def index(request):
"""Render the profile info page.
Args:
request (HttpRequest)
Returns:
HttpResponse: 200 if successful
HttpResponse: 302 if not logged in (redirect to login page)
HttpResponse: 405 if using an unsupported HTTP method
Example usage:
GET /profile
"""
user = request.user
context = {
'disable_courseware_js': True
}
if settings.FEATURES.get('ENABLE_THIRD_PARTY_AUTH'):
context['provider_user_states'] = pipeline.get_provider_user_states(user)
return render_to_response('student_profile/index.html', context)
def test_states_for_enabled_providers_user_has_accounts_associated_with(self):
# Enable two providers - Google and LinkedIn:
google_provider = self.configure_google_provider(enabled=True)
linkedin_provider = self.configure_linkedin_provider(enabled=True)
user_social_auth_google = social_models.DjangoStorage.user.create_social_auth(
self.user, 'uid', google_provider.backend_name)
user_social_auth_linkedin = social_models.DjangoStorage.user.create_social_auth(
self.user, 'uid', linkedin_provider.backend_name)
states = pipeline.get_provider_user_states(self.user)
self.assertEqual(2, len(states))
google_state = [state for state in states if state.provider.provider_id == google_provider.provider_id][0]
linkedin_state = [state for state in states if state.provider.provider_id == linkedin_provider.provider_id][0]
self.assertTrue(google_state.has_account)
self.assertEqual(google_provider.provider_id, google_state.provider.provider_id)
# Also check the row ID. Note this 'id' changes whenever the configuration does:
self.assertEqual(google_provider.id, google_state.provider.id)
self.assertEqual(self.user, google_state.user)
self.assertEqual(user_social_auth_google.id, google_state.association_id)
self.assertTrue(linkedin_state.has_account)
self.assertEqual(linkedin_provider.provider_id, linkedin_state.provider.provider_id)
self.assertEqual(linkedin_provider.id, linkedin_state.provider.id)
self.assertEqual(self.user, linkedin_state.user)
self.assertEqual(user_social_auth_linkedin.id, linkedin_state.association_id)
def test_states_for_enabled_providers_user_has_accounts_associated_with(self):
# Enable two providers - Google and LinkedIn:
google_provider = self.configure_google_provider(enabled=True)
linkedin_provider = self.configure_linkedin_provider(enabled=True)
user_social_auth_google = social_models.DjangoStorage.user.create_social_auth(
self.user, 'uid', google_provider.backend_name)
user_social_auth_linkedin = social_models.DjangoStorage.user.create_social_auth(
self.user, 'uid', linkedin_provider.backend_name)
states = pipeline.get_provider_user_states(self.user)
self.assertEqual(2, len(states))
google_state = [state for state in states if state.provider.provider_id == google_provider.provider_id][0]
linkedin_state = [state for state in states if state.provider.provider_id == linkedin_provider.provider_id][0]
self.assertTrue(google_state.has_account)
self.assertEqual(google_provider.provider_id, google_state.provider.provider_id)
# Also check the row ID. Note this 'id' changes whenever the configuration does:
self.assertEqual(google_provider.id, google_state.provider.id)
self.assertEqual(self.user, google_state.user)
self.assertEqual(user_social_auth_google.id, google_state.association_id)
self.assertTrue(linkedin_state.has_account)
self.assertEqual(linkedin_provider.provider_id, linkedin_state.provider.provider_id)
self.assertEqual(linkedin_provider.id, linkedin_state.provider.id)
self.assertEqual(self.user, linkedin_state.user)
self.assertEqual(user_social_auth_linkedin.id, linkedin_state.association_id)
def test_states_for_enabled_providers_user_has_no_account_associated_with(
self):
# Enable two providers - Google and LinkedIn:
google_provider = self.configure_google_provider(enabled=True)
linkedin_provider = self.configure_linkedin_provider(enabled=True)
self.assertEqual(len(provider.Registry.enabled()), 2)
states = pipeline.get_provider_user_states(self.user)
self.assertEqual(
[], [x for x in social_models.DjangoStorage.user.objects.all()])
self.assertEqual(2, len(states))
google_state = [
state for state in states
if state.provider.provider_id == google_provider.provider_id
][0]
linkedin_state = [
state for state in states
if state.provider.provider_id == linkedin_provider.provider_id
][0]
self.assertFalse(google_state.has_account)
self.assertEqual(google_provider.provider_id,
google_state.provider.provider_id)
# Also check the row ID. Note this 'id' changes whenever the configuration does:
self.assertEqual(google_provider.id, google_state.provider.id)
self.assertEqual(self.user, google_state.user)
self.assertFalse(linkedin_state.has_account)
self.assertEqual(linkedin_provider.provider_id,
linkedin_state.provider.provider_id)
self.assertEqual(linkedin_provider.id, linkedin_state.provider.id)
self.assertEqual(self.user, linkedin_state.user)
def index(request):
"""Render the profile info page.
Args:
request (HttpRequest)
Returns:
HttpResponse: 200 if successful
HttpResponse: 302 if not logged in (redirect to login page)
HttpResponse: 405 if using an unsupported HTTP method
Example:
GET /profile
"""
user = request.user
released_languages = language_api.released_languages()
preferred_language_code = profile_api.preference_info(user.username).get(LANGUAGE_KEY)
preferred_language = language_api.preferred_language(preferred_language_code)
context = {
'disable_courseware_js': True,
'released_languages': released_languages,
'preferred_language': preferred_language,
}
if settings.FEATURES.get('ENABLE_THIRD_PARTY_AUTH'):
context['provider_user_states'] = pipeline.get_provider_user_states(user)
return render_to_response('student_profile/index.html', context)
def do_get(self, request, identifier):
"""
Fulfill the request, now that the identifier has been specified.
