summaryrefslogtreecommitdiff
path: root/coip/apps
diff options
context:
space:
mode:
Diffstat (limited to 'coip/apps')
-rw-r--r--coip/apps/auth/views.py62
-rw-r--r--coip/apps/invitation/models.py9
-rw-r--r--coip/apps/invitation/views.py2
-rw-r--r--coip/apps/name/views.py13
-rw-r--r--coip/apps/opensocial/people.py16
-rw-r--r--coip/apps/userprofile/admin.py5
-rw-r--r--coip/apps/userprofile/models.py64
-rw-r--r--coip/apps/userprofile/utils.py32
-rw-r--r--coip/apps/userprofile/views.py43
9 files changed, 69 insertions, 177 deletions
diff --git a/coip/apps/auth/views.py b/coip/apps/auth/views.py
index 6dd311d..bab6bf8 100644
--- a/coip/apps/auth/views.py
+++ b/coip/apps/auth/views.py
@@ -4,71 +4,15 @@ Created on Jul 5, 2010
@author: leifj
'''
from django.http import HttpResponseRedirect
-from coip.apps.userprofile.models import UserProfile
-from django.contrib.auth.models import User
-from coip.apps.auth.utils import anonid
+from coip.apps.userprofile.models import UserProfile, user_profile
from coip.apps.name.models import lookup
-import datetime
from django.views.decorators.cache import never_cache
-import logging
+from coip.apps.membership.models import add_member
-def meta(request,attr):
- v = request.META.get(attr)
- if not v:
- return None
- values = filter(lambda x: x != "(null)",v.split(";"))
- return values;
-
-def meta1(request,attr):
- v = meta(request,attr)
- if v:
- return v[0]
- else:
- return None
def accounts_login_federated(request):
if request.user.is_authenticated():
- profile,created = UserProfile.objects.get_or_create(identifier=request.user.username)
- if created:
- profile.identifier = request.user.username
- profile.user = request.user
- profile.save()
-
-
- update = False
- cn = meta1(request,'cn')
- if not cn:
- cn = meta1(request,'displayName')
- logging.warn(cn)
- if not cn:
- fn = meta1(request,'givenName')
- ln = meta1(request,'sn')
- if fn and ln:
- cn = "%s %s" % (fn,ln)
- if not cn:
- cn = profile.identifier
-
- mail = meta1(request,'mail')
-
- idp = meta1(request,'Shib-Identity-Provider')
-
- for attrib_name, meta_value in (('display_name',cn),('email',mail),('idp',idp)):
- attrib_value = getattr(profile, attrib_name)
- if meta_value and not attrib_value:
- setattr(profile,attrib_name,meta_value)
- update = True
-
- if request.user.password == "":
- request.user.password = "(not used for federated logins)"
- update = True
-
- if update:
- request.user.save()
-
- # Allow auto_now to kick in for the lastupdated field
- #profile.lastupdated = datetime.datetime.now()
- profile.save()
-
+ #profile,created = UserProfile.objects.get_or_create(user=request.user)
next = request.session.get("after_login_redirect", None)
if next is not None:
return HttpResponseRedirect(next)
diff --git a/coip/apps/invitation/models.py b/coip/apps/invitation/models.py
index e6b7df4..64c3d5d 100644
--- a/coip/apps/invitation/models.py
+++ b/coip/apps/invitation/models.py
@@ -6,11 +6,7 @@ Created on Jun 23, 2010
from django.db import models
from django.contrib.auth.models import User
from coip.apps.name.models import Name
-import datetime
-from pprint import pformat
from django.core.mail import send_mail
-from coip.apps.userprofile.models import last_used_profile
-import logging
from coip.settings import PREFIX_URL, NOREPLY
class Invitation(models.Model):
@@ -29,8 +25,7 @@ class Invitation(models.Model):
def __unicode__(self):
return "%s invited to %s by %s" % (self.email,self.name,self.inviter)
- def send_email(self):
- pinviter = last_used_profile(self.inviter)
+ def send_email(self,user):
send_mail('Invitation to join \'%s\'' % (self.name.shortname()),
'''
%s (%s) has invited you to join \'%s\':
@@ -45,7 +40,7 @@ If you want to accept the invitation open this link in your browser:
To view information about \'%s\' open this link in your browser:
%s
-''' % (pinviter.display_name,pinviter.identifier,self.name.shortname(),self.message,PREFIX_URL,self.nonce,self.name.shortname(),self.name.url()),
