def get(self): user = users.get_current_user() if not user: self.redirect( users.create_login_url('/modules/admin'), normalize=False) return if not self.can_view(): login_url = users.create_login_url('/modules/admin') node_list = safe_dom.NodeList().append( safe_dom.Element('p').add_text( 'The current user has insufficient rights ' + 'to access this page.')) paragraph = safe_dom.Element('p').add_text('Go to the ') paragraph.append(safe_dom.A(href=login_url).add_text('Login page')) paragraph.add_text( ' to log in as an administrator, or go back to the ') paragraph.append(safe_dom.A(href='/').add_text('Home page')) paragraph.add_text('.') node_list.append(paragraph) self.response.write(node_list.sanitized) return super(WelcomeHandler, self).get()
def get(self): user = users.get_current_user() if not user: self.redirect( users.create_login_url('/modules/admin'), normalize=False) return if not self.can_view(): login_url = users.create_login_url('/modules/admin') node_list = safe_dom.NodeList().append( safe_dom.Element('p').add_text( 'The current user has insufficient rights ' + 'to access this page.')) paragraph = safe_dom.Element('p').add_text('Go to the ') paragraph.append(safe_dom.A(href=login_url).add_text('Login page')) paragraph.add_text( ' to log in as an administrator, or go back to the ') paragraph.append(safe_dom.A(href='/').add_text('Home page')) paragraph.add_text('.') node_list.append(paragraph) self.response.write(node_list.sanitized) self.response.set_status(403) return super(WelcomeHandler, self).get()
def test_create_login_url_no_dest_url(self): self.runtime_config.enabled = True gitkit.Runtime.set_current_runtime_config(self.runtime_config) self.assertEquals( 'http://localhost:80/modules/gitkit/widget?mode=select', users.create_login_url())
def personalize_page_and_get_user(self): """If the user exists, add personalized fields to the navbar.""" user = self.get_user() PageInitializerService.get().initialize(self.template_value) if hasattr(self, 'app_context'): self.template_value['can_register'] = self.app_context.get_environ( )['reg_form']['can_register'] if user: email = user.email() self.template_value['email_no_domain_name'] = ( email[:email.find('@')] if '@' in email else email) self.template_value['email'] = email self.template_value['logoutUrl'] = ( users.create_logout_url(self.request.uri)) self.template_value['transient_student'] = False # configure page events self.template_value['record_tag_events'] = ( CAN_PERSIST_TAG_EVENTS.value) self.template_value['record_page_events'] = ( CAN_PERSIST_PAGE_EVENTS.value) self.template_value['record_events'] = ( CAN_PERSIST_ACTIVITY_EVENTS.value) self.template_value['event_xsrf_token'] = ( XsrfTokenManager.create_xsrf_token('event-post')) else: self.template_value['loginUrl'] = users.create_login_url( self.request.uri) self.template_value['transient_student'] = True return None return user
def post(self): """Handles POST requests.""" user = self.personalize_page_and_get_user() if not user: self.redirect( users.create_login_url(self.request.uri), normalize=False) return if not self.assert_xsrf_token_or_fail(self.request, 'register-post'): return can_register = self.app_context.get_environ( )['reg_form']['can_register'] if not can_register: self.redirect('/course#registration_closed') return if 'name_from_profile' in self.request.POST.keys(): profile = StudentProfileDAO.get_profile_by_user_id(user.user_id()) name = profile.nick_name else: name = self.request.get('form01') Student.add_new_student_for_current_user( name, transforms.dumps(self.request.POST.items()), self, labels=self.request.get('labels')) # Render registration confirmation page self.redirect('/course#registration_confirmation')
def personalize_page_and_get_enrolled( self, supports_transient_student=False): """If the user is enrolled, add personalized fields to the navbar.""" user = self.personalize_page_and_get_user() if user is None: student = TRANSIENT_STUDENT else: student = Student.get_enrolled_student_by_user(user) if not student: self.template_value['transient_student'] = True student = TRANSIENT_STUDENT if student.is_transient: if supports_transient_student and ( self.app_context.get_environ()['course']['browsable']): return TRANSIENT_STUDENT elif user is None: self.redirect( users.create_login_url(self.request.uri), normalize=False ) return None else: self.redirect('/preview') return None # Patch Student models which (for legacy reasons) do not have a user_id # attribute set. if not student.user_id: student.user_id = user.user_id() student.put() return student
