From: Bruno Soares da Silva Date: Tue, 16 Sep 2014 21:47:39 +0000 (-0300) Subject: Merge branch 'fibre' of ssh://git.onelab.eu/git/myslice into fibre X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=43a4dfd5c95080af83cc2ccf2c7d75218e985e57;hp=5c5d6689dc9c7d0fda4fae3ceb14a8c738a7cfa2;p=myslice.git Merge branch 'fibre' of ssh://git.onelab.eu/git/myslice into fibre Conflicts: portal/actions.py portal/lsapiclient.py --- diff --git a/portal/actions.py b/portal/actions.py index 0a1989a1..07943ef3 100644 --- a/portal/actions.py +++ b/portal/actions.py @@ -57,7 +57,7 @@ def clear_user_creds(request, user_email): try: user_query = Query().get('local:user').filter_by('email', '==', user_email).select('user_id','email','password','config') user_details = execute_admin_query(request, user_query) - + # getting the user_id from the session for user_detail in user_details: user_id = user_detail['user_id'] @@ -565,6 +565,7 @@ def sfa_create_user(wsgi_request, request): query = Query.create('user').set(sfa_user_params).select('user_hrn') results = execute_query(wsgi_request, query) + if not results: raise Exception, "Could not create %s. Already exists ?" % sfa_user_params['user_hrn'] else: @@ -615,7 +616,7 @@ def ls_validate_user(wsgi_request, request): validate = lsClient.update_user( userData ) - return validate + return validate and addUserPublicKey def ls_update_public_key( wsgi_request, request, lsClient, userId ): userPbKey = { @@ -653,7 +654,99 @@ def create_user(wsgi_request, request): ls_validate_user( wsgi_request, request ) except Exception, e: "Error to validate the user in Labora Scheduler." + +def create_user_in_ldap(wsgi_request, request, user_detail): + """ + """ + + # saves the user to django auth_user table [needed for password reset] + user = User.objects.create_user(request['username'], request['email'], request['password']) + + # Creating a manifold user + user_id = manifold_add_user(wsgi_request, request) + + # Creating a Manifold account on the MySlice platform + # Note the JSON representation of public and private keys already includes quotes + account_config = { + 'user_hrn' : request['user_hrn'], + 'user_public_key' : request['public_key'], + } + if request['private_key']: + account_config['user_private_key'] = request['private_key'] + + user_id = user_detail['user_id'] + 1 # the user_id for the newly created user in local:user + + # XXX TODO: Require a myslice platform + # ALERT: this will disapear with ROUTERV2 of Manifold + # We have to consider the case where several registries can be used + # Removed hardcoded platform = 5 + # This platform == 'myslice' is a TMP FIX !! + try: + reg_platform_query = Query().get('local:platform') \ + .filter_by('platform', '==', 'myslice') \ + .select('platform_id') + reg_platform = execute_admin_query(wsgi_request, reg_platform_query) + reg_platform_id = reg_platform[0]['platform_id'] + account_params = { + 'platform_id' : reg_platform_id, # XXX ALERT !! + 'user_id' : user_id, + 'auth_type' : request['auth_type'], + 'config' : json.dumps(account_config), + } + manifold_add_account(wsgi_request, account_params) + except Exception, e: + print "Failed creating manifold account on platform %s for user: %s" % ('myslice', request['email']) + + # XXX This has to be stored centrally + USER_STATUS_ENABLED = 2 + + # Update Manifold user status + manifold_update_user(wsgi_request, request['username'], {'status': USER_STATUS_ENABLED}) + + # Add reference accounts for platforms + manifold_add_reference_user_accounts(wsgi_request, request) + from sfa.util.xrn import Xrn + + auth_pi = request.get('pi', None) + auth_pi = list([auth_pi]) if auth_pi else list() + + # We create a user request with Manifold terminology + sfa_user_params = { + 'user_hrn' : request['user_hrn'], + 'user_email' : request['email'], + 'user_urn' : Xrn(request['user_hrn'], request['type']).get_urn(), + 'user_type' : request['type'], + 'keys' : request['public_key'], + 'user_first_name' : request['first_name'], + 'user_last_name' : request['last_name'], + 'pi_authorities' : auth_pi, + 'user_enabled' : True + } + + print request['user_hrn'] + print request['email'] + print request['first_name'] + print request['last_name'] + print request['type'] + print request['public_key'] + + query = Query.create('user').set(sfa_user_params).select('user_hrn') + + print query + + results = execute_admin_query(wsgi_request, query) + + print results + + if not results: + raise Exception, "Could not create %s. Already exists ?" % sfa_user_params['user_hrn'] + else: + subject = 'User validated' + msg = 'A manager of your institution has validated your account. You have now full user access to the portal.' + send_mail(subject, msg, 'support@fibre.org.br',[request['email']], fail_silently=False) + return results + def create_pending_user(wsgi_request, request, user_detail): """ """ @@ -671,6 +764,7 @@ def create_pending_user(wsgi_request, request, user_detail): user_hrn = request['user_hrn'], pi = request['pi'], email_hash = request['email_hash'], + reasons = request['reasons'], status = 'False', ) b.save() @@ -774,6 +868,7 @@ def create_pending_user(wsgi_request, request, user_detail): msg.attach_alternative(html_content, "text/html") msg.send() + print pi_emails except Exception, e: print "Failed to send email, please check the mail templates and the SMTP configuration of your server" import traceback diff --git a/portal/emailactivationview.py b/portal/emailactivationview.py index 2a3e6179..e1a6a4be 100644 --- a/portal/emailactivationview.py +++ b/portal/emailactivationview.py @@ -2,7 +2,7 @@ from unfold.loginrequired import FreeAccessView # from manifold.core.query import Query from manifoldapi.manifoldapi import execute_query, execute_admin_query -from portal.actions import manifold_update_user, manifold_update_account, manifold_add_account, manifold_delete_account, sfa_update_user, authority_get_pi_emails +from portal.actions import manifold_update_user, manifold_update_account, manifold_add_account, manifold_delete_account, sfa_update_user, authority_get_pi_emails, authority_get_pis # from unfold.page import Page from ui.topmenu import topmenu_items_live, the_user @@ -14,7 +14,7 @@ from myslice.theme import ThemeView from portal.models import PendingUser from django.core.mail import EmailMultiAlternatives, send_mail from django.contrib.sites.models import Site - +from django.contrib.auth.models import User # import json, os, re, itertools @@ -50,6 +50,23 @@ class ActivateEmailView(FreeAccessView, ThemeView): PendingUser.objects.filter(email_hash__iexact = hash_code).update(status='True') activation = 'success' # sending email after activation success + try: + request = PendingUser.objects.filter(email_hash= hash_code) + split_authority_hrn = request[0].authority_hrn.split('.')[0] + pis = authority_get_pis(request, split_authority_hrn) + pi_emails = [] + for x in pis: + for e in x['pi_users']: + u = e.split('.')[1] + y = User.Objects.get(username = u) + if y.username.count("@") != 0: + if y.username.split("@")[1] == request[0].user_hrn.split("@")[1]: + pi_emails += [y.email] + subject = 'User email activated' + msg = 'The user %s has validated his/her email. Now you can validate his/her account' % (request[0].login) + send_mail(subject, msg, 'support@fibre.org.br', pi_emails, fail_silently = False) + except: + print "error sending the email!" #try: # Send an email: the recipients are the PI of the authority # If No PI is defined for this Authority, send to a default email (different for each theme) diff --git a/portal/homeview.py b/portal/homeview.py index 8bde68ca..ec6012c8 100644 --- a/portal/homeview.py +++ b/portal/homeview.py @@ -1,7 +1,7 @@ # this somehow is not used anymore - should it not be ? from django.core.context_processors import csrf from django.http import HttpResponseRedirect -from django.contrib.auth import authenticate, login, logout +from django.contrib.auth import authenticate, login, logout, get_user_model from django.template import RequestContext from django.shortcuts import render_to_response from django.shortcuts import render @@ -10,7 +10,20 @@ import json from unfold.loginrequired import FreeAccessView from manifold.core.query import Query -from manifoldapi.manifoldapi import execute_query +#from manifoldapi.manifoldapi import execute_query +# LDAP query admin // If transfer this code to actions.py maybe don't need more execute_admin_query +from manifoldapi.manifoldapi import execute_query, execute_admin_query +# Edelberto - LDAP XXX +from portal.models import PendingUser +from django.contrib.auth.models import User #Pedro +from portal.actions import create_pending_user, create_user, create_user_in_ldap, clear_user_creds +from