def update_user_profile(self, user_info): email = user_info.get('email', '') if not email: return name = user_info.get('name', '') institution = user_info.get('institution', '') contact_email = user_info.get('contact_email', '') profile = Profile.objects.get_profile_by_user(email) if not profile: profile = Profile(user=email) if name.strip(): # if have 'HTTP_DISPLAYNAME' header, # then use its value as user's name profile.nickname = name else: # or use values of "HTTP_GIVENNAME" and "HTTP_SN" headers # for shibboleth givenname = user_info.get('givenname', '') surname = user_info.get('surname', '') if givenname.strip() and surname.strip(): name = "%s %s" % (givenname, surname) profile.nickname = name if institution: profile.institution = institution if contact_email: profile.contact_email = contact_email profile.save()
def make_profile(self, user, shib_meta): """ Extrat nickname(givenname surname), contact_email, institution from Shib attributs, and add those to user profile. """ # use `display_name` as nickname in shib_meta first nickname = shib_meta.get('display_name', None) if nickname is None: # otherwise, fallback to givenname plus surname in shib_meta givenname = shib_meta.get('givenname', '') surname = shib_meta.get('surname', '') nickname = "%s %s" % (givenname, surname) institution = shib_meta.get('institution', None) contact_email = shib_meta.get('contact_email', None) p = Profile.objects.get_profile_by_user(user.username) if not p: p = Profile(user=user.username) if nickname.strip(): # set nickname when it's not empty p.nickname = nickname if institution: p.institution = institution if contact_email: p.contact_email = contact_email p.save()
def dingtalk_connect_callback(request): if not ENABLE_DINGTALK: return render_error(request, _('Error, please contact administrator.')) state = request.GET.get('state', '') if not state or state != request.session.get('dingtalk_connect_state', ''): logger.error('invalid state') return render_error(request, _('Error, please contact administrator.')) timestamp = str(int(time.time() * 1000)).encode('utf-8') appsecret = DINGTALK_QR_CONNECT_APP_SECRET.encode('utf-8') signature = base64.b64encode( hmac.new(appsecret, timestamp, digestmod=sha256).digest()) parameters = { 'accessKey': DINGTALK_QR_CONNECT_APP_ID, 'timestamp': timestamp, 'signature': signature, } code = request.GET.get('code') data = {"tmp_auth_code": code} full_user_info_url = DINGTALK_QR_CONNECT_USER_INFO_URL + '?' + urllib.parse.urlencode( parameters) user_info_resp = requests.post(full_user_info_url, data=json.dumps(data)) user_info = user_info_resp.json()['user_info'] # seahub authenticate user if 'unionid' not in user_info: logger.error('Required user info not found.') logger.error(user_info) return render_error(request, _('Error, please contact administrator.')) username = request.user.username dingtalk_user_id = user_info['unionid'] auth_user = SocialAuthUser.objects.get_by_provider_and_uid( 'dingtalk', dingtalk_user_id) if auth_user: logger.error('dingtalk account already exists %s' % dingtalk_user_id) return render_error(request, '出错了,此钉钉账号已被绑定') SocialAuthUser.objects.add(username, 'dingtalk', dingtalk_user_id) # update user's profile name = user_info['nick'] if 'nick' in user_info else '' if name: profile = Profile.objects.get_profile_by_user(username) if not profile: profile = Profile(user=username) profile.nickname = name.strip() profile.save() response = HttpResponseRedirect( request.session['dingtalk_connect_redirect']) return response
def _update_account_additional_info(self, request, email): # update account profile name = request.data.get("name", None) if name is not None: profile = Profile.objects.get_profile_by_user(email) if profile is None: profile = Profile(user=email) profile.nickname = name profile.save() # update account loginid loginid = request.data.get("login_id", '').strip() if loginid != '': profile = Profile.objects.get_profile_by_user(email) if profile is None: profile = Profile(user=email) profile.login_id = loginid profile.save() # update account detailed profile department = request.data.get("department", None) if department is not None: d_profile = DetailedProfile.objects.get_detailed_profile_by_user(email) if d_profile