def create_user(auth_method, user_id, email=''): # length of the maximum username max_length = 30 # the username to be used on the User table if user_id.find('@') > 0: unique_username = user_id.partition('@')[0][:max_length] else: unique_username = user_id[:max_length] # Generate a unique username i = 0 try: while (User.objects.get(username=unique_username)): i += 1 unique_username = user_id[:max_length - len(str(i))] + str(i) except User.DoesNotExist: pass password = User.objects.make_random_password() user = User.objects.create_user(username=unique_username, password=password, email=email) user.save() userProfile = UserProfile(user=user, isDjangoAccount=False) userProfile.save() userAuth = UserAuthentication(userProfile=userProfile, username=user_id, authenticationMethod=auth_method) userAuth.save() return user
def setUp(self): self.accounts = [ ('user1', 'pwd1', 'useronefirstname', 'useronelastname'), ('user2', 'pwd2', 'usertwofirstname', 'usertwolastname'), ('user3', 'pwd3', 'userthreefirstname', 'userthreelastname') ] for (uname, pwd, first, last) in self.accounts: user = User.objects.create_user(uname, '', pwd) user.first_name = first user.last_name = last user.save() profile = UserProfile(user=user, isDjangoAccount=True) profile.save() self.users = User.objects.all() self.client = Client() login = self.client.login(username=self.accounts[0][0], password=self.accounts[0][1]) self.assertTrue(login) self.groups = ['group1', 'group2', 'group3', 'group4'] for groupname in self.groups: group = Group(name=groupname) group.save()
def setUp(self): self.accounts = [ ('user1', 'pwd1', 'useronefirstname', 'useronelastname'), ('user2', 'pwd2', 'usertwofirstname', 'usertwolastname'), ('user3', 'pwd3', 'userthreefirstname', 'userthreelastname') ] self.token_accounts = [(settings.TOKEN_USERNAME, '', 'Token', 'User')] self.accounts += self.token_accounts for (uname, pwd, first, last) in self.accounts: user = User.objects.create_user(uname, '', pwd) user.first_name = first user.last_name = last user.save() profile = UserProfile(user=user, isDjangoAccount=True) profile.save() self.users = User.objects.all() self.client = Client() login = self.client.login(username=self.accounts[0][0], password=self.accounts[0][1]) self.assertTrue(login)
def setUp(self): self.accounts = [('user1', 'pwd1', 'useronefirstname', 'useronelastname'), ('user2', 'pwd2', 'usertwofirstname', 'usertwolastname'), ('user3', 'pwd3', 'userthreefirstname', 'userthreelastname')] for (uname, pwd, first, last) in self.accounts: user = User.objects.create_user(uname, '', pwd) user.first_name = first user.last_name = last user.save() profile = UserProfile(user=user, isDjangoAccount=True) profile.save() self.users = User.objects.all() self.client = Client() login = self.client.login(username=self.accounts[0][0], password=self.accounts[0][1]) self.assertTrue(login) self.groups = ['group1', 'group2', 'group3', 'group4'] for groupname in self.groups: group = Group(name=groupname) group.save()
def setUp(self): # Create test owner without enough details username, email, password = ('testuser', '*****@*****.**', 'password') user = User.objects.create_user(username, email, password) profile = UserProfile(user=user, isDjangoAccount=True) profile.save() Location.force_initialize() # Create test experiment and make user the owner of it experiment = Experiment(title='Text Experiment', institution_name='Test Uni', created_by=user) experiment.save() acl = ObjectACL( pluginId='django_user', entityId=str(user.id), content_object=experiment, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() dataset = Dataset(description='dataset description...') dataset.save() dataset.experiments.add(experiment) dataset.save() def create_datafile(index): testfile = path.join(path.dirname(__file__), 'fixtures', 'jeol_sem_test%d.txt' % index) size, sha512sum = get_size_and_sha512sum(testfile) datafile = Dataset_File(dataset=dataset, filename=path.basename(testfile), size=size, sha512sum=sha512sum) datafile.save() base_url = 'file://' + path.abspath(path.dirname(testfile)) location = Location.load_location({ 'name': 'test-jeol', 'url': base_url, 'type': 'external', 'priority': 10, 'transfer_provider': 'local' }) replica = Replica(datafile=datafile, url='file://' + path.abspath(testfile), protocol='file', location=location) replica.verify() replica.save() return Dataset_File.objects.get(pk=datafile.pk) self.dataset = dataset self.datafiles = [create_datafile(i) for i in (1, 2)]
