new profile-model

author: Leif Johansson <leifj@sunet.se> 2011-08-18 10:41:41 +0200
committer: Leif Johansson <leifj@sunet.se> 2011-08-18 10:41:41 +0200
commit: 8b62502983ca646104f22ecb56cf97ff8922756a (patch)
tree: 6dea14dea1b13a8fdb919d9ada7f10a816876131 /coip
parent: 9d4561febd0489eb8cab1fc3654614b1a5ed17ac (diff)
11 files changed, 107 insertions, 157 deletions
diff --git a/coip/apps/auth/views.py b/coip/apps/auth/views.py
index 6dd311d..18b4430 100644
--- a/coip/apps/auth/views.py
+++ b/coip/apps/auth/views.py
@@ -4,13 +4,14 @@ Created on Jul 5, 2010
 @author: leifj
 '''
 from django.http import HttpResponseRedirect
-from coip.apps.userprofile.models import UserProfile
+from coip.apps.userprofile.models import UserProfile, home_name
 from django.contrib.auth.models import User
 from coip.apps.auth.utils import anonid
 from coip.apps.name.models import lookup
 import datetime
 from django.views.decorators.cache import never_cache
 import logging
+from coip.apps.membership.models import add_member
 
 def meta(request,attr):
     v = request.META.get(attr)
@@ -28,47 +29,44 @@ def meta1(request,attr):
 
 def accounts_login_federated(request):
     if request.user.is_authenticated():
-        profile,created = UserProfile.objects.get_or_create(identifier=request.user.username)
-        if created:
-            profile.identifier = request.user.username
-            profile.user = request.user
-            profile.save()
-            
+        user = request.user
+        profile = user.get_profile()
+        profile.identifier = request.user.username
+        idp = meta1(request,'Shib-Identity-Provider')
+        profile.idp = idp
         
-        update = False
         cn = meta1(request,'cn')
+        fn = meta1(request,'givenName')
+        ln = meta1(request,'sn')
+        mail = meta1(request,'mail')
+        
         if not cn:
             cn = meta1(request,'displayName')
-        logging.warn(cn)
-        if not cn:
-            fn = meta1(request,'givenName')
-            ln = meta1(request,'sn')
-            if fn and ln:
-                cn = "%s %s" % (fn,ln)
+        if not cn and (fn and ln):
+            cn = "%s %s" % (fn,ln)
         if not cn:
             cn = profile.identifier
+
+        if fn:
+            user.first_name = fn
+        if ln:
+            user.last_name = ln
+        if mail:
+            user.email = mail
             
-        mail = meta1(request,'mail')
-        
-        idp = meta1(request,'Shib-Identity-Provider')
-        
-        for attrib_name, meta_value in (('display_name',cn),('email',mail),('idp',idp)):
-            attrib_value = getattr(profile, attrib_name)
-            if meta_value and not attrib_value:
-                setattr(profile,attrib_name,meta_value)
-                update = True
+        if cn:
+            profile.display_name = cn
                 
-        if request.user.password == "":
-            request.user.password = "(not used for federated logins)"
-            update = True
-            
-        if update:
-            request.user.save()
+        user.set_unusable_password()
         
-        # Allow auto_now to kick in for the lastupdated field
-        #profile.lastupdated = datetime.datetime.now()    
+        if profile.home == None:
+            profile.home = home_name(user,autocreate=True)
+        
+        profile.home.short = "%s (%s)" % (cn,profile.identifier)
+        profile.home.save()
+        user.save()
         profile.save()
-            
+        
         next = request.session.get("after_login_redirect", None)
         if next is not None:
             return HttpResponseRedirect(next)
diff --git a/coip/apps/invitation/models.py b/coip/apps/invitation/models.py
index e6b7df4..fabc145 100644
--- a/coip/apps/invitation/models.py
+++ b/coip/apps/invitation/models.py
@@ -6,10 +6,7 @@ Created on Jun 23, 2010
 from django.db import models
 from django.contrib.auth.models import User
 from coip.apps.name.models import Name
-import datetime
-from pprint import pformat
 from django.core.mail import send_mail
-from coip.apps.userprofile.models import last_used_profile
 import logging
 from coip.settings import PREFIX_URL, NOREPLY
 
