def validate_slugs(self):
data = self.cleaned_data['first_name']
try:
validate_slug(data)
except ValidationError:
err = _('No special characters other than hypens and apostrophies are allowed')
return HttpResponse(err)
def Validate(cls, user):
try:
validators.validate_email(user.email)
validators.validate_slug(user.name)
return True
except:
return False
def _validate_username(username):
"""Validate the username.
Arguments:
username (unicode): The proposed username.
Returns:
None
Raises:
AccountUsernameInvalid
"""
if not isinstance(username, basestring):
raise AccountUsernameInvalid(u"Username must be a string")
if len(username) < USERNAME_MIN_LENGTH:
raise AccountUsernameInvalid(
u"Username '{username}' must be at least {min} characters long".
format(username=username, min=USERNAME_MIN_LENGTH))
if len(username) > USERNAME_MAX_LENGTH:
raise AccountUsernameInvalid(
u"Username '{username}' must be at most {max} characters long".
format(username=username, max=USERNAME_MAX_LENGTH))
try:
validate_slug(username)
except ValidationError:
raise AccountUsernameInvalid(
u"Username '{username}' must contain only A-Z, a-z, 0-9, -, or _ characters"
)
def slug_is_valid(self, slug):
try:
validate_slug(slug)
except django_exceptions.ValidationError:
raise serializers.ValidationError('Slug is an invalid format.',
'invalid')
return slug
def validate_entity_slug(slug, entity=None):
from features.gestalten.models import Gestalt
from features.groups.models import Group
# validate character set
validate_slug(slug)
# validate by blacklist
if slug.lower() in settings.ENTITY_SLUG_BLACKLIST:
raise ValidationError(
'Die Adresse \'%(slug)s\' ist reserviert und darf nicht verwendet werden.',
params={'slug': slug}, code='reserved')
# validate existing slugs
gestalten = Gestalt.objects
groups = Group.objects
if entity:
if entity.is_group:
groups = groups.exclude(pk=entity.pk)
else:
gestalten = gestalten.exclude(pk=entity.pk)
if (groups.filter(slug__iexact=slug).exists()
or gestalten.filter(user__username__iexact=slug).exists()):
raise ValidationError(
'Die Adresse \'%(slug)s\' ist bereits vergeben.',
params={'slug': slug}, code='in-use')
def queryset(self, model, options, request, stringparam=None, **kwargs):
if not stringparam:
raise Http404
# Validate input param before passing it on to the database.
try:
validators.validate_slug(stringparam)
except ValidationError:
raise Http404
# Find collection
try:
collection = self.collection_cls.objects.get(slug=stringparam)
except self.collection_cls.DoesNotExist:
raise Http404
# Make query
(qs, query_data) = super(CollectionQuery,
self).queryset(model, options, request,
**kwargs)
qs = collection.filter(qs)
# Add some extra data to the query.
query_data.update({'collection': collection})
return (qs, query_data)
def clean(self):
if self.identifier_type is 'EMAIL':
try:
validate_email(self.identifier)
except ValidationError:
raise ValidationError(
'Identifier is not a valid email address')
if self.identifier_type is 'IPADD':
try:
validate_ipv46_address(self.identifier)
except ValidationError:
raise ValidationError(
'Identifier is not a valid IPv4/IPv6 address')
if self.identifier_type is 'UNAME' or self.identifier_type is 'NAME':
try:
validate_slug(self.identifier)
except ValidationError:
raise ValidationError(
'Identifier is not a valid username or name')
if self.identifier_type is 'SKYPE':
try:
validate_skype(self.identifier)
except ValidationError:
raise ValidationError(
'Identifier is not a valid Skype user name')
if self.identifier_type is 'TWITTER':
try:
validate_twitter(self.identifier)
except ValidationError:
raise ValidationError(
'Identifier is not a valid Twitter user name')
def clean(self):
if self.identifier_type is 'EMAIL':
try:
validate_email(self.identifier)
except ValidationError:
raise ValidationError('Identifier is not a valid email address')
if self.identifier_type is 'IPADD':
try:
validate_ipv46_address(self.identifier)
except ValidationError:
raise ValidationError('Identifier is not a valid IPv4/IPv6 address')
if self.identifier_type is 'UNAME' or self.identifier_type is 'NAME':
try:
validate_slug(self.identifier)
except ValidationError:
raise ValidationError('Identifier is not a valid username or name')
if self.identifier_type is 'SKYPE':
try:
validate_skype(self.identifier)
except ValidationError:
raise ValidationError('Identifier is not a valid Skype user name')
if self.identifier_type is 'TWITTER':
try:
validate_twitter(self.identifier)
except ValidationError:
raise ValidationError('Identifier is not a valid Twitter user name')
def register(request):
data={
'username':"",
'user_exist':False,
'mail':"",
'mail_error':False,
'password_error':False,
'password_not_same':False,
'navitems':NavItem.objects.all()
}
if(request.method=="POST"):
data['username']=request.POST.get('username','')
data['mail']=request.POST.get('mail','')
password=request.POST.get('password','')
password2=request.POST.get('password2','')
try:
validate_email(data['mail'])
except:
data['mail_error']=True
try:
validate_slug(data['username'])
except:
data['user_exist']=True
if (len(User.objects.filter(username=data['username']))>0):
data['user_exist']=True
if (len(password)<6):
data['password_error']=True
if (password!=password2):
data['password_not_same']=True
if(not (data['password_error'] or data['password_not_same'] or data['mail_error'] or data['user_exist'])):
user=User.objects.create_user(data['username'],data['mail'],password)
user.save()
return HttpResponseRedirect('/regsuccess/')
return render(request,'register.html',data)
def validate_entity_slug(slug, entity=None):
from features.gestalten.models import Gestalt
from features.groups.models import Group
# validate character set
validate_slug(slug)
# validate by blacklist
if slug.lower() in settings.ENTITY_SLUG_BLACKLIST:
raise ValidationError(
'Die Adresse \'%(slug)s\' ist reserviert und darf nicht verwendet werden.',
params={'slug': slug},
code='reserved')
# validate existing slugs
gestalten = Gestalt.objects
groups = Group.objects
if entity:
if entity.is_group:
groups = groups.exclude(pk=entity.pk)
else:
gestalten = gestalten.exclude(pk=entity.pk)
if (groups.filter(slug__iexact=slug).exists()
or gestalten.filter(user__username__iexact=slug).exists()):
raise ValidationError('Die Adresse \'%(slug)s\' ist bereits vergeben.',
params={'slug': slug},
code='in-use')
def get_item_full_detail(item_slug: str) -> dict:
"""
Gets a particular Item info from it's slug
:param item_slug: products.models.Item.slug
:returns: an Item with all related info including scpecifications, reviews, related_products
"""
validate_slug(item_slug)
item = get_item_detail(item_slug)
item.sub_category_title = item.sub_category.title.capitalize()
item.brand_title = item.brand.title.capitalize()
item.brand_image_url = item.brand.image.url
item.sub_category_category_title = item.sub_category.category.title.capitalize(
)
specifications = {}
related_products = get_item_related_products(item_slug)
reviews = []
q_a = []
item_info = {
"item": item,
"specifications": specifications,
"related_products": related_products,
"reviews": reviews,
"q_a": q_a
}
return item_info
def clean_new_role_slug(self):
val = self.cleaned_data['new_role_slug']
if self.cleaned_data['create_new_role'] and not val:
raise ValidationError("A slug is required for this new role.")
if val:
validate_slug(val)
return val
def clean_subdomain(self):
subdomain = self.cleaned_data.get('subdomain')
try:
validate_slug(subdomain)
except forms.ValidationError:
raise forms.ValidationError("Please enter correct subdomain")
return subdomain
def slug_check(request):
slug = request.GET.get("slug")
id_ = request.GET.get("id")
if not slug:
return HttpResponseBadRequest("Missing 'slug' or 'id' params")
# No case sensitive slugs for us.
slug = slug.lower()
if re.match('^[0-9]+$', slug):
return JsonResponse({
"slug": slug,
"available": False,
"error": "Slug must contain at least one letter."
