class ArchiveTarget(ObjectIDMixin, BaseModel):
"""Stores the results of archiving a single addon
"""
# TODO DELETE ME POST MIGRATION
modm_model_path = 'website.archiver.model.ArchiveTarget'
modm_query = None
# /TODO DELETE ME POST MIGRATION
# addon_short_name of target addon
name = models.CharField(max_length=2048)
status = models.CharField(max_length=40, default=ARCHIVER_INITIATED)
# <dict> representation of a website.archiver.AggregateStatResult
# Format: {
# 'target_id': <str>,
# 'target_name': <str>,
# 'targets': <list>(StatResult | AggregateStatResult),
# 'num_files': <int>,
# 'disk_usage': <float>,
# }
stat_result = DateTimeAwareJSONField(blank=True)
errors = ArrayField(models.TextField(), default=list, blank=True)
def __repr__(self):
return '<{0}(_id={1}, name={2}, status={3})>'.format(
self.__class__.__name__, self._id, self.name, self.status)
class MailRecord(ObjectIDMixin, BaseModel):
# TODO DELETE ME POST MIGRATION
modm_model_path = 'website.conferences.model.MailRecord'
modm_query = None
# /TODO DELETE ME POST MIGRATION
data = DateTimeAwareJSONField()
nodes_created = models.ManyToManyField('Node')
users_created = models.ManyToManyField('OSFUser')
@classmethod
def migrate_from_modm(cls, modm_obj):
cmp = re.compile(ur'\\+u0000')
modm_obj.data = json.loads(re.sub(cmp, '', json.dumps(modm_obj.data)))
return super(MailRecord, cls).migrate_from_modm(modm_obj)
class Session(ObjectIDMixin, BaseModel):
# TODO DELETE ME POST MIGRATION
modm_model_path = 'framework.sessions.model.Session'
modm_query = None
migration_page_size = 30000
# /TODO DELETE ME POST MIGRATION
date_created = models.DateTimeField(auto_now_add=True)
date_modified = models.DateTimeField(auto_now=True)
data = DateTimeAwareJSONField(default=dict, blank=True)
@property
def is_authenticated(self):
return 'auth_user_id' in self.data
@property
def is_external_first_login(self):
return 'auth_user_external_first_login' in self.data
class MetaSchema(ObjectIDMixin, BaseModel):
# TODO DELETE ME POST MIGRATION
modm_model_path = 'website.project.model.MetaSchema'
modm_query = None
# /TODO DELETE ME POST MIGRATION
name = models.CharField(max_length=255)
schema = DateTimeAwareJSONField(default=dict)
category = models.CharField(max_length=255, null=True, blank=True)
# Version of the schema to use (e.g. if questions, responses change)
schema_version = models.IntegerField()
class Meta:
unique_together = ('name', 'schema_version', 'guid')
@property
def _config(self):
return self.schema.get('config', {})
@property
def requires_approval(self):
return self._config.get('requiresApproval', False)
@property
def fulfills(self):
return self._config.get('fulfills', [])
@property
def messages(self):
return self._config.get('messages', {})
@property
def requires_consent(self):
return self._config.get('requiresConsent', False)
@property
def has_files(self):
return self._config.get('hasFiles', False)
@classmethod
def get_prereg_schema(cls):
return cls.get(name='Prereg Challenge', schema_version=2)
class Conference(ObjectIDMixin, BaseModel):
# TODO DELETE ME POST MIGRATION
modm_model_path = 'website.conferences.model.Conference'
modm_query = None
# /TODO DELETE ME POST MIGRATION
#: Determines the email address for submission and the OSF url
# Example: If endpoint is spsp2014, then submission email will be
# [email protected] or [email protected] and the OSF url will
# be osf.io/view/spsp2014
endpoint = models.CharField(max_length=255, unique=True, db_index=True)
#: Full name, e.g. "SPSP 2014"
name = models.CharField(max_length=255)
info_url = models.URLField(blank=True)
logo_url = models.URLField(blank=True)
location = models.CharField(max_length=2048, blank=True)
start_date = models.DateTimeField(blank=True, null=True)
end_date = models.DateTimeField(blank=True, null=True)
active = models.BooleanField()
admins = models.ManyToManyField('OSFUser')
#: Whether to make submitted projects public
public_projects = models.BooleanField(default=True)
poster = models.BooleanField(default=True)
talk = models.BooleanField(default=True)
# field_names are used to customize the text on the conference page, the categories
# of submissions, and the email adress to send material to.
field_names = DateTimeAwareJSONField(default=get_default_field_names)
# Cached number of submissions
num_submissions = models.IntegerField(default=0)
objects = ConferenceManager()
primary_identifier_name = 'object_id'
def __repr__(self):
return (
'<Conference(endpoint={self.endpoint!r}, active={self.active})>'.
format(self=self))
@classmethod
def get_by_endpoint(cls, endpoint, active):
return cls.objects.get_by_endpoint(endpoint, active)
class QueuedMail(ObjectIDMixin, BaseModel):
# TODO DELETE ME POST MIGRATION
modm_model_path = 'website.mails.queued_mails.QueuedMail'
modm_query = None
# /TODO DELETE ME POST MIGRATION
user = models.ForeignKey('OSFUser', db_index=True, null=True)
to_addr = models.CharField(max_length=255)
send_at = models.DateTimeField(db_index=True, null=False)
# string denoting the template, presend to be used. Has to be an index of queue_mail types
email_type = models.CharField(max_length=255, db_index=True, null=False)
# dictionary with variables used to populate mako template and store information used in presends
# Example:
# self.data = {
# 'nid' : 'ShIpTo',
# 'fullname': 'Florence Welch',
#}
data = DateTimeAwareJSONField(default=dict, blank=True)
sent_at = models.DateTimeField(db_index=True, null=True, blank=True)
def __repr__(self):
if self.sent_at is not None:
return '<QueuedMail {} of type {} sent to {} at {}>'.format(
self._id, self.email_type, self.to_addr, self.sent_at)
return '<QueuedMail {} of type {} to be sent to {} on {}>'.format(
self._id, self.email_type, self.to_addr, self.send_at)
def send_mail(self):
"""
Grabs the data from this email, checks for user subscription to help mails,
constructs the mail object and checks presend. Then attempts to send the email
through send_mail()
:return: boolean based on whether email was sent.
"""
mail_struct = queue_mail_types[self.email_type]
presend = mail_struct['presend'](self)
mail = Mail(mail_struct['template'],
subject=mail_struct['subject'],
categories=mail_struct.get('categories', None))
self.data['osf_url'] = osf_settings.DOMAIN
if presend and self.user.is_active and self.user.osf_mailing_lists.get(
osf_settings.OSF_HELP_LIST):
send_mail(self.to_addr or self.user.username,
mail,
mimetype='html',
**(self.data or {}))
self.sent_at = timezone.now()
self.save()
return True
else:
self.__class__.remove_one(self)
return False
def find_sent_of_same_type_and_user(self):
"""
Queries up for all emails of the same type as self, sent to the same user as self.
Does not look for queue-up emails.
:return: a list of those emails
"""
return self.__class__.find(
Q('email_type', 'eq', self.email_type) & Q('user', 'eq', self.user)
& Q('sent_at', 'ne', None))
class OSFUser(DirtyFieldsMixin, GuidMixin, BaseModel, AbstractBaseUser,
PermissionsMixin, AddonModelMixin):
# TODO DELETE ME POST MIGRATION
modm_model_path = 'framework.auth.core.User'
modm_query = None
# /TODO DELETE ME POST MIGRATION
USERNAME_FIELD = 'username'
# Node fields that trigger an update to the search engine on save
SEARCH_UPDATE_FIELDS = {
'fullname',
'given_name',
'middle_names',
'family_name',
'suffix',
'merged_by',
'date_disabled',
'date_confirmed',
'jobs',
'schools',
'social',
}
# TODO: Add SEARCH_UPDATE_NODE_FIELDS, for fields that should trigger a
# search update for all nodes to which the user is a contributor.
SOCIAL_FIELDS = {
'orcid': u'http://orcid.org/{}',
'github': u'http://github.com/{}',
'scholar': u'http://scholar.google.com/citations?user={}',
'twitter': u'http://twitter.com/{}',
'profileWebsites': [],
'linkedIn': u'https://www.linkedin.com/{}',
'impactStory': u'https://impactstory.org/{}',
'researcherId': u'http://researcherid.com/rid/{}',
'researchGate': u'https://researchgate.net/profile/{}',
'academiaInstitution': u'https://{}',
'academiaProfileID': u'.academia.edu/{}',
'baiduScholar': u'http://xueshu.baidu.com/scholarID/{}'
