portal/registrationview.py

   1 import os.path, re
   2 import json
   3 from random import randint
   4
   5 from django.core.mail           import send_mail
   6 from django.contrib.auth.models import User
   7 from django.views.generic       import View
   8 from django.template.loader     import render_to_string
   9 from django.shortcuts           import render
  10 from django.contrib.auth        import get_user_model
  11
  12 from unfold.page                import Page
  13 from unfold.loginrequired       import FreeAccessView
  14 from ui.topmenu                 import topmenu_items_live
  15
  16 from manifoldapi.manifoldapi    import execute_admin_query
  17 from manifold.core.query        import Query
  18
  19 from portal.models              import PendingUser
  20 from portal.actions             import authority_get_pi_emails, manifold_add_user,manifold_add_account
  21
  22 from theme import ThemeView
  23
  24 # since we inherit from FreeAccessView we cannot redefine 'dispatch'
  25 # so let's override 'get' and 'post' instead
  26 #
  27 class RegistrationView (FreeAccessView, ThemeView):
  28     template_name = 'registration_view.html'
  29
  30     def post (self, request):
  31         return self.get_or_post (request, 'POST')
  32
  33     def get (self, request):
  34         return self.get_or_post (request, 'GET')
  35
  36     def get_or_post(self, wsgi_request, method):
  37         """
  38         """
  39         errors = []
  40
  41         authorities_query = Query.get('authority').select('name', 'authority_hrn')
  42         authorities = execute_admin_query(wsgi_request, authorities_query)
  43         if authorities is not None:
  44             authorities = sorted(authorities)
  45
  46         # xxx tocheck - if authorities is empty, it's no use anyway
  47         # (users won't be able to validate the form anyway)
  48
  49         # Who am I ?
  50         user_query  = Query().get('local:user').select('user_id','email')
  51         user_details = execute_admin_query(wsgi_request, user_query)
  52
  53         # Page rendering
  54         page = Page(wsgi_request)
  55         page.add_js_files  ( [ "js/jquery.validate.js", "js/my_account.register.js" ] )
  56         page.add_css_files ( [ "css/onelab.css", "css/registration.css" ] )
  57         page.add_css_files ( [ "http://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.css" ] )
  58
  59         if method == 'POST':
  60             # The form has been submitted
  61
  62             user_request = {
  63                 'first_name'    : wsgi_request.POST.get('firstname',     ''),
  64                 'last_name'     : wsgi_request.POST.get('lastname',      ''),
  65                 'authority_hrn' : wsgi_request.POST.get('authority_hrn', ''),
  66                 'email'         : wsgi_request.POST.get('email',         '').lower(),
  67                 'password'      : wsgi_request.POST.get('password',      ''),
  68             }
  69
  70             # Construct user_hrn from email (XXX Should use common code)
  71             split_email = reg_email.split("@")[0]
  72             split_email = split_email.replace(".", "_")
  73             user_request['user_hrn'] = user_request['authority_hrn'] \
  74                      + '.' + split_email + str(randint(1,1000000))
  75
  76             # Validate input
  77             UserModel = get_user_model()
  78             if (re.search(r'^[\w+\s.@+-]+$', user_request['first_name']) == None):
  79                 errors.append('First Name may contain only letters, numbers, spaces and @/./+/-/_ characters.')
  80             if (re.search(r'^[\w+\s.@+-]+$', user_request['last_name']) == None):
  81                 errors.append('Last Name may contain only letters, numbers, spaces and @/./+/-/_ characters.')
  82             # checking in django_db !!
  83             if PendingUser.objects.filter(email__iexact = user_request['email']):
  84                 errors.append('Email is pending for validation. Please provide a new email address.')
  85             if UserModel._default_manager.filter(email__iexact = user_request['email']):
  86                 errors.append('This email is not usable. Please contact the administrator or try with another email.')
  87             for user_detail in user_details:
  88                 if user_detail['email'] == user_request['email']:
  89                     errors.append('Email already registered in Manifold. Please provide a new email address.')
  90
  91             # XXX TODO: Factorize with portal/accountview.py
  92             if 'generate' in wsgi_request.POST['question']:
  93                 user_request['auth_type'] = 'managed'
  94
  95                 # XXX Common code, dependency ?
  96                 from Crypto.PublicKey import RSA
  97                 private = RSA.generate(1024)
  98
  99                 # Example: private_key = '-----BEGIN RSA PRIVATE KEY-----\nMIIC...'
 100                 # Example: public_key = 'ssh-rsa AAAAB3...'
 101                 user_request['private_key'] = private.exportKey()
 102                 user_request['public_key']  = private.public_key().exportKey(format='OpenSSH')
 103
 104             else:
 105                 user_request['auth_type'] = 'user'
 106
 107                 up_file        = wsgi_request.FILES['user_public_key']
 108
 109                 file_content   = up_file.read().strip()
 110                 file_name      = up_file.name
 111                 file_extension = os.path.splitext(file_name)[1]
 112
 113                 ALLOWED_EXTENSIONS =  ['.pub','.txt']
 114                 if file_extension not in ALLOWED_EXTENSIONS or not re.search(r'ssh-rsa',file_content):
 115                     errors.append('Please upload a valid RSA public key.')
 116
 117                 user_request['private_key'] = None
 118                 user_request['public_key']  = file_content
 119
 120             if not errors:
 121                 create_pending_user(wsgi_request, user_request, user_detail)
 122                 self.template_name = 'user_register_complete.html'
 123                 return render(wsgi_request, self.template, {'theme': self.theme})
 124
 125
 126         # Backlashed \n => \\n but no surrounding " "
 127         public_key_formatted = request['public_key'].replace('"', '');
 128
 129         template_env = {
 130           'topmenu_items': topmenu_items_live('Register', page),
 131           'errors': errors,
 132           'authorities': authorities,
 133           'theme': self.theme
 134           }
 135         template_env.update(user_request)
 136         template_env.update(page.prelude_env ())
 137         return render(wsgi_request, self.template,template_env)