})
try:
validate_slug(slug)
except ValidationError as e:
return JsonResponse({
"slug": slug,
"available": False,
"error": str(e.message)
})
if id_ is not None:
qs = Plenary.objects.exclude(id=id_)
else:
qs = Plenary.objects.all()
available = not qs.filter(slug=slug).exists()
return JsonResponse({"slug": slug, "available": available})
def clean(self):
if self.identifiertype == 'EMAIL':
try:
validate_email(self.identifier)
except ValidationError as e:
raise ValidationError(
'Identifier declared as EMAIL but does not contain a valid email address'
)
if self.identifiertype == 'IPADD':
try:
validate_ipv46_address(self.identifier)
except ValidationError as e:
raise ValidationError(
'Identifier declared as IP ADDRESS but does not contain a valid ip4/ip6 address'
)
if self.identifiertype == 'UNAME' or self.identifiertype == 'SKYPE':
try:
validate_slug(self.identifier)
except ValidationError as e:
raise ValidationError(
'Identifier declared as USERNAME/SKYPE but does not contain a username or skype identifier'
)
if self.identifiertype == 'TWITTER':
try:
validate_slug(self.identifier)
except ValidationError as e:
raise ValidationError(
'Identifier declared as Twitter ID but does not contain a valid twitter id'
)
def save(request):
def redirectWithError(warn_msg):
url = request.get_full_path()
messages.add_message(request,messages.ERROR, warn_msg)
return redirect(request.META['HTTP_REFERER'])
common_page_data = get_common_page_data(request, request.POST.get("course_prefix"), request.POST.get("course_suffix"))
if not common_page_data['is_course_admin']:
return redirect('courses.views.main', common_page_data['course_prefix'],common_page_data['course_suffix'])
page = AdditionalPage.objects.get(id=request.POST.get("page_id"))
if request.POST.get("revert") == '1':
page.revert()
else:
#Validate manually, b/c we didn't use django forms here since we missed it
try:
validate_slug(request.POST.get("slug"))
except ValidationError:
return redirectWithError("The url descriptor cannot be empty and can only contain numbers, letters, underscores, and hyphens")
if (not page.slug==request.POST.get("slug")) and AdditionalPage.objects.filter(course=common_page_data['course'], slug=request.POST.get("slug")).exists():
return redirectWithError("A page with this URL identifier already exists")
if len(request.POST.get("title")) == 0:
return redirectWithError("The title cannot be empty")
if len(request.POST.get("title")) > AdditionalPage._meta.get_field("title").max_length:
return redirectWithError("The title length was too long")
new_section = request.POST.get("section")
old_section = page.section
if new_section == "null": # Topbar pages
page.section = None
page.menu_slug = "course_info" # normal pages
else:
page.section = ContentSection.objects.get(id=new_section)
page.menu_slug = None
page.title = request.POST.get("title")
page.description = request.POST.get("description")
page.slug = request.POST.get("slug")
page.save()
##Also save the production slug per Issue #685, basically slugs are not stageable.
page.image.slug = request.POST.get("slug")
page.image.save()
create_contentgroup_entries_from_post(request, 'parent', page.image, 'additional_page', display_style='list')
if request.POST.get("commit") == '1':
page.commit()
# This has to happen last of all
if old_section or new_section != "null":
ContentGroup.reassign_parent_child_sections('additional_page', page.image.id, new_section)
return redirect('courses.additional_pages.views.main', common_page_data['course_prefix'],common_page_data['course_suffix'], page.slug)
def put(self, request, organization):
"""
Update Project Slugs
````````````````````
Updates the slugs of projects within the organization.
:pparam string organization_slug: the slug of the organization the
short ID should be looked up in.
:param slugs: a dictionary of project IDs to their intended slugs.
:auth: required
"""
slugs = request.data.get('slugs', {})
for project_id, slug in six.iteritems(slugs):
slug = slug.lower()
try:
validate_slug(slug)
except ValidationError:
return Response({'detail': 'invalid slug "%s"' % slug},
status=400)
slugs[project_id] = slug
if len(slugs) != len(set(slugs.values())):
return Response({'detail': 'Duplicate slugs'}, status=400)
project_q = organization.project_set.filter(
pk__in=[int(x) for x in slugs])
rv = {}
with transaction.atomic():
projects = {}
# Clear out all slugs first so that we can move them
# around through the uniqueness
for project in project_q:
projects[six.text_type(project.id)] = project
project.slug = None
project.save()
# Set new ones
for project_id, slug in six.iteritems(slugs):
project = projects.get(project_id)
if project is None:
continue
other = Project.objects.filter(
slug=slug,
organization=organization).exclude(id=project.id).first()
if other is not None:
if len(slugs) != len(slugs.values()):
return Response({'detail': 'Duplicate slug %s' % slug},
status=400)
project.slug = slug
project.update_option('sentry:reviewed-slug', True)
project.save()
rv[project_id] = slug
return Response({'updated_slugs': rv})
def save(request):
def redirectWithError(warn_msg):
url = request.get_full_path()
messages.add_message(request, messages.ERROR, warn_msg)
return redirect(request.META['HTTP_REFERER'])
common_page_data = get_common_page_data(request,
request.POST.get("course_prefix"),
request.POST.get("course_suffix"))
if not common_page_data['is_course_admin']:
return redirect('courses.views.main',
common_page_data['course_prefix'],
common_page_data['course_suffix'])
page = AdditionalPage.objects.get(id=request.POST.get("page_id"))
if request.POST.get("revert") == '1':
page.revert()
else:
#Validate manually, b/c we didn't use django forms here since we missed it
try:
validate_slug(request.POST.get("slug"))
except ValidationError:
return redirectWithError(
"The url descriptor cannot be empty and can only contain numbers, letters, underscores, and hyphens"
)
if (not page.slug
== request.POST.get("slug")) and AdditionalPage.objects.filter(
course=common_page_data['course'],
slug=request.POST.get("slug")).exists():
return redirectWithError(
"A page with this URL identifier already exists")
if len(request.POST.get("title")) == 0:
return redirectWithError("The title cannot be empty")
if len(request.POST.get("title")) > AdditionalPage._meta.get_field(
"title").max_length:
return redirectWithError("The title length was too long")
page.title = request.POST.get("title")
page.description = request.POST.get("description")
page.slug = request.POST.get("slug")
page.save()
##Also save the production slug per Issue #685, basically slugs are not stageable.
page.image.slug = request.POST.get("slug")
page.image.save()
if request.POST.get("commit") == '1':
page.commit()
return redirect('courses.additional_pages.views.main',
common_page_data['course_prefix'],
common_page_data['course_suffix'], page.slug)
def validate_verb_slug(self, value):
try:
verb = Verb.objects.get(slug=value)
except Verb.DoesNotExist:
try:
validate_slug(value)
except ValidationError:
raise serializers.ValidationError('Invalid verb slug.')
verb = Verb.objects.create(slug=value)
return verb
def test_slug(self):
value = self.sd.slug()
validate_slug(value)
value = self.sd.slug(5, 5)
self.assertEqual(len(value.split(' ')), 1)
validate_slug(value)
with self.assertRaises(ParameterError):
value = self.sd.slug(10, 5)
def put(self, request, organization):
"""
Update Project Slugs
````````````````````
Updates the slugs of projects within the organization.
:pparam string organization_slug: the slug of the organization the
short ID should be looked up in.
:param slugs: a dictionary of project IDs to their intended slugs.
