mirror of
https://github.com/haiwen/seahub.git
synced 2025-09-08 18:30:53 +00:00
Using ccnet EmailUser table instead of seahub auth_user table.
* Rewrite auth module, change user to emailuser. * Remove site app, and remove EmailOrUsernameModelBackend.
This commit is contained in:
xiez
161
base/accounts.py
161
base/accounts.py
@@ -1,6 +1,11 @@
|
||||
from django import forms
|
||||
from django.utils.encoding import smart_str
|
||||
from django.utils.hashcompat import md5_constructor, sha_constructor
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
from django.conf import settings
|
||||
from django.contrib.auth.models import User
|
||||
from django.contrib.auth import authenticate, login
|
||||
|
||||
from auth.models import User, Permission, get_hexdigest
|
||||
from auth import authenticate, login
|
||||
|
||||
from django.contrib.sites.models import RequestSite
|
||||
from django.contrib.sites.models import Site
|
||||
@@ -9,31 +14,130 @@ from registration import signals
|
||||
from registration.forms import RegistrationForm
|
||||
from registration.models import RegistrationProfile
|
||||
|
||||
from django import forms
|
||||
from seaserv import ccnet_rpc, get_ccnetuser
|
||||
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
|
||||
from seaserv import ccnet_rpc
|
||||
class UserManager(object):
|
||||
def create_user(self, username, password=None, is_staff=False, is_active=False):
|
||||
ccnet_rpc.add_emailuser(username, password, is_staff, is_active)
|
||||
|
||||
class EmailOrUsernameModelBackend(object):
|
||||
def authenticate(self, username=None, password=None):
|
||||
if '@' in username:
|
||||
kwargs = {'email': username}
|
||||
ccnetuser = get_ccnetuser(username=username)
|
||||
return ccnetuser
|
||||
|
||||
def convert_to_ccnetuser(emailuser):
|
||||
ccnetuser = CcnetUser(emailuser.get_email(),
|
||||
raw_password='')
|
||||
ccnetuser.id = emailuser.get_id()
|
||||
ccnetuser.email = emailuser.get_email()
|
||||
ccnetuser.password = emailuser.get_passwd()
|
||||
ccnetuser.is_staff = emailuser.get_is_staff()
|
||||
ccnetuser.is_active = emailuser.get_is_active()
|
||||
ccnetuser.ctime = emailuser.get_ctime()
|
||||
|
||||
return ccnetuser
|
||||
|
||||
class CcnetUser(object):
|
||||
is_staff = False
|
||||
is_active = False
|
||||
user_permissions = Permission()
|
||||
objects = UserManager()
|
||||
|
||||
def __init__(self, username, raw_password):
|
||||
self.username = username
|
||||
self.raw_password = raw_password
|
||||
|
||||
def __unicode__(self):
|
||||
return self.username
|
||||
|
||||
def validate_emailuser(self, email, raw_password):
|
||||
self.set_password(raw_password)
|
||||
return ccnet_rpc.validate_emailuser(email, raw_password)
|
||||
|
||||
def is_authenticated(self):
|
||||
return True
|
||||
|
||||
def is_anonymous(self):
|
||||
"""
|
||||
Always returns False. This is a way of comparing User objects to
|
||||
anonymous users.
|
||||
"""
|
||||
return False
|
||||
|
||||
def save(self):
|
||||
emailuser = ccnet_rpc.get_emailuser(self.username)
|
||||
if emailuser:
|
||||
ccnet_rpc.update_emailuser(self.id, self.password, self.is_staff,
|
||||
self.is_active)
|
||||
else:
|
||||
kwargs = {'username': username}
|
||||
try:
|
||||
user = User.objects.get(**kwargs)
|
||||
if user.check_password(password):
|
||||
return user
|
||||
except User.DoesNotExist:
|
||||
return None
|
||||
self.objects.create_user(username=self.username,
|
||||
password=self.raw_password,
|
||||
is_staff=self.is_staff,
|
||||
is_active=self.is_active)
|
||||
|
||||
def get_user(self, user_id):
|
||||
try:
|
||||
return User.objects.get(pk=user_id)
|
||||
except User.DoesNotExist:
|
||||
return None
|
||||
def delete(self):
|
||||
"""
|
||||
Remove from ccnet EmailUser table and Binding table
|
||||
"""
|
||||
ccnet_rpc.remove_emailuser(self.username)
|
||||
ccnet_rpc.remove_binding(self.username)
|
||||
|
||||
def get_and_delete_messages(self):
|
||||
messages = []
|
||||
return messages
|
||||
|
||||
def set_password(self, raw_password):
|
||||
if raw_password is None:
|
||||
self.set_unusable_password()
|
||||
else:
|
||||
algo = 'sha1'
|
||||
hsh = get_hexdigest(algo, '', raw_password)
|
||||
self.password = '%s' % hsh
|
||||
|
||||
def check_password(self, raw_password):
|
||||
"""
|
||||
Returns a boolean of whether the raw_password was correct. Handles
|
||||
encryption formats behind the scenes.
