) -> Dict[str, Any] """Context available to all Zulip Jinja2 templates that have a request passed in. Designed to provide the long list of variables at the bottom of this function in a wide range of situations: logged-in or logged-out, subdomains or not, etc. The main variable in the below is whether we know the realm, which is the case if there is only one realm, or we're on a REALMS_HAVE_SUBDOMAINS subdomain, or the user is logged in. """ realm = get_realm_from_request(request) if realm is not None: realm_uri = realm.uri realm_name = realm.name realm_icon = get_realm_icon_url(realm) realm_description = realm.description or "The coolest place in the universe." else: realm_uri = settings.SERVER_URI realm_name = None realm_icon = None realm_description = None return { 'realms_have_subdomains': settings.REALMS_HAVE_SUBDOMAINS, 'custom_logo_url': settings.CUSTOM_LOGO_URL, 'register_link_disabled': settings.REGISTER_LINK_DISABLED, 'login_link_disabled': settings.LOGIN_LINK_DISABLED, 'about_link_disabled': settings.ABOUT_LINK_DISABLED, 'show_oss_announcement': settings.SHOW_OSS_ANNOUNCEMENT, 'zulip_admin': settings.ZULIP_ADMINISTRATOR, 'terms_of_service': settings.TERMS_OF_SERVICE, 'privacy_policy': settings.PRIVACY_POLICY, 'login_url': settings.HOME_NOT_LOGGED_IN, 'only_sso': settings.ONLY_SSO, 'external_api_path': settings.EXTERNAL_API_PATH, 'external_api_uri': settings.EXTERNAL_API_URI, 'external_host': settings.EXTERNAL_HOST, 'external_uri_scheme': settings.EXTERNAL_URI_SCHEME, 'realm_uri': realm_uri, 'realm_name': realm_name, 'realm_icon': realm_icon, 'realm_description': realm_description, 'server_uri': settings.SERVER_URI, 'api_site_required': settings.EXTERNAL_API_PATH != "api.zulip.com", 'email_integration_enabled': settings.EMAIL_GATEWAY_BOT != "", 'email_gateway_example': settings.EMAIL_GATEWAY_EXAMPLE, 'open_realm_creation': settings.OPEN_REALM_CREATION, 'password_auth_enabled': password_auth_enabled(realm), 'dev_auth_enabled': dev_auth_enabled(realm), 'google_auth_enabled': google_auth_enabled(realm), 'github_auth_enabled': github_auth_enabled(realm), 'any_oauth_backend_enabled': any_oauth_backend_enabled(realm), 'no_auth_enabled': not auth_enabled_helper(list(AUTH_BACKEND_NAME_MAP.keys()), realm), 'development_environment': settings.DEVELOPMENT, 'support_email': settings.ZULIP_ADMINISTRATOR, 'find_team_link_disabled': settings.FIND_TEAM_LINK_DISABLED, 'password_min_length': settings.PASSWORD_MIN_LENGTH, 'password_min_quality': settings.PASSWORD_MIN_ZXCVBN_QUALITY, 'zulip_version': ZULIP_VERSION, }
def zulip_default_context(request): # type: (HttpRequest) -> Dict[str, Any] """Context available to all Zulip Jinja2 templates that have a request passed in. Designed to provide the long list of variables at the bottom of this function in a wide range of situations: logged-in or logged-out, subdomains or not, etc. The main variable in the below is whether we know what realm the user is trying to interact with. """ realm = get_realm_from_request(request) if realm is None: realm_uri = settings.ROOT_DOMAIN_URI realm_name = None realm_icon = None realm_description = None realm_invite_required = False else: realm_uri = realm.uri realm_name = realm.name realm_icon = get_realm_icon_url(realm) realm_description_raw = realm.description or "The coolest place in the universe." realm_description = convert(realm_description_raw, message_realm=realm) realm_invite_required = realm.invite_required