From: Javier García <javier.garcial.external@atos.net>
Date: Tue, 21 Apr 2015 15:43:56 +0000 (+0200)
Subject: Merge remote-tracking branch 'origin/onelab' into onelab
X-Git-Tag: myslice-1.3~35
X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=b0773f0d25acb85176f11ac2f91ee25baecea20d;hp=6ff6f343105cd2ef19a99126b07e8dabf57d65f4;p=myslice.git

Merge remote-tracking branch 'origin/onelab' into onelab

Conflicts:
	myslice/settings.py
	portal/sliceresourceview.py
---

diff --git a/localauth/manifoldbackend.py b/localauth/manifoldbackend.py
index e52b1753..74511a10 100644
--- a/localauth/manifoldbackend.py
+++ b/localauth/manifoldbackend.py
@@ -7,6 +7,8 @@ from manifold.core.query        import Query
 
 from myslice.settings import config, logger, DEBUG
 
+from portal.actions import authority_check_pis
+
 # from unfold.sessioncache import SessionCache
 
 # Name my backend 'ManifoldBackend'
@@ -78,6 +80,8 @@ class ManifoldBackend:
         if 'lastname' in person:
             user.last_name = person['lastname']
 
+        user.pi = authority_check_pis (request, user.email)
+        request.session['user'] = {'email':user.email,'pi':user.pi,'firstname':user.first_name,'lastname':user.last_name}
         return user
 
     # Required for your backend to work properly - unchanged in most scenarios
diff --git a/myslice/settings.py b/myslice/settings.py
index bcd8df50..5fe21697 100644
--- a/myslice/settings.py
+++ b/myslice/settings.py
@@ -34,6 +34,7 @@ except:
 # DEBUG
 if config.myslice.debug :
     DEBUG = True
+    INTERNAL_IPS = ("127.0.0.1","132.227.84.195","132.227.78.191","132.227.84.191")
 else :
     DEBUG = False
 
@@ -256,8 +257,7 @@ INSTALLED_APPS = [
     # Uncomment the next line to enable admin documentation:
     # 'django.contrib.admindocs',
     'portal',
-    #SLA
-    #'sla',
+    #'debug_toolbar',
 ]
 # with django-1.7 we leave south and use native migrations
 # managing database migrations
diff --git a/portal/accountview.py b/portal/accountview.py
index 076f993f..ffed13f9 100644
--- a/portal/accountview.py
+++ b/portal/accountview.py
@@ -201,25 +201,6 @@ class AccountView(LoginRequiredAutoLogoutView, ThemeView):
         platform_list = [{'platform_no_access': t[0]}
             for t in itertools.izip_longest(total_platform_list)]
 
-
-        ## check user is pi or not
-      #  platform_query  = Query().get('local:platform').select('platform_id','platform','gateway_type','disabled')
-      #  account_query  = Query().get('local:account').select('user_id','platform_id','auth_type','config')
-      #  platform_details = execute_query(self.request, platform_query)
-      #  account_details = execute_query(self.request, account_query)
-      #  for platform_detail in platform_details:
-      #      for account_detail in account_details:
-      #          if platform_detail['platform_id'] == account_detail['platform_id']:
-      #              if 'config' in account_detail and account_detail['config'] is not '':
-      #                  account_config = json.loads(account_detail['config'])
-      #                  if 'myslice' in platform_detail['platform']:
-      #                      acc_auth_cred = account_config.get('delegated_authority_credentials','N/A')
-        # assigning values
-        if acc_auth_cred == {} or acc_auth_cred == 'N/A':
-            pi = "is_not_pi"
-        else:
-            pi = "is_pi"
-
         # check if the user has creds or not
         if acc_user_cred == {} or acc_user_cred == 'N/A':
             user_cred = 'no_creds'
@@ -235,7 +216,6 @@ class AccountView(LoginRequiredAutoLogoutView, ThemeView):
         context['ref_acc'] = ref_acc_list
         context['platform_list'] = platform_list
         context['my_users'] = my_users
-        context['pi'] = pi
         context['user_cred'] = user_cred
         context['my_slices'] = my_slices
         context['my_auths'] = my_auths
@@ -257,6 +237,9 @@ class AccountView(LoginRequiredAutoLogoutView, ThemeView):
         context['theme'] = self.theme
         context['section'] = "User account"
 #        context ['firstname'] = config['firstname']
+
+        context['request'] = self.request
+
         prelude_env = page.prelude_env()
         context.update(prelude_env)
         return context
diff --git a/portal/actions.py b/portal/actions.py
index aa156a54..80e23f5c 100644
--- a/portal/actions.py
+++ b/portal/actions.py
@@ -28,15 +28,21 @@ import activity.slice
 def get_myslice_platform(request):
     platform_query  = Query().get('local:platform').select('platform_id','platform','gateway_type','disabled','config').filter_by('platform','==','myslice')
     platform_details = execute_query(request, platform_query)
-    for platform_detail in platform_details:
-        return platform_detail
+    if isinstance(platform_details,list):
+        for platform_detail in platform_details:
+            return platform_detail
+    else:
+        return None
 
 def get_myslice_account(request):
     platform_myslice = get_myslice_platform(request)
     account_query  = Query().get('local:account').select('user_id','platform_id','auth_type','config').filter_by('platform_id','==',platform_myslice['platform_id'])
     account_details = execute_query(request, account_query)
-    for account_detail in account_details:
-        return account_detail
+    if isinstance(account_details,list):
+        for account_detail in account_details:
+            return account_detail
+    else:
+        return None
 
 def get_registry_url(request):
     try:
diff --git a/portal/contactview.py b/portal/contactview.py
index 19cc1b94..f3899a0c 100644
--- a/portal/contactview.py
+++ b/portal/contactview.py
@@ -72,7 +72,7 @@ class ContactView (FreeAccessView, ThemeView):
                 username = None
             # log user activity
             activity.user.contact(self.request)
-            return render(request,'contact_sent.html', { 'theme' : self.theme,  'username': username}) # Redirect after POST
+            return render(request,'contact_sent.html', { 'theme' : self.theme,  'username': username, 'request':request}) # Redirect after POST
         else:
             return self._display (request, form)
 
