def get(self, granted): department = granted.reviewer.auth.department return bcap.bcapResponse({ 'getBasic': bcap.regrant('get-basic', department), 'getReviewer': bcap.regrant('get-reviewer', granted), 'getApplicants': bcap.regrant('get-applicants', granted) })
def get(self, granted): department = granted.reviewer.auth.department return bcap.bcapResponse({ 'getBasic': bcap.regrant('get-basic', department), 'getReviewer': bcap.regrant('get-reviewer', granted), 'getApplicants': bcap.regrant('get-applicants', granted), 'numApplicants': Applicant.objects.filter( department=granted.reviewer.department ).count() })
def post(self, grantable, args): refs = grantable.department.findRefs(args['email']) for r in refs: ref = r['reference'] submitcap = bcap.regrant('launch-reference', ref) submitlink = '%s/submit-reference/#%s' % (bcap.this_server_url_prefix(), submitcap.serialize()) r['submitlink'] = submitlink del r['reference'] launchCap = bcap.regrant('stash-applicant', ref.applicant) launchurl = '%s/applicant/#%s' % \ (bcap.this_server_url_prefix(), launchCap.serialize()) r['launch'] = launchurl return bcap.bcapResponse(refs)
def post(self, granted, args): response = self.checkPostArgs(args) if response != 'OK': return response email = args['email'] name = args['name'] institution = args['institution'] applicant = granted.applicant found = applicant.getReferencesOfEmail(email) if len(found) > 0: return self.exceptionResponse('You have already asked this person to write you a letter. If you wish to contact this person, please do so outside the Resume system.') if name == '': return self.exceptionResponse('No name was provided, please provide a name for the letter writer') if email == '': return self.exceptionResponse('No email was provided, please provide an email for the reference request') ref = Reference(applicant=applicant, submitted=0, filesize=0,\ name=name, institution=institution, email=email,\ department=applicant.department) ref.save() if applicant.position.autoemail: sendResponse = sendReferenceRequest(applicant, ref) if 'error' in sendResponse: return sendResponse['error'] resp = ref.to_json() resp['reminder'] = bcap.regrant('remind-reference', ref) return bcap.bcapResponse(resp)
def plt_login(request): if request.method != 'POST': return HttpResponseNotAllowed(['POST']) args = bcap.dataPostProcess(request.read()) if not args.has_key('username'): return logWith404(logger, 'plt_login: post data missing username') if not args.has_key('password'): return logWith404(logger, 'plt_login: post data missing password') username = args['username'] rawpassword = args['password'] credentials = PltCredentials.objects.filter(username=username) if len(credentials) > 1: return logWith404(logger, 'plt_login: fatal error: duplicate credentials', level='error') if len(credentials) == 0: return bcap.bcapResponse({'loggedIn' : False}) c = credentials[0] hashed_password = get_hashed(rawpassword, c.salt) if hashed_password != c.hashed_password: return bcap.bcapResponse({'loggedIn' : False}) session_id = str(uuid.uuid4()) session = BelaySession(session_id=session_id, account=c.account) session.save() response = { 'station': bcap.Capability(c.account.station_url), 'makeStash': bcap.regrant('make-stash', c.account) } return bcap.bcapResponse(response)
def post(self, grantable, args): username = grantable.pendingaccount.email rawpassword = args['password'] if len(username) > 200: return logWith404(logger, 'create_plt_account: bad username') if len(rawpassword) < 8: return logWith404(logger, 'create_plt_account: bad password') salt = str(uuid.uuid4()) hashed_password = get_hashed(rawpassword, salt) station_cap = newStationCap() account = BelayAccount(station_url=station_cap.serialize()) account.save() credentials = PltCredentials(username=username, \ salt=salt, \ hashed_password=hashed_password, \ account=account) credentials.save() session_id = str(uuid.uuid4()) session = BelaySession(session_id=session_id, account=account) session.save() grantable.pendingaccount.delete() response = { 'station': station_cap, 'makeStash': bcap.regrant('make-stash', account) } return bcap.bcapResponse(response)
def get(self, granted): applicant = granted.applicant return bcap.bcapResponse({ 'public_data' : 'Applicant review page for %s' % applicant.fullname(), 'private_data' : bcap.regrant('launch-app-review', applicant), 'domain': bcap.this_server_url_prefix(), 'url' : '/appreview', })
def get(self, granted): ua = granted.unverifiedapplicant email = ua.email create_cap = bcap.regrant('add-verified-applicant', ua) return bcap.bcapResponse({ 'email': email, 'create': create_cap, })