is None: d_profile = DetailedProfile(user=email) d_profile.department = department d_profile.save() # update user quota space_quota_mb = request.data.get("storage", None) if space_quota_mb is not None: space_quota = int(space_quota_mb) * get_file_size_unit('MB') if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.set_org_user_quota(org_id, email, space_quota) else: seafile_api.set_user_quota(email, space_quota) # update is_trial is_trial = request.data.get("is_trial", None) if is_trial is not None: try: from seahub_extra.trialaccount.models import TrialAccount except ImportError: pass else: if is_trial is True: expire_date = timezone.now() + relativedelta(days=7) TrialAccount.object.create_or_update(email, expire_date) else: TrialAccount.objects.filter(user_or_org=email).delete()
def update_user_info(request): email = request.data.get("email") user = User.objects.get(email=email) # update basic user info password = request.data.get("password") if password: user.set_password(password) is_staff = request.data.get("is_staff") if is_staff: is_staff = to_python_boolean(is_staff) user.is_staff = is_staff is_active = request.data.get("is_active") if is_active: is_active = to_python_boolean(is_active) user.is_active = is_active # update user user.save() # update additional user info if is_pro_version(): role = request.data.get("role") if role: User.objects.update_role(email, role) name = request.data.get("name") if name: profile = Profile.objects.get_profile_by_user(email) if profile is None: profile = Profile(user=email) profile.nickname = name profile.save() department = request.data.get("department") if department: d_profile = DetailedProfile.objects.get_detailed_profile_by_user(email) if d_profile is None: d_profile = DetailedProfile(user=email) d_profile.department = department d_profile.save() quota_total_mb = request.data.get("quota_total") if quota_total_mb: quota_total = int(quota_total_mb) * get_file_size_unit('MB') if is_org_context(request): org_id = request.user.org.org_id seafile_api.set_org_user_quota(org_id, email, quota_total) else: seafile_api.set_user_quota(email, quota_total)
def test_updated_when_call_save(self): username = self.tmp_user.username assert email2nickname(username) == username.split('@')[0] p = Profile.objects.get_profile_by_user(username) if p is None: p = Profile(user=username) p.nickname = 'nickname' p.save() assert email2nickname(username) == 'nickname'
def put(self, request, format=None): """Update account info. """ username = request.user.username name = request.data.get("name", None) if name is not None: if len(name) > 64: return api_error( status.HTTP_400_BAD_REQUEST, _('Name is too long (maximum is 64 characters)')) if "/" in name: return api_error(status.HTTP_400_BAD_REQUEST, _("Name should not include '/'.")) email_interval = request.data.get("email_notification_interval", None) if email_interval is not None: try: email_interval = int(email_interval) except ValueError: return api_error(status.HTTP_400_BAD_REQUEST, 'email_interval invalid') # update user info if name is not None: profile = Profile.objects.get_profile_by_user(username) if profile is None: profile = Profile(user=username) profile.nickname = name profile.save() if email_interval is not None: if email_interval <= 0: UserOptions.objects.unset_dtable_updates_email_interval( username) else: UserOptions.objects.set_dtable_updates_email_interval( username, email_interval) return Response(self._get_account_info(request))
def _update_account_profile(self, request, email): name = request.DATA.get("name", None) note = request.DATA.get("note", None) if name is None and note is None: return profile = Profile.objects.get_profile_by_user(email) if profile is None: profile = Profile(user=email) if name is not None: # if '/' in name: # return api_error(status.HTTP_400_BAD_REQUEST, "Nickname should not include '/'") profile.nickname = name if note is not None: profile.intro = note profile.save()
def _update_account_profile(self, request, email): name = request.data.get("name", None) note = request.data.get("note", None) if name is None and note is None: return profile = Profile.objects.get_profile_by_user(email) if profile is None: profile = Profile(user=email) if name is not None: # if '/' in name: # return api_error(status.HTTP_400_BAD_REQUEST, "Nickname should not include '/'") profile.nickname = name if note is not None: profile.intro = note profile.save()