@@ -82,23 +82,6 @@ class ContactView (FreeAccessView, ThemeView):
     def _display (self, request, form):
         if request.user.is_authenticated():
             username = request.user.email
-            ## check user is pi or not
-            platform_query  = Query().get('local:platform').select('platform_id','platform','gateway_type','disabled')
-            account_query  = Query().get('local:account').select('user_id','platform_id','auth_type','config')
-            platform_details = execute_query(self.request, platform_query)
-            account_details = execute_query(self.request, account_query)
-            for platform_detail in platform_details:
-                for account_detail in account_details:
-                    if platform_detail['platform_id'] == account_detail['platform_id']:
-                        if 'config' in account_detail and account_detail['config'] is not '':
-                            account_config = json.loads(account_detail['config'])
-                            if 'myslice' in platform_detail['platform']:
-                                acc_auth_cred = account_config.get('delegated_authority_credentials','N/A')
-            # assigning values
-            if acc_auth_cred == {} or acc_auth_cred == 'N/A':
-                pi = "is_not_pi"
-            else:
-                pi = "is_pi"
         else :
             username = None
             pi = "is_not_pi"
@@ -107,6 +90,6 @@ class ContactView (FreeAccessView, ThemeView):
                 'topmenu_items': topmenu_items('Contact', request),
                 'theme' : self.theme,
                 'username': username,
-                'pi': pi,
-                'section': "Contact"
+                'section': "Contact",
+                'request': request,
                 })
diff --git a/portal/homeview.py b/portal/homeview.py
index 1dc87c18..e5d962d2 100644
--- a/portal/homeview.py
+++ b/portal/homeview.py
@@ -21,7 +21,7 @@ from myslice.theme                      import ThemeView
 
 from portal.account                     import Account, get_expiration
 from portal.models                      import PendingSlice
-from portal.actions                     import authority_check_pis, get_jfed_identity
+from portal.actions                     import authority_check_pis, get_jfed_identity, get_myslice_account
 
 import activity.user
 
@@ -71,23 +71,14 @@ class HomeView (FreeAccessView, ThemeView):
                     activity.user.login(self.request)
 
                     ## check user is pi or not
-                    platform_details = {}
-                    account_details = {}
                     acc_auth_cred = {}
                     acc_user_cred = {}
-                    platform_query  = Query().get('local:platform').select('platform_id','platform','gateway_type','disabled')
-                    account_query  = Query().get('local:account').select('user_id','platform_id','auth_type','config')
-                    platform_details = execute_query(self.request, platform_query)
-                    account_details = execute_query(self.request, account_query)
-                    if platform_details is not None and platform_details != {}:
-                        for platform_detail in platform_details:
-                            for account_detail in account_details:
-                                if platform_detail['platform_id'] == account_detail['platform_id']:
-                                    if 'config' in account_detail and account_detail['config'] is not '':
-                                        account_config = json.loads(account_detail['config'])
-                                        if 'myslice' in platform_detail['platform']:
-                                            acc_auth_cred = account_config.get('delegated_authority_credentials','N/A')
-                                            acc_user_cred = account_config.get('delegated_user_credential','N/A')
+
+                    account_detail = get_myslice_account(self.request)
+                    if 'config' in account_detail and account_detail['config'] is not '':
+                        account_config = json.loads(account_detail['config'])
+                        acc_auth_cred = account_config.get('delegated_authority_credentials','N/A')
+                        acc_user_cred = account_config.get('delegated_user_credential','N/A')
                     # assigning values
                     #if acc_auth_cred=={} or acc_auth_cred=='N/A':
                     #    pi = "is_not_pi"
@@ -135,22 +126,23 @@ class HomeView (FreeAccessView, ThemeView):
             # log user activity
             activity.user.login(self.request, "error")
             env['state'] = "Your username and/or password were incorrect."
-
+        env['request'] = request
         return render_to_response(self.template,env, context_instance=RequestContext(request))
 
     def get (self, request, state=None):
         env = self.default_env()
         acc_auth_cred={}
 
-        jfed_identity = get_jfed_identity(request)
-        if jfed_identity is not None:
-            import base64
-            encoded_jfed_identity = base64.b64encode(jfed_identity)
-            env['jfed_identity'] = encoded_jfed_identity 
-        else:
-            env['jfed_identity'] = None
+
 
         if request.user.is_authenticated():
+            jfed_identity = get_jfed_identity(request)
+            if jfed_identity is not None:
+                import base64
+                encoded_jfed_identity = base64.b64encode(jfed_identity)
+                env['jfed_identity'] = encoded_jfed_identity 
+            else:
+                env['jfed_identity'] = None
 
             ## check user is pi or not
             platform_details = {}
@@ -160,18 +152,12 @@ class HomeView (FreeAccessView, ThemeView):
             platform_query  = Query().get('local:platform').select('platform_id','platform','gateway_type','disabled')
             account_query  = Query().get('local:account').select('user_id','platform_id','auth_type','config')
             # XXX Something like an invalid session seems to make the execute fail sometimes, and thus gives an error on the main page
-            platform_details = execute_query(self.request, platform_query)
-            account_details = execute_query(self.request, account_query)
-            if platform_details is not None and platform_details != {}:
-                for platform_detail in platform_details:
-                    for account_detail in account_details:
-                        if 'platform_id' in platform_detail:
-                            if platform_detail['platform_id'] == account_detail['platform_id']:
-                                if 'config' in account_detail and account_detail['config'] is not '':
-                                    account_config = json.loads(account_detail['config'])
-                                    if 'myslice' in platform_detail['platform']:
-                                        acc_auth_cred = account_config.get('delegated_authority_credentials','N/A')
-                                        acc_user_cred = account_config.get('delegated_user_credential','N/A')
+
+            account_detail = get_myslice_account(self.request)
+            if 'config' in account_detail and account_detail['config'] is not '':
+                account_config = json.loads(account_detail['config'])
+                acc_auth_cred = account_config.get('delegated_authority_credentials','N/A')
+                acc_user_cred = account_config.get('delegated_user_credential','N/A')
             # assigning values
             #if acc_auth_cred=={} or acc_auth_cred=='N/A':
             #    pi = "is_not_pi"
@@ -204,12 +190,11 @@ class HomeView (FreeAccessView, ThemeView):
         env['theme'] = self.theme
         env['section'] = "Dashboard"
 
