From: Pedro, Carlos and Rezende Date: Fri, 24 Oct 2014 18:00:22 +0000 (-0200) Subject: Merge branch 'onelab' of ssh://git.onelab.eu/git/myslice into fibre X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=d9c4cf9cd7f3269068e048563b2975d26af2ae70;hp=-c;p=unfold.git Merge branch 'onelab' of ssh://git.onelab.eu/git/myslice into fibre Conflicts: portal/homeview.py portal/sliceresourceview.py portal/templates/slice-resource-view.html --- d9c4cf9cd7f3269068e048563b2975d26af2ae70 diff --combined manifoldapi/static/js/manifold.js index 31d4b000,ca111de7..01b48f51 --- a/manifoldapi/static/js/manifold.js +++ b/manifoldapi/static/js/manifold.js @@@ -33,13 -33,13 +33,13 @@@ Array.prototype.equals = function (arra if (this[i] instanceof Array && array[i] instanceof Array) { // recurse into the nested arrays if (!this[i].equals(array[i])) - return false; - } - else if (this[i] != array[i]) { + return false; + } + else if (this[i] != array[i]) { // Warning - two different object instances will never be equal: {x:20} != {x:20} - return false; - } - } + return false; + } + } return true; } @@@ -360,7 -360,6 +360,7 @@@ function QueryStore() //var key = manifold.metadata.get_key(query_ext.query.object); var record_key_value = manifold.record_get_value(record, record_key); + query_ext.records.put(record_key_value, record); if (!(query_ext.state.get(record_key_value))) @@@ -786,6 -785,7 +786,7 @@@ var manifold = switch (this_type) { case TYPE_VALUE: case TYPE_LIST_OF_VALUES: + case TYPE_LIST_OF_RECORDS: if (this_value != other_value) return false; break; @@@ -793,6 -793,9 +794,9 @@@ if (!(_record_equals(this_value, other_value, key_fields))) return false; break; + /* + XXX WARNING = disabled for OpenFlow plugin !!! + case TYPE_LIST_OF_RECORDS: if (this_value.length != other_value.length) return false; @@@ -800,6 -803,7 +804,7 @@@ if (!(_record_equals(this_value[j], other_value[j], key_fields))) return false; break; + */ } } return true; @@@ -1111,6 -1115,6 +1116,9 @@@ * otherwise, publish the main object as well as subqueries * XXX how much recursive are we ? */ ++ if (records == null){ ++ records = Array(); ++ } if (manifold.pubsub_debug) messages.debug (">>>>> publish_result_rec " + query.object); if (manifold.query_expects_unique_result(query)) { @@@ -1224,6 -1228,11 +1232,11 @@@ } key = manifold.metadata.get_key(new_object); + if (!key){ + console.log("object type: " + new_object + " has no key"); + console.log(record); + return; + } record.hashCode = manifold.record_hashcode(key.sort()); record.equals = manifold.record_equals(key); diff --combined portal/actions.py index c7ed62bc,400f3a73..a76e3a79 --- a/portal/actions.py +++ b/portal/actions.py @@@ -12,9 -12,6 +12,9 @@@ from django.core.mail import from myslice.theme import ThemeView +# LS Client - By Bruno Soares (UFG) +from lsapiclient import LaboraSchedulerClient + theme = ThemeView() import activity.slice @@@ -61,7 -58,7 +61,7 @@@ def clear_user_creds(request, user_emai try: user_query = Query().get('local:user').filter_by('email', '==', user_email).select('user_id','email','password','config') user_details = execute_admin_query(request, user_query) - + # getting the user_id from the session for user_detail in user_details: user_id = user_detail['user_id'] @@@ -161,21 -158,15 +161,21 @@@ def manifold_add_user(wsgi_request, req ? """ + + authority_hrn = request['authority_hrn'] + request['authority_hrn'] = authority_hrn.split(".")[0] + USER_CONFIG = '{"firstname": "%(first_name)s", "lastname": "%(last_name)s", "authority": "%(authority_hrn)s"}' user_params = { - 'email' : request['email'], + 'email' : request['username'], 'password' : request['password'], 'config' : USER_CONFIG % request, - 'status' : 1, + 'status' : 1 } + request['authority_hrn'] = authority_hrn + query = Query.create('local:user').set(user_params).select('email') results = execute_admin_query(request, query) if not results: @@@ -243,8 -234,6 +243,8 @@@ def make_request_user(user) request['user_hrn'] = user.user_hrn request['public_key'] = user.public_key request['private_key'] = user.private_key + request['username'] = user.login + request['reasons'] = user.reasons return request def make_request_slice(slice): @@@ -669,21 -658,6 +669,21 @@@ def create_pending_slice(wsgi_request, try: # Send an email: the recipients are the PI of the authority recipients = authority_get_pi_emails(wsgi_request, request['authority_hrn']) + + pis = authority_get_pis(request, request['authority_hrn']) + pi_emails = [] + for x in pis: + for e in x['pi_users']: + try: + u = e.split(".")