From: Ciro Scognamiglio Date: Mon, 29 Sep 2014 09:53:31 +0000 (+0200) Subject: Merge branch 'onelab' of ssh://git.onelab.eu/git/myslice into onelab X-Git-Tag: myslice-1.2~1^2~21^2~7 X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=25a564caae591fd408aa0c11470e99852306f20d;hp=2786d994613e1fd50128971091f2f566e3c08f71;p=myslice.git Merge branch 'onelab' of ssh://git.onelab.eu/git/myslice into onelab --- diff --git a/portal/actions.py b/portal/actions.py index aed65fea..da5fe56f 100644 --- a/portal/actions.py +++ b/portal/actions.py @@ -46,7 +46,7 @@ def authority_get_pi_emails(request, authority_hrn): #default_email = default_email.replace('\n', '') #return default_email # the above doesn't work - return ['support@myslice.info'] + return ['support@onelab.eu'] else: pi_user_hrns = [ hrn for x in pi_users for hrn in x['pi_users'] ] query = Query.get('user').filter_by('user_hrn', 'included', pi_user_hrns).select('user_email') @@ -783,6 +783,42 @@ def sfa_create_user(wsgi_request, request, namespace = None, as_admin = False): return results +def iotlab_create_user (wsgi_request, request, namespace = None, as_admin=False): + + import requests + import time + from requests.auth import HTTPBasicAuth + + URL_REST = 'https://devgrenoble.senslab.info/rest/admin/users' + LOGIN_ADMIN = "auge" + PASSWORD_ADMIN = "k,mfg1+Q" + + auth = HTTPBasicAuth(LOGIN_ADMIN,PASSWORD_ADMIN) + headers = {'content-type': 'application/json'} + + for user in PendingUser.objects.raw('SELECT * FROM portal_pendinguser WHERE email = %s', [request['email']]): + password= user.password + + + iotlab_user_params = { + "type" : "SA", + "login" : request['email'], + "password" : password, + "firstName" : request['first_name'], + "lastName" : request['last_name'], + "email" : request['email'], + "structure" : request['authority_hrn'], + "city" : "N/A", + "country" : "N/A", + "sshPublicKey" : [request['public_key']], + "motivations" : "SFA federation", + } + + iotlab_user_params1 = json.dumps(iotlab_user_params) + r=requests.post(url=URL_REST, data=iotlab_user_params1, headers=headers, auth=auth) + print 'Create iotlab user : ', r.status_code, r.text + return r.text + def create_user(wsgi_request, request, namespace = None, as_admin = False): # XXX This has to be stored centrally USER_STATUS_ENABLED = 2 @@ -799,6 +835,10 @@ def create_user(wsgi_request, request, namespace = None, as_admin = False): # Add reference accounts for platforms manifold_add_reference_user_accounts(wsgi_request, request) + # Add the user to iotlab portal if theme is set to onelab + if theme.theme == 'onelab': + iotlab_create_user (wsgi_request, request) + def create_pending_user(wsgi_request, request, user_detail): """ """ @@ -826,7 +866,6 @@ def create_pending_user(wsgi_request, request, user_detail): theme.template_name = 'activate_user_email_subject.txt' subject = render_to_string(theme.template, request) subject = subject.replace('\n', '') - #sender = 'support@myslice.info' theme.template_name = 'email_default_sender.txt' sender = render_to_string(theme.template, request) sender = sender.replace('\n', '') diff --git a/portal/contactview.py b/portal/contactview.py index 2b9edb4e..19cc1b94 100644 --- a/portal/contactview.py +++ b/portal/contactview.py @@ -43,7 +43,6 @@ class ContactView (FreeAccessView, ThemeView): ## we don't need it cz the new ticketing systems sends a confirmation email ### #if cc_myself: # recipients.append(email) - #recipients = ['support@myslice.info'] theme.template_name = 'contact_support_email.html' html_content = render_to_string(theme.template, form.cleaned_data) diff --git a/portal/homeview.py b/portal/homeview.py index 7af47760..b0236525 100644 --- a/portal/homeview.py +++ b/portal/homeview.py @@ -69,6 +69,10 @@ class HomeView (FreeAccessView, ThemeView): activity.user.login(self.request) ## check user is pi or not + platform_details = {} + account_details = {} + acc_auth_cred = {} + acc_user_cred = {} platform_query = Query().get('local:platform').select('platform_id','platform','gateway_type','disabled') account_query = Query().get('local:account').select('user_id','platform_id','auth_type','config') platform_details = execute_query(self.request, platform_query) @@ -80,13 +84,22 @@ class HomeView (FreeAccessView, ThemeView): account_config = json.loads(account_detail['config']) if 'myslice' in platform_detail['platform']: acc_auth_cred = account_config.get('delegated_authority_credentials','N/A') + acc_user_cred = account_config.get('delegated_user_credential','N/A') # assigning values if acc_auth_cred=={} or acc_auth_cred=='N/A': pi = "is_not_pi" else: pi = "is_pi" - env['pi'] = pi + # check if the user has creds or not + if acc_user_cred == {} or acc_user_cred == 'N/A': + user_cred = 'no_creds' + else: + user_cred = 'has_creds' + + + env['pi'] = pi + env['user_cred'] = user_cred else: env['person'] = None return render_to_response(self.template,env, context_instance=RequestContext(request)) @@ -109,7 +122,12 @@ class HomeView (FreeAccessView, ThemeView): env = self.default_env() acc_auth_cred={} if request.user.is_authenticated(): + ## check user is pi or not + platform_details = {} + account_details = {} + acc_auth_cred = {} + acc_user_cred = {} platform_query = Query().get('local:platform').select('platform_id','platform','gateway_type','disabled') account_query = Query().get('local:account').select('user_id','platform_id','auth_type','config') # XXX Something like an invalid session seems to make the execute fail sometimes, and thus gives an error on the main page @@ -123,13 +141,22 @@ class HomeView (FreeAccessView, ThemeView): account_config = json.loads(account_detail['config']) if 'myslice' in platform_detail['platform']: acc_auth_cred = account_config.get('delegated_authority_credentials','N/A') + acc_user_cred = account_config.get('delegated_user_credential','N/A') # assigning values if acc_auth_cred=={} or acc_auth_cred=='N/A': pi = "is_not_pi" else: pi = "is_pi" - env['pi'] = pi + # check if the user has creds or not + if acc_user_cred == {} or acc_user_cred == 'N/A': + user_cred = 'no_creds' + else: + user_cred = 'has_creds' + + + env['pi'] = pi + env['user_cred'] = user_cred env['person'] = self.request.user else: env['person'] = None diff --git a/portal/manualdelegationview.py b/portal/manualdelegationview.py new file mode 100644 index 00000000..3560a92e --- /dev/null +++ b/portal/manualdelegationview.py @@ -0,0 +1,23 @@ +# this somehow is not used anymore - should it not be ? +from django.core.context_processors import csrf +from django.http import HttpResponseRedirect +from django.contrib.auth import authenticate, login, logout +from django.template import RequestContext +from django.shortcuts import render_to_response +from django.shortcuts import render + +from unfold.loginrequired import FreeAccessView + +from manifoldapi.manifoldresult import ManifoldResult +from ui.topmenu import topmenu_items, the_user +from myslice.configengine import ConfigEngine + +from myslice.theme import ThemeView + +class ManualDelegationView (FreeAccessView, ThemeView): + template_name = 'manual-delegation.html' + + def get (self, request, state=None): + + return render_to_response(self.template, { 'theme' : self.theme }, context_instance=RequestContext(request)) + diff --git a/portal/templates/about.html b/portal/templates/about.html index 1ccc7202..ab8be3a7 100644 --- a/portal/templates/about.html +++ b/portal/templates/about.html @@ -68,7 +68,7 @@