"""
is_unprivileged = self.is_unprivileged_query(request, identifier)
if is_unprivileged:
if not getattr(settings, 'ALLOW_UNPRIVILEGED_SSO_PROVIDER_QUERY', False):
return Response(status=status.HTTP_403_FORBIDDEN)
try:
user = User.objects.get(**{identifier.kind: identifier.value})
except User.DoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
providers = pipeline.get_provider_user_states(user)
active_providers = [
self.get_provider_data(assoc, is_unprivileged)
for assoc in providers if assoc.has_account
]
# In the future this can be trivially modified to return the inactive/disconnected providers as well.
return Response({
"active": active_providers
})
def test_state_not_returned_for_disabled_provider(self):
disabled_provider = provider.GoogleOauth2
enabled_provider = provider.LinkedInOauth2
provider.Registry.configure_once([enabled_provider.NAME])
social_models.DjangoStorage.user.create_social_auth(self.user, 'uid', disabled_provider.BACKEND_CLASS.name)
states = pipeline.get_provider_user_states(self.user)
self.assertEqual(1, len(states))
self.assertNotIn(disabled_provider, (state.provider for state in states))
def test_state_not_returned_for_disabled_provider(self):
disabled_provider = self.configure_google_provider(enabled=False)
enabled_provider = self.configure_facebook_provider(enabled=True)
social_models.DjangoStorage.user.create_social_auth(self.user, 'uid', disabled_provider.backend_name)
states = pipeline.get_provider_user_states(self.user)
self.assertEqual(1, len(states))
self.assertNotIn(disabled_provider.provider_id, (state.provider.provider_id for state in states))
self.assertIn(enabled_provider.provider_id, (state.provider.provider_id for state in states))
def test_state_not_returned_for_disabled_provider(self):
disabled_provider = self.configure_google_provider(enabled=False)
enabled_provider = self.configure_facebook_provider(enabled=True)
social_models.DjangoStorage.user.create_social_auth(self.user, 'uid', disabled_provider.backend_name)
states = pipeline.get_provider_user_states(self.user)
self.assertEqual(1, len(states))
self.assertNotIn(disabled_provider.provider_id, (state.provider.provider_id for state in states))
self.assertIn(enabled_provider.provider_id, (state.provider.provider_id for state in states))
def get(self, request):
"""
GET /api/third_party_auth/v0/providers/user_status/
**GET Response Values**
```
{
"accepts_logins": true,
"name": "Google",
"disconnect_url": "/auth/disconnect/google-oauth2/?",
"connect_url": "/auth/login/google-oauth2/?auth_entry=account_settings&next=%2Faccount%2Fsettings",
"connected": false,
"id": "oa2-google-oauth2"
}
```
"""
tpa_states = []
for state in pipeline.get_provider_user_states(request.user):
# We only want to include providers if they are either currently available to be logged
# in with, or if the user is already authenticated with them.
if state.provider.display_for_login or state.has_account:
tpa_states.append({
'id':
state.provider.provider_id,
'name':
state.provider.
name, # The name of the provider e.g. Facebook
'connected':
state.
has_account, # Whether the user's edX account is connected with the provider.
# If the user is not connected, they should be directed to this page to authenticate
# with the particular provider, as long as the provider supports initiating a login.
'connect_url':
pipeline.get_login_url(
state.provider.provider_id,
pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS,
# The url the user should be directed to after the auth process has completed.
redirect_url=reverse('account_settings'),
),
'accepts_logins':
state.provider.accepts_logins,
# If the user is connected, sending a POST request to this url removes the connection
# information for this provider from their edX account.
'disconnect_url':
pipeline.get_disconnect_url(state.provider.provider_id,
state.association_id),
})
return Response(tpa_states)
def test_states_for_enabled_providers_user_has_no_account_associated_with(self):
provider.Registry.configure_once([provider.GoogleOauth2.NAME, provider.LinkedInOauth2.NAME])
states = pipeline.get_provider_user_states(self.user)
self.assertEqual([], [x for x in social_models.DjangoStorage.user.objects.all()])
self.assertEqual(2, len(states))
google_state = [state for state in states if state.provider == provider.GoogleOauth2][0]
linkedin_state = [state for state in states if state.provider == provider.LinkedInOauth2][0]
self.assertFalse(google_state.has_account)
self.assertEqual(provider.GoogleOauth2, google_state.provider)
self.assertEqual(self.user, google_state.user)
self.assertFalse(linkedin_state.has_account)
self.assertEqual(provider.LinkedInOauth2, linkedin_state.provider)
self.assertEqual(self.user, linkedin_state.user)
def test_states_for_enabled_providers_user_has_accounts_associated_with(self):
provider.Registry.configure_once([provider.GoogleOauth2.NAME, provider.LinkedInOauth2.NAME])
social_models.DjangoStorage.user.create_social_auth(self.user, 'uid', provider.GoogleOauth2.BACKEND_CLASS.name)
social_models.DjangoStorage.user.create_social_auth(
self.user, 'uid', provider.LinkedInOauth2.BACKEND_CLASS.name)
states = pipeline.get_provider_user_states(self.user)
self.assertEqual(2, len(states))
google_state = [state for state in states if state.provider == provider.GoogleOauth2][0]
linkedin_state = [state for state in states if state.provider == provider.LinkedInOauth2][0]
self.assertTrue(google_state.has_account)
self.assertEqual(provider.GoogleOauth2, google_state.provider)
self.assertEqual(self.user, google_state.user)
self.assertTrue(linkedin_state.has_account)
self.assertEqual(provider.LinkedInOauth2, linkedin_state.provider)
self.assertEqual(self.user, linkedin_state.user)
def get(self, request, username):
"""Create, read, or update enrollment information for a user.
HTTP Endpoint for all CRUD operations for a user course enrollment. Allows creation, reading, and
updates of the current enrollment for a particular course.
Args:
request (Request): The HTTP GET request
username (str): Fetch the list of providers linked to this user
Return:
JSON serialized list of the providers linked to this user.