}
# The primary email address for the account.
# This value is unique, but multiple "None" records exist for:
# * unregistered contributors where an email address was not provided.
# TODO: Update mailchimp subscription on username change in user.save()
username = models.CharField(max_length=255, db_index=True, unique=True)
# Hashed. Use `User.set_password` and `User.check_password`
# password = models.CharField(max_length=255)
fullname = models.CharField(max_length=255, blank=True)
# user has taken action to register the account
is_registered = models.BooleanField(db_index=True, default=False)
# user has claimed the account
# TODO: This should be retired - it always reflects is_registered.
# While a few entries exist where this is not the case, they appear to be
# the result of a bug, as they were all created over a small time span.
is_claimed = models.BooleanField(default=False, db_index=True)
# a list of strings - for internal use
tags = models.ManyToManyField('Tag')
# security emails that have been sent
# TODO: This should be removed and/or merged with system_tags
security_messages = DateTimeAwareJSONField(default=dict, blank=True)
# Format: {
# <message label>: <datetime>
# ...
# }
# user was invited (as opposed to registered unprompted)
is_invited = models.BooleanField(default=False, db_index=True)
# Per-project unclaimed user data:
# TODO: add validation
unclaimed_records = DateTimeAwareJSONField(default=dict, blank=True)
# Format: {
# <project_id>: {
# 'name': <name that referrer provided>,
# 'referrer_id': <user ID of referrer>,
# 'token': <token used for verification urls>,
# 'email': <email the referrer provided or None>,
# 'claimer_email': <email the claimer entered or None>,
# 'last_sent': <timestamp of last email sent to referrer or None>
# }
# ...
# }
# Time of last sent notification email to newly added contributors
# Format : {
# <project_id>: {
# 'last_sent': time.time()
# }
# ...
# }
contributor_added_email_records = DateTimeAwareJSONField(default=dict,
blank=True)
# The user into which this account was merged
merged_by = models.ForeignKey('self',
null=True,
blank=True,
related_name='merger')
# verification key used for resetting password
verification_key = models.CharField(max_length=255, null=True, blank=True)
email_last_sent = models.DateTimeField(null=True, blank=True)
# confirmed emails
# emails should be stripped of whitespace and lower-cased before appending
# TODO: Add validator to ensure an email address only exists once across
# TODO: Change to m2m field per @sloria
# all User's email lists
emails = fields.ArrayField(models.CharField(max_length=255),
default=list,
blank=True)
# email verification tokens
# see also ``unconfirmed_emails``
email_verifications = DateTimeAwareJSONField(default=dict, blank=True)
# Format: {
# <token> : {'email': <email address>,
# 'expiration': <datetime>}
# }
# TODO remove this field once migration (scripts/migration/migrate_mailing_lists_to_mailchimp_fields.py)
# has been run. This field is deprecated and replaced with mailchimp_mailing_lists
mailing_lists = DateTimeAwareJSONField(default=dict, blank=True)
# email lists to which the user has chosen a subscription setting
mailchimp_mailing_lists = DateTimeAwareJSONField(default=dict, blank=True)
# Format: {
# 'list1': True,
# 'list2: False,
# ...
# }
# email lists to which the user has chosen a subscription setting,
# being sent from osf, rather than mailchimp
osf_mailing_lists = DateTimeAwareJSONField(
default=get_default_mailing_lists, blank=True)
# Format: {
# 'list1': True,
# 'list2: False,
# ...
# }
# the date this user was registered
date_registered = models.DateTimeField(
db_index=True,
default=timezone.now,
) # auto_now_add=True)
# watched nodes are stored via a list of WatchConfigs
# watched = fields.ForeignField("WatchConfig", list=True)
# watched = models.ManyToManyField(WatchConfig)
# list of collaborators that this user recently added to nodes as a contributor
# recently_added = fields.ForeignField("user", list=True)
recently_added = models.ManyToManyField('self',
through=RecentlyAddedContributor,
through_fields=('user',
'contributor'),
symmetrical=False)
# Attached external accounts (OAuth)
# external_accounts = fields.ForeignField("externalaccount", list=True)
external_accounts = models.ManyToManyField('ExternalAccount')
# CSL names
given_name = models.CharField(max_length=255, blank=True)
middle_names = models.CharField(max_length=255, blank=True)
family_name = models.CharField(max_length=255, blank=True)
suffix = models.CharField(max_length=255, blank=True)
# identity for user logged in through external idp
external_identity = DateTimeAwareJSONField(default=dict, blank=True)
# Format: {
# <external_id_provider>: {
# <external_id>: <status from ('VERIFIED, 'CREATE', 'LINK')>,
# ...
# },
# ...
# }
# Employment history
# jobs = fields.DictionaryField(list=True, validate=validate_history_item)
# TODO: Add validation
jobs = DateTimeAwareJSONField(default=list, blank=True)
# Format: list of {
# 'title': <position or job title>,
# 'institution': <institution or organization>,
# 'department': <department>,
# 'location': <location>,
# 'startMonth': <start month>,
# 'startYear': <start year>,
# 'endMonth': <end month>,
# 'endYear': <end year>,
# 'ongoing: <boolean>
# }
# Educational history
# schools = fields.DictionaryField(list=True, validate=validate_history_item)
# TODO: Add validation
schools = DateTimeAwareJSONField(default=list, blank=True)
# Format: list of {
# 'degree': <position or job title>,
# 'institution': <institution or organization>,
# 'department': <department>,
# 'location': <location>,
# 'startMonth': <start month>,
# 'startYear': <start year>,
# 'endMonth': <end month>,
# 'endYear': <end year>,
# 'ongoing: <boolean>
# }
# Social links
# social = fields.DictionaryField(validate=validate_social)
# TODO: Add validation
social = DateTimeAwareJSONField(default=dict,
blank=True,
validators=[validate_social])
# Format: {
# 'profileWebsites': <list of profile websites>
# 'twitter': <twitter id>,
# }
# hashed password used to authenticate to Piwik
piwik_token = models.CharField(max_length=255, blank=True)
# date the user last sent a request
date_last_login = models.DateTimeField(null=True, blank=True)
# date the user first successfully confirmed an email address
date_confirmed = models.DateTimeField(db_index=True, null=True, blank=True)
# When the user was disabled.
date_disabled = models.DateTimeField(db_index=True, null=True, blank=True)
# when comments were last viewed
comments_viewed_timestamp = DateTimeAwareJSONField(default=dict,
blank=True)
# Format: {
# 'Comment.root_target._id': 'timestamp',
# ...
# }
# timezone for user's locale (e.g. 'America/New_York')
timezone = models.CharField(default='Etc/UTC', max_length=255)
# user language and locale data (e.g. 'en_US')
locale = models.CharField(max_length=255, default='en_US')
# whether the user has requested to deactivate their account
requested_deactivation = models.BooleanField(default=False)
affiliated_institutions = models.ManyToManyField('Institution')
notifications_configured = DateTimeAwareJSONField(default=dict, blank=True)
watched = models.ManyToManyField('AbstractNode',
related_name='watches',
through=WatchConfig)
objects = OSFUserManager()
is_active = models.BooleanField(default=False)
is_staff = models.BooleanField(default=False)
@property
def deep_url(self):
"""Used for GUID resolution."""
return '/profile/{}/'.format(self._primary_key)
@property
def url(self):
return '/{}/'.format(self._id)
@property
def absolute_url(self):
config = apps.get_app_config('osf_models')
return urlparse.urljoin(config.domain, self.url)
@property
def api_url(self):
return '/api/v1/profile/{}/'.format(self._id)
@property
def profile_url(self):
return '/{}/'.format(self._id)
@property
def is_disabled(self):
return self.date_disabled is not None
@is_disabled.setter
def is_disabled(self, val):
"""Set whether or not this account has been disabled."""
if val and not self.date_disabled:
self.date_disabled = timezone.now()
elif val is False:
self.date_disabled = None
@property
def is_confirmed(self):
return bool(self.date_confirmed)
@property
def is_merged(self):
"""Whether or not this account has been merged into another account.
"""
return self.merged_by is not None
@property
def unconfirmed_emails(self):
# Handle when email_verifications field is None
email_verifications = self.email_verifications or {}
return [each['email'] for each in email_verifications.values()]
@property
def social_links(self):
social_user_fields = {}
for key, val in self.social.items():
if val and key in self.SOCIAL_FIELDS:
if not isinstance(val, basestring):
social_user_fields[key] = val
else:
social_user_fields[key] = self.SOCIAL_FIELDS[key].format(
val)
return social_user_fields
@property
def email(self):
return self.username
@property
def system_tags(self):
"""The system tags associated with this user. This currently returns a list of string
names for the tags, for compatibility with v1. Eventually, we can just return the
QuerySet.
"""
return self.tags.filter(system=True).values_list('name', flat=True)
@property
def csl_given_name(self):
parts = [self.given_name]
if self.middle_names:
parts.extend(each[0]
for each in re.split(r'\s+', self.middle_names))
return ' '.join(parts)
@property
def csl_name(self):
return {
'family': self.family_name,
'given': self.csl_given_name,
}
def set_unusable_username(self):
"""Sets username to an unusable value. Used for, e.g. for invited contributors
and merged users.
NOTE: This is necessary because Django does not allow the username column to be nullable.