register_link_disabled = settings.REGISTER_LINK_DISABLED login_link_disabled = settings.LOGIN_LINK_DISABLED about_link_disabled = settings.ABOUT_LINK_DISABLED find_team_link_disabled = settings.FIND_TEAM_LINK_DISABLED if settings.ROOT_DOMAIN_LANDING_PAGE and get_subdomain(request) == "": register_link_disabled = True login_link_disabled = True about_link_disabled = True find_team_link_disabled = False apps_page_url = 'https://zulipchat.com/apps/' if settings.ZILENCER_ENABLED: apps_page_url = '/apps/' user_is_authenticated = False if hasattr(request, 'user') and hasattr(request.user, 'is_authenticated'): user_is_authenticated = request.user.is_authenticated.value if settings.DEVELOPMENT: secrets_path = "zproject/dev-secrets.conf" settings_path = "zproject/dev_settings.py" settings_comments_path = "zproject/prod_settings_template.py" else: secrets_path = "/etc/zulip/zulip-secrets.conf" settings_path = "/etc/zulip/settings.py" settings_comments_path = "/etc/zulip/settings.py" if hasattr(request, "client") and request.client.name == "ZulipElectron": platform = "ZulipElectron" # nocoverage else: platform = "ZulipWeb" return { 'root_domain_landing_page': settings.ROOT_DOMAIN_LANDING_PAGE, 'custom_logo_url': settings.CUSTOM_LOGO_URL, 'register_link_disabled': register_link_disabled, 'login_link_disabled': login_link_disabled, 'about_link_disabled': about_link_disabled, 'terms_of_service': settings.TERMS_OF_SERVICE, 'privacy_policy': settings.PRIVACY_POLICY, 'login_url': settings.HOME_NOT_LOGGED_IN, 'only_sso': settings.ONLY_SSO, 'external_api_path': settings.EXTERNAL_API_PATH, 'external_api_uri': settings.EXTERNAL_API_URI, 'external_host': settings.EXTERNAL_HOST, 'external_uri_scheme': settings.EXTERNAL_URI_SCHEME, 'realm_invite_required': realm_invite_required, 'realm_uri': realm_uri, 'realm_name': realm_name, 'realm_icon': realm_icon, 'realm_description': realm_description, 'root_domain_uri': settings.ROOT_DOMAIN_URI, 'api_site_required': settings.EXTERNAL_API_PATH != "api.zulip.com", 'email_gateway_example': settings.EMAIL_GATEWAY_EXAMPLE, 'apps_page_url': apps_page_url, 'open_realm_creation': settings.OPEN_REALM_CREATION, 'password_auth_enabled': password_auth_enabled(realm), 'dev_auth_enabled': dev_auth_enabled(realm), 'google_auth_enabled': google_auth_enabled(realm), 'github_auth_enabled': github_auth_enabled(realm), 'email_auth_enabled': email_auth_enabled(realm), 'require_email_format_usernames': require_email_format_usernames(realm), 'any_oauth_backend_enabled': any_oauth_backend_enabled(realm), 'no_auth_enabled': not auth_enabled_helper(list(AUTH_BACKEND_NAME_MAP.keys()), realm), 'development_environment': settings.DEVELOPMENT, 'support_email': FromAddress.SUPPORT, 'find_team_link_disabled': find_team_link_disabled, 'password_min_length': settings.PASSWORD_MIN_LENGTH, 'password_min_guesses': settings.PASSWORD_MIN_GUESSES, 'zulip_version': ZULIP_VERSION, 'user_is_authenticated': user_is_authenticated, 'settings_path': settings_path, 'secrets_path': secrets_path, 'settings_comments_path': settings_comments_path, 'platform': platform, }