"""
if request.user.username != username:
# We are querying permissions for a user other than the current user.
if not request.user.is_superuser and not ApiKeyHeaderPermission().has_permission(request, self):
# Return a 403 (Unauthorized) without validating 'username', so that we
# do not let users probe the existence of other user accounts.
return Response(status=status.HTTP_403_FORBIDDEN)
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
providers = pipeline.get_provider_user_states(user)
active_providers = [
{
"provider_id": assoc.provider.provider_id,
"name": assoc.provider.name,
"remote_id": assoc.remote_id,
}
for assoc in providers if assoc.has_account
]
# In the future this can be trivially modified to return the inactive/disconnected providers as well.
return Response({
"active": active_providers
})
def get(self, request, username):
"""Create, read, or update enrollment information for a user.
HTTP Endpoint for all CRUD operations for a user course enrollment. Allows creation, reading, and
updates of the current enrollment for a particular course.
Args:
request (Request): The HTTP GET request
username (str): Fetch the list of providers linked to this user
Return:
JSON serialized list of the providers linked to this user.
"""
if request.user.username != username:
# We are querying permissions for a user other than the current user.
if not request.user.is_superuser and not ApiKeyHeaderPermission().has_permission(request, self):
# Return a 403 (Unauthorized) without validating 'username', so that we
# do not let users probe the existence of other user accounts.
return Response(status=status.HTTP_403_FORBIDDEN)
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
providers = pipeline.get_provider_user_states(user)
active_providers = [
{
"provider_id": assoc.provider.provider_id,
"name": assoc.provider.name,
"remote_id": assoc.remote_id,
}
for assoc in providers if assoc.has_account
]
# In the future this can be trivially modified to return the inactive/disconnected providers as well.
return Response({
"active": active_providers
})
def _get_profile(request):
"""Retrieve the user's profile information, including an HTML form
that students can use to update the information.
Args:
request (HttpRequest)
Returns:
HttpResponse
"""
user = request.user
context = {
'disable_courseware_js': True
}
if settings.FEATURES.get('ENABLE_THIRD_PARTY_AUTH'):
context['provider_user_states'] = pipeline.get_provider_user_states(user)
return render_to_response('student_profile/index.html', context)
def get(self, request, username):
"""Create, read, or update enrollment information for a user.
HTTP Endpoint for all CRUD operations for a user course enrollment. Allows creation, reading, and
updates of the current enrollment for a particular course.
Args:
request (Request): The HTTP GET request
username (str): Fetch the list of providers linked to this user
Return:
JSON serialized list of the providers linked to this user.
"""
is_unprivileged = self.is_unprivileged_query(request, username)
if is_unprivileged:
if not getattr(settings, 'ALLOW_UNPRIVILEGED_SSO_PROVIDER_QUERY', False):
return Response(status=status.HTTP_403_FORBIDDEN)
try:
if '@' in username:
user = User.objects.get(email=username)
else:
user = User.objects.get(username=username)
except User.DoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
providers = pipeline.get_provider_user_states(user)
active_providers = [
self.get_provider_data(assoc, is_unprivileged)
for assoc in providers if assoc.has_account
]
# In the future this can be trivially modified to return the inactive/disconnected providers as well.
return Response({
"active": active_providers,
"account_active": user.is_active,
})
def get(self, request):
"""
GET /api/third_party_auth/v0/providers/user_status/
**GET Response Values**
{
"accepts_logins": true,
"name": "Google",
"disconnect_url": "/auth/disconnect/google-oauth2/?",
"connect_url": "/auth/login/google-oauth2/?auth_entry=account_settings&next=%2Faccount%2Fsettings",
"connected": false,
"id": "oa2-google-oauth2"
}
"""
tpa_states = []
for state in pipeline.get_provider_user_states(request.user):
# We only want to include providers if they are either currently available to be logged
# in with, or if the user is already authenticated with them.
if state.provider.display_for_login or state.has_account:
tpa_states.append({
'id': state.provider.provider_id,
'name': state.provider.name, # The name of the provider e.g. Facebook
'connected': state.has_account, # Whether the user's edX account is connected with the provider.
# If the user is not connected, they should be directed to this page to authenticate
# with the particular provider, as long as the provider supports initiating a login.
'connect_url': pipeline.get_login_url(
state.provider.provider_id,
pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS,
# The url the user should be directed to after the auth process has completed.
redirect_url=reverse('account_settings'),
),
'accepts_logins': state.provider.accepts_logins,
# If the user is connected, sending a POST request to this url removes the connection
# information for this provider from their edX account.
'disconnect_url': pipeline.get_disconnect_url(state.provider.provider_id, state.association_id),
})
return Response(tpa_states)
def get(self, request, username):
"""Create, read, or update enrollment information for a user.
HTTP Endpoint for all CRUD operations for a user course enrollment. Allows creation, reading, and
updates of the current enrollment for a particular course.
Args:
request (Request): The HTTP GET request
username (str): Fetch the list of providers linked to this user
Return:
JSON serialized list of the providers linked to this user.
"""
is_unprivileged = self.is_unprivileged_query(request, username)
if is_unprivileged:
if not getattr(settings, 'ALLOW_UNPRIVILEGED_SSO_PROVIDER_QUERY', False):
return Response(status=status.HTTP_403_FORBIDDEN)
try:
if '@' in username:
user = User.objects.get(email=username)
else:
user = User.objects.get(username=username)
except User.DoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
providers = pipeline.get_provider_user_states(user)
active_providers = [
self.get_provider_data(assoc, is_unprivileged)
for assoc in providers if assoc.has_account
]
# In the future this can be trivially modified to return the inactive/disconnected providers as well.
return Response({
"active": active_providers
})
def index(request):
"""Render the profile info page.
Args:
request (HttpRequest)
Returns:
HttpResponse: 200 if successful
HttpResponse: 302 if not logged in (redirect to login page)
HttpResponse: 405 if using an unsupported HTTP method
Example usage:
GET /profile
"""
user = request.user
return render_to_response(
'student_profile/index.html', {
'disable_courseware_js': True,
'provider_user_states': pipeline.get_provider_user_states(user),
}
)
def index(request):
"""Render the profile info page.