:auth: required
"""
slugs = request.DATA.get('slugs', {})
for project_id, slug in six.iteritems(slugs):
slug = slug.lower()
try:
validate_slug(slug)
except ValidationError:
return Response({'detail': 'invalid slug "%s"' % slug}, status=400)
slugs[project_id] = slug
if len(slugs) != len(set(slugs.values())):
return Response({'detail': 'Duplicate slugs'}, status=400)
project_q = organization.project_set.filter(pk__in=[int(x) for x in slugs])
rv = {}
with transaction.atomic():
projects = {}
# Clear out all slugs first so that we can move them
# around through the uniqueness
for project in project_q:
projects[six.text_type(project.id)] = project
project.slug = None
project.save()
# Set new ones
for project_id, slug in six.iteritems(slugs):
project = projects.get(project_id)
if project is None:
continue
other = Project.objects.filter(
slug=slug, organization=organization
).exclude(id=project.id).first()
if other is not None:
if len(slugs) != len(slugs.values()):
return Response({'detail': 'Duplicate slug %s' % slug}, status=400)
project.slug = slug
project.update_option('sentry:reviewed-slug', True)
project.save()
rv[project_id] = slug
return Response({'updated_slugs': rv})
def get_item_detail(item_slug: str) -> Item:
"""
Gets a particular Item info from it's slug
:param item_slug: products.models.Item.slug
:returns: products.models.Item
"""
validate_slug(item_slug)
item = Item.objects.get(slug__exact=item_slug)
return item
def validate(self, value, model_instance):
invalid_values = []
for val in value:
try:
validate_slug(val)
except ValidationError:
invalid_values.append(val)
if invalid_values:
# should really make a custom message.
raise ValidationError(self.error_messages["invalid_choice"] % invalid_values)
def add(request):
def redirectWithError(warn_msg):
url = request.get_full_path()
messages.add_message(request,messages.ERROR, warn_msg)
return redirect(request.META['HTTP_REFERER'])
course_prefix = request.POST.get("course_prefix")
course_suffix = request.POST.get("course_suffix")
common_page_data = get_common_page_data(request, course_prefix, course_suffix)
if not common_page_data['is_course_admin']:
return redirect('courses.views.view', course_prefix, course_suffix)
menu_slug = None
if request.POST.get("menu_slug") != "":
menu_slug = request.POST.get("menu_slug")
section = None
if request.POST.get("section_id") != "":
section = ContentSection.objects.get(id=request.POST.get("section_id"))
if request.POST.get("menu_slug") != "":
index = len(AdditionalPage.objects.filter(course=common_page_data['course'],menu_slug=request.POST.get("menu_slug")))
else:
index = section.getNextIndex()
#Validate manually, b/c we didn't use django forms here since we missed it
try:
validate_slug(request.POST.get("slug"))
except ValidationError:
return redirectWithError("The url descriptor cannot be empty and can only contain numbers, letters, underscores, and hyphens")
if AdditionalPage.objects.filter(course=common_page_data['course'], slug=request.POST.get("slug")).exists():
return redirectWithError("A page with this URL identifier already exists")
if len(request.POST.get("title")) == 0:
return redirectWithError("The title cannot be empty")
if len(request.POST.get("title")) > AdditionalPage._meta.get_field("title").max_length:
return redirectWithError("The title length was too long")
draft_page = AdditionalPage(course=common_page_data['draft_course'], menu_slug=menu_slug, section=section, title=request.POST.get("title"), slug=request.POST.get("slug"), index=index, mode='draft')
draft_page.save()
draft_page.create_ready_instance()
if request.POST.get("menu_slug") == "":
return redirect('courses.views.course_materials', course_prefix, course_suffix)
else:
return redirect(request.META['HTTP_REFERER'])
def from_native(self, data):
if self.queryset is None:
raise Exception('Writable related fields must include a '
'`queryset` argument')
try:
data = data.strip().lower()
validate_slug(data)
obj, _ = self.queryset.get_or_create(**{self.slug_field: data})
return obj
except (TypeError, ValueError):
msg = self.error_messages['invalid']
raise ValidationError(msg)
def validate(self, value, model_instance):
invalid_values = []
for val in value:
try:
validate_slug(val)
except ValidationError:
invalid_values.append(val)
if invalid_values:
# should really make a custom message.
raise ValidationError(self.error_messages['invalid_choice'] %
invalid_values)
def _sanitize_slug(self, value):
"""
Make sure a request input value is actually slug. If not,
the just return an empty string.
"""
if value:
try:
validators.validate_slug(value)
return value
except ValidationError:
pass
return ''
def add(request):
def redirectWithError(warn_msg):
url = request.get_full_path()
messages.add_message(request,messages.ERROR, warn_msg)
return redirect(request.META['HTTP_REFERER'])
course_prefix = request.POST.get("course_prefix")
course_suffix = request.POST.get("course_suffix")
common_page_data = get_common_page_data(request, course_prefix, course_suffix)
if not common_page_data['is_course_admin']:
return redirect('courses.views.view', course_prefix, course_suffix)
menu_slug = None
if request.POST.get("menu_slug") != "":
menu_slug = request.POST.get("menu_slug")
section = None
if request.POST.get("section_id") != "":
section = ContentSection.objects.get(id=request.POST.get("section_id"))
if request.POST.get("menu_slug") != "":
index = len(AdditionalPage.objects.filter(course=common_page_data['course'],menu_slug=request.POST.get("menu_slug")))
else:
index = section.getNextIndex()
#Validate manually, b/c we didn't use django forms here since we missed it
try:
validate_slug(request.POST.get("slug"))
except ValidationError:
return redirectWithError("The url descriptor cannot be empty and can only contain numbers, letters, underscores, and hyphens")
if AdditionalPage.objects.filter(course=common_page_data['course'], slug=request.POST.get("slug")).exists():
return redirectWithError("A page with this URL identifier already exists")
if len(request.POST.get("title")) == 0:
return redirectWithError("The title cannot be empty")
if len(request.POST.get("title")) > AdditionalPage._meta.get_field("title").max_length:
return redirectWithError("The title length was too long")
draft_page = AdditionalPage(course=common_page_data['draft_course'], menu_slug=menu_slug, section=section, title=request.POST.get("title"), slug=request.POST.get("slug"), index=index, mode='draft')
draft_page.save()
draft_page.create_ready_instance()
create_contentgroup_entries_from_post(request, 'parent_id', draft_page.image, 'additional_page', display_style='list')
if request.POST.get("menu_slug") == "":
return redirect('courses.views.course_materials', course_prefix, course_suffix)
else:
return redirect(request.META['HTTP_REFERER'])
def save_faucet(request):
"""Handle saving faucet requests."""
email_address = request.POST.get('emailAddress')
eth_address = request.POST.get('ethAddress')
is_authenticated = request.user.is_authenticated
profile = request.user.profile if is_authenticated and hasattr(
request.user, 'profile') else None
if not profile:
return JsonResponse(
{
'message':
_('You must be authenticated via github to use this feature!')
},
status=401)
try:
validate_slug(eth_address)
if email_address:
validate_email(email_address)
except Exception as e:
return JsonResponse({'message': str(e)}, status=400)
comment = escape(strip_tags(request.POST.get('comment', '')))
if profile.faucet_requests.filter(fulfilled=True):
return JsonResponse(
{
'message':
_('The submitted github profile shows a previous faucet distribution.'
)
},
status=403)
elif profile.faucet_requests.filter(rejected=False):
return JsonResponse(
{
'message':
_('The submitted github profile shows a pending faucet distribution.'
)
},
status=403)
fr = FaucetRequest.objects.create(
fulfilled=False,
github_username=request.user.username,
github_meta={},
address=eth_address,
email=email_address if email_address else request.user.email,
comment=comment,
profile=profile,
)
new_faucet_request(fr)
return JsonResponse({'message': _('Created.')}, status=201)
def get_queryset(self):
try:
queryset = PageElement.objects.filter(account=self.account)
search_string = self.request.query_params.get('q', None)
if search_string is not None:
tag = self.request.query_params.get('tag', None)
validate_slug(tag)
validate_title(search_string)
queryset = queryset.filter(tag=tag,
title__contains=search_string)
return queryset
except ValidationError:
return []
def get_queryset(self):
try:
queryset = PageElement.objects.filter(account=self.account)
search_string = self.request.query_params.get('q', None)
if search_string is not None:
tag = self.request.query_params.get('tag', None)
validate_slug(tag)
validate_title(search_string)
queryset = queryset.filter(tag=tag,
title__contains=search_string)
return queryset
except ValidationError:
return []
def search_by_tag(request):
params = {}
params['user'] = request.user
text = request.GET.get('text')
from django.core.validators import validate_slug
try:
validate_slug(text)
params['oneliners'] = OneLiner.recent_by_tag(text)
except:
params['oneliners'] = ()
return render_to_response('main/elements/oneliners.html', params)
def check_slug(cls, text):
text = text.lower()
is_exists = cls.objects.filter(slug=text).count() > 0
is_correct = True
try:
validate_slug(text)
except django_exceptions.ValidationError:
is_correct = False
return CheckSlug(is_exists, is_correct)
def get_queryset(self): #pylint: disable=no-self-use
try:
queryset = PageElement.objects.filter()
search_string = 'test /String'
if search_string is not None:
tag = 'test-tag'
validate_slug(tag)
validate_title(search_string)
queryset = queryset.filter(tag=tag,
title__contains=search_string)
return queryset
except ValidationError:
return []
def get_queryset(self): #pylint: disable=no-self-use
try:
queryset = PageElement.objects.filter()
search_string = 'test /String'
if search_string is not None:
tag = 'test-tag'
validate_slug(tag)
validate_title(search_string)
queryset = queryset.filter(tag=tag,
title__contains=search_string)
return queryset
except ValidationError:
return []
def __call__(self, value):
if not isinstance(value, dict):
self._raise_error('invalid')
#check all keys exist:
if set(value.keys()) != {'urlId',}:
self._raise_error('invalid')
#check urlId (validate as url slug):
try:
validators.validate_slug(value['urlId'])
except ValidationError:
self._raise_error('invalid_field', ('urlId',))
def is_valid(self, bundle, request=None):
if not bundle.data:
return {'__all__': 'Not quite what I had in mind.'}
errors = {}
if 'uuid' in bundle.data.keys():
try:
validate_slug(bundle.data['uuid'])
except ValidationError:
errors['uuid'] = ["Enter a valid 'slug' consisting of letters, numbers, underscores or hyphens."]