def make_profile(self, user, shib_meta): """ Extrat nickname(givenname surname), contact_email, institution from Shib attributs, and add those to user profile. """ givenname = shib_meta.get("givenname", "") surname = shib_meta.get("surname", "") nickname = "%s %s" % (givenname, surname) institution = shib_meta.get("institution", None) contact_email = shib_meta.get("contact_email", None) p = Profile.objects.get_profile_by_user(user.username) if not p: p = Profile(user=user.username) p.nickname = nickname if institution: p.institution = institution if contact_email: p.contact_email = contact_email p.save()
def oauth_callback(request): """ Step 3: Retrieving an access token. The user has been redirected back from the provider to your registered callback URL. With this redirection comes an authorization code included in the redirect URL. We will use that to obtain an access token. """ session = OAuth2Session(client_id=CLIENT_ID, scope=SCOPE, state=request.session.get('oauth_state', None), redirect_uri=REDIRECT_URL) try: token = session.fetch_token( TOKEN_URL, client_secret=CLIENT_SECRET, authorization_response=request.get_full_path()) if session._client.__dict__['token'].has_key('user_id'): # used for sjtu.edu.cn # https://xjq12311.gitbooks.io/sjtu-engtc/content/ user_id = session._client.__dict__['token']['user_id'] user_info_resp = session.get(USER_INFO_URL + '?user_id=%s' % user_id) else: user_info_url = USER_INFO_URL if ACCESS_TOKEN_IN_URI: code = request.GET.get('code') user_info_url = USER_INFO_URL + '?access_token=%s&code=%s' % ( token['access_token'], code) user_info_resp = session.get(user_info_url) except Exception as e: logger.error(e) return render_error(request, _('Error, please contact administrator.')) def format_user_info(user_info_resp): logger.info('user info resp: %s' % user_info_resp.text) error = False user_info = {} user_info_json = user_info_resp.json() for item, attr in ATTRIBUTE_MAP.items(): required, user_attr = attr value = user_info_json.get(item, '') if value: # ccnet email if user_attr == 'email': user_info[user_attr] = value if is_valid_email(str(value)) else \ '%s@%s' % (str(value), PROVIDER_DOMAIN) else: user_info[user_attr] = value elif required: error = True return user_info, error user_info, error = format_user_info(user_info_resp) if error: logger.error('Required user info not found.') logger.error(user_info) return render_error(request, _('Error, please contact administrator.')) # seahub authenticate user email = user_info['email'] try: user = auth.authenticate(remote_user=email) except User.DoesNotExist: user = None if not user or not user.is_active: logger.error('User %s not found or inactive.' % email) # a page for authenticate user failed return render_error(request, _(u'User %s not found.') % email) # User is valid. Set request.user and persist user in the session # by logging the user in. request.user = user auth.login(request, user) # update user's profile name = user_info['name'] if user_info.has_key('name') else '' contact_email = user_info['contact_email'] if \ user_info.has_key('contact_email') else '' profile = Profile.objects.get_profile_by_user(email) if not profile: profile = Profile(user=email) if name: profile.nickname = name.strip() profile.save() if contact_email: profile.contact_email = contact_email.strip() profile.save() # generate auth token for Seafile client api_token = get_api_token(request) # redirect user to home page response = HttpResponseRedirect(request.session['oauth_redirect']) response.set_cookie('seahub_auth', email + '@' + api_token.key) return response