def glogin_landing(request): if request.method == 'GET': d = request.GET else: d = request.POST maybe_client_key = check_pending(request.path_info) if not maybe_client_key: return logWith404(logger, "Bad pending: %s" % request.path_info, level='error') # 11.4.2 Verifying directly with the OpenID Provider # 11.4.2.1. Request Parameters # . openid.mode # Value: "check_authentication" # . Exact copies of all fields from the authentication response, except # for "openid.mode". # http://openid.net/specs/openid-authentication-2_0.html#check_auth verify = {} for e in d: verify[e] = d[e] verify['openid.mode'] = 'check_authentication' try: f = urllib2.urlopen("https://www.google.com/accounts/o8/ud", urllib.urlencode(verify)) beginning = str(f.read()[0:13]) if(beginning != 'is_valid:true'): return bcap.bcapResponse('fail') except urllib2.HTTPError as e: logger.error("ErrorResponse: %s" % e.read()) return bcap.bcapNullResponse() identity = d['openid.identity'] email = d['openid.ext1.value.email'] q = GoogleCredentials.objects.filter(identity=identity) if len(q) == 0: station_cap = newStationCap() account = BelayAccount(station_url=station_cap.serialize()) account.save() gc = GoogleCredentials(account=account, identity=identity) gc.save() else: account = q[0].account session_id = str(uuid.uuid4()) session = BelaySession(account=account, session_id=session_id) session.save() response = render_to_response('glogin.html', { 'clientkey': maybe_client_key, 'station': account.station_url, 'make_stash': bcap.regrant('make-stash', account).serialize(), 'site_name': settings.SITE_NAME, 'email': email }) return response
def get(self, granted): pair = granted.apprevpair a_json = pair.applicant.cached_json() references = pair.applicant.getReferencesModel() refjson = [] for r in references: rjson = r.to_json() rjson['getLetter'] = bcap.regrant('get-letter', r) refjson.append(rjson) a_json['refletters'] = refjson return bcap.bcapResponse(a_json)
def get(self, granted): uu = granted.unverifieduser email = uu.email create_cap = bcap.regrant('add-reviewer', uu) response = { 'email': email, 'create': create_cap } maybeBelayAccount = uu.belay_account() if maybeBelayAccount: response['createBelay'] = maybeBelayAccount return bcap.bcapResponse(response)
def post(self, grantable, args): applicants = grantable.department.findApplicants(args['email']) apps = [] for a in applicants: a_json = {} a_json['name'] = a.fullname() launchCap = bcap.regrant('stash-applicant', a) launchurl = '%s/applicant/#%s' % \ (bcap.this_server_url_prefix(), launchCap.serialize()) a_json['launch'] = launchurl apps.append(a_json) return bcap.bcapResponse(apps)
def get(self, granted): applicant = granted.applicant department = applicant.department references = applicant.getReferencesModel() reminders = { } for r in references: reminders[r.email] = bcap.regrant('remind-reference', r) resp = {\ 'getBasic' : bcap.grant('get-applicant-basic', department),\ 'reminders' : reminders, 'requestReference' : bcap.grant('request-reference', applicant),\ 'submitContactInfo' : bcap.grant('submit-contact-info', applicant),\ 'submitStatement' : bcap.grant('submit-statement', applicant),\ 'setReady' : bcap.grant('applicant-ready', applicant),\ 'updateName' : bcap.grant('update-applicant-name', applicant),\ 'get' : bcap.grant('get-applicant', applicant)\ } return bcap.bcapResponse(resp)
def create_plt_account(request): if request.method != 'POST': return HttpResponseNotAllowed(['POST']) args = bcap.dataPostProcess(request.read()) if not args.has_key('username'): return logWith404(logger, 'create_plt_account: post data missing username') if not args.has_key('password'): return logWith404(logger, 'create_plt_account: post data missing password') username = args['username'] rawpassword = args['password'] if len(username) > 20: return logWith404(logger, 'create_plt_account: bad username') if len(rawpassword) < 8: return logWith404(logger, 'create_plt_account: bad password') salt = str(uuid.uuid4()) hashed_password = get_hashed(rawpassword, salt) station_cap = newStationCap() account = BelayAccount(station_url=station_cap.serialize()) account.save() credentials = PltCredentials(username=username, \ salt=salt, \ hashed_password=hashed_password, \ account=account) credentials.save() session_id = str(uuid.uuid4()) session = BelaySession(session_id=session_id, account=account) session.save() response = { 'station': station_cap, 'makeStash': bcap.regrant('make-stash', account) } return bcap.bcapResponse(response)
def get(self, grantable): launchCap = bcap.regrant('launch-applicant', grantable.applicant) return bcap.bcapResponse(launchCap)