def zulip_default_context(request: HttpRequest) -> Dict[str, Any]: """Context available to all Zulip Jinja2 templates that have a request passed in. Designed to provide the long list of variables at the bottom of this function in a wide range of situations: logged-in or logged-out, subdomains or not, etc. The main variable in the below is whether we know what realm the user is trying to interact with. """ realm = get_realm_from_request(request) if realm is None: realm_uri = settings.ROOT_DOMAIN_URI realm_name = None realm_icon = None realm_description = None realm_invite_required = False else: realm_uri = realm.uri realm_name = realm.name realm_icon = get_realm_icon_url(realm) realm_description_raw = realm.description or "The coolest place in the universe." realm_description = convert(realm_description_raw, message_realm=realm) realm_invite_required = realm.invite_required register_link_disabled = settings.REGISTER_LINK_DISABLED login_link_disabled = settings.LOGIN_LINK_DISABLED find_team_link_disabled = settings.FIND_TEAM_LINK_DISABLED allow_search_engine_indexing = False if (settings.ROOT_DOMAIN_LANDING_PAGE and get_subdomain(request) == Realm.SUBDOMAIN_FOR_ROOT_DOMAIN): register_link_disabled = True login_link_disabled = True find_team_link_disabled = False allow_search_engine_indexing = True apps_page_url = 'https://zulipchat.com/apps/' if settings.ZILENCER_ENABLED: apps_page_url = '/apps/' user_is_authenticated = False if hasattr(request, 'user') and hasattr(request.user, 'is_authenticated'): user_is_authenticated = request.user.is_authenticated.value if settings.DEVELOPMENT: secrets_path = "zproject/dev-secrets.conf" settings_path = "zproject/dev_settings.py" settings_comments_path = "zproject/prod_settings_template.py" else: secrets_path = "/etc/zulip/zulip-secrets.conf" settings_path = "/etc/zulip/settings.py" settings_comments_path = "/etc/zulip/settings.py" if hasattr(request, "client") and request.client.name == "ZulipElectron": platform = "ZulipElectron" # nocoverage else: platform = "ZulipWeb" return { 'root_domain_landing_page': settings.ROOT_DOMAIN_LANDING_PAGE, 'custom_logo_url': settings.CUSTOM_LOGO_URL, 'register_link_disabled': register_link_disabled, 'login_link_disabled': login_link_disabled, 'terms_of_service': settings.TERMS_OF_SERVICE, 'privacy_policy': settings.PRIVACY_POLICY, 'login_url': settings.HOME_NOT_LOGGED_IN, 'only_sso': settings.ONLY_SSO, 'custom_profile_fields_enabled': settings.DEVELOPMENT, 'external_host': settings.EXTERNAL_HOST, 'external_uri_scheme': settings.EXTERNAL_URI_SCHEME, 'realm_invite_required': realm_invite_required, 'realm_uri': realm_uri, 'realm_name': realm_name, 'realm_icon': realm_icon, 'realm_description': realm_description, 'root_domain_uri': settings.ROOT_DOMAIN_URI, 'apps_page_url': apps_page_url, 'open_realm_creation': settings.OPEN_REALM_CREATION, 'password_auth_enabled': password_auth_enabled(realm), 'dev_auth_enabled': dev_auth_enabled(realm), 'google_auth_enabled': google_auth_enabled(realm), 'github_auth_enabled': github_auth_enabled(realm), 'email_auth_enabled': email_auth_enabled(realm), 'require_email_format_usernames': require_email_format_usernames(realm), 'any_oauth_backend_enabled': any_oauth_backend_enabled(realm), 'no_auth_enabled': not auth_enabled_helper(list(AUTH_BACKEND_NAME_MAP.keys()), realm), 'development_environment': settings.DEVELOPMENT, 'support_email': FromAddress.SUPPORT, 'find_team_link_disabled': find_team_link_disabled, 'password_min_length': settings.PASSWORD_MIN_LENGTH, 'password_min_guesses': settings.PASSWORD_MIN_GUESSES, 'jitsi_server_url': settings.JITSI_SERVER_URL, 'two_factor_authentication_enabled': settings.TWO_FACTOR_AUTHENTICATION_ENABLED, 'zulip_version': ZULIP_VERSION, 'user_is_authenticated': user_is_authenticated, 'settings_path': settings_path, 'secrets_path': secrets_path, 'settings_comments_path': settings_comments_path, 'platform': platform, 'allow_search_engine_indexing': allow_search_engine_indexing, }
