def authenticate(self, email, username, password, options): """ See abstract method documentation. """ if not options['redact_username_in_logs']: log.debug("LDAP authenticate: email is %s", email) log.debug("LDAP authenticate: username is %s", username) log.debug("LDAP authenticate: options are %s", options) failure_mode, params = self.ldap_search(email, username, options) if not params: return failure_mode, '', '' # allow to skip authentication to allow for pre-populating users if not options.get('no_password_check', False): params['password'] = password if not self._authenticate(params, options): return failure_mode, '', '' # check whether the user is a member of a specified group/domain/... if 'search-memberof-filter' in options: search_filter = _get_subs(options, 'search-memberof-filter', params) if not any(search_filter in ad_node_name for ad_node_name in params['memberOf']): return failure_mode, '', '' attributes = {} if self.auto_create_roles_or_groups: attributes['roles'] = params[self.role_search_option] return (True, _get_subs(options, 'auto-register-email', params), transform_publicname( _get_subs(options, 'auto-register-username', params)), attributes)
def create(self, trans, cntrller='user', redirect_url='', refresh_frames=[], **kwd): params = util.Params(kwd) # If the honeypot field is not empty we are dealing with a bot. honeypot_field = params.get('bear_field', '') if honeypot_field != '': return trans.show_error_message( "You've been flagged as a possible bot. If you are not, please try registering again and fill the form out carefully. <a target=\"_top\" href=\"%s\">Go to the home page</a>." ) % url_for('/') message = util.restore_text(params.get('message', '')) status = params.get('status', 'done') use_panels = util.string_as_bool(kwd.get('use_panels', True)) email = util.restore_text(params.get('email', '')) # Do not sanitize passwords, so take from kwd # instead of params ( which were sanitized ) password = kwd.get('password', '') confirm = kwd.get('confirm', '') username = util.restore_text(params.get('username', '')) subscribe = params.get('subscribe', '') subscribe_checked = CheckboxField.is_checked(subscribe) referer = trans.request.referer or '' redirect = kwd.get('redirect', referer).strip() is_admin = trans.user_is_admin success = False show_user_prepopulate_form = False if not trans.app.config.allow_user_creation and not trans.user_is_admin: message = 'User registration is disabled. Please contact your local Galaxy administrator for an account.' if trans.app.config.error_email_to is not None: message += ' Contact: %s' % trans.app.config.error_email_to status = 'error' else: # check user is allowed to register message, status = trans.app.auth_manager.check_registration_allowed( email, username, password) if not message: # Create the user, save all the user info and login to Galaxy if params.get('create_user_button', False): # Check email and password validity message = self.__validate(trans, email, password, confirm, username) if not message: # All the values are valid message, status, user, success = self.__register( trans, subscribe_checked=subscribe_checked, **kwd) if success and not is_admin: # The handle_user_login() method has a call to the history_set_default_permissions() method # (needed when logging in with a history), user needs to have default permissions set before logging in trans.handle_user_login(user) trans.log_event("User created a new account") trans.log_event("User logged in") else: status = 'error' registration_warning_message = trans.app.config.registration_warning_message if success: if is_admin: redirect_url = web.url_for( '/admin/users?status=success&message=Created new user account.' ) else: redirect_url = web.url_for('/') return trans.fill_template( '/webapps/tool_shed/user/register.mako', cntrller=cntrller, email=email, username=transform_publicname(trans, username), subscribe_checked=subscribe_checked, show_user_prepopulate_form=show_user_prepopulate_form, use_panels=use_panels, redirect=redirect, redirect_url=redirect_url, refresh_frames=refresh_frames, registration_warning_message=registration_warning_message, message=message, status=status)