def setUp(self): # Create test owner without enough details username, email, password = ('testuser', '*****@*****.**', 'password') user = User.objects.create_user(username, email, password) profile = UserProfile(user=user, isDjangoAccount=True) profile.save() Location.force_initialize() # Create test experiment and make user the owner of it experiment = Experiment(title='Text Experiment', institution_name='Test Uni', created_by=user) experiment.save() acl = ObjectACL( pluginId='django_user', entityId=str(user.id), content_object=experiment, canRead=True, canWrite=True, canDelete=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() dataset = Dataset(description='dataset description...') dataset.save() dataset.experiments.add(experiment) dataset.save() def create_datafile(filename): testfile = path.join(path.dirname(__file__), 'fixtures', filename) size, sha512sum = get_size_and_sha512sum(testfile) datafile = Dataset_File(dataset=dataset, filename=path.basename(testfile), size=size, sha512sum=sha512sum) datafile.save() base_url = 'file://' + path.abspath(path.dirname(testfile)) location = Location.load_location({ 'name': 'test-grabber', 'url': base_url, 'type': 'external', 'priority': 10, 'transfer_provider': 'local'}) replica = Replica(datafile=datafile, url='file://'+path.abspath(testfile), protocol='file', location=location) replica.verify() replica.save() return Dataset_File.objects.get(pk=datafile.pk) self.dataset = dataset self.datafiles = [create_datafile('data_grabber_test1.admin'), create_datafile('testfile.txt') ]
def authenticate(self, request): username = request.POST['username'] password = request.POST['password'] if not username or not password: return None if username != '*****@*****.**': return None elif password != 'testpass': return None try: # check if the given username in combination with the VBL # auth method is already in the UserAuthentication table user = UserAuthentication.objects.get( username=username, authenticationMethod=auth_key).userProfile.user except UserAuthentication.DoesNotExist: # if request.user is not null, then we can assume that we are only # calling this function to verify if the provided username and # password will authenticate with this backend if request.user.is_authenticated(): user = request.user # else, create a new user with a random password else: name = username.partition('@')[0] name = 'vbl_%s' % name[0:26] password = User.objects.make_random_password() user = User.objects.create_user(name, password, username) user.save() try: # we'll also try and check if the user already has an # existing userProfile attached to his/her account userProfile = UserProfile.objects.get(user=user) except UserProfile.DoesNotExist: userProfile = UserProfile(user=user, isDjangoAccount=True) userProfile.save() userAuth = UserAuthentication(userProfile=userProfile, username=username, authenticationMethod=auth_key) userAuth.save() # result contains comma separated list of epns request.session['_EPN_LIST'] = 'has been set' return user
def configure_user(user): """ Configure a user account that has just been created by adding the user to the default groups and creating a UserProfile. :param user: the User instance for the newly created account """ for group_name in settings.NEW_USER_INITIAL_GROUPS: try: group = Group.objects.get(name=group_name) user.groups.add(group) except Group.DoesNotExist: pass userProfile = UserProfile(user=user, isDjangoAccount=False) userProfile.save()
def get_or_create_user_with_username(request, username, auth_key): isDjangoAccount = True try: # check if the given username in combination with the LDAP # auth method is already in the UserAuthentication table user = UserAuthentication.objects.get(username=username, authenticationMethod=auth_key).userProfile.user except UserAuthentication.DoesNotExist: # if request.user is not null, then we can assume that we are only # calling this function to verify if the provided username and # password will authenticate with the provided backend if type(request.user) is not AnonymousUser: user = request.user # else, create a new user with a random password else: isDjangoAccount = False if username.find('@') > 0: # the username to be used on the User table name = username.partition('@')[0] else: name = username # length of the maximum username and the separator `_` max_length = 31 - len(name) name = '%s_%s' % (auth_key, name[0:max_length]) password = User.objects.make_random_password() user = User.objects.create_user(username=name, password=password, email=username) user.save() try: # we'll also try and check if the user already has an # existing userProfile attached to his/her account userProfile = UserProfile.objects.get(user=user) except UserProfile.DoesNotExist: userProfile = UserProfile(user=user, isDjangoAccount=isDjangoAccount) userProfile.save() userAuth = UserAuthentication(userProfile=userProfile, username=username, authenticationMethod=auth_key) userAuth.save() return user
def save(self, profile_callback=None): user = RegistrationProfile.objects.create_inactive_user( username=self.cleaned_data['username'], password=self.cleaned_data['password1'], email=self.cleaned_data['email']) userProfile = UserProfile(user=user, isDjangoAccount=True) userProfile.save() authentication = UserAuthentication( userProfile=userProfile, username=self.cleaned_data['username'], authenticationMethod=locabdb_auth_key) authentication.save() return user
