def index(request): """Render the profile info page. Args: request (HttpRequest) Returns: HttpResponse: 200 if successful HttpResponse: 302 if not logged in (redirect to login page) HttpResponse: 405 if using an unsupported HTTP method Example usage: GET /profile """ user = request.user context = { 'disable_courseware_js': True } if settings.FEATURES.get('ENABLE_THIRD_PARTY_AUTH'): context['provider_user_states'] = pipeline.get_provider_user_states(user) return render_to_response('student_profile/index.html', context)
def test_states_for_enabled_providers_user_has_accounts_associated_with(self): # Enable two providers - Google and LinkedIn: google_provider = self.configure_google_provider(enabled=True) linkedin_provider = self.configure_linkedin_provider(enabled=True) user_social_auth_google = social_models.DjangoStorage.user.create_social_auth( self.user, 'uid', google_provider.backend_name) user_social_auth_linkedin = social_models.DjangoStorage.user.create_social_auth( self.user, 'uid', linkedin_provider.backend_name) states = pipeline.get_provider_user_states(self.user) self.assertEqual(2, len(states)) google_state = [state for state in states if state.provider.provider_id == google_provider.provider_id][0] linkedin_state = [state for state in states if state.provider.provider_id == linkedin_provider.provider_id][0] self.assertTrue(google_state.has_account) self.assertEqual(google_provider.provider_id, google_state.provider.provider_id) # Also check the row ID. Note this 'id' changes whenever the configuration does: self.assertEqual(google_provider.id, google_state.provider.id) self.assertEqual(self.user, google_state.user) self.assertEqual(user_social_auth_google.id, google_state.association_id) self.assertTrue(linkedin_state.has_account) self.assertEqual(linkedin_provider.provider_id, linkedin_state.provider.provider_id) self.assertEqual(linkedin_provider.id, linkedin_state.provider.id) self.assertEqual(self.user, linkedin_state.user) self.assertEqual(user_social_auth_linkedin.id, linkedin_state.association_id)
def test_states_for_enabled_providers_user_has_no_account_associated_with( self): # Enable two providers - Google and LinkedIn: google_provider = self.configure_google_provider(enabled=True) linkedin_provider = self.configure_linkedin_provider(enabled=True) self.assertEqual(len(provider.Registry.enabled()), 2) states = pipeline.get_provider_user_states(self.user) self.assertEqual( [], [x for x in social_models.DjangoStorage.user.objects.all()]) self.assertEqual(2, len(states)) google_state = [ state for state in states if state.provider.provider_id == google_provider.provider_id ][0] linkedin_state = [ state for state in states if state.provider.provider_id == linkedin_provider.provider_id ][0] self.assertFalse(google_state.has_account) self.assertEqual(google_provider.provider_id, google_state.provider.provider_id) # Also check the row ID. Note this 'id' changes whenever the configuration does: self.assertEqual(google_provider.id, google_state.provider.id) self.assertEqual(self.user, google_state.user) self.assertFalse(linkedin_state.has_account) self.assertEqual(linkedin_provider.provider_id, linkedin_state.provider.provider_id) self.assertEqual(linkedin_provider.id, linkedin_state.provider.id) self.assertEqual(self.user, linkedin_state.user)
def index(request): """Render the profile info page. Args: request (HttpRequest) Returns: HttpResponse: 200 if successful HttpResponse: 302 if not logged in (redirect to login page) HttpResponse: 405 if using an unsupported HTTP method Example: GET /profile """ user = request.user released_languages = language_api.released_languages() preferred_language_code = profile_api.preference_info(user.username).get(LANGUAGE_KEY) preferred_language = language_api.preferred_language(preferred_language_code) context = { 'disable_courseware_js': True, 'released_languages': released_languages, 'preferred_language': preferred_language, } if settings.FEATURES.get('ENABLE_THIRD_PARTY_AUTH'): context['provider_user_states'] = pipeline.get_provider_user_states(user) return render_to_response('student_profile/index.html', context)
def do_get(self, request, identifier): """ Fulfill the request, now that the identifier has been specified. """ is_unprivileged = self.is_unprivileged_query(request, identifier) if is_unprivileged: if not getattr(settings, 'ALLOW_UNPRIVILEGED_SSO_PROVIDER_QUERY', False): return Response(status=status.HTTP_403_FORBIDDEN) try: user = User.objects.get(**{identifier.kind: identifier.value}) except User.DoesNotExist: return Response(status=status.HTTP_404_NOT_FOUND) providers = pipeline.get_provider_user_states(user) active_providers = [ self.get_provider_data(assoc, is_unprivileged) for assoc in providers if assoc.has_account ] # In the future this can be trivially modified to return the inactive/disconnected providers as well. return Response({ "active": active_providers })
def test_state_not_returned_for_disabled_provider(self): disabled_provider = provider.GoogleOauth2 enabled_provider = provider.LinkedInOauth2 provider.Registry.configure_once([enabled_provider.NAME]) social_models.DjangoStorage.user.create_social_auth(self.user, 'uid', disabled_provider.BACKEND_CLASS.name) states = pipeline.get_provider_user_states(self.user) self.assertEqual(1, len(states)) self.assertNotIn(disabled_provider, (state.provider for state in states))
def test_state_not_returned_for_disabled_provider(self): disabled_provider = self.configure_google_provider(enabled=False) enabled_provider = self.configure_facebook_provider(enabled=True) social_models.DjangoStorage.user.create_social_auth(self.user, 'uid', disabled_provider.backend_name) states = pipeline.get_provider_user_states(self.user) self.assertEqual(1, len(states)) self.assertNotIn(disabled_provider.provider_id, (state.provider.provider_id for state in states)) self.assertIn(enabled_provider.provider_id, (state.provider.provider_id for state in states))