def put(self, request, org_id, email): """ update base info of a org user Permission checking: 1. only admin can perform this action. """ if not request.user.admin_permissions.other_permission(): return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') try: user = User.objects.get(email=email) except User.DoesNotExist: error_msg = 'User %s not found.' % email return api_error(status.HTTP_404_NOT_FOUND, error_msg) # update active active = request.data.get('active', None) if active: active = active.lower() if active not in ('true', 'false'): error_msg = "active invalid, should be 'true' or 'false'." return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if active == 'true': user.is_active = True else: user.is_active = False try: # update user status result_code = user.save() except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) if result_code == -1: error_msg = 'Fail to update user %s.' % email return api_error(status.HTTP_403_FORBIDDEN, error_msg) # update name name = request.data.get('name', None) if name: profile = Profile.objects.get_profile_by_user(email) if profile is None: profile = Profile(user=email) profile.nickname = name profile.save() # update contact_email contact_email = request.data.get('contact_email', None) if contact_email: profile = Profile.objects.get_profile_by_user(email) if profile is None: profile = Profile(user=email) profile.contact_email = contact_email profile.save() # update user quota user_quota_mb = request.data.get("quota_total", None) if user_quota_mb: try: user_quota_mb = int(user_quota_mb) except Exception as e: logger.error(e) error_msg = "quota_total invalid." return api_error(status.HTTP_400_BAD_REQUEST, error_msg) user_quota = int(user_quota_mb) * get_file_size_unit('MB') org_quota = seafile_api.get_org_quota(org_id) # -1 means org has unlimited quota if org_quota > 0: org_quota_mb = org_quota / get_file_size_unit('MB') if user_quota_mb > org_quota_mb: error_msg = 'Failed to set quota: maximum quota is %d MB' % org_quota_mb return api_error(status.HTTP_400_BAD_REQUEST, error_msg) seafile_api.set_org_user_quota(org_id, email, user_quota) user_info = get_org_user_info(org_id, user) user_info['active'] = user.is_active return Response(user_info)
def _update_account_additional_info(self, request, email): # update account name name = request.data.get("name", None) if name is not None: profile = Profile.objects.get_profile_by_user(email) if profile is None: profile = Profile(user=email) profile.nickname = name profile.save() # update account list_in_address_book list_in_address_book = request.data.get("list_in_address_book", None) if list_in_address_book is not None: profile = Profile.objects.get_profile_by_user(email) if profile is None: profile = Profile(user=email) profile.list_in_address_book = list_in_address_book.lower() == 'true' profile.save() # update account loginid loginid = request.data.get("login_id", '').strip() if loginid != '': profile = Profile.objects.get_profile_by_user(email) if profile is None: profile = Profile(user=email) profile.login_id = loginid profile.save() # update account detailed profile department = request.data.get("department", None) if department is not None: d_profile = DetailedProfile.objects.get_detailed_profile_by_user(email) if d_profile is None: d_profile = DetailedProfile(user=email) d_profile.department = department d_profile.save() # update user quota space_quota_mb = request.data.get("storage", None) if space_quota_mb is not None: space_quota = int(space_quota_mb) * get_file_size_unit('MB') if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.set_org_user_quota(org_id, email, space_quota) else: seafile_api.set_user_quota(email, space_quota) # update user institution institution = request.data.get("institution", None) if institution is not None: profile = Profile.objects.get_profile_by_user(email) if profile is None: profile = Profile(user=email) profile.institution = institution profile.save() # update is_trial is_trial = request.data.get("is_trial", None) if is_trial is not None: try: from seahub_extra.trialaccount.models import TrialAccount except ImportError: pass else: if is_trial is True: expire_date = timezone.now() + relativedelta(days=7) TrialAccount.object.create_or_update(email, expire_date) else: TrialAccount.objects.filter(user_or_org=email).delete()