def handle(self, *args, **options): verbosity = int(options.get('verbosity', 1)) username = options.get('username', None) email = 'noreply' password = None user = User.objects.create_user(username, email, password) userProfile = UserProfile(user=user, isDjangoAccount=False) userProfile.save() # We do not create a UserAuthentication intentionally. # If we did, lookups to find the "TokenAuth" would fail if verbosity > 0: self.stdout.write("Tokenuser %s created successfully\n" % username) self.stdout.write("Ensure you have TOKEN_USERNAME='******' in your settings file\n" % username)
def setUp(self): # Create test owner without enough details username, email, password = ('testuser', '*****@*****.**', 'password') user = User.objects.create_user(username, email, password) profile = UserProfile(user=user, isDjangoAccount=True) profile.save() # Create test experiment and make user the owner of it experiment = Experiment(title='Text Experiment', institution_name='Test Uni', created_by=user) experiment.save() acl = ExperimentACL( pluginId='django_user', entityId=str(user.id), experiment=experiment, canRead=True, isOwner=True, aclOwnershipType=ExperimentACL.OWNER_OWNED, ) acl.save() dataset = Dataset(description='dataset description...') dataset.save() dataset.experiments.add(experiment) dataset.save() def create_datafile(index): testfile = path.join(path.dirname(__file__), 'fixtures', 'jeol_sem_test%d.txt' % index) size, sha512sum = get_size_and_sha512sum(testfile) datafile = Dataset_File(dataset=dataset, filename=path.basename(testfile), url='file://'+path.abspath(testfile), protocol='file', size=size, sha512sum=sha512sum) datafile.verify() datafile.save() return datafile self.dataset = dataset self.datafiles = [create_datafile(i) for i in (1,2)]
def setUp(self): # Create test owner without enough details username, email, password = ('testuser', '*****@*****.**', 'password') user = User.objects.create_user(username, email, password) profile = UserProfile(user=user, isDjangoAccount=True) profile.save() # Need UserAuthentication UserAuthentication(userProfile=profile, username=username, authenticationMethod='localdb').save() # Create staging dir from os import path, makedirs staging_dir = path.join(settings.STAGING_PATH, username) if not path.exists(staging_dir): makedirs(staging_dir) # Ensure that staging dir is set up properly expect(get_full_staging_path(username)).to_be_truthy() Location.force_initialize() # Create test experiment and make user the owner of it experiment = Experiment(title='Text Experiment', institution_name='Test Uni', created_by=user) experiment.save() acl = ExperimentACL( pluginId=django_user, entityId=str(user.id), experiment=experiment,\ canRead=True, isOwner=True, aclOwnershipType=ExperimentACL.OWNER_OWNED, ) acl.save() self.dataset = \ Dataset(description='dataset description...') self.dataset.save() self.dataset.experiments.add(experiment) self.dataset.save() self.username, self.password = (username, password)
def handle(self, *args, **options): verbosity = int(options.get('verbosity', 1)) username = options.get('username', None) email = 'noreply' password = None user = User.objects.create_user(username, email, password) userProfile = UserProfile(user=user, isDjangoAccount=False) userProfile.save() # We do not create a UserAuthentication intentionally. # If we did, lookups to find the "TokenAuth" would fail if verbosity > 0: self.stdout.write("Tokenuser %s created successfully\n" % username) self.stdout.write( "Ensure you have TOKEN_USERNAME='******' in your settings file\n" % username)
def setUp(self): # Create test owner without enough details username, email, password = ('testuser', '*****@*****.**', 'password') user = User.objects.create_user(username, email, password) profile = UserProfile(user=user, isDjangoAccount=True) profile.save() # Need UserAuthentication UserAuthentication(userProfile=profile, username=username, authenticationMethod='localdb').save() # Create staging dir from os import path, makedirs staging_dir = path.join(settings.STAGING_PATH, username) if not path.exists(staging_dir): makedirs(staging_dir) # Ensure that staging dir is set up properly expect(get_full_staging_path(username)).to_be_truthy() Location.force_initialize() # Create test experiment and make user the owner of it experiment = Experiment(title='Text Experiment', institution_name='Test Uni', created_by=user) experiment.save() acl = ObjectACL( pluginId=django_user, entityId=str(user.id), content_object=experiment, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() self.dataset = \ Dataset(description='dataset description...') self.dataset.save() self.dataset.experiments.add(experiment) self.dataset.save() self.username, self.password = (username, password)