def get(self, request): """ GET /api/third_party_auth/v0/providers/user_status/ **GET Response Values** ``` { "accepts_logins": true, "name": "Google", "disconnect_url": "/auth/disconnect/google-oauth2/?", "connect_url": "/auth/login/google-oauth2/?auth_entry=account_settings&next=%2Faccount%2Fsettings", "connected": false, "id": "oa2-google-oauth2" } ``` """ tpa_states = [] for state in pipeline.get_provider_user_states(request.user): # We only want to include providers if they are either currently available to be logged # in with, or if the user is already authenticated with them. if state.provider.display_for_login or state.has_account: tpa_states.append({ 'id': state.provider.provider_id, 'name': state.provider. name, # The name of the provider e.g. Facebook 'connected': state. has_account, # Whether the user's edX account is connected with the provider. # If the user is not connected, they should be directed to this page to authenticate # with the particular provider, as long as the provider supports initiating a login. 'connect_url': pipeline.get_login_url( state.provider.provider_id, pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS, # The url the user should be directed to after the auth process has completed. redirect_url=reverse('account_settings'), ), 'accepts_logins': state.provider.accepts_logins, # If the user is connected, sending a POST request to this url removes the connection # information for this provider from their edX account. 'disconnect_url': pipeline.get_disconnect_url(state.provider.provider_id, state.association_id), }) return Response(tpa_states)
def test_states_for_enabled_providers_user_has_no_account_associated_with(self): provider.Registry.configure_once([provider.GoogleOauth2.NAME, provider.LinkedInOauth2.NAME]) states = pipeline.get_provider_user_states(self.user) self.assertEqual([], [x for x in social_models.DjangoStorage.user.objects.all()]) self.assertEqual(2, len(states)) google_state = [state for state in states if state.provider == provider.GoogleOauth2][0] linkedin_state = [state for state in states if state.provider == provider.LinkedInOauth2][0] self.assertFalse(google_state.has_account) self.assertEqual(provider.GoogleOauth2, google_state.provider) self.assertEqual(self.user, google_state.user) self.assertFalse(linkedin_state.has_account) self.assertEqual(provider.LinkedInOauth2, linkedin_state.provider) self.assertEqual(self.user, linkedin_state.user)
def test_states_for_enabled_providers_user_has_accounts_associated_with(self): provider.Registry.configure_once([provider.GoogleOauth2.NAME, provider.LinkedInOauth2.NAME]) social_models.DjangoStorage.user.create_social_auth(self.user, 'uid', provider.GoogleOauth2.BACKEND_CLASS.name) social_models.DjangoStorage.user.create_social_auth( self.user, 'uid', provider.LinkedInOauth2.BACKEND_CLASS.name) states = pipeline.get_provider_user_states(self.user) self.assertEqual(2, len(states)) google_state = [state for state in states if state.provider == provider.GoogleOauth2][0] linkedin_state = [state for state in states if state.provider == provider.LinkedInOauth2][0] self.assertTrue(google_state.has_account) self.assertEqual(provider.GoogleOauth2, google_state.provider) self.assertEqual(self.user, google_state.user) self.assertTrue(linkedin_state.has_account) self.assertEqual(provider.LinkedInOauth2, linkedin_state.provider) self.assertEqual(self.user, linkedin_state.user)
def get(self, request, username): """Create, read, or update enrollment information for a user. HTTP Endpoint for all CRUD operations for a user course enrollment. Allows creation, reading, and updates of the current enrollment for a particular course. Args: request (Request): The HTTP GET request username (str): Fetch the list of providers linked to this user Return: JSON serialized list of the providers linked to this user. """ if request.user.username != username: # We are querying permissions for a user other than the current user. if not request.user.is_superuser and not ApiKeyHeaderPermission().has_permission(request, self): # Return a 403 (Unauthorized) without validating 'username', so that we # do not let users probe the existence of other user accounts. return Response(status=status.HTTP_403_FORBIDDEN) try: user = User.objects.get(username=username) except User.DoesNotExist: return Response(status=status.HTTP_404_NOT_FOUND) providers = pipeline.get_provider_user_states(user) active_providers = [ { "provider_id": assoc.provider.provider_id, "name": assoc.provider.name, "remote_id": assoc.remote_id, } for assoc in providers if assoc.has_account ] # In the future this can be trivially modified to return the inactive/disconnected providers as well. return Response({ "active": active_providers })
def _get_profile(request): """Retrieve the user's profile information, including an HTML form that students can use to update the information. Args: request (HttpRequest) Returns: HttpResponse """ user = request.user context = { 'disable_courseware_js': True } if settings.FEATURES.get('ENABLE_THIRD_PARTY_AUTH'): context['provider_user_states'] = pipeline.get_provider_user_states(user) return render_to_response('student_profile/index.html', context)
def get(self, request, username): """Create, read, or update enrollment information for a user. HTTP Endpoint for all CRUD operations for a user course enrollment. Allows creation, reading, and updates of the current enrollment for a particular course. Args: request (Request): The HTTP GET request username (str): Fetch the list of providers linked to this user Return: JSON serialized list of the providers linked to this user. """ is_unprivileged = self.is_unprivileged_query(request, username) if is_unprivileged: if not getattr(settings, 'ALLOW_UNPRIVILEGED_SSO_PROVIDER_QUERY', False): return Response(status=status.HTTP_403_FORBIDDEN) try: if '@' in username: user = User.objects.get(email=username) else: user = User.objects.get(username=username) except User.DoesNotExist: return Response(status=status.HTTP_404_NOT_FOUND) providers = pipeline.get_provider_user_states(user) active_providers = [ self.get_provider_data(assoc, is_unprivileged) for assoc in providers if assoc.has_account ] # In the future this can be trivially modified to return the inactive/disconnected providers as well. return Response({ "active": active_providers, "account_active": user.is_active, })
