git://git.onelab.eu / myslice.git / blob
? search:


e0a1ddf3ee3503e47f590271b0fd0ad8fa016945
[myslice.git] / portal / registrationview.py
1 import os.path, re
2 import json
3 from random     import randint
4 from hashlib    import md5
5
6 from django.views.generic       import View
7 from django.template.loader     import render_to_string
8 from django.shortcuts           import render
9 from django.contrib.auth        import get_user_model
10 from django.contrib.sites.models import Site
11
12 from unfold.page                import Page
13 from unfold.loginrequired       import FreeAccessView
14 from ui.topmenu                 import topmenu_items_live
15
16 from manifoldapi.manifoldapi    import execute_admin_query
17 from manifold.core.query        import Query
18
19 from portal.models              import PendingUser
20 from portal.actions             import create_pending_user
21
22 from myslice.theme import ThemeView
23
24 # since we inherit from FreeAccessView we cannot redefine 'dispatch'
25 # so let's override 'get' and 'post' instead
26 #
27 class RegistrationView (FreeAccessView, ThemeView):
28     template_name = 'registration_view.html'
29     
30     def post (self, request):
31         return self.get_or_post (request, 'POST')
32
33     def get (self, request):
34         return self.get_or_post (request, 'GET')
35
36     def get_or_post(self, wsgi_request, method):
37         """
38         """
39         errors = []
40         authority_hrn = None
41         authorities_query = Query.get('authority').select('name', 'authority_hrn')
42         authorities = execute_admin_query(wsgi_request, authorities_query)
43         if authorities is not None:
44             authorities = sorted(authorities)
45         
46         # Page rendering
47         page = Page(wsgi_request)
48         page.add_js_files  ( [ "js/jquery.validate.js", "js/my_account.register.js", "js/jquery.qtip.min.js","js/jquery-ui.js" ] )
49         page.add_css_files ( [ "css/onelab.css", "css/registration.css", "css/jquery.qtip.min.css" ] )
50         page.add_css_files ( [ "https://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.css" ] )
51
52         if method == 'POST':
53             reg_form = {}
54             # The form has been submitted
55             
56             # get the domain url
57             current_site = Site.objects.get_current()
58             current_site = current_site.domain
59
60             for authority in authorities:
61                 if authority['name'] == wsgi_request.POST.get('org_name', ''):
62                     authority_hrn = authority['authority_hrn']     
63
64             # Handle the case when the template uses only hrn and not name
65             if authority_hrn is None:
66                 authority_hrn = wsgi_request.POST.get('org_name', '')
67
68             post_email = wsgi_request.POST.get('email','').lower()
69             salt = randint(1,100000)
70             email_hash = md5(str(salt)+post_email).hexdigest()
71             #email_hash = md5(post_email).digest().encode('base64')[:-1]
72             user_request = {
73                 'first_name'    : wsgi_request.POST.get('firstname',     ''),
74                 'last_name'     : wsgi_request.POST.get('lastname',      ''),
75                 'organization'  : wsgi_request.POST.get('org_name', ''),
76                 'authority_hrn' : authority_hrn, 
77                 'email'         : post_email,
78                 'password'      : wsgi_request.POST.get('password',      ''),
79                 'current_site'  : current_site,
80                 'email_hash'    : email_hash,
81                 'pi'            : '',
82                 'validation_link': 'http://' + current_site + '/portal/email_activation/'+ email_hash
83             }
84
85             # Construct user_hrn from email (XXX Should use common code)
86             split_email = user_request['email'].split("@")[0] 
87             split_email = split_email.replace(".", "_")
88             # Replace + by _ => more convenient for testing and validate with a real email
89             split_email = split_email.replace("+", "_")
90             user_request['user_hrn'] = user_request['authority_hrn'] \
91                      + '.' + split_email
92             
93             # Validate input
94             UserModel = get_user_model()
95             if (re.search(r'^[\w+\s.@+-]+$', user_request['first_name']) == None):
96                 errors.append('First name may contain only letters, numbers, spaces and @/./+/-/_ characters.')