Args:
request (HttpRequest)
Returns:
HttpResponse: 200 if successful
HttpResponse: 302 if not logged in (redirect to login page)
HttpResponse: 405 if using an unsupported HTTP method
Example:
GET /profile
"""
user = request.user
released_languages = language_api.released_languages()
preferred_language_code = profile_api.preference_info(
user.username).get(LANGUAGE_KEY)
preferred_language = language_api.preferred_language(
preferred_language_code)
context = {
'disable_courseware_js': True,
'released_languages': released_languages,
'preferred_language': preferred_language,
}
if settings.FEATURES.get('ENABLE_THIRD_PARTY_AUTH'):
context['provider_user_states'] = pipeline.get_provider_user_states(
user)
return render_to_response('student_profile/index.html', context)
def test_states_for_enabled_providers_user_has_no_account_associated_with(self):
# Enable two providers - Google and LinkedIn:
google_provider = self.configure_google_provider(enabled=True)
linkedin_provider = self.configure_linkedin_provider(enabled=True)
self.assertEqual(len(provider.Registry.enabled()), 2)
states = pipeline.get_provider_user_states(self.user)
self.assertEqual([], [x for x in social_models.DjangoStorage.user.objects.all()])
self.assertEqual(2, len(states))
google_state = [state for state in states if state.provider.provider_id == google_provider.provider_id][0]
linkedin_state = [state for state in states if state.provider.provider_id == linkedin_provider.provider_id][0]
self.assertFalse(google_state.has_account)
self.assertEqual(google_provider.provider_id, google_state.provider.provider_id)
# Also check the row ID. Note this 'id' changes whenever the configuration does:
self.assertEqual(google_provider.id, google_state.provider.id)
self.assertEqual(self.user, google_state.user)
self.assertFalse(linkedin_state.has_account)
self.assertEqual(linkedin_provider.provider_id, linkedin_state.provider.provider_id)
self.assertEqual(linkedin_provider.id, linkedin_state.provider.id)
self.assertEqual(self.user, linkedin_state.user)
def account_settings_context(request):
""" Context for the account settings page.
Args:
request: The request object.
Returns:
dict
"""
user = request.user
year_of_birth_options = [(unicode(year), unicode(year)) for year in UserProfile.VALID_YEARS]
context = {
"auth": {},
"duplicate_provider": None,
"fields": {
"country": {"options": list(countries)},
"gender": {
"options": [
(choice[0], _(choice[1])) for choice in UserProfile.GENDER_CHOICES
] # pylint: disable=translation-of-non-string
},
"language": {"options": released_languages()},
"level_of_education": {
"options": [
(choice[0], _(choice[1])) for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES
] # pylint: disable=translation-of-non-string
},
"password": {"url": reverse("password_reset")},
"year_of_birth": {"options": year_of_birth_options},
"preferred_language": {"options": settings.ALL_LANGUAGES},
},
"platform_name": settings.PLATFORM_NAME,
"user_accounts_api_url": reverse("accounts_api", kwargs={"username": user.username}),
"user_preferences_api_url": reverse("preferences_api", kwargs={"username": user.username}),
"disable_courseware_js": True,
}
if third_party_auth.is_enabled():
# If the account on the third party provider is already connected with another edX account,
# we display a message to the user.
context["duplicate_provider"] = pipeline.get_duplicate_provider(messages.get_messages(request))
auth_states = pipeline.get_provider_user_states(user)
context["auth"]["providers"] = [
{
"id": state.provider.provider_id,
"name": state.provider.name, # The name of the provider e.g. Facebook
"connected": state.has_account, # Whether the user's edX account is connected with the provider.
# If the user is not connected, they should be directed to this page to authenticate
# with the particular provider, as long as the provider supports initiating a login.
"connect_url": pipeline.get_login_url(
state.provider.provider_id,
pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS,
# The url the user should be directed to after the auth process has completed.
redirect_url=reverse("account_settings"),
),
"accepts_logins": state.provider.accepts_logins,
# If the user is connected, sending a POST request to this url removes the connection
# information for this provider from their edX account.
"disconnect_url": pipeline.get_disconnect_url(state.provider.provider_id, state.association_id),
}
for state in auth_states
]
return context
def test_returns_empty_list_if_no_enabled_providers(self):
self.assertFalse(provider.Registry.enabled())
self.assertEqual([], pipeline.get_provider_user_states(self.user))
def account_settings_context(request):
""" Context for the account settings page.
Args:
request: The request object.
Returns:
dict
"""
user = request.user
year_of_birth_options = [(unicode(year), unicode(year)) for year in UserProfile.VALID_YEARS]
try:
user_orders = get_user_orders(user)
except: # pylint: disable=bare-except
log.exception('Error fetching order history from Otto.')
# Return empty order list as account settings page expect a list and
# it will be broken if exception raised
user_orders = []
beta_language = {}
dark_lang_config = DarkLangConfig.current()
if dark_lang_config.enable_beta_languages:
user_preferences = get_user_preferences(user)
pref_language = user_preferences.get('pref-lang')
if pref_language in dark_lang_config.beta_languages_list:
beta_language['code'] = pref_language
beta_language['name'] = settings.LANGUAGE_DICT.get(pref_language)
context = {
'auth': {},
'duplicate_provider': None,
'nav_hidden': True,
'fields': {
'country': {
'options': list(countries),
}, 'gender': {
'options': [(choice[0], _(choice[1])) for choice in UserProfile.GENDER_CHOICES],
}, 'language': {
'options': released_languages(),
}, 'level_of_education': {
'options': [(choice[0], _(choice[1])) for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES],
}, 'password': {
'url': reverse('password_reset'),
}, 'year_of_birth': {
'options': year_of_birth_options,
}, 'preferred_language': {
'options': all_languages(),
}, 'time_zone': {
'options': TIME_ZONE_CHOICES,
}
},
'platform_name': configuration_helpers.get_value('PLATFORM_NAME', settings.PLATFORM_NAME),
'password_reset_support_link': configuration_helpers.get_value(
'PASSWORD_RESET_SUPPORT_LINK', settings.PASSWORD_RESET_SUPPORT_LINK
) or settings.SUPPORT_SITE_LINK,
'user_accounts_api_url': reverse("accounts_api", kwargs={'username': user.username}),
'user_preferences_api_url': reverse('preferences_api', kwargs={'username': user.username}),
'disable_courseware_js': True,
'show_program_listing': ProgramsApiConfig.is_enabled(),
'show_dashboard_tabs': True,
'order_history': user_orders,
'disable_order_history_tab': should_redirect_to_order_history_microfrontend(),
'enable_account_deletion': configuration_helpers.get_value(
'ENABLE_ACCOUNT_DELETION', settings.FEATURES.get('ENABLE_ACCOUNT_DELETION', False)
),
'extended_profile_fields': _get_extended_profile_fields(),
'beta_language': beta_language,
}
enterprise_customer = get_enterprise_customer_for_learner(user=request.user)
update_account_settings_context_for_enterprise(context, enterprise_customer)
if third_party_auth.is_enabled():
