From: Yasin Date: Thu, 13 Feb 2014 15:21:45 +0000 (+0100) Subject: Merge branch 'master' of ssh://git.onelab.eu/git/myslice X-Git-Tag: myslice-1.1~336^2~1 X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=e2df3c64f7c2a819529b32a5da06d6ae5b17af7d;hp=a2bdf59bb10ab56ba5b48a98537fbfb51d206dd8;p=myslice.git Merge branch 'master' of ssh://git.onelab.eu/git/myslice --- diff --git a/auth/static/css/login.css b/auth/static/css/login.css index f31fe716..e69de29b 100644 --- a/auth/static/css/login.css +++ b/auth/static/css/login.css @@ -1,23 +0,0 @@ -p.login-status { - padding-top: 10px; - font-weight: bold; -} - -p.login { - font-style: italic; - margin-bottom: 0px; /* who says 10px ? */ -} -input.login { - width: auto; - margin: 5px; - padding: 3px 10px; -} -input.login[type="password"] { - border: solid 1px #444; - background-image: url( '../img/form_input_password.png' ); - background-repeat: repeat-x; - background-position: top; -} -input.login[type="submit"] { - margin-top: 20px; -} diff --git a/auth/templates/widget-login.html b/auth/templates/widget-login.html index 39a8bdc9..db7245cd 100644 --- a/auth/templates/widget-login.html +++ b/auth/templates/widget-login.html @@ -1,17 +1,26 @@ -{% insert_str prelude 'css/login.css' %} -

{{ state }}

-
-
- {% csrf_token %} - {% if next %} - - {% endif %} - -
- -
- -

- Can't access your account? -
+
+ {% if state %} + {{ state }} + {% endif %} +
+ {% csrf_token %} + {% if next %} + + {% endif %} +
+ + +
+
+ + +
+ + +
diff --git a/portal/actions.py b/portal/actions.py index 87e07d55..3ee568c5 100644 --- a/portal/actions.py +++ b/portal/actions.py @@ -37,7 +37,7 @@ def authority_get_pi_emails(request, authority_hrn): def sfa_add_user(request, user_params): if 'email' in user_params: - params['user_email'] = params['email'] + user_params['user_email'] = user_params['email'] query = Query.create('user').set(user_params).select('user_hrn') results = execute_query(request, query) if not results: @@ -47,7 +47,7 @@ def sfa_add_user(request, user_params): def sfa_update_user(request, user_hrn, user_params): # user_params: keys [public_key] if 'email' in user_params: - params['user_email'] = params['email'] + user_params['user_email'] = user_params['email'] query = Query.update('user').filter_by('user_hrn', '==', user_hrn).set(user_params).select('user_hrn') results = execute_query(request,query) return results @@ -212,7 +212,7 @@ def get_request_by_id(ids): return make_requests(pending_users, pending_slices, pending_authorities) -def get_request_by_authority(authority_hrns): +def get_requests(authority_hrns=None): print "get_request_by_authority auth_hrns = ", authority_hrns if not authority_hrns: pending_users = PendingUser.objects.all() @@ -224,7 +224,7 @@ def get_request_by_authority(authority_hrns): pending_authorities = PendingAuthority.objects.filter(authority_hrn__in=authority_hrns).all() return make_requests(pending_users, pending_slices, pending_authorities) - + # XXX Is it in sync with the form fields ? def portal_validate_request(wsgi_request, request_ids): @@ -252,7 +252,10 @@ def portal_validate_request(wsgi_request, request_ids): # XXX tmp sfa dependency from sfa.util.xrn import Xrn urn = Xrn(hrn, request['type']).get_urn() - + if 'pi' in request: + auth_pi = request['pi'] + else: + auth_pi = '' sfa_user_params = { 'hrn' : hrn, 'urn' : urn, @@ -263,30 +266,58 @@ def portal_validate_request(wsgi_request, request_ids): 'email' : request['email'], #'slices' : None, #'researcher': None, - 'pi' : request['pi'], + 'pi' : [auth_pi], 'enabled' : True } # ignored in request: id, timestamp, password + + # ADD USER TO SFA Registry + sfa_add_user(wsgi_request, sfa_user_params) - # UPDATE user status = 2 = validated - user_query = Query().get('local:user').select('config','email','status').filter_by('email', '==', request['email']) + # USER INFO + user_query = Query().get('local:user').select('user_id','config','email','status').filter_by('email', '==', request['email']) user_details = execute_admin_query(request, user_query) - print user_details[0] + #print user_details[0] + + # UPDATE USER STATUS = 2 manifold_user_params = { 'status': 2 } manifold_update_user(request, request['email'], manifold_user_params) - - sfa_add_user(wsgi_request, sfa_user_params) - # XXX Remove from database + # USER MAIN ACCOUNT != reference + #print 'USER MAIN ACCOUNT != reference' + list_accounts_query = Query().get('local:account').select('user_id','platform_id','auth_type','config')\ + .filter_by('user_id','==',user_details[0]['user_id'])\ + .filter_by('auth_type','!=','reference') + list_accounts = execute_admin_query(request, list_accounts_query) + #print "List accounts = ",list_accounts + for account in list_accounts: + main_platform_query = Query().get('local:platform').select('platform_id','platform').filter_by('platform_id','==',account['platform_id']) + main_platform = execute_admin_query(request, main_platform_query) + + # ADD REFERENCE ACCOUNTS ON SFA ENABLED PLATFORMS + #print 'ADD REFERENCE ACCOUNTS ON SFA ENABLED PLATFORMS' + platforms_query = Query().get('local:platform').filter_by('disabled', '==', '0').filter_by('gateway_type','==','sfa').select('platform_id','gateway_type') + platforms = execute_admin_query(request, platforms_query) + #print "platforms SFA ENABLED = ",platforms + for platform in platforms: + #print "add reference to platform ",platform + manifold_account_params = { + 'user_id': user_details[0]['user_id'], + 'platform_id': platform['platform_id'], + 'auth_type': 'reference', + 'config': '{"reference_platform": "' + main_platform[0]['platform'] + '"}', + } + manifold_add_account(request, manifold_account_params) + request_status['SFA user'] = {'status': True } except Exception, e: - request_status['SFA user'] = {'status': False, 'description': str(e)} - - user_params = {'status':2} - manifold_update_user(request, request['email'], user_params) + request_status['SFA user'] = {'status': False, 'description': str(e)} + +# user_params = {'status':2} +# manifold_update_user(request, request['email'], user_params) # MANIFOLD user should be added beforehand, during registration #try: diff --git a/portal/homeview.py b/portal/homeview.py index c71481ad..efdf71e1 100644 --- a/portal/homeview.py +++ b/portal/homeview.py @@ -63,7 +63,7 @@ class HomeView (FreeAccessView): env['username']=the_user(request) env['topmenu_items'] = topmenu_items(None, request) if state: env['state'] = state - elif not env['username']: env['state'] = "Please sign in" + elif not env['username']: env['state'] = None # use one or two columns for the layout - not logged in users will see the login prompt env['layout_1_or_2']="layout-unfold2.html" if not env['username'] else "layout-unfold1.html" return render_to_response('home-view.html',env, context_instance=RequestContext(request)) diff --git a/portal/static/css/onelab_marko.css b/portal/static/css/onelab_marko.css index 1436169f..befd4c92 100644 --- a/portal/static/css/onelab_marko.css +++ b/portal/static/css/onelab_marko.css @@ -57,9 +57,7 @@ div.well-lg { div.onelab-title { background-color: rgba(168, 32, 202, 0.5) ; } -div.well { - background-color: rgba(0, 0, 0, 0.5) ; -} + h2.well.well-lg { border-radius:0; border: 0; @@ -189,28 +187,6 @@ ul.pagination li.active a { border: 1px solid #572bc9; } -.btn.btn-default { - background: #572bc9; - color: #ccc; - font-family: Ubuntu, Arial, sans-serif; - font-weight: bold; - border: 0px; -} - -.btn.btn-default:hover { - /* background: #4af25d; */ - background: #ff7394; - color: #333; - font-family: Ubuntu, Arial, sans-serif; - font-weight: bold; - border: 0px; -} - -input { - border-radius: 3px; - border: none; - border: 1px solid #ccc; -} div.dataTables_length label, @@ -384,6 +360,13 @@ div#secondary li { list-style:none; margin-right:30px; } +div#secondary