def get(self, request): """ GET /api/third_party_auth/v0/providers/user_status/ **GET Response Values** { "accepts_logins": true, "name": "Google", "disconnect_url": "/auth/disconnect/google-oauth2/?", "connect_url": "/auth/login/google-oauth2/?auth_entry=account_settings&next=%2Faccount%2Fsettings", "connected": false, "id": "oa2-google-oauth2" } """ tpa_states = [] for state in pipeline.get_provider_user_states(request.user): # We only want to include providers if they are either currently available to be logged # in with, or if the user is already authenticated with them. if state.provider.display_for_login or state.has_account: tpa_states.append({ 'id': state.provider.provider_id, 'name': state.provider.name, # The name of the provider e.g. Facebook 'connected': state.has_account, # Whether the user's edX account is connected with the provider. # If the user is not connected, they should be directed to this page to authenticate # with the particular provider, as long as the provider supports initiating a login. 'connect_url': pipeline.get_login_url( state.provider.provider_id, pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS, # The url the user should be directed to after the auth process has completed. redirect_url=reverse('account_settings'), ), 'accepts_logins': state.provider.accepts_logins, # If the user is connected, sending a POST request to this url removes the connection # information for this provider from their edX account. 'disconnect_url': pipeline.get_disconnect_url(state.provider.provider_id, state.association_id), }) return Response(tpa_states)
def get(self, request, username): """Create, read, or update enrollment information for a user. HTTP Endpoint for all CRUD operations for a user course enrollment. Allows creation, reading, and updates of the current enrollment for a particular course. Args: request (Request): The HTTP GET request username (str): Fetch the list of providers linked to this user Return: JSON serialized list of the providers linked to this user. """ is_unprivileged = self.is_unprivileged_query(request, username) if is_unprivileged: if not getattr(settings, 'ALLOW_UNPRIVILEGED_SSO_PROVIDER_QUERY', False): return Response(status=status.HTTP_403_FORBIDDEN) try: if '@' in username: user = User.objects.get(email=username) else: user = User.objects.get(username=username) except User.DoesNotExist: return Response(status=status.HTTP_404_NOT_FOUND) providers = pipeline.get_provider_user_states(user) active_providers = [ self.get_provider_data(assoc, is_unprivileged) for assoc in providers if assoc.has_account ] # In the future this can be trivially modified to return the inactive/disconnected providers as well. return Response({ "active": active_providers })
def index(request): """Render the profile info page. Args: request (HttpRequest) Returns: HttpResponse: 200 if successful HttpResponse: 302 if not logged in (redirect to login page) HttpResponse: 405 if using an unsupported HTTP method Example usage: GET /profile """ user = request.user return render_to_response( 'student_profile/index.html', { 'disable_courseware_js': True, 'provider_user_states': pipeline.get_provider_user_states(user), } )
def index(request): """Render the profile info page. Args: request (HttpRequest) Returns: HttpResponse: 200 if successful HttpResponse: 302 if not logged in (redirect to login page) HttpResponse: 405 if using an unsupported HTTP method Example: GET /profile """ user = request.user released_languages = language_api.released_languages() preferred_language_code = profile_api.preference_info( user.username).get(LANGUAGE_KEY) preferred_language = language_api.preferred_language( preferred_language_code) context = { 'disable_courseware_js': True, 'released_languages': released_languages, 'preferred_language': preferred_language, } if settings.FEATURES.get('ENABLE_THIRD_PARTY_AUTH'): context['provider_user_states'] = pipeline.get_provider_user_states( user) return render_to_response('student_profile/index.html', context)
def test_states_for_enabled_providers_user_has_no_account_associated_with(self): # Enable two providers - Google and LinkedIn: google_provider = self.configure_google_provider(enabled=True) linkedin_provider = self.configure_linkedin_provider(enabled=True) self.assertEqual(len(provider.Registry.enabled()), 2) states = pipeline.get_provider_user_states(self.user) self.assertEqual([], [x for x in social_models.DjangoStorage.user.objects.all()]) self.assertEqual(2, len(states)) google_state = [state for state in states if state.provider.provider_id == google_provider.provider_id][0] linkedin_state = [state for state in states if state.provider.provider_id == linkedin_provider.provider_id][0] self.assertFalse(google_state.has_account) self.assertEqual(google_provider.provider_id, google_state.provider.provider_id) # Also check the row ID. Note this 'id' changes whenever the configuration does: self.assertEqual(google_provider.id, google_state.provider.id) self.assertEqual(self.user, google_state.user) self.assertFalse(linkedin_state.has_account) self.assertEqual(linkedin_provider.provider_id, linkedin_state.provider.provider_id) self.assertEqual(linkedin_provider.id, linkedin_state.provider.id) self.assertEqual(self.user, linkedin_state.user)