return errors
def save_faucet(request):
github_profile = request.POST.get('githubProfile')
email_address = request.POST.get('emailAddress')
eth_address = request.POST.get('ethAddress')
profile_handle = request.session.get('handle', '')
try:
validate_slug(github_profile)
validate_email(email_address)
validate_slug(eth_address)
except Exception as e:
return JsonResponse({'message': str(e)}, status=400)
comment = escape(strip_tags(request.POST.get('comment')))
checkeduser = check_github(github_profile)
if FaucetRequest.objects.filter(fulfilled=True,
github_username=github_profile):
return JsonResponse(
{
'message':
'The submitted github profile shows a previous faucet distribution.'
},
status=403)
elif FaucetRequest.objects.filter(github_username=github_profile,
rejected=False):
return JsonResponse(
{
'message':
'The submitted github profile shows a pending faucet distribution.'
},
status=403)
elif not checkeduser:
return JsonResponse(
{
'message':
'The submitted github profile could not be found on github.'
},
status=400)
fr = FaucetRequest.objects.create(
fulfilled=False,
github_username=github_profile,
input_github_username=profile_handle,
github_meta=checkeduser,
address=eth_address,
email=email_address,
comment=comment,
)
new_faucet_request(fr)
return JsonResponse({'message': 'Created.'}, status=201)
def clean_username(self):
username = self.cleaned_data.get("username")
try:
validators.validate_slug(username)
valid_username = True
except:
raise forms.ValidationError("Username is not valid, Special characters used!.")
valid_username = False
if valid_username:
if(User.objects.filter(username=username).exists()):
print("Sorry, a user with that Username already exists!.")
raise forms.ValidationError("Sorry, a user with that Username already exists!.")
return None
else:
return username
def link_json_validator(value):
title_validator = validate_slug()
url_validator = URLValidator(schemes=['http', 'https'])
value = json.loads(value)
for title, url in a.items():
title_validator(title)
url_validator(url)
def validate_username(username):
"""
This validation step is done when we are sure the user
does not exit on the systems and we need to create a new user.
"""
try:
validate_slug(username)
except ValidationError:
username = slugify(username)
user_model_cls = get_user_model()
_username = username
while user_model_cls.objects.filter(username=_username).exists():
_username = '******'.format(username, random.randint(1, 100))
return _username
def _get_org(self, org_slug):
Organization = load_model('openwisp_users', 'Organization')
if org_slug in [None, '']:
return None
try:
validate_slug(org_slug)
instance = Organization.objects.get(slug=org_slug)
except ValidationError as e:
raise CsvImportException(str(e))
except Organization.DoesNotExist:
raise CsvImportException(
'The import operation failed because the data being imported '
f'belongs to an organization which is not recognized: “{org_slug}”. '
'Please create this organization or adapt the CSV file being imported '
'by pointing the data to another organization.')
return instance
def get_item_related_products(item_slug: str) -> QuerySet:
"""
Gets a particular Item info from it's slug
:param item_slug: products.models.Item.slug
:returns: Queryset with item's related_products
"""
validate_slug(item_slug)
# TODO: Implement Logic
items = Item.objects.order_by("-time_last_edited") \
.filter(~Q(slug=item_slug))[:15] \
.only(
"title", "price", "discount_price", "slug", "description",
"image", "brand__title", "sub_category__title")
return items
def search_by_tag(request):
params = {'user': request.user}
tagname = request.GET.get('tag')
ordering = request.GET.get('ordering')
try:
validate_slug(tagname)
if ordering == 'popular':
order_by = '-vote_sum'
else:
order_by = None
items = OneLiner.filter_by_tag(tagname, order_by=order_by)
params['oneliners'] = items
except ValidationError:
params['oneliners'] = ()
return render_to_response('oneliners/elements/oneliners.html', params)
def save(request):
def redirectWithError(warn_msg):
url = request.get_full_path()
messages.add_message(request,messages.ERROR, warn_msg)
return redirect(request.META['HTTP_REFERER'])
common_page_data = get_common_page_data(request, request.POST.get("course_prefix"), request.POST.get("course_suffix"))
if not common_page_data['is_course_admin']:
return redirect('courses.views.main', common_page_data['course_prefix'],common_page_data['course_suffix'])
page = AdditionalPage.objects.get(id=request.POST.get("page_id"))
if request.POST.get("revert") == '1':
page.revert()
else:
#Validate manually, b/c we didn't use django forms here since we missed it
try:
validate_slug(request.POST.get("slug"))
except ValidationError:
return redirectWithError("The url descriptor cannot be empty and can only contain numbers, letters, underscores, and hyphens")
if (not page.slug==request.POST.get("slug")) and AdditionalPage.objects.filter(course=common_page_data['course'], slug=request.POST.get("slug")).exists():
return redirectWithError("A page with this URL identifier already exists")
if len(request.POST.get("title")) == 0:
return redirectWithError("The title cannot be empty")
if len(request.POST.get("title")) > AdditionalPage._meta.get_field("title").max_length:
return redirectWithError("The title length was too long")
page.title = request.POST.get("title")
page.description = request.POST.get("description")
page.slug = request.POST.get("slug")
page.save()
##Also save the production slug per Issue #685, basically slugs are not stageable.
page.image.slug = request.POST.get("slug")
page.image.save()
if request.POST.get("commit") == '1':
page.commit()
return redirect('courses.additional_pages.views.main', common_page_data['course_prefix'],common_page_data['course_suffix'], page.slug)
def clean(self):
cleaned_data = super(UpdateCategoryForm, self).clean()
title = cleaned_data.get('title')
slug = unidecode(cleaned_data.get('slug'))
if not match("^[\w ]+$", title):
raise forms.ValidationError(
_('Name should consist of letters, numbers, underscores and spaces'
))
try:
validate_slug(slug)
except forms.ValidationError:
raise forms.ValidationError(
_('Slug should consist of letters, numbers, underscores and dashes '
))
return cleaned_data
def search_by_tag(request):
params = {}
params['user'] = request.user
tagname = request.GET.get('tag')
ordering = request.GET.get('ordering')
try:
validate_slug(tagname)
if ordering == 'popular':
order_by = '-score'
else:
order_by = None
items = OneLiner.filter_by_tag(tagname, order_by=order_by)
params['oneliners'] = items
except ValidationError:
params['oneliners'] = ()
return render_to_response('oneliners/elements/oneliners.html', params)
def search_by_tag(request):
params = {}
params["user"] = request.user
tagname = request.GET.get("tag")
ordering = request.GET.get("ordering")
try:
validate_slug(tagname)
if ordering == "popular":
order_by = "-score"
else:
order_by = None
items = OneLiner.filter_by_tag(tagname, order_by=order_by)
params["oneliners"] = items
except ValidationError:
params["oneliners"] = ()
return render_to_response("oneliners/elements/oneliners.html", params)
def slug_available(request):
if request.method == 'GET':
if request.GET.has_key('slug'):
slug = request.GET['slug']
try:
validate_slug(slug)
except ValidationError:
return HttpResponseServerError()
try:
e = Event.objects.get(slug=slug)
except Event.DoesNotExist:
e = None
if e:
# event with that slug already exists
return HttpResponseServerError()
return HttpResponse()
return HttpResponseServerError("Invalid request")
def _validate_username(username):
"""Validate the username.