def dingtalk_callback(request): if not ENABLE_DINGTALK: return render_error(request, _('Error, please contact administrator.')) state = request.GET.get('state', '') if not state or state != request.session.get('dingtalk_login_state', ''): logger.error('invalid state') return render_error(request, _('Error, please contact administrator.')) timestamp = str(int(time.time() * 1000)).encode('utf-8') appsecret = DINGTALK_QR_CONNECT_APP_SECRET.encode('utf-8') signature = base64.b64encode( hmac.new(appsecret, timestamp, digestmod=sha256).digest()) parameters = { 'accessKey': DINGTALK_QR_CONNECT_APP_ID, 'timestamp': timestamp, 'signature': signature, } code = request.GET.get('code') data = {"tmp_auth_code": code} full_user_info_url = DINGTALK_QR_CONNECT_USER_INFO_URL + '?' + urllib.parse.urlencode( parameters) user_info_resp = requests.post(full_user_info_url, data=json.dumps(data)) user_info = user_info_resp.json()['user_info'] # seahub authenticate user if 'unionid' not in user_info: logger.error('Required user info not found.') logger.error(user_info) return render_error(request, _('Error, please contact administrator.')) auth_user = SocialAuthUser.objects.get_by_provider_and_uid( 'dingtalk', user_info['unionid']) if auth_user: email = auth_user.username else: email = gen_user_virtual_id() SocialAuthUser.objects.add(email, 'dingtalk', user_info['unionid']) try: user = auth.authenticate(remote_user=email) except User.DoesNotExist: user = None except Exception as e: logger.error(e) return render_error(request, _('Error, please contact administrator.')) if not user or not user.is_active: return render_error(request, _('User %s not found or inactive.') % email) # User is valid. Set request.user and persist user in the session # by logging the user in. request.user = user request.session['remember_me'] = DINGTALK_QR_CONNECT_LOGIN_REMEMBER_ME auth.login(request, user) # update user's profile name = user_info['nick'] if 'nick' in user_info else '' if name: profile = Profile.objects.get_profile_by_user(email) if not profile: profile = Profile(user=email) profile.nickname = name.strip() profile.save() user_detail_info = dingtalk_get_detailed_user_info(user_info['unionid']) contact_email = user_detail_info.get('email', '') if contact_email: profile.contact_email = contact_email profile.save() # generate auth token for Seafile client api_token = get_api_token(request) # redirect user to home page response = HttpResponseRedirect( request.session.get('dingtalk_login_redirect', '/')) response.set_cookie('seahub_auth', email + '@' + api_token.key) return response
def weixin_oauth_callback(request): if not ENABLE_WEIXIN: return render_error(request, _('Error, please contact administrator.')) state = request.GET.get('state', '') if not state or state != request.session.get('weixin_oauth_login_state', ''): logger.error('invalid state') return render_error(request, _('Error, please contact administrator.')) # get access_token and user openid parameters = { 'appid': WEIXIN_OAUTH_APP_ID, 'secret': WEIXIN_OAUTH_APP_SECRET, 'code': request.GET.get('code'), 'grant_type': WEIXIN_OAUTH_GRANT_TYPE, } access_token_url = WEIXIN_OAUTH_ACCESS_TOKEN_URL + '?' + urllib.parse.urlencode(parameters) access_token_json = requests.get(access_token_url).json() openid = access_token_json.get('openid', '') access_token = access_token_json.get('access_token', '') if not access_token or not openid: logger.error('invalid access_token or openid') logger.error(access_token_url) logger.error(access_token_json) return render_error(request, _('Error, please contact administrator.')) # login user in auth_user = SocialAuthUser.objects.get_by_provider_and_uid('weixin', openid) if auth_user: email = auth_user.username else: email = gen_user_virtual_id() SocialAuthUser.objects.add(email, 'weixin', openid) try: user = auth.authenticate(remote_user=email) except User.DoesNotExist: user = None except Exception as e: logger.error(e) return render_error(request, _('Error, please contact administrator.')) if not user or not user.is_active: return render_error(request, _('User %s not found or inactive.') % email) request.user = user auth.login(request, user) # get user profile info parameters = { 'access_token': access_token, 'openid': openid, } user_info_url = WEIXIN_OAUTH_USER_INFO_URL + '?' + urllib.parse.urlencode(parameters) user_info_resp = requests.get(user_info_url).json() name = user_info_resp['nickname'] if 'nickname' in user_info_resp else '' name = name.encode('raw_unicode_escape').decode('utf-8') if name: profile = Profile.objects.get_profile_by_user(email) if