-
         env['username']=the_user(request)
         env['topmenu_items'] = topmenu_items(None, request)
+        env['request'] = request
         if state: env['state'] = state
         elif not env['username']: env['state'] = None
         # use one or two columns for the layout - not logged in users will see the login prompt
-
         return render_to_response(self.template, env, context_instance=RequestContext(request))
 
diff --git a/portal/institution.py b/portal/institution.py
index 332acbcf..f0a3b2db 100644
--- a/portal/institution.py
+++ b/portal/institution.py
@@ -33,6 +33,7 @@ class InstitutionView (LoginRequiredAutoLogoutView, ThemeView):
     def post (self,request):
         env = self.default_env()
         env['theme'] = self.theme
+        env['request'] = request
         return render_to_response(self.template, env, context_instance=RequestContext(request))
 
     def get (self, request, authority_hrn=None, state=None):
@@ -85,6 +86,6 @@ class InstitutionView (LoginRequiredAutoLogoutView, ThemeView):
         # use one or two columns for the layout - not logged in users will see the login prompt
         env['layout_1_or_2']="layout-unfold2.html" if not env['username'] else "layout-unfold1.html"
         
-        
+        env['request'] = request
         return render_to_response(self.template, env, context_instance=RequestContext(request))
 
diff --git a/portal/projectrequestview.py b/portal/projectrequestview.py
index 5fd7d8cb..086d60cf 100644
--- a/portal/projectrequestview.py
+++ b/portal/projectrequestview.py
@@ -92,13 +92,20 @@ class ProjectRequestView(LoginRequiredAutoLogoutView, ThemeView):
                 authority_name = authority['name']
         
         if method == 'POST' :
-        
+
+            project_name = wsgi_request.POST.get('project_name', '')
+            if not project_name or len(project_name) == 0 :
+                errors.append('Project name can\'t be empty')
+
+            # accept only lowercase names
+            project_name = project_name.lower()
+
             if 'join' in wsgi_request.POST:
                 post = {
                     'user_hrn'          : user_hrn,
                     'email'             : user_email,
-                    'project_name'      : wsgi_request.POST.get('project_name', ''),
-                    'authority_hrn'     : wsgi_request.POST.get('project_name', ''),
+                    'project_name'      : project_name,
+                    'authority_hrn'     : project_name,
                 }
 
             else:
@@ -106,10 +113,10 @@ class ProjectRequestView(LoginRequiredAutoLogoutView, ThemeView):
                     'user_hrn'          : user_hrn,
                     'email'             : user_email,
                     'authority_hrn'     : wsgi_request.POST.get('authority_name', ''),
-                    'project_name'      : wsgi_request.POST.get('project_name', ''),
+                    'project_name'      : project_name,
                     'purpose'           : wsgi_request.POST.get('purpose', ''),
                 }
-                
+
                 # for new projects max project_name length is 10
                 if (len(post['project_name']) >10):
                     errors.append('Project name can be maximum 10 characters long')
@@ -117,14 +124,14 @@ class ProjectRequestView(LoginRequiredAutoLogoutView, ThemeView):
                 #if (post['authority_hrn'] is None or post['authority_hrn'] == ''):
                 #    errors.append('Organization is mandatory')
     
-                if (post['purpose'] is None or post['purpose'] == ''):
+                if post['purpose'] is None or post['purpose'] == '':
                     errors.append('Project purpose is mandatory')
 
-                if (re.search(r'^[A-Za-z0-9_]*$', post['project_name']) == None):
+                if re.search(r'^[A-Za-z0-9_]*$', post['project_name']) is None:
                     errors.append('Project name may contain only letters, numbers, and underscore.')
 
             # What kind of project name is valid?
-            if (post['project_name'] is None or post['project_name'] == ''):
+            if post['project_name'] is None or post['project_name'] == '':
                 errors.append('Project name is mandatory')   
             
