def verify_nin(request, user, new_nin, reference): log.info('Trying to verify NIN for user {!r}.'.format(user)) log.debug('NIN: {!s}.'.format(new_nin)) # Start by removing nin from any other user old_user_docs = request.db.profiles.find({ 'norEduPersonNIN': new_nin }) steal_count = 0 for old_user_doc in old_user_docs: old_user = User(old_user_doc) if old_user: log.debug('Found old user {!r} with NIN ({!s}) already verified.'.format(old_user, new_nin)) log.debug('Old user NINs BEFORE: {!r}.'.format(old_user.get_nins())) nins = [nin for nin in old_user.get_nins() if nin != new_nin] old_user.set_nins(nins) log.debug('Old user NINs AFTER: {!r}.'.format(old_user.get_nins())) log.debug('Old user addresses BEFORE: {!r}.'.format(old_user.get_addresses())) addresses = [a for a in old_user.get_addresses() if not a['verified']] old_user.set_addresses(addresses) log.debug('Old user addresses AFTER: {!r}.'.format(old_user.get_addresses())) old_user.retrieve_modified_ts(request.db.profiles) old_user.save(request) log.info('Removed NIN and associated addresses from user {!r}.'.format(old_user)) steal_count += 1 # Add the verified nin to the requesting user user.add_verified_nin(new_nin) user.retrieve_address(request, new_nin) # Connect the verification to the transaction audit log request.msgrelay.postal_address_to_transaction_audit_log(reference) # Reset session eduPersonIdentityProofing on NIN verification request.session['eduPersonIdentityProofing'] = None log.info('NIN verified for user {!r}.'.format(user)) request.stats.count('dashboard/verify_nin_stolen', steal_count) request.stats.count('dashboard/verify_nin_completed', 1) return user, _('National identity number {obj} verified')
def test_steal_verified_nin(self): self.set_logged(user='******') response_form = self.testapp.get('/profile/nins/') form = response_form.forms[self.formname] nin = '197801011234' form['norEduPersonNIN'].value = nin from eduiddashboard.msgrelay import MsgRelay with patch.multiple(MsgRelay, nin_validator=return_true, nin_reachable=return_true): response = form.submit('add') self.assertEqual(response.status, '200 OK') old_user = self.db.profiles.find_one({'_id': ObjectId('012345678901234567890123')}) old_user = User(old_user) self.assertIn(nin, old_user.get_nins()) nin_doc = self.db.verifications.find_one({ 'model_name': 'norEduPersonNIN', 'user_oid': ObjectId('901234567890123456789012'), 'obj_id': nin }) with patch.object(MsgRelay, 'get_postal_address', clear=True): MsgRelay.get_postal_address.return_value = { 'Address2': u'StreetName 104', 'PostalCode': u'74142', 'City': u'STOCKHOLM', } with patch.object(MsgRelay, 'postal_address_to_transaction_audit_log'): MsgRelay.postal_address_to_transaction_audit_log.return_value = True response = self.testapp.post( '/profile/nins-actions/', {'identifier': '197801011234 0', 'action': 'verify', 'code': nin_doc['code']} ) response_json = json.loads(response.body) self.assertEqual(response_json['result'], 'ok') old_user = self.db.profiles.find_one({'_id': ObjectId('012345678901234567890123')}) old_user = User(old_user) self.assertNotIn(nin, old_user.get_nins())
def add_success_other(self, ninform): newnin = self.schema.serialize(ninform) newnin = newnin['norEduPersonNIN'] newnin = normalize_nin(newnin) old_user = self.request.db.profiles.find_one({ 'norEduPersonNIN': newnin }) if old_user: old_user = User(old_user) nins = [nin for nin in old_user.get_nins() if nin != newnin] old_user.set_nins(nins) addresses = [a for a in old_user.get_addresses() if not a['verified']] old_user.set_addresses(addresses) old_user.save(self.request) nins = self.user.get_nins() nins.append(newnin) self.user.set_nins(nins) # Save the state in the verifications collection save_as_verificated(self.request, 'norEduPersonNIN', self.user.get_id(), newnin) self.user.save(self.request) self.request.session.flash(_('Changes saved'), queue='forms')