+''' % (user.get_full_name,user.identifier.value,self.name.shortname(),self.message,PREFIX_URL,self.nonce,self.name.shortname(),self.name.url()),
NOREPLY,
[self.email],
fail_silently=False)
diff --git a/coip/apps/invitation/views.py b/coip/apps/invitation/views.py
index 542728b..b0b1fb9 100644
--- a/coip/apps/invitation/views.py
+++ b/coip/apps/invitation/views.py
@@ -27,7 +27,7 @@ def invite(request,id):
form = InvitationForm(request.POST,instance=invitation)
if form.is_valid():
invitation = form.save()
- invitation.send_email()
+ invitation.send_email(user)
return HttpResponseRedirect("/name/id/%d" % (name.id))
else:
exp = datetime.datetime.now()+datetime.timedelta(days=1)
diff --git a/coip/apps/name/views.py b/coip/apps/name/views.py
index b50526c..31efbc8 100644
--- a/coip/apps/name/views.py
+++ b/coip/apps/name/views.py
@@ -5,11 +5,10 @@ Created on Jul 6, 2010
'''
from coip.apps.name.models import Name, lookup, traverse, NameLink
from django.core.exceptions import ObjectDoesNotExist
-from django.http import HttpResponseNotFound, HttpResponseForbidden,\
- HttpResponseRedirect, Http404
+from django.http import HttpResponseNotFound,HttpResponseRedirect, Http404
from django.contrib.auth.decorators import login_required
from coip.multiresponse import respond_to, json_response, render403
-from pprint import pformat, pprint
+from pprint import pformat
import logging
from coip.apps.name.forms import NameEditForm, NewNameForm, NameDeleteForm,\
PermissionForm
@@ -29,7 +28,7 @@ def delete(request,id):
if form.is_valid():
parent = name.parent
if not form.cleaned_data['recursive'] and name.children.count() > 0:
- return HttpResponseForbidden("Will not delete non-empty node")
+ return render403(request,"Will not delete non-empty node")
for link in name.links.all():
link.delete()
@@ -54,10 +53,10 @@ def add(request,id):
if id:
if not parent.has_permission(request.user,'w'):
- return HttpResponseForbidden('You are not allowed to create names under '+parent)
+ return render403(request,'You are not allowed to create names under %s' % parent)
else:
if not request.user.admin:
- return HttpResponseForbidden('You are not allowed to create names in the root')
+ return render403(request,'You are not allowed to create names in the root context')
if request.method == 'POST':
name = Name(parent=parent,creator=request.user)
@@ -76,7 +75,7 @@ def edit(request,id):
name = get_object_or_404(Name,pk=id)
if not name.has_permission(request.user,'w'):
- return HttpResponseForbidden()
+ return render403(request,"You do not have write-permission here")
if request.method == 'POST':
form = NameEditForm(request.POST,instance=name)
diff --git a/coip/apps/opensocial/people.py b/coip/apps/opensocial/people.py
index 4572829..e51949c 100644
--- a/coip/apps/opensocial/people.py
+++ b/coip/apps/opensocial/people.py
@@ -4,7 +4,6 @@ Created on Jun 19, 2011
@author: leifj
'''
from tastypie.resources import ModelResource
-from coip.apps.userprofile.models import UserProfile, last_used_profile
from django.contrib.auth.models import User
from coip.apps.opensocial.serializer import OpenSocialSerializer
from django.conf.urls.defaults import url
@@ -19,6 +18,7 @@ from django.shortcuts import get_object_or_404
import logging
from pprint import pformat
from tastypie.bundle import Bundle
+from coip.apps.userprofile.models import Identifier
_rekey = {
'objects': 'entry'
@@ -122,8 +122,8 @@ class PersonResource(OpenSocialResource):
#memberships = ToManyField(MembershipResource,'memberships',full=True)
class Meta:
- queryset = User.objects.all()
- fields = ['username']
+ queryset = Identifier.objects.filter(type=Identifier.FEDERATION)
+ fields = ['value']
resource_name = 'people'
serializer = OpenSocialSerializer()
@@ -138,8 +138,8 @@ class PersonResource(OpenSocialResource):
def list_memberships(self, request, **kwargs):
logging.debug(pformat(kwargs))
try:
- user = self.cached_obj_get(request=request, username=kwargs['username'])
- logging.debug(pformat(user))
+ id = self.cached_obj_get(request=request, value=kwargs['username'])
+ logging.debug(pformat(id))