             if not errors:
@@ -163,167 +170,3 @@ class ProjectRequestView(LoginRequiredAutoLogoutView, ThemeView):
                'pending_join_projects': pending_join_projects,
         }
         return render(wsgi_request, self.template, env)
-    
-        
-    
-        """
-        """
-        errors = []
-        slice_name =''
-        purpose=''
-        url=''
-        authority_hrn = None
-        authority_name = None
-        # Retrieve the list of authorities
-        authorities_query = Query.get('authority').select('name', 'authority_hrn')
-        authorities = execute_admin_query(wsgi_request, authorities_query)
-        if authorities is not None:
-            authorities = sorted(authorities, key=lambda k: k['authority_hrn'])
-            authorities = sorted(authorities, key=lambda k: k['name'])
-
-        # Get user_email (XXX Would deserve to be simplified)
-        user_query  = Query().get('local:user').select('email','config')
-        user_details = execute_query(wsgi_request, user_query)
-        user_email = user_details[0].get('email')
-        # getting user_hrn
-        for user_detail in user_details:
-            user_config = json.loads(user_detail['config'])
-            user_authority = user_config.get('authority','N/A')              
-        # getting the org from authority        
-        for authority in authorities:
-            if authority['authority_hrn'] == user_authority:
-                authority_name = authority['name']
-
-        # Handle the case when we use only hrn and not name
-        if authority_name is None:
-            authority_name = user_authority
-        #
-        account_query  = Query().get('local:account').select('user_id','platform_id','auth_type','config')
-        account_details = execute_query(wsgi_request, account_query)
-        #
-        platform_query  = Query().get('local:platform').select('platform_id','platform','gateway_type','disabled')
-        platform_details = execute_query(wsgi_request, platform_query)
-        
-        user_hrn = None
-        # getting user_hrn from local:account
-        for account_detail in account_details:
-            for platform_detail in platform_details:
-                if platform_detail['platform_id'] == account_detail['platform_id']:
-                    # taking user_hrn only from myslice account
-                    # NOTE: we should later handle accounts filter_by auth_type= managed OR user
-                    if 'myslice' in platform_detail['platform']:
-                        account_config = json.loads(account_detail['config'])
-                        user_hrn = account_config.get('user_hrn','N/A')
-                        acc_auth_cred = account_config.get('delegated_authority_credentials','N/A')
-
-
-        # checking if pi or not
-        if acc_auth_cred == {} or acc_auth_cred == 'N/A':
-            pi = "is_not_pi"
-        else:
-            pi = "is_pi"
-
-
-        # Page rendering
-#         page = Page(wsgi_request)
-#         page.add_js_files  ( [ "js/jquery.validate.js", "js/jquery-ui.js" ] )
-#         page.add_css_files ( [ "https://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.css" ] )
-#         page.expose_js_metadata()
-
-        if method == 'POST':
-            # The form has been submitted
-
-            # get the domain url
-#             current_site = Site.objects.get_current()
-#             current_site = current_site.domain
-            
-            # getting the authority_hrn from the selected organization
-            for authority in authorities:
-                if authority['name'] == wsgi_request.POST.get('org_name', ''):
-                    authority_hrn = authority['authority_hrn']
-
-            # Handle the case when we use only hrn and not name
-            if authority_hrn is None:
-                authority_hrn = wsgi_request.POST.get('org_name', '')
-
-            slice_request = {
-                'type'              : 'slice',
-                'id'                : None,
-                'user_hrn'          : user_hrn,
-                'email'             : user_email,
-                'timestamp'         : time.time(),
-                'authority_hrn'     : authority_hrn,
-                'organization'      : wsgi_request.POST.get('org_name', ''),
-                'slice_name'        : wsgi_request.POST.get('slice_name', ''),
-                'url'               : wsgi_request.POST.get('url', ''),
-                'purpose'           : wsgi_request.POST.get('purpose', ''),
-                'current_site'      : current_site
-            }
-            
-            # create slice_hrn based on authority_hrn and slice_name
-#             slice_name = slice_request['slice_name']
-            req_slice_hrn = authority_hrn + '.' + slice_name
-            # comparing requested slice_hrn with the existing slice_hrn 
-            slice_query  = Query().get('myslice:slice').select('slice_hrn','parent_authority').filter_by('parent_authority','==',authority_hrn)
-            slice_details_sfa = execute_admin_query(wsgi_request, slice_query)
-            for _slice in slice_details_sfa:
-                if _slice['slice_hrn'] == req_slice_hrn:
-                    errors.append('Slice already exists. Please use a different slice name.')
-            
-
-            # What kind of slice name is valid?
-            if (slice_name is None or slice_name == ''):
-                errors.append('Slice name is mandatory')
-            
-            if (re.search(r'^[A-Za-z0-9_]*$', slice_name) == None):
-                errors.append('Slice name may contain only letters, numbers, and underscore.')
-            
-            organization = slice_request['organization']    
-            if (organization is None or organization == ''):
-                errors.append('Organization is mandatory')
-
-
-    
-            purpose = slice_request['purpose']
-            if (purpose is None or purpose == ''):
-                errors.append('Experiment purpose is mandatory')
-
-            url = slice_request['url']
-
-            if not errors:
-                if is_pi(wsgi_request, user_hrn, authority_hrn):
-                    # PIs can directly create slices in their own authority...
-                    create_slice(wsgi_request, slice_request)
-                    clear_user_creds(wsgi_request, user_email)
-                    self.template_name = 'slice-request-done-view.html'
-                else:
-                    # Otherwise a wsgi_request is sent to the PI
-                    create_pending_slice(wsgi_request, slice_request, user_email)
-                    self.template_name = 'slice-request-ack-view.html'
-                
-                # log user activity
-                activity.user.slice(wsgi_request)
-                
-                return render(wsgi_request, self.template, {'theme': self.theme}) # Redirect after POST
-        else:
-            slice_request = {}
-
-        template_env = {
-            'username': wsgi_request.user.email,
-            'errors': errors,
-            'slice_name': slice_name,
-            'purpose': purpose,
-            'email': user_email,
-            'user_hrn': user_hrn,
-            'url': url,
-            'pi': pi,
-            'authority_name': authority_name,        
-            'authority_hrn': user_authority,        
-            'cc_myself': True,
-            'authorities': authorities,
-            'theme': self.theme,
-            'section': "Slice request"
-        }
-        template_env.update(slice_request)
-        template_env.update(page.prelude_env())
-        return render(wsgi_request, self.template, template_env)
diff --git a/portal/slicerequestview.py b/portal/slicerequestview.py
index f0643e22..82c66551 100644
--- a/portal/slicerequestview.py
+++ b/portal/slicerequestview.py
@@ -3,6 +3,8 @@ import time
 import re
 
 from django.shortcuts           import render
+from django.shortcuts           import render_to_response
+from django.template                    import RequestContext
 from django.contrib.sites.models import Site
 
 from unfold.page                import Page
@@ -32,9 +34,14 @@ class SliceRequestView (LoginRequiredAutoLogoutView, ThemeView):
     def get (self, request):
         return self.get_or_post (request, 'GET')
 
-    def get_or_post  (self, wsgi_request, method):
+    def get_or_post  (self, request, method):
         """
         """
+        from django.conf import settings
+        print "_"*80
+        print settings.TEMPLATE_CONTEXT_PROCESSORS
+        print "_"*80
+
         errors = []
         slice_name =''
         purpose=''
@@ -43,14 +50,14 @@ class SliceRequestView (LoginRequiredAutoLogoutView, ThemeView):
         authority_name = None
         # Retrieve the list of authorities
         authorities_query = Query.get('authority').select('name', 'authority_hrn')
-        authorities = execute_admin_query(wsgi_request, authorities_query)
+        authorities = execute_admin_query(request, authorities_query)
         if authorities is not None:
             authorities = sorted(authorities, key=lambda k: k['authority_hrn'])
             authorities = sorted(authorities, key=lambda k: k['name'])
 
         # Get user_email (XXX Would deserve to be simplified)
         user_query  = Query().get('local:user').select('email','config')
-        user_details = execute_query(wsgi_request, user_query)
+        user_details = execute_query(request, user_query)
         user_email = user_details[0].get('email')
         # getting user_hrn
         for user_detail in user_details:
@@ -66,10 +73,10 @@ class SliceRequestView (LoginRequiredAutoLogoutView, ThemeView):
             authority_name = user_authority
         
         account_query  = Query().get('local:account').select('user_id','platform_id','auth_type','config')
-        account_details = execute_query(wsgi_request, account_query)
+        account_details = execute_query(request, account_query)
         
         platform_query  = Query().get('local:platform').select('platform_id','platform','gateway_type','disabled')
-        platform_details = execute_query(wsgi_request, platform_query)
+        platform_details = execute_query(request, platform_query)
         user_hrn = None
         #getting user_hrn from local:account
         for account_detail in account_details:
@@ -89,11 +96,11 @@ class SliceRequestView (LoginRequiredAutoLogoutView, ThemeView):
         #else:
         #    pi = "is_pi"
 