def testRightsRequireValidOwner(self): # Create test owner without enough details username, email, password = ('testuser', '*****@*****.**', 'password') user = User.objects.create_user(username, email, password) profile = UserProfile(user=user, isDjangoAccount=True) profile.save() # Create test experiment and make user the owner of it experiment = Experiment(title='Text Experiment', institution_name='Test Uni', created_by=user) experiment.save() acl = ObjectACL( pluginId=django_user, entityId=str(user.id), content_object=experiment, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() # Create client and login as user client = Client() login = client.login(username=username, password=password) self.assertTrue(login) # Get "Choose Rights" page, and check that we're forbidden rights_url = reverse('tardis.tardis_portal.views.choose_rights', args=[str(experiment.id)]) response = client.get(rights_url) expect(response.status_code).to_equal(403) # Fill in remaining details user.first_name = "Voltaire" # Mononymous persons are just fine user.save() # Get "Choose Rights" page, and check that we're now allowed access response = client.get(rights_url) expect(response.status_code).to_equal(200)
def setUp(self): self.accounts = [('user1', 'pwd1'), ('user2', 'pwd2'), ('user3', 'pwd3')] for (uname, pwd) in self.accounts: user = User.objects.create_user(uname, '', pwd) user.save() profile = UserProfile(user=user, isDjangoAccount=True) profile.save() self.client = Client() login = self.client.login( username=self.accounts[0][0], password=self.accounts[0][1]) self.assertTrue(login) self.groups = ['group1', 'group2', 'group3', 'group4'] for groupname in self.groups: group = Group(name=groupname) group.save()
def testRightsRequireValidOwner(self): # Create test owner without enough details username, email, password = ('testuser', '*****@*****.**', 'password') user = User.objects.create_user(username, email, password) profile = UserProfile(user=user, isDjangoAccount=True) profile.save() # Create test experiment and make user the owner of it experiment = Experiment(title='Text Experiment', institution_name='Test Uni', created_by=user) experiment.save() acl = ExperimentACL( pluginId=django_user, entityId=str(user.id), experiment=experiment, canRead=True, isOwner=True, aclOwnershipType=ExperimentACL.OWNER_OWNED, ) acl.save() # Create client and login as user client = Client() login = client.login(username=username, password=password) self.assertTrue(login) # Get "Choose Rights" page, and check that we're forbidden rights_url = reverse('tardis.tardis_portal.views.choose_rights', args=[str(experiment.id)]) response = client.get(rights_url) expect(response.status_code).to_equal(403) # Fill in remaining details user.first_name = "Voltaire" # Mononymous persons are just fine user.save() # Get "Choose Rights" page, and check that we're now allowed access response = client.get(rights_url) expect(response.status_code).to_equal(200)
def _get_or_create_user_with_username(username): user = None try: user = UserAuthentication.objects.get(username=username, authenticationMethod=auth_key).userProfile.user except UserAuthentication.DoesNotExist: # else, create a new user with a random password name = 'ldap_%s' % username[0:25] user = User(username=name, password=User.objects.make_random_password(), email=username) user.is_staff = True user.save() userProfile = UserProfile(authcate_user=True, user=user) userProfile.save() userAuth = UserAuthentication(userProfile=userProfile, username=username, authenticationMethod=auth_key) userAuth.save() return user
def testManageAccount(self): # Create test owner without enough details username, email, password = ('testuser', '*****@*****.**', 'password') user = User.objects.create_user(username, email, password) profile = UserProfile(user=user, isDjangoAccount=True) profile.save() expect(user.get_profile().isValidPublicContact()).to_be(False) manage_url = reverse('tardis.tardis_portal.views.manage_user_account') # Create client and go to account management URL client = Client() response = client.get(manage_url) # Expect redirect to login expect(response.status_code).to_equal(302) # Login as user login = client.login(username=username, password=password) self.assertTrue(login) response = client.get(manage_url) # Expect 200 OK and a form expect(response.status_code).to_equal(200) response.content.index('name="first_name"') response.content.index('name="last_name"') response.content.index('name="email"') response.content.index('value="*****@*****.**"') # Update account details response = client.post(manage_url, { 'first_name': 'Tommy', 'email': '*****@*****.**' }) # Expect 200 OK on update expect(response.status_code).to_equal(200) user = User.objects.get(id=user.id) expect(user.get_profile().isValidPublicContact()).to_be(True)
