def set_id_verification_status(auth_entry, strategy, details, user=None, *args, **kwargs): # lint-amnesty, pylint: disable=keyword-arg-before-vararg
"""
Use the user's authentication with the provider, if configured, as evidence of their identity being verified.
"""
current_provider = provider.Registry.get_from_pipeline({'backend': strategy.request.backend.name, 'kwargs': kwargs})
if user and current_provider.enable_sso_id_verification:
# Get previous valid, non expired verification attempts for this SSO Provider and user
verifications = SSOVerification.objects.filter(
user=user,
status="approved",
created_at__gte=earliest_allowed_verification_date(),
identity_provider_type=current_provider.full_class_name,
identity_provider_slug=current_provider.slug,
)
# If there is none, create a new approved verification for the user.
if not verifications:
verification = SSOVerification.objects.create(
user=user,
status="approved",
name=user.profile.name,
identity_provider_type=current_provider.full_class_name,
identity_provider_slug=current_provider.slug,
)
# Send a signal so users who have already passed their courses receive credit
verification.send_approval_signal(current_provider.slug)
def set_id_verification_status(auth_entry,
strategy,
details,
user=None,
*args,
**kwargs):
"""
Use the user's authentication with the provider, if configured, as evidence of their identity being verified.
"""
current_provider = provider.Registry.get_from_pipeline({
'backend':
strategy.request.backend.name,
'kwargs':
kwargs
})
if user and current_provider.enable_sso_id_verification:
# Get previous valid, non expired verification attempts for this SSO Provider and user
verifications = SSOVerification.objects.filter(
user=user,
status="approved",
created_at__gte=earliest_allowed_verification_date(),
identity_provider_type=current_provider.full_class_name,
identity_provider_slug=current_provider.slug,
)
# If there is none, create a new approved verification for the user.
if not verifications:
SSOVerification.objects.create(
user=user,
status="approved",
name=user.profile.name,
identity_provider_type=current_provider.full_class_name,
identity_provider_slug=current_provider.slug,
)
def _generate_manual_verification_from_file(self, email_ids_file):
"""
Generate manual verification for the emails provided in the email ids file.
Arguments:
email_ids_file (str): path of the file containing email ids.
Returns:
(total_emails, failed_emails): a tuple containing count of emails processed and a list containing
emails whose verifications could not be processed.
"""
failed_emails = []
with open(email_ids_file, 'r') as file_handler:
email_ids = file_handler.readlines()
total_emails = len(email_ids)
log.info(u'Creating manual verification for {} emails.'.format(total_emails))
for email_id in email_ids:
try:
email_id = email_id.strip()
user = User.objects.get(email=email_id)
ManualVerification.objects.get_or_create(
user=user,
status='approved',
created_at__gte=earliest_allowed_verification_date(),
defaults={'name': user.profile.name},
)
except User.DoesNotExist:
failed_emails.append(email_id)
err_msg = u'Tried to verify email {}, but user not found'
log.error(err_msg.format(email_id))
return total_emails, failed_emails
def _generate_manual_verification_from_file(self, email_ids_file):
"""
Generate manual verification for the emails provided in the email ids file.
Arguments:
email_ids_file (str): path of the file containing email ids.
Returns:
(total_emails, failed_emails): a tuple containing count of emails processed and a list containing
emails whose verifications could not be processed.
"""
failed_emails = []
with open(email_ids_file, 'r') as file_handler:
email_ids = file_handler.readlines()
total_emails = len(email_ids)
log.info(u'Creating manual verification for {} emails.'.format(total_emails))
for email_id in email_ids:
try:
email_id = email_id.strip()
user = User.objects.get(email=email_id)
ManualVerification.objects.get_or_create(
user=user,
status='approved',
created_at__gte=earliest_allowed_verification_date(),
defaults={'name': user.profile.name},
)
except User.DoesNotExist:
failed_emails.append(email_id)
err_msg = u'Tried to verify email {}, but user not found'
log.error(err_msg.format(email_id))
return total_emails, failed_emails
def test_manual_verifications_created_date(self):
"""
Tests that the manual_verifications management command does not create a new verification
if a previous non-expired verification exists
"""
call_command('manual_verifications', '--email-ids-file', self.tmp_file_path)
verification1 = ManualVerification.objects.filter(
user=self.user1,
status='approved',
created_at__gte=earliest_allowed_verification_date()
)
call_command('manual_verifications', '--email-ids-file', self.tmp_file_path)
verification2 = ManualVerification.objects.filter(
user=self.user1,
status='approved',
created_at__gte=earliest_allowed_verification_date()
)
self.assertQuerysetEqual(verification1, [repr(r) for r in verification2])
def _add_user_to_manual_verification(self, email_id):
"""
Generates a single verification for a user.
Arguments:
email_id (str): email of the user to be verified
Returns:
(success): boolean to show if the user has been successfully verified.
"""
try:
user = User.objects.get(email=email_id)
ManualVerification.objects.get_or_create(
user=user,
status='approved',
created_at__gte=earliest_allowed_verification_date(),
defaults={'name': user.profile.name},
)
return True
except User.DoesNotExist:
log.error(f'Tried to verify email {email_id}, but user not found')
return False
def set_id_verification_status(auth_entry, strategy, details, user=None, *args, **kwargs):
"""
Use the user's authentication with the provider, if configured, as evidence of their identity being verified.
"""
current_provider = provider.Registry.get_from_pipeline({'backend': strategy.request.backend.name, 'kwargs': kwargs})
if user and current_provider.enable_sso_id_verification:
# Get previous valid, non expired verification attempts for this SSO Provider and user
verifications = SSOVerification.objects.filter(
user=user,
status="approved",
created_at__gte=earliest_allowed_verification_date(),
identity_provider_type=current_provider.full_class_name,
identity_provider_slug=current_provider.slug,
)
# If there is none, create a new approved verification for the user.
if not verifications:
SSOVerification.objects.create(
user=user,
status="approved",
name=user.profile.name,
identity_provider_type=current_provider.full_class_name,
identity_provider_slug=current_provider.slug,
)
def _add_users_to_manual_verification(self, email_ids):
"""
Generates a verification for a list of user emails.
Arguments:
email_ids (list): emails of the users to be verified
Returns:
failed_emails: list of emails for which a verification was not created
"""
verifications_to_create = []
users = User.objects.filter(email__in=email_ids)
user_existing_verification = {
v.user.id
for v in ManualVerification.objects.filter(
user__in=users,
status='approved',
created_at__gte=earliest_allowed_verification_date(),
)
}
for user in users:
if user.id not in user_existing_verification:
verifications_to_create.append(
ManualVerification(
user=user,
name=user.profile.name,
status='approved',
))
else:
log.info(
f'Skipping email {user.email}, existing verification found.'
)
ManualVerification.objects.bulk_create(verifications_to_create)
failed_emails = set(email_ids) - set(
users.values_list('email', flat=True))
return list(failed_emails)