[1] + y = User.objects.get(username = u) + print y.username + if y.username.count("@") != 0: + if y.username.split("@")[1] == request['user_hrn'].split("@")[1]: + pi_emails += [y.email] + print y.email + except: + print "fail" theme.template_name = 'slice_request_email.txt' text_content = render_to_string(theme.template, request) @@@ -695,12 -669,8 +695,12 @@@ subject = render_to_string(theme.template, request) subject = subject.replace('\n', '') - sender = email - msg = EmailMultiAlternatives(subject, text_content, sender, recipients) + theme.template_name = 'email_default_sender.txt' + sender = render_to_string(theme.template, request) + sender = sender.replace('\n', '') + + #sender = email + msg = EmailMultiAlternatives(subject, text_content, sender, pi_emails) msg.attach_alternative(html_content, "text/html") msg.send() except Exception, e: @@@ -718,7 -688,7 +718,7 @@@ def manifold_add_reference_user_account # Retrieve user information user_query = Query().get('local:user') \ .select('user_id', 'config', 'email', 'status') \ - .filter_by('email', '==', request['email']) + .filter_by('email', '==', request['username']) user_details = execute_admin_query(wsgi_request, user_query) # USER MAIN ACCOUNT != reference @@@ -779,10 -749,6 +779,10 @@@ def sfa_create_user(wsgi_request, reque 'user_enabled' : True } + ## Conflict + #query = Query.create('user').set(sfa_user_params).select('user_hrn') + #results = execute_query(wsgi_request, query) + if namespace is not None: query = Query.create('%s:user' % namespace).set(sfa_user_params).select('user_hrn') else: @@@ -796,64 -762,26 +796,64 @@@ if not results: raise Exception, "Could not create %s. Already exists ?" % sfa_user_params['user_hrn'] else: - try: - theme.template_name = 'user_request_validated.txt' - text_content = render_to_string(theme.template, request) - theme.template_name = 'user_request_validated.html' - html_content = render_to_string(theme.template, request) - - theme.template_name = 'email_default_sender.txt' - sender = render_to_string(theme.template, request) - sender = sender.replace('\n', '') + subject = 'User validated' + msg = 'A manager of your institution has validated your account. You have now full user access to the portal.' + send_mail(subject, msg, 'support@fibre.org.br',[request['email']], fail_silently=False) + return results +def ls_create_user(wsgi_request, request, user_detail): + organization = request['username'].split('@')[1] + lsClient = LaboraSchedulerClient( organization ) - subject = 'User validated' + orgGIDNumber = lsClient.get_testbed_info()['gidnumber'] + userHomeDirectory = "/home/" + organization + "/" + request['username'].split('@')[0] + userHomeDirectory = userHomeDirectory.encode('utf-8') + + userData = { + 'username' : request['username'], + 'email' : request['email'].encode('utf-8'), + 'password' : request['password'].encode('utf-8'), + 'name' : str( request['first_name'].encode('latin1') ) + ' ' + str( request['last_name'].encode('latin1') ), + 'gidnumber' : orgGIDNumber, + 'homedirectory' : userHomeDirectory, + 'created_by' : "myslice" + } + + # Add user in the island. + addUser = lsClient.add_user( userData ) + + # User successfully created, upload user public key. + if addUser: + ls_update_public_key( wsgi_request, request, lsClient, addUser ) + + return addUser - msg = EmailMultiAlternatives(subject, text_content, sender, [request['email']]) - msg.attach_alternative(html_content, "text/html") - msg.send() - except Exception, e: - print "Failed to send email, please check the mail templates and the SMTP configuration of your server" +def ls_validate_user(wsgi_request, request): + organization = request['username'].split('@')[1] + lsClient = LaboraSchedulerClient( organization ) + + userId = lsClient.get_user_id_by_username( { 'username': str( request['username'] ) } ) + + validate = False + if userId: + userData = { + 'user_id' : userId, + 'new_user_data' : { 'enable': 'TRUE' } + } + + validate = lsClient.update_user( userData ) + + return validate and addUserPublicKey - return results +def ls_update_public_key( wsgi_request, request, lsClient, userId ): + userPbKey = { + 'user_id' : userId, + 'public_key' : request['public_key'] + } + + addUserPublicKey = lsClient.add_user_public_key( userPbKey ) + + return addUserPublicKey def iotlab_create_user (wsgi_request, request, namespace = None, as_admin=False): @@@ -882,7 -810,7 +882,7 @@@ "structure" : request['authority_hrn'], "city" : "N/A", "country" : "N/A", - "sshPublicKey" : [request['public_key']], + "sshPublicKey" : request['public_key'], "motivations" : "SFA federation", } @@@ -897,129 -825,15 +897,129 @@@ def create_user(wsgi_request, request, # NOTE : if we were to create a user directly (just like we create slices, # we would have to perform the steps in