def get(self): email = self.request.get('email') if email: signature = self.request.get('s') if signature != _get_signature(self, email): self.error(401) return else: # If no email and signature is provided, unsubscribe will prompt # for login. NOTE: This is only intended to support access by users # who are known to have already registered with Course Builder. In # general subscription management should use the encoded email and # signature as this places the minimum burden on the user when # unsubscribing (ie no need for Google account, no need for login). user = self.get_user() if user is None: self.redirect(users.create_login_url(self.request.uri)) return email = user.email() action = self.request.get('action') if action == self.RESUBSCRIBE_ACTION: set_subscribed(email, True) template_file = 'resubscribe.html' else: set_subscribed(email, False) template_file = 'unsubscribe.html' self.template_value['resubscribe_url'] = get_resubscribe_url( self, email) self.template_value['navbar'] = {} self.template_value['email'] = email template = self.get_template(template_file, [TEMPLATES_DIR]) self.response.out.write(template.render(self.template_value))
def test_create_login_url_no_dest_url(self): self.runtime_config.enabled = True gitkit.Runtime.set_current_runtime_config(self.runtime_config) self.assertEquals( 'http://localhost:80/modules/gitkit/widget?mode=select', users.create_login_url())
def get(self): email = self.request.get('email') if email: signature = self.request.get('s') if signature != _get_signature(self, email): self.error(401) return else: # If no email and signature is provided, unsubscribe will prompt # for login. NOTE: This is only intended to support access by users # who are known to have already registered with Course Builder. In # general subscription management should use the encoded email and # signature as this places the minimum burden on the user when # unsubscribing (ie no need for Google account, no need for login). user = self.get_user() if user is None: self.redirect(users.create_login_url(self.request.uri)) return email = user.email() action = self.request.get('action') if action == self.RESUBSCRIBE_ACTION: set_subscribed(email, True) template_file = 'resubscribe.html' else: set_subscribed(email, False) template_file = 'unsubscribe.html' self.template_value[ 'resubscribe_url'] = get_resubscribe_url(self, email) self.template_value['navbar'] = {} self.template_value['email'] = email template = self.get_template(template_file, [TEMPLATES_DIR]) self.response.out.write(template.render(self.template_value))
def personalize_page_and_get_user(self): """If the user exists, add personalized fields to the navbar.""" user = self.get_user() PageInitializerService.get().initialize(self.template_value) if hasattr(self, "app_context"): self.template_value["can_register"] = self.app_context.get_environ()["reg_form"]["can_register"] if user: email = user.email() self.template_value["email_no_domain_name"] = email[: email.find("@")] if "@" in email else email self.template_value["email"] = email self.template_value["logoutUrl"] = users.create_logout_url(self.request.uri) self.template_value["transient_student"] = False # configure page events self.template_value["record_tag_events"] = CAN_PERSIST_TAG_EVENTS.value self.template_value["record_page_events"] = CAN_PERSIST_PAGE_EVENTS.value self.template_value["record_events"] = CAN_PERSIST_ACTIVITY_EVENTS.value self.template_value["event_xsrf_token"] = XsrfTokenManager.create_xsrf_token("event-post") else: self.template_value["loginUrl"] = users.create_login_url(self.request.uri) self.template_value["transient_student"] = True return None return user