def zulip_default_context(request: HttpRequest) -> Dict[str, Any]: """Context available to all Zulip Jinja2 templates that have a request passed in. Designed to provide the long list of variables at the bottom of this function in a wide range of situations: logged-in or logged-out, subdomains or not, etc. The main variable in the below is whether we know what realm the user is trying to interact with. """ realm = get_realm_from_request(request) if realm is None: realm_uri = settings.ROOT_DOMAIN_URI realm_name = None realm_icon = None realm_description = None realm_invite_required = False realm_plan_type = 0 else: realm_uri = realm.uri realm_name = realm.name realm_icon = get_realm_icon_url(realm) realm_description_raw = realm.description or "The coolest place in the universe." realm_description = bugdown_convert(realm_description_raw, message_realm=realm) realm_invite_required = realm.invite_required realm_plan_type = realm.plan_type register_link_disabled = settings.REGISTER_LINK_DISABLED login_link_disabled = settings.LOGIN_LINK_DISABLED find_team_link_disabled = settings.FIND_TEAM_LINK_DISABLED allow_search_engine_indexing = False if (settings.ROOT_DOMAIN_LANDING_PAGE and get_subdomain(request) == Realm.SUBDOMAIN_FOR_ROOT_DOMAIN): register_link_disabled = True login_link_disabled = True find_team_link_disabled = False allow_search_engine_indexing = True apps_page_url = 'https://zulipchat.com/apps/' if settings.ZILENCER_ENABLED: apps_page_url = '/apps/' user_is_authenticated = False if hasattr(request, 'user') and hasattr(request.user, 'is_authenticated'): user_is_authenticated = request.user.is_authenticated.value if settings.DEVELOPMENT: secrets_path = "zproject/dev-secrets.conf" settings_path = "zproject/dev_settings.py" settings_comments_path = "zproject/prod_settings_template.py" else: secrets_path = "/etc/zulip/zulip-secrets.conf" settings_path = "/etc/zulip/settings.py" settings_comments_path = "/etc/zulip/settings.py" # We can't use request.client here because we might not be using # an auth decorator that sets it, but we can call its helper to # get the same result. platform = get_client_name(request, True) context = { 'root_domain_landing_page': settings.ROOT_DOMAIN_LANDING_PAGE, 'custom_logo_url': settings.CUSTOM_LOGO_URL, 'register_link_disabled': register_link_disabled, 'login_link_disabled': login_link_disabled, 'terms_of_service': settings.TERMS_OF_SERVICE, 'privacy_policy': settings.PRIVACY_POLICY, 'login_url': settings.HOME_NOT_LOGGED_IN, 'only_sso': settings.ONLY_SSO, 'external_host': settings.EXTERNAL_HOST, 'external_uri_scheme': settings.EXTERNAL_URI_SCHEME, 'realm_invite_required': realm_invite_required, 'realm_uri': realm_uri, 'realm_name': realm_name, 'realm_icon': realm_icon, 'realm_description': realm_description, 'realm_plan_type': realm_plan_type, 'root_domain_uri': settings.ROOT_DOMAIN_URI, 'apps_page_url': apps_page_url, 'open_realm_creation': settings.OPEN_REALM_CREATION, 'password_auth_enabled': password_auth_enabled(realm), 'require_email_format_usernames': require_email_format_usernames(realm), 'any_oauth_backend_enabled': any_oauth_backend_enabled(realm), 'no_auth_enabled': not auth_enabled_helper(list(AUTH_BACKEND_NAME_MAP.keys()), realm), 