registrationview import RegistrationView +from random import randint +from hashlib import md5 +from django.contrib.sites.models import Site +import os.path, re +################## + from manifoldapi.manifoldresult import ManifoldResult from ui.topmenu import topmenu_items, the_user @@ -18,6 +31,9 @@ from myslice.configengine import ConfigEngine from myslice.theme import ThemeView +# Edelberto LDAP authentication XXX +import ldap + class HomeView (FreeAccessView, ThemeView): template_name = 'home-view.html' @@ -37,66 +53,259 @@ class HomeView (FreeAccessView, ThemeView): # LDAP form - If FIBRE, then get the possibilite to authenticate using usernameldap #if self.theme == 'fibre': - usernameldap = request.POST.get('usernameldap') - token = {'usernameldap': usernameldap, 'username': username ,'password': password, 'request': request} + #usernameldap = request.POST.get('usernameldap') + #token = {'usernameldap': usernameldap, 'username': username ,'password': password, 'request': request} + + ################################################## + ########## XXX Edelberto 010914 XXX + ################################################# + ## first you must open a connection to the server + try: + # Connect to NOC + l = ldap.initialize("ldap://10.128.0.50:389") + # Bind/authenticate with a root user to search all objects + l.simple_bind_s("cn=Manager,dc=br,dc=fibre","fibre2013") + + l.protocol_version = ldap.VERSION3 + except ldap.LDAPError, e: + print e + + ## Base directory + baseDN = "dc=fibre" + searchScope = ldap.SCOPE_SUBTREE + ## retrieve all attributes + retrieveAttributes = None + #retrieveAttributes = ['userEnable'] + searchFilter = "uid=" + username + print searchFilter + + in_ldap = 0 + + try: + if username != "admin": + ldap_result_id = l.search(baseDN, searchScope, searchFilter, retrieveAttributes) + result_set = [] + result_type, result_data = l.result(ldap_result_id, 0) + if (result_data == []): + print "User doesnt exist in LDAP" + in_ldap = 0 + else: + if result_type == ldap.RES_SEARCH_ENTRY: + result_set.append(result_data) + else: + result_set.append(result_data) + # TRUE or FALSE for userEnable attribute + userEnable = result_set[0][0][1]['userEnable'][0] + if userEnable == 'TRUE': + in_ldap = 1 + enabled = 1 + print "In LDAP and Enabled" + + dn = result_set[0][0][0] + try: + l.simple_bind_s(dn,password) + pwd = 1 + print "User password OK" + + except: + pwd = 0 + print "User password WRONG" + + if in_ldap and enabled and pwd: + ldap_mail = result_set[0][0][1]['mail'][0] + + user_exists = Query().get('local:user') \ + .select('status') \ + .filter_by('email', '==', username) + results = execute_admin_query(request, user_exists) + print "DEBUG: %s" % user_exists + if results: + print "DEBUG: user exists on MySlice DBs" + else: + print "DEBUG: user NOT exists on MySlice DBs" + + cn = result_set[0][0][1]['cn'][0] + print cn + sn = result_set[0][0][1]['sn'][0] + print sn + fname = sn.split(' ')[0] + lname = sn.split(' ')[1] + print fname + print lname + + #authority_hrn = 'fibre' + '.' + username.split('@')[1] + authority_hrn = 'fibre' + print authority_hrn + email = ldap_mail + print ldap_mail + username = username + print username + password = password + print password + # user_hrn = 'fibre' + '.' + username.split('@')[1] + '.' + username + user_hrn = 'fibre' + '.' + username + print user_hrn + + # Based on registrationview + + + # get the domain url + current_site = Site.objects.get_current() + current_site = current_site.domain + print current_site + + post_email = ldap_mail + salt = randint(1,100000) + email_hash = md5(str(salt)+post_email).hexdigest() + print email_hash + + user_request = { + 'first_name' : fname, + 'last_name' : lname, + 'organization' : authority_hrn, + 'authority_hrn' : authority_hrn, + 'email' : ldap_mail, + 'username' : username, + 'password' : password, + 'current_site' : current_site, + 'email_hash' : email_hash, + 'pi' : '', + 'user_hrn' : user_hrn, + 'reasons' : 'already exists in the LDAP', + 'type' : 'user', + 'validation_link': 'https://' + current_site + '/portal/email_activation/'+ email_hash + } + + # Validate input + errors = [] + UserModel = get_user_model() + if (re.search(r'^[\w+\s.@+-]+$', user_request['first_name']) == None): + errors.append('First name may contain only letters, numbers, spaces and @/./+/-/_ characters.') + if (re.search(r'^[\w+\s.