def account_settings_context(request): """ Context for the account settings page. Args: request: The request object. Returns: dict """ user = request.user year_of_birth_options = [(unicode(year), unicode(year)) for year in UserProfile.VALID_YEARS] context = { "auth": {}, "duplicate_provider": None, "fields": { "country": {"options": list(countries)}, "gender": { "options": [ (choice[0], _(choice[1])) for choice in UserProfile.GENDER_CHOICES ] # pylint: disable=translation-of-non-string }, "language": {"options": released_languages()}, "level_of_education": { "options": [ (choice[0], _(choice[1])) for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES ] # pylint: disable=translation-of-non-string }, "password": {"url": reverse("password_reset")}, "year_of_birth": {"options": year_of_birth_options}, "preferred_language": {"options": settings.ALL_LANGUAGES}, }, "platform_name": settings.PLATFORM_NAME, "user_accounts_api_url": reverse("accounts_api", kwargs={"username": user.username}), "user_preferences_api_url": reverse("preferences_api", kwargs={"username": user.username}), "disable_courseware_js": True, } if third_party_auth.is_enabled(): # If the account on the third party provider is already connected with another edX account, # we display a message to the user. context["duplicate_provider"] = pipeline.get_duplicate_provider(messages.get_messages(request)) auth_states = pipeline.get_provider_user_states(user) context["auth"]["providers"] = [ { "id": state.provider.provider_id, "name": state.provider.name, # The name of the provider e.g. Facebook "connected": state.has_account, # Whether the user's edX account is connected with the provider. # If the user is not connected, they should be directed to this page to authenticate # with the particular provider, as long as the provider supports initiating a login. "connect_url": pipeline.get_login_url( state.provider.provider_id, pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS, # The url the user should be directed to after the auth process has completed. redirect_url=reverse("account_settings"), ), "accepts_logins": state.provider.accepts_logins, # If the user is connected, sending a POST request to this url removes the connection # information for this provider from their edX account. "disconnect_url": pipeline.get_disconnect_url(state.provider.provider_id, state.association_id), } for state in auth_states ] return context
def test_returns_empty_list_if_no_enabled_providers(self): self.assertFalse(provider.Registry.enabled()) self.assertEqual([], pipeline.get_provider_user_states(self.user))
def account_settings_context(request): """ Context for the account settings page. Args: request: The request object. Returns: dict """ user = request.user year_of_birth_options = [(unicode(year), unicode(year)) for year in UserProfile.VALID_YEARS] try: user_orders = get_user_orders(user) except: # pylint: disable=bare-except log.exception('Error fetching order history from Otto.') # Return empty order list as account settings page expect a list and # it will be broken if exception raised user_orders = [] beta_language = {} dark_lang_config = DarkLangConfig.current() if dark_lang_config.enable_beta_languages: user_preferences = get_user_preferences(user) pref_language = user_preferences.get('pref-lang') if pref_language in dark_lang_config.beta_languages_list: beta_language['code'] = pref_language beta_language['name'] = settings.LANGUAGE_DICT.get(pref_language) context = { 'auth': {}, 'duplicate_provider': None, 'nav_hidden': True, 'fields': { 'country': { 'options': list(countries), }, 'gender': { 'options': [(choice[0], _(choice[1])) for choice in UserProfile.GENDER_CHOICES], }, 'language': { 'options': released_languages(), }, 'level_of_education': { 'options': [(choice[0], _(choice[1])) for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES], }, 'password': { 'url': reverse('password_reset'), }, 'year_of_birth': { 'options': year_of_birth_options, }, 'preferred_language': { 'options': all_languages(), }, 'time_zone': { 'options': TIME_ZONE_CHOICES, } }, 'platform_name': configuration_helpers.get_value('PLATFORM_NAME', settings.PLATFORM_NAME), 'password_reset_support_link': configuration_helpers.get_value( 'PASSWORD_RESET_SUPPORT_LINK', settings.PASSWORD_RESET_SUPPORT_LINK ) or settings.SUPPORT_SITE_LINK, 'user_accounts_api_url': reverse("accounts_api", kwargs={'username': user.username}), 'user_preferences_api_url': reverse('preferences_api', kwargs={'username': user.username}), 'disable_courseware_js': True, 'show_program_listing': ProgramsApiConfig.is_enabled(), 'show_dashboard_tabs': True, 'order_history': user_orders, 'disable_order_history_tab': should_redirect_to_order_history_microfrontend(), 'enable_account_deletion': configuration_helpers.get_value( 'ENABLE_ACCOUNT_DELETION', settings.FEATURES.get('ENABLE_ACCOUNT_DELETION', False) ), 'extended_profile_fields': _get_extended_profile_fields(), 'beta_language': beta_language, } enterprise_customer = get_enterprise_customer_for_learner(user=request.user) update_account_settings_context_for_enterprise(context, enterprise_customer) if third_party_auth.is_enabled(): # If the account on the third party provider is already connected with another edX account, # we display a message to the user. context['duplicate_provider'] = pipeline.get_duplicate_provider(messages.get_messages(request)) auth_states = pipeline.get_provider_user_states(user) context['auth']['providers'] = [{ 'id': state.provider.provider_id, 'name': state.provider.name, # The name of the provider e.g. Facebook 'connected': state.has_account, # Whether the user's edX account is connected with the provider. # If the user is not connected, they should be directed to this page to authenticate # with the particular provider, as long as the provider supports initiating a login. 'connect_url': pipeline.get_login_url( state.provider.provider_id, pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS, # The url the user should be directed to after the auth process has completed. redirect_url=reverse('account_settings'), ), 'accepts_logins': state.provider.accepts_logins, # If the user is connected, sending a POST request to this url removes the connection # information for this provider from their edX account. 'disconnect_url': pipeline.get_disconnect_url(state.provider.provider_id, state.association_id), # We only want to include providers if they are either currently available to be logged # in with, or if the user is already authenticated with them. } for state in auth_states if state.provider.display_for_login or state.has_account] return context