'development_environment': settings.DEVELOPMENT, 'support_email': FromAddress.SUPPORT, 'find_team_link_disabled': find_team_link_disabled, 'password_min_length': settings.PASSWORD_MIN_LENGTH, 'password_min_guesses': settings.PASSWORD_MIN_GUESSES, 'jitsi_server_url': settings.JITSI_SERVER_URL, 'two_factor_authentication_enabled': settings.TWO_FACTOR_AUTHENTICATION_ENABLED, 'zulip_version': ZULIP_VERSION, 'latest_release_version': LATEST_RELEASE_VERSION, 'latest_major_version': LATEST_MAJOR_VERSION, 'latest_release_announcement': LATEST_RELEASE_ANNOUNCEMENT, 'user_is_authenticated': user_is_authenticated, 'settings_path': settings_path, 'secrets_path': secrets_path, 'settings_comments_path': settings_comments_path, 'platform': platform, 'allow_search_engine_indexing': allow_search_engine_indexing, } # Add the keys for our standard authentication backends. for auth_backend_name in AUTH_BACKEND_NAME_MAP: name_lower = auth_backend_name.lower() key = "%s_auth_enabled" % (name_lower,) context[key] = auth_enabled_helper([auth_backend_name], realm) social_backends = [] for backend in SOCIAL_AUTH_BACKENDS: if not auth_enabled_helper([backend.auth_backend_name], realm): continue social_backends.append({ 'name': backend.name, 'display_name': backend.auth_backend_name, 'login_url': reverse('login-social', args=(backend.name,)), 'signup_url': reverse('signup-social', args=(backend.name,)), 'sort_order': backend.sort_order, }) context['social_backends'] = sorted(social_backends, key=lambda x: x['sort_order']) return context
def zulip_default_context(request: HttpRequest) -> Dict[str, Any]: """Context available to all Zulip Jinja2 templates that have a request passed in. Designed to provide the long list of variables at the bottom of this function in a wide range of situations: logged-in or logged-out, subdomains or not, etc. The main variable in the below is whether we know what realm the user is trying to interact with. """ realm = get_realm_from_request(request) if realm is None: realm_uri = settings.ROOT_DOMAIN_URI realm_name = None realm_icon = None realm_logo = None realm_description = None realm_invite_required = False realm_plan_type = 0 else: realm_uri = realm.uri realm_name = realm.name realm_icon = get_realm_icon_url(realm) realm_logo = get_realm_logo_url(realm) realm_description_raw = realm.description or "The coolest place in the universe." realm_description = bugdown_convert(realm_description_raw, message_realm=realm) realm_invite_required = realm.invite_required realm_plan_type = realm.plan_type register_link_disabled = settings.REGISTER_LINK_DISABLED login_link_disabled = settings.LOGIN_LINK_DISABLED find_team_link_disabled = settings.FIND_TEAM_LINK_DISABLED allow_search_engine_indexing = False if (settings.ROOT_DOMAIN_LANDING_PAGE and get_subdomain(request) == Realm.SUBDOMAIN_FOR_ROOT_DOMAIN): register_link_disabled = True login_link_disabled = True find_team_link_disabled = False allow_search_engine_indexing = True apps_page_url = 'https://zulipchat.com/apps/' if settings.ZILENCER_ENABLED: apps_page_url = '/apps/' user_is_authenticated = False if hasattr(request, 'user') and hasattr(request.user, 'is_authenticated'): user_is_authenticated = request.user.is_authenticated.value if settings.DEVELOPMENT: secrets_path = "zproject/dev-secrets.conf" settings_path = "zproject/dev_settings.py" settings_comments_path = "zproject/prod_settings_template.py" else: secrets_path = "/etc/zulip/zulip-secrets.conf" settings_path = "/etc/zulip/settings.py" settings_comments_path = "/etc/zulip/settings.py" if hasattr(request, "client") and request.client.name == "ZulipElectron": platform = "ZulipElectron" # nocoverage else: platform = "ZulipWeb" context = { 'root_domain_landing_page': settings.ROOT_DOMAIN_LANDING_PAGE, 'custom_logo_url': settings.CUSTOM_LOGO_URL, 'register_link_disabled': register_link_disabled, 'login_link_disabled': login_link_disabled, 'terms_of_service': settings.TERMS_OF_SERVICE, 'privacy_policy': settings.PRIVACY_POLICY, 'login_url': settings.HOME_NOT_LOGGED_IN, 'only_sso': settings.ONLY_SSO, 'external_host': settings.EXTERNAL_HOST, 'external_uri_scheme': settings.EXTERNAL_URI_SCHEME, 'realm_invite_required': realm_invite_required, 'realm_uri': realm_uri, 'realm_name': realm_name, 'realm_icon': realm_icon, 'realm_logo': realm_logo, 'realm_description': realm_description, 'realm_plan_type': realm_plan_type, 'root_domain_uri': settings.ROOT_DOMAIN_URI, 'apps_page_url': apps_page_url, 'open_realm_creation': settings.OPEN_REALM_CREATION, 'password_auth_enabled': password_auth_enabled(realm), 'require_email_format_usernames': require_email_format_usernames(realm), 'any_oauth_backend_enabled': any_oauth_backend_enabled(realm), 'no_auth_enabled': not auth_enabled_helper(list(AUTH_BACKEND_NAME_MAP.keys()), realm), 'development_environment': settings.DEVELOPMENT, 'support_email': FromAddress.SUPPORT, 'find_team_link_disabled': find_team_link_disabled, 'password_min_length': settings.PASSWORD_MIN_LENGTH, 'password_min_guesses': settings.PASSWORD_MIN_GUESSES, 'jitsi_server_url': settings.JITSI_SERVER_URL, 'two_factor_authentication_enabled': settings.TWO_FACTOR_AUTHENTICATION_ENABLED, 'zulip_version': ZULIP_VERSION, 'latest_release_version': LATEST_RELEASE_VERSION, 'latest_major_version': LATEST_MAJOR_VERSION, 'latest_release_announcement': LATEST_RELEASE_ANNOUNCEMENT, 'user_is_authenticated': user_is_authenticated, 'settings_path': settings_path, 'secrets_path': secrets_path, 'settings_comments_path': settings_comments_path, 'platform': platform, 'allow_search_engine_indexing': allow_search_engine_indexing, } # Add the keys for our standard authentication backends. for auth_backend_name in AUTH_BACKEND_NAME_MAP: name_lower = auth_backend_name.lower() key = "%s_auth_enabled" % (name_lower, ) context[key] = auth_enabled_helper([auth_backend_name], realm) return context
def zulip_default_context(request): # type: (HttpRequest) -> Dict[str, Any] """Context available to all Zulip Jinja2 templates that have a request passed in. Designed to provide the long list of variables at the bottom of this function in a wide range of situations: logged-in or logged-out, subdomains or not, etc. The main variable in the below is whether we know the realm, which is the case if there is only one realm, or we're on a REALMS_HAVE_SUBDOMAINS subdomain, or the user is logged in. """ realm = get_realm_from_request(request) if realm is not None: realm_uri = realm.uri realm_name = realm.name realm_icon = get_realm_icon_url(realm) realm_description_raw = realm.description or "The coolest place in the universe." realm_description = convert(realm_description_raw, message_realm=realm) else: realm_uri = settings.SERVER_URI realm_name = None realm_icon = None realm_description = None register_link_disabled = settings.REGISTER_LINK_DISABLED login_link_disabled = settings.LOGIN_LINK_DISABLED about_link_disabled = settings.ABOUT_LINK_DISABLED find_team_link_disabled = settings.FIND_TEAM_LINK_DISABLED if settings.SUBDOMAINS_HOMEPAGE and get_subdomain(request) == "": register_link_disabled = True login_link_disabled = True about_link_disabled = True find_team_link_disabled = False apps_page_url = 'https://zulipchat.com/apps/' if settings.ZILENCER_ENABLED: apps_page_url = '/apps/' return { 'realms_have_subdomains': settings.REALMS_HAVE_SUBDOMAINS, 'custom_logo_url': settings.CUSTOM_LOGO_URL, 'register_link_disabled': register_link_disabled, 'login_link_disabled': login_link_disabled, 'about_link_disabled': about_link_disabled, 'terms_of_service': settings.TERMS_OF_SERVICE, 'privacy_policy': settings.PRIVACY_POLICY, 'login_url': settings.HOME_NOT_LOGGED_IN, 'only_sso': settings.ONLY_SSO, 'external_api_path': settings.EXTERNAL_API_PATH, 'external_api_uri': settings.EXTERNAL_API_URI, 'external_host': settings.EXTERNAL_HOST, 'external_uri_scheme': settings.EXTERNAL_URI_SCHEME, 'realm_uri': realm_uri, 'realm_name': realm_name, 'realm_icon': realm_icon, 'realm_description': realm_description, 'server_uri': settings.SERVER_URI, 'api_site_required': settings.EXTERNAL_API_PATH != "api.zulip.com", 'email_gateway_example': settings.EMAIL_GATEWAY_EXAMPLE, 'apps_page_url': apps_page_url, 'open_realm_creation': settings.OPEN_REALM_CREATION, 'password_auth_enabled': password_auth_enabled(realm), 'dev_auth_enabled': dev_auth_enabled(realm), 'google_auth_enabled': google_auth_enabled(realm), 'github_auth_enabled': github_auth_enabled(realm), 'any_oauth_backend_enabled': any_oauth_backend_enabled(realm), 'no_auth_enabled': not auth_enabled_helper(list(AUTH_BACKEND_NAME_MAP.keys()), realm), 'development_environment': settings.DEVELOPMENT, 'support_email': FromAddress.SUPPORT, 'find_team_link_disabled': find_team_link_disabled, 'password_min_length': settings.PASSWORD_MIN_LENGTH, 'password_min_quality': settings.PASSWORD_MIN_ZXCVBN_QUALITY, 'zulip_version': ZULIP_VERSION, }
def zulip_default_context(request: HttpRequest) -> Dict[str, Any]: """Context available to all Zulip Jinja2 templates that have a request passed in. Designed to provide the long list of variables at the bottom of this function in a wide range of situations: logged-in or logged-out, subdomains or not, etc. The main variable in the below is whether we know what realm the user is trying to interact with. """ realm = get_realm_from_request(request) if realm is None: realm_uri = settings.ROOT_DOMAIN_URI realm_name = None realm_icon = None realm_description = None realm_invite_required = False realm_plan_type = 0 else: realm_uri = realm.uri realm_name = realm.name realm_icon = get_realm_icon_url(realm) realm_description = get_realm_rendered_description(realm) realm_invite_required = realm.invite_required realm_plan_type = realm.plan_type register_link_disabled = settings.REGISTER_LINK_DISABLED login_link_disabled = settings.LOGIN_LINK_DISABLED find_team_link_disabled = settings.FIND_TEAM_LINK_DISABLED allow_search_engine_indexing = False if (settings.ROOT_DOMAIN_LANDING_PAGE and get_subdomain(request) == Realm.SUBDOMAIN_FOR_ROOT_DOMAIN): register_link_disabled = True login_link_disabled = True find_team_link_disabled = False allow_search_engine_indexing = True apps_page_url = 'https://zulipchat.com/apps/' if settings.ZILENCER_ENABLED: apps_page_url = '/apps/' user_is_authenticated = False if