not profile: profile = Profile(user=email) profile.nickname = name.strip() profile.save() avatar_url = user_info_resp['headimgurl'] if 'headimgurl' in user_info_resp else '' try: image_name = 'dingtalk_avatar' image_file = requests.get(avatar_url).content avatar = Avatar.objects.filter(emailuser=email, primary=True).first() avatar = avatar or Avatar(emailuser=email, primary=True) avatar_file = ContentFile(image_file) avatar_file.name = image_name avatar.avatar = avatar_file avatar.save() except Exception as e: logger.error(e) # generate auth token for Seafile client api_token = get_api_token(request) # redirect user to home page response = HttpResponseRedirect(request.session['weixin_oauth_login_redirect']) response.set_cookie('seahub_auth', email + '@' + api_token.key) return response
def _update_account_additional_info(self, request, email): # update account name name = request.data.get("name", None) if name is not None: profile = Profile.objects.get_profile_by_user(email) if profile is None: profile = Profile(user=email) profile.nickname = name profile.save() # update account list_in_address_book list_in_address_book = request.data.get("list_in_address_book", None) if list_in_address_book is not None: profile = Profile.objects.get_profile_by_user(email) if profile is None: profile = Profile(user=email) profile.list_in_address_book = list_in_address_book.lower( ) == 'true' profile.save() # update account loginid loginid = request.data.get("login_id", '').strip() if loginid != '': profile = Profile.objects.get_profile_by_user(email) if profile is None: profile = Profile(user=email) profile.login_id = loginid profile.save() # update account detailed profile department = request.data.get("department", None) if department is not None: d_profile = DetailedProfile.objects.get_detailed_profile_by_user( email) if d_profile is None: d_profile = DetailedProfile(user=email) d_profile.department = department d_profile.save() # update user quota space_quota_mb = request.data.get("storage", None) if space_quota_mb is not None: space_quota = int(space_quota_mb) * get_file_size_unit('MB') if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.set_org_user_quota( org_id, email, space_quota) else: seafile_api.set_user_quota(email, space_quota) # update user institution institution = request.data.get("institution", None) if institution is not None: profile = Profile.objects.get_profile_by_user(email) if profile is None: profile = Profile(user=email) profile.institution = institution profile.save()
def put(self, request, org_id, email): """ update base info of a org user Permission checking: 1. only admin can perform this action. """ try: user = User.objects.get(email=email) except User.DoesNotExist: error_msg = 'User %s not found.' % email return api_error(status.HTTP_404_NOT_FOUND, error_msg) # update active active = request.data.get('active', None) if active: active = active.lower() if active not in ('true', 'false'): error_msg = "active invalid, should be 'true' or 'false'." return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if active == 'true': user.is_active = True else: user.is_active = False try: # update user status result_code = user.save() except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) if result_code == -1: error_msg = 'Fail to update user %s.' % email return api_error(status.HTTP_403_FORBIDDEN, error_msg) # update name name = request.data.get('name', None) if name: profile = Profile.objects.get_profile_by_user(email) if profile is None: profile = Profile(user=email) profile.nickname = name profile.save() # update contact_email contact_email = request.data.get('contact_email', None) if contact_email: profile = Profile.objects.get_profile_by_user(email) if profile is None: profile = Profile(user=email) profile.contact_email = contact_email profile.save() # update user quota user_quota_mb = request.data.get("quota_total", None) if user_quota_mb: try: user_quota_mb = int(user_quota_mb) except Exception as e: logger.error(e) error_msg = "quota_total invalid." return api_error(status.HTTP_400_BAD_REQUEST, error_msg) user_quota = int(user_quota_mb) * get_file_size_unit('MB') org_quota = seafile_api.get_org_quota(org_id) # -1 means org has unlimited quota if org_quota > 0: org_quota_mb = org_quota / get_file_size_unit('MB') if user_quota_mb > org_quota_mb: error_msg = 'Failed to set quota: maximum quota is %d MB' % org_quota_mb return api_error(status.HTTP_400_BAD_REQUEST, error_msg) seafile_api.set_org_user_quota(org_id, email, user_quota) user_info = get_org_user_info(org_id, email) user_info['active'] = user.is_active return Response(user_info)