"""
if self._id:
self.username = self._id
else:
self.username = str(uuid.uuid4())
return self.username
def has_usable_username(self):
return '@' in self.username
def is_authenticated(self): # Needed for django compat
return True
def is_anonymous(self):
return False
def get_addon_names(self):
return []
# django methods
def get_full_name(self):
return self.fullname
def get_short_name(self):
return self.username
def __unicode__(self):
return self.get_short_name()
def __str__(self):
return self.get_short_name()
@classmethod
def migrate_from_modm(cls, modm_obj):
django_obj = super(OSFUser, cls).migrate_from_modm(modm_obj)
# filter out None values
django_obj.emails = [x for x in django_obj.emails if x is not None]
if django_obj.password == '' or django_obj.password is None:
# password is blank=False, null=False
# make them have a password
django_obj.set_unusable_password()
else:
# django thinks bcrypt should start with bcrypt...
django_obj.password = '******'.format(django_obj.password)
return django_obj
@property
def contributed(self):
return self.nodes.all()
@property
def can_be_merged(self):
"""The ability of the `merge_user` method to fully merge the user"""
return True
# TODO: Uncomment when addons are implemented
# return all((addon.can_be_merged for addon in self.get_addons()))
def merge_user(self, user):
"""Merge a registered user into this account. This user will be
a contributor on any project. if the registered user and this account
are both contributors of the same project. Then it will remove the
registered user and set this account to the highest permission of the two
and set this account to be visible if either of the two are visible on
the project.
:param user: A User object to be merged.
"""
# Fail if the other user has conflicts.
if not user.can_be_merged:
raise MergeConflictError('Users cannot be merged')
# Move over the other user's attributes
# TODO: confirm
for system_tag in user.system_tags.all():
self.add_system_tag(system_tag)
self.is_claimed = self.is_claimed or user.is_claimed
self.is_invited = self.is_invited or user.is_invited
# copy over profile only if this user has no profile info
if user.jobs and not self.jobs:
self.jobs = user.jobs
if user.schools and not self.schools:
self.schools = user.schools
if user.social and not self.social:
self.social = user.social
unclaimed = user.unclaimed_records.copy()
unclaimed.update(self.unclaimed_records)
self.unclaimed_records = unclaimed
# - unclaimed records should be connected to only one user
user.unclaimed_records = {}
security_messages = user.security_messages.copy()
security_messages.update(self.security_messages)
self.security_messages = security_messages
notifications_configured = user.notifications_configured.copy()
notifications_configured.update(self.notifications_configured)
self.notifications_configured = notifications_configured
if not website_settings.RUNNING_MIGRATION:
for key, value in user.mailchimp_mailing_lists.iteritems():
# subscribe to each list if either user was subscribed
subscription = value or self.mailchimp_mailing_lists.get(key)
signals.user_merged.send(self,
list_name=key,
subscription=subscription)
# clear subscriptions for merged user
signals.user_merged.send(user,
list_name=key,
subscription=False,
send_goodbye=False)
for target_id, timestamp in user.comments_viewed_timestamp.iteritems():
if not self.comments_viewed_timestamp.get(target_id):
self.comments_viewed_timestamp[target_id] = timestamp
elif timestamp > self.comments_viewed_timestamp[target_id]:
self.comments_viewed_timestamp[target_id] = timestamp
self.emails.extend(user.emails)
user.emails = []
for k, v in user.email_verifications.iteritems():
email_to_confirm = v['email']
if k not in self.email_verifications and email_to_confirm != user.username:
self.email_verifications[k] = v
user.email_verifications = {}
self.affiliated_institutions.add(
*user.affiliated_institutions.values_list('pk', flat=True))
for service in user.external_identity:
for service_id in user.external_identity[service].iterkeys():
if not (service_id in self.external_identity.get(service, '')
and self.external_identity[service][service_id]
== 'VERIFIED'):
# Prevent 'CREATE', merging user has already been created.
external = user.external_identity[service][service_id]
status = 'VERIFIED' if external == 'VERIFIED' else 'LINK'
if self.external_identity.get(service):
self.external_identity[service].update(
{service_id: status})
else:
self.external_identity[service] = {service_id: status}
user.external_identity = {}
# FOREIGN FIELDS
WatchConfig.objects.filter(user=user).update(user=self)
self.external_accounts.add(
*user.external_accounts.values_list('pk', flat=True))
# - addons
# Note: This must occur before the merged user is removed as a
# contributor on the nodes, as an event hook is otherwise fired
# which removes the credentials.
for addon in user.get_addons():
user_settings = self.get_or_add_addon(addon.config.short_name)
user_settings.merge(addon)
user_settings.save()
# - projects where the user was a contributor
for node in user.contributed:
# Skip bookmark collection node
if node.is_bookmark_collection:
continue
# if both accounts are contributor of the same project
if node.is_contributor(self) and node.is_contributor(user):
user_permissions = node.get_permissions(user)
self_permissions = node.get_permissions(self)
permissions = max([user_permissions, self_permissions])
node.set_permissions(user=self, permissions=permissions)
visible1 = self._id in node.visible_contributor_ids
visible2 = user._id in node.visible_contributor_ids
if visible1 != visible2:
node.set_visible(user=self,
visible=True,
log=True,
auth=Auth(user=self))
node.contributor_set.filter(user=user).delete()
else:
node.contributor_set.filter(user=user).update(user=self)
node.save()
# - projects where the user was the creator
user.created.update(creator=self)
# - file that the user has checked_out, import done here to prevent import error
# TODO: Uncoment when StoredFileNode is implemented
# from website.files.models.base import FileNode
# for file_node in FileNode.files_checked_out(user=user):
# file_node.checkout = self
# file_node.save()
# finalize the merge
remove_sessions_for_user(user)
# - username is set to the GUID so the merging user can set it primary
# in the future (note: it cannot be set to None due to non-null constraint)
user.set_unusable_username()
user.set_unusable_password()
user.verification_key = None
user.osf_mailing_lists = {}
user.merged_by = self
user.save()
def update_is_active(self):
"""Update ``is_active`` to be consistent with the fields that
it depends on.
"""
self.is_active = (self.is_registered and self.is_confirmed
and self.has_usable_password() and not self.is_merged
and not self.is_disabled)
# Overrides BaseModel
def save(self, *args, **kwargs):
self.update_is_active()
self.username = self.username.lower().strip(
) if self.username else None
dirty_fields = set(self.get_dirty_fields())
ret = super(OSFUser, self).save(*args, **kwargs)
if self.SEARCH_UPDATE_FIELDS.intersection(
dirty_fields) and self.is_confirmed:
self.update_search()
# TODO
# self.update_search_nodes_contributors()
return ret
# Legacy methods
@classmethod
def create(cls, username, password, fullname):
user = cls(
username=username,
fullname=fullname,
)
user.update_guessed_names()
user.set_password(password)
return user
def set_password(self, raw_password, notify=True):
"""Set the password for this user to the hash of ``raw_password``.
If this is a new user, we're done. If this is a password change,
then email the user about the change and clear all the old sessions
so that users will have to log in again with the new password.
:param raw_password: the plaintext value of the new password
:param notify: Only meant for unit tests to keep extra notifications from being sent
:rtype: list
:returns: Changed fields from the user save
"""
had_existing_password = self.has_usable_password()
if self.username == raw_password:
raise ChangePasswordError(
['Password cannot be the same as your email address'])
super(OSFUser, self).set_password(raw_password)
if had_existing_password and notify:
mails.send_mail(to_addr=self.username,
mail=mails.PASSWORD_RESET,
mimetype='plain',
user=self)
remove_sessions_for_user(self)
@classmethod
def create_unconfirmed(cls,
username,
password,
fullname,
external_identity=None,
do_confirm=True,
campaign=None):
"""Create a new user who has begun registration but needs to verify
their primary email address (username).
"""
user = cls.create(username, password, fullname)
user.add_unconfirmed_email(username,
external_identity=external_identity)
user.is_registered = False
if external_identity:
user.external_identity.update(external_identity)
if campaign:
# needed to prevent cirular import
from framework.auth.campaigns import system_tag_for_campaign # skipci
# User needs to be saved before adding system tags (due to m2m relationship)
user.save()
user.add_system_tag(system_tag_for_campaign(campaign))
return user
def get_unconfirmed_email_for_token(self, token):
"""Return email if valid.
:rtype: bool
:raises: ExpiredTokenError if trying to access a token that is expired.
:raises: InvalidTokenError if trying to access a token that is invalid.
"""
if token not in self.email_verifications:
raise InvalidTokenError
verification = self.email_verifications[token]
# Not all tokens are guaranteed to have expiration dates
if ('expiration' in verification
and verification['expiration'] < dt.datetime.utcnow()):
raise ExpiredTokenError
return verification['email']
@property
def unconfirmed_email_info(self):
"""Return a list of dictionaries containing information about each of this
user's unconfirmed emails.