@+-]+$', user_request['last_name']) == None): + errors.append('Last name may contain only letters, numbers, spaces and @/./+/-/_ characters.') + if (re.search(r'^[\w,]+$' , username) == None): + errors.append('Username may contain only letters,numbers and -/_ characters.') + # checking in django_db !! + if PendingUser.objects.filter(email__iexact = user_request['email']): + errors.append('Email is pending for validation. Please provide a new email address.') + if User.objects.filter(username__iexact = user_request['username']): + errors.append('This username is already in use, try another one') + # Does the user exist in Manifold? + user_query = Query().get('local:user').select('user_id','email') + user_details = execute_admin_query(request, user_query) + for user_detail in user_details: + if user_detail['email'] == user_request['email']: + errors.append('Email already registered in Manifold. Please provide a new email address.') + # Does the user exist in sfa? [query is very slow!!] + #user_query = Query().get('user').select('user_hrn','user_email') + # XXX Test based on the user_hrn is quick + #user_query = Query().get('user').select('user_hrn','user_email').filter_by('user_hrn','==',user_request['user_hrn']) + user_query = Query().get('user').select('user_hrn','user_email').filter_by('user_hrn','==',user_hrn) + user_details_sfa = execute_admin_query(request, user_query) + + #if 'generate' in wsgi_request.POST['question']: + user_request['auth_type'] = 'managed' + + # XXX Common code, dependency ? + from Crypto.PublicKey import RSA + private = RSA.generate(1024) + + # Example: private_key = '-----BEGIN RSA PRIVATE KEY-----\nMIIC...' + # Example: public_key = 'ssh-rsa AAAAB3...' + user_request['private_key'] = private.exportKey() + user_request['public_key'] = private.publickey().exportKey(format='OpenSSH') + + # XXX Verify if errors exist - After! + #if not errors: + create_user_in_ldap(request, user_request, user_detail) + #create_pending_user(request, user_request, user_detail) + + #create_user(request, user_request) + + env['state'] = "LDAP associated. Please, login again." + return render_to_response(self.template, env, context_instance=RequestContext(request)) + + + else: + env['state'] = "Access denied. Verify LDAP userEnable and password." + return render_to_response(self.template, env, context_instance=RequestContext(request)) + + else: + in_ldap = 1 + enabled = 0 + print "In LDAP but Disabled" + env['state'] = "Access denied. Verify LDAP userEnable." + return render_to_response(self.template, env, context_instance=RequestContext(request)) + + #print result_set + except ldap.LDAPError, e: + print e + #else: - - # Follow original code - ## pass request within the token, so manifold session key can be attached to the request session. - #token = {'username': username, 'password': password, 'request': request} - - # our authenticate function returns either - # . a ManifoldResult - when something has gone wrong, like e.g. backend is unreachable - # . a django User in case of success - # . or None if the backend could be reached but the authentication failed - auth_result = authenticate(token=token) - # use one or two columns for the layout - not logged in users will see the login prompt - # high-level errors, like connection refused or the like - if isinstance (auth_result, ManifoldResult): - manifoldresult = auth_result - # let's use ManifoldResult.__repr__ - env['state']="%s"%manifoldresult - - return render_to_response(self.template,env, context_instance=RequestContext(request)) - # user was authenticated at the backend - elif auth_result is not None: - user=auth_result - if user.is_active: - print "LOGGING IN" - login(request, user) - - if request.user.is_authenticated(): - env['person'] = self.request.user - env['username'] = self.request.user - - ## check user is pi or not - platform_query = Query().get('local:platform').select('platform_id','platform','gateway_type','disabled') - account_query = Query().get('local:account').select('user_id','platform_id','auth_type','config') - platform_details = execute_query(self.request, platform_query) - account_details = execute_query(self.request, account_query) - for platform_detail in platform_details: - for account_detail in account_details: - if platform_detail['platform_id'] == account_detail['platform_id']: - if 'config' in account_detail and account_detail['config'] is not '': - account_config = json.loads(account_detail['config']) - if 'myslice' in platform_detail['platform']: - acc_auth_cred = account_config.get('delegated_authority_credentials','N/A') - # assigning values - if acc_auth_cred=={} or acc_auth_cred=='N/A': - pi = "is_not_pi" - else: - pi = "is_pi" - - env['pi'] = pi - else: - env['person'] = None - return render_to_response(self.template,env, context_instance=RequestContext(request)) - else: - env['state'] = "Your account is not active, please contact the site admin." - env['layout_1_or_2']="layout-unfold2.html" - - return render_to_response(self.template,env, context_instance=RequestContext(request)) - # otherwise + if in_ldap and enabled and pwd or username=="admin": + +################################################################################ +### XXX Edelberto LDAP auth end XXX +############################################################################### + # Follow original code + ## pass request within the token, so manifold session key can be attached to the request session. + token = {'username': username, 'password': password, 'request': request} + + # our authenticate function returns either + # . a ManifoldResult - when something has gone wrong, like e.g. backend is unreachable + # . a django User in case of success + # . or None if the backend could be reached but the authentication failed + auth_result = authenticate(token=token) + # use one or two columns for the layout - not logged in users will see the login prompt + # high-level errors, like connection refused or the like + if isinstance (auth_result, ManifoldResult): + manifoldresult = auth_result + # let's use ManifoldResult.__repr__ + env['state']="%s"%manifoldresult + + return render_to_response(self.template,env, context_instance=RequestContext(request)) + # user was authenticated at the backend + elif auth_result is not None: + user=auth_result + if user.is_active: + print "LOGGING IN" + login(request, user) + + if request.user.is_authenticated(): + env['person'] = self.request.user + env['username'] = self.request.user + + ## check user is pi or not + platform_query = Query().get('local:platform').select('platform_id','platform','gateway_type','disabled') + account_query = Query().get('local:account').select('user_id','platform_id','auth_type','config') + + # Edleberto + #cc_auth_cred = {} + + platform_details = execute_query(self.request, platform_query) + account_details = execute_query(self.request, account_query) + for platform_detail in platform_details: + for account_detail in account_details: + if platform_detail['platform_id'] == account_detail['platform_id']: + if 'config' in account_detail and account_detail['config'] is not '': + account_config = json.loads(account_detail['config']) + if 'myslice' in platform_detail['platform']: + acc_auth_cred = account_config.get('delegated_authority_credentials','N/A') + # assigning values + if acc_auth_cred=={} or acc_auth_cred=='N/A': + pi = "is_not_pi" + else: + pi = "is_pi" + env['pi'] = pi + else: + env['person'] = None + return render_to_response(self.template,env, context_instance=RequestContext(request)) + else: + env['state'] = "Your account is not active, please contact the site admin." + env['layout_1_or_2']="layout-unfold2.html" + + return render_to_response(self.template,env, context_instance=RequestContext(request)) + # otherwise else: env['state'] = "Your username and/or password were incorrect." diff --git a/portal/lsapiclient.py b/portal/lsapiclient.py index 0e6edde4..bed829d0 100644 --- a/portal/lsapiclient.py +++ b/portal/lsapiclient.py @@ -16,8 +16,7 @@ class LaboraSchedulerClient: 'get_user_id_by_username', 'add_user_public_key', 'delete_user_public_key' ] def __init__ ( self, organization ): - self.url, self.key = self.getOrganizationConfigs( organization ) - + self.url, self.key = self.getOrganizationConfigs( organization ) def __getattr__(self, name): @@ -92,7 +91,7 @@ class LaboraSchedulerClient: databaseConfig = { 'dbHost' : '10.128.11.200', 'dbUser' : 'postgres', - 'dbPassword' : '5e6b70f2e9dc', + 'dbPassword' : '', 'dbName' : 'LaboraSchedulerNOC' } diff --git a/portal/managementtabrequests.py b/portal/managementtabrequests.py index 85985a06..0f490e94 100644 --- a/portal/managementtabrequests.py +++ b/portal/managementtabrequests.py @@ -18,6 +18,7 @@ from portal.actions import get_requests from myslice.theme import ThemeView import json +import ast class ManagementRequestsView (LoginRequiredView, ThemeView): template_name = "management-tab-requests.html" @@ -28,7 +29,8 @@ class ManagementRequestsView (LoginRequiredView, ThemeView): ctx_delegation_authorities = {} ctx_sub_authorities = {} dest = {} - + user_username = '' + user_authority = '' # The user need to be logged in if (self.request.user): @@ -36,7 +38,12 @@ class ManagementRequestsView (LoginRequiredView, ThemeView): user_query = Query().get('local:user').filter_by('email', '==', self.request.user.username).select('user_id') user, = execute_query(self.request, user_query) user_id = user['user_id'] - + user_query = Query().get('local:user').filter_by('email', '==', self.request.user.username).select('config') + user, = execute_query(self.request, user_query) + user_config = user['config'] + user_config = ast.literal_eval(user_config) + user_authority = user_config['authority'] + user_username = self.request.user.username # Query manifold to learn about available SFA platforms for more information # In general we will at least have the portal # For now we are considering all registries @@ -120,8 +127,9 @@ class ManagementRequestsView (LoginRequiredView, ThemeView): # iterate on the requests and check if the authority matches a prefix # startswith an authority on which the user is PI requests = get_requests() - for r in requests: - auth_hrn = r['authority_hrn'] + auth_hrn = '' + for r in requests: + auth_hrn = r['authority_hrn'] for my_auth in pi_my_authorities: if auth_hrn.startswith(my_auth): dest = ctx_my_authorities @@ -156,10 +164,24 @@ class ManagementRequestsView (LoginRequiredView, ThemeView): # env['pi'] = "is_pi" # env['theme'] = self.theme # env['section'] = "Requests" - +# auth_hrn = user_authority + '.' + user_username.split("@")[1] + ctx_list = [ctx_my_authorities, ctx_sub_authorities, ctx_delegation_authorities] + for ctx in ctx_list: + if ctx: + for authorities in ctx: + for requests in ctx[authorities]: + try: + requests['object_auth'] = requests['user_hrn'].split('.')[0] + '.' + requests['user_hrn'].split('@')[1] + except: + print "This object has no user_hrn" + + pi_authority = user_authority + '.' + user_username.split("@")[1] context = super(ManagementRequestsView, self).get_context_data(**kwargs) print "testing" print ctx_my_authorities + print auth_hrn + print user_username + print pi_authority context['my_authorities'] = ctx_my_authorities context['sub_authorities'] = ctx_sub_authorities context['delegation_authorities'] = ctx_delegation_authorities @@ -174,6 +196,7 @@ class ManagementRequestsView (LoginRequiredView, ThemeView): context['pi'] = "is_pi" context['theme'] = self.theme context['section'] = "Requests" + context['pi_authority'] = pi_authority # XXX We need to prepare the page for queries #context.update(page.prelude_env()) diff --git a/portal/models.py b/portal/models.py index cc484b5b..acc336b4 100644 --- a/portal/models.py +++ b/portal/models.py @@ -66,7 +66,8 @@ class PendingUser(models.Model): login = models.TextField() pi = models.TextField() email_hash = models.TextField() - status = models.TextField() + status = models.TextField() + reasons = models.TextField() created = models.DateTimeField(auto_now_add = True) # models.ForeignKey(Institution) diff --git a/portal/registrationview.py b/portal/registrationview.py index 2316105d..25a050a8 100644 --- a/portal/registrationview.py +++ b/portal/registrationview.py @@ -75,16 +75,17 @@ class RegistrationView (FreeAccessView, ThemeView): email_hash = md5(str(salt)+post_email).hexdigest() #email_hash = md5(post_email).digest().encode('base64')[:-1] user_request = { - 'first_name' : wsgi_request.POST.get('firstname', ''), - 'last_name' : wsgi_request.POST.get('lastname', ''), - 'organization' : wsgi_request.POST.get('org_name', ''), - 'authority_hrn' : authority_hrn, - 'email' : post_email, - 'username' : wsgi_request.POST.get('username','').lower(), - 'password' : wsgi_request.POST.get('password', ''), - 'current_site' : current_site, - 'email_hash' : email_hash, - 'pi' : '', + 'first_name' : wsgi_request.POST.get('firstname', ''), + 'last_name' : wsgi_request.POST.get('lastname', ''), + 'organization' : wsgi_request.POST.get('org_name', ''), + 