def oauth_callback(request): """ Step 3: Retrieving an access token. The user has been redirected back from the provider to your registered callback URL. With this redirection comes an authorization code included in the redirect URL. We will use that to obtain an access token. """ session = OAuth2Session(client_id=CLIENT_ID, scope=SCOPE, state=request.session.get('oauth_state', None), redirect_uri=REDIRECT_URL) try: session.fetch_token(TOKEN_URL, client_secret=CLIENT_SECRET, authorization_response=request.get_full_path()) if session._client.__dict__['token'].has_key('user_id'): # used for sjtu.edu.cn # https://xjq12311.gitbooks.io/sjtu-engtc/content/ user_id = session._client.__dict__['token']['user_id'] user_info_resp = session.get(USER_INFO_URL + '?user_id=%s' % user_id) else: user_info_resp = session.get(USER_INFO_URL) except Exception as e: logger.error(e) return render(request, 'error.html', { 'error_msg': _('Error, please contact administrator.'), }) def format_user_info(user_info_resp): error = False user_info = {} user_info_json = user_info_resp.json() for item, attr in ATTRIBUTE_MAP.items(): required, user_attr = attr value = user_info_json.get(item, '') if value: # ccnet email if user_attr == 'email': user_info[user_attr] = value if is_valid_email(str(value)) else \ '%s@%s' % (str(value), PROVIDER_DOMAIN) else: user_info[user_attr] = value elif required: error = True return user_info, error user_info, error = format_user_info(user_info_resp) if error: logger.error('Required user info not found.') logger.error(user_info) return render(request, 'error.html', { 'error_msg': _('Error, please contact administrator.'), }) # seahub authenticate user email = user_info['email'] try: User.objects.get(email=email) except User.DoesNotExist: if not config.ENABLE_SIGNUP: logger.error('%s not found but user registration is disabled.' % email) return render( request, 'error.html', { 'error_msg': _('Error, please contact administrator.'), }) try: user = auth.authenticate(remote_user=email) except User.DoesNotExist: user = None if not user or not user.is_active: logger.error('User %s not found or inactive.' % email) # a page for authenticate user failed return render(request, 'error.html', {'error_msg': _(u'User %s not found.') % email}) # User is valid. Set request.user and persist user in the session # by logging the user in. request.user = user auth.login(request, user) user.set_unusable_password() user.save() # update user's profile name = user_info['name'] if user_info.has_key('name') else '' contact_email = user_info['contact_email'] if \ user_info.has_key('contact_email') else '' profile = Profile.objects.get_profile_by_user(email) if not profile: profile = Profile(user=email) if name: profile.nickname = name.strip() profile.save() if contact_email: profile.contact_email = contact_email.strip() profile.save() # generate auth token for Seafile client keys = ( 'platform', 'device_id', 'device_name', 'client_version', 'platform_version', ) if all([key in request.GET for key in keys]): platform = request.GET['platform'] device_id = request.GET['device_id'] device_name = request.GET['device_name'] client_version = request.GET['client_version'] platform_version = request.GET['platform_version'] token = get_token_v2(request, request.user.username, platform, device_id, device_name, client_version, platform_version) else: token = get_token_v1(request.user.username) # redirect user to home page response = HttpResponseRedirect(reverse('libraries')) response.set_cookie('seahub_auth', email + '@' + token.key) return response