-        pi = authority_check_pis (wsgi_request, user_email)
+        pi = authority_check_pis (request, user_email)
         logger.debug("SLICEREQUESTVIEW.PY -----  pi= {}".format(pi))
 
         # Page rendering
-        page = Page(wsgi_request)
+        page = Page(request)
         page.add_js_files  ( [ "js/jquery.validate.js", "js/jquery-ui.js" ] )
         page.add_css_files ( [ "css/jquery-ui.css" ] )
         page.expose_js_metadata()
@@ -107,18 +114,25 @@ class SliceRequestView (LoginRequiredAutoLogoutView, ThemeView):
             
             # getting the authority_hrn from the selected organization
             for authority in authorities:
-                if authority['name'] == wsgi_request.POST.get('org_name', ''):
+                if authority['name'] == request.POST.get('org_name', ''):
                     authority_hrn = authority['authority_hrn']
 
             # Handle the case when we use only hrn and not name
             if authority_hrn is None:
-                authority_hrn = wsgi_request.POST.get('org_name', '')
+                authority_hrn = request.POST.get('org_name', '')
 
             # Handle project if used
-            project = wsgi_request.POST.get('project', None)
+            project = request.POST.get('project', None)
             if project is not None and project != '':
                 authority_hrn = project
 
+            slice_name = wsgi_request.POST.get('slice_name', '')
+            if not slice_name or len(slice_name) == 0 :
+                errors.append('Slice name can\'t be empty')
+
+            # accept only lowercase names
+            slice_name = slice_name.lower()
+
             slice_request = {
                 'type'              : 'slice',
                 'id'                : None,
@@ -126,17 +140,15 @@ class SliceRequestView (LoginRequiredAutoLogoutView, ThemeView):
                 'email'             : user_email,
                 'timestamp'         : time.time(),
                 'authority_hrn'     : authority_hrn,
-                'organization'      : wsgi_request.POST.get('org_name', ''),
-                'slice_name'        : wsgi_request.POST.get('slice_name', ''),
-                'url'               : wsgi_request.POST.get('url', ''),
-                'purpose'           : wsgi_request.POST.get('purpose', ''),
+                'organization'      : request.POST.get('org_name', ''),
+                'slice_name'        : slice_name,
+                'url'               : request.POST.get('url', ''),
+                'purpose'           : request.POST.get('purpose', ''),
                 'current_site'      : current_site
             }
-            
-            # create slice_hrn based on authority_hrn and slice_name
-            slice_name = slice_request['slice_name']
+
             # slice name is unique among all authorities 
-            slice_query  = Query().get('myslice:slice').select('slice_hrn')
+            slice_query = Query().get('myslice:slice').select('slice_hrn')
             slice_details_sfa = execute_admin_query(wsgi_request, slice_query)
             for _slice in slice_details_sfa:
                 split_list = _slice['slice_hrn'].split('.')
@@ -146,18 +158,18 @@ class SliceRequestView (LoginRequiredAutoLogoutView, ThemeView):
             
 
             # What kind of slice name is valid?
-            if (slice_name is None or slice_name == ''):
+            if slice_name is None or slice_name == '':
                 errors.append('Slice name is mandatory')
             
-            if (re.search(r'^[A-Za-z0-9_]*$', slice_name) == None):
+            if re.search(r'^[A-Za-z0-9_]*$', slice_name) is None:
                 errors.append('Slice name may contain only letters, numbers, and underscore.')
             
             organization = slice_request['organization']
             if theme.theme == 'fed4fire':
-                if (organization is None or organization == ''):
+                if organization is None or organization == '':
                     errors.append('Selecting project is mandatory')
             else:
-                if (organization is None or organization == ''):
+                if organization is None or organization == '':
                     errors.append('Organization is mandatory')
 
             slice_length= len(slice_request['slice_name'])
@@ -167,31 +179,31 @@ class SliceRequestView (LoginRequiredAutoLogoutView, ThemeView):
 
     
             purpose = slice_request['purpose']
-            if (purpose is None or purpose == ''):
+            if purpose is None or purpose == '':
                 errors.append('Experiment purpose is mandatory')
 
             url = slice_request['url']
 
             if not errors:
-                if is_pi(wsgi_request, user_hrn, authority_hrn):
+                if is_pi(request, user_hrn, authority_hrn):
                     # PIs can directly create slices in their own authority...
-                    create_slice(wsgi_request, slice_request)
-                    clear_user_creds(wsgi_request, user_email)
+                    create_slice(request, slice_request)
+                    clear_user_creds(request, user_email)
                     self.template_name = 'slice-request-done-view.html'
                 else:
-                    # Otherwise a wsgi_request is sent to the PI
-                    create_pending_slice(wsgi_request, slice_request, user_email)
+                    # Otherwise a request is sent to the PI
+                    create_pending_slice(request, slice_request, user_email)
                     self.template_name = 'slice-request-ack-view.html'
                 
                 # log user activity
-                activity.user.slice(wsgi_request)
-                
-                return render(wsgi_request, self.template, {'theme': self.theme}) # Redirect after POST
+                activity.user.slice(request)
+                return render_to_response(self.template, {'theme': self.theme, 'request':request}, context_instance=RequestContext(request))
+                #return render(request, self.template, {'theme': self.theme}) # Redirect after POST
         else:
             slice_request = {}
 
