forked from Gluejar/regluit
-
-
Notifications
You must be signed in to change notification settings - Fork 20
/
Copy pathviews.py
279 lines (242 loc) · 11.9 KB
/
views.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
import logging
import random
from django.conf import settings
from django.core.urlresolvers import reverse
from django.shortcuts import get_object_or_404, render
from django.contrib.auth.forms import SetPasswordForm
from django.contrib.auth.views import login, password_reset, password_change
from django.contrib.auth import login as login_to_user
from django.contrib.auth import load_backend
from django.contrib.auth.decorators import login_required
from django.http import HttpResponseRedirect
from django.views.generic.edit import FormView, CreateView, UpdateView, SingleObjectMixin
from registration.backends.model_activation.views import RegistrationView
from . import backends
from .models import Library
from .forms import AuthForm, LibraryForm, NewLibraryForm, RegistrationFormNoDisposableEmail, UserData
logger = logging.getLogger(__name__)
def get_library_or_404(library=None, library_id=None):
if library_id:
try:
return get_object_or_404(Library, id=library_id)
except ValueError:
raise Http404
else:
return get_object_or_404(Library, user__username=library)
def library(request, library=None, library_id=None,
extra_context={},
template='libraryauth/library.html',
**kwargs):
library=get_library_or_404(library=library, library_id=library_id)
context={ 'library':library,
'is_admin': request.user.is_staff or request.user==library.user,
'is_member': request.user.is_staff or library.has_user(request.user),
}
context.update(extra_context)
return render(request, template, context)
def join_library(request, library_id):
library=get_library_or_404(library_id=library_id)
return Authenticator(request,library).process(
reverse('library',args=[library.user]),
reverse('bad_library',args=[library.id]),
)
def superlogin(request, extra_context={}, **kwargs):
if request.method == 'POST' and request.user.is_anonymous():
username=request.POST.get("username", "")
try:
user=models.User.objects.get(username=username)
extra_context={"socials":user.profile.social_auths}
except:
pass
if request.GET.has_key("add"):
request.session["add_wishlist"]=request.GET["add"]
return login(request, extra_context=extra_context, authentication_form=AuthForm, **kwargs)
def social_aware_password_change(request, **kwargs):
if request.user.has_usable_password():
return password_change(request, **kwargs)
return password_change(request, password_change_form=SetPasswordForm, **kwargs)
class Authenticator:
request=None
library=None
def __init__(self, request, library, *args, **kwargs):
self.request = request
if isinstance(library , basestring):
self.library = Library.objects.get(user__username=library)
elif isinstance(library , Library):
self.library=library
else:
raise Exception
self.backend_class=getattr(backends,self.library.backend)
form_class = self.backend_class.form
if form_class:
self.form = form_class(request, self.library, *args, **kwargs)
else:
self.form = None
def process(self, success_url, deny_url):
logger.info('authenticator for %s at %s.'%(self.request.user, self.library))
if self.library.has_user(self.request.user):
return HttpResponseRedirect(success_url)
if self.backend_class().authenticate(self.request, self.library):
if self.request.user.is_authenticated():
self.library.add_user(self.request.user)
return HttpResponseRedirect(success_url)
else:
return superlogin(self.request, extra_context={'library':self.library}, template_name='libraryauth/library_login.html')
else:
return self.backend_class.authenticator().process(self, success_url, deny_url)
def allowed(self):
return self.backend_class().authenticate(self.request, self.library)
class BaseLibraryView:
model = Library
template_name="libraryauth/edit.html"
class CreateLibraryView(BaseLibraryView, CreateView):
form_class = NewLibraryForm
def get_initial(self):
return {'email': self.request.user.email}
def form_valid(self, form):
form.instance.owner = self.request.user
user = form.instance.user
user.email = form.cleaned_data['email']
user.save()
form.instance.user = user
form.instance.save()
form.instance.add_user(user) # library is a member of itself
form.instance.add_user(self.request.user) # library.owner is a member of library
context_data = self.get_context_data(form=form)
context_data['status'] = 'Library Updated'
return HttpResponseRedirect(reverse('library_admin',args=[form.instance.id]))
class UpdateLibraryView(BaseLibraryView, UpdateView):
pk_url_kwarg = 'library_id'
form_class = LibraryForm
def form_valid(self, form):
context_data = self.get_context_data(form=form)
form.instance.save()
context_data['status'] = 'Library Updated.'