hasattr(request, 'user') and hasattr(request.user, 'is_authenticated'): user_is_authenticated = request.user.is_authenticated.value if settings.DEVELOPMENT: secrets_path = "zproject/dev-secrets.conf" settings_path = "zproject/dev_settings.py" settings_comments_path = "zproject/prod_settings_template.py" else: secrets_path = "/etc/zulip/zulip-secrets.conf" settings_path = "/etc/zulip/settings.py" settings_comments_path = "/etc/zulip/settings.py" # We can't use request.client here because we might not be using # an auth decorator that sets it, but we can call its helper to # get the same result. platform = get_client_name(request, True) context = { 'root_domain_landing_page': settings.ROOT_DOMAIN_LANDING_PAGE, 'custom_logo_url': settings.CUSTOM_LOGO_URL, 'register_link_disabled': register_link_disabled, 'login_link_disabled': login_link_disabled, 'terms_of_service': settings.TERMS_OF_SERVICE, 'privacy_policy': settings.PRIVACY_POLICY, 'login_url': settings.HOME_NOT_LOGGED_IN, 'only_sso': settings.ONLY_SSO, 'external_host': settings.EXTERNAL_HOST, 'external_uri_scheme': settings.EXTERNAL_URI_SCHEME, 'realm_invite_required': realm_invite_required, 'realm_uri': realm_uri, 'realm_name': realm_name, 'realm_icon': realm_icon, 'realm_description': realm_description, 'realm_plan_type': realm_plan_type, 'root_domain_uri': settings.ROOT_DOMAIN_URI, 'apps_page_url': apps_page_url, 'open_realm_creation': settings.OPEN_REALM_CREATION, 'password_auth_enabled': password_auth_enabled(realm), 'require_email_format_usernames': require_email_format_usernames(realm), 'any_oauth_backend_enabled': any_oauth_backend_enabled(realm), 'development_environment': settings.DEVELOPMENT, 'support_email': FromAddress.SUPPORT, 'find_team_link_disabled': find_team_link_disabled, 'password_min_length': settings.PASSWORD_MIN_LENGTH, 'password_min_guesses': settings.PASSWORD_MIN_GUESSES, 'jitsi_server_url': settings.JITSI_SERVER_URL, 'two_factor_authentication_enabled': settings.TWO_FACTOR_AUTHENTICATION_ENABLED, 'zulip_version': ZULIP_VERSION, 'latest_release_version': LATEST_RELEASE_VERSION, 'latest_major_version': LATEST_MAJOR_VERSION, 'latest_release_announcement': LATEST_RELEASE_ANNOUNCEMENT, 'user_is_authenticated': user_is_authenticated, 'settings_path': settings_path, 'secrets_path': secrets_path, 'settings_comments_path': settings_comments_path, 'platform': platform, 'allow_search_engine_indexing': allow_search_engine_indexing, } # Add the keys for our standard authentication backends. no_auth_enabled = True social_backends = [] for auth_backend_name in AUTH_BACKEND_NAME_MAP: name_lower = auth_backend_name.lower() key = "%s_auth_enabled" % (name_lower, ) is_enabled = auth_enabled_helper([auth_backend_name], realm) context[key] = is_enabled if is_enabled: no_auth_enabled = False # Now add the enabled social backends to the social_backends # list used to generate buttons for login/register pages. backend = AUTH_BACKEND_NAME_MAP[auth_backend_name] if not is_enabled or backend not in SOCIAL_AUTH_BACKENDS: continue social_backends.append({ 'name': backend.name, 'display_name': backend.auth_backend_name, 'login_url': reverse('login-social', args=(backend.name, )), 'signup_url': reverse('signup-social', args=(backend.name, )), 'sort_order': backend.sort_order, }) context['social_backends'] = sorted(social_backends, key=lambda x: x['sort_order'], reverse=True) context["no_auth_enabled"] = no_auth_enabled return context