# If the account on the third party provider is already connected with another edX account,
# we display a message to the user.
context['duplicate_provider'] = pipeline.get_duplicate_provider(messages.get_messages(request))
auth_states = pipeline.get_provider_user_states(user)
context['auth']['providers'] = [{
'id': state.provider.provider_id,
'name': state.provider.name, # The name of the provider e.g. Facebook
'connected': state.has_account, # Whether the user's edX account is connected with the provider.
# If the user is not connected, they should be directed to this page to authenticate
# with the particular provider, as long as the provider supports initiating a login.
'connect_url': pipeline.get_login_url(
state.provider.provider_id,
pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS,
# The url the user should be directed to after the auth process has completed.
redirect_url=reverse('account_settings'),
),
'accepts_logins': state.provider.accepts_logins,
# If the user is connected, sending a POST request to this url removes the connection
# information for this provider from their edX account.
'disconnect_url': pipeline.get_disconnect_url(state.provider.provider_id, state.association_id),
# We only want to include providers if they are either currently available to be logged
# in with, or if the user is already authenticated with them.
} for state in auth_states if state.provider.display_for_login or state.has_account]
return context
def account_settings_context(request):
""" Context for the account settings page.
Args:
request: The request object.
Returns:
dict
"""
user = request.user
year_of_birth_options = [(unicode(year), unicode(year))
for year in UserProfile.VALID_YEARS]
comuni_options = (("0", "Ninguna"), ("1", "Andalucía"), ("2", "Aragón"),
("3", "Asturias"), ("4", "Baleares"), ("5", "Canarias"),
("6", "Cantabria"), ("7", "Castilla y León"),
("8", "Castilla - La Mancha"), ("9", "Cataluña"),
("10", "Extremadura"), ("11", "Galicia"),
("12", "Madrid"), ("13", "Murcia"), ("14", "Navarra"),
("15", "País Vasco"), ("16", "La Rioja"),
("17", "Valencia"), ("18", "Ceuta"), ("19", "Melilla"))
esdoce_options = (("1", _("Yes")), ("2", _("No")))
camp2_options = (("0", "--"), ("1",
pgettext("Educational institution",
"State")), ("2", _("Subsidized")),
("3", _("Private")))
context = {
'auth': {},
'duplicate_provider':
None,
'fields': {
'country': {
'options': list(countries),
},
'gender': {
'options': [(choice[0], _(choice[1]))
for choice in UserProfile.GENDER_CHOICES], # pylint: disable=translation-of-non-string
},
'language': {
'options': released_languages(),
},
'level_of_education': {
'options':
[(choice[0], _(choice[1]))
for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES], # pylint: disable=translation-of-non-string
},
'password': {
'url': reverse('password_reset'),
},
'year_of_birth': {
'options': year_of_birth_options,
},
'preferred_language': {
'options': settings.ALL_LANGUAGES,
},
'comuni': {
'options': comuni_options,
},
'esdoce': {
'options': esdoce_options,
},
'camp2': {
'options': camp2_options,
}
},
'platform_name':
settings.PLATFORM_NAME,
'user_accounts_api_url':
reverse("accounts_api", kwargs={'username': user.username}),
'user_preferences_api_url':
reverse('preferences_api', kwargs={'username': user.username}),
'disable_courseware_js':
True,
}
if third_party_auth.is_enabled():
# If the account on the third party provider is already connected with another edX account,
# we display a message to the user.
context['duplicate_provider'] = pipeline.get_duplicate_provider(
messages.get_messages(request))
auth_states = pipeline.get_provider_user_states(user)
context['auth']['providers'] = [
{
'id':
state.provider.provider_id,
'name':
state.provider.name, # The name of the provider e.g. Facebook
'connected':
state.
has_account, # Whether the user's edX account is connected with the provider.
# If the user is not connected, they should be directed to this page to authenticate
# with the particular provider, as long as the provider supports initiating a login.
'connect_url':
pipeline.get_login_url(
state.provider.provider_id,
pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS,
# The url the user should be directed to after the auth process has completed.
redirect_url=reverse('account_settings'),
),
'accepts_logins':
state.provider.accepts_logins,
# If the user is connected, sending a POST request to this url removes the connection
# information for this provider from their edX account.
'disconnect_url':
pipeline.get_disconnect_url(state.provider.provider_id,
state.association_id),
} for state in auth_states
]
return context
def account_settings_context(request):
""" Context for the account settings page.
Args:
request: The request object.