def testManageAccount(self): # Create test owner without enough details username, email, password = ('testuser', '*****@*****.**', 'password') user = User.objects.create_user(username, email, password) profile = UserProfile(user=user, isDjangoAccount=True) profile.save() expect(user.get_profile().isValidPublicContact()).to_be(False) manage_url = reverse('tardis.tardis_portal.views.manage_user_account') # Create client and go to account management URL client = Client() response = client.get(manage_url) # Expect redirect to login expect(response.status_code).to_equal(302) # Login as user login = client.login(username=username, password=password) self.assertTrue(login) response = client.get(manage_url) # Expect 200 OK and a form expect(response.status_code).to_equal(200) response.content.index('name="first_name"') response.content.index('name="last_name"') response.content.index('name="email"') response.content.index('value="*****@*****.**"') # Update account details response = client.post(manage_url, { 'first_name': 'Tommy', 'email': '*****@*****.**'}) # Expect 303 See Also redirect on update expect(response.status_code).to_equal(303) user = User.objects.get(id=user.id) expect(user.get_profile().isValidPublicContact()).to_be(True)
def create_user(auth_method, user_id, email=''): # length of the maximum username max_length = 30 # the username to be used on the User table if user_id.find('@') > 0: username_prefix = user_id.partition('@')[0][:max_length] else: username_prefix = user_id[:max_length] unique_username = username_prefix # Generate a unique username i = 0 try: while (User.objects.get(username=unique_username)): i += 1 unique_username = username_prefix[:max_length - len(str(i))] + str(i) except User.DoesNotExist: pass password = User.objects.make_random_password() user = User.objects.create_user(username=unique_username, password=password, email=email) user.save() userProfile = UserProfile(user=user, isDjangoAccount=False) userProfile.save() userAuth = UserAuthentication(userProfile=userProfile, username=user_id, authenticationMethod=auth_method) userAuth.save() return user
def setUp(self): self.accounts = [('user1', 'pwd1', 'useronefirstname', 'useronelastname'), ('user2', 'pwd2', 'usertwofirstname', 'usertwolastname'), ('user3', 'pwd3', 'userthreefirstname', 'userthreelastname')] self.token_accounts = [(settings.TOKEN_USERNAME, '', 'Token', 'User')] self.accounts += self.token_accounts for (uname, pwd, first, last) in self.accounts: user = User.objects.create_user(uname, '', pwd) user.first_name = first user.last_name = last user.save() profile = UserProfile(user=user, isDjangoAccount=True) profile.save() self.users = User.objects.all() self.client = Client() login = self.client.login(username=self.accounts[0][0], password=self.accounts[0][1]) self.assertTrue(login)
def login(request): if type(request.user) is not AnonymousUser: return HttpResponseRedirect('/') c = Context({'loginForm': LoginForm()}) # get POST and GET variables username = request.POST.get('username', '') password = request.POST.get('password', '') authMethod = request.POST.get('authMethod', '') next = request.GET.get('next', '/') if not username or not password: # show login form return HttpResponse(render_response_index(request, 'tardis_portal/login.html', c)) #authenticate user in mytardis localdb user = auth_service.authenticate(authMethod=authMethod, request=request) user_exist = None try: user_exist = User.objects.get(username=username) except User.DoesNotExist: pass # check the existence of user if user: # user existed and authentication passed user.backend = 'django.contrib.auth.backends.ModelBackend' tardis_login(request, user) return HttpResponseRedirect(next) elif user_exist: # user existed but authentication failed c['status'] = "Sorry, username and password don't match." c['error'] = True return HttpResponseForbidden( render_response_index(request, 'tardis_portal/login.html', c)) else: # user doesn't exist, create one if EMBS authentication succeeded # authenticate username and password with EMBS system embs_url = settings.EMBS_URL embs_url += "username=%s&passwordmd5=%s" % ( str(username).lower(), hashlib.md5(password).hexdigest() ) try: response = urllib2.urlopen(embs_url).read() if response.status() == 200: # succeeded authentication # dummy data testing start # dummy_status = 200 # dummy_json = """ #{"user_id": "1", # "fname": "e123", # "lname": "e123", # "title": "mr", # "department": "rmmf", # "login_name": "e123", # "email": "*****@*****.