@@ -29,8 +26,8 @@ class Invitation(models.Model):
     def __unicode__(self):
         return "%s invited to %s by %s" % (self.email,self.name,self.inviter)
         
-    def send_email(self):
-        pinviter = last_used_profile(self.inviter)
+    def send_email(self,request):
+        pinviter = request.user.get_profile()
         send_mail('Invitation to join \'%s\'' % (self.name.shortname()),
                   '''
 %s (%s) has invited you to join \'%s\':
diff --git a/coip/apps/invitation/views.py b/coip/apps/invitation/views.py
index 542728b..f227508 100644
--- a/coip/apps/invitation/views.py
+++ b/coip/apps/invitation/views.py
@@ -27,7 +27,7 @@ def invite(request,id):
         form = InvitationForm(request.POST,instance=invitation)
         if form.is_valid():
             invitation = form.save()
-            invitation.send_email()
+            invitation.send_email(request)
             return HttpResponseRedirect("/name/id/%d" % (name.id))
     else:
         exp = datetime.datetime.now()+datetime.timedelta(days=1)
diff --git a/coip/apps/opensocial/people.py b/coip/apps/opensocial/people.py
index 4572829..9465c08 100644
--- a/coip/apps/opensocial/people.py
+++ b/coip/apps/opensocial/people.py
@@ -4,7 +4,6 @@ Created on Jun 19, 2011
 @author: leifj
 '''
 from tastypie.resources import ModelResource
-from coip.apps.userprofile.models import UserProfile, last_used_profile
 from django.contrib.auth.models import User
 from coip.apps.opensocial.serializer import OpenSocialSerializer
 from django.conf.urls.defaults import url
@@ -158,7 +157,7 @@ class PersonResource(OpenSocialResource):
     def dehydrate(self,bundle):
         bundle = super(PersonResource,self).dehydrate(bundle)
         bundle.data['id'] = bundle.data['username']
-        bundle.data['displayName'] = last_used_profile(bundle.obj).display_name
+        bundle.data['displayName'] = bundle.obj.get_profile().display_name
         del bundle.data['resource_uri']
         del bundle.data['username']
         return bundle
 \ No newline at end of file
diff --git a/coip/apps/userprofile/models.py b/coip/apps/userprofile/models.py
index 40751fb..6e2364a 100644
--- a/coip/apps/userprofile/models.py
+++ b/coip/apps/userprofile/models.py
@@ -5,39 +5,70 @@ Created on Jul 5, 2010
 '''
 from django.db import models
 from django.contrib.auth.models import User
-from coip.apps.name.models import Name
+from django.dispatch.dispatcher import receiver
+from django.db.models.signals import post_save
+from coip.apps.name.models import Name, lookup
+from coip.apps.membership.models import add_member
 