Returns:
dict
"""
user = request.user
year_of_birth_options = [(unicode(year), unicode(year)) for year in UserProfile.VALID_YEARS]
context = {
'auth': {},
'duplicate_provider': None,
'fields': {
'country': {
'options': list(countries),
}, 'gender': {
'options': [(choice[0], _(choice[1])) for choice in UserProfile.GENDER_CHOICES], # pylint: disable=translation-of-non-string
}, 'language': {
'options': released_languages(),
}, 'level_of_education': {
'options': [(choice[0], _(choice[1])) for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES], # pylint: disable=translation-of-non-string
}, 'password': {
'url': reverse('password_reset'),
}, 'year_of_birth': {
'options': year_of_birth_options,
}, 'preferred_language': {
'options': settings.ALL_LANGUAGES,
}
},
'platform_name': settings.PLATFORM_NAME,
'user_accounts_api_url': reverse("accounts_api", kwargs={'username': user.username}),
'user_preferences_api_url': reverse('preferences_api', kwargs={'username': user.username}),
'disable_courseware_js': True,
}
if third_party_auth.is_enabled():
# If the account on the third party provider is already connected with another edX account,
# we display a message to the user.
context['duplicate_provider'] = pipeline.get_duplicate_provider(messages.get_messages(request))
auth_states = pipeline.get_provider_user_states(user)
context['auth']['providers'] = [{
'id': state.provider.provider_id,
'name': state.provider.name, # The name of the provider e.g. Facebook
'connected': state.has_account, # Whether the user's edX account is connected with the provider.
# If the user is not connected, they should be directed to this page to authenticate
# with the particular provider.
'connect_url': pipeline.get_login_url(
state.provider.provider_id,
pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS,
# The url the user should be directed to after the auth process has completed.
redirect_url=reverse('account_settings'),
),
# If the user is connected, sending a POST request to this url removes the connection
# information for this provider from their edX account.
'disconnect_url': pipeline.get_disconnect_url(state.provider.provider_id, state.association_id),
} for state in auth_states]
return context
def account_settings_context(request):
""" Context for the account settings page.
Args:
request: The request object.
Returns:
dict
"""
user = request.user
country_options = [
(country_code, _(country_name)) # pylint: disable=translation-of-non-string
for country_code, country_name in sorted(countries.countries, key=lambda (__, name): unicode(name))
]
year_of_birth_options = [(unicode(year), unicode(year)) for year in UserProfile.VALID_YEARS]
context = {
"auth": {},
"duplicate_provider": None,
"fields": {
"country": {"options": country_options},
"gender": {
"options": [
(choice[0], _(choice[1])) for choice in UserProfile.GENDER_CHOICES
] # pylint: disable=translation-of-non-string
},
"language": {"options": released_languages()},
"level_of_education": {
"options": [
(choice[0], _(choice[1])) for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES
] # pylint: disable=translation-of-non-string
},
"password": {"url": reverse("password_reset")},
"year_of_birth": {"options": year_of_birth_options},
"preferred_language": {"options": settings.ALL_LANGUAGES},
},
"platform_name": settings.PLATFORM_NAME,
"user_accounts_api_url": reverse("accounts_api", kwargs={"username": user.username}),
"user_preferences_api_url": reverse("preferences_api", kwargs={"username": user.username}),
}
if third_party_auth.is_enabled():
# If the account on the third party provider is already connected with another edX account,
# we display a message to the user.
context["duplicate_provider"] = pipeline.get_duplicate_provider(messages.get_messages(request))
auth_states = pipeline.get_provider_user_states(user)
context["auth"]["providers"] = [
{
"name": state.provider.NAME, # The name of the provider e.g. Facebook
"connected": state.has_account, # Whether the user's edX account is connected with the provider.
# If the user is not connected, they should be directed to this page to authenticate
# with the particular provider.
"connect_url": pipeline.get_login_url(
state.provider.NAME,
pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS,
# The url the user should be directed to after the auth process has completed.
redirect_url=reverse("account_settings"),
),
# If the user is connected, sending a POST request to this url removes the connection
# information for this provider from their edX account.
"disconnect_url": pipeline.get_disconnect_url(state.provider.NAME),
}
for state in auth_states
]
try:
external_auth_map = ExternalAuthMap.objects.get(user=user)
except:
external_auth_map = None
context["is_shib_auth"] = "shib" in external_auth_map.external_domain if external_auth_map else False
return context
def test_returns_empty_list_if_no_enabled_providers(self):
provider.Registry.configure_once([])
self.assertEquals([], pipeline.get_provider_user_states(self.user))
def account_settings_context(request):
""" Context for the account settings page.
Args:
request: The request object.
Returns:
dict
"""
user = request.user
year_of_birth_options = [(unicode(year), unicode(year))
for year in UserProfile.VALID_YEARS]
context = {
'auth': {},
'duplicate_provider':
None,
'fields': {
'country': {
'options': list(countries),
},
'gender': {
'options': [(choice[0], _(choice[1]))
for choice in UserProfile.GENDER_CHOICES], # pylint: disable=translation-of-non-string
},
'language': {
'options': released_languages(),
},
'level_of_education': {
'options':
[(choice[0], _(choice[1]))
for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES], # pylint: disable=translation-of-non-string
},
'password': {
'url': reverse('password_reset'),
},
'year_of_birth': {
'options': year_of_birth_options,
},
'preferred_language': {
'options': settings.ALL_LANGUAGES,
}
},
'platform_name':
settings.PLATFORM_NAME,
'user_accounts_api_url':
reverse("accounts_api", kwargs={'username': user.username}),
'user_preferences_api_url':
reverse('preferences_api', kwargs={'username': user.username}),
}
if third_party_auth.is_enabled():
# If the account on the third party provider is already connected with another edX account,
# we display a message to the user.
context['duplicate_provider'] = pipeline.get_duplicate_provider(
messages.get_messages(request))
auth_states = pipeline.get_provider_user_states(user)
context['auth']['providers'] = [
{
'id':
state.provider.provider_id,
'name':
state.provider.name, # The name of the provider e.g. Facebook
'connected':
state.
has_account, # Whether the user's edX account is connected with the provider.
# If the user is not connected, they should be directed to this page to authenticate
# with the particular provider.
'connect_url':
pipeline.get_login_url(
state.provider.provider_id,
pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS,
# The url the user should be directed to after the auth process has completed.
redirect_url=reverse('account_settings'),
),
# If the user is connected, sending a POST request to this url removes the connection
# information for this provider from their edX account.
'disconnect_url':
pipeline.get_disconnect_url(state.provider.provider_id,
state.association_id),
} for state in auth_states
]
return context
def account_settings_context(request):
""" Context for the account settings page.