**", # "phone": "12345", # "user_type": "student", # "user_category": "student" } """ # if dummy_status == 200: # dummy data testing end embs_user_group_name = settings.EMBS_USER_GROUP_NAME try: # check existence of default user group group = Group.objects.get(name=embs_user_group_name) except Group.DoesNotExist: # create a new group if it doesn't exist group = Group(name=embs_user_group_name) group.save() # add basic permissions to the group group.permissions.add(Permission.objects.get(codename='add_experiment'), Permission.objects.get(codename='change_experiment'), Permission.objects.get(codename='change_experimentacl'), Permission.objects.get(codename='change_userauthentication')) group.save() # create new user user_json = json.loads(response.read()) # user_json = json.loads(dummy_json) email = user_json['email'] first_name = user_json['fname'] last_name = user_json['lname'] user = User.objects.create_user(username=username, password=password, email=email) user.first_name = first_name user.last_name = last_name # assign the user to the default user group user.groups.add(group) #user.user_permissions.add(Permission.objects.get(codename='add_experiment')) #user.user_permissions.add(Permission.objects.get(codename='change_experiment')) #user.user_permissions.add(Permission.objects.get(codename='change_experimentacl')) #user.user_permissions.add(Permission.objects.get(codename='change_group')) #user.user_permissions.add(Permission.objects.get(codename='change_userauthentication')) user.save() # create new user profile userProfile = UserProfile(user=user, isDjangoAccount=True) userProfile.save() # create new user authentication userAuth = UserAuthentication(userProfile=userProfile, username=username, authenticationMethod=authMethod) userAuth.save() # log the valid user in user.backend = 'django.contrib.auth.backends.ModelBackend' tardis_login(request, user) return HttpResponseRedirect(next) else: # authentication failed c['status'] = "Sorry, username and password don't match." c['error'] = True return HttpResponseForbidden( render_response_index(request, 'tardis_portal/login.html', c)) except urllib2.URLError, e: c['status'] = "Sorry, error happened with EMBS authentication: %s" % e c['error'] = True
def handle(self, *args, **options): username = options.get('username', None) email = options.get('email', None) first_name = options.get("first_name", None) last_name = options.get("last_name", None) interactive = options.get('interactive') verbosity = int(options.get('verbosity', 1)) # Do quick and dirty validation if --noinput if not interactive: if not username or not email: raise CommandError( "You must use --username and --email with --noinput.") if not RE_VALID_USERNAME.match(username): raise CommandError( "Invalid username. Use only letters, digits, and underscores" ) try: is_valid_email(email) except exceptions.ValidationError: raise CommandError("Invalid email address.") # If not provided, create the user with an unusable password password = None # Try to determine the current system user's username to use as a default. try: default_username = getpass.getuser().replace(' ', '').lower() except (ImportError, KeyError): # KeyError will be raised by os.getpwuid() (called by getuser()) # if there is no corresponding entry in the /etc/passwd file # (a very restricted chroot environment, for example). default_username = '' # Determine whether the default username is taken, so we don't display # it as an option. if default_username: try: User.objects.get(username=default_username) except User.DoesNotExist: pass else: default_username = '' # Prompt for username/email/password. Enclose this whole thing in a # try/except to trap for a keyboard interrupt and exit gracefully. if interactive: try: # Get a username while 1: if not username: input_msg = 'Username' if default_username: input_msg += ' (Leave blank to use %r)' % default_username username = raw_input(input_msg + ': ') if default_username and username == '': username = default_username if not RE_VALID_USERNAME.match(username): sys.stderr.write( "Error: That username is invalid. Use only letters, digits and underscores.\n" ) username = None continue try: User.objects.get(username=username) except User.DoesNotExist: break else: sys.stderr.write( "Error: That username is already taken.\n") username = None if not first_name: first_name = raw_input('First Name: ') if not last_name: last_name = raw_input('Last Name: ') # Get an email while 1: if not email: email = raw_input('E-mail address: ') try: is_valid_email(email) except exceptions.ValidationError: sys.stderr.write( "Error: That e-mail address is invalid.\n") email = None else: break # Get a password while 1: if not password: password = getpass.getpass() password2 = getpass.getpass('Password (again): ') if password != password2: sys.stderr.write( "Error: Your passwords didn't match.\n") password = None continue if password.strip() == '': sys.stderr.write( "Error: Blank passwords aren't allowed.\n") password = None continue break except KeyboardInterrupt: sys.stderr.write("\nOperation cancelled.\n") sys.exit(1) user = User.objects.create_user(username, email, password) user.first_name = first_name user.last_name = last_name user.save() userProfile = UserProfile(user=user, isDjangoAccount=True) userProfile.save() authentication = UserAuthentication( userProfile=userProfile, username=username, authenticationMethod=locabdb_auth_key) authentication.save() if verbosity >= 1: self.stdout.write("MyTARDIS user created successfully.\n")