def update_user_info(request, user): # update basic user info password = request.data.get("password") if password: user.set_password(password) is_staff = request.data.get("is_staff") if is_staff: is_staff = to_python_boolean(is_staff) user.is_staff = is_staff is_active = request.data.get("is_active") if is_active: is_active = to_python_boolean(is_active) user.is_active = is_active # update user user.save() email = user.username # update additional user info if is_pro_version(): role = request.data.get("role") if role: User.objects.update_role(email, role) name = request.data.get("name") if name: profile = Profile.objects.get_profile_by_user(email) if profile is None: profile = Profile(user=email) profile.nickname = name profile.save() # update account login_id login_id = request.data.get("login_id", None) if login_id is not None: login_id = login_id.strip() profile = Profile.objects.get_profile_by_user(email) if profile is None: profile = Profile(user=email) profile.login_id = None if login_id == "" else login_id profile.save() reference_id = request.data.get("reference_id", None) if reference_id is not None: reference_id = reference_id.strip() ccnet_api.set_reference_id(email, reference_id) department = request.data.get("department") if department: d_profile = DetailedProfile.objects.get_detailed_profile_by_user(email) if d_profile is None: d_profile = DetailedProfile(user=email) d_profile.department = department d_profile.save() quota_total_mb = request.data.get("quota_total") if quota_total_mb: quota_total = int(quota_total_mb) * get_file_size_unit('MB') if is_org_context(request): org_id = request.user.org.org_id seafile_api.set_org_user_quota(org_id, email, quota_total) else: seafile_api.set_user_quota(email, quota_total)
def oauth_callback(request): """ Step 3: Retrieving an access token. The user has been redirected back from the provider to your registered callback URL. With this redirection comes an authorization code included in the redirect URL. We will use that to obtain an access token. """ try: session.fetch_token(TOKEN_URL, client_secret=CLIENT_SECRET, authorization_response=request.get_full_path()) user_info_resp = session.get(USER_INFO_URL) except Exception as e: logger.error(e) return render_to_response( 'error.html', { 'error_msg': _('Error, please contact administrator.'), }, context_instance=RequestContext(request)) def format_user_info(user_info_resp): error = False user_info = {} user_info_json = user_info_resp.json() for item, attr in ATTRIBUTE_MAP.items(): required, user_attr = attr value = user_info_json.get(item, '') if value: # ccnet email if user_attr == 'email': user_info[user_attr] = value if is_valid_email(str(value)) else \ '%s@%s' % (str(value), PROVIDER_DOMAIN) else: user_info[user_attr] = value elif required: error = True return user_info, error user_info, error = format_user_info(user_info_resp) if error: logger.error('Required user info not found.') logger.error(user_info) return render_to_response( 'error.html', { 'error_msg': _('Error, please contact administrator.'), }, context_instance=RequestContext(request)) # seahub authenticate user email = user_info['email'] try: User.objects.get(email=email) except User.DoesNotExist: if not config.ENABLE_SIGNUP: logger.error('%s not found but user registration is disabled.' % email) return render_to_response( 'error.html', { 'error_msg': _('Error, please contact administrator.'), }, context_instance=RequestContext(request)) try: user = auth.authenticate(remote_user=email) except User.DoesNotExist: user = None if not user or not user.is_active: logger.error('User %s not found or inactive.' % email) # a page for authenticate user failed return render_to_response( 'error.html', {'error_msg': _(u'User %s not found.') % email}, context_instance=RequestContext(request)) # User is valid. Set request.user and persist user in the session # by logging the user in. request.user = user auth.login(request, user) user.set_unusable_password() user.save() # update user's profile name = user_info['name'] if user_info.has_key('name') else '' contact_email = user_info['contact_email'] if \ user_info.has_key('contact_email') else '' profile = Profile.objects.get_profile_by_user(email) if not profile: profile = Profile(user=email) if name: profile.nickname = name.strip() profile.save() if contact_email: profile.contact_email = contact_email.strip() profile.save() # redirect user to home page return HttpResponseRedirect(reverse('libraries'))