Args:
request: The request object.
Returns:
dict
"""
user = request.user
year_of_birth_options = [(unicode(year), unicode(year))
for year in UserProfile.VALID_YEARS]
try:
user_orders = get_user_orders(user)
except: # pylint: disable=bare-except
log.exception('Error fetching order history from Otto.')
# Return empty order list as account settings page expect a list and
# it will be broken if exception raised
user_orders = []
context = {
'auth': {},
'duplicate_provider':
None,
'fields': {
'country': {
'options': list(countries),
},
'gender': {
'options': [(choice[0], _(choice[1]))
for choice in UserProfile.GENDER_CHOICES], # pylint: disable=translation-of-non-string
},
'language': {
'options': released_languages(),
},
'level_of_education': {
'options':
[(choice[0], _(choice[1]))
for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES], # pylint: disable=translation-of-non-string
},
'password': {
'url': reverse('password_reset'),
},
'year_of_birth': {
'options': year_of_birth_options,
},
'preferred_language': {
'options': all_languages(),
}
},
'platform_name':
get_themed_value('PLATFORM_NAME', settings.PLATFORM_NAME),
'user_accounts_api_url':
reverse("accounts_api", kwargs={'username': user.username}),
'user_preferences_api_url':
reverse('preferences_api', kwargs={'username': user.username}),
'disable_courseware_js':
True,
'show_program_listing':
ProgramsApiConfig.current().show_program_listing,
'order_history':
user_orders
}
if third_party_auth.is_enabled():
# If the account on the third party provider is already connected with another edX account,
# we display a message to the user.
context['duplicate_provider'] = pipeline.get_duplicate_provider(
messages.get_messages(request))
auth_states = pipeline.get_provider_user_states(user)
context['auth']['providers'] = [
{
'id':
state.provider.provider_id,
'name':
state.provider.name, # The name of the provider e.g. Facebook
'connected':
state.
has_account, # Whether the user's edX account is connected with the provider.
# If the user is not connected, they should be directed to this page to authenticate
# with the particular provider, as long as the provider supports initiating a login.
'connect_url':
pipeline.get_login_url(
state.provider.provider_id,
pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS,
# The url the user should be directed to after the auth process has completed.
redirect_url=reverse('account_settings'),
),
'accepts_logins':
state.provider.accepts_logins,
# If the user is connected, sending a POST request to this url removes the connection
# information for this provider from their edX account.
'disconnect_url':
pipeline.get_disconnect_url(state.provider.provider_id,
state.association_id),
} for state in auth_states
]
return context
def account_settings_context(request):
""" Context for the account settings page.
Args:
request: The request object.
Returns:
dict
"""
user = request.user
year_of_birth_options = [(unicode(year), unicode(year))
for year in UserProfile.VALID_YEARS]
try:
user_orders = get_user_orders(user)
except: # pylint: disable=bare-except
log.exception('Error fetching order history from Otto.')
# Return empty order list as account settings page expect a list and
# it will be broken if exception raised
user_orders = []
context = {
'auth': {},
'duplicate_provider':
None,
'nav_hidden':
True,
'fields': {
'country': {
'options': list(countries),
},
'gender': {
'options': [(choice[0], _(choice[1]))
for choice in UserProfile.GENDER_CHOICES], # pylint: disable=translation-of-non-string
},
'language': {
'options': released_languages(),
},
'level_of_education': {
'options':
[(choice[0], _(choice[1]))
for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES], # pylint: disable=translation-of-non-string
},
'password': {
'url': reverse('password_reset'),
},
'year_of_birth': {
'options': year_of_birth_options,
},
'preferred_language': {
'options': all_languages(),
},
'time_zone': {
'options': TIME_ZONE_CHOICES,
}
},
'platform_name':
configuration_helpers.get_value('PLATFORM_NAME',
settings.PLATFORM_NAME),
'password_reset_support_link':
configuration_helpers.get_value('PASSWORD_RESET_SUPPORT_LINK',
settings.PASSWORD_RESET_SUPPORT_LINK)
or settings.SUPPORT_SITE_LINK,
'user_accounts_api_url':
reverse("accounts_api", kwargs={'username': user.username}),
'user_preferences_api_url':
reverse('preferences_api', kwargs={'username': user.username}),
'disable_courseware_js':
True,
'show_program_listing':
ProgramsApiConfig.is_enabled(),
'show_dashboard_tabs':
True,
'order_history':
user_orders,
'enable_account_deletion':
configuration_helpers.get_value(
'ENABLE_ACCOUNT_DELETION',
settings.FEATURES.get('ENABLE_ACCOUNT_DELETION', False)),
'extended_profile_fields':
_get_extended_profile_fields(),
}
enterprise_customer = get_enterprise_customer_for_learner(
site=request.site, user=request.user)
update_account_settings_context_for_enterprise(context,
enterprise_customer)
if third_party_auth.is_enabled():
# If the account on the third party provider is already connected with another edX account,
# we display a message to the user.
context['duplicate_provider'] = pipeline.get_duplicate_provider(
messages.get_messages(request))
auth_states = pipeline.get_provider_user_states(user)
context['auth']['providers'] = [
{
'id':
state.provider.provider_id,
'name':
state.provider.name, # The name of the provider e.g. Facebook
'connected':
state.
has_account, # Whether the user's edX account is connected with the provider.