def account_settings_context(request): """ Context for the account settings page. Args: request: The request object. Returns: dict """ user = request.user year_of_birth_options = [(unicode(year), unicode(year)) for year in UserProfile.VALID_YEARS] comuni_options = (("0", "Ninguna"), ("1", "Andalucía"), ("2", "Aragón"), ("3", "Asturias"), ("4", "Baleares"), ("5", "Canarias"), ("6", "Cantabria"), ("7", "Castilla y León"), ("8", "Castilla - La Mancha"), ("9", "Cataluña"), ("10", "Extremadura"), ("11", "Galicia"), ("12", "Madrid"), ("13", "Murcia"), ("14", "Navarra"), ("15", "País Vasco"), ("16", "La Rioja"), ("17", "Valencia"), ("18", "Ceuta"), ("19", "Melilla")) esdoce_options = (("1", _("Yes")), ("2", _("No"))) camp2_options = (("0", "--"), ("1", pgettext("Educational institution", "State")), ("2", _("Subsidized")), ("3", _("Private"))) context = { 'auth': {}, 'duplicate_provider': None, 'fields': { 'country': { 'options': list(countries), }, 'gender': { 'options': [(choice[0], _(choice[1])) for choice in UserProfile.GENDER_CHOICES], # pylint: disable=translation-of-non-string }, 'language': { 'options': released_languages(), }, 'level_of_education': { 'options': [(choice[0], _(choice[1])) for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES], # pylint: disable=translation-of-non-string }, 'password': { 'url': reverse('password_reset'), }, 'year_of_birth': { 'options': year_of_birth_options, }, 'preferred_language': { 'options': settings.ALL_LANGUAGES, }, 'comuni': { 'options': comuni_options, }, 'esdoce': { 'options': esdoce_options, }, 'camp2': { 'options': camp2_options, } }, 'platform_name': settings.PLATFORM_NAME, 'user_accounts_api_url': reverse("accounts_api", kwargs={'username': user.username}), 'user_preferences_api_url': reverse('preferences_api', kwargs={'username': user.username}), 'disable_courseware_js': True, } if third_party_auth.is_enabled(): # If the account on the third party provider is already connected with another edX account, # we display a message to the user. context['duplicate_provider'] = pipeline.get_duplicate_provider( messages.get_messages(request)) auth_states = pipeline.get_provider_user_states(user) context['auth']['providers'] = [ { 'id': state.provider.provider_id, 'name': state.provider.name, # The name of the provider e.g. Facebook 'connected': state. has_account, # Whether the user's edX account is connected with the provider. # If the user is not connected, they should be directed to this page to authenticate # with the particular provider, as long as the provider supports initiating a login. 'connect_url': pipeline.get_login_url( state.provider.provider_id, pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS, # The url the user should be directed to after the auth process has completed. redirect_url=reverse('account_settings'), ), 'accepts_logins': state.provider.accepts_logins, # If the user is connected, sending a POST request to this url removes the connection # information for this provider from their edX account. 'disconnect_url': pipeline.get_disconnect_url(state.provider.provider_id, state.association_id), } for state in auth_states ] return context
def account_settings_context(request): """ Context for the account settings page. Args: request: The request object. Returns: dict """ user = request.user year_of_birth_options = [(unicode(year), unicode(year)) for year in UserProfile.VALID_YEARS] context = { 'auth': {}, 'duplicate_provider': None, 'fields': { 'country': { 'options': list(countries), }, 'gender': { 'options': [(choice[0], _(choice[1])) for choice in UserProfile.GENDER_CHOICES], # pylint: disable=translation-of-non-string }, 'language': { 'options': released_languages(), }, 'level_of_education': { 'options': [(choice[0], _(choice[1])) for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES], # pylint: disable=translation-of-non-string }, 'password': { 'url': reverse('password_reset'), }, 'year_of_birth': { 'options': year_of_birth_options, }, 'preferred_language': { 'options': settings.ALL_LANGUAGES, } }, 'platform_name': settings.PLATFORM_NAME, 'user_accounts_api_url': reverse("accounts_api", kwargs={'username': user.username}), 'user_preferences_api_url': reverse('preferences_api', kwargs={'username': user.username}), 'disable_courseware_js': True, } if third_party_auth.is_enabled(): # If the account on the third party provider is already connected with another edX account, # we display a message to the user. context['duplicate_provider'] = pipeline.get_duplicate_provider(messages.get_messages(request)) auth_states = pipeline.get_provider_user_states(user) context['auth']['providers'] = [{ 'id': state.provider.provider_id, 'name': state.provider.name, # The name of the provider e.g. Facebook 'connected': state.has_account, # Whether the user's edX account is connected with the provider. # If the user is not connected, they should be directed to this page to authenticate # with the particular provider. 'connect_url': pipeline.get_login_url( state.provider.provider_id, pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS, # The url the user should be directed to after the auth process has completed. redirect_url=reverse('account_settings'), ), # If the user is connected, sending a POST request to this url removes the connection # information for this provider from their edX account. 'disconnect_url': pipeline.get_disconnect_url(state.provider.provider_id, state.association_id), } for state in auth_states] return context