"""
unconfirmed_emails = []
email_verifications = self.email_verifications or []
for token in email_verifications:
if self.email_verifications[token].get('confirmed', False):
try:
user_merge = OSFUser.find_one(
Q('emails', 'contains',
[self.email_verifications[token]['email'].lower()]))
except NoResultsFound:
user_merge = False
unconfirmed_emails.append({
'address':
self.email_verifications[token]['email'],
'token':
token,
'confirmed':
self.email_verifications[token]['confirmed'],
'user_merge':
user_merge.email if user_merge else False
})
return unconfirmed_emails
def clean_email_verifications(self, given_token=None):
email_verifications = deepcopy(self.email_verifications or {})
for token in self.email_verifications or {}:
try:
self.get_unconfirmed_email_for_token(token)
except (KeyError, ExpiredTokenError):
email_verifications.pop(token)
continue
if token == given_token:
email_verifications.pop(token)
self.email_verifications = email_verifications
def verify_claim_token(self, token, project_id):
"""Return whether or not a claim token is valid for this user for
a given node which they were added as a unregistered contributor for.
"""
try:
record = self.get_unclaimed_record(project_id)
except ValueError: # No unclaimed record for given pid
return False
return record['token'] == token
@classmethod
def create_unregistered(cls, fullname, email=None):
"""Create a new unregistered user.
"""
user = cls(
username=email,
fullname=fullname,
is_invited=True,
is_registered=False,
)
if not email:
user.set_unusable_username()
user.set_unusable_password()
user.update_guessed_names()
return user
def update_guessed_names(self):
"""Updates the CSL name fields inferred from the the full name.
"""
parsed = impute_names(self.fullname)
self.given_name = parsed['given']
self.middle_names = parsed['middle']
self.family_name = parsed['family']
self.suffix = parsed['suffix']
def add_unconfirmed_email(self,
email,
expiration=None,
external_identity=None):
"""Add an email verification token for a given email."""
# TODO: This is technically not compliant with RFC 822, which requires
# that case be preserved in the "local-part" of an address. From
# a practical standpoint, the vast majority of email servers do
# not preserve case.
# ref: https://tools.ietf.org/html/rfc822#section-6
email = email.lower().strip()
if not external_identity and email in self.emails:
raise ValueError('Email already confirmed to this user.')
with reraise_django_validation_errors():
validate_email(email)
# If the unconfirmed email is already present, refresh the token
if email in self.unconfirmed_emails:
self.remove_unconfirmed_email(email)
token = generate_confirm_token()
# handle when email_verifications is None
if not self.email_verifications:
self.email_verifications = {}
# confirmed used to check if link has been clicked
self.email_verifications[token] = {
'email': email,
'confirmed': False,
'external_identity': external_identity
}
self._set_email_token_expiration(token, expiration=expiration)
return token
def remove_unconfirmed_email(self, email):
"""Remove an unconfirmed email addresses and their tokens."""
for token, value in self.email_verifications.iteritems():
if value.get('email') == email:
del self.email_verifications[token]
return True
return False
def get_confirmation_token(self, email, force=False):
"""Return the confirmation token for a given email.
:param str email: Email to get the token for.
:param bool force: If an expired token exists for the given email, generate a new
token and return that token.
:raises: ExpiredTokenError if trying to access a token that is expired and force=False.
:raises: KeyError if there no token for the email.
"""
# TODO: Refactor "force" flag into User.get_or_add_confirmation_token
for token, info in self.email_verifications.items():
if info['email'].lower() == email.lower():
# Old records will not have an expiration key. If it's missing,
# assume the token is expired
expiration = info.get('expiration')
if not expiration or (expiration
and expiration < dt.datetime.utcnow()):
if not force:
raise ExpiredTokenError(
'Token for email "{0}" is expired'.format(email))
else:
new_token = self.add_unconfirmed_email(email)
self.save()
return new_token
return token
raise KeyError('No confirmation token for email "{0}"'.format(email))
def get_confirmation_url(self,
email,
external=True,
force=False,
external_id_provider=None):
"""Return the confirmation url for a given email.
:raises: ExpiredTokenError if trying to access a token that is expired.
:raises: KeyError if there is no token for the email.
"""
config = apps.get_app_config('osf_models')
base = config.domain if external else '/'
token = self.get_confirmation_token(email, force=force)
if external_id_provider:
return '{0}confirm/external/{1}/{2}/'.format(base, self._id, token)
else:
return '{0}confirm/{1}/{2}/'.format(base, self._id, token)
def register(self, username, password=None):
"""Registers the user.
"""
self.username = username
if password:
self.set_password(password)
if username not in self.emails:
self.emails.append(username)
self.is_registered = True
self.is_claimed = True
self.date_confirmed = timezone.now()
self.update_search()
self.update_search_nodes()
# Emit signal that a user has confirmed
signals.user_confirmed.send(self)
return self
def confirm_email(self, token, merge=False):
"""Confirm the email address associated with the token"""
email = self.get_unconfirmed_email_for_token(token)
# If this email is confirmed on another account, abort
try:
user_to_merge = OSFUser.find_one(Q('emails', 'contains', [email]))
except NoResultsFound:
user_to_merge = None
# TODO: Implement merging
if user_to_merge and merge:
self.merge_user(user_to_merge)
elif user_to_merge:
raise MergeConfirmedRequiredError(
'Merge requires confirmation',
user=self,
user_to_merge=user_to_merge,
)
# If another user has this email as its username, get it
try:
unregistered_user = OSFUser.find_one(
Q('username', 'eq', email) & Q('_id', 'ne', self._id))
except NoResultsFound:
unregistered_user = None
if unregistered_user:
self.merge_user(unregistered_user)
self.save()
unregistered_user.username = None
if email not in self.emails:
self.emails.append(email)
# Complete registration if primary email
if email.lower() == self.username.lower():
self.register(self.username)
self.date_confirmed = timezone.now()
# Revoke token
del self.email_verifications[token]
# TODO: We can't assume that all unclaimed records are now claimed.
# Clear unclaimed records, so user's name shows up correctly on
# all projects
self.unclaimed_records = {}
self.save()
self.update_search_nodes()
return True
def _set_email_token_expiration(self, token, expiration=None):
"""Set the expiration date for given email token.
:param str token: The email token to set the expiration for.
:param datetime expiration: Datetime at which to expire the token. If ``None``, the
token will expire after ``settings.EMAIL_TOKEN_EXPIRATION`` hours. This is only
used for testing purposes.
"""
config = apps.get_app_config('osf_models')
expiration = expiration or (dt.datetime.utcnow() + dt.timedelta(
hours=config.email_token_expiration))
self.email_verifications[token]['expiration'] = expiration
return expiration
def update_search(self):
from website.search.search import update_user
from website.search.exceptions import SearchUnavailableError
try:
update_user(self)
except SearchUnavailableError as e:
logger.exception(e)
log_exception()
def update_search_nodes(self):
"""Call `update_search` on all nodes on which the user is a
contributor. Needed to add self to contributor lists in search upon
registration or claiming.
"""
for node in self.contributed:
node.update_search()
def get_summary(self, formatter='long'):
return {
'user_fullname': self.fullname,
'user_profile_url': self.profile_url,
'user_display_name': name_formatters[formatter](self),
'user_is_claimed': self.is_claimed
}
def change_password(self, raw_old_password, raw_new_password,
raw_confirm_password):
"""Change the password for this user to the hash of ``raw_new_password``."""
raw_old_password = (raw_old_password or '').strip()
raw_new_password = (raw_new_password or '').strip()
raw_confirm_password = (raw_confirm_password or '').strip()
# TODO: Move validation to set_password
issues = []
if not self.check_password(raw_old_password):
issues.append('Old password is invalid')
elif raw_old_password == raw_new_password:
issues.append('Password cannot be the same')
elif raw_new_password == self.username:
issues.append('Password cannot be the same as your email address')
if not raw_old_password or not raw_new_password or not raw_confirm_password:
issues.append('Passwords cannot be blank')
elif len(raw_new_password) < 8:
issues.append('Password should be at least eight characters')
elif len(raw_new_password) > 256:
issues.append('Password should not be longer than 256 characters')
if raw_new_password != raw_confirm_password:
issues.append('Password does not match the confirmation')
if issues:
raise ChangePasswordError(issues)
self.set_password(raw_new_password)
def profile_image_url(self, size=None):
"""A generalized method for getting a user's profile picture urls.
We may choose to use some service other than gravatar in the future,
and should not commit ourselves to using a specific service (mostly
an API concern).
As long as we use gravatar, this is just a proxy to User.gravatar_url
"""
return self._gravatar_url(size)
def _gravatar_url(self, size):
return filters.gravatar(self, use_ssl=True, size=size)
@property
def display_absolute_url(self):
url = self.absolute_url
if url is not None:
return re.sub(r'https?:', '', url).strip('/')
def display_full_name(self, node=None):
"""Return the full name , as it would display in a contributor list for a
given node.
NOTE: Unclaimed users may have a different name for different nodes.