         template_env = {
-            'username': wsgi_request.user.email,
+            'username': request.user.email,
             'topmenu_items': topmenu_items_live('Request a slice', page),
             'errors': errors,
             'slice_name': slice_name,
@@ -205,8 +217,11 @@ class SliceRequestView (LoginRequiredAutoLogoutView, ThemeView):
             'cc_myself': True,
             'authorities': authorities,
             'theme': self.theme,
-            'section': "Slice request"
+            'section': "Slice request",
+            'request': request,
         }
         template_env.update(slice_request)
         template_env.update(page.prelude_env())
-        return render(wsgi_request, self.template, template_env)
+
+        return render_to_response(self.template,template_env, context_instance=RequestContext(request))
+        #return render(request, self.template, template_env)
diff --git a/portal/sliceresourceview.py b/portal/sliceresourceview.py
index 0968b5db..341fa4b6 100644
--- a/portal/sliceresourceview.py
+++ b/portal/sliceresourceview.py
@@ -412,28 +412,11 @@ class SliceResourceView (LoginRequiredView, ThemeView):
            #outline_complete    = True,
            username            = request.user,
         )
-
-        ## check user is pi or not
-        platform_query  = Query().get('local:platform').select('platform_id','platform','gateway_type','disabled')
-        account_query  = Query().get('local:account').select('user_id','platform_id','auth_type','config')
-        platform_details = execute_query(self.request, platform_query)
-        account_details = execute_query(self.request, account_query)
-
-        # XXX When session has expired, this is None and thus not iterable
-        for platform_detail in platform_details:
-            for account_detail in account_details:
-                if platform_detail['platform_id'] == account_detail['platform_id']:
-                    if 'config' in account_detail and account_detail['config'] is not '':
-                        account_config = json.loads(account_detail['config'])
-                        if 'myslice' in platform_detail['platform']:
-                            acc_auth_cred = account_config.get('delegated_authority_credentials','N/A')
-        # assigning values
-        if acc_auth_cred == {} or acc_auth_cred == 'N/A':
-            pi = "is_not_pi"
-        else:
-            pi = "is_pi"
         
         template_env = {}
+
+        template_env['request'] = self.request       
+
         template_env['list_resources'] = list_resources.render(self.request)
         template_env['list_reserved_resources'] = list_reserved_resources.render(self.request)
         template_env['list_reserved_leases'] = list_reserved_leases.render(self.request)
@@ -457,11 +440,10 @@ class SliceResourceView (LoginRequiredView, ThemeView):
        # template_env['vms_list'] = univbrisvtamplugin.render(self.request)
        # template_env['vm_form'] = univbrisvtamform.render(self.request)
 
-#        template_env['pending_resources'] = pending_resources.render(self.request)
+       # template_env['pending_resources'] = pending_resources.render(self.request)
         template_env['sla_dialog'] = sla_dialog.render(self.request)
         template_env["theme"] = self.theme
         template_env["username"] = request.user
-        template_env["pi"] = pi
         template_env["slice"] = slicename
         template_env["section"] = "resources"
         template_env["msg"] = msg
diff --git a/portal/slicetabexperiment.py b/portal/slicetabexperiment.py
index 138754a0..cc20df2a 100644
--- a/portal/slicetabexperiment.py
+++ b/portal/slicetabexperiment.py
@@ -23,6 +23,8 @@ from sfa.planetlab.plxrn import hash_loginbase
 import urllib2,json
 
 class ExperimentView (FreeAccessView, ThemeView):
+    # parent View is portal/sliceview.py
+
     template_name = 'slice-tab-experiment.html'
 
     def get (self, request, slicename, state=None):
@@ -99,6 +101,16 @@ class ExperimentView (FreeAccessView, ThemeView):
         for user in all_users:
             if user['email'] == username:
                 iot_login = user['login']
-            
-        return render_to_response(self.template, { 'theme' : self.theme,'slicename':slicename, 'ple_slicename':ple_slicename, 'username':username, 'ple_resources':ple_resource_list, 'nitos_resources': nitos_resource_list, 'nitos_paris_resources':nitos_paris_resource_list, 'iotlab_resources':iotlab_resource_list, 'iot_login':iot_login }, context_instance=RequestContext(request))
+        env = { 'theme' : self.theme,
+                'slicename':slicename, 
+                'ple_slicename':ple_slicename, 
+                'username':username, 
+                'ple_resources':ple_resource_list, 
+                'nitos_resources': nitos_resource_list, 
+                'nitos_paris_resources':nitos_paris_resource_list, 
+                'iotlab_resources':iotlab_resource_list, 
+                'iot_login':iot_login,
+                'request':self.request,
+              }
+        return render_to_response(self.template, env, context_instance=RequestContext(request))
 
diff --git a/portal/sliceview.py b/portal/sliceview.py
index 7bf139d1..b5fe92fa 100644
--- a/portal/sliceview.py
+++ b/portal/sliceview.py
@@ -20,27 +20,10 @@ class SliceView (LoginRequiredView, ThemeView):
     template_name = "slice-view.html"
     
     def get(self, request, slicename):
-        ## check user is pi or not
-        platform_query  = Query().get('local:platform').select('platform_id','platform','gateway_type','disabled')
-        account_query  = Query().get('local:account').select('user_id','platform_id','auth_type','config')
-        platform_details = execute_query(self.request, platform_query)
-        account_details = execute_query(self.request, account_query)
-        for platform_detail in platform_details:
-            for account_detail in account_details:
-                if platform_detail['platform_id'] == account_detail['platform_id']:
-                    if 'config' in account_detail and account_detail['config'] is not '':
-                        account_config = json.loads(account_detail['config'])
-                        if 'myslice' in platform_detail['platform']:
-                            acc_auth_cred = account_config.get('delegated_authority_credentials','N/A')
-        # assigning values
-        if acc_auth_cred == {} or acc_auth_cred == 'N/A':
-            pi = "is_not_pi"
-        else:
-            pi = "is_pi"
+
         return render_to_response(self.template,
                                   {"slice" : slicename,
                                    "theme" : self.theme,
                                    "username" : request.user,
-                                   "pi" : pi,
-                                   "section" : "Slice {}".format(slicename) },
+                                   "section" : "Slice {}".format(slicename),'request':request },
                                   context_instance=RequestContext(request))
diff --git a/portal/supportview.py b/portal/supportview.py
index 80653e82..23bcf763 100644
--- a/portal/supportview.py
+++ b/portal/supportview.py
@@ -31,24 +31,6 @@ class SupportView (FreeAccessView, ThemeView):
 
         if request.user.is_authenticated(): 
             env['person'] = self.request.user
-            ## check user is pi or not
-            platform_query  = Query().get('local:platform').select('platform_id','platform','gateway_type','disabled')
-            account_query  = Query().get('local:account').select('user_id','platform_id','auth_type','config')
-            platform_details = execute_query(self.request, platform_query)
-            account_details = execute_query(self.request, account_query)
-            for platform_detail in platform_details:
-                for account_detail in account_details:
-                    if platform_detail['platform_id'] == account_detail['platform_id']:
-                        if 'config' in account_detail and account_detail['config'] is not '':
-                            account_config = json.loads(account_detail['config'])
-                            if 'myslice' in platform_detail['platform']:
-                                acc_auth_cred = account_config.get('delegated_authority_credentials','N/A')
-            # assigning values
-            if acc_auth_cred == {} or acc_auth_cred == 'N/A':
-                pi = "is_not_pi"
-            else:
-                pi = "is_pi"
-            env['pi'] = pi
         else: 
             env['person'] = None
     