def account_settings_context(request): """ Context for the account settings page. Args: request: The request object. Returns: dict """ user = request.user country_options = [ (country_code, _(country_name)) # pylint: disable=translation-of-non-string for country_code, country_name in sorted(countries.countries, key=lambda (__, name): unicode(name)) ] year_of_birth_options = [(unicode(year), unicode(year)) for year in UserProfile.VALID_YEARS] context = { "auth": {}, "duplicate_provider": None, "fields": { "country": {"options": country_options}, "gender": { "options": [ (choice[0], _(choice[1])) for choice in UserProfile.GENDER_CHOICES ] # pylint: disable=translation-of-non-string }, "language": {"options": released_languages()}, "level_of_education": { "options": [ (choice[0], _(choice[1])) for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES ] # pylint: disable=translation-of-non-string }, "password": {"url": reverse("password_reset")}, "year_of_birth": {"options": year_of_birth_options}, "preferred_language": {"options": settings.ALL_LANGUAGES}, }, "platform_name": settings.PLATFORM_NAME, "user_accounts_api_url": reverse("accounts_api", kwargs={"username": user.username}), "user_preferences_api_url": reverse("preferences_api", kwargs={"username": user.username}), } if third_party_auth.is_enabled(): # If the account on the third party provider is already connected with another edX account, # we display a message to the user. context["duplicate_provider"] = pipeline.get_duplicate_provider(messages.get_messages(request)) auth_states = pipeline.get_provider_user_states(user) context["auth"]["providers"] = [ { "name": state.provider.NAME, # The name of the provider e.g. Facebook "connected": state.has_account, # Whether the user's edX account is connected with the provider. # If the user is not connected, they should be directed to this page to authenticate # with the particular provider. "connect_url": pipeline.get_login_url( state.provider.NAME, pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS, # The url the user should be directed to after the auth process has completed. redirect_url=reverse("account_settings"), ), # If the user is connected, sending a POST request to this url removes the connection # information for this provider from their edX account. "disconnect_url": pipeline.get_disconnect_url(state.provider.NAME), } for state in auth_states ] try: external_auth_map = ExternalAuthMap.objects.get(user=user) except: external_auth_map = None context["is_shib_auth"] = "shib" in external_auth_map.external_domain if external_auth_map else False return context
def test_returns_empty_list_if_no_enabled_providers(self): provider.Registry.configure_once([]) self.assertEquals([], pipeline.get_provider_user_states(self.user))
def account_settings_context(request): """ Context for the account settings page. Args: request: The request object. Returns: dict """ user = request.user year_of_birth_options = [(unicode(year), unicode(year)) for year in UserProfile.VALID_YEARS] context = { 'auth': {}, 'duplicate_provider': None, 'fields': { 'country': { 'options': list(countries), }, 'gender': { 'options': [(choice[0], _(choice[1])) for choice in UserProfile.GENDER_CHOICES], # pylint: disable=translation-of-non-string }, 'language': { 'options': released_languages(), }, 'level_of_education': { 'options': [(choice[0], _(choice[1])) for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES], # pylint: disable=translation-of-non-string }, 'password': { 'url': reverse('password_reset'), }, 'year_of_birth': { 'options': year_of_birth_options, }, 'preferred_language': { 'options': settings.ALL_LANGUAGES, } }, 'platform_name': settings.PLATFORM_NAME, 'user_accounts_api_url': reverse("accounts_api", kwargs={'username': user.username}), 'user_preferences_api_url': reverse('preferences_api', kwargs={'username': user.username}), } if third_party_auth.is_enabled(): # If the account on the third party provider is already connected with another edX account, # we display a message to the user. context['duplicate_provider'] = pipeline.get_duplicate_provider( messages.get_messages(request)) auth_states = pipeline.get_provider_user_states(user) context['auth']['providers'] = [ { 'id': state.provider.provider_id, 'name': state.provider.name, # The name of the provider e.g. Facebook 'connected': state. has_account, # Whether the user's edX account is connected with the provider. # If the user is not connected, they should be directed to this page to authenticate # with the particular provider. 'connect_url': pipeline.get_login_url( state.provider.provider_id, pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS, # The url the user should be directed to after the auth process has completed. redirect_url=reverse('account_settings'), ), # If the user is connected, sending a POST request to this url removes the connection # information for this provider from their edX account. 'disconnect_url': pipeline.get_disconnect_url(state.provider.provider_id, state.association_id), } for state in auth_states ] return context