"""
if node:
unclaimed_data = self.unclaimed_records.get(
node._primary_key, None)
if unclaimed_data:
return unclaimed_data['name']
return self.fullname
def add_system_tag(self, tag):
if not isinstance(tag, Tag):
tag_instance, created = Tag.objects.get_or_create(name=tag.lower(),
system=True)
else:
tag_instance = tag
if not self.tags.filter(id=tag_instance.id).exists():
self.tags.add(tag_instance)
return tag_instance
def get_recently_added(self):
return (each.contributor for each in
self.recentlyaddedcontributor_set.order_by('-date_added'))
def get_projects_in_common(self, other_user, primary_keys=True):
"""Returns either a collection of "shared projects" (projects that both users are contributors for)
or just their primary keys
"""
Node = apps.get_model('osf_models.Node')
query = (Node.objects.filter(_contributors=self).filter(
_contributors=other_user))
if primary_keys:
return set(query.values_list('guid__guid', flat=True))
else:
return set(query.all())
def n_projects_in_common(self, other_user):
"""Returns number of "shared projects" (projects that both users are contributors for)"""
return len(self.get_projects_in_common(other_user, primary_keys=True))
def add_unclaimed_record(self, node, referrer, given_name, email=None):
"""Add a new project entry in the unclaimed records dictionary.
:param Node node: Node this unclaimed user was added to.
:param User referrer: User who referred this user.
:param str given_name: The full name that the referrer gave for this user.
:param str email: The given email address.
:returns: The added record
"""
if not node.can_edit(user=referrer):
raise PermissionsError(
'Referrer does not have permission to add a contributor '
'to project {0}'.format(node._primary_key))
project_id = node._primary_key
referrer_id = referrer._primary_key
if email:
clean_email = email.lower().strip()
else:
clean_email = None
record = {
'name': given_name,
'referrer_id': referrer_id,
'token': generate_confirm_token(),
'email': clean_email
}
self.unclaimed_records[project_id] = record
return record
def get_unclaimed_record(self, project_id):
"""Get an unclaimed record for a given project_id.
:raises: ValueError if there is no record for the given project.
"""
try:
return self.unclaimed_records[project_id]
except KeyError: # reraise as ValueError
raise ValueError(
'No unclaimed record for user {self._id} on node {project_id}'.
format(**locals()))
def get_claim_url(self, project_id, external=False):
"""Return the URL that an unclaimed user should use to claim their
account. Return ``None`` if there is no unclaimed_record for the given
project ID.
:param project_id: The project ID for the unclaimed record
:raises: ValueError if a record doesn't exist for the given project ID
:rtype: dict
:returns: The unclaimed record for the project
"""
config = apps.get_app_config('osf_models')
uid = self._primary_key
base_url = config.domain if external else '/'
unclaimed_record = self.get_unclaimed_record(project_id)
token = unclaimed_record['token']
return '{base_url}user/{uid}/{project_id}/claim/?token={token}'\
.format(**locals())
def is_affiliated_with_institution(self, institution):
"""Return if this user is affiliated with ``institution``."""
return self.affiliated_institutions.filter(id=institution.id).exists()
def update_affiliated_institutions_by_email_domain(self):
"""
Append affiliated_institutions by email domain.
:return:
"""
try:
email_domains = [
email.split('@')[1].lower() for email in self.emails
]
insts = Institution.find(
Q('email_domains', 'overlap', email_domains))
affiliated = self.affiliated_institutions.all()
self.affiliated_institutions.add(
*[each for each in insts if each not in affiliated])
except (IndexError, NoResultsFound):
pass
def get_activity_points(self, db=None):
db = db or framework.mongo.database
return analytics.get_total_activity_count(self._primary_key, db=db)
def get_or_create_cookie(self, secret=None):
"""Find the cookie for the given user
Create a new session if no cookie is found
:param str secret: The key to sign the cookie with
:returns: The signed cookie
"""
secret = secret or settings.SECRET_KEY
sessions = Session.find(Q('data.auth_user_id', 'eq',
self._id)).sort('-date_modified').limit(1)
if sessions.exists():
user_session = sessions[0]
else:
user_session = Session(
data={
'auth_user_id': self._id,
'auth_user_username': self.username,
'auth_user_fullname': self.fullname,
})
user_session.save()
signer = itsdangerous.Signer(secret)
return signer.sign(user_session._id)
@classmethod
def from_cookie(cls, cookie, secret=None):
"""Attempt to load a user from their signed cookie
:returns: None if a user cannot be loaded else User
"""
if not cookie:
return None
secret = secret or settings.SECRET_KEY
try:
token = itsdangerous.Signer(secret).unsign(cookie)
except itsdangerous.BadSignature:
return None
user_session = Session.load(token)
if user_session is None:
return None
return cls.load(user_session.data.get('auth_user_id'))
def is_watching(self, node):
return self.watched.filter(id=node.id).exists()
class Registration(AbstractNode):
# TODO DELETE ME POST MIGRATION
modm_model_path = 'website.project.model.Node'
modm_query = MQ('is_registration', 'eq', True)
# /TODO DELETE ME POST MIGRATION
objects = RegistrationManager()
registered_date = models.DateTimeField(db_index=True,
null=True,
blank=True)
registered_user = models.ForeignKey(OSFUser,
related_name='related_to',
on_delete=models.SET_NULL,
null=True,
blank=True)
registered_schema = models.ManyToManyField(MetaSchema)
registered_meta = DateTimeAwareJSONField(default=dict, blank=True)
# TODO Add back in once dependencies are resolved
registration_approval = models.ForeignKey(RegistrationApproval,
null=True,
blank=True)
retraction = models.ForeignKey(Retraction, null=True, blank=True)
embargo = models.ForeignKey(Embargo, null=True, blank=True)
registered_from = models.ForeignKey('self',
related_name='registrations',
on_delete=models.SET_NULL,
null=True,
blank=True)
# Sanctions
registration_approval = models.ForeignKey('RegistrationApproval',
related_name='registrations',
null=True,
blank=True,
on_delete=models.SET_NULL)
retraction = models.ForeignKey('Retraction',
related_name='registrations',
null=True,
blank=True,
on_delete=models.SET_NULL)
embargo = models.ForeignKey('Embargo',
related_name='registrations',
null=True,
blank=True,
on_delete=models.SET_NULL)
embargo_termination_approval = models.ForeignKey(
'EmbargoTerminationApproval',
related_name='registrations',
null=True,
blank=True,
on_delete=models.SET_NULL)
@property
def is_registration(self):
"""For v1 compat."""
return True
@property
def is_collection(self):
"""For v1 compat."""
return False
@property
def archive_job(self):
return self.archive_jobs.first() if self.archive_jobs.count() else None
@property
def sanction(self):
sanction = (self.embargo_termination_approval or self.retraction
or self.embargo or self.registration_approval)
if sanction:
return sanction
elif self.parent_node:
return self.parent_node.sanction
else:
return None
@property
def is_registration_approved(self):
if self.registration_approval is None:
if self.parent_node:
return self.parent_node.is_registration_approved
return False
return self.registration_approval.is_approved
@property
def is_pending_embargo(self):
if self.embargo is None:
if self.parent_node:
return self.parent_node.is_pending_embargo
return False
return self.embargo.is_pending_approval
@property
def is_pending_embargo_for_existing_registration(self):
""" Returns True if Node has an Embargo pending approval for an
existing registrations. This is used specifically to ensure
registrations pre-dating the Embargo feature do not get deleted if
their respective Embargo request is rejected.
"""
if self.embargo is None:
if self.parent_node:
return self.parent_node.is_pending_embargo_for_existing_registration
return False
return self.embargo.pending_registration
@property
def is_retracted(self):
if self.retraction is None:
if self.parent_node:
return self.parent_node.is_retracted
return False
return self.retraction.is_approved
@property
def is_pending_registration(self):
if not self.is_registration:
return False
if self.registration_approval is None:
if self.parent_node:
return self.parent_node.is_pending_registration
return False
return self.registration_approval.is_pending_approval
@property
def is_pending_retraction(self):
if self.retraction is None:
if self.parent_node:
return self.parent_node.is_pending_retraction
return False
return self.retraction.is_pending_approval
@property
def is_embargoed(self):
"""A Node is embargoed if:
- it has an associated Embargo record
- that record has been approved
- the node is not public (embargo not yet lifted)
"""
if self.embargo is None:
if self.parent_node:
return self.parent_node.is_embargoed
return self.embargo and self.embargo.is_approved and not self.is_public
@property
def embargo_end_date(self):
if self.embargo is None:
if self.parent_node:
return self.parent_node.embargo_end_date
return False
return self.embargo.end_date
@property
def archiving(self):
job = self.archive_job
return job and not job.done and not job.archive_tree_finished()
def _is_embargo_date_valid(self, end_date):
now = timezone.now()
if (end_date - now) >= settings.EMBARGO_END_DATE_MIN:
if (end_date - now) <= settings.EMBARGO_END_DATE_MAX:
return True
return False
def _initiate_embargo(self,
user,
end_date,
for_existing_registration=False,
notify_initiator_on_complete=False):
"""Initiates the retraction process for a registration
:param user: User who initiated the retraction
:param end_date: Date when the registration should be made public
"""
self.embargo = Embargo.objects.create(
initiated_by=user,
end_date=datetime.datetime.combine(end_date,
datetime.datetime.min.time()),
for_existing_registration=for_existing_registration,
notify_initiator_on_complete=notify_initiator_on_complete)
self.save() # Set foreign field reference Node.embargo
admins = self.get_admin_contributors_recursive(unique_users=True)
for (admin, node) in admins:
self.embargo.add_authorizer(admin, node)
self.embargo.save() # Save embargo's approval_state
return self.embargo
def embargo_registration(self,
user,
end_date,
for_existing_registration=False,
notify_initiator_on_complete=False):
"""Enter registration into an embargo period at end of which, it will
be made public
:param user: User initiating the embargo
:param end_date: Date when the registration should be made public
:raises: NodeStateError if Node is not a registration
:raises: PermissionsError if user is not an admin for the Node
:raises: ValidationValueError if end_date is not within time constraints
"""
if not self.has_permission(user, 'admin'):
raise PermissionsError('Only admins may embargo a registration')
if not self._is_embargo_date_valid(end_date):
if (end_date - timezone.now()) >= settings.EMBARGO_END_DATE_MIN:
raise ValidationValueError(
'Registrations can only be embargoed for up to four years.'