li a { + color:black; +} +div#secondary li a:hover { + color:#270A5A; + text-decoration:none; +} div#secondary li:last-child { margin-right:0; } @@ -439,6 +422,45 @@ div#home-dashboard table { div#home-dashboard table td { text-align:center; padding:15px 0; + width:33%; +} +div#home-dashboard table tr:first-child td { + font-size:12pt; + font-weight:bold; + color:#270A5A; +} +div#home-dashboard table tr:last-child td { + text-align:left; +} +div#home-dashboard table td.support { + font-size:14pt; + vertical-align:top; + padding-left:11%; +} +div#home-dashboard table td.support a { +} +div#home-dashboard table td.support a:hover { + text-decoration:none; +} + + +.login-submit { + vertical-align:middle; + padding:0; +} +.lost-password { + font-size:10pt; + color:#CCCCCC; + text-align:right; + padding:0px; +} +.lost-password a { +} +.login-signup { + border-top:1px solid #CCCCCC; + text-align:center; + margin-top:15px; + padding:5px 0 0 0; } /**/ @@ -457,4 +479,16 @@ div#home-dashboard table td { .nav.nav-tabs li a:hover { } -/**/ \ No newline at end of file +/**/ +/* WELL */ +div.well { +} +/**/ +/* BUTTON */ +.btn.btn-default { + font-weight: bold; +} + +.btn.btn-default:hover { + font-weight: bold; +} \ No newline at end of file diff --git a/portal/templates/home-view.html b/portal/templates/home-view.html index ec1f54b6..cfd63a8a 100644 --- a/portal/templates/home-view.html +++ b/portal/templates/home-view.html @@ -1,14 +1,8 @@ -{# fine for either layout-unfold1.html (logged in) or layout-unfold2.html (needs a login prompt) #} -{% extends layout_1_or_2 %} - -{% block unfold_margin %} -{% include 'widget-login.html' %} -{% endblock unfold_margin %} +{% extends "layout-unfold1.html" %} {% block unfold_main %} - -
+
- {% endblock unfold_main %} diff --git a/portal/templates/validate_pending.html b/portal/templates/validate_pending.html index c9b971fe..cef58ea9 100644 --- a/portal/templates/validate_pending.html +++ b/portal/templates/validate_pending.html @@ -57,7 +57,7 @@ {% for authority, requests in my_authorities.items %}

{{authority}}

- +
diff --git a/portal/validationview.py b/portal/validationview.py index b3d2a370..23909b47 100644 --- a/portal/validationview.py +++ b/portal/validationview.py @@ -40,7 +40,7 @@ from plugins.raw import Raw #from portal.util import RegistrationView, ActivationView from portal.models import PendingUser, PendingSlice -from portal.actions import get_request_by_authority +from portal.actions import get_requests from manifold.manifoldapi import execute_query from manifold.core.query import Query from unfold.page import Page @@ -142,9 +142,9 @@ class ValidatePendingView(FreeAccessView): print 'credential_authorities =', credential_authorities print 'credential_authorities_expired =', credential_authorities_expired - # Using cache manifold-tables to get the list of authorities faster - all_authorities_query = Query.get('authority').select('name', 'authority_hrn') - all_authorities = execute_query(self.request, all_authorities_query) +# # Using cache manifold-tables to get the list of authorities faster +# all_authorities_query = Query.get('authority').select('name', 'authority_hrn') +# all_authorities = execute_query(self.request, all_authorities_query) # ** Where am I a PI ** # For this we need to ask SFA (of all authorities) = PI function @@ -154,17 +154,14 @@ class ValidatePendingView(FreeAccessView): for pa in pi_authorities_tmp: pi_authorities |= set(pa['pi_authorities']) - #print "all_auths = " - #print all_authorities - - # include all sub-authorities of the PI - # if PI on ple, include all sub-auths ple.upmc, ple.inria and so on... - pi_subauthorities = set() - for authority in all_authorities: - authority_hrn = authority['authority_hrn'] - for my_authority in pi_authorities: - if authority_hrn.startswith(my_authority) and authority_hrn not in pi_subauthorities: - pi_subauthorities.add(authority_hrn) +# # include all sub-authorities of the PI +# # if PI on ple, include all sub-auths ple.upmc, ple.inria and so on... +# pi_subauthorities = set() +# for authority in all_authorities: +# authority_hrn = authority['authority_hrn'] +# for my_authority in pi_authorities: +# if authority_hrn.startswith(my_authority) and authority_hrn not in pi_subauthorities: +# pi_subauthorities.add(authority_hrn) #print "pi_authorities =", pi_authorities #print "pi_subauthorities =", pi_subauthorities @@ -193,44 +190,58 @@ class ValidatePendingView(FreeAccessView): #print "pi_subauthorities = ", pi_subauthorities # Summary all - queried_pending_authorities = pi_my_authorities | pi_delegation_authorities | pi_subauthorities + queried_pending_authorities = pi_my_authorities | pi_delegation_authorities #| pi_subauthorities #print "----" #print "queried_pending_authorities = ", queried_pending_authorities - requests = get_request_by_authority(queried_pending_authorities) +# iterate on the requests and check if the authority matches a prefix startswith an authority on which the user is PI + requests = get_requests() +# requests = get_requests(queried_pending_authorities) for request in requests: auth_hrn = request['authority_hrn'] - #print "authority for this request", auth_hrn - - if auth_hrn in pi_my_authorities: - dest = ctx_my_authorities - - # define the css class - if auth_hrn in pi_credential_authorities: - request['allowed'] = 'allowed' - elif auth_hrn in pi_expired_credential_authorities: - request['allowed'] = 'expired' - else: # pi_no_credential_authorities - request['allowed'] = 'denied' - - elif auth_hrn in pi_delegation_authorities: - dest = ctx_delegation_authorities - - if auth_hrn in pi_delegation_credential_authorities: + for my_auth in pi_my_authorities: + if auth_hrn.startswith(my_auth): + dest = ctx_my_authorities request['allowed'] = 'allowed' - else: # pi_delegation_expired_authorities - request['allowed'] = 'expired' - - elif auth_hrn in pi_subauthorities: - dest = ctx_sub_authorities - - if auth_hrn in pi_subauthorities: + for my_auth in pi_delegation_authorities: + if auth_hrn.startswith(my_auth): + dest = ctx_delegation_authorities request['allowed'] = 'allowed' - else: # pi_delegation_expired_authorities - request['allowed'] = 'denied' - - else: - continue + if auth_hrn in pi_expired_credential_authorities: + request['allowed'] = 'expired' + if 'allowed' not in request: + request['allowed'] = 'denied' + #print "authority for this request", auth_hrn + +# if auth_hrn in pi_my_authorities: +# dest = ctx_my_authorities +# +# # define the css class +# if auth_hrn in pi_credential_authorities: +# request['allowed'] = 'allowed' +# elif auth_hrn in pi_expired_credential_authorities: +# request['allowed'] = 'expired' +# else: # pi_no_credential_authorities +# request['allowed'] = 'denied' +# +# elif auth_hrn in pi_delegation_authorities: +# dest = ctx_delegation_authorities +# +# if auth_hrn in pi_delegation_credential_authorities: +# request['allowed'] = 'allowed' +# else: # pi_delegation_expired_authorities +# request['allowed'] = 'expired' +# +# elif auth_hrn in pi_subauthorities: +# dest = ctx_sub_authorities +# +# if auth_hrn in pi_subauthorities: +# request['allowed'] = 'allowed' +# else: # pi_delegation_expired_authorities +# request['allowed'] = 'denied' +# +# else: +# continue if not auth_hrn in dest: dest[auth_hrn] = [] diff --git a/portal/views.py b/portal/views.py index 9596b177..f86cb4c2 100644 --- a/portal/views.py +++ b/portal/views.py @@ -40,7 +40,7 @@ from plugins.raw import Raw #from portal.util import RegistrationView, ActivationView from portal.models import PendingUser, PendingSlice -from portal.actions import get_request_by_authority +from portal.actions import get_requests from manifold.manifoldapi import execute_query from manifold.core.query import Query from unfold.page import Page
type id