 class UserProfile(models.Model):
-    user = models.ForeignKey(User,blank=True,null=True,related_name='profiles')
+    
+    INTERNAL = 0
+    ENTITY = 1
+    SSHKEY = 2
+    GRIDCERT = 3
+    FEDID = 4
+    
+    #
+    # User content
+    # 0 (internal) - normal
+    # 1 (entity)   - username=entity:sha1(entityID), profile.display_name = display or entityID, profile.identifier = ssh key
+    # 2 (sshkey)   - username=sshkey:fingerprint, profile.display_name = key alias or "SSH Key with fingerprint ..."
+    # 3 (gridcert) - username=x509:sha1-fingerprint, profile.display_name = dn, profile.identifier = PEM
+    # 4 (fedid)    - username=eppn or equiv (REMOTE_USER),profile.display_name = display or eppn, profile.identifier = eppn, profile.authority = idp
+    #
+    
+    user = models.OneToOneField(User)
+    home = models.ForeignKey(Name,blank=True,null=True)
     display_name = models.CharField(max_length=255,blank=True,null=True)
-    primary = models.BooleanField()
-    email = models.EmailField(blank=True,null=True)
-    idp = models.CharField(max_length=255,blank=True,null=True)
-    identifier = models.CharField(max_length=1023,unique=True)
+    type = models.SmallIntegerField(choices=((ENTITY,"Connected Service"),
+                                             (INTERNAL,"System User"),
+                                             (SSHKEY,"SSH Key"),
+                                             (GRIDCERT,"eScience Certificate"),
+                                             (FEDID,"User Identity")))
+    
+    authority = models.CharField(max_length=255,blank=True,null=True)
+    identifier = models.CharField(max_length=1023,blank=True,null=True)
+    
     timecreated = models.DateTimeField(auto_now_add=True)
     lastupdated = models.DateTimeField(auto_now=True)
-    home = models.ForeignKey(Name,blank=True,null=True,editable=False)
     
     def __unicode__(self):
         return "%s [%s] - %s" % (self.identifier,self.user.username,self.display_name)
 
-    def make_primary(self):
-        for p in UserProfile.objects.filter(user=self.user).all:
-            p.primary = False
-        self.primary = True
-
-def last_used_profile(user):
-    return UserProfile.objects.filter(user=user).order_by('lastupdated')[0]
-
-def primary_profile(user):
-    return UserProfile.objects.filter(user=user,primary=True)[0]
+def import_sshkey(keyfile):
+    fingerprint = "xxx"
+    user = User.objects.get_or_create(username="sshkey:%s" % fingerprint)
 
+def home_name(user,short=None,autocreate=False):
+    if short == None:
+        short = user.username
+    urn = lookup("urn",True)
+    anyuser = lookup("system:anyuser",True)
+    urn.setacl(anyuser,'rl')
     
-class PKey(models.Model):
-    user_profile = models.ForeignKey(UserProfile,related_name='keys')
-    key = models.CharField(max_length=1023,unique=True)
-    timecreated = models.DateTimeField(auto_now_add=True)
-    lastupdated = models.DateTimeField(auto_now=True)
+    home = lookup('user:'+user.username,autocreate=autocreate)
+    add_member(home,user,hidden=True)
+    home.setpacl(home, "rwlida")
+    home.setacl(home,"rwlia") #don't allow users to delete or reset acls on their home, nor invite members - that would be confusing as hell
+    home.short = short
+    home.save()
     
-    def __unicode__(self):
-        return "A merge-key for "+self.user_profile
+    return home
+
+@receiver(post_save,sender=User)
+def _create_profile(sender,**kwargs):
+    user = kwargs['instance']
+    profile,created = UserProfile.objects.get_or_create(user=user)
+    if profile.home == None:
+        profile.home = home_name(user,autocreate=True)
+        profile.save()
+\ No newline at end of file
diff --git a/coip/apps/userprofile/utils.py b/coip/apps/userprofile/utils.py
deleted file mode 100644
index d3854f6..0000000
--- a/coip/apps/userprofile/utils.py
+++ /dev/null
@@ -1,32 +0,0 @@
-'''
-Created on Jul 6, 2010
-
-@author: leifj
-'''
-from coip.apps.userprofile.models import UserProfile, PKey
-from django.core.exceptions import ObjectDoesNotExist
-import logging
-from pprint import pformat
-
-def request_profile(request):
-    if request.user.is_authenticated():
-        logging.warn(pformat(request.META))
-        if request.META.has_key('REMOTE_USER'):
-            return UserProfile.objects.get(identifier=request.META['REMOTE_USER'])
-        else:
-            return UserProfile.objects.get(user=request.user)
-    else:
-        return None 
-
-def user_profile(request,key=None):
-    if key:
-        try:
-            k = PKey.objects.get(key=key)
-            return k.profile,k
-        except ObjectDoesNotExist:
-            return None
-    else:
-        return request_profile(request)
-        #if not request.session.has_key('_profile'):
-        #    request.session['_profile'] = request_profile(request)
-        #return request.session['_profile']
-\ No newline at end of file
diff --git a/coip/apps/userprofile/views.py b/coip/apps/userprofile/views.py
index 7ce8f74..a7b15e8 100644
--- a/coip/apps/userprofile/views.py
+++ b/coip/apps/userprofile/views.py
@@ -4,36 +4,14 @@ Created on Jul 6, 2010
 @author: leifj
 '''
 from django.contrib.auth.decorators import login_required
-from coip.apps.userprofile.models import PKey
-from django.http import HttpResponseRedirect
 from coip.multiresponse import respond_to, json_response
-from coip.apps.membership.models import Membership, add_member
-from coip.apps.userprofile.utils import user_profile
+from coip.apps.membership.models import Membership
 from django.core.exceptions import ObjectDoesNotExist
-from pprint import pformat
-from coip.apps.auth.utils import nonce
-from coip.apps.name.models import Name, NameLink, lookup
+from coip.apps.name.models import NameLink
 from django.contrib.auth.models import User
 from django.shortcuts import get_object_or_404
 
