portal/registrationview.py

   1 import os.path, re
   2 import json
   3 from random     import randint
   4 from hashlib    import md5
   5
   6 from django.views.generic       import View
   7 from django.template.loader     import render_to_string
   8 from django.shortcuts           import render
   9 from django.contrib.auth        import get_user_model
  10 from django.contrib.sites.models import Site
  11
  12 from unfold.page                import Page
  13 from unfold.loginrequired       import FreeAccessView
  14 from ui.topmenu                 import topmenu_items_live
  15
  16 from manifoldapi.manifoldapi    import execute_admin_query
  17 from manifold.core.query        import Query
  18
  19 from portal.models              import PendingUser
  20 #from portal.actions             import create_pending_user
  21 # Edelberto - LDAP
  22 from portal.actions             import create_pending_user, ldap_create_user
  23
  24 from myslice.theme import ThemeView
  25
  26 # since we inherit from FreeAccessView we cannot redefine 'dispatch'
  27 # so let's override 'get' and 'post' instead
  28 #
  29 class RegistrationView (FreeAccessView, ThemeView):
  30     template_name = 'registration_view.html'
  31
  32     def post (self, request):
  33         return self.get_or_post (request, 'POST')
  34
  35     def get (self, request):
  36         return self.get_or_post (request, 'GET')
  37
  38     def get_or_post(self, wsgi_request, method):
  39         """
  40         """
  41         errors = []
  42
  43         authorities_query = Query.get('authority').select('name','authority_hrn')
  44         authorities = execute_admin_query(wsgi_request, authorities_query)
  45         if authorities is not None:
  46             authorities = sorted(authorities)
  47
  48         # Page rendering
  49         page = Page(wsgi_request)
  50         page.add_js_files  ( [ "js/jquery.validate.js", "js/my_account.register.js", "js/jquery.qtip.min.js","js/jquery-ui.js" ] )
  51         page.add_css_files ( [ "css/onelab.css", "css/registration.css", "css/jquery.qtip.min.css" ] )
  52         page.add_css_files ( [ "https://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.css" ] )
  53
  54         if method == 'POST':
  55             reg_form = {}
  56             # The form has been submitted
  57
  58             # get the domain url
  59             current_site = Site.objects.get_current()
  60             current_site = current_site.domain
  61
  62             #authorities_query = Query.get('authority').select('name', 'authority_hrn')
  63             #authorities = execute_admin_query(wsgi_request, authorities_query)
  64
  65             for authority in authorities:
  66                 if authority['name'] == wsgi_request.POST.get('org_name', ''):
  67                     authority_hrn = authority['authority_hrn']
  68
  69             # Handle the case when the template uses only hrn and not name
  70             if not authority_hrn:
  71                 authority_hrn = wsgi_request.POST.get('org_name', '')
  72
  73             post_email = wsgi_request.POST.get('email','').lower()
  74             salt = randint(1,100000)
  75             email_hash = md5(str(salt)+post_email).hexdigest()
  76             #email_hash = md5(post_email).digest().encode('base64')[:-1]
  77             user_request = {
  78                 'first_name'    : wsgi_request.POST.get('firstname',     ''),
  79                 'last_name'     : wsgi_request.POST.get('lastname',      ''),
  80                 'organization'  : wsgi_request.POST.get('org_name', ''),
  81                 'authority_hrn' : authority_hrn,
  82                 'email'         : post_email,
  83                 'password'      : wsgi_request.POST.get('password',      ''),
  84                 'current_site'  : current_site,
  85                 'email_hash'    : email_hash,
  86                 'pi'            : '',
  87                 'validation_link': 'http://' + current_site + '/portal/email_activation/'+ email_hash
  88             }
  89
  90             # Construct user_hrn from email (XXX Should use common code)
  91             split_email = user_request['email'].split("@")[0]
  92             split_email = split_email.replace(".", "_")
  93             user_request['user_hrn'] = user_request['authority_hrn'] \
  94                      + '.' + split_email
  95
  96             # Validate input
  97             UserModel = get_user_model()
  98             if (re.search(r'^[\w+\s.@+-]+$', user_request['first_name']) == None):
  99                 errors.append('First name may contain only letters, numbers, spaces and @/./+/-/_ characters.')
 100             if (re.search(r'^[\w+\s.@+-]+$', user_request['last_name']) == None):
 101                 errors.append('Last name may contain only letters, numbers, spaces and @/./+/-/_ characters.')
 102             # checking in django_db !!