)
raise ValidationValueError(
'Embargo end date must be at least three days in the future.')
embargo = self._initiate_embargo(
user,
end_date,
for_existing_registration=for_existing_registration,
notify_initiator_on_complete=notify_initiator_on_complete)
self.registered_from.add_log(
action=NodeLog.EMBARGO_INITIATED,
params={
'node': self.registered_from._id,
'registration': self._id,
'embargo_id': embargo._id,
},
auth=Auth(user),
save=True,
)
if self.is_public:
self.set_privacy('private', Auth(user))
def request_embargo_termination(self, auth):
"""Initiates an EmbargoTerminationApproval to lift this Embargoed Registration's
embargo early."""
if not self.is_embargoed:
raise NodeStateError('This node is not under active embargo')
if not self.root == self:
raise NodeStateError(
'Only the root of an embargoed registration can request termination'
)
approval = EmbargoTerminationApproval(
initiated_by=auth.user,
embargoed_registration=self,
)
admins = [
admin for admin in self.root.get_admin_contributors_recursive(
unique_users=True)
]
for (admin, node) in admins:
approval.add_authorizer(admin, node=node)
approval.save()
approval.ask(admins)
self.embargo_termination_approval = approval
self.save()
return approval
def terminate_embargo(self, auth):
"""Handles the actual early termination of an Embargoed registration.
Adds a log to the registered_from Node.
"""
if not self.is_embargoed:
raise NodeStateError('This node is not under active embargo')
self.registered_from.add_log(action=NodeLog.EMBARGO_TERMINATED,
params={
'project': self._id,
'node': self.registered_from._id,
'registration': self._id,
},
auth=None,
save=True)
self.embargo.mark_as_completed()
for node in self.node_and_primary_descendants():
node.set_privacy(self.PUBLIC, auth=None, log=False, save=True)
return True
def _initiate_retraction(self, user, justification=None):
"""Initiates the retraction process for a registration
:param user: User who initiated the retraction
:param justification: Justification, if given, for retraction
"""
self.retraction = Retraction.objects.create(
initiated_by=user,
justification=justification or None, # make empty strings None
state=Retraction.UNAPPROVED)
self.save()
admins = self.get_admin_contributors_recursive(unique_users=True)
for (admin, node) in admins:
self.retraction.add_authorizer(admin, node)
self.retraction.save() # Save retraction approval state
return self.retraction
def retract_registration(self, user, justification=None, save=True):
"""Retract public registration. Instantiate new Retraction object
and associate it with the respective registration.
"""
if not self.is_public and not (self.embargo_end_date
or self.is_pending_embargo):
raise NodeStateError(
'Only public or embargoed registrations may be withdrawn.')
if self.root is not self:
raise NodeStateError(
'Withdrawal of non-parent registrations is not permitted.')
retraction = self._initiate_retraction(user, justification)
self.registered_from.add_log(
action=NodeLog.RETRACTION_INITIATED,
params={
'node': self.registered_from._id,
'registration': self._id,
'retraction_id': retraction._id,
},
auth=Auth(user),
)
self.retraction = retraction
if save:
self.save()
return retraction
def delete_registration_tree(self, save=False):
self.is_deleted = True
if not getattr(self.embargo, 'for_existing_registration', False):
self.registered_from = None
if save:
self.save()
self.update_search()
for child in self.nodes_primary:
child.delete_registration_tree(save=save)
class DraftRegistration(ObjectIDMixin, BaseModel):
# TODO DELETE ME POST MIGRATION
modm_model_path = 'website.project.model.DraftRegistration'
modm_query = None
# /TODO DELETE ME POST MIGRATION
URL_TEMPLATE = settings.DOMAIN + 'project/{node_id}/drafts/{draft_id}'
datetime_initiated = models.DateTimeField(
default=timezone.now) # auto_now_add=True)
datetime_updated = models.DateTimeField(auto_now=True)
# Original Node a draft registration is associated with
branched_from = models.ForeignKey('Node',
null=True,
related_name='registered_draft')
initiator = models.ForeignKey('OSFUser', null=True)
# Dictionary field mapping question id to a question's comments and answer
# {
# <qid>: {
# 'comments': [{
# 'user': {
# 'id': <uid>,
# 'name': <name>
# },
# value: <value>,
# lastModified: <datetime>
# }],
# 'value': <value>
# }
# }
registration_metadata = DateTimeAwareJSONField(default=dict, blank=True)
registration_schema = models.ForeignKey('MetaSchema', null=True)
registered_node = models.ForeignKey('Registration',
null=True,
blank=True,
related_name='draft_registration')
approval = models.ForeignKey('DraftRegistrationApproval',
null=True,
blank=True)
# Dictionary field mapping extra fields defined in the MetaSchema.schema to their
# values. Defaults should be provided in the schema (e.g. 'paymentSent': false),
# and these values are added to the DraftRegistration
# TODO: Use "FIELD_ALIASES"?
_metaschema_flags = DateTimeAwareJSONField(default=dict, blank=True)
notes = models.TextField(blank=True)
def __repr__(self):
return ('<DraftRegistration(branched_from={self.branched_from!r}) '
'with id {self._id!r}>').format(self=self)
# lazily set flags
@property
def flags(self):
if not self._metaschema_flags:
self._metaschema_flags = {}
meta_schema = self.registration_schema
if meta_schema:
schema = meta_schema.schema
flags = schema.get('flags', {})
dirty = False
for flag, value in flags.iteritems():
if flag not in self._metaschema_flags:
self._metaschema_flags[flag] = value
dirty = True
if dirty:
self.save()
return self._metaschema_flags
@flags.setter
def flags(self, flags):
self._metaschema_flags.update(flags)
@property
def url(self):
return self.URL_TEMPLATE.format(node_id=self.branched_from,
draft_id=self._id)
@property
def absolute_url(self):
return urlparse.urljoin(settings.DOMAIN, self.url)
@property
def absolute_api_v2_url(self):
node = self.branched_from
path = '/nodes/{}/draft_registrations/{}/'.format(node._id, self._id)
return api_v2_url(path)
# used by django and DRF
def get_absolute_url(self):
return self.absolute_api_v2_url
@property
def requires_approval(self):
return self.registration_schema.requires_approval
@property
def is_pending_review(self):
return self.approval.is_pending_approval if (
self.requires_approval and self.approval) else False
@property
def is_approved(self):
if self.requires_approval:
if not self.approval:
return False
else:
return self.approval.is_approved
else:
return False
@property
def is_rejected(self):
if self.requires_approval:
if not self.approval:
return False
else:
return self.approval.is_rejected
else:
return False
@property
def status_logs(self):
""" List of logs associated with this node"""
return self.logs.all().order('date')
@classmethod
def create_from_node(cls, node, user, schema, data=None):
draft = cls(
initiator=user,
branched_from=node,
registration_schema=schema,
registration_metadata=data or {},
)
draft.save()
return draft
def update_metadata(self, metadata):
changes = []
# Prevent comments on approved drafts
if not self.is_approved:
for question_id, value in metadata.iteritems():
old_value = self.registration_metadata.get(question_id)
if old_value:
old_comments = {
comment['created']: comment
for comment in old_value.get('comments', [])
}
new_comments = {
comment['created']: comment
for comment in value.get('comments', [])
}
old_comments.update(new_comments)
metadata[question_id]['comments'] = sorted(
old_comments.values(), key=lambda c: c['created'])
if old_value.get('value') != value.get('value'):
changes.append(question_id)
else:
changes.append(question_id)
self.registration_metadata.update(metadata)
return changes
def submit_for_review(self, initiated_by, meta, save=False):
approval = DraftRegistrationApproval(initiated_by=initiated_by,
meta=meta)
approval.save()
self.approval = approval
self.add_status_log(initiated_by, DraftRegistrationLog.SUBMITTED)
if save:
self.save()
def register(self, auth, save=False):
node = self.branched_from
# Create the registration
register = node.register_node(schema=self.registration_schema,
auth=auth,
data=self.registration_metadata)
self.registered_node = register
self.add_status_log(auth.user, DraftRegistrationLog.REGISTERED)
if save:
self.save()
return register
def approve(self, user):
self.approval.approve(user)
self.add_status_log(user, DraftRegistrationLog.APPROVED)
self.approval.save()
def reject(self, user):
self.approval.reject(user)
self.add_status_log(user, DraftRegistrationLog.REJECTED)
self.approval.save()
def add_status_log(self, user, action):
log = DraftRegistrationLog(action=action, user=user, draft=self)
log.save()
def validate_metadata(self, *args, **kwargs):
"""
Validates draft's metadata
"""
return self.registration_schema.validate_metadata(*args, **kwargs)
class DraftRegistrationApproval(Sanction):
# TODO DELETE ME POST MIGRATION
modm_model_path = 'website.project.sanctions.DraftRegistrationApproval'
modm_query = None
# /TODO DELETE ME POST MIGRATION
mode = Sanction.ANY
# Since draft registrations that require approval are not immediately registered,
# meta stores registration_choice and embargo_end_date (when applicable)
meta = DateTimeAwareJSONField(default=dict)
def _send_rejection_email(self, user, draft):
schema = draft.registration_schema
prereg_schema = prereg_utils.get_prereg_schema()
if schema._id == prereg_schema._id:
mails.send_mail(user.username,
mails.PREREG_CHALLENGE_REJECTED,
user=user,
draft_url=draft.absolute_url)
else:
raise NotImplementedError(
'TODO: add a generic email template for registration approvals'
)
def approve(self, user):
if osf_settings.PREREG_ADMIN_TAG not in user.system_tags:
raise PermissionsError(
'This user does not have permission to approve this draft.')