@@ -60,6 +42,6 @@ class SupportView (FreeAccessView, ThemeView):
         if state: env['state'] = state
         elif not env['username']: env['state'] = None
         # use one or two columns for the layout - not logged in users will see the login prompt
-
+        env['request'] = request
         return render_to_response(self.template, env, context_instance=RequestContext(request))
 
diff --git a/portal/templates/_widget-topmenu.html b/portal/templates/_widget-topmenu.html
index 668c3d32..320642f5 100644
--- a/portal/templates/_widget-topmenu.html
+++ b/portal/templates/_widget-topmenu.html
@@ -19,9 +19,9 @@
 							</ul>
 					</div>
 				</li>
-				{%if 'is_pi'  in pi %}	
+                {% if request.session.user.pi %}
 				<li id="nav-institution" class=""><a href="/institution">MANAGEMENT</a></li>
-				 {%endif%}
+				{%endif%}
 				<li><a href="/support/">SUPPORT</a></li>
 			</ul>
 		</div>
diff --git a/portal/templates/base.html b/portal/templates/base.html
index c83c2bdc..4b5999ee 100644
--- a/portal/templates/base.html
+++ b/portal/templates/base.html
@@ -76,7 +76,9 @@ $(document).ready(function() {
             slices.push("no slice");
         }else{
             slices = user.slices;
-            //drawSlices(slices);
+            {% if theme != "fed4fire" %}
+            drawSlices(slices);
+            {% endif %}
         }
         {% if theme == "fed4fire" %}
         p = myslice.get_projects();
diff --git a/portal/templates/fed4fire/fed4fire_home-view.html b/portal/templates/fed4fire/fed4fire_home-view.html
index 5e6a5108..54a24679 100644
--- a/portal/templates/fed4fire/fed4fire_home-view.html
+++ b/portal/templates/fed4fire/fed4fire_home-view.html
@@ -166,5 +166,5 @@
 <script src='https://authority.ilabt.iminds.be/js/jquery/jquery-ui.min.js'></script>
 <script src="//java.com/js/dtjava.js"></script>
 <script src='https://authority.ilabt.iminds.be/js/jfed_webstart_f4fportal.js'></script>
-
+<link rel='stylesheet' href='https://authority.ilabt.iminds.be/js/jquery/jquery-ui.css' />
 {% endblock %}
diff --git a/portal/templates/fed4fire/fed4fire_projectrequest_view.html b/portal/templates/fed4fire/fed4fire_projectrequest_view.html
index 1da22fa6..5daf0cce 100644
--- a/portal/templates/fed4fire/fed4fire_projectrequest_view.html
+++ b/portal/templates/fed4fire/fed4fire_projectrequest_view.html
@@ -125,10 +125,8 @@
 <script>
 $(document).ready(function() {
     var myprojects = JSON.parse(localStorage.getItem('projects'));
-    console.log(myprojects);
     if (myprojects) {
         $.each(myprojects, function (i, val){
-            console.log(val);
             $('.project-list').append('<tr><td>'+ val +'</td></tr>');
         });
     } else {
@@ -159,6 +157,12 @@ $(document).ready(function() {
         $("#project_loading").hide();
         $("#projects").html(projects.join( "" ));
         $("#projects").combobox();
+        var $s = jQuery("#projects").next().attr('id','listProjects');
+        jQuery('#listProjects').bind("click",function(){
+            // show all items click
+            this.childNodes[1].click();
+        });
+
     });
 /*
 	
@@ -204,6 +208,9 @@ $(document).ready(function() {
 	// auto-complete the form
     jQuery("#org_name").combobox();
 
+    $('input[name=project_name]').keyup(function(){
+        this.value = this.value.toLowerCase();
+    });
 });
 </script>
 {% endblock %}
diff --git a/portal/templates/fed4fire/fed4fire_slicerequest_view.html b/portal/templates/fed4fire/fed4fire_slicerequest_view.html
index 4f8546e5..07a45971 100644
--- a/portal/templates/fed4fire/fed4fire_slicerequest_view.html
+++ b/portal/templates/fed4fire/fed4fire_slicerequest_view.html
@@ -79,39 +79,10 @@ jQuery(document).ready(function(){
                 }
         }
     }).bind('focus', function(){ $(this).autocomplete("search"); } );
+    $('input[name=slice_name]').keyup(function(){
+        this.value = this.value.toLowerCase();
+    });
 });
-
-/*function draw_projects(authority_hrn){
-
-    var projects = [];
-    project_row = "<option value=''> - </option>";
-    projects.push(project_row);
-
-    if(authority_hrn.length > 0){
-        // Not for root authority
-        if(authority_hrn.split('.').length > 1){
-            $.post("/rest/myslice:authority/",{'fields':['authority_hrn','pi_users'],'filters':{'authority_hrn':'CONTAINS'+authority_hrn}}, function( data ) {
-               
-                $.each( data, function( key, val ) {
-                    project_row = "<option value='"+val.authority_hrn+"'>"+val.authority_hrn+"</option>";
-                    projects.push(project_row);
-                });
-                $("#project").html(projects.join( "" ));
-            });
-        }else{
-            $("#project").html(projects.join( "" ));
-        }
-    }else{
-        my_projects = JSON.parse(localStorage.getItem('projects'));
-        $.each( my_projects, function( i, val ) {
-            project_row = "<option value='"+val+"'>"+val+"</option>";
-            projects.push(project_row);
-        });
-        $("#project").html(projects.join( "" ));
-    }
-    $("#project").show();
-    $("#project_loading").hide();
-}*/
 </script>
 {% endblock %}
 