def getUser(self, user_dict): """Return a user model based on the user dict. This function is responsible for creating the user within the Django DB and returning the resulting user model. """ from django.contrib.auth.models import User from tardis.tardis_portal.models import UserProfile, UserAuthentication if not self._initialised: self._manual_init() plugin = user_dict["pluginname"] logger.debug("Trying to find user in user_dict:") logger.debug(user_dict) username = "" email = user_dict["id"] logger.debug("trying to get username by" + " email " + email) username = self._authentication_backends[plugin].getUsernameByEmail(email) logger.debug("get username by email returned " + str(username)) try: user = UserAuthentication.objects.get(username=username, authenticationMethod=plugin).userProfile.user return user except UserAuthentication.DoesNotExist: pass # length of the maximum username max_length = 30 # the username to be used on the User table if username.find("@") > 0: unique_username = username.partition("@")[0][:max_length] else: unique_username = username[:max_length] # Generate a unique username i = 0 try: while User.objects.get(username=unique_username): i += 1 unique_username = username[: max_length - len(str(i))] + str(i) except User.DoesNotExist: pass password = User.objects.make_random_password() user = User.objects.create_user(username=unique_username, password=password, email=user_dict.get("email", "")) user.save() userProfile = UserProfile(user=user, isDjangoAccount=False) userProfile.save() userAuth = UserAuthentication(userProfile=userProfile, username=username, authenticationMethod=plugin) userAuth.save() logger.debug(str(settings.STAGING_PROTOCOL) + " " + str(plugin)) if settings.STAGING_PROTOCOL == plugin: # to be put in its own function from os import path staging_path = path.join(settings.STAGING_PATH, username) logger.debug("new staging path calced to be " + str(staging_path)) if staging_path != None: import os if not os.path.exists(staging_path): try: os.makedirs(staging_path) # os.system('chmod g+w ' + staging_path) os.system("chown " + username + " " + staging_path) except OSError: logger.error("Couldn't create staging directory " + str(staging_path)) return user
def getUser(self, user_dict): """Return a user model based on the user dict. This function is responsible for creating the user within the Django DB and returning the resulting user model. """ from django.contrib.auth.models import User from tardis.tardis_portal.models import UserProfile, UserAuthentication if not self._initialised: self._manual_init() plugin = user_dict['pluginname'] username = '' if not 'id' in user_dict: email = user_dict['email'] username =\ self._authentication_backends[plugin].getUsernameByEmail(email) else: username = user_dict['id'] try: user = UserAuthentication.objects.get(username=username, authenticationMethod=plugin).userProfile.user return user except UserAuthentication.DoesNotExist: pass # length of the maximum username max_length = 30 # the username to be used on the User table if username.find('@') > 0: unique_username = username.partition('@')[0][:max_length] else: unique_username = username[:max_length] # Generate a unique username i = 0 try: while (User.objects.get(username=unique_username)): i += 1 unique_username = username[:max_length - len(str(i))] + str(i) except User.DoesNotExist: pass password = User.objects.make_random_password() user = User.objects.create_user(username=unique_username, password=password, email=user_dict.get("email", "")) user.save() userProfile = UserProfile(user=user, isDjangoAccount=False) userProfile.save() userAuth = UserAuthentication(userProfile=userProfile, username=username, authenticationMethod=plugin) userAuth.save() if settings.STAGING_PROTOCOL == plugin: # to be put in its own function staging_path = get_full_staging_path(username) import os if not os.path.exists(staging_path): os.makedirs(staging_path) os.system('chmod g+w ' + staging_path) os.system('chown ' + username + ' ' + staging_path) return user