def get(self): """Handles GET request.""" user = self.personalize_page_and_get_user() if not user: self.redirect(users.create_login_url(self.request.uri), normalize=False) return student = Student.get_enrolled_student_by_user(user) if student: self.redirect("/course") return can_register = self.app_context.get_environ()["reg_form"]["can_register"] if not can_register: self.redirect("/course#registration_closed") return # pre-fill nick name from the profile if available self.template_value["current_name"] = "" profile = StudentProfileDAO.get_profile_by_user_id(user.user_id()) if profile and profile.nick_name: self.template_value["current_name"] = profile.nick_name self.template_value["navbar"] = {} self.template_value["transient_student"] = True self.template_value["register_xsrf_token"] = XsrfTokenManager.create_xsrf_token("register-post") alternate_content = [] for hook in self.PREVENT_REGISTRATION_HOOKS: alternate_content.extend(hook(self.app_context, user.user_id())) self.template_value["alternate_content"] = alternate_content self.render("register.html")
def get(self): """Handles GET request.""" user = self.personalize_page_and_get_user() if not user: self.redirect( users.create_login_url(self.request.uri), normalize=False) return student = Student.get_enrolled_student_by_email(user.email()) if student: self.redirect('/course') return can_register = self.app_context.get_environ( )['reg_form']['can_register'] if not can_register: self.redirect('/course#registration_closed') return # pre-fill nick name from the profile if available self.template_value['current_name'] = '' profile = StudentProfileDAO.get_profile_by_user_id(user.user_id()) if profile and profile.nick_name: self.template_value['current_name'] = profile.nick_name self.template_value['navbar'] = {} self.template_value['transient_student'] = True self.template_value['register_xsrf_token'] = ( XsrfTokenManager.create_xsrf_token('register-post')) self.render('register.html')
def test_create_login_url_with_dest_url(self): self.runtime_config.enabled = True gitkit.Runtime.set_current_runtime_config(self.runtime_config) self.assertEquals( ('http://localhost:80/modules/gitkit/widget?' 'signInSuccessUrl=http%3A%2F%2Ffoo%3Fbar%3Db+az&mode=select'), users.create_login_url(dest_url='http://foo?bar=b az'))
def test_create_login_url_falls_back_to_gae_if_not_enabled(self): self.runtime_config.enabled = False gitkit.Runtime.set_current_runtime_config(self.runtime_config) gitkit.Runtime.set_current_token('token') self.assertEquals(('https://www.google.com/accounts/Login?' 'continue=http%3A//localhost/'), users.create_login_url())
def test_create_login_url_with_dest_url(self): self.runtime_config.enabled = True gitkit.Runtime.set_current_runtime_config(self.runtime_config) self.assertEquals( ('http://localhost:80/modules/gitkit/widget?' 'signInSuccessUrl=http%3A%2F%2Ffoo%3Fbar%3Db+az&mode=select'), users.create_login_url(dest_url='http://foo?bar=b az'))
def get(self): user = users.get_current_user() if not user: self.redirect(users.create_login_url('/admin/welcome'), normalize=False) return if not self.can_view(): return super(WelcomeHandler, self).get()
def get(self): user = users.get_current_user() if not user: self.redirect( users.create_login_url('/admin/welcome'), normalize=False) return if not self.can_view(): return super(WelcomeHandler, self).get()
def test_create_login_url_falls_back_to_gae_if_not_enabled(self): self.runtime_config.enabled = False gitkit.Runtime.set_current_runtime_config(self.runtime_config) gitkit.Runtime.set_current_token('token') self.assertEquals( ('https://www.google.com/accounts/Login?' 'continue=http%3A//localhost/'), users.create_login_url())
def test_create_login_url_delegates_to_gae_users_service(self): users_result = users.create_login_url( dest_url=self.destination_url, _auth_domain='is_ignored', federated_identity='federated_identity') gae_users_result = gae_users.create_login_url( dest_url=self.destination_url, _auth_domain='is_ignored', federated_identity='federated_identity') self.assert_service_results_equal_and_not_none( users_result, gae_users_result)