Arguments:
username (unicode): The proposed username.
Returns:
None
Raises:
AccountUsernameInvalid
"""
if not isinstance(username, basestring):
raise AccountUsernameInvalid(u"Username must be a string")
if len(username) < USERNAME_MIN_LENGTH:
raise AccountUsernameInvalid(
u"Username '{username}' must be at least {min} characters long".format(
username=username,
min=USERNAME_MIN_LENGTH
)
)
if len(username) > USERNAME_MAX_LENGTH:
raise AccountUsernameInvalid(
u"Username '{username}' must be at most {max} characters long".format(
username=username,
max=USERNAME_MAX_LENGTH
)
)
try:
validate_slug(username)
except ValidationError:
raise AccountUsernameInvalid(
u"Username '{username}' must contain only A-Z, a-z, 0-9, -, or _ characters"
)
def create(request):
valid = True
if request.method == 'POST':
""" Validations """
try:
validate_slug( request.POST['username'] )
if len( request.POST['username'] ) < 5: raise ValidationError('Nome de usuario deve ter no minimo 5 letras.')
except ValidationError:
messages.add_message(request, messages.ERROR, 'Nome de usuario invalido.')
valid = False
try:
validate_email( request.POST['email'] )
except ValidationError:
messages.add_message(request, messages.ERROR, 'Email invalido.')
valid = False
if len ( request.POST['password'] ) < 1 or request.POST['password'] != request.POST['password_confirmation']:
messages.add_message(request, messages.ERROR, 'Senha invalida ou senhas nao coincidem.')
valid = False
""" If messages is set is because some error occured """
if not valid:
return render(request, 'registration/new.html' )
""" saves the user object """
user = User.objects.create_user(request.POST['username'])
user.email = request.POST['email']
user.set_password( request.POST['password'] )
user.save()
logging.debug( request.POST )
messages.add_message(request, messages.SUCCESS, 'Usuario cadastrado com sucesso.')
return redirect('/')
def save_exam_ajax(request, course_prefix, course_suffix, create_or_edit="create", old_slug=""):
course = request.common_page_data['course']
if course.mode == "ready":
course = course.image
slug = request.POST.get('slug','')
title = request.POST.get('title', '')
description = request.POST.get('description', '')
metaXMLContent = request.POST.get('metaXMLContent', '')
htmlContent = request.POST.get('htmlContent', '')
xmlImported = request.POST.get('xmlImported','')
due_date = request.POST.get('due_date', '')
grace_period = request.POST.get('grace_period', '')
partial_credit_deadline = request.POST.get('partial_credit_deadline', '')
late_penalty = request.POST.get('late_penalty', '')
num_subs_permitted = request.POST.get('num_subs_permitted','')
resubmission_penalty = request.POST.get('resubmission_penalty','')
assessment_type = request.POST.get('assessment_type','')
section=request.POST.get('section','')
invideo_val=request.POST.get('invideo','')
parent=request.POST.get('parent','none,none')
if invideo_val and invideo_val == "true":
invideo = True
else:
invideo = False
#########Validation, lots of validation#######
if not slug:
return HttpResponseBadRequest("No URL identifier value provided")
try:
validate_slug(slug)
except ValidationError as ve:
return HttpResponseBadRequest(unicode(ve))
if not title:
return HttpResponseBadRequest("No Title value provided")
if not metaXMLContent:
return HttpResponseBadRequest("No metadataXML provided")
try:
grader = AutoGrader(metaXMLContent)
except Exception as e: #Since this is just a validator, pass back all the exceptions
return HttpResponseBadRequest(unicode(e))
total_score = grader.points_possible
if not htmlContent:
return HttpResponseBadRequest("No Exam HTML provided")
if not due_date:
return HttpResponseBadRequest("No due date provided")
if not grace_period:
return HttpResponseBadRequest("No grace period provided")
if not partial_credit_deadline:
return HttpResponseBadRequest("No hard deadline provided")
if not section:
return HttpResponseBadRequest("Bad section provided!")
try:
contentsection = ContentSection.objects.get(id=section, course=course, is_deleted=False)
except ContentSection.DoesNotExist:
return HttpResponseBadRequest("Bad section provided!")
dd = datetime.datetime.strptime(due_date, "%m/%d/%Y %H:%M")
gp = datetime.datetime.strptime(grace_period, "%m/%d/%Y %H:%M")
pcd = datetime.datetime.strptime(partial_credit_deadline, "%m/%d/%Y %H:%M")
if assessment_type == "summative":
autograde = True
display_single = False
grade_single = False
exam_type = "problemset"
elif assessment_type == "formative":
autograde = True
display_single = True
grade_single = False #We will eventually want this to be True
exam_type = "problemset"
elif assessment_type == "interactive":
autograde = True
display_single = True
grade_single = False
exam_type = "interactive_exercise"
elif assessment_type == "exam-autograde":
autograde = True
display_single = False
grade_single = False
exam_type = "exam"
elif assessment_type == "exam-csv":
autograde = False
display_single = False
grade_single = False
exam_type = "exam"
elif assessment_type == "survey":
autograde = False
display_single = False
grade_single = False
exam_type = "survey"
else:
return HttpResponseBadRequest("A bad assessment type (" + assessment_type + ") was provided")
if not late_penalty:
lp = 0
else:
try:
lp = int(late_penalty)
except ValueError:
return HttpResponseBadRequest("A non-numeric late penalty (" + late_penalty + ") was provided")
if not num_subs_permitted:
sp = 999
else:
try:
sp = int(num_subs_permitted)
except ValueError:
return HttpResponseBadRequest("A non-numeric number of submissions permitted (" + sp + ") was provided")
if not resubmission_penalty:
rp = 0
else:
try:
rp = int(resubmission_penalty)
except ValueError:
return HttpResponseBadRequest("A non-numeric resubmission penalty (" + resubmission_penalty + ") was provided")
if parent and parent[:4] != 'none':
parent_type, parent = parent.split(',')
else:
parent_type, parent = None, None
#create or edit the Exam
if create_or_edit == "create":
if Exam.objects.filter(course=course, slug=slug, is_deleted=False).exists():
return HttpResponseBadRequest("An exam with this URL identifier already exists in this course")
exam_obj = Exam(course=course, slug=slug, title=title, description=description, html_content=htmlContent, xml_metadata=metaXMLContent,
due_date=dd, assessment_type=assessment_type, mode="draft", total_score=total_score, grade_single=grade_single,
grace_period=gp, partial_credit_deadline=pcd, late_penalty=lp, submissions_permitted=sp, resubmission_penalty=rp,
exam_type=exam_type, autograde=autograde, display_single=display_single, invideo=invideo, section=contentsection,
xml_imported=xmlImported
)
exam_obj.save()
exam_obj.create_ready_instance()
if parent_type:
parent_ref = ContentGroup.groupable_types[parent_type].objects.get(id=long(parent)).image
content_group_groupid = ContentGroup.add_parent(exam_obj.image.course, parent_type, parent_ref.image)
ContentGroup.add_child(content_group_groupid, 'exam', exam_obj.image, display_style='list')
return HttpResponse("Exam " + title + " created. \n" + unicode(grader))
else:
try: #this is nasty code, I know. It should at least be moved into the model somehow
exam_obj = Exam.objects.get(course=course, is_deleted=0, slug=old_slug)
exam_obj.slug=slug
exam_obj.title=title
exam_obj.description=description
exam_obj.html_content=htmlContent
exam_obj.xml_metadata=metaXMLContent
exam_obj.xml_imported=xmlImported
exam_obj.due_date=dd
exam_obj.total_score=total_score
exam_obj.assessment_type=assessment_type
exam_obj.grace_period=gp
exam_obj.partial_credit_deadline=pcd
exam_obj.late_penalty=lp
exam_obj.submissions_permitted=sp
exam_obj.resubmission_penalty=rp
exam_obj.exam_type=exam_type
exam_obj.autograde=autograde
exam_obj.display_single=display_single
exam_obj.grade_single=grade_single
exam_obj.invideo=invideo
exam_obj.section=contentsection
exam_obj.save()
exam_obj.commit()
if parent_type:
parent_ref = ContentGroup.groupable_types[parent_type].objects.get(id=long(parent)).image