 @login_required
-def merge(request,pkey=None):
-    if pkey:
-        profile = user_profile(request)
-        merge_profile,pkey = profile(request,pkey)
-        if merge_profile:  
-            merge_profile.user.delete()
-            merge_profile.user = request.user
-            merge_profile.save()
-            pkey.delete()
-        return HttpResponseRedirect("/user/home")
-    else:
-        profile = profile(request)
-        k = PKey(profile=profile,key=nonce())
-        k.save()
-        return HttpResponseRedirect("/accounts/login?next=/user/merge/"+k.key)
-    
-@login_required
 def home(request):
     memberships = []
     try:
@@ -41,22 +19,9 @@ def home(request):
     except ObjectDoesNotExist:
         pass
     
-    urn = lookup("urn",True)
-    anyuser = lookup("system:anyuser",True)
-    urn.setacl(anyuser,'rl')
-    
-    profile = user_profile(request)
-    home = lookup('user:'+request.user.username,autocreate=True)
-    home.short = "%s (%s)" % (profile.display_name,profile.identifier)
-    profile.home = home
-    home.save()
-    add_member(home,profile.user,hidden=True)
-    home.setpacl(home, "rwlida")
-    home.setacl(home,"rwla") #don't allow users to delete or reset acls on their home, nor invite members - that would be confusing as hell
-    
     names = [(link.src,link.data) for link in NameLink.objects.filter(dst__memberships__user=request.user,type=NameLink.access_control,data__contains='i').all()]
     
-    return respond_to(request, {'text/html': 'apps/userprofile/home.html'},{'memberships': memberships,'names': names, 'name': home})
+    return respond_to(request, {'text/html': 'apps/userprofile/home.html'},{'memberships': memberships,'names': names})
 
 @login_required
 def search(request):
diff --git a/coip/extensions/templatetags/userdisplay.py b/coip/extensions/templatetags/userdisplay.py
index de6f363..e1f7fd0 100644
--- a/coip/extensions/templatetags/userdisplay.py
+++ b/coip/extensions/templatetags/userdisplay.py
@@ -1,6 +1,4 @@
 from django import template
-from django.template import defaultfilters
-from coip.apps.userprofile.models import last_used_profile
 from pprint import pformat
 import logging
  
@@ -10,27 +8,20 @@ MOMENT = 120    # duration in seconds within which the time difference
                 # will be rendered as 'a moment ago'
  
 def userdisplay(user):
-    try:
-        p = last_used_profile(user)
-        return p.display_name
-    except Exception,e:
-        logging.warning(e)
+    if user == None:
+        return "anonymous"
+    profile = user.get_profile()
+    if profile and profile.display_name:
+        return profile.display_name
+    cn = user.get_full_name()
+    if cn:
+        return cn
+    else:
         return user.username
 
 userdisplay.is_safe = True
 register.filter(userdisplay)
 