def get(self): action = self.request.get('action') if action: destination = '%s?action=%s' % (self.URL, action) else: destination = self.URL user = users.get_current_user() if not user: self.redirect(users.create_login_url(destination), normalize=False) return if not can_view_admin_action(action): if appengine_config.PRODUCTION_MODE: self.error(403) else: self.redirect( users.create_login_url(destination), normalize=False) return if action not in self._custom_get_actions: config.Registry.get_overrides(force_update=True) super(GlobalAdminHandler, self).get() return result = self._custom_get_actions[action].handler(self) if result is None: return # The following code handles pages for actions that do not write out # their responses. template_values = { 'page_title': self.format_title(self.get_nav_title(action)), } if isinstance(result, dict): template_values.update(result) else: template_values['main_content'] = result self.render_page(template_values) return
def get(self): action = self.request.get('action') if action: destination = '%s?action=%s' % (self.URL, action) else: destination = self.URL user = users.get_current_user() if not user: self.redirect(users.create_login_url(destination), normalize=False) return if not can_view_admin_action(action): if appengine_config.PRODUCTION_MODE: self.error(403) else: self.redirect( users.create_login_url(destination), normalize=False) return if action not in self._custom_get_actions: config.Registry.get_overrides(force_update=True) super(GlobalAdminHandler, self).get() return result = self._custom_get_actions[action].handler(self) if result is None: return # The following code handles pages for actions that do not write out # their responses. template_values = { 'page_title': self.format_title(self.get_nav_title(action)), } if isinstance(result, dict): template_values.update(result) else: template_values['main_content'] = result self.render_page(template_values) return
def get(self): action = self.request.get('action') if action: destination = '%s?action=%s' % (self.URL, action) else: destination = self.URL user = users.get_current_user() login_url = users.create_login_url(destination) if not user: self.redirect(login_url, normalize=False) return if not can_view_admin_action(action): node_list = safe_dom.NodeList().append( safe_dom.Element('p').add_text( 'The current user has insufficient rights ' + 'to access this page.')) paragraph = safe_dom.Element('p').add_text('Go to the ') paragraph.append(safe_dom.A(href=login_url).add_text('Login page')) paragraph.add_text( ' to log in as an administrator, or go back to the ') paragraph.append(safe_dom.A(href='/').add_text('Home page')) paragraph.add_text('.') node_list.append(paragraph) self.response.write(node_list.sanitized) self.response.set_status(403) return if action not in self._custom_get_actions: config.Registry.get_overrides(force_update=True) super(GlobalAdminHandler, self).get() return result = self._custom_get_actions[action].handler(self) if result is None: return # The following code handles pages for actions that do not write out # their responses. template_values = { 'page_title': self.format_title(self.get_nav_title(action)), } if isinstance(result, dict): template_values.update(result) else: template_values['main_content'] = result self.render_page(template_values) return
def test_create_login_url_delegates_to_gae_users_service(self): users_result = users.create_login_url( dest_url=self.destination_url, _auth_domain='is_ignored', federated_identity='federated_identity') gae_users_result = gae_users.create_login_url( dest_url=self.destination_url, _auth_domain='is_ignored', federated_identity='federated_identity') self.assert_service_results_equal_and_not_none(users_result, gae_users_result)
def get(self): continue_url = str(self.request.get('continue')) if not continue_url: self.error(400, 'Missing required continue parameter') return if users.get_current_user(): self.redirect(continue_url) else: self.redirect(users.create_login_url('%s?%s' % ( _ENSURE_SESSION_URL, urllib.urlencode({'continue': continue_url}))))
def get(self): continue_url = str(self.request.get('continue')) if not continue_url: self.error(400, 'Missing required continue parameter') return if users.get_current_user(): self.redirect(continue_url) else: self.redirect(users.create_login_url('%s?%s' % ( _ENSURE_SESSION_URL, urllib.urlencode({'continue': continue_url}))))