content_group_parent = parent_ref.contentgroup_set.all()
if content_group_parent:
content_group_groupid = content_group_parent[0].group_id
else:
content_group_groupid = ContentGroup.add_parent(exam_obj.image.course, parent_type, parent_ref.image)
ContentGroup.add_child(content_group_groupid, 'exam', exam_obj.image, display_style='list')
return HttpResponse("Exam " + title + " saved. \n" + unicode(grader))
except Exam.DoesNotExist:
return HttpResponseBadRequest("No exam exists with URL identifier %s" % old_slug)
def add(request):
def redirectWithError(warn_msg):
url = request.get_full_path()
messages.add_message(request,messages.ERROR, warn_msg)
return redirect(request.META['HTTP_REFERER'])
course_prefix = request.POST.get("course_prefix")
course_suffix = request.POST.get("course_suffix")
common_page_data = get_common_page_data(request, course_prefix, course_suffix)
if not common_page_data['is_course_admin']:
return redirect('courses.views.view', course_prefix, course_suffix)
menu_slug = None
if request.POST.get("menu_slug") != "":
menu_slug = request.POST.get("menu_slug")
section = None
if request.POST.get("section_id") != "":
section = ContentSection.objects.get(id=request.POST.get("section_id"))
parent_type,parent_id = None,None
if request.POST.get("parent_id") != "":
parent_type,parent_id = request.POST.get("parent_id").split(',')
if parent_type == 'none':
parent_type, parent_id = None,None
else:
parent_id = int(parent_id)
if request.POST.get("menu_slug") != "":
index = len(AdditionalPage.objects.filter(course=common_page_data['course'],menu_slug=request.POST.get("menu_slug")))
else:
index = section.getNextIndex()
#Validate manually, b/c we didn't use django forms here since we missed it
try:
validate_slug(request.POST.get("slug"))
except ValidationError:
return redirectWithError("The url descriptor cannot be empty and can only contain numbers, letters, underscores, and hyphens")
if AdditionalPage.objects.filter(course=common_page_data['course'], slug=request.POST.get("slug")).exists():
return redirectWithError("A page with this URL identifier already exists")
if len(request.POST.get("title")) == 0:
return redirectWithError("The title cannot be empty")
if len(request.POST.get("title")) > AdditionalPage._meta.get_field("title").max_length:
return redirectWithError("The title length was too long")
draft_page = AdditionalPage(course=common_page_data['draft_course'], menu_slug=menu_slug, section=section, title=request.POST.get("title"), slug=request.POST.get("slug"), index=index, mode='draft')
draft_page.save()
draft_page.create_ready_instance()
if parent_type != None and parent_type != "none":
parent_ref = AdditionalPage.objects.get(id=parent_id).image
#print "DEBUG: creating parent/child relationship between", parent_ref.id, "and", draft_page.image.id
# XXX: We assume that the parent is an AdditionalPage regardless of parent_type; this is by the spec, but against my nature
content_group_groupid = ContentGroup.add_parent(parent_ref.course, parent_type, parent_ref)
ContentGroupGroupFactory.add_child(content_group_groupid, 'additional_page', draft_page.image)
if request.POST.get("menu_slug") == "":
return redirect('courses.views.course_materials', course_prefix, course_suffix)
else:
return redirect(request.META['HTTP_REFERER'])
def cme_create_account(request, post_override=None):
'''
JSON call to create new edX account; modified for the CME registration form.
Used by form in signup_modal.html, which is included into navigation.html
'''
json_string = {'success': False}
post_vars = post_override if post_override else request.POST.copy()
# Confirm we have a properly formed request
for var in ['username', 'email', 'password', 'name']:
if var not in post_vars:
json_string['value'] = "Error (401 {field}). E-mail us.".format(field=var)
json_string['field'] = var
return HttpResponse(json.dumps(json_string))
# Validate required fields set1
error = validate_required_fields_set1(post_vars)
if error is not None:
return HttpResponse(json.dumps(error))
# Validate length of middle initial
error = validate_middle_initial_length(post_vars)
if error is not None:
return HttpResponse(json.dumps(error))
# Validate birth date
error = validate_birth_date_format(post_vars)
if error is not None:
return HttpResponse(json.dumps(error))
# Validate fields dependent on Professional Designation
error = validate_professional_fields(post_vars)
if error is not None:
return HttpResponse(json.dumps(error))
# Setup post_vars for correct sub_affiliation field
post_vars = setup_sub_affiliation_field(post_vars)
# Validate affiliation fields
error = validate_affiliation_fields(post_vars)
if error is not None:
return HttpResponse(json.dumps(error))
# Validate required fields set2
error = validate_required_fields_set2(post_vars)
if error is not None:
return HttpResponse(json.dumps(error))
# Validate required check boxes
error = validate_required_boxes(post_vars)
if error is not None:
return HttpResponse(json.dumps(error))
# Validate required radio buttons
# Commented out while no radios exist
# error = validate_required_radios(post_vars)
# if error is not None:
# return HttpResponse(json.dumps(error))
# Validate required secondary fields
error = validate_required_secondaries(post_vars)
if error is not None:
return HttpResponse(json.dumps(error))
# Validate email address
try:
validate_email(post_vars['email'])
except ValidationError:
json_string['value'] = "Valid e-mail is required."
json_string['field'] = 'email'
return HttpResponse(json.dumps(json_string))
# Validate username conforms
try:
validate_slug(post_vars['username'])
except ValidationError:
json_string['value'] = "Username should only consist of A-Z and 0-9, with no spaces."
json_string['field'] = 'username'
return HttpResponse(json.dumps(json_string))
# Validate Export controls
error = validate_export_controls(post_vars)
if error is not None:
return HttpResponse(json.dumps(error))
# Ok, looks like everything is legit. Create the account.
ret = _do_cme_create_account(post_vars)
if isinstance(ret, HttpResponse): # if there was an error then return that
return ret
(user, cme_user_profile, registration) = ret
email_dict = {
'name': post_vars['name'],
'key': registration.activation_key,
}
# composes activation email
subject = render_to_string('emails/activation_email_subject.txt', email_dict)
# Email subject *must not* contain newlines
subject = ''.join(subject.splitlines())
message = render_to_string('emails/activation_email.txt', email_dict)
try:
if settings.FEATURES.get('REROUTE_ACTIVATION_EMAIL'):
dest_addr = settings.FEATURES['REROUTE_ACTIVATION_EMAIL']
message = ("Activation for %s (%s): %s\n" % (user, user.email, cme_user_profile.name) +
'-' * 80 + '\n\n' + message)
send_mail(subject, message, settings.DEFAULT_FROM_EMAIL, [dest_addr], fail_silently=False)
else:
user.email_user(subject, message, settings.DEFAULT_FROM_EMAIL)
except:
log.warning('Unable to send activation email to user', exc_info=True)
json_string['value'] = 'Could not send activation e-mail.'
return HttpResponse(json.dumps(json_string))
# Immediately after a user creates an account, we log them in. They are only
# logged in until they close the browser. They can't log in again until they click
# the activation link from the email.
login_user = authenticate(username=post_vars['username'], password=post_vars['password'])
login(request, login_user)
request.session.set_expiry(0)
redirect_url = get_next_url_for_login_page(request)
dog_stats_api.increment("common.student.successful_login")
json_string = {'success': True,
'redirect_url': redirect_url}
response = HttpResponse(json.dumps(json_string))
return response
def validate_group_name(value):
if value in settings.GROUP_NAME_RESERVED_WORDS:
names = ",".join(settings.GROUP_NAME_RESERVED_WORDS)
raise ValidationError(_("Value can't be in %s") % names)
validate_slug(value)
def create_account(request, post_override=None):
'''
JSON call to create new edX account.