create_pending_user too + + # Edelberto - I put this more below + # Add the user to the SFA registry + #sfa_create_user(wsgi_request, request) + + # Update Manifold user status + manifold_update_user(wsgi_request, request['username'], {'status': USER_STATUS_ENABLED}) + # Add reference accounts for platforms + manifold_add_reference_user_accounts(wsgi_request, request) + + # Conflict + # sfa_create_user(wsgi_request, request) # Add the user to the SFA registry sfa_create_user(wsgi_request, request, namespace, as_admin) + + # Validate the user using the LS API ( By Bruno - UFG ): + try: + ls_validate_user( wsgi_request, request ) + except Exception, e: + "Error to validate the user in Labora Scheduler." + +def create_user_in_ldap(wsgi_request, request, user_detail): + """ + """ + + # saves the user to django auth_user table [needed for password reset] + user = User.objects.create_user(request['username'], request['email'], request['password']) + + # Creating a manifold user + user_id = manifold_add_user(wsgi_request, request) + + # Creating a Manifold account on the MySlice platform + # Note the JSON representation of public and private keys already includes quotes + account_config = { + 'user_hrn' : request['user_hrn'], + 'user_public_key' : request['public_key'], + } + if request['private_key']: + account_config['user_private_key'] = request['private_key'] + + user_id = user_detail['user_id'] + 1 # the user_id for the newly created user in local:user + + # XXX TODO: Require a myslice platform + # ALERT: this will disapear with ROUTERV2 of Manifold + # We have to consider the case where several registries can be used + # Removed hardcoded platform = 5 + # This platform == 'myslice' is a TMP FIX !! + try: + reg_platform_query = Query().get('local:platform') \ + .filter_by('platform', '==', 'myslice') \ + .select('platform_id') + reg_platform = execute_admin_query(wsgi_request, reg_platform_query) + reg_platform_id = reg_platform[0]['platform_id'] + account_params = { + 'platform_id' : reg_platform_id, # XXX ALERT !! + 'user_id' : user_id, + 'auth_type' : request['auth_type'], + 'config' : json.dumps(account_config), + } + manifold_add_account(wsgi_request, account_params) + except Exception, e: + print "Failed creating manifold account on platform %s for user: %s" % ('myslice', request['email']) + + # XXX This has to be stored centrally + USER_STATUS_ENABLED = 2 # Update Manifold user status - manifold_update_user(wsgi_request, request['email'], {'status': USER_STATUS_ENABLED}) + manifold_update_user(wsgi_request, request['username'], {'status': USER_STATUS_ENABLED}) # Add reference accounts for platforms manifold_add_reference_user_accounts(wsgi_request, request) + + organization = request['username'].split('@')[1] + lsClient = LaboraSchedulerClient( organization ) + + userId = lsClient.get_user_id_by_username( { 'username': str( request['username'] ) } ) + + ls_up_pkey = ls_update_public_key( wsgi_request, request, lsClient, userId ) + + if ls_up_pkey: + print "OK PKEY" + + from sfa.util.xrn import Xrn + + auth_pi = request.get('pi', None) + auth_pi = list([auth_pi]) if auth_pi else list() + + # We create a user request with Manifold terminology + sfa_user_params = { + 'user_hrn' : request['user_hrn'], + 'user_email' : request['email'], + 'user_urn' : Xrn(request['user_hrn'], request['type']).get_urn(), + 'user_type' : request['type'], + 'keys' : request['public_key'], + 'user_first_name' : request['first_name'], + 'user_last_name' : request['last_name'], + 'pi_authorities' : auth_pi, + 'user_enabled' : True + } + + print request['user_hrn'] + print request['email'] + print request['first_name'] + print request['last_name'] + print request['type'] + print request['public_key'] + + query = Query.create('user').set(sfa_user_params).select('user_hrn') + + print query + + results = execute_admin_query(wsgi_request, query) + + print results + + if not results: + raise Exception, "Could not create %s. Already exists ?" % sfa_user_params['user_hrn'] + else: + subject = 'User validated' + msg = 'A manager of your institution has validated your account. You have now full user access to the portal.' + send_mail(subject, msg, 'support@fibre.org.br',[request['email']], fail_silently=False) + return results # Add the user to iotlab portal if theme is set to onelab if theme.theme == 'onelab': @@@ -1035,18 -849,15 +1035,18 @@@ def create_pending_user(wsgi_request, r last_name = request['last_name'], authority_hrn = request['authority_hrn'], email = request['email'], + login = request['username'], password = request['password'], public_key = request['public_key'], private_key = request['private_key'], user_hrn = request['user_hrn'], pi = request['pi'], email_hash = request['email_hash'], + reasons = request['reasons'], status = 'False', ) b.save() + # sends email to user to activate the email theme.template_name = 'activate_user.html' html_content = render_to_string(theme.template, request) @@@ -1066,7 -877,7 +1066,7 @@@ msg.send() # saves the user to django auth_user table [needed for password reset] - user = User.objects.create_user(request['email'], request['email'], request['password']) + user = User.objects.create_user(request['username'], request['email'], request['password']) # Creating a manifold user user_id = manifold_add_user(wsgi_request, request) @@@ -1092,6 -903,7 +1092,6 @@@ .filter_by('platform', '==', 'myslice') \ .select('platform_id') reg_platform = execute_admin_query(wsgi_request, reg_platform_query) - reg_platform_id = reg_platform[0]['platform_id'] account_params = { 'platform_id' : reg_platform_id, # XXX ALERT !! @@@ -1101,32 -913,13 +1101,32 @@@ } manifold_add_account(wsgi_request, account_params) except Exception, e: - print "Failed creating manifold account on platform %s for user: %s" % ('myslice', request['email']) + print "Failed creating manifold account on platform %s for user: %s" % ('myslice', request['email']) + + # Add user to island using LS API ( By Bruno - UFG ) + ls_user_create = ls_create_user( wsgi_request, request, user_detail ) try: # Send an email: the recipients are the PI of the authority # If No PI is defined for this Authority, send to a default email (different for each theme) - recipients = authority_get_pi_emails(wsgi_request, request['authority_hrn']) - + + split_authority_hrn = request['authority_hrn'].split(".")[0] + + recipients = authority_get_pi_emails(wsgi_request, split_authority_hrn) + + pis = authority_get_pis(request, split_authority_hrn) + pi_emails = [] + for x in pis: + for e in x['pi_users']: + try: + u = e.split(".")[1] + y = User.objects.get(username = u) + if y.username.count("@") != 0: + if y.username.split("@")[1] == request['username'].split("@")[1]: + pi_emails += [y.email] + except: + print "fail" + theme.template_name = 'user_request_email.html' html_content = render_to_string(theme.template, request) @@@ -1141,11 -934,9 +1141,11 @@@ sender = render_to_string(theme.template, request) sender = sender.replace('\n', '') - msg = EmailMultiAlternatives(subject, text_content, sender, recipients) + msg = EmailMultiAlternatives(subject, text_content, sender, pi_emails) + msg.attach_alternative(html_content, "text/html") msg.send() + print pi_emails except Exception, e: print "Failed to send email, please check the mail templates and the SMTP configuration of your server" import traceback diff --combined portal/homeview.py index cf3fcbab,00b279d2..08f38183 --- a/portal/homeview.py +++ b/portal/homeview.py @@@ -1,7 -1,7 +1,7 @@@ # this somehow is not used anymore - should it not be ? from django.core.context_processors import csrf from django.http import HttpResponseRedirect -from django.contrib.auth import authenticate, login, logout +from django.contrib.auth import authenticate, login, logout, get_user_model from django.template import RequestContext from django.shortcuts import render_to_response from django.shortcuts import render @@@ -11,20 -11,7 +11,20 @@@ import jso from unfold.loginrequired import FreeAccessView from manifold.core.query import Query -from manifoldapi.manifoldapi import execute_query +#from manifoldapi.manifoldapi import execute_query +# LDAP query admin // If transfer this code to actions.py maybe don't need more execute_admin_query +from manifoldapi.manifoldapi import execute_query, execute_admin_query +# Edelberto - LDAP XXX +from portal.models import PendingUser +from django.contrib.auth.models import User #Pedro +from portal.actions import create_pending_user, create_user, create_user_in_ldap, clear_user_creds +from registrationview import RegistrationView +from random import randint +from hashlib import md5 +from django.contrib.sites.models import Site +import os.path, re +################## + from manifoldapi.manifoldresult import ManifoldResult from ui.topmenu import topmenu_items, the_user @@@ -32,10 -19,7 +32,10 @@@ from myslice.configengine import Config from myslice.theme import ThemeView -import activity.user +# Edelberto LDAP authentication XXX +import ldap + +#import activity.user class HomeView (FreeAccessView, ThemeView): template_name = 'home-view.html' @@@ -51,271 -35,86 +51,271 @@@ env['theme'] = self.theme env['section'] = "Dashboard" - username = request.POST.get('username') + username = request.POST.get('username').lower() password = request.POST.get('password') - - # pass request within the token, so manifold session key can be attached to the request session. - token = {'username': username, 'password': password, 'request': request} - - # our authenticate function returns either - # . a ManifoldResult - when something has gone wrong, like e.g. backend is unreachable - # . a django User in case of success - # . or None if the backend could be reached but the authentication failed - auth_result = authenticate(token=token) - # use one or two columns for the layout - not logged in users will see the login prompt - # high-level errors, like connection refused or the like - if isinstance (auth_result, ManifoldResult): - manifoldresult = auth_result - # let's use ManifoldResult.