def account_settings_context(request): """ Context for the account settings page. Args: request: The request object. Returns: dict """ user = request.user year_of_birth_options = [(unicode(year), unicode(year)) for year in UserProfile.VALID_YEARS] try: user_orders = get_user_orders(user) except: # pylint: disable=bare-except log.exception('Error fetching order history from Otto.') # Return empty order list as account settings page expect a list and # it will be broken if exception raised user_orders = [] context = { 'auth': {}, 'duplicate_provider': None, 'fields': { 'country': { 'options': list(countries), }, 'gender': { 'options': [(choice[0], _(choice[1])) for choice in UserProfile.GENDER_CHOICES], # pylint: disable=translation-of-non-string }, 'language': { 'options': released_languages(), }, 'level_of_education': { 'options': [(choice[0], _(choice[1])) for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES], # pylint: disable=translation-of-non-string }, 'password': { 'url': reverse('password_reset'), }, 'year_of_birth': { 'options': year_of_birth_options, }, 'preferred_language': { 'options': all_languages(), } }, 'platform_name': get_themed_value('PLATFORM_NAME', settings.PLATFORM_NAME), 'user_accounts_api_url': reverse("accounts_api", kwargs={'username': user.username}), 'user_preferences_api_url': reverse('preferences_api', kwargs={'username': user.username}), 'disable_courseware_js': True, 'show_program_listing': ProgramsApiConfig.current().show_program_listing, 'order_history': user_orders } if third_party_auth.is_enabled(): # If the account on the third party provider is already connected with another edX account, # we display a message to the user. context['duplicate_provider'] = pipeline.get_duplicate_provider( messages.get_messages(request)) auth_states = pipeline.get_provider_user_states(user) context['auth']['providers'] = [ { 'id': state.provider.provider_id, 'name': state.provider.name, # The name of the provider e.g. Facebook 'connected': state. has_account, # Whether the user's edX account is connected with the provider. # If the user is not connected, they should be directed to this page to authenticate # with the particular provider, as long as the provider supports initiating a login. 'connect_url': pipeline.get_login_url( state.provider.provider_id, pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS, # The url the user should be directed to after the auth process has completed. redirect_url=reverse('account_settings'), ), 'accepts_logins': state.provider.accepts_logins, # If the user is connected, sending a POST request to this url removes the connection # information for this provider from their edX account. 'disconnect_url': pipeline.get_disconnect_url(state.provider.provider_id, state.association_id), } for state in auth_states ] return context
def account_settings_context(request): """ Context for the account settings page. Args: request: The request object. Returns: dict """ user = request.user year_of_birth_options = [(unicode(year), unicode(year)) for year in UserProfile.VALID_YEARS] try: user_orders = get_user_orders(user) except: # pylint: disable=bare-except log.exception('Error fetching order history from Otto.') # Return empty order list as account settings page expect a list and # it will be broken if exception raised user_orders = [] context = { 'auth': {}, 'duplicate_provider': None, 'nav_hidden': True, 'fields': { 'country': { 'options': list(countries), }, 'gender': { 'options': [(choice[0], _(choice[1])) for choice in UserProfile.GENDER_CHOICES], # pylint: disable=translation-of-non-string }, 'language': { 'options': released_languages(), }, 'level_of_education': { 'options': [(choice[0], _(choice[1])) for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES], # pylint: disable=translation-of-non-string }, 'password': { 'url': reverse('password_reset'), }, 'year_of_birth': { 'options': year_of_birth_options, }, 'preferred_language': { 'options': all_languages(), }, 'time_zone': { 'options': TIME_ZONE_CHOICES, } }, 'platform_name': configuration_helpers.get_value('PLATFORM_NAME', settings.PLATFORM_NAME), 'password_reset_support_link': configuration_helpers.get_value('PASSWORD_RESET_SUPPORT_LINK', settings.PASSWORD_RESET_SUPPORT_LINK) or settings.SUPPORT_SITE_LINK, 'user_accounts_api_url': reverse("accounts_api", kwargs={'username': user.username}), 'user_preferences_api_url': reverse('preferences_api', kwargs={'username': user.username}), 'disable_courseware_js': True, 'show_program_listing': ProgramsApiConfig.is_enabled(), 'show_dashboard_tabs': True, 'order_history': user_orders, 'enable_account_deletion': configuration_helpers.get_value( 'ENABLE_ACCOUNT_DELETION', settings.FEATURES.get('ENABLE_ACCOUNT_DELETION', False)), 'extended_profile_fields': _get_extended_profile_fields(), } enterprise_customer = get_enterprise_customer_for_learner( site=request.site, user=request.user) update_account_settings_context_for_enterprise(context, enterprise_customer) if third_party_auth.is_enabled(): # If the account on the third party provider is already connected with another edX account, # we display a message to the user. context['duplicate_provider'] = pipeline.get_duplicate_provider( messages.get_messages(request)) auth_states = pipeline.get_provider_user_states(user) context['auth']['providers'] = [ { 'id': state.provider.provider_id, 'name': state.provider.name, # The name of the provider e.g. Facebook 'connected': state. has_account, # Whether the user's edX account is connected with the provider. # If the user is not connected, they should be directed to this page to authenticate # with the particular provider, as long as the provider supports initiating a login. 'connect_url': pipeline.get_login_url( state.provider.provider_id, pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS, # The url the user should be directed to after the auth process has completed. redirect_url=reverse('account_settings'), ), 'accepts_logins': state.provider.accepts_logins, # If the user is connected, sending a POST request to this url removes the connection # information for this provider from their edX account. 'disconnect_url': pipeline.get_disconnect_url(state.provider.provider_id, state.association_id), # We only want to include providers if they are either currently available to be logged # in with, or if the user is already authenticated with them. } for state in auth_states if state.provider.display_for_login or state.has_account ] return context
def test_returns_empty_list_if_no_enabled_providers(self): self.assertFalse(provider.Registry.enabled()) self.assertEquals([], pipeline.get_provider_user_states(self.user))
