diff options
author | Leif Johansson <leifj@sunet.se> | 2011-08-18 10:41:41 +0200 |
---|---|---|
committer | Leif Johansson <leifj@sunet.se> | 2011-08-18 10:41:41 +0200 |
commit | 8b62502983ca646104f22ecb56cf97ff8922756a (patch) | |
tree | 6dea14dea1b13a8fdb919d9ada7f10a816876131 /coip | |
parent | 9d4561febd0489eb8cab1fc3654614b1a5ed17ac (diff) |
new profile-model
Diffstat (limited to 'coip')
-rw-r--r-- | coip/apps/auth/views.py | 62 | ||||
-rw-r--r-- | coip/apps/invitation/models.py | 7 | ||||
-rw-r--r-- | coip/apps/invitation/views.py | 2 | ||||
-rw-r--r-- | coip/apps/opensocial/people.py | 3 | ||||
-rw-r--r-- | coip/apps/userprofile/models.py | 79 | ||||
-rw-r--r-- | coip/apps/userprofile/utils.py | 32 | ||||
-rw-r--r-- | coip/apps/userprofile/views.py | 41 | ||||
-rw-r--r-- | coip/extensions/templatetags/userdisplay.py | 27 | ||||
-rw-r--r-- | coip/multiresponse.py | 5 | ||||
-rw-r--r-- | coip/settings.py | 2 | ||||
-rw-r--r-- | coip/urls.py | 4 |
11 files changed, 107 insertions, 157 deletions
diff --git a/coip/apps/auth/views.py b/coip/apps/auth/views.py index 6dd311d..18b4430 100644 --- a/coip/apps/auth/views.py +++ b/coip/apps/auth/views.py @@ -4,13 +4,14 @@ Created on Jul 5, 2010 @author: leifj ''' from django.http import HttpResponseRedirect -from coip.apps.userprofile.models import UserProfile +from coip.apps.userprofile.models import UserProfile, home_name from django.contrib.auth.models import User from coip.apps.auth.utils import anonid from coip.apps.name.models import lookup import datetime from django.views.decorators.cache import never_cache import logging +from coip.apps.membership.models import add_member def meta(request,attr): v = request.META.get(attr) @@ -28,47 +29,44 @@ def meta1(request,attr): def accounts_login_federated(request): if request.user.is_authenticated(): - profile,created = UserProfile.objects.get_or_create(identifier=request.user.username) - if created: - profile.identifier = request.user.username - profile.user = request.user - profile.save() - + user = request.user + profile = user.get_profile() + profile.identifier = request.user.username + idp = meta1(request,'Shib-Identity-Provider') + profile.idp = idp - update = False cn = meta1(request,'cn') + fn = meta1(request,'givenName') + ln = meta1(request,'sn') + mail = meta1(request,'mail') + if not cn: cn = meta1(request,'displayName') - logging.warn(cn) - if not cn: - fn = meta1(request,'givenName') - ln = meta1(request,'sn') - if fn and ln: - cn = "%s %s" % (fn,ln) + if not cn and (fn and ln): + cn = "%s %s" % (fn,ln) if not cn: cn = profile.identifier + + if fn: + user.first_name = fn + if ln: + user.last_name = ln + if mail: + user.email = mail - mail = meta1(request,'mail') - - idp = meta1(request,'Shib-Identity-Provider') - - for attrib_name, meta_value in (('display_name',cn),('email',mail),('idp',idp)): - attrib_value = getattr(profile, attrib_name) - if meta_value and not attrib_value: - setattr(profile,attrib_name,meta_value) - update = True + if cn: + profile.display_name = cn - if request.user.password == "": - request.user.password = "(not used for federated logins)" - update = True - - if update: - request.user.save() + user.set_unusable_password() - # Allow auto_now to kick in for the lastupdated field - #profile.lastupdated = datetime.datetime.now() + if profile.home == None: + profile.home = home_name(user,autocreate=True) + + profile.home.short = "%s (%s)" % (cn,profile.identifier) + profile.home.save() + user.save() profile.save() - + next = request.session.get("after_login_redirect", None) if next is not None: return HttpResponseRedirect(next) diff --git a/coip/apps/invitation/models.py b/coip/apps/invitation/models.py index e6b7df4..fabc145 100644 --- a/coip/apps/invitation/models.py +++ b/coip/apps/invitation/models.py @@ -6,10 +6,7 @@ Created on Jun 23, 2010 from django.db import models from django.contrib.auth.models import User from coip.apps.name.models import Name -import datetime -from pprint import pformat from django.core.mail import send_mail -from coip.apps.userprofile.models import last_used_profile import logging from coip.settings import PREFIX_URL, NOREPLY @@ -29,8 +26,8 @@ class Invitation(models.Model): def __unicode__(self): return "%s invited