self.state = Sanction.APPROVED
self._on_complete(user)
def reject(self, user):
if osf_settings.PREREG_ADMIN_TAG not in user.system_tags:
raise PermissionsError(
'This user does not have permission to approve this draft.')
self.state = Sanction.REJECTED
self._on_reject(user)
def _on_complete(self, user):
from website.project.model import DraftRegistration
draft = DraftRegistration.find_one(Q('approval', 'eq', self))
auth = Auth(draft.initiator)
registration = draft.register(auth=auth, save=True)
registration_choice = self.meta['registration_choice']
if registration_choice == 'immediate':
sanction = functools.partial(registration.require_approval,
draft.initiator)
elif registration_choice == 'embargo':
sanction = functools.partial(
registration.embargo_registration, draft.initiator,
parse_date(self.meta.get('embargo_end_date'), ignoretz=True))
else:
raise ValueError(
"'registration_choice' must be either 'embargo' or 'immediate'"
)
sanction(notify_initiator_on_complete=True)
def _on_reject(self, user, *args, **kwargs):
from website.project.model import DraftRegistration
# clear out previous registration options
self.meta = {}
self.save()
draft = DraftRegistration.find_one(Q('approval', 'eq', self))
self._send_rejection_email(draft.initiator, draft)
class EmailApprovableSanction(TokenApprovableSanction):
# TODO DELETE ME POST MIGRATION
modm_model_path = 'website.project.sanctions.EmailApprovableSanction'
modm_query = None
# /TODO DELETE ME POST MIGRATION
AUTHORIZER_NOTIFY_EMAIL_TEMPLATE = None
NON_AUTHORIZER_NOTIFY_EMAIL_TEMPLATE = None
VIEW_URL_TEMPLATE = ''
APPROVE_URL_TEMPLATE = ''
REJECT_URL_TEMPLATE = ''
# A flag to conditionally run a callback on complete
notify_initiator_on_complete = models.BooleanField(default=False)
# Store a persistant copy of urls for use when needed outside of a request context.
# This field gets automagically updated whenever models approval_state is modified
# and the model is saved
# {
# 'abcde': {
# 'approve': [APPROVAL_URL],
# 'reject': [REJECT_URL],
# }
# }
stashed_urls = DateTimeAwareJSONField(default=dict, blank=True)
@staticmethod
def _format_or_empty(template, context):
if context:
return template.format(**context)
return ''
def _view_url(self, user_id, node):
return self._format_or_empty(self.VIEW_URL_TEMPLATE,
self._view_url_context(user_id, node))
def _view_url_context(self, user_id, node):
return None
def _approval_url(self, user_id):
return self._format_or_empty(self.APPROVE_URL_TEMPLATE,
self._approval_url_context(user_id))
def _approval_url_context(self, user_id):
return None
def _rejection_url(self, user_id):
return self._format_or_empty(self.REJECT_URL_TEMPLATE,
self._rejection_url_context(user_id))
def _rejection_url_context(self, user_id):
return None
def _send_approval_request_email(self, user, template, context):
mails.send_mail(user.username, template, user=user, **context)
def _email_template_context(self, user, node, is_authorizer=False):
return {}
def _notify_authorizer(self, authorizer, node):
context = self._email_template_context(authorizer,
node,
is_authorizer=True)
if self.AUTHORIZER_NOTIFY_EMAIL_TEMPLATE:
self._send_approval_request_email(
authorizer, self.AUTHORIZER_NOTIFY_EMAIL_TEMPLATE, context)
else:
raise NotImplementedError
def _notify_non_authorizer(self, user, node):
context = self._email_template_context(user, node)
if self.NON_AUTHORIZER_NOTIFY_EMAIL_TEMPLATE:
self._send_approval_request_email(
user, self.NON_AUTHORIZER_NOTIFY_EMAIL_TEMPLATE, context)
else:
raise NotImplementedError
def add_authorizer(self, user, node, **kwargs):
super(EmailApprovableSanction,
self).add_authorizer(user, node, **kwargs)
self.stashed_urls[user._id] = {
'view': self._view_url(user._id, node),
'approve': self._approval_url(user._id),
'reject': self._rejection_url(user._id)
}
self.save()
def _notify_initiator(self):
raise NotImplementedError
def _on_complete(self, *args):
if self.notify_initiator_on_complete:
self._notify_initiator()
class Meta:
abstract = True
class Sanction(ObjectIDMixin, BaseModel):
"""Sanction class is a generic way to track approval states"""
# TODO DELETE ME POST MIGRATION
modm_model_path = 'website.project.sanctions.Sanction'
modm_query = None
# /TODO DELETE ME POST MIGRATION
# Neither approved not cancelled
UNAPPROVED = 'unapproved'
# Has approval
APPROVED = 'approved'
# Rejected by at least one person
REJECTED = 'rejected'
# Embargo has been completed
COMPLETED = 'completed'
STATE_CHOICES = (
(UNAPPROVED, UNAPPROVED.title()),
(APPROVED, APPROVED.title()),
(REJECTED, REJECTED.title()),
(COMPLETED, COMPLETED.title()),
)
DISPLAY_NAME = 'Sanction'
# SHORT_NAME must correspond with the associated foreign field to query against,
# e.g. Node.find_one(Q(sanction.SHORT_NAME, 'eq', sanction))
SHORT_NAME = 'sanction'
APPROVAL_NOT_AUTHORIZED_MESSAGE = 'This user is not authorized to approve this {DISPLAY_NAME}'
APPROVAL_INVALID_TOKEN_MESSAGE = 'Invalid approval token provided for this {DISPLAY_NAME}.'
REJECTION_NOT_AUTHORIZED_MESSAEGE = 'This user is not authorized to reject this {DISPLAY_NAME}'
REJECTION_INVALID_TOKEN_MESSAGE = 'Invalid rejection token provided for this {DISPLAY_NAME}.'