 103             if PendingUser.objects.filter(email__iexact = user_request['email']):
 104                 errors.append('Email is pending for validation. Please provide a new email address.')
 105             if UserModel._default_manager.filter(email__iexact = user_request['email']):
 106                 errors.append('This email is not usable. Please contact the administrator or try with another email.')
 107             # Does the user exist in Manifold?
 108             user_query  = Query().get('local:user').select('user_id','email')
 109             user_details = execute_admin_query(wsgi_request, user_query)
 110             for user_detail in user_details:
 111                 if user_detail['email'] == user_request['email']:
 112                     errors.append('Email already registered in Manifold. Please provide a new email address.')
 113             # Does the user exist in sfa? [query is very slow!!]
 114             #user_query  = Query().get('user').select('user_hrn','user_email')
 115             # XXX Test based on the user_hrn is quick
 116             user_query  = Query().get('user').select('user_hrn','user_email').filter_by('user_hrn','==',user_request['user_hrn'])
 117             user_details_sfa = execute_admin_query(wsgi_request, user_query)
 118
 119             for user in user_details_sfa:
 120                 if user['user_email'] == user_request['email']:
 121                     errors.append('Email already registered in SFA registry. Please use another email.')
 122                 if user['user_hrn'] == user_request['user_hrn']:
 123                     # add random number if user_hrn already exists in the registry
 124                     user_request['user_hrn'] = user_request['authority_hrn'] \
 125                             + '.' + split_email + str(randint(1,1000000))
 126
 127             # XXX TODO: Factorize with portal/accountview.py
 128             if 'generate' in wsgi_request.POST['question']:
 129                 user_request['auth_type'] = 'managed'
 130
 131                 # XXX Common code, dependency ?
 132                 from Crypto.PublicKey import RSA
 133                 private = RSA.generate(1024)
 134
 135                 # Example: private_key = '-----BEGIN RSA PRIVATE KEY-----\nMIIC...'
 136                 # Example: public_key = 'ssh-rsa AAAAB3...'
 137                 user_request['private_key'] = private.exportKey()
 138                 user_request['public_key']  = private.publickey().exportKey(format='OpenSSH')
 139
 140             else:
 141                 user_request['auth_type'] = 'user'
 142
 143                 up_file        = wsgi_request.FILES['user_public_key']
 144
 145                 file_content   = up_file.read().strip()
 146                 file_name      = up_file.name
 147                 file_extension = os.path.splitext(file_name)[1]
 148
 149                 ALLOWED_EXTENSIONS =  ['.pub','.txt']
 150                 if file_extension not in ALLOWED_EXTENSIONS or not re.search(r'ssh-rsa',file_content):
 151                     errors.append('Please upload a valid RSA public key.')
 152                 # user_request['private_key'] can't be Null because all db fields are set as NOT NULL
 153                 user_request['private_key'] = ""
 154                 user_request['public_key']  = file_content
 155
 156             if not errors:
 157                 '''
 158                 try:
 159                     # verify if is a  LDAP
 160                     mail = user_detail['email']
 161                     login = mail.split('@')[0]
 162                     org = mail.split('@')[1]
 163                     o = org.split('.')[-2]
 164                     dc = org.split('.')[-1]
 165                     # To know if user is a LDAP user - Need to has a 'dc' identifier
 166                     if dc == 'br' or 'eu':
 167                         # LDAP insert directly - but with userEnable = FALSE
 168                         ldap_create_user(wsgi_request, user_request, user_detail)
 169
 170                 except Exception, e:
 171                     print "LDAP: problem em access the LDAP with this credentail"
 172                 '''
 173                 create_pending_user(wsgi_request, user_request, user_detail)
 174                 self.template_name = 'user_register_complete.html'
 175
 176                 return render(wsgi_request, self.template, {'theme': self.theme})
 177
 178         else:
 179             user_request = {}
 180             ## this is coming from onelab website onelab.eu
 181             reg_form = {
 182                 'first_name':  wsgi_request.GET.get('first_name', ''),
 183                 'last_name': wsgi_request.GET.get('last_name', ''),
 184                 'email': wsgi_request.GET.get('email', ''),
 185                 }
 186
 187         template_env = {
 188           'topmenu_items': topmenu_items_live('Register', page),
 189           'errors': errors,
 190           'authorities': authorities,
 191           'theme': self.theme
 192           }
 193         template_env.update(user_request)
 194         template_env.update(reg_form)
 195         template_env.update(page.prelude_env ())
 196         return render(wsgi_request, self.template,template_env)