to %s by %s" % (self.email,self.name,self.inviter) - def send_email(self): - pinviter = last_used_profile(self.inviter) + def send_email(self,request): + pinviter = request.user.get_profile() send_mail('Invitation to join \'%s\'' % (self.name.shortname()), ''' %s (%s) has invited you to join \'%s\': diff --git a/coip/apps/invitation/views.py b/coip/apps/invitation/views.py index 542728b..f227508 100644 --- a/coip/apps/invitation/views.py +++ b/coip/apps/invitation/views.py @@ -27,7 +27,7 @@ def invite(request,id): form = InvitationForm(request.POST,instance=invitation) if form.is_valid(): invitation = form.save() - invitation.send_email() + invitation.send_email(request) return HttpResponseRedirect("/name/id/%d" % (name.id)) else: exp = datetime.datetime.now()+datetime.timedelta(days=1) diff --git a/coip/apps/opensocial/people.py b/coip/apps/opensocial/people.py index 4572829..9465c08 100644 --- a/coip/apps/opensocial/people.py +++ b/coip/apps/opensocial/people.py @@ -4,7 +4,6 @@ Created on Jun 19, 2011 @author: leifj ''' from tastypie.resources import ModelResource -from coip.apps.userprofile.models import UserProfile, last_used_profile from django.contrib.auth.models import User from coip.apps.opensocial.serializer import OpenSocialSerializer from django.conf.urls.defaults import url @@ -158,7 +157,7 @@ class PersonResource(OpenSocialResource): def dehydrate(self,bundle): bundle = super(PersonResource,self).dehydrate(bundle) bundle.data['id'] = bundle.data['username'] - bundle.data['displayName'] = last_used_profile(bundle.obj).display_name + bundle.data['displayName'] = bundle.obj.get_profile().display_name del bundle.data['resource_uri'] del bundle.data['username'] return bundle
\ No newline at end of file diff --git a/coip/apps/userprofile/models.py b/coip/apps/userprofile/models.py index 40751fb..6e2364a 100644 --- a/coip/apps/userprofile/models.py +++ b/coip/apps/userprofile/models.py @@ -5,39 +5,70 @@ Created on Jul 5, 2010 ''' from django.db import models from django.contrib.auth.models import User -from coip.apps.name.models import Name +from django.dispatch.dispatcher import receiver +from django.db.models.signals import post_save +from coip.apps.name.models import Name, lookup +from coip.apps.membership.models import add_member class UserProfile(models.Model): - user = models.ForeignKey(User,blank=True,null=True,related_name='profiles') + + INTERNAL = 0 + ENTITY = 1 + SSHKEY = 2 + GRIDCERT = 3 + FEDID = 4 + + # + # User content + # 0 (internal) - normal + # 1 (entity) - username=entity:sha1(entityID), profile.display_name = display or entityID, profile.identifier = ssh key + # 2 (sshkey) - username=sshkey:fingerprint, profile.display_name = key alias or "SSH Key with fingerprint ..." + # 3 (gridcert) - username=x509:sha1-fingerprint, profile.display_name = dn, profile.identifier = PEM + # 4 (fedid) - username=eppn or equiv (REMOTE_USER),profile.display_name = display or eppn, profile.identifier = eppn, profile.authority = idp + # + + user = models.OneToOneField(User) + home = models.ForeignKey(Name,blank=True,null=True) display_name = models.CharField(max_length=255,blank=True,null=True) - primary = models.BooleanField() - email = models.EmailField(blank=True,null=True) - idp = models.CharField(max_length=255,blank=True,null=True) - identifier = models.CharField(max_length=1023,unique=True) + type = models.SmallIntegerField(choices=((ENTITY,"Connected Service"), + (INTERNAL,"System User"), + (SSHKEY,"SSH Key"), + (GRIDCERT,"eScience Certificate"), + (FEDID,"User Identity"))) + + authority = models.CharField(max_length=255,blank=True,null=True) + identifier = models.CharField(max_length=1023,blank=True,null=True) + timecreated = models.DateTimeField(auto_now_add=True) lastupdated = models.DateTimeField(auto_now=True) - home = models.ForeignKey(Name,blank=True,null=True,editable=False) def __unicode__(self): return "%s [%s] - %s" % (self.identifier,self.user.username,self.display_name) - def make_primary(self): - for p in UserProfile.objects.filter(user=self.user).all: - p.primary = False - self.primary = True - -def last_used_profile(user): - return UserProfile.objects.filter(user=user).order_by('lastupdated')[0] - -def primary_profile(user): - return