97             if (re.search(r'^[\w+\s.@+-]+$', user_request['last_name']) == None):
98                 errors.append('Last name may contain only letters, numbers, spaces and @/./+/-/_ characters.')
99             # checking in django_db !!
100             if PendingUser.objects.filter(email__iexact = user_request['email']):
101                 errors.append('Email is pending for validation. Please provide a new email address.')
102             if UserModel._default_manager.filter(email__iexact = user_request['email']): 
103                 errors.append('This email is not usable. Please contact the administrator or try with another email.')
104             # Does the user exist in Manifold?
105             user_query  = Query().get('local:user').select('user_id','email')
106             user_details = execute_admin_query(wsgi_request, user_query)
107             for user_detail in user_details:
108                 if user_detail['email'] == user_request['email']:
109                     errors.append('Email already registered in Manifold. Please provide a new email address.')
110             # Does the user exist in sfa? [query is very slow!!]
111             #user_query  = Query().get('user').select('user_hrn','user_email')
112             # XXX Test based on the user_hrn is quick
113             user_query  = Query().get('user').select('user_hrn','user_email').filter_by('user_hrn','==',user_request['user_hrn'])
114             user_details_sfa = execute_admin_query(wsgi_request, user_query)
115
116             for user in user_details_sfa:
117                 if user['user_email'] == user_request['email']:
118                     errors.append('Email already registered in SFA registry. Please use another email.')
119                 if user['user_hrn'] == user_request['user_hrn']:
120                     # add random number if user_hrn already exists in the registry
121                     user_request['user_hrn'] = user_request['authority_hrn'] \
122                             + '.' + split_email + str(randint(1,1000000))
123                 
124             # XXX TODO: Factorize with portal/accountview.py
125             # XXX TODO: Factorize with portal/registrationview.py
126             # XXX TODO: Factorize with portal/joinview.py
127             if 'generate' in wsgi_request.POST['question']:
128                 user_request['auth_type'] = 'managed'
129
130                 # XXX Common code, dependency ?
131                 from Crypto.PublicKey import RSA
132                 private = RSA.generate(1024)
133
134                 # Example: private_key = '-----BEGIN RSA PRIVATE KEY-----\nMIIC...'
135                 # Example: public_key = 'ssh-rsa AAAAB3...'
136                 user_request['private_key'] = private.exportKey()
137                 user_request['public_key']  = private.publickey().exportKey(format='OpenSSH')
138
139             else: 
140                 user_request['auth_type'] = 'user'
141
142                 up_file        = wsgi_request.FILES['user_public_key']
143
144                 file_content   = up_file.read().strip()
145                 file_name      = up_file.name
146                 file_extension = os.path.splitext(file_name)[1]
147
148                 ALLOWED_EXTENSIONS =  ['.pub','.txt']
149                 if file_extension not in ALLOWED_EXTENSIONS or not re.search(r'ssh-rsa',file_content):
150                     errors.append('Please upload a valid RSA public key.')
151                 # user_request['private_key'] can't be Null because all db fields are set as NOT NULL
152                 user_request['private_key'] = ""
153                 user_request['public_key']  = file_content
154                 
155             if not errors:
156                 create_pending_user(wsgi_request, user_request, user_detail)
157                 self.template_name = 'user_register_complete.html'
158                 return render(wsgi_request, self.template, {'theme': self.theme}) 
159
160         else:
161             user_request = {}
162             ## this is coming from onelab website onelab.eu
163             reg_form = {
164                 'first_name':  wsgi_request.GET.get('first_name', ''),
165                 'last_name': wsgi_request.GET.get('last_name', ''),
166                 'email': wsgi_request.GET.get('email', ''),
167                 }
168
169         template_env = {
170           'topmenu_items': topmenu_items_live('Register', page),
171           'errors': errors,
172           'authorities': authorities,
173           'theme': self.theme
174           }
175         template_env.update(user_request)
176         template_env.update(reg_form)
177         template_env.update(page.prelude_env ())
178         return render(wsgi_request, self.template,template_env)
myslice (django)