From acf4673e576bf708412b81965409e12fbe5b11c3 Mon Sep 17 00:00:00 2001 From: Loic Baron Date: Wed, 13 Aug 2014 15:59:32 +0200 Subject: [PATCH] Auto validation of PLE users on OneLab portal --- portal/actions.py | 17 +++++++++----- portal/emailactivationview.py | 42 +++++++++++++++++++++++++++++++---- 2 files changed, 50 insertions(+), 9 deletions(-) diff --git a/portal/actions.py b/portal/actions.py index 3f830135..7f073708 100644 --- a/portal/actions.py +++ b/portal/actions.py @@ -526,7 +526,7 @@ def manifold_add_reference_user_accounts(wsgi_request, request): } manifold_add_account(wsgi_request, manifold_account_params) -def sfa_create_user(wsgi_request, request): +def sfa_create_user(wsgi_request, request, namespace = None, as_admin = False): """ Arguments: wsgi_request (~ WSGIRequest) : @@ -553,8 +553,15 @@ def sfa_create_user(wsgi_request, request): 'user_enabled' : True } - query = Query.create('user').set(sfa_user_params).select('user_hrn') - results = execute_query(wsgi_request, query) + if namespace is not None: + query = Query.create('%s:user' % namespace).set(sfa_user_params).select('user_hrn') + else: + query = Query.create('user').set(sfa_user_params).select('user_hrn') + if as_admin: + results = execute_query(wsgi_request, query) + else: + results = execute_admin_query(wsgi_request, query) + if not results: raise Exception, "Could not create %s. Already exists ?" % sfa_user_params['user_hrn'] else: @@ -563,7 +570,7 @@ def sfa_create_user(wsgi_request, request): send_mail(subject, msg, 'support@onelab.eu',[request['email']], fail_silently=False) return results -def create_user(wsgi_request, request): +def create_user(wsgi_request, request, namespace = None, as_admin = False): # XXX This has to be stored centrally USER_STATUS_ENABLED = 2 @@ -572,7 +579,7 @@ def create_user(wsgi_request, request): # we would have to perform the steps in create_pending_user too # Add the user to the SFA registry - sfa_create_user(wsgi_request, request) + sfa_create_user(wsgi_request, request, namespace, as_admin) # Update Manifold user status manifold_update_user(wsgi_request, request['email'], {'status': USER_STATUS_ENABLED}) diff --git a/portal/emailactivationview.py b/portal/emailactivationview.py index 2a3e6179..2b1bd37c 100644 --- a/portal/emailactivationview.py +++ b/portal/emailactivationview.py @@ -2,7 +2,7 @@ from unfold.loginrequired import FreeAccessView # from manifold.core.query import Query from manifoldapi.manifoldapi import execute_query, execute_admin_query -from portal.actions import manifold_update_user, manifold_update_account, manifold_add_account, manifold_delete_account, sfa_update_user, authority_get_pi_emails +from portal.actions import manifold_update_user, manifold_update_account, manifold_add_account, manifold_delete_account, sfa_update_user, authority_get_pi_emails, make_request_user, create_user # from unfold.page import Page from ui.topmenu import topmenu_items_live, the_user @@ -18,13 +18,16 @@ from django.contrib.sites.models import Site # import json, os, re, itertools +def ValuesQuerySetToDict(vqs): + return [item for item in vqs] + + # requires login class ActivateEmailView(FreeAccessView, ThemeView): template_name = "email_activation.html" def dispatch(self, *args, **kwargs): return super(ActivateEmailView, self).dispatch(*args, **kwargs) - def get_context_data(self, **kwargs): page = Page(self.request) @@ -36,8 +39,39 @@ class ActivateEmailView(FreeAccessView, ThemeView): if key == "hash_code": hash_code=value - if PendingUser.objects.filter(email_hash__iexact = hash_code): - #get_user = PendingUser.objects.filter(email_hash__iexact = hash_code) + if PendingUser.objects.filter(email_hash__iexact = hash_code).filter(status__iexact = 'False'): + # AUTO VALIDATION of PLE enabled users (only for OneLab Portal) + if self.theme == "onelab": + # Auto-Validation of pending user, which is enabled in a trusted SFA Registry (example: PLE) + # We could check in the Registry based on email, but it takes too long + # as we currently need to do a Resolve on each user_hrn of the Registry in order to get its email + # TODO in SFA XXX We need a Resolve based on email + # TODO maybe we can use MyPLC API for PLE + pending_users = PendingUser.objects.filter(email_hash__iexact = hash_code) + if pending_users: + pending_user = pending_users[0] + pending_user_request = make_request_user(pending_user) + pending_user_hrn = pending_users[0].user_hrn + print "pending_user_hrn = %s" % pending_user_hrn + # XXX Let's assume for the moment that the user_hrn registered in OneLab portal is the same as in PLE + ple_user_hrn = pending_user_hrn.replace("onelab","ple") + query = Query.get('ple_registry:user').filter_by('user_hrn', '==', ple_user_hrn).select('user_enabled') + results = execute_admin_query(self.request, query) + for result in results: + # User is enabled in PLE + if 'user_enabled' in result and result['user_enabled']==True: + ple_user_enabled = True + break + else: + ple_user_enabled = False + + # Auto Validation + if ple_user_enabled: + # Create user in SFA and Update in Manifold + create_user(self.request, pending_user_request, namespace = 'myslice', as_admin = True) + # Delete pending user + PendingUser.objects.filter(email_hash__iexact = hash_code).delete() + #get_user.status= 'True' #get_user.save() #for user in PendingUser.objects.all(): -- 2.43.0