# If the user is not connected, they should be directed to this page to authenticate
# with the particular provider, as long as the provider supports initiating a login.
'connect_url':
pipeline.get_login_url(
state.provider.provider_id,
pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS,
# The url the user should be directed to after the auth process has completed.
redirect_url=reverse('account_settings'),
),
'accepts_logins':
state.provider.accepts_logins,
# If the user is connected, sending a POST request to this url removes the connection
# information for this provider from their edX account.
'disconnect_url':
pipeline.get_disconnect_url(state.provider.provider_id,
state.association_id),
# We only want to include providers if they are either currently available to be logged
# in with, or if the user is already authenticated with them.
} for state in auth_states
if state.provider.display_for_login or state.has_account
]
return context
def test_returns_empty_list_if_no_enabled_providers(self):
self.assertFalse(provider.Registry.enabled())
self.assertEquals([], pipeline.get_provider_user_states(self.user))
def account_settings_context(request):
""" Context for the account settings page.
Args:
request: The request object.
Returns:
dict
"""
user = request.user
year_of_birth_options = [(unicode(year), unicode(year)) for year in UserProfile.VALID_YEARS]
try:
user_orders = get_user_orders(user)
except: # pylint: disable=bare-except
log.exception('Error fetching order history from Otto.')
# Return empty order list as account settings page expect a list and
# it will be broken if exception raised
user_orders = []
context = {
'auth': {},
'duplicate_provider': None,
'fields': {
'country': {
'options': list(countries),
}, 'gender': {
'options': [(choice[0], _(choice[1])) for choice in UserProfile.GENDER_CHOICES], # pylint: disable=translation-of-non-string
}, 'language': {
'options': released_languages(),
}, 'level_of_education': {
'options': [(choice[0], _(choice[1])) for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES], # pylint: disable=translation-of-non-string
}, 'password': {
'url': reverse('password_reset'),
}, 'year_of_birth': {
'options': year_of_birth_options,
}, 'preferred_language': {
'options': all_languages(),
}, 'time_zone': {
'options': UserPreference.TIME_ZONE_CHOICES,
'enabled': settings.FEATURES.get('ENABLE_TIME_ZONE_PREFERENCE'),
}
},
'platform_name': get_themed_value('PLATFORM_NAME', settings.PLATFORM_NAME),
'user_accounts_api_url': reverse("accounts_api", kwargs={'username': user.username}),
'user_preferences_api_url': reverse('preferences_api', kwargs={'username': user.username}),
'disable_courseware_js': True,
'show_program_listing': ProgramsApiConfig.current().show_program_listing,
'order_history': user_orders
}
if third_party_auth.is_enabled():
# If the account on the third party provider is already connected with another edX account,
# we display a message to the user.
context['duplicate_provider'] = pipeline.get_duplicate_provider(messages.get_messages(request))
auth_states = pipeline.get_provider_user_states(user)
context['auth']['providers'] = [{
'id': state.provider.provider_id,
'name': state.provider.name, # The name of the provider e.g. Facebook
'connected': state.has_account, # Whether the user's edX account is connected with the provider.
# If the user is not connected, they should be directed to this page to authenticate
# with the particular provider, as long as the provider supports initiating a login.
'connect_url': pipeline.get_login_url(
state.provider.provider_id,
pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS,
# The url the user should be directed to after the auth process has completed.
redirect_url=reverse('account_settings'),
),
'accepts_logins': state.provider.accepts_logins,
# If the user is connected, sending a POST request to this url removes the connection
# information for this provider from their edX account.
'disconnect_url': pipeline.get_disconnect_url(state.provider.provider_id, state.association_id),
} for state in auth_states]
return context
def account_settings_context(request):
""" Context for the account settings page.
Args:
request: The request object.
Returns:
dict
"""
user = request.user
year_of_birth_options = [(unicode(year), unicode(year)) for year in UserProfile.VALID_YEARS]
try:
user_orders = get_user_orders(user)
except: # pylint: disable=bare-except
log.exception("Error fetching order history from Otto.")
# Return empty order list as account settings page expect a list and
# it will be broken if exception raised
user_orders = []
context = {
"auth": {},
"duplicate_provider": None,
"fields": {
"country": {"options": list(countries)},
"gender": {
"options": [
(choice[0], _(choice[1])) for choice in UserProfile.GENDER_CHOICES
] # pylint: disable=translation-of-non-string
},
"language": {"options": released_languages()},
"level_of_education": {
"options": [
(choice[0], _(choice[1])) for choice in UserProfile.LEVEL_OF_EDUCATION_CHOICES
] # pylint: disable=translation-of-non-string
},
"password": {"url": reverse("password_reset")},
"year_of_birth": {"options": year_of_birth_options},
"preferred_language": {"options": all_languages()},
"time_zone": {
"options": TIME_ZONE_CHOICES,
"enabled": settings.FEATURES.get("ENABLE_TIME_ZONE_PREFERENCE"),
},
},
"platform_name": get_themed_value("PLATFORM_NAME", settings.PLATFORM_NAME),
"user_accounts_api_url": reverse("accounts_api", kwargs={"username": user.username}),
"user_preferences_api_url": reverse("preferences_api", kwargs={"username": user.username}),
"disable_courseware_js": True,
"show_program_listing": ProgramsApiConfig.current().show_program_listing,
"order_history": user_orders,
}
if third_party_auth.is_enabled():
# If the account on the third party provider is already connected with another edX account,
# we display a message to the user.
context["duplicate_provider"] = pipeline.get_duplicate_provider(messages.get_messages(request))
auth_states = pipeline.get_provider_user_states(user)
context["auth"]["providers"] = [
{
"id": state.provider.provider_id,
"name": state.provider.name, # The name of the provider e.g. Facebook
"connected": state.has_account, # Whether the user's edX account is connected with the provider.
# If the user is not connected, they should be directed to this page to authenticate
# with the particular provider, as long as the provider supports initiating a login.
"connect_url": pipeline.get_login_url(
state.provider.provider_id,
pipeline.AUTH_ENTRY_ACCOUNT_SETTINGS,
# The url the user should be directed to after the auth process has completed.
redirect_url=reverse("account_settings"),
),
"accepts_logins": state.provider.accepts_logins,
# If the user is connected, sending a POST request to this url removes the connection
# information for this provider from their edX account.
"disconnect_url": pipeline.get_disconnect_url(state.provider.provider_id, state.association_id),
}
for state in auth_states
]
return context
