def validate(self, attrs): if not self.organization_uuid: raise WsRestNonFieldException('No Organization uuid supplied.') if not self.domain_file or not self.domain_file.name.endswith('.csv'): raise WsRestNonFieldException('Supported file types for uploading domain name are: csv') organization = Organization.objects.filter(uuid=self.organization_uuid).first() if organization: try: #For every row in the file, attempt to add the network for network_row in DictReader(self.domain_file): name = network_row['domain'] domainName = DomainName ( name = name, organization = organization ) domainName.save() except IntegrityError as ie: raise WsRestNonFieldException('Uploaded file contains a domain name that already exists.') except Exception as e: raise WsRestNonFieldException(e.message) else: raise WsRestNonFieldException('No Organization with that uuid found.') return attrs
def validate(self, attrs): if not self.organization_uuid: raise WsRestNonFieldException('No Organization uuid supplied.') if not self.range_file or not self.range_file.name.endswith('.csv'): raise WsRestNonFieldException('Supported file types for uploading network ranges are: csv') organization = Organization.objects.filter(uuid=self.organization_uuid).first() if organization: try: #For every row in the file, attempt to add the network for network_row in DictReader(self.range_file): name = network_row['name'] address = network_row['address'] mask = int(network_row['mask']) new_network = Network ( name = name, address = address, mask_length = mask, organization = organization ) new_network.save() except IntegrityError as ie: raise WsRestNonFieldException('Uploaded file contains a network range that already exists.') except Exception as e: raise WsRestNonFieldException(e.message) else: raise WsRestNonFieldException('No Organization with that uuid found.') return attrs
def validate(self, attrs): email_token = attrs.get('email_token') user_uuid = attrs.get('user_uuid') first_name = attrs.get('first_name') last_name = attrs.get('last_name') password = attrs.get('password') if not UserModel.validate_password_complexity(password): raise WsRestNonFieldException( UserModel.INVALID_PASSWORD_COMPLEXITY_ERROR_MESSAGE) user = get_object_or_404(UserModel, pk=user_uuid) if user: if str(user.email_registration_code) == str(email_token): # The email code is valid, setup account information and validate user user.first_name = first_name user.last_name = last_name user.email_verified = True user.save() user.set_password(password) user.save() else: # Found a user but invalid registration code raise WsRestNonFieldException( 'Invalid email registration code.') else: # No user with that uuid, but same error message, # we don't want to expose unnessecary information raise WsRestNonFieldException('Invalid email registration code.') return attrs
def create(self, validated_data): is_valid_password = UserModel.validate_password_complexity( validated_data['password']) if not is_valid_password: raise WsRestNonFieldException( UserModel.INVALID_PASSWORD_COMPLEXITY_ERROR_MESSAGE) try: user = UserModel.objects.create( username=validated_data['username'], #Right now your username is your email, if this changes we need to change this email=validated_data['username'], first_name=validated_data['first_name'], last_name=validated_data['last_name']) user.set_password(validated_data['password']) user.email_registration_code = RandomHelper.get_cryptographic_uuid( ) user.save() #Send verification email send_emails_for_user_signup.delay(unicode(user.uuid)) return user except IntegrityError as ie: raise WsRestNonFieldException( 'A user with this username already exists!') except Exception as e: raise WsRestNonFieldException(e.message) return None
def validate(self, attrs): email_token = attrs.get('email_token') user_uuid = attrs.get('user_uuid') new_password = attrs.get('new_password') user = get_object_or_404(UserModel, pk=user_uuid) if str(user.forgot_password_code) == str(email_token): #If the new password meets compexity requirements if UserModel.validate_password_complexity(new_password): #If the new password isn't the current password if not user.check_password(new_password): #If the user has reset their password, within the reset timeout window if timezone.now() < timedelta( minutes=config.gen_reset_password_timeout_minutes ) + user.forgot_password_date: # The email code is valid, activate this user user.set_password(new_password) #invalidate the token, so they can't change it again user.forgot_password_code = None user.save() else: raise WsRestNonFieldException( 'This reset password code has expired.') else: raise WsRestNonFieldException( 'The new password code must be different then your current password.' ) else: raise WsRestNonFieldException( UserModel.INVALID_PASSWORD_COMPLEXITY_ERROR_MESSAGE) else: # Found a user but invalid registration code raise WsRestNonFieldException('Invalid reset password code.') return attrs
def validate(self, attrs): current_password = attrs.get('current_password') new_password = attrs.get('new_password') user = self.instance.user if not user: raise WsRestNonFieldException( 'You must be logged in to change your password.') elif not user.is_authenticated: raise WsRestNonFieldException( 'You must be logged in to change your password.') # If the user's current password is the supplied password elif not user.check_password(current_password): raise WsRestFieldException( 'The supplied current password is not valid.', 'current_password') # If the new password meets the password requirements elif not UserModel.validate_password_complexity: raise WsRestFieldException( UserModel.INVALID_PASSWORD_COMPLEXITY_ERROR_MESSAGE, 'new_password') elif current_password == new_password: raise WsRestFieldException( 'The new password needs to be different than the current password.', 'new_password') # Change the password else: user.set_password(new_password) user.save() attrs["user"] = user return attrs
def validate(self, attrs): user_uuid = attrs['user_uuid'] user = UserModel.objects.filter(uuid=user_uuid).first() if user: if not user.is_superuser: user.delete() else: raise WsRestNonFieldException( 'Admin users can not be deleted.') else: raise WsRestNonFieldException('No user with that uuid found.') return attrs
def validate(self, attrs): email_token = attrs.get('email_token') user_uuid = attrs.get('user_uuid') user = get_object_or_404(UserModel, pk=user_uuid) if user: if str(user.email_registration_code) == str(email_token): # The email code is valid, activate this user user.email_verified = True user.save() else: # Found a user but invalid registration code raise WsRestNonFieldException( 'Invalid email registration code.') else: # No user with that uuid, but same error message, # we don't want to expose unnessecary information raise WsRestNonFieldException('Invalid email registration code.') return attrs
def validate(self, attrs): user_uuid = attrs['user_uuid'] enabled = attrs['enabled'] user = UserModel.objects.filter(uuid=user_uuid).first() if user: user.account_manually_approved = enabled user.save() else: raise WsRestNonFieldException('No user with that uuid found.') return attrs
def validate(self, attrs): username = attrs.get('username') password = attrs.get('password') if username and password: user = authenticate(username=username, password=password) if user: # From Django 1.10 onwards the `authenticate` call simply # returns `None` for is_active=False users. # (Assuming the default `ModelBackend` authentication backend.) if not user.is_active: raise WsRestNonFieldException('User account is disabled.') # A verification email is sent when an account is created, # this must be clicked before the user can login if not user.email_verified: raise WsRestNonFieldException( 'User account has not had it\'s email verified') else: exception = WsRestNonFieldException( 'Unable to log in with provided credentials.') ip_address = None user_agent = None login_attempt = LoginAttemptModel(ip_address, user_agent, timezone.now()) login_attempt.save(config.es_default_index) raise exception else: raise WsRestNonFieldException( 'Must include "username" and "password".') attrs['user'] = user return attrs
def validate(self, attrs): user_uuid = attrs['user_uuid'] user = UserModel.objects.filter(uuid=user_uuid).first() if user: #Reset the verification code user.email_registration_code = RandomHelper.get_cryptographic_uuid( ) user.save() # Send verification email send_emails_for_user_signup.delay(user_uuid=user_uuid) else: raise WsRestNonFieldException('No user with that uuid found.') return attrs