Used by form in signup_modal.html, which is included into navigation.html
'''
js = {'success': False}
post_vars = post_override if post_override else request.POST
# if doing signup for an external authorization, then get email, password, name from the eamap
# don't use the ones from the form, since the user could have hacked those
# unless originally we didn't get a valid email or name from the external auth
DoExternalAuth = 'ExternalAuthMap' in request.session
if DoExternalAuth:
eamap = request.session['ExternalAuthMap']
try:
validate_email(eamap.external_email)
email = eamap.external_email
except ValidationError:
email = post_vars.get('email', '')
if eamap.external_name.strip() == '':
name = post_vars.get('name', '')
else:
name = eamap.external_name
password = eamap.internal_password
post_vars = dict(post_vars.items())
post_vars.update(dict(email=email, name=name, password=password))
log.info('In create_account with external_auth: post_vars = %s' % post_vars)
# Confirm we have a properly formed request
for a in ['username', 'email', 'password', 'name']:
if a not in post_vars:
js['value'] = "Error (401 {field}). E-mail us.".format(field=a)
js['field'] = a
return HttpResponse(json.dumps(js))
if post_vars.get('honor_code', 'false') != u'true':
js['value'] = "To enroll, you must follow the honor code.".format(field=a)
js['field'] = 'honor_code'
return HttpResponse(json.dumps(js))
# Can't have terms of service for certain SHIB users, like at Stanford
tos_not_required = settings.MITX_FEATURES.get("AUTH_USE_SHIB") \
and settings.MITX_FEATURES.get('SHIB_DISABLE_TOS') \
and DoExternalAuth and ("shib" in eamap.external_domain)
if not tos_not_required:
if post_vars.get('terms_of_service', 'false') != u'true':
js['value'] = "You must accept the terms of service.".format(field=a)
js['field'] = 'terms_of_service'
return HttpResponse(json.dumps(js))
# Confirm appropriate fields are there.
# TODO: Check e-mail format is correct.
# TODO: Confirm e-mail is not from a generic domain (mailinator, etc.)? Not sure if
# this is a good idea
# TODO: Check password is sane
required_post_vars = ['username', 'email', 'name', 'password', 'terms_of_service', 'honor_code']
if tos_not_required:
required_post_vars = ['username', 'email', 'name', 'password', 'honor_code']
for a in required_post_vars:
if len(post_vars[a]) < 2:
error_str = {'username': '******',
'email': 'A properly formatted e-mail is required.',
'name': 'Your legal name must be a minimum of two characters long.',
'password': '******',
'terms_of_service': 'Accepting Terms of Service is required.',
'honor_code': 'Agreeing to the Honor Code is required.'}
js['value'] = error_str[a]
js['field'] = a
return HttpResponse(json.dumps(js))
try:
validate_email(post_vars['email'])
except ValidationError:
js['value'] = "Valid e-mail is required.".format(field=a)
js['field'] = 'email'
return HttpResponse(json.dumps(js))
try:
validate_slug(post_vars['username'])
except ValidationError:
js['value'] = "Username should only consist of A-Z and 0-9, with no spaces.".format(field=a)
js['field'] = 'username'
return HttpResponse(json.dumps(js))
# Ok, looks like everything is legit. Create the account.
ret = _do_create_account(post_vars)
if isinstance(ret, HttpResponse): # if there was an error then return that
return ret
(user, profile, registration) = ret
d = {'name': post_vars['name'],
'key': registration.activation_key,
}
# composes activation email
subject = render_to_string('emails/activation_email_subject.txt', d)
# Email subject *must not* contain newlines
subject = ''.join(subject.splitlines())
message = render_to_string('emails/activation_email.txt', d)
try:
if settings.MITX_FEATURES.get('REROUTE_ACTIVATION_EMAIL'):
dest_addr = settings.MITX_FEATURES['REROUTE_ACTIVATION_EMAIL']
message = ("Activation for %s (%s): %s\n" % (user, user.email, profile.name) +
'-' * 80 + '\n\n' + message)
send_mail(subject, message, settings.DEFAULT_FROM_EMAIL, [dest_addr], fail_silently=False)
elif not settings.GENERATE_RANDOM_USER_CREDENTIALS:
res = user.email_user(subject, message, settings.DEFAULT_FROM_EMAIL)
except:
log.warning('Unable to send activation email to user', exc_info=True)
js['value'] = 'Could not send activation e-mail.'
return HttpResponse(json.dumps(js))
# Immediately after a user creates an account, we log them in. They are only
# logged in until they close the browser. They can't log in again until they click
# the activation link from the email.
login_user = authenticate(username=post_vars['username'], password=post_vars['password'])
login(request, login_user)
request.session.set_expiry(0)
if DoExternalAuth:
eamap.user = login_user
eamap.dtsignup = datetime.datetime.now(UTC)
eamap.save()
log.info("User registered with external_auth %s" % post_vars['username'])
log.info('Updated ExternalAuthMap for %s to be %s' % (post_vars['username'], eamap))
if settings.MITX_FEATURES.get('BYPASS_ACTIVATION_EMAIL_FOR_EXTAUTH'):
log.info('bypassing activation email')
login_user.is_active = True
login_user.save()
try_change_enrollment(request)
statsd.increment("common.student.account_created")
js = {'success': True}
HttpResponse(json.dumps(js), mimetype="application/json")
response = HttpResponse(json.dumps({'success': True}))
# set the login cookie for the edx marketing site
# we want this cookie to be accessed via javascript
# so httponly is set to None
if request.session.get_expire_at_browser_close():
max_age = None
expires = None
else:
max_age = request.session.get_expiry_age()
expires_time = time.time() + max_age
expires = cookie_date(expires_time)
response.set_cookie(settings.EDXMKTG_COOKIE_NAME,
'true', max_age=max_age,
expires=expires, domain=settings.SESSION_COOKIE_DOMAIN,
path='/',
secure=None,
httponly=None)
return response
def clean_username(self):
username = self.cleaned_data['username']
validate_slug(username)
if User.objects.filter(username=username).count():
raise forms.ValidationError(_("Username already exists"))
return username
def save_exam_ajax(request, course_prefix, course_suffix, create_or_edit="create", old_slug=""):
course = request.common_page_data['course']
if course.mode == "ready":
course = course.image
slug = request.POST.get('slug','')
title = request.POST.get('title', '')
description = request.POST.get('description', '')
metaXMLContent = request.POST.get('metaXMLContent', '')
htmlContent = request.POST.get('htmlContent', '')
xmlImported = request.POST.get('xmlImported','')
due_date = request.POST.get('due_date', '')
grace_period = request.POST.get('grace_period', '')
partial_credit_deadline = request.POST.get('partial_credit_deadline', '')
late_penalty = request.POST.get('late_penalty', '')
num_subs_permitted = request.POST.get('num_subs_permitted','')
resubmission_penalty = request.POST.get('resubmission_penalty','')
assessment_type = request.POST.get('assessment_type','')
section=request.POST.get('section','')
invideo_val=request.POST.get('invideo','')
if invideo_val and invideo_val == "true":
invideo = True
else:
invideo = False
#########Validation, lots of validation#######
if not slug:
return HttpResponseBadRequest("No URL identifier value provided")
try:
validate_slug(slug)
except ValidationError as ve:
return HttpResponseBadRequest(unicode(ve))
if not title:
return HttpResponseBadRequest("No Title value provided")
if not metaXMLContent:
return HttpResponseBadRequest("No metadataXML provided")
try:
grader = AutoGrader(metaXMLContent)
except Exception as e: #Since this is just a validator, pass back all the exceptions
return HttpResponseBadRequest(unicode(e))
total_score = grader.points_possible
if not htmlContent:
return HttpResponseBadRequest("No Exam HTML provided")
if not due_date:
return HttpResponseBadRequest("No due date provided")
if not grace_period:
return HttpResponseBadRequest("No grace period provided")
if not partial_credit_deadline:
return HttpResponseBadRequest("No hard deadline provided")
if not section:
return HttpResponseBadRequest("Bad section provided!")
try:
contentsection = ContentSection.objects.get(id=section, course=course, is_deleted=False)
except ContentSection.DoesNotExist:
return HttpResponseBadRequest("Bad section provided!")