def account_settings_context(request): """ Context for the account settings page. Args: request: The request object. Returns: dict """ user = request.user year_of_birth_options = [(unicode(year), unicode(year)) for year in UserProfile.VALID_YEARS] try: user_orders = get_user_orders(user) except: # pylint: disable=bare-except log.exception('Error fetching order history from Otto.') # Return empty order list as account settings page expect a list and # it will be broken if exception raised user_orders = [] context = { 'auth': {}, 'duplicate_provider': None, 'fields': { 'country': { 'options': list(countries), }, 'gender': { 'options': [(choice[0], _(choice[1])) for choice in UserProfile.GENDER_CHOICES], # pylint: disable=translation-of-non-string }, 'language': { 'options': released_languages(), }, 'level_of_education': { 'options': [(choice[0], _(choice[1])) for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES], # pylint: disable=translation-of-non-string }, 'password': { 'url': reverse('password_reset'), }, 'year_of_birth': { 'options': year_of_birth_options, }, 'preferred_language': { 'options': all_languages(), }, 'time_zone': { 'options': UserPreference.TIME_ZONE_CHOICES, 'enabled': settings.FEATURES.get('ENABLE_TIME_ZONE_PREFERENCE'), } }, 'platform_name': get_themed_value('PLATFORM_NAME', settings.PLATFORM_NAME), 'user_accounts_api_url': reverse("accounts_api", kwargs={'username': user.username}), 'user_preferences_api_url': reverse('preferences_api', kwargs={'username': user.username}), 'disable_courseware_js': True, 'show_program_listing': ProgramsApiConfig.current().show_program_listing, 'order_history': user_orders } if third_party_auth.is_enabled(): # If the account on the third party provider is already connected with another edX account, # we display a message to the user. context['duplicate_provider'] = pipeline.get_duplicate_provider(messages.get_messages(request)) auth_states = pipeline.get_provider_user_states(user) context['auth']['providers'] = [{ 'id': state.provider.provider_id, 'name': state.provider.name, # The name of the provider e.g. Facebook 'connected': state.has_account, # Whether the user's edX account is connected with the provider. # If the user is not connected, they should be directed to this page to authenticate # with the particular provider, as long as the provider supports initiating a login. 'connect_url': pipeline.get_login_url( state.provider.provider_id, pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS, # The url the user should be directed to after the auth process has completed. redirect_url=reverse('account_settings'), ), 'accepts_logins': state.provider.accepts_logins, # If the user is connected, sending a POST request to this url removes the connection # information for this provider from their edX account. 'disconnect_url': pipeline.get_disconnect_url(state.provider.provider_id, state.association_id), } for state in auth_states] return context
def account_settings_context(request): """ Context for the account settings page. Args: request: The request object. Returns: dict """ user = request.user year_of_birth_options = [(unicode(year), unicode(year)) for year in UserProfile.VALID_YEARS] try: user_orders = get_user_orders(user) except: # pylint: disable=bare-except log.exception("Error fetching order history from Otto.") # Return empty order list as account settings page expect a list and # it will be broken if exception raised user_orders = [] context = { "auth": {}, "duplicate_provider": None, "fields": { "country": {"options": list(countries)}, "gender": { "options": [ (choice[0], _(choice[1])) for choice in UserProfile.GENDER_CHOICES ] # pylint: disable=translation-of-non-string }, "language": {"options": released_languages()}, "level_of_education": { "options": [ (choice[0], _(choice[1])) for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES ] # pylint: disable=translation-of-non-string }, "password": {"url": reverse("password_reset")}, "year_of_birth": {"options": year_of_birth_options}, "preferred_language": {"options": all_languages()}, "time_zone": { "options": TIME_ZONE_CHOICES, "enabled": settings.FEATURES.get("ENABLE_TIME_ZONE_PREFERENCE"), }, }, "platform_name": get_themed_value("PLATFORM_NAME", settings.PLATFORM_NAME), "user_accounts_api_url": reverse("accounts_api", kwargs={"username": user.username}), "user_preferences_api_url": reverse("preferences_api", kwargs={"username": user.username}), "disable_courseware_js": True, "show_program_listing": ProgramsApiConfig.current().show_program_listing, "order_history": user_orders, } if third_party_auth.is_enabled(): # If the account on the third party provider is already connected with another edX account, # we display a message to the user. context["duplicate_provider"] = pipeline.get_duplicate_provider(messages.get_messages(request)) auth_states = pipeline.get_provider_user_states(user) context["auth"]["providers"] = [ { "id": state.provider.provider_id, "name": state.provider.name, # The name of the provider e.g. Facebook "connected": state.has_account, # Whether the user's edX account is connected with the provider. # If the user is not connected, they should be directed to this page to authenticate # with the particular provider, as long as the provider supports initiating a login. "connect_url": pipeline.get_login_url( state.provider.provider_id, pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS, # The url the user should be directed to after the auth process has completed. redirect_url=reverse("account_settings"), ), "accepts_logins": state.provider.accepts_logins, # If the user is connected, sending a POST request to this url removes the connection # information for this provider from their edX account. "disconnect_url": pipeline.get_disconnect_url(state.provider.provider_id, state.association_id), } for state in auth_states ] return context