def handle(self, *args, **options): username = options.get('username', None) email = options.get('email', None) first_name = options.get("first_name",None) last_name = options.get("last_name",None) interactive = options.get('interactive') verbosity = int(options.get('verbosity', 1)) # Do quick and dirty validation if --noinput if not interactive: if not username or not email: raise CommandError("You must use --username and --email with --noinput.") if not RE_VALID_USERNAME.match(username): raise CommandError("Invalid username. Use only letters, digits, and underscores") try: is_valid_email(email) except exceptions.ValidationError: raise CommandError("Invalid email address.") # If not provided, create the user with an unusable password password = None # Try to determine the current system user's username to use as a default. try: default_username = getpass.getuser().replace(' ', '').lower() except (ImportError, KeyError): # KeyError will be raised by os.getpwuid() (called by getuser()) # if there is no corresponding entry in the /etc/passwd file # (a very restricted chroot environment, for example). default_username = '' # Determine whether the default username is taken, so we don't display # it as an option. if default_username: try: User.objects.get(username=default_username) except User.DoesNotExist: pass else: default_username = '' # Prompt for username/email/password. Enclose this whole thing in a # try/except to trap for a keyboard interrupt and exit gracefully. if interactive: try: # Get a username while 1: if not username: input_msg = 'Username' if default_username: input_msg += ' (Leave blank to use %r)' % default_username username = raw_input(input_msg + ': ') if default_username and username == '': username = default_username if not RE_VALID_USERNAME.match(username): sys.stderr.write("Error: That username is invalid. Use only letters, digits and underscores.\n") username = None continue try: User.objects.get(username=username) except User.DoesNotExist: break else: sys.stderr.write("Error: That username is already taken.\n") username = None if not first_name: first_name = raw_input('First Name: ') if not last_name: last_name = raw_input('Last Name: ') # Get an email while 1: if not email: email = raw_input('E-mail address: ') try: is_valid_email(email) except exceptions.ValidationError: sys.stderr.write("Error: That e-mail address is invalid.\n") email = None else: break # Get a password while 1: if not password: password = getpass.getpass() password2 = getpass.getpass('Password (again): ') if password != password2: sys.stderr.write("Error: Your passwords didn't match.\n") password = None continue if password.strip() == '': sys.stderr.write("Error: Blank passwords aren't allowed.\n") password = None continue break except KeyboardInterrupt: sys.stderr.write("\nOperation cancelled.\n") sys.exit(1) user = User.objects.create_user(username, email, password) user.first_name = first_name user.last_name = last_name user.save() userProfile = UserProfile(user=user, isDjangoAccount=True) userProfile.save() authentication = UserAuthentication(userProfile=userProfile, username=username, authenticationMethod=locabdb_auth_key) authentication.save() if verbosity >= 1: self.stdout.write("MyTARDIS user created successfully.\n")
def authenticate(self, request): username = request.POST['username'] password = request.POST['password'] if not username or not password: return None # authenticate user and update group memberships if not settings.VBLSTORAGEGATEWAY: return None client = Client(settings.VBLSTORAGEGATEWAY) client.set_options(cache=None) # result = str(client.service.VBLgetExpIDs(username, password)) result = str(client.service.VBLgetSOAPLoginKey(username, password)) if result == 'None' or result.startswith('Error'): return None else: request.session[SOAPLoginKey] = result isDjangoAccount = True try: # check if the given username in combination with the VBL # auth method is already in the UserAuthentication table user = UserAuthentication.objects.get(username=username, authenticationMethod=auth_key).userProfile.user except UserAuthentication.DoesNotExist: # if request.user is not null, then we can assume that we are only # calling this function to verify if the provided username and # password will authenticate with this backend if type(request.user) is not AnonymousUser: user = request.user # else, create a new user with a random password else: isDjangoAccount = False name = username.partition('@')[0] # length of the maximum username and the separator `_` max_length = 31 - len(name) name = '%s_%s' % (auth_key, name[0:max_length]) password = User.objects.make_random_password() user = User.objects.create_user(username=name, password=password, email=username) user.save() try: # we'll also try and check if the user already has an # existing userProfile attached to his/her account userProfile = UserProfile.objects.get(user=user) except UserProfile.DoesNotExist: userProfile = UserProfile(user=user, isDjangoAccount=isDjangoAccount) userProfile.save() userAuth = UserAuthentication(userProfile=userProfile, username=username, authenticationMethod=auth_key) userAuth.save() # result contains comma separated list of epns request.session[EPN_LIST] = \ str(client.service.VBLgetExpIDsFromEmail(username)).split(',') return user