diff --git a/portal/templates/onelab/onelab_account-view.html b/portal/templates/onelab/onelab_account-view.html
index e0629490..ffa882f9 100644
--- a/portal/templates/onelab/onelab_account-view.html
+++ b/portal/templates/onelab/onelab_account-view.html
@@ -130,7 +130,7 @@
 				  						<input type="file" name="pubkey" class="required" id="pubkey"/>  
 				  						<input class="btn btn-default btn-xs" name="upload_key" id="upload_key"  type="submit" title="Upload your public key" value="Upload"
 										   onclick="return confirm('Are you sure? It will overwrite your current credentials and you have delegate it manually.');"/>
-								</span>
+							
 								<div style='display:none;'> <input type='hidden'  name='dload'  /> </div> 
 								<button type="submit" name="dl_pubkey" class="btn btn-default btn-xs" title="Download your public key" id="dl_pubkey" onclick="javascript:document.getElementById('button_value').value='dl_pubkey';">
 									<span class="glyphicon glyphicon-download"></span> Download
diff --git a/portal/templates/onelab/onelab_slicerequest_view.html b/portal/templates/onelab/onelab_slicerequest_view.html
index 3394e59e..c2264823 100644
--- a/portal/templates/onelab/onelab_slicerequest_view.html
+++ b/portal/templates/onelab/onelab_slicerequest_view.html
@@ -34,13 +34,13 @@
 				title="Please enter a name for your slice"required="required">
 			  </div>
 			  <div class="form-group">
-				{% if pi %}
-				<input type="text" class="form-control" id="authority_hrn" name="org_name" style="width:300px" placeholder="Organization" 
+                {% if request.session.user.pi %}
+                <input type="text" class="form-control" id="authority_hrn" name="authority_hrn" style="width:300px" placeholder="Authority" 
 				title="An authority responsible for vetting your slice" required="required">
-				{% else %}
-			    <input type="text" class="form-control" id="authority_hrn" name="org_name" placeholder="Organization" style="width:300px;" 
-				title="An authority responsible for vetting your slice" required="required" readonly>
-				{% endif %}
+                {% else %}
+                <input type="text" class="form-control" id="authority_hrn" name="authority_hrn" placeholder="Authority" style="width:300px; display:none;" 
+				title="An authority responsible for vetting your slice" required="required" readonly="readonly">
+                {% endif %}
 			  </div>
 			  <div class="form-group">
 			    <input type="text" class="form-control" name="url" id="url" style="width:300px" placeholder="Experiment URL (if one exists)"
diff --git a/portal/templates/onelab/onelab_widget-topmenu.html b/portal/templates/onelab/onelab_widget-topmenu.html
index 668c3d32..320642f5 100644
--- a/portal/templates/onelab/onelab_widget-topmenu.html
+++ b/portal/templates/onelab/onelab_widget-topmenu.html
@@ -19,9 +19,9 @@
 							</ul>
 					</div>
 				</li>
-				{%if 'is_pi'  in pi %}	
+                {% if request.session.user.pi %}
 				<li id="nav-institution" class=""><a href="/institution">MANAGEMENT</a></li>
-				 {%endif%}
+				{%endif%}
 				<li><a href="/support/">SUPPORT</a></li>
 			</ul>
 		</div>
diff --git a/portal/templates/slice-tab-users-view.html b/portal/templates/slice-tab-users-view.html
index 82acd013..29a4f57e 100644
--- a/portal/templates/slice-tab-users-view.html
+++ b/portal/templates/slice-tab-users-view.html
@@ -4,7 +4,6 @@
 <link rel="stylesheet" href="{{ STATIC_URL }}css/jquery-ui.css">
 <script>
     function get_users_in_slice(authority_hrn){
-        console.log(authority_hrn);
         $("table#user-tab").html("<tr><th>+/-</th><th>Email</th><th>User hrn</th></tr>");
      	var slice_users = [];
     	var slice_users_removed = [];
diff --git a/portal/templates/slicerequest_view.html b/portal/templates/slicerequest_view.html
index 880521b4..0faf5c15 100644
--- a/portal/templates/slicerequest_view.html
+++ b/portal/templates/slicerequest_view.html
@@ -32,13 +32,13 @@
 				title="Please enter a name for your slice"required="required">
 			  </div>
 			  <div class="form-group">
-				{%if 'is_pi'  in pi %}
-				<input type="text" class="form-control" id="authority_hrn" name="authority_hrn" style="width:300px" placeholder="Authority" 
+                {% if request.session.user.pi %}
+                <input type="text" class="form-control" id="authority_hrn" name="authority_hrn" style="width:300px" placeholder="Authority" 
 				title="An authority responsible for vetting your slice" required="required">
-				{%else%}
-			    <input type="text" class="form-control" id="authority_hrn" name="authority_hrn" placeholder="Authority" style="width:300px; display:none;" 
+                {% else %}
+                <input type="text" class="form-control" id="authority_hrn" name="authority_hrn" placeholder="Authority" style="width:300px; display:none;" 
 				title="An authority responsible for vetting your slice" required="required" readonly="readonly">
-				{%endif%}
+                {% endif %}
 			  </div>
 			  <div class="form-group">
 			    <input type="number" class="form-control" name="number_of_nodes" id="number_of_nodes" style="width:300px" placeholder="Number of nodes"
@@ -79,6 +79,9 @@ jQuery(document).ready(function(){
       minLength: 0,
       select: function( event, ui ) {console.log(jQuery(this));}
     });
+    $('input[name=slice_name]').keyup(function(){
+        this.value = this.value.toLowerCase();
+    });
 });
 </script>
 {% endblock %}
diff --git a/unfold/loginrequired.py b/unfold/loginrequired.py
index 7b10be49..afe24f3f 100644
--- a/unfold/loginrequired.py
+++ b/unfold/loginrequired.py
@@ -4,7 +4,7 @@ from django.http                        import HttpResponseRedirect
 # for 'as_view' that we need to call in urls.py and the like
 from django.views.generic.base          import TemplateView
 
-from manifoldapi.manifoldresult            import ManifoldException
+from manifoldapi.manifoldresult         import ManifoldException
 
 from myslice.settings import logger