__repr__ - env['state']="%s"%manifoldresult - - return render_to_response(self.template,env, context_instance=RequestContext(request)) - # user was authenticated at the backend - elif auth_result is not None: - user=auth_result - if user.is_active: - print "LOGGING IN" - login(request, user) - - if request.user.is_authenticated(): - env['person'] = self.request.user - env['username'] = self.request.user - - # log user activity - activity.user.login(self.request) - - ## check user is pi or not - platform_details = {} - account_details = {} - acc_auth_cred = {} - acc_user_cred = {} - platform_query = Query().get('local:platform').select('platform_id','platform','gateway_type','disabled') - account_query = Query().get('local:account').select('user_id','platform_id','auth_type','config') - platform_details = execute_query(self.request, platform_query) - account_details = execute_query(self.request, account_query) - if platform_details is not None and platform_details != {}: - for platform_detail in platform_details: - for account_detail in account_details: - if platform_detail['platform_id'] == account_detail['platform_id']: - if 'config' in account_detail and account_detail['config'] is not '': - account_config = json.loads(account_detail['config']) - if 'myslice' in platform_detail['platform']: - acc_auth_cred = account_config.get('delegated_authority_credentials','N/A') - acc_user_cred = account_config.get('delegated_user_credential','N/A') - # assigning values - if acc_auth_cred=={} or acc_auth_cred=='N/A': - pi = "is_not_pi" - else: - pi = "is_pi" - - # check if the user has creds or not - if acc_user_cred == {} or acc_user_cred == 'N/A': - user_cred = 'no_creds' - else: - user_cred = 'has_creds' - - - env['pi'] = pi - env['user_cred'] = user_cred - else: - env['person'] = None - return render_to_response(self.template,env, context_instance=RequestContext(request)) - else: - # log user activity - activity.user.login(self.request, "notactive") - env['state'] = "Your account is not active, please contact the site admin." - env['layout_1_or_2']="layout-unfold2.html" - - return render_to_response(self.template,env, context_instance=RequestContext(request)) - # otherwise + + # LDAP form - If FIBRE, then get the possibilite to authenticate using usernameldap + #if self.theme == 'fibre': + #usernameldap = request.POST.get('usernameldap') + #token = {'usernameldap': usernameldap, 'username': username ,'password': password, 'request': request} + + ################################################## + ########## XXX Edelberto 010914 XXX + ################################################# + ## first you must open a connection to the server + try: + # Connect to NOC + l = ldap.initialize("ldap://10.128.0.50:389") + # Bind/authenticate with a root user to search all objects + l.simple_bind_s("cn=Manager,dc=br,dc=fibre","fibre2013") + + l.protocol_version = ldap.VERSION3 + except ldap.LDAPError, e: + print e + + ## Base directory + baseDN = "dc=fibre" + searchScope = ldap.SCOPE_SUBTREE + ## retrieve all attributes + retrieveAttributes = None + #retrieveAttributes = ['userEnable'] + searchFilter = "uid=" + username + print searchFilter + + in_ldap = 0 + + try: + if username != "admin": + ldap_result_id = l.search(baseDN, searchScope, searchFilter, retrieveAttributes) + result_set = [] + result_type, result_data = l.result(ldap_result_id, 0) + if (result_data == []): + print "User doesnt exist in LDAP" + in_ldap = 0 + else: + if result_type == ldap.RES_SEARCH_ENTRY: + result_set.append(result_data) + else: + result_set.append(result_data) + # TRUE or FALSE for userEnable attribute + userEnable = result_set[0][0][1]['userEnable'][0] + if userEnable == 'TRUE': + in_ldap = 1 + enabled = 1 + print "In LDAP and Enabled" + + dn = result_set[0][0][0] + try: + l.simple_bind_s(dn,password) + pwd = 1 + print "User password OK" + + except: + pwd = 0 + print "User password WRONG" + + if in_ldap and enabled and pwd: + ldap_mail = result_set[0][0][1]['mail'][0] + + user_exists = Query().get('local:user') \ + .select('status') \ + .filter_by('email', '==', username) + results = execute_admin_query(request, user_exists) + print "DEBUG: %s" % user_exists + if results: + print "DEBUG: user exists on MySlice DBs" + else: + print "DEBUG: user NOT exists on MySlice DBs" + + cn = result_set[0][0][1]['cn'][0] + sn = result_set[0][0][1]['sn'][0] + + fname=None + lname=None + + try: + fname = sn.split(' ')[0] + lname = sn.split(' ')[1] + except: + fname = sn + lname = "" + + #authority_hrn = 'fibre' + '.' + username.split('@')[1] + authority_hrn = 'fibre' + print authority_hrn + email = ldap_mail + print ldap_mail + username = username + print username + password = password + print password + # user_hrn = 'fibre' + '.' + username.split('@')[1] + '.' + username + user_hrn = 'fibre' + '.' + username + print user_hrn + + # Based on registrationview + + + # get the domain url + current_site = Site.objects.get_current() + current_site = current_site.domain + print current_site + + post_email = ldap_mail + salt = randint(1,100000) + email_hash = md5(str(salt)+post_email).hexdigest() + print email_hash + + user_request = { + 'first_name' : fname, + 'last_name' : lname, + 'organization' : authority_hrn, + 'authority_hrn' : authority_hrn, + 'email' : ldap_mail, + 'username' : username, + 'password' : password, + 'current_site' : current_site, + 'email_hash' : email_hash, + 'pi' : '', + 'user_hrn' : user_hrn, + 'reasons' : 'already exists in the LDAP', + 'type' : 'user', + 'validation_link': 'https://' + current_site + '/portal/email_activation/'+ email_hash + } + + # Validate input + errors = [] + UserModel = get_user_model() + if (re.search(r'^[\w+\s.@+-]+$', user_request['first_name']) == None): + errors.append('First name may contain only letters, numbers, spaces and @/./+/-/_ characters.') + if (re.search(r'^[\w+\s.@+-]+$', user_request['last_name']) == None): + errors.append('Last name may contain only letters, numbers, spaces and @/./+/-/_ characters.') + if (re.search(r'^[\w,]+$' , username) == None): + errors.append('Username may contain only letters,numbers and -/_ characters.') + # checking in django_db !! + if PendingUser.objects.filter(email__iexact = user_request['email']): + errors.append('Email is pending for validation. Please provide a new email address.') + if User.objects.filter(username__iexact = user_request['username']): + errors.append('This username is already in use, try another one') + # Does the user exist in Manifold? + user_query = Query().get('local:user').select('user_id','email') + user_details = execute_admin_query(request, user_query) + for user_detail in user_details: + if user_detail['email'] == user_request['email']: + errors.append('Email already registered in Manifold. Please provide a new email address.') + # Does the user exist in sfa? [query is very slow!!] + #user_query = Query().get('user').select('user_hrn','user_email') + # XXX Test based on the user_hrn is quick + #user_query = Query().get('user').select('user_hrn','user_email').filter_by('user_hrn','==',user_request['user_hrn']) + user_query = Query().get('user').select('user_hrn','user_email').filter_by('user_hrn','==',user_hrn) + user_details_sfa = execute_admin_query(request, user_query) + + #if 'generate' in wsgi_request.POST['question']: + user_request['auth_type'] = 'managed' + + # XXX Common code, dependency ? + from Crypto.PublicKey import RSA + private = RSA.generate(1024) + + # Example: private_key = '-----BEGIN RSA PRIVATE KEY-----\nMIIC...' + # Example: public_key = 'ssh-rsa AAAAB3...' + user_request['private_key'] = private.exportKey() + user_request['public_key'] = private.publickey().exportKey(format='OpenSSH') + + # XXX Verify if errors exist - After! + #if not errors: + create_user_in_ldap(request, user_request, user_detail) + #create_pending_user(request, user_request, user_detail) + + #create_user(request, user_request) + + env['state'] = "LDAP associated. Please, login again." + return render_to_response(self.template, env, context_instance=RequestContext(request)) + + + else: + env['state'] = "Access denied. Verify LDAP userEnable and password." + return render_to_response(self.template, env, context_instance=RequestContext(request)) + + else: + in_ldap = 1 + enabled = 0 + print "In LDAP but Disabled" + env['state'] = "Access denied. Verify LDAP userEnable." + return render_to_response(self.template, env, context_instance=RequestContext(request)) + + #print result_set + except ldap.LDAPError, e: + print e + + #else: + if in_ldap and enabled and pwd or username=="admin": + +################################################################################ +### XXX Edelberto LDAP auth end XXX +############################################################################### + # Follow original code + ## pass request within the token, so manifold session key can be attached to the request session. + token = {'username': username, 'password': password, 'request': request} + + # our authenticate function returns either + # . a ManifoldResult - when something has gone wrong, like e.g. backend is unreachable + # . a django User in case of success + # . or None if the backend could be reached but the authentication failed + auth_result = authenticate(token=token) + # use one or two columns for the layout - not logged in users will see the login prompt + # high-level errors, like connection refused or the like + if isinstance (auth_result, ManifoldResult): + manifoldresult = auth_result + # let's use ManifoldResult.__repr__ + env['state']="%s"%manifoldresult + + return render_to_response(self.template,env, context_instance=RequestContext(request)) + # user was authenticated at the backend + elif auth_result is not None: + user=auth_result + if user.is_active: + print "LOGGING IN" + login(request, user) + + if request.user.is_authenticated(): + env['person'] = self.request.user + env['username'] = self.request.user + + ## check user is pi or not + platform_query = Query().get('local:platform').select('platform_id','platform','gateway_type','disabled') + account_query = Query().get('local:account').select('user_id','platform_id','auth_type','config') + + # Edleberto + #cc_auth_cred = {} + + platform_details = execute_query(self.request, platform_query) + account_details = execute_query(self.request, account_query) + for platform_detail in platform_details: + for account_detail in account_details: + if platform_detail['platform_id'] == account_detail['platform_id']: + if 'config' in account_detail and account_detail['config'] is not '': + account_config = json.loads(account_detail['config']) + if 'myslice' in platform_detail['platform']: + acc_auth_cred = account_config.get('delegated_authority_credentials','N/A') + # assigning values + if acc_auth_cred=={} or acc_auth_cred=='N/A': + pi = "is_not_pi" + else: + pi = "is_pi" + env['pi'] = pi + else: + env['person'] = None + return render_to_response(self.template,env, context_instance=RequestContext(request)) + else: + env['state'] = "Your account is not active, please contact the site admin." + env['layout_1_or_2']="layout-unfold2.html" + + return render_to_response(self.template,env, context_instance=RequestContext(request)) + # otherwise else: # log user activity - activity.user.login(self.request, "error") + #activity.user.login(self.request, "error") env['state'] = "Your username and/or password were incorrect." return render_to_response(self.template, env, context_instance=RequestContext(request)) @@@ -335,15 -134,16 +335,16 @@@ # XXX Something like an invalid session seems to make the execute fail sometimes, and thus gives an error on the main page platform_details = execute_query(self.request, platform_query) account_details = execute_query(self.request, account_query) - for platform_detail in platform_details: - for account_detail in account_details: - if 'platform_id' in platform_detail: - if platform_detail['platform_id'] == account_detail['platform_id']: - if 'config' in account_detail and account_detail['config'] is not '': - account_config = json.loads(account_detail['config']) - if 'myslice' in platform_detail['platform']: - acc_auth_cred = account_config.get('delegated_authority_credentials','N/A') - acc_user_cred = account_config.get('delegated_user_credential','N/A') + if platform_details is not None and platform_details != {}: + for platform_detail in platform_details: + for account_detail in account_details: + if 'platform_id' in platform_detail: + if platform_detail['platform_id'] == account_detail['platform_id']: + if 'config' in account_detail and account_detail['config'] is not '': + account_config = json.loads(account_detail['config']) + if 'myslice' in platform_detail['platform']: + acc_auth_cred = account_config.get('delegated_authority_credentials','N/A') + acc_user_cred = account_config.get('delegated_user_credential','N/A') # assigning values if acc_auth_cred=={} or acc_auth_cred=='N/A': pi = "is_not_pi" diff --combined portal/templates/fibre/fibre_home-view.html index b04b911d,00000000..347be8c0 mode 100644,000000..100644 --- a/portal/templates/fibre/fibre_home-view.html +++ b/portal/templates/fibre/fibre_home-view.html @@@ -1,184 -1,0 +1,185 @@@ +{% extends "layout_base.html" %} +{% load portal_filters %} + +{% block content %} + +{% if username %} +
+
+ {%if 'is_pi' in pi %} +
+