More Info: http://myslice.info/

Code: Git Repository (read only)

- If you need write access to the git repository you need first to send your public key to support@myslice.info. + If you need write access to the git repository you need first to send your public key to support@onelab.eu.

diff --git a/portal/templates/activate_user.txt b/portal/templates/activate_user.txt index ac31ec27..fd7278fe 100644 --- a/portal/templates/activate_user.txt +++ b/portal/templates/activate_user.txt @@ -18,7 +18,7 @@ You may now log in to the portal using your email address and the password that 2. A manager from your organization validates your request. Upon confirmation of your signup request, we will send an email to the managers at your organization with a validation request. We look forward to welcoming you to OneLab. -Please don't hesitate to contact us at support@myslice.info with any additional questions that you might have. +Please don't hesitate to contact us at support@onelab.eu with any additional questions that you might have. diff --git a/portal/templates/contact.html b/portal/templates/contact.html index fdb5d0dd..98e2c0bf 100644 --- a/portal/templates/contact.html +++ b/portal/templates/contact.html @@ -18,7 +18,7 @@

Please check our FAQ section. Most of the basic problems are explained there.

If you haven't find your answes in the FAQ, please contact us by filling the form below.
- You can also e-mail us directly. + You can also e-mail us directly.

diff --git a/portal/templates/fed4fire/fed4fire_about.html b/portal/templates/fed4fire/fed4fire_about.html index 5af90c8b..91998cbf 100644 --- a/portal/templates/fed4fire/fed4fire_about.html +++ b/portal/templates/fed4fire/fed4fire_about.html @@ -68,7 +68,7 @@

More Info: http://myslice.info/

Code: Git Repository (read only)

- If you need write access to the git repository you need first to send your public key to support@myslice.info. + If you need write access to the git repository you need first to send your public key to support@onelab.eu.

diff --git a/portal/templates/join_view.html b/portal/templates/join_view.html index 57d80346..89d06baf 100644 --- a/portal/templates/join_view.html +++ b/portal/templates/join_view.html @@ -109,7 +109,10 @@
-

+    I agree to the +terms and conditions. + +

diff --git a/portal/templates/manual-delegation.html b/portal/templates/manual-delegation.html new file mode 100644 index 00000000..1463b51e --- /dev/null +++ b/portal/templates/manual-delegation.html @@ -0,0 +1,102 @@ +{% extends "layout.html" %} + +{% block content %} + +
+
+

Manual Delegation

+

Install SFA

+ +

+ In order to delegate your credentials to the OneLab portal, you need to install SFA tools.
+

+

+ [Requirement: python 2.7 or higher] +

+

For Mac and Linux

+

+ $ sudo easy_install pip
+ $ sudo pip install sfa +

+

For Windows

+

Please download get-pip.py

+

+ $ python get-pip.py
+ $ pip install sfa +

+ +

+ To get more information about pip, please visit: https://pip.pypa.io/en/latest/installing.html +

+

+ More details about SFA is available at the following address: + Installing SFA +

+ +

Configuring SFA

+ +

+ Once SFA tools are successfully installed, you need to configure the SFA client aka SFI +

+

+ $ mkdir ~/.sfi
+ $ cd ~/.sfi
+ $ cp ~/.ssh/id_rsa ~/.sfi/user-hrn.pkey +

+ +

+ Here, 'user-hrn' is your SFA hrn. If e.g., your OneLab account email is mohammed-yasin.rahman at upmc.fr, then your user-hrn is 'onelab.upmc.mohammed-yasin_rahman'.

+

+ In this example, a user-hrn is built using the root authority i.e, 'onelab' followed by a '.' then the sub authority i.e., 'upmc' + followed by a '.' and then the last fragment in the hrn is made of the local part of your email adress i.e., 'mohammed-yasin_rahman' + (with dots replaced with underscores). +

+ +

+ Next, you will setup your ~/.sfi/sfi_config. The following represents the sfi_config file for a OneLab user: +

+ +

+ [sfi]
+ auth = onelab.upmc
+ user = onelab.upmc.mohammed-yasin_rahman
+ registry = http://portal.onelab.eu:12345/
+ sm = http://sfa3.planet-lab.eu:12346/
+

+ +

+ Here again, 'user' is your user-hrn, and 'auth' is the authority that you belong to, in most cases you should just drop the last part of your hrn. +

+

+ Add the the following to sfi_config for delegating credentials to OneLab portal: +

+

+ [myslice]
+
+ backend = http://portal.onelab.eu:7080
+ delegate = onelab.myslice
+ platform = myslice
+ username = mohammed-yasin.rahman@lip6.fr +

+

+ Test the SFA layer: +

+

+ $ sfi.py version +

+

+ And finally delegate your credentials to the portal +

+

+ $ sfi.py myslice +

+

+ The complete tutorial is available at the following address: + http://trac.myslice.info/wiki/InstallSfa +

+ +
+ +
+{% endblock %} + diff --git a/portal/templates/onelab/onelab_about.html b/portal/templates/onelab/onelab_about.html index bd71256c..b1b6c299 100644 --- a/portal/templates/onelab/onelab_about.html +++ b/portal/templates/onelab/onelab_about.html @@ -64,7 +64,7 @@

More Info: http://myslice.info/

Code: Git Repository (read only)

- If you need write access to the git repository you need first to send your public key to support@myslice.info. + If you need write access to the git repository you need first to send your public key to support@onelab.eu.

@@ -82,4 +82,4 @@ -{% endblock %} \ No newline at end of file +{% endblock %} diff --git a/portal/templates/onelab/onelab_account-view.html b/portal/templates/onelab/onelab_account-view.html index 57acd891..199444a3 100644 --- a/portal/templates/onelab/onelab_account-view.html +++ b/portal/templates/onelab/onelab_account-view.html @@ -7,6 +7,10 @@ Account  >  {{ person.email }} + {%if 'no_creds' in user_cred %} +

NO CREDENTIALS are delegated to the portal!

+{%endif%} + {% if messages %}