return self.render_to_response(context_data)
def get_backend_form_class(self):
if self.object and self.object.backend:
backend_class=getattr(backends,self.object.backend)
return backend_class.admin_form
else:
return None
def get_backend_admin_forms(self):
if self.object and self.object.backend:
backend_models_name = '%s_auths' % self.object.backend
backend_models = getattr(self.object,backend_models_name)
backend_new_form = self.get_backend_form_class()(initial = {'library':self.object}, prefix="new")
backend_old_forms = [self.get_backend_form_class()(instance = backend_model, prefix="backend_%s"%backend_model.id) for backend_model in backend_models.all()]
return backend_old_forms + [backend_new_form]
else:
return []
def get_context_data(self, backend_form=None, form=None, **kwargs):
context = super(UpdateLibraryView,self).get_context_data(**kwargs)
backend_admin_forms = self.get_backend_admin_forms()
if backend_form:
backend_admin_forms = [ backend_form if backend_form.prefix== backend_admin_form.prefix else backend_admin_form for backend_admin_form in backend_admin_forms]
context['backend_admin_forms'] = backend_admin_forms
if form:
context['form'] = form
return context
def get(self, request, *args, **kwargs):
self.object = self.get_object()
# check permissions
if request.user not in [self.object.owner, self.object.user]:
context_data={'status': 'You\'re not permitted to edit this library.'}
return self.render_to_response(context_data)
form = self.get_form(self.form_class)
return self.render_to_response(self.get_context_data(form=form))
def post(self, request, *args, **kwargs):
# get the user instance (the library)
self.object = self.get_object()
# check permissions
if request.user not in [self.object.owner, self.object.user]:
context_data={'status': 'You\'re not permitted to edit this library.'}
return self.render_to_response(context_data)
# determine if backend form is being submitted
# uses the name of the form's submit button
if 'backend_submit' in request.POST or 'backend_delete' in request.POST:
# get the form
form_class = self.get_backend_form_class()
form_model = form_class.Meta.model
backend_id = request.POST['id']
if 'backend_submit' in request.POST:
# we're editing the backend
if backend_id is None or backend_id=="None":
backend_model_instance = form_model(library=self.object)
form = form_class(data=request.POST, instance=backend_model_instance, prefix="new")
else:
backend_model_instance = form_model.objects.get(id=backend_id)
form = form_class(data=request.POST, instance=backend_model_instance, prefix="backend_%s"%request.POST['id'])
if form.is_valid():
form.save()
status = 'User Validation Updated.'
context_data = self.get_context_data( form=self.form_class(instance=self.object))
else:
status = 'Problem with User Validation.'
context_data = self.get_context_data(backend_form=form, form=self.form_class(instance=self.object))
else:
#deleting a backend
if backend_id is not None and backend_id!="None":
backend_model_instance = form_model.objects.get(id=backend_id)
backend_model_instance.delete()
status = 'Deleted.'
else:
status = 'Nothing to delete.'
context_data = self.get_context_data( form=self.form_class(instance=self.object))
context_data['status'] = status
return self.render_to_response(context_data)
else:
# just use regular post handler
form = self.get_form(self.form_class)
if form.is_valid():
return self.form_valid(form)
else:
return self.form_invalid(form)
@login_required
def login_as_library(request, library_id):
library=get_library_or_404(library_id=library_id)
if request.user == library.owner:
login_user(request, library.user)
return HttpResponseRedirect(reverse('library_admin',args=[library.id]))
def login_user(request, user):
"""
Log in a user without requiring credentials (using ``login`` from
``django.contrib.auth``, first finding a matching backend).
magic from https://djangosnippets.org/snippets/1547/
"""
if not hasattr(user, 'backend'):
for backend in settings.AUTHENTICATION_BACKENDS:
if user == load_backend(backend).get_user(user.pk):
user.backend = backend
break
if hasattr(user, 'backend'):
return login_to_user(request, user)
robot_qs = {
'user',
'user/register',
'node/add',
}
class CustomRegistrationView(RegistrationView):
form_class = RegistrationFormNoDisposableEmail
def form_valid(self, form):
q = self.request.session.get('q', False)
if q and q in robot_qs:
return self.render_to_response({'form':form})
return super(CustomRegistrationView,self).form_valid(form)
def edit_user(request, redirect_to=None):
if not request.user.is_authenticated():
return HttpResponseRedirect(reverse('superlogin'))
form=UserData()
if request.method == 'POST':
if 'change_username' in request.POST.keys():
form = UserData(request.POST)
form.oldusername = request.user.username
if form.is_valid(): # All validation rules pass, go and change the username
request.user.username=form.cleaned_data['username']
request.user.save()
if 'set_password' in request.POST.keys() and form.cleaned_data.has_key('set_password'):
if not request.user.has_usable_password():
request.user.set_password(form.cleaned_data['set_password'])
request.user.save()
return HttpResponseRedirect(redirect_to if redirect_to else reverse('home')) # Redirect after POST
return render(request,'registration/user_change_form.html', {'form': form})