def initialize_page_and_get_user(self): """Add basic fields to template and return user.""" self.template_values['course_info'] = Courses.COURSE_TEMPLATE_DICT self.template_values['course_info']['course'] = { 'locale': self.get_locale_for_user()} user = users.get_current_user() if not user: self.template_values['loginUrl'] = users.create_login_url('/') else: self.template_values['email'] = user.email() self.template_values['is_super_admin'] = Roles.is_super_admin() self.template_values['logoutUrl'] = users.create_logout_url('/') return user
def initialize_page_and_get_user(self): """Add basic fields to template and return user.""" self.template_values['course_info'] = Courses.COURSE_TEMPLATE_DICT self.template_values['course_info']['course'] = { 'locale': self.get_locale_for_user() } user = users.get_current_user() if not user: self.template_values['loginUrl'] = users.create_login_url('/') else: self.template_values['email'] = user.email() self.template_values['is_super_admin'] = Roles.is_super_admin() self.template_values['logoutUrl'] = users.create_logout_url('/') return user
def get(self): tab = self.request.get('tab') if tab: destination = '%s?tab=%s' % (self.LINK_URL, tab) else: destination = self.LINK_URL user = users.get_current_user() if not user: self.redirect(users.create_login_url(destination), normalize=False) return if not self.can_view(self.ACTION): if appengine_config.PRODUCTION_MODE: self.error(403) else: self.redirect(users.create_login_url(destination), normalize=False) return # Force reload of properties. It's expensive, but admin deserves it! config.Registry.get_overrides(force_update=True) super(GlobalAdminHandler, self).get()
def get(self): tab = self.request.get('tab') if tab: destination = '%s?tab=%s' % (self.LINK_URL, tab) else: destination = self.LINK_URL user = users.get_current_user() if not user: self.redirect(users.create_login_url(destination), normalize=False) return if not self.can_view(self.ACTION): if appengine_config.PRODUCTION_MODE: self.error(403) else: self.redirect( users.create_login_url(destination), normalize=False) return # Force reload of properties. It's expensive, but admin deserves it! config.Registry.get_overrides(force_update=True) super(GlobalAdminHandler, self).get()
def __init__(self, request, response): # pylint: disable=super-init-not-called self.initialize(request, response) # Check to see if the current user is admin self.is_admin = users.is_current_user_admin() # Store the original namespace, before setting the course specific one. self.old_namespace = namespace_manager.get_namespace() # Set the active namespace to the course domain namespace try: sites.set_path_info(self.request.path, self.request.server_name) except AttributeError as e: logging.error(e) namespace = namespace_manager.get_namespace() if namespace: self.app_context = sites.get_course_for_current_request() self.is_admin = roles.Roles.is_course_admin(self.app_context) is_public = self.app_context.now_available if self.is_admin is False and is_public is False: # if course is private, and user has not logged in, redirect to login # else if user is logged in and not admin, 404 if not users.get_current_user(): self.redirect(users.create_login_url(self.request.path)) else: self.abort(404) # Set the current user with their preferences self.student = StudentSvc.get_current_student() if self.student: self.student.prefs = StudentSvc.get_current_user_preferences() if self.current_user: self._xsrf_token = xsrf.GenerateToken(_GetXsrfKey(), self.current_user.email()) self.response.set_cookie('XSRF-TOKEN', self._xsrf_token, httponly=False) else: self._xsrf_token = None self._RawWrite = self.response.out.write # Get a session store for this request. self.session_store = sessions.get_store(request=self.request) # Set the active locale self.locale_key = LocaleSvc.get_locale_key('en_GB')