# Controls whether or not the Sanction needs unanimous approval or just a single approval
ANY = 'any'
UNANIMOUS = 'unanimous'
mode = UNANIMOUS
# Sanction subclasses must have an initiated_by field
# initiated_by = fields.ForeignField('user', backref='initiated')
# Expanded: Dictionary field mapping admin IDs their approval status and relevant tokens:
# {
# 'b3k97': {
# 'has_approved': False,
# 'approval_token': 'Pew7wj1Puf7DENUPFPnXSwa1rf3xPN',
# 'rejection_token': 'TwozClTFOic2PYxHDStby94bCQMwJy'}
# }
approval_state = DateTimeAwareJSONField(default=dict, blank=True)
# Expiration date-- Sanctions in the UNAPPROVED state that are older than their end_date
# are automatically made ACTIVE by a daily cron job
# Use end_date=None for a non-expiring Sanction
end_date = models.DateTimeField(null=True, blank=True, default=None)
initiation_date = models.DateTimeField(null=True,
blank=True) # auto_now=True)
state = models.CharField(choices=STATE_CHOICES,
default=UNAPPROVED,
max_length=255)
def __repr__(self):
return '<{self.__class__.__name__}(end_date={self.end_date!r}) with _id {self._id!r}>'.format(
self=self)
@property
def is_pending_approval(self):
return self.state == Sanction.UNAPPROVED
@property
def is_approved(self):
return self.state == Sanction.APPROVED
@property
def is_rejected(self):
return self.state == Sanction.REJECTED
def approve(self, user):
raise NotImplementedError(
'Sanction subclasses must implement an approve method.')
def reject(self, user):
raise NotImplementedError(
'Sanction subclasses must implement an approve method.')
def _on_reject(self, user):
"""Callback for rejection of a Sanction
:param User user:
"""
raise NotImplementedError(
'Sanction subclasses must implement an #_on_reject method')
def _on_complete(self, user):
"""Callback for when a Sanction has approval and enters the ACTIVE state
:param User user:
"""
raise NotImplementedError(
'Sanction subclasses must implement an #_on_complete method')
def forcibly_reject(self):
self.state = Sanction.REJECTED
class Meta:
abstract = True
class NodeLog(ObjectIDMixin, BaseModel):
# TODO DELETE ME POST MIGRATION
modm_model_path = 'website.project.model.NodeLog'
modm_query = None
migration_page_size = 100000
# /TODO DELETE ME POST MIGRATION
DATE_FORMAT = '%m/%d/%Y %H:%M UTC'
# Log action constants -- NOTE: templates stored in log_templates.mako
CREATED_FROM = 'created_from'
PROJECT_CREATED = 'project_created'
PROJECT_REGISTERED = 'project_registered'
PROJECT_DELETED = 'project_deleted'
NODE_CREATED = 'node_created'
NODE_FORKED = 'node_forked'
NODE_REMOVED = 'node_removed'
POINTER_CREATED = NODE_LINK_CREATED = 'pointer_created'
POINTER_FORKED = NODE_LINK_FORKED = 'pointer_forked'
POINTER_REMOVED = NODE_LINK_REMOVED = 'pointer_removed'
WIKI_UPDATED = 'wiki_updated'
WIKI_DELETED = 'wiki_deleted'
WIKI_RENAMED = 'wiki_renamed'
MADE_WIKI_PUBLIC = 'made_wiki_public'
MADE_WIKI_PRIVATE = 'made_wiki_private'
CONTRIB_ADDED = 'contributor_added'
CONTRIB_REMOVED = 'contributor_removed'
CONTRIB_REORDERED = 'contributors_reordered'
CHECKED_IN = 'checked_in'
CHECKED_OUT = 'checked_out'
PERMISSIONS_UPDATED = 'permissions_updated'
MADE_PRIVATE = 'made_private'
MADE_PUBLIC = 'made_public'
TAG_ADDED = 'tag_added'
TAG_REMOVED = 'tag_removed'
FILE_TAG_ADDED = 'file_tag_added'
FILE_TAG_REMOVED = 'file_tag_removed'
EDITED_TITLE = 'edit_title'
EDITED_DESCRIPTION = 'edit_description'
CHANGED_LICENSE = 'license_changed'
UPDATED_FIELDS = 'updated_fields'
FILE_MOVED = 'addon_file_moved'
FILE_COPIED = 'addon_file_copied'
FILE_RENAMED = 'addon_file_renamed'
FOLDER_CREATED = 'folder_created'
FILE_ADDED = 'file_added'
FILE_UPDATED = 'file_updated'
FILE_REMOVED = 'file_removed'
FILE_RESTORED = 'file_restored'
ADDON_ADDED = 'addon_added'
ADDON_REMOVED = 'addon_removed'
COMMENT_ADDED = 'comment_added'
COMMENT_REMOVED = 'comment_removed'
COMMENT_UPDATED = 'comment_updated'
COMMENT_RESTORED = 'comment_restored'
CITATION_ADDED = 'citation_added'
CITATION_EDITED = 'citation_edited'
CITATION_REMOVED = 'citation_removed'
MADE_CONTRIBUTOR_VISIBLE = 'made_contributor_visible'
MADE_CONTRIBUTOR_INVISIBLE = 'made_contributor_invisible'
EXTERNAL_IDS_ADDED = 'external_ids_added'
EMBARGO_APPROVED = 'embargo_approved'
EMBARGO_CANCELLED = 'embargo_cancelled'
EMBARGO_COMPLETED = 'embargo_completed'
EMBARGO_INITIATED = 'embargo_initiated'
EMBARGO_TERMINATED = 'embargo_terminated'
RETRACTION_APPROVED = 'retraction_approved'
RETRACTION_CANCELLED = 'retraction_cancelled'
RETRACTION_INITIATED = 'retraction_initiated'
REGISTRATION_APPROVAL_CANCELLED = 'registration_cancelled'
REGISTRATION_APPROVAL_INITIATED = 'registration_initiated'
REGISTRATION_APPROVAL_APPROVED = 'registration_approved'
PREREG_REGISTRATION_INITIATED = 'prereg_registration_initiated'
AFFILIATED_INSTITUTION_ADDED = 'affiliated_institution_added'
AFFILIATED_INSTITUTION_REMOVED = 'affiliated_institution_removed'
actions = [
CHECKED_IN, CHECKED_OUT, FILE_TAG_REMOVED, FILE_TAG_ADDED,
CREATED_FROM, PROJECT_CREATED, PROJECT_REGISTERED, PROJECT_DELETED,
NODE_CREATED, NODE_FORKED, NODE_REMOVED, NODE_LINK_CREATED,
NODE_LINK_FORKED, NODE_LINK_REMOVED, WIKI_UPDATED, WIKI_DELETED,
WIKI_RENAMED, MADE_WIKI_PUBLIC, MADE_WIKI_PRIVATE, CONTRIB_ADDED,
CONTRIB_REMOVED, CONTRIB_REORDERED, PERMISSIONS_UPDATED, MADE_PRIVATE,
MADE_PUBLIC, TAG_ADDED, TAG_REMOVED, EDITED_TITLE, EDITED_DESCRIPTION,
UPDATED_FIELDS, FILE_MOVED, FILE_COPIED, FOLDER_CREATED, FILE_ADDED,
FILE_UPDATED, FILE_REMOVED, FILE_RESTORED, ADDON_ADDED, ADDON_REMOVED,
COMMENT_ADDED, COMMENT_REMOVED, COMMENT_UPDATED,
MADE_CONTRIBUTOR_VISIBLE, MADE_CONTRIBUTOR_INVISIBLE,
EXTERNAL_IDS_ADDED, EMBARGO_APPROVED, EMBARGO_TERMINATED,
EMBARGO_CANCELLED, EMBARGO_COMPLETED, EMBARGO_INITIATED,
RETRACTION_APPROVED, RETRACTION_CANCELLED, RETRACTION_INITIATED,
REGISTRATION_APPROVAL_CANCELLED, REGISTRATION_APPROVAL_INITIATED,
REGISTRATION_APPROVAL_APPROVED, PREREG_REGISTRATION_INITIATED,
CITATION_ADDED, CITATION_EDITED, CITATION_REMOVED,
AFFILIATED_INSTITUTION_ADDED, AFFILIATED_INSTITUTION_REMOVED
]
action_choices = [(action, action.upper()) for action in actions]
date = models.DateTimeField(default=timezone.now,
db_index=True,
null=True,
blank=True) # auto_now_add=True)
action = models.CharField(max_length=255,
db_index=True,
choices=action_choices)
params = DateTimeAwareJSONField(default=dict)
should_hide = models.BooleanField(default=False)
user = models.ForeignKey('OSFUser',
related_name='logs',
db_index=True,
null=True,
blank=True)
foreign_user = models.CharField(max_length=255, null=True, blank=True)
node = models.ForeignKey('AbstractNode',
related_name='logs',
db_index=True,
null=True,
blank=True)
original_node = models.ForeignKey('AbstractNode',
db_index=True,
null=True,
blank=True)
def __unicode__(self):
return u'{} on {} by {} at {}'.format(self.action, self.node._id,
self.user._id, self.date)
class Meta:
ordering = ['-date']
get_latest_by = 'date'
@property
def absolute_api_v2_url(self):
path = '/logs/{}/'.format(self._id)
return api_v2_url(path)
def get_absolute_url(self):
return self.absolute_api_v2_url
@property
def absolute_url(self):
return self.absolute_api_v2_url
def clone_node_log(self, node_id):
"""
When a node is forked or registered, all logs on the node need to be
cloned for the fork or registration.
:param node_id:
:return: cloned log
"""
AbstractNode = apps.get_model('osf_models.AbstractNode')
original_log = self.load(self._id)
node = AbstractNode.load(node_id)
log_clone = original_log.clone()
log_clone.node = node
log_clone.original_node = original_log.original_node
log_clone.user = original_log.user
log_clone.save()
return log_clone