dd = datetime.datetime.strptime(due_date, "%m/%d/%Y %H:%M")
gp = datetime.datetime.strptime(grace_period, "%m/%d/%Y %H:%M")
pcd = datetime.datetime.strptime(partial_credit_deadline, "%m/%d/%Y %H:%M")
if assessment_type == "summative":
autograde = True
display_single = False
grade_single = False
exam_type = "problemset"
elif assessment_type == "formative":
autograde = True
display_single = True
grade_single = False #We will eventually want this to be True
exam_type = "problemset"
elif assessment_type == "interactive":
autograde = True
display_single = True
grade_single = False
exam_type = "interactive_exercise"
elif assessment_type == "exam-autograde":
autograde = True
display_single = False
grade_single = False
exam_type = "exam"
elif assessment_type == "exam-csv":
autograde = False
display_single = False
grade_single = False
exam_type = "exam"
elif assessment_type == "survey":
autograde = False
display_single = False
grade_single = False
exam_type = "survey"
else:
return HttpResponseBadRequest("A bad assessment type (" + assessment_type + ") was provided")
if not late_penalty:
lp = 0
else:
try:
lp = int(late_penalty)
except ValueError:
return HttpResponseBadRequest("A non-numeric late penalty (" + late_penalty + ") was provided")
if not num_subs_permitted:
sp = 999
else:
try:
sp = int(num_subs_permitted)
except ValueError:
return HttpResponseBadRequest("A non-numeric number of submissions permitted (" + sp + ") was provided")
if not resubmission_penalty:
rp = 0
else:
try:
rp = int(resubmission_penalty)
except ValueError:
return HttpResponseBadRequest("A non-numeric resubmission penalty (" + resubmission_penalty + ") was provided")
#create or edit the Exam
if create_or_edit == "create":
if Exam.objects.filter(course=course, slug=slug, is_deleted=False).exists():
return HttpResponseBadRequest("An exam with this URL identifier already exists in this course")
exam_obj = Exam(course=course, slug=slug, title=title, description=description, html_content=htmlContent, xml_metadata=metaXMLContent,
due_date=dd, assessment_type=assessment_type, mode="draft", total_score=total_score, grade_single=grade_single,
grace_period=gp, partial_credit_deadline=pcd, late_penalty=lp, submissions_permitted=sp, resubmission_penalty=rp,
exam_type=exam_type, autograde=autograde, display_single=display_single, invideo=invideo, section=contentsection,
xml_imported=xmlImported
)
exam_obj.save()
exam_obj.create_ready_instance()
# Set parent/child relationships
create_contentgroup_entries_from_post(request, 'parent', exam_obj.image, 'exam', display_style='list')
#Now set the video associations
exam_obj.sync_videos_foreignkeys_with_metadata()
vid_status_obj = exam_obj.image.sync_videos_foreignkeys_with_metadata()
vid_status_string = ""
if vid_status_obj['video_slugs_set']:
exam_obj.invideo=True
exam_obj.image.invideo=True
exam_obj.save()
exam_obj.image.save()
vid_status_string = "This exam was successfully associated with the following videos:\n" + \
", ".join(vid_status_obj['video_slugs_set']) + "\n"
if vid_status_obj['video_slugs_not_set']:
vid_status_string += "The following videos WERE NOT automatically associated with this exam:\n" + \
", ".join(vid_status_obj['video_slugs_not_set']) + "\n\n" + \
"You may have provided the wrong url-identifier or have not yet uploaded the video"
return HttpResponse("Exam " + title + " created. \n" + unicode(grader) + "\n\n" + vid_status_string)
else:
try: #this is nasty code, I know. It should at least be moved into the model somehow
exam_obj = Exam.objects.get(course=course, is_deleted=0, slug=old_slug)
exam_obj.slug=slug
exam_obj.title=title
exam_obj.description=description
exam_obj.html_content=htmlContent
exam_obj.xml_metadata=metaXMLContent
exam_obj.xml_imported=xmlImported
exam_obj.due_date=dd
exam_obj.total_score=total_score
exam_obj.assessment_type=assessment_type
exam_obj.grace_period=gp
exam_obj.partial_credit_deadline=pcd
exam_obj.late_penalty=lp
exam_obj.submissions_permitted=sp
exam_obj.resubmission_penalty=rp
exam_obj.exam_type=exam_type
exam_obj.autograde=autograde
exam_obj.display_single=display_single
exam_obj.grade_single=grade_single
exam_obj.invideo=invideo
exam_obj.section=contentsection
exam_obj.save()
exam_obj.commit()
# Set parent/chlid relationships for this exam
create_contentgroup_entries_from_post(request, 'parent', exam_obj.image, 'exam', display_style='list')
#Now set the video associations
exam_obj.sync_videos_foreignkeys_with_metadata()
vid_status_obj = exam_obj.image.sync_videos_foreignkeys_with_metadata()
vid_status_string = ""
if vid_status_obj['video_slugs_set']:
exam_obj.invideo=True
exam_obj.image.invideo=True
exam_obj.save()
exam_obj.image.save()
vid_status_string = "This exam was successfully associated with the following videos:\n" + \
", ".join(vid_status_obj['video_slugs_set']) + "\n\n"
if vid_status_obj['video_slugs_not_set']:
vid_status_string += "The following videos WERE NOT automatically associated with this exam:\n" + \
", ".join(vid_status_obj['video_slugs_not_set']) + "\n" + \
"You may have provided the wrong url-identifier or have not yet uploaded the video"
return HttpResponse("Exam " + title + " saved. \n" + unicode(grader) + "\n\n" + vid_status_string)
except Exam.DoesNotExist:
return HttpResponseBadRequest("No exam exists with URL identifier %s" % old_slug)
def activate_account(request):
'''Process posted data from registeration form'''
vars = request.POST
#** fetch user by activation_key
registration = Registration.objects.get(activation_key=vars.get('activation_key', ''))
user_id = registration.user_id
profile = UserProfile.objects.get(user_id=user_id)
#** validate username
try:
validate_slug(vars['username'])
except ValidationError:
js = {'success': False}
js['value'] = _("Username should only consist of A-Z and 0-9, with no spaces.")
js['field'] = 'username'
return HttpResponse(json.dumps(js), content_type="application/json")
#** validate if user exists
if User.objects.filter(username=vars['username']).exclude(email=profile.user.email).exists():
js = {'success': False}
js['value'] = _("An account with the Public Username '{username}' already exists.").format(username=vars['username'])
js['field'] = 'username'
return HttpResponse(json.dumps(js), content_type="application/json")
#** validate fields
required_post_vars_dropdown = [
'state_id',
'district_id',
'school_id',
'major_subject_area_id',
# 'grade_level_id',
'years_in_education_id',
'percent_lunch', 'percent_iep', 'percent_eng_learner']
for a in required_post_vars_dropdown:
if len(vars[a]) < 1:
error_str = {
'major_subject_area_id': 'Major Subject Area is required',
# 'grade_level_id':'Grade Level-heck is required',
'state_id': 'State is required',
'district_id': 'District is required',
'school_id': 'School is required',
'years_in_education_id': 'Number of Years in Education is required',
'percent_lunch': 'Free/Reduced Lunch is required',
'percent_iep': 'IEPs is required',
'percent_eng_learner': 'English Learners is required'
}
js = {'success': False}
js['value'] = error_str[a]
js['field'] = a
return HttpResponse(json.dumps(js), content_type="application/json")
#** validate terms_of_service
if vars.get('terms_of_service', 'false') != u'true':
js = {'success': False}
js['value'] = _("You must accept the terms of service.")
js['field'] = 'terms_of_service'
return HttpResponse(json.dumps(js), content_type="application/json")
try:
#** update user
profile.user.username = vars.get('username', '')
profile.user.is_active = True
profile.user.save()
#** update profile
profile.district_id = vars.get('district_id', '')
profile.school_id = vars.get('school_id', '')
profile.subscription_status = 'Registered'
profile.grade_level_id = vars.get('grade_level_id', '')
profile.major_subject_area_id = vars.get('major_subject_area_id', '')
profile.years_in_education_id = vars.get('years_in_education_id', '')
profile.percent_lunch = vars.get('percent_lunch', '')
profile.percent_iep = vars.get('percent_iep', '')
profile.percent_eng_learner = vars.get('percent_eng_learner', '')
profile.bio = vars.get('bio', '')
profile.activate_date = datetime.datetime.now(UTC)
profile.save()
#** upload photo
photo = request.FILES.get("photo")
upload_user_photo(profile.user.id, photo)
#** auto enroll courses
ceas = CourseEnrollmentAllowed.objects.filter(email=profile.user.email)
for cea in ceas:
if cea.auto_enroll:
CourseEnrollment.enroll(profile.user, cea.course_id)
js = {'success': True}
except Exception as e:
transaction.rollback()
js = {'success': False}
js['error'] = "%s" % e
#** log the user in
profile.user.backend = 'django.contrib.auth.backends.ModelBackend'
login(request, profile.user)
return HttpResponse(json.dumps(js), content_type="application/json")