except ObjectDoesNotExist:
return HttpGone()
except MultipleObjectsReturned:
@@ -157,8 +157,8 @@ class PersonResource(OpenSocialResource):
def dehydrate(self,bundle):
bundle = super(PersonResource,self).dehydrate(bundle)
- bundle.data['id'] = bundle.data['username']
- bundle.data['displayName'] = last_used_profile(bundle.obj).display_name
+ bundle.data['id'] = bundle.data['value']
+ bundle.data['displayName'] = bundle.data['display_name']
del bundle.data['resource_uri']
- del bundle.data['username']
+ del bundle.data['value']
return bundle \ No newline at end of file
diff --git a/coip/apps/userprofile/admin.py b/coip/apps/userprofile/admin.py
index 32c1ad8..1e5c7a0 100644
--- a/coip/apps/userprofile/admin.py
+++ b/coip/apps/userprofile/admin.py
@@ -1,4 +1,5 @@
from django.contrib import admin
-from coip.apps.userprofile.models import UserProfile
+from coip.apps.userprofile.models import UserProfile, Identifier
-admin.site.register(UserProfile) \ No newline at end of file
+admin.site.register(UserProfile)
+admin.site.register(Identifier) \ No newline at end of file
diff --git a/coip/apps/userprofile/models.py b/coip/apps/userprofile/models.py
index 40751fb..e780d81 100644
--- a/coip/apps/userprofile/models.py
+++ b/coip/apps/userprofile/models.py
@@ -5,39 +5,57 @@ Created on Jul 5, 2010
'''
from django.db import models
from django.contrib.auth.models import User
-from coip.apps.name.models import Name
+from coip.apps.name.models import Name, lookup
+from coip.apps.membership.models import add_member
class UserProfile(models.Model):
- user = models.ForeignKey(User,blank=True,null=True,related_name='profiles')
- display_name = models.CharField(max_length=255,blank=True,null=True)
- primary = models.BooleanField()
- email = models.EmailField(blank=True,null=True)
- idp = models.CharField(max_length=255,blank=True,null=True)
- identifier = models.CharField(max_length=1023,unique=True)
+ user = models.ForeignKey(User)
+ home = models.ForeignKey(Name,blank=True,null=True,editable=False)
timecreated = models.DateTimeField(auto_now_add=True)
lastupdated = models.DateTimeField(auto_now=True)
- home = models.ForeignKey(Name,blank=True,null=True,editable=False)
def __unicode__(self):
- return "%s [%s] - %s" % (self.identifier,self.user.username,self.display_name)
-
- def make_primary(self):
- for p in UserProfile.objects.filter(user=self.user).all:
- p.primary = False
- self.primary = True
-
-def last_used_profile(user):
- return UserProfile.objects.filter(user=user).order_by('lastupdated')[0]
+ return "%s" % (self.user.__unicode__())
+
-def primary_profile(user):
- return UserProfile.objects.filter(user=user,primary=True)[0]
+def user_profile(user):
+ profile,created = UserProfile.objects.get_or_create(user=user)
+ if created:
+ urn = lookup("urn",True)
+ anyuser = lookup("system:anyuser",True)
+ urn.setacl(anyuser,'rl')
+ home = lookup('user:'+user.username,autocreate=True)
+ home.short = user.get_full_name()
+ profile.home = home
+ profile.save()
+ home.save()
+ add_member(home,profile.user,hidden=True)
+ home.setpacl(home, "rwlida")
+ home.setacl(home,"rwla") #don't allow users to delete or reset acls on their home, nor invite members - that would be confusing as hell
+
+ return profile
+class Identifier(models.Model):
+
+ FEDERATION=0
+ EMAIL=1
+ SSHKEY=2
+ GRIDCERT=3
+ INTERNAL=4
-class PKey(models.Model):
- user_profile = models.ForeignKey(UserProfile,related_name='keys')
- key = models.CharField(max_length=1023,unique=True)
timecreated = models.DateTimeField(auto_now_add=True)
lastupdated = models.DateTimeField(auto_now=True)
+ user = models.ForeignKey(User,related_name='identifiers')
+ display_name = models.CharField(max_length=255,blank=True,null=True)
+ type = models.SmallIntegerField(default=0,choices=((0,'Federation Identifier'),(1,'Email Address'),(2,'SSH Key'),(3,'eScience Certificate'),(4,'Internal User')))
+ idp = models.CharField(max_length=255,blank=True,null=True)
+ verified = models.BooleanField()