'authority_hrn' : authority_hrn, + 'email' : post_email, + 'username' : wsgi_request.POST.get('username','').lower(), + 'password' : wsgi_request.POST.get('password', ''), + 'reasons' : wsgi_request.POST.get('reasons', ''), + 'current_site' : current_site, + 'email_hash' : email_hash, + 'pi' : '', 'validation_link': 'https://' + current_site + '/portal/email_activation/'+ email_hash } @@ -97,7 +98,8 @@ class RegistrationView (FreeAccessView, ThemeView): username = user_request['username'] if user_request['authority_hrn'] == "fibre" : - user_request['username'] = user_request['username'] + "@" + "" # to be defined + user_request['username'] = user_request['username'] + "@" + "rnp" # catch-all island + split_authority = user_request['authority_hrn'] else : split_authority = user_request['authority_hrn'].split(".")[1] user_request['username'] = user_request['username'] + '@' + split_authority @@ -175,7 +177,7 @@ class RegistrationView (FreeAccessView, ThemeView): create_pending_user(wsgi_request, user_request, user_detail) self.template_name = 'user_register_complete.html' - return render(wsgi_request, self.template, {'theme': self.theme}) + return render(wsgi_request, self.template, {'theme': self.theme, 'REQINST':wsgi_request.POST.get('org_name', '').split(".")[1].upper()}) else: user_request = {} @@ -190,7 +192,8 @@ class RegistrationView (FreeAccessView, ThemeView): 'topmenu_items': topmenu_items_live('Register', page), 'errors': errors, 'authorities': authorities, - 'theme': self.theme + 'theme': self.theme, + 'section':'Registration' } template_env.update(user_request) template_env.update(reg_form) diff --git a/portal/sliceresourceview.py b/portal/sliceresourceview.py index 9db52c09..e5614b04 100644 --- a/portal/sliceresourceview.py +++ b/portal/sliceresourceview.py @@ -345,7 +345,6 @@ class SliceResourceView (LoginRequiredView, ThemeView): template_env['flowspaces']= univbrisfvlist.render(self.request) template_env['flowspaces_form']= univbrisfvform.render(self.request) - # template_env['pending_resources'] = pending_resources.render(self.request) template_env['sla_dialog'] = '' # sla_dialog.render(self.request) template_env["theme"] = self.theme diff --git a/portal/templates/email_activation.html b/portal/templates/email_activation.html index 43feab20..0ad87694 100644 --- a/portal/templates/email_activation.html +++ b/portal/templates/email_activation.html @@ -7,8 +7,7 @@
{%if activation_status == 'success'%} -

Signup request confirmed.

-

You are currently able to log in to the portal using your email address and the password that you provided, but your access is still limited.

+

Signup request confirmed.

You will have full access as soon as your account is validated by a manager at your organization. We have sent an email to the managers with a validation request.

{%else%}

Signup confirmation failed.

diff --git a/portal/templates/fibre/fibre__widget-login-fed-manager.html b/portal/templates/fibre/fibre__widget-login-fed-manager.html index a67e2ddb..181fe83b 100644 --- a/portal/templates/fibre/fibre__widget-login-fed-manager.html +++ b/portal/templates/fibre/fibre__widget-login-fed-manager.html @@ -17,8 +17,8 @@
- - + +
diff --git a/portal/templates/fibre/fibre__widget-topmenu.html b/portal/templates/fibre/fibre__widget-topmenu.html index 09d3acfb..a3ed9ff4 100644 --- a/portal/templates/fibre/fibre__widget-topmenu.html +++ b/portal/templates/fibre/fibre__widget-topmenu.html @@ -34,11 +34,13 @@
  • About
  • Public Website
    • - {% if username %} - {% if person.username %} - - {% else %} - + {% if section != 'Registration' %} + {% if username %} + {% if person.username %} + + {% else %} + + {% endif %} {% endif %} {% endif %}
    diff --git a/portal/templates/fibre/fibre_activate_user.html b/portal/templates/fibre/fibre_activate_user.html index 35936393..b5f3e734 100644 --- a/portal/templates/fibre/fibre_activate_user.html +++ b/portal/templates/fibre/fibre_activate_user.html @@ -6,11 +6,12 @@ Organization: {{organization}}
    First name: {{first_name}}
    Last name: {{last_name}}
    +Username : {{ username }}
    Email: {{email}}

    -You may now log in to the portal using your email address and the password that you provided, but your access will be limited. To gain full access, two steps are required: + To gain full access, two steps are required: