예제 #1
0
def make_account_request(account, password):
    request = NewAccountRequest(
        user_name=account['user_name'],
        real_name=account['group_name'],
        is_group=True,
        calnet_uid=None,
        callink_oid=account['callink_oid'],
        email=account['email'],
        encrypted_password=encrypt_password(
            password,
            RSA.importKey(CREATE_PUBLIC_KEY),
        ),
        handle_warnings=NewAccountRequest.WARNINGS_WARN,
    )

    print()
    print(bold('Pending account request:'))
    print(
        dedent("""\
        User Name: {request.user_name}
        Group Name: {request.real_name}
        CalLink OID: {request.callink_oid}
        Email: {request.email}
        """).format(request=request))

    return request
예제 #2
0
 def to_request(self, handle_warnings=NewAccountRequest.WARNINGS_CREATE):
     """Convert this object to a NewAccountRequest."""
     return NewAccountRequest(**dict(
         {
             field: getattr(self, field)
             for field in NewAccountRequest._fields
             if field in self.__table__.columns._data.keys()
         },
         handle_warnings=handle_warnings,
     ))
예제 #3
0
def fake_new_account_request(mock_rsa_key):
    yield NewAccountRequest(
        user_name='someuser',
        real_name='Some User',
        is_group=False,
        calnet_uid=123456,
        callink_oid=None,
        email='*****@*****.**',
        encrypted_password=encrypt_password('hunter2000', RSA.importKey(WEAK_KEY)),
        handle_warnings=NewAccountRequest.WARNINGS_WARN,
    )
예제 #4
0
파일: register.py 프로젝트: sberkun/ocfweb
def request_account(
        request: HttpRequest) -> Union[HttpResponseRedirect, HttpResponse]:
    calnet_uid = request.session['calnet_uid']
    status = 'new_request'

    existing_accounts = search.users_by_calnet_uid(calnet_uid)
    groups_for_user = groups_by_student_signat(calnet_uid)

    eligible_new_group_accounts, existing_group_accounts = {}, {}
    for group_oid in groups_for_user:
        if not group_by_oid(group_oid)['accounts'] or group_oid in [
                group[0] for group in TEST_GROUP_ACCOUNTS
        ]:
            eligible_new_group_accounts[group_oid] = groups_for_user[group_oid]
        else:
            existing_group_accounts[group_oid] = groups_for_user[group_oid]

    if existing_accounts and not eligible_new_group_accounts and calnet_uid not in TESTER_CALNET_UIDS:
        return render(
            request,
            'account/register/already-has-account.html',
            {
                'account': ', '.join(existing_accounts),
                'calnet_uid': calnet_uid,
                'title': 'You already have an account',
            },
        )

    # ensure we can even find them in university LDAP
    # (alumni etc. might not be readable in LDAP but can still auth via CalNet)
    if not user_attrs_ucb(calnet_uid):
        return render(
            request,
            'account/register/cant-find-in-ldap.html',
            {
                'calnet_uid': calnet_uid,
                'title': 'Unable to read account information',
            },
        )

    real_name = directory.name_by_calnet_uid(calnet_uid)

    association_choices = []
    if not existing_accounts or calnet_uid in TESTER_CALNET_UIDS:
        association_choices.append((calnet_uid, real_name))
    for group_oid, group in eligible_new_group_accounts.items():
        association_choices.append((group_oid, group['name']))

    if request.method == 'POST':
        form = ApproveForm(request.POST,
                           association_choices=association_choices)
        if form.is_valid():
            assoc_id = int(form.cleaned_data['account_association'])
            is_group_account = assoc_id != calnet_uid
            if is_group_account:
                req = NewAccountRequest(
                    user_name=form.cleaned_data['ocf_login_name'],
                    real_name=eligible_new_group_accounts[assoc_id]['name'],
                    is_group=True,
                    calnet_uid=None,
                    callink_oid=assoc_id,
                    email=form.cleaned_data['contact_email'],
                    encrypted_password=encrypt_password(
                        form.cleaned_data['password'],
                        RSA.importKey(CREATE_PUBLIC_KEY),
                    ),
                    handle_warnings=NewAccountRequest.WARNINGS_WARN,
                )
            else:
                req = NewAccountRequest(
                    user_name=form.cleaned_data['ocf_login_name'],
                    real_name=real_name,
                    is_group=False,
                    calnet_uid=calnet_uid,
                    callink_oid=None,
                    email=form.cleaned_data['contact_email'],
                    encrypted_password=encrypt_password(
                        form.cleaned_data['password'],
                        RSA.importKey(CREATE_PUBLIC_KEY),
                    ),
                    handle_warnings=NewAccountRequest.WARNINGS_WARN,
                )
            if 'warnings-submit' in request.POST:
                req = req._replace(
                    handle_warnings=NewAccountRequest.WARNINGS_SUBMIT, )

            task = validate_then_create_account.delay(req)
            task.wait(timeout=5)

            if isinstance(task.result, NewAccountResponse):
                if task.result.status == NewAccountResponse.REJECTED:
                    status = 'has_errors'
                    form.add_error(None, task.result.errors)
                elif task.result.status == NewAccountResponse.FLAGGED:
                    status = 'has_warnings'
                    form.add_error(None, task.result.errors)
                elif task.result.status == NewAccountResponse.PENDING:
                    return HttpResponseRedirect(reverse('account_pending'))
                else:
                    raise AssertionError('Unexpected state reached')
            else:
                # validation was successful, the account is being created now
                request.session['approve_task_id'] = task.result
                return HttpResponseRedirect(reverse('wait_for_account'))
    else:
        form = ApproveForm(association_choices=association_choices)

    return render(
        request,
        'account/register/index.html',
        {
            'calnet_uid': calnet_uid,
            'existing_accounts': existing_accounts,
            'existing_group_accounts': existing_group_accounts,
            'form': form,
            'real_name': real_name,
            'status': status,
            'title': 'Request an OCF account',
        },
    )
예제 #5
0
파일: register.py 프로젝트: EnnFour/ocfweb
def request_account(request):
    calnet_uid = request.session['calnet_uid']
    status = 'new_request'

    existing_accounts = search.users_by_calnet_uid(calnet_uid)

    if existing_accounts and calnet_uid not in TESTER_CALNET_UIDS:
        return render(
            request,
            'account/register/already-has-account.html',
            {
                'account': ', '.join(existing_accounts),
                'calnet_uid': calnet_uid,
                'title': 'You already have an account',
            },
        )

    # ensure we can even find them in university LDAP
    # (alumni etc. might not be readable in LDAP but can still auth via CalNet)
    if not user_attrs_ucb(calnet_uid):
        return render(
            request,
            'account/register/cant-find-in-ldap.html',
            {
                'calnet_uid': calnet_uid,
                'title': 'Unable to read account information',
            },
        )

    real_name = directory.name_by_calnet_uid(calnet_uid)

    if request.method == 'POST':
        form = ApproveForm(request.POST)
        if form.is_valid():
            req = NewAccountRequest(
                user_name=form.cleaned_data['ocf_login_name'],
                real_name=real_name,
                is_group=False,
                calnet_uid=calnet_uid,
                callink_oid=None,
                email=form.cleaned_data['contact_email'],
                encrypted_password=encrypt_password(
                    form.cleaned_data['password'],
                    RSA.importKey(CREATE_PUBLIC_KEY),
                ),
                handle_warnings=NewAccountRequest.WARNINGS_WARN,
            )
            if 'warnings-submit' in request.POST:
                req = req._replace(
                    handle_warnings=NewAccountRequest.WARNINGS_SUBMIT, )

            task = validate_then_create_account.delay(req)
            task.wait(timeout=5)

            if isinstance(task.result, NewAccountResponse):
                if task.result.status == NewAccountResponse.REJECTED:
                    status = 'has_errors'
                    form._errors[NON_FIELD_ERRORS] = form.error_class(
                        task.result.errors)
                elif task.result.status == NewAccountResponse.FLAGGED:
                    status = 'has_warnings'
                    form._errors[NON_FIELD_ERRORS] = form.error_class(
                        task.result.errors)
                elif task.result.status == NewAccountResponse.PENDING:
                    return HttpResponseRedirect(reverse('account_pending'))
                else:
                    raise AssertionError('Unexpected state reached')
            else:
                # validation was successful, the account is being created now
                request.session['approve_task_id'] = task.result
                return HttpResponseRedirect(reverse('wait_for_account'))
    else:
        form = ApproveForm()

    return render(
        request,
        'account/register/index.html',
        {
            'form': form,
            'real_name': real_name,
            'status': status,
            'title': 'Request an OCF account',
        },
    )