+ EXPERIMENT +

+
+ +
+
+ +
+
+

Your slices + + + +

+
+
+
Loading Slices
+
+
+
+

MANAGEMENT

+
+ +
+
+ +
+
+
+

+ SUPPORT +

+
+ +
+
+ +
+
+ +
+

+ ACCOUNT +

+
+ +
+
+ +
+
+ {% if person.last_name %} + {{person.first_name}} {{person.last_name}}
+ {% endif %} + Email: {{person.email}} +
+
+
+ {%else%} +
+
+

+ EXPERIMENT +

+
+ +
+
+ +
+
+

Your slices + + +

+
+
+
Loading Slices
+
+
+
+

+ SUPPORT +

+
+ +
+
+ +
+
+ +
+

+ ACCOUNT +

+
+ +
+
+ +
+
+ {% if person.last_name %} + {{person.first_name}} {{person.last_name}}
+ {% endif %} + Email: {{person.email}} +
+
+
+ {%endif%} + +
+{% else %} +
+
+
+
+

+ FIBRE: Future Internet testbeds experimentation between Brazil and Europe +

+

+ Access variety of testbeds through your account +

+
+
+
+ {% include 'fibre__widget-login-fed-manager.html' %} - CAFe authentication ++ ++ CAFe Expresso authentication +
+
+
+
+
+{% endif %} + + + +{% endblock %} diff --combined portal/templates/fibre/fibre_slice-resource-view.html index 17e13830,17e13830..bc2a2ed2 --- a/portal/templates/fibre/fibre_slice-resource-view.html +++ b/portal/templates/fibre/fibre_slice-resource-view.html @@@ -54,6 -54,6 +54,7 @@@ $(document).ready(function() @@@ -91,8 -91,8 +92,12 @@@
{{map_resources}}
++
++

{{vms_list}}

++

{{vm_form}}

++

{{below_table}}

++
--

{{welcome}}

{{flowspaces}}

{{flowspaces_form}}

@@@ -101,12 -101,12 +106,11 @@@

{{resources}}

{{below_table}}

--
{{scheduler}}
-- ++