-def lastidentifier(user):
-    #try:
-        p = last_used_profile(user)
-        return p.identifier
-    #except Exception,e:
-    #    pprint(e)
-    #    return user.username
-
-lastidentifier.is_safe = True
-register.filter(lastidentifier)
-
 def memberdisplay(membership):
     if membership.user:
         return userdisplay(membership.user)
diff --git a/coip/multiresponse.py b/coip/multiresponse.py
index e91e527..f19e863 100644
--- a/coip/multiresponse.py
+++ b/coip/multiresponse.py
@@ -3,7 +3,6 @@ import re
 from django.conf import settings
 from django.shortcuts import render_to_response
 from django.http import HttpResponse, HttpResponseForbidden
-from coip.apps.userprofile.utils import user_profile
 from django.utils import simplejson
 from django.template import loader
 from coip.settings import PREFIX_URL
@@ -30,7 +29,7 @@ def make_response_dict(request,d={}):
  
     if request.user.is_authenticated():
         d['user'] = request.user
-        d['profile'] = user_profile(request)
+        d['profile'] = request.user.get_profile()
 
     d['prefix_url'] = PREFIX_URL
     if d.has_key('name'):
@@ -58,7 +57,7 @@ def render403(request,message="You don't seem to have enough rights for what you
     dict['message'] = message
     dict['user'] = request.user
     if request.user.is_authenticated():
-        dict['profile'] = user_profile(request)
+        dict['profile'] = request.user.get_profile()
     return HttpResponseForbidden(loader.render_to_string("403.html",dict))
     
 def respond_to(request, template_mapping, dict={}, suffix_mapping=default_suffix_mapping):
diff --git a/coip/settings.py b/coip/settings.py
index 2a8297f..6d77b6c 100644
--- a/coip/settings.py
+++ b/coip/settings.py
@@ -47,6 +47,8 @@ PREFIX_URL = 'http://localhost:8000'
 NOREPLY = 'noreply@localhost'
 METADATA = 'http://md.swamid.se/md/swamid-1.0.xml'
 
+AUTH_PROFILE_MODULE = 'userprofile.UserProfile'
+
 # If you set this to False, Django will make some optimizations so as not
 # to load the internationalization machinery.
 USE_I18N = True
diff --git a/coip/urls.py b/coip/urls.py
index 4b1bc6f..13c422f 100644
--- a/coip/urls.py
+++ b/coip/urls.py
@@ -24,8 +24,8 @@ urlpatterns = patterns('',
     (r'^accounts/login-federated/$',                'coip.apps.auth.views.accounts_login_federated'),
     (r'^accounts/logout/$',                         'coip.apps.auth.views.logout'),
     # Profiles and user information
-    (r'^user/merge/(?P<pkey>.+)$',                  'coip.apps.userprofile.views.merge'),
-    (r'^user/merge$',                               'coip.apps.userprofile.views.merge'),
+    #(r'^user/merge/(?P<pkey>.+)$',                  'coip.apps.userprofile.views.merge'),
+    #(r'^user/merge$',                               'coip.apps.userprofile.views.merge'),
     (r'^user/home$',                                'coip.apps.userprofile.views.home'),
     (r'^user/(.+)/groups.json$',                    'coip.apps.name.views.user_groups'),
     (r'^user/search.json$',                         'coip.apps.userprofile.views.search'),
author	Leif Johansson <leifj@sunet.se>	2011-08-18 10:41:41 +0200
committer	Leif Johansson <leifj@sunet.se>	2011-08-18 10:41:41 +0200
commit	8b62502983ca646104f22ecb56cf97ff8922756a (patch)
tree	6dea14dea1b13a8fdb919d9ada7f10a816876131 /coip
parent	9d4561febd0489eb8cab1fc3654614b1a5ed17ac (diff)