+ value = models.CharField(max_length=1023)
+ verification_code = models.CharField(max_length=1023,blank=True,null=True)
+
+ #class Meta:
+ # unique_together = ('value','idp')
+
def __unicode__(self):
- return "A merge-key for "+self.user_profile
+ return "%s [%s]" % (self.value,self.display_name)
diff --git a/coip/apps/userprofile/utils.py b/coip/apps/userprofile/utils.py
deleted file mode 100644
index d3854f6..0000000
--- a/coip/apps/userprofile/utils.py
+++ /dev/null
@@ -1,32 +0,0 @@
-'''
-Created on Jul 6, 2010
-
-@author: leifj
-'''
-from coip.apps.userprofile.models import UserProfile, PKey
-from django.core.exceptions import ObjectDoesNotExist
-import logging
-from pprint import pformat
-
-def request_profile(request):
- if request.user.is_authenticated():
- logging.warn(pformat(request.META))
- if request.META.has_key('REMOTE_USER'):
- return UserProfile.objects.get(identifier=request.META['REMOTE_USER'])
- else:
- return UserProfile.objects.get(user=request.user)
- else:
- return None
-
-def user_profile(request,key=None):
- if key:
- try:
- k = PKey.objects.get(key=key)
- return k.profile,k
- except ObjectDoesNotExist:
- return None
- else:
- return request_profile(request)
- #if not request.session.has_key('_profile'):
- # request.session['_profile'] = request_profile(request)
- #return request.session['_profile'] \ No newline at end of file
diff --git a/coip/apps/userprofile/views.py b/coip/apps/userprofile/views.py
index 7ce8f74..50fe184 100644
--- a/coip/apps/userprofile/views.py
+++ b/coip/apps/userprofile/views.py
@@ -4,34 +4,14 @@ Created on Jul 6, 2010
@author: leifj
'''
from django.contrib.auth.decorators import login_required
-from coip.apps.userprofile.models import PKey
-from django.http import HttpResponseRedirect
from coip.multiresponse import respond_to, json_response
-from coip.apps.membership.models import Membership, add_member
-from coip.apps.userprofile.utils import user_profile
+from coip.apps.membership.models import Membership
from django.core.exceptions import ObjectDoesNotExist
-from pprint import pformat
-from coip.apps.auth.utils import nonce
-from coip.apps.name.models import Name, NameLink, lookup
+from coip.apps.name.models import NameLink
from django.contrib.auth.models import User
from django.shortcuts import get_object_or_404
+from coip.apps.userprofile.models import Identifier
-@login_required
-def merge(request,pkey=None):
- if pkey:
- profile = user_profile(request)
- merge_profile,pkey = profile(request,pkey)
- if merge_profile:
- merge_profile.user.delete()
- merge_profile.user = request.user
- merge_profile.save()
- pkey.delete()
- return HttpResponseRedirect("/user/home")
- else:
- profile = profile(request)
- k = PKey(profile=profile,key=nonce())
- k.save()
- return HttpResponseRedirect("/accounts/login?next=/user/merge/"+k.key)
@login_required
def home(request):
@@ -41,22 +21,9 @@ def home(request):
except ObjectDoesNotExist:
pass
- urn = lookup("urn",True)
- anyuser = lookup("system:anyuser",True)
- urn.setacl(anyuser,'rl')
-
- profile = user_profile(request)
- home = lookup('user:'+request.user.username,autocreate=True)
- home.short = "%s (%s)" % (profile.display_name,profile.identifier)
- profile.home = home
- home.save()
- add_member(home,profile.user,hidden=True)
- home.setpacl(home, "rwlida")
- home.setacl(home,"rwla") #don't allow users to delete or reset acls on their home, nor invite members - that would be confusing as hell
-
names = [(link.src,link.data) for link in NameLink.objects.filter(dst__memberships__user=request.user,type=NameLink.access_control,data__contains='i').all()]
-
- return respond_to(request, {'text/html': 'apps/userprofile/home.html'},{'memberships': memberships,'names': names, 'name': home})
+ identifiers = Identifier.objects.filter(user=request.user)
+ return respond_to(request, {'text/html': 'apps/userprofile/home.html'},{'memberships': memberships,'names': names,'identifiers': identifiers})
@login_required
def search(request):
generated by cgit v1.1 at 2025-07-06 08:24:59 +0000