def add_success_other(self, ninform): newnin = self.schema.serialize(ninform) newnin = newnin['norEduPersonNIN'] newnin = normalize_nin(newnin) old_user = self.request.db.profiles.find_one({ 'norEduPersonNIN': newnin }) if old_user: old_user = User(old_user) old_user.retrieve_modified_ts(self.request.db.profiles) nins = [nin for nin in old_user.get_nins() if nin != newnin] old_user.set_nins(nins) addresses = [a for a in old_user.get_addresses() if not a['verified']] old_user.set_addresses(addresses) old_user.save(self.request) nins = self.user.get_nins() nins.append(newnin) self.user.set_nins(nins) self.user.retrieve_address(self.request, newnin) try: self.user.save(self.request) except UserOutOfSync: message = _('User data out of sync. Please try again.') else: message = _('Your national identity number has been confirmed') # Save the state in the verifications collection save_as_verified(self.request, 'norEduPersonNIN', self.user.get_id(), newnin) self.request.session.flash( get_localizer(self.request).translate(message), queue='forms') self.request.stats.count('dashboard/nin_add_other', 1)
def verificate_code(request, model_name, code): unverified = request.db.verifications.find_one( { "model_name": model_name, "code": code, }) if not unverified: msg = "Could not find un-verified code {!r}, model {!r}" log.debug(msg.format(code, model_name)) return obj_id = unverified['obj_id'] if obj_id: msg = "Code {!r} ({!s}) marked as verified" log.debug(msg.format(code, str(obj_id))) user = request.userdb.get_user_by_oid(unverified['user_oid']) old_verified = request.db.verifications.find_and_modify( { "model_name": model_name, "obj_id": unverified['obj_id'], "verified": True }, remove=True) old_user = None if old_verified: old_user = request.userdb.get_user_by_oid(old_verified['user_oid']) if model_name == 'norEduPersonNIN': if not old_user: old_user_doc = request.db.profiles.find_one({ 'norEduPersonNIN': obj_id }) if old_user_doc: old_user = User(old_user_doc) if old_user: nins = [nin for nin in old_user.get_nins() if nin != obj_id] old_user.set_nins(nins) addresses = [a for a in old_user.get_addresses() if not a['verified']] old_user.set_addresses(addresses) user.add_verified_nin(obj_id) user.retrieve_address(request, obj_id) # Reset session eduPersonIdentityProofing on NIN verification request.session['eduPersonIdentityProofing'] = None msg = _('National identity number {obj} verified') elif model_name == 'mobile': if not old_user: old_user_doc = request.db.profiles.find_one({ 'mobile': {'$elemMatch': {'mobile': obj_id, 'verified': True}} }) if old_user_doc: old_user = User(old_user_doc) if old_user: mobiles = [m for m in old_user.get_mobiles() if m['mobile'] != obj_id] old_user.set_mobiles(mobiles) user.add_verified_mobile(obj_id) msg = _('Mobile {obj} verified') elif model_name == 'mailAliases': if not old_user: old_user_doc = request.db.profiles.find_one({ 'mailAliases': {'email': obj_id, 'verified': True} }) if old_user_doc: old_user = User(old_user_doc) if old_user: if old_user.get_mail() == obj_id: old_user.set_mail('') mails = [m for m in old_user.get_mail_aliases() if m['email'] != obj_id] old_user.set_mail_aliases(mails) user.add_verified_email(obj_id) msg = _('Email {obj} verified') request.session.flash(msg.format(obj=obj_id), queue='forms') user.save(request) if old_user: old_user.save(request) request.db.verifications.update({'_id': unverified['_id']}, {'verified': True}) return obj_id