def update_preferences(username, **kwargs):
"""Update a user's preferences.
Sets the provided preferences for the given user.
Args:
username (unicode): The username of the account to retrieve.
Keyword Args:
**kwargs (unicode): Arbitrary key-value preference pairs
Returns:
None
Raises:
ProfileUserNotFound
"""
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
raise ProfileUserNotFound
else:
for key, value in kwargs.iteritems():
UserPreference.set_preference(user, key, value)
def update_preferences(username, **kwargs):
"""Update a user's preferences.
Sets the provided preferences for the given user.
Args:
username (unicode): The username of the account to retrieve.
Keyword Args:
**kwargs (unicode): Arbitrary key-value preference pairs
Returns:
None
Raises:
ProfileUserNotFound
"""
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
raise ProfileUserNotFound
else:
for key, value in kwargs.iteritems():
UserPreference.set_preference(user, key, value)
def test_language_in_session(self):
# language set in both the user preferences and session,
# session should get precedence
self.request.session['django_language'] = 'en'
UserPreference.set_preference(self.user, LANGUAGE_KEY, 'eo')
self.middleware.process_request(self.request)
self.assertEquals(self.request.session['django_language'], 'en')
def test_language_in_session(self):
# language set in both the user preferences and session,
# session should get precedence
self.request.session['django_language'] = 'en'
UserPreference.set_preference(self.user, LANGUAGE_KEY, 'eo')
self.middleware.process_request(self.request)
self.assertEquals(self.request.session['django_language'], 'en')
def test_user_with_locale_claim(self):
language = 'en'
UserPreference.set_preference(self.user, LANGUAGE_KEY, language)
scopes, claims = self.get_id_token_values('openid profile')
self.assertIn('profile', scopes)
locale = claims['locale']
self.assertEqual(language, locale)
def test_user_wit_locale_claim(self):
language = 'en'
UserPreference.set_preference(self.user, LANGUAGE_KEY, language)
scopes, claims = self.get_new_id_token_values('openid profile')
self.assertIn('profile', scopes)
locale = claims['locale']
self.assertEqual(language, locale)
def set_language(request):
"""
This view is called when the user would like to set a language preference
"""
user = request.user
lang_pref = request.POST.get('language', None)
if lang_pref:
UserPreference.set_preference(user, LANGUAGE_KEY, lang_pref)
return HttpResponse('{"success": true}')
return HttpResponseBadRequest('no language provided')
def test_get_set_preference(self):
# Checks that you can set a preference and get that preference later
# Also, tests that no preference is returned for keys that are not set
user = UserFactory.create()
key = 'testkey'
value = 'testvalue'
# does a round trip
UserPreference.set_preference(user, key, value)
pref = UserPreference.get_preference(user, key)
self.assertEqual(pref, value)
# get preference for key that doesn't exist for user
pref = UserPreference.get_preference(user, 'testkey_none')
self.assertIsNone(pref)
def test_get_set_preference(self):
# Checks that you can set a preference and get that preference later
# Also, tests that no preference is returned for keys that are not set
user = UserFactory.create()
key = 'testkey'
value = 'testvalue'
# does a round trip
UserPreference.set_preference(user, key, value)
pref = UserPreference.get_preference(user, key)
self.assertEqual(pref, value)
# get preference for key that doesn't exist for user
pref = UserPreference.get_preference(user, 'testkey_none')
self.assertIsNone(pref)
def test_language_in_user_prefs(self):
# language set in the user preferences and not the session
UserPreference.set_preference(self.user, LANGUAGE_KEY, 'eo')
self.middleware.process_request(self.request)
self.assertEquals(self.request.session['django_language'], 'eo')
def callback(request, next_page=None, required=False):
try:
if request.method != 'POST':
raise PermissionDenied('0005')
try:
# Verifies signature and expiry time
verified_jwt = jwt.decode(
request.POST['assertion'],
key=settings.AAF_SECRET,
# audience=settings.AAF_AUDIENCE,
# issuer=settings.AAF_ISSUER)
)
except jwt.ExpiredSignature:
# Security cookie has expired
raise PermissionDenied('0001')
# for PyJWT > 0.4.1:
'''
except jwt.InvalidAudience:
# Not for this audience
raise PermissionDenied('0004')
'''
# for older PyJWT:
if verified_jwt['aud'] != settings.AAF_AUDIENCE or verified_jwt['iss'] != settings.AAF_ISSUER:
raise PermissionDenied('0004')
import logging
logging.warning(verified_jwt)
# Verify that we haven't seen this jti value before (prevents replay
# attacks)
if 'jti' not in verified_jwt.keys():
raise PermissionDenied('0002')
jti = verified_jwt['jti']
if JTILog.objects.filter(jti=jti).exists():
# looks like replay
raise PermissionDenied('0003')
# add jti to the log
jl = JTILog(jti=jti)
jl.save()
attributes = verified_jwt['https://aaf.edu.au/attributes']
request.session['attributes'] = attributes
request.session['jwt'] = verified_jwt
request.session['jws'] = request.POST['assertion']
assert 'edupersonprincipalname' in attributes.keys(), 'edupersonprincipalname not in attributes'
# If you want to restrict access to your institution, fill in PRINCIPAL_NAME_RE and uncomment
# The first group should be the username
'''
match = PRINCIPAL_NAME_RE.match(attributes['edupersonprincipalname'])
if match is None:
# Principal name not in expected format
raise PermissionDenied('0006')
username = match.groups()[0]
'''
username = attributes['edupersonprincipalname'] # Remove this if you have a better/shorter username you'd like to use
email = attributes['edupersonprincipalname']
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
user = User.objects.create_user(
username=username,
email=email,
password=None) # non-usable password
user.save()
UserPreference.set_preference(user, LANGUAGE_KEY, get_language())
# blech - we're caching the user's name both in the Django User object
# and the edX UserProfile object, and we don't really want either.
# cache some attributes
# Django shouldn't touch the database if they haven't changed, so no perf issue
if 'givenname' in attributes.keys():
user.first_name = attributes['givenname']
if 'surname' in attributes.keys():
user.last_name = attributes['surname']
# This should only be done at user creation time. We do it here
# because we have some old entries in the database that we'd like to
# clean up automatically.
if 'edupersonprincipalname' in attributes.keys():
user.email = attributes['edupersonprincipalname']
user.save()
# Look up the UserProfile and update it
try:
profile = UserProfile.objects.get(user=user)
except UserProfile.DoesNotExist:
# create a new one
profile = UserProfile(user=user)
profile.save()
# update the profile's name
profile.update_name('%s %s' % (user.first_name, user.last_name))
create_comments_service_user(user)
# Temporary workaround: http://stackoverflow.com/a/23771930
user.backend = 'django.contrib.auth.backends.ModelBackend'
djauth.login(request, user)
# done!
if next_page:
return redirect(next_page)
else:
# If we're in lms, we want to go to dashboard. For cms, go to homepage.
print 'doing the fallback thing'
try:
return redirect('dashboard')
except NoReverseMatch:
return redirect('homepage')
except PermissionDenied as e:
if 'attributes' in request.session.keys():
del request.session['attributes']
djauth.logout(request)
# messages.add_message(request, messages.ERROR, 'Could not log you in (error %s). Please try again.' % e.message)
# bounce back to login page
# TODO you could bounce to a message page if the messages thing above doesn't integrate nicely
return redirect('dashboard') # TODO: probably better to send directly to index, but I can't find it
def test_language_in_user_prefs(self):
# language set in the user preferences and not the session
UserPreference.set_preference(self.user, LANGUAGE_KEY, 'eo')
self.middleware.process_request(self.request)
self.assertEquals(self.request.session['django_language'], 'eo')