UserProfile.objects.filter(user=user,primary=True)[0] +def import_sshkey(keyfile): + fingerprint = "xxx" + user = User.objects.get_or_create(username="sshkey:%s" % fingerprint) +def home_name(user,short=None,autocreate=False): + if short == None: + short = user.username + urn = lookup("urn",True) + anyuser = lookup("system:anyuser",True) + urn.setacl(anyuser,'rl') -class PKey(models.Model): - user_profile = models.ForeignKey(UserProfile,related_name='keys') - key = models.CharField(max_length=1023,unique=True) - timecreated = models.DateTimeField(auto_now_add=True) - lastupdated = models.DateTimeField(auto_now=True) + home = lookup('user:'+user.username,autocreate=autocreate) + add_member(home,user,hidden=True) + home.setpacl(home, "rwlida") + home.setacl(home,"rwlia") #don't allow users to delete or reset acls on their home, nor invite members - that would be confusing as hell + home.short = short + home.save() - def __unicode__(self): - return "A merge-key for "+self.user_profile + return home + +@receiver(post_save,sender=User) +def _create_profile(sender,**kwargs): + user = kwargs['instance'] + profile,created = UserProfile.objects.get_or_create(user=user) + if profile.home == None: + profile.home = home_name(user,autocreate=True) + profile.save()
\ No newline at end of file diff --git a/coip/apps/userprofile/utils.py b/coip/apps/userprofile/utils.py deleted file mode 100644 index d3854f6..0000000 --- a/coip/apps/userprofile/utils.py +++ /dev/null @@ -1,32 +0,0 @@ -''' -Created on Jul 6, 2010 - -@author: leifj -''' -from coip.apps.userprofile.models import UserProfile, PKey -from django.core.exceptions import ObjectDoesNotExist -import logging -from pprint import pformat - -def request_profile(request): - if request.user.is_authenticated(): - logging.warn(pformat(request.META)) - if request.META.has_key('REMOTE_USER'): - return UserProfile.objects.get(identifier=request.META['REMOTE_USER']) - else: - return UserProfile.objects.get(user=request.user) - else: - return None - -def user_profile(request,key=None): - if key: - try: - k = PKey.objects.get(key=key) - return k.profile,k - except ObjectDoesNotExist: - return None - else: - return request_profile(request) - #if not request.session.has_key('_profile'): - # request.session['_profile'] = request_profile(request) - #return request.session['_profile']
\ No newline at end of file diff --git a/coip/apps/userprofile/views.py b/coip/apps/userprofile/views.py index 7ce8f74..a7b15e8 100644 --- a/coip/apps/userprofile/views.py +++ b/coip/apps/userprofile/views.py @@ -4,36 +4,14 @@ Created on Jul 6, 2010 @author: leifj ''' from django.contrib.auth.decorators import login_required -from coip.apps.userprofile.models import PKey -from django.http import HttpResponseRedirect from coip.multiresponse import respond_to, json_response -from coip.apps.membership.models import Membership, add_member -from coip.apps.userprofile.utils import user_profile +from coip.apps.membership.models import Membership from django.core.exceptions import ObjectDoesNotExist -from pprint import pformat -from coip.apps.auth.utils import nonce -from coip.apps.name.models import Name, NameLink, lookup +from coip.apps.name.models import NameLink from django.contrib.auth.models import User from django.shortcuts import get_object_or_404 @login_required -def merge(request,pkey=None): - if pkey: - profile = user_profile(request) - merge_profile,pkey = profile(request,pkey) - if merge_profile: - merge_profile.user.delete() - merge_profile.user = request.user - merge_profile.save() - pkey.delete() - return HttpResponseRedirect("/user/home") - else: - profile = profile(request) - k = PKey(profile=profile,key=nonce()) - k.save() - return HttpResponseRedirect("/accounts/login?next=/user/merge/"+k.key) - -@login_required def home(request): memberships = [] try: @@ -41,22 +19,9 @@ def home(request): except ObjectDoesNotExist: pass - urn = lookup("urn",True) - anyuser = lookup("system:anyuser",True) - urn.setacl(anyuser,'rl') - - profile = user_profile(request) - home = lookup('user:'+request.user.username,autocreate=True) - home.short = "%s (%s)" % (profile.display_name,profile.identifier) - profile.home = home - home.save() - add_member(home,profile.user,hidden=True) - home.setpacl(home, "rwlida") - home.setacl(home,"rwla") #don't allow users to delete or reset acls on their home, nor invite members - that would be confusing as hell - names = [(link.src,link.data) for link in NameLink.objects.filter(dst__memberships__user=request.user,type=NameLink.access_control,data__contains='i').all()] - return respond_to(request, {'text/html': 'apps/userprofile/home.html'},{'memberships': memberships,'names': names, 'name': home}) + return respond_to(request, {'text/html': 'apps/userprofile/home.html'},{'memberships': memberships,'names': names}) @login_required def search(request): diff --git a/coip/extensions/templatetags/userdisplay.py b/coip/extensions/templatetags/userdisplay.py index de6f363..e1f7fd0 100644 --- a/coip/extensions/templatetags/userdisplay.py +++ b/coip/extensions/templatetags/userdisplay.py @@ -1,6 +1,4 @@ from django import template -from django.template import defaultfilters -from coip.apps.userprofile.models import last_used_profile from pprint import pformat import logging @@ -10,27 +8,20 @@ MOMENT = 120 # duration in seconds within which the time difference # will be rendered as 'a moment ago' def userdisplay(user): - try: - p = last_used_profile(user) - return p.display_name - except Exception,e: - logging.warning(e) + if user == None: + return "anonymous" + profile = user.get_profile() + if profile and profile.display_name: + return profile.display_name + cn = user.get_full_name() + if cn: + return cn + else: return user.username userdisplay.is_safe = True register.filter(userdisplay) -def lastidentifier(user): - #try: - p = last_used_profile(user) - return p.identifier - #except Exception,e: - # pprint(e) - # return user.username - -lastidentifier.is_safe = True -register.filter(lastidentifier) - def memberdisplay(membership): if membership.user: return userdisplay(membership.user) diff --git a/coip/multiresponse.py b/coip/multiresponse.py index e91e527..f19e863 100644 --- a/coip/multiresponse.py +++ b/coip/multiresponse.py @@ -3,7 +3,6 @@ import re from django.conf import settings from django.shortcuts import render_to_response from django.http import HttpResponse, HttpResponseForbidden -from coip.apps.userprofile.utils import user_profile from django.utils import simplejson from django.template import loader from coip.settings import PREFIX_URL @@ -30,7 +29,7 @@ def make_response_dict(request,d={}): if request.user.is_authenticated(): d['user'] = request.user - d['profile'] = user_profile(request) + d['profile'] = request.user.get_profile() d['prefix_url'] = PREFIX_URL if d.has_key('name'): @@ -58,7 +57,7 @@ def render403(request,message="You don't seem to have enough rights for what you dict['message'] = message dict['user'] = request.user if request.user.is_authenticated(): - dict['profile'] = user_profile(request) + dict['profile'] = request.user.get_profile() return HttpResponseForbidden(loader.render_to_string("403.html",dict)) def respond_to(request, template_mapping, dict={}, suffix_mapping=default_suffix_mapping): diff --git a/coip/settings.py b/coip/settings.py index 2a8297f..6d77b6c 100644 --- a/coip/settings.py +++ b/coip/settings.py @@ -47,6 +47,8 @@ PREFIX_URL = 'http://localhost:8000' NOREPLY = 'noreply@localhost' METADATA = 'http://md.swamid.se/md/swamid-1.0.xml' +AUTH_PROFILE_MODULE = 'userprofile.UserProfile' + # If you set this to False, Django will make some optimizations so as not # to load the internationalization machinery. USE_I18N = True diff --git a/coip/urls.py b/coip/urls.py index 4b1bc6f..13c422f 100644 --- a/coip/urls.py +++ b/coip/urls.py @@ -24,8 +24,8 @@ urlpatterns = patterns('', (r'^accounts/login-federated/$', 'coip.apps.auth.views.accounts_login_federated'), (r'^accounts/logout/$', 'coip.apps.auth.views.logout'), # Profiles and user information - (r'^user/merge/(?P<pkey>.+)$', 'coip.apps.userprofile.views.merge'), - (r'^user/merge$', 'coip.apps.userprofile.views.merge'), + #(r'^user/merge/(?P<pkey>.+)$', 'coip.apps.userprofile.views.merge'), + #(r'^user/merge$', 'coip.apps.userprofile.views.merge'), (r'^user/home$', 'coip.apps.userprofile.views.home'), (r'^user/(.+)/groups.json$', 'coip.apps.name.views.user_groups'), (r'^user/search.json$', 'coip.apps.userprofile.views.search'), |