def get(self): email = self.request.get('email') if email: signature = self.request.get('s') if signature != _get_signature(self, email): self.error(401) return else: # If no email and signature is provided, unsubscribe will prompt # for login. NOTE: This is only intended to support access by users # who are known to have already registered with Course Builder. In # general subscription management should use the encoded email and # signature as this places the minimum burden on the user when # unsubscribing (ie no need for Google account, no need for login). user = self.get_user() if user is None: self.redirect(users.create_login_url(self.request.uri)) return email = user.email() action = self.request.get('action') if action == self.RESUBSCRIBE_ACTION: set_subscribed(email, True) template_file = 'resubscribe.html' else: set_subscribed(email, False) template_file = 'unsubscribe.html' self.template_value['resubscribe_url'] = get_resubscribe_url( self, email) self.template_value['navbar'] = {} self.template_value['email'] = email # Suppress use of Google Analytics on sub/unsub pages; URL may # contain unencrypted user email. We want to prevent GA from # indadvertently collecting personally identifiable information # as part of its usual trawling through URL parameters. self.template_value['suppress_analytics'] = 'True' template = self.get_template(template_file, [TEMPLATES_DIR]) self.response.out.write(template.render(self.template_value))
def get(self): email = self.request.get('email') if email: signature = self.request.get('s') if signature != _get_signature(self, email): self.error(401) return else: # If no email and signature is provided, unsubscribe will prompt # for login. NOTE: This is only intended to support access by users # who are known to have already registered with Course Builder. In # general subscription management should use the encoded email and # signature as this places the minimum burden on the user when # unsubscribing (ie no need for Google account, no need for login). user = self.get_user() if user is None: self.redirect(users.create_login_url(self.request.uri)) return email = user.email() action = self.request.get('action') if action == self.RESUBSCRIBE_ACTION: set_subscribed(email, True) template_file = 'resubscribe.html' else: set_subscribed(email, False) template_file = 'unsubscribe.html' self.template_value[ 'resubscribe_url'] = get_resubscribe_url(self, email) self.template_value['navbar'] = {} self.template_value['email'] = email # Suppress use of Google Analytics on sub/unsub pages; URL may # contain unencrypted user email. We want to prevent GA from # indadvertently collecting personally identifiable information # as part of its usual trawling through URL parameters. self.template_value['suppress_analytics'] = 'True' template = self.get_template(template_file, [TEMPLATES_DIR]) self.response.out.write(template.render(self.template_value))
def personalize_page_and_get_enrolled(self, supports_transient_student=False): """If the user is enrolled, add personalized fields to the navbar.""" user = self.personalize_page_and_get_user() if user is None: student = TRANSIENT_STUDENT else: student = Student.get_enrolled_student_by_user(user) if not student: self.template_value["transient_student"] = True student = TRANSIENT_STUDENT if student.is_transient: if supports_transient_student and (self.app_context.get_environ()["course"]["browsable"]): return TRANSIENT_STUDENT elif user is None: self.redirect(users.create_login_url(self.request.uri), normalize=False) return None else: self.redirect("/preview") return None return student
def get_login_url(self, return_url): query = {fields.LAUNCH_PRESENTATION_RETURN_URL: return_url} return users.create_login_url( dest_url='%s?%s' % (_urljoin(self.get_base_url(), _REDIRECT_URL), urllib.urlencode(query)))
def _get_absolute_sign_in_url(self): return users.create_login_url(self.request.host_url + _FINISH_AUTH_URL)
def resolve_login_url(self, args, info): return users.create_login_url(dest_url=args['dest_url'])
def resolve_login_url(self, args, info): return users.create_login_url(dest_url=args['dest_url'])
def test_create_login_url_falls_back_to_gae_if_no_runtime_config(self): self.assertEquals(('https://www.google.com/accounts/Login?' 'continue=http%3A//localhost/'), users.create_login_url())
def _get_absolute_sign_in_url(self): return users.create_login_url( self.request.host_url + _FINISH_AUTH_URL)
def test_create_login_url_falls_back_to_gae_if_no_runtime_config(self): self.assertEquals( ('https://www.google.com/accounts/Login?' 'continue=http%3A//localhost/'), users.create_login_url())