|
||||
"""
|
||||
# Backwards-compatibility check. Older passwords won't include the
|
||||
# algorithm or salt.
|
||||
|
||||
if '$' not in self.password:
|
||||
is_correct = (self.password == get_hexdigest('sha1', '', raw_password))
|
||||
return is_correct
|
||||
return check_password(raw_password, self.password)
|
||||
|
||||
def email_user(self, subject, message, from_email=None):
|
||||
"Sends an e-mail to this User."
|
||||
from django.core.mail import send_mail
|
||||
send_mail(subject, message, from_email, [self.username])
|
||||
|
||||
def has_perm(self, perm, obj=None):
|
||||
"""
|
||||
Returns True if the user has the specified permission. This method
|
||||
queries all available auth backends, but returns immediately if any
|
||||
backend returns True. Thus, a user who has permission from a single
|
||||
auth backend is assumed to have permission in general. If an object
|
||||
is provided, permissions for this specific object are checked.
|
||||
"""
|
||||
|
||||
# Active superusers have all permissions.
|
||||
if self.is_active and self.is_superuser:
|
||||
return True
|
||||
|
||||
# Otherwise we need to check the backends.
|
||||
return _user_has_perm(self, perm, obj)
|
||||
|
||||
def has_module_perms(self, app_label):
|
||||
"""
|
||||
Returns True if the user has any permissions in the given app
|
||||
label. Uses pretty much the same logic as has_perm, above.
|
||||
"""
|
||||
# Active superusers have all permissions.
|
||||
if self.is_active and self.is_superuser:
|
||||
return True
|
||||
|
||||
from auth.models import _user_has_module_perms
|
||||
return _user_has_module_perms(self, app_label)
|
||||
|
||||
class RegistrationBackend(object):
|
||||
"""
|
||||
@@ -104,11 +208,10 @@ class RegistrationBackend(object):
|
||||
site = Site.objects.get_current()
|
||||
else:
|
||||
site = RequestSite(request)
|
||||
|
||||
new_user = RegistrationProfile.objects.create_inactive_user(username, email,
|
||||
password, site,
|
||||
send_email=settings.REGISTRATION_SEND_MAIL)
|
||||
# save email and password to EmailUser table
|
||||
ccnet_rpc.add_emailuser(email, password)
|
||||
|
||||
userid = kwargs['userid']
|
||||
if userid:
|
||||
@@ -136,8 +239,9 @@ class RegistrationBackend(object):
|
||||
user=activated,
|
||||
request=request)
|
||||
# login the user
|
||||
activated.backend='django.contrib.auth.backends.ModelBackend'
|
||||
activated.backend='auth.backends.ModelBackend'
|
||||
login(request, activated)
|
||||
# TODO: user.user_id should be change
|
||||
try:
|
||||
if request.user.user_id:
|
||||
ccnet_rpc.add_client(ccnet_user_id)
|
||||
@@ -210,11 +314,11 @@ class RegistrationForm(forms.Form):
|
||||
label=_("Password (again)"))
|
||||
|
||||
def clean_email(self):
|
||||
try:
|
||||
user = User.objects.get(email__iexact=self.cleaned_data['email'])
|
||||
except User.DoesNotExist:
|
||||
email = self.cleaned_data['email']
|
||||
emailuser = ccnet_rpc.get_emailuser(email)
|
||||
if not emailuser:
|
||||
return self.cleaned_data['email']
|
||||
|
||||
else:
|
||||
raise forms.ValidationError(_("A user with this email already"))
|
||||
|
||||
def clean_userid(self):
|
||||
@@ -234,3 +338,4 @@ class RegistrationForm(forms.Form):
|
||||
if self.cleaned_data['password1'] != self.cleaned_data['password2']:
|
||||
raise forms.ValidationError(_("The two password fields didn't match."))
|
||||
return self.cleaned_data
|
||||
|
||||
|
||||
@@ -65,7 +65,7 @@ MIDDLEWARE_CLASSES = (
|
||||
'django.middleware.csrf.CsrfViewMiddleware',
|
||||
'django.middleware.csrf.CsrfResponseMiddleware',
|
||||
'django.contrib.sessions.middleware.SessionMiddleware',
|
||||
'django.contrib.auth.middleware.AuthenticationMiddleware',
|
||||
'auth.middleware.AuthenticationMiddleware',
|
||||
'seahub.base.middleware.UseridMiddleware',
|
||||
)
|
||||
|
||||
@@ -93,11 +93,11 @@ TEMPLATE_CONTEXT_PROCESSORS = (
|
||||
|
||||
|
||||
INSTALLED_APPS = (
|
||||
'django.contrib.auth',
|
||||
'auth',
|
||||
'django.contrib.contenttypes',
|
||||
'django.contrib.sessions',
|
||||
'django.contrib.sites',
|
||||
'django.contrib.admin',
|
||||
# 'django.contrib.admin',
|
||||
'registration',
|
||||
# 'avatar',
|
||||
'seahub.base',
|
||||
@@ -108,8 +108,7 @@ INSTALLED_APPS = (
|
||||
)
|
||||
|
||||
AUTHENTICATION_BACKENDS = (
|
||||
'seahub.base.accounts.EmailOrUsernameModelBackend',
|
||||
'django.contrib.auth.backends.ModelBackend'
|
||||
'auth.backends.ModelBackend',
|
||||
)
|
||||
|
||||
ACCOUNT_ACTIVATION_DAYS = 7
|
||||
|
||||
@@ -20,9 +20,11 @@
|
||||
{% if request.user.is_authenticated %}
|
||||
欢迎, {{ request.user }}
|
||||
<a href="{{ SITE_ROOT }}profile/">设置</a>
|
||||
<!--
|
||||
{% if request.user.is_staff %}
|
||||
<a href="{{ SITE_ROOT }}admin/">管理</a>
|
||||
{% endif %}
|
||||
-->
|
||||
<a href="{{ SITE_ROOT }}accounts/logout/">退出</a>
|
||||
{% else %}
|
||||
<a href="{{ SITE_ROOT }}accounts/login/">登录</a>
|
||||
@@ -85,7 +87,7 @@
|
||||
</div>
|
||||
</div>
|
||||
<div id="footer" class="ovhd">
|
||||
<p class="fleft">Copyright © 2012 海文网络. All rights reserved.</p>
|
||||
<p class="fleft">Copyright © 2012 海文互知. All rights reserved.</p>
|
||||
<p class="fright">Contact | About</p>
|
||||
</div>
|
||||
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
|
||||
{% trans "Please go to the following page and choose a new password:" %}
|
||||
{% block reset_link %}
|
||||
{{ protocol }}://{{ domain }}{% url django.contrib.auth.views.password_reset_confirm uidb36=uid, token=token %}
|
||||
{{ protocol }}://{{ domain }}{% url auth.views.password_reset_confirm uidb36=uid, token=token %}
|
||||
{% endblock %}
|
||||
{% trans "Your username, in case you've forgotten:" %} {{ user.username }}
|
||||
|
||||
|
||||
@@ -22,11 +22,11 @@
|
||||
|
||||
{% for user in users %}
|
||||
<tr>
|
||||
<td>{{ user.email }}</td>
|
||||
{% if user.is_active %}
|
||||
<td>{{ user.props.email }}</td>
|
||||
{% if user.props.is_active %}
|
||||
<td>已激活</td>
|
||||
{% else %}
|
||||
<td><button data="{{ SITE_ROOT }}useradmin/activate/{{ user.id }}/" class="activate">激活</button></td>
|
||||
<td><button data="{{ SITE_ROOT }}useradmin/activate/{{ user.props.id }}/" class="activate">激活</button></td>
|
||||
{% endif %}
|
||||
{% if user.userid_list %}
|
||||
<td>{{ user.userid_list|first }}</td>
|
||||
@@ -42,7 +42,7 @@
|
||||
{% if user.profile %}
|
||||
<!-- <button class="add-role-btn" userid="{{ user.profile.ccnet_user_id }}" email="{{ user.email }}">添加角色</button> -->
|
||||
{% endif %}
|
||||
<button class="remove-user-btn" data="{{ SITE_ROOT }}useradmin/{{ user.id }}/user/remove/">删除</button>
|
||||
<button class="remove-user-btn" data="{{ SITE_ROOT }}useradmin/{{ user.props.id }}/user/remove/">删除</button>
|
||||
</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
|
||||
@@ -66,17 +66,17 @@ def login(request, user):
|
||||
user = request.user
|
||||
# TODO: It would be nice to support different login methods, like signed cookies.
|
||||
user.last_login = datetime.datetime.now()
|
||||
user.save()
|
||||
|
||||
if SESSION_KEY in request.session:
|
||||
if request.session[SESSION_KEY] != user.id:
|
||||
if request.session[SESSION_KEY] != user.username:
|
||||
# To avoid reusing another user's session, create a new, empty
|
||||
# session if the existing session corresponds to a different
|
||||
# authenticated user.
|
||||
request.session.flush()
|
||||
else:
|
||||
request.session.cycle_key()
|
||||
request.session[SESSION_KEY] = user.id
|
||||
|
||||
request.session[SESSION_KEY] = user.username
|
||||
request.session[BACKEND_SESSION_KEY] = user.backend
|
||||
if hasattr(request, 'user'):
|
||||
request.user = user
|
||||
@@ -88,16 +88,16 @@ def logout(request):
|
||||
"""
|
||||
request.session.flush()
|
||||
if hasattr(request, 'user'):
|
||||
from django.contrib.auth.models import AnonymousUser
|
||||
from auth.models import AnonymousUser
|
||||
request.user = AnonymousUser()
|
||||
|
||||
def get_user(request):
|
||||
from django.contrib.auth.models import AnonymousUser
|
||||
from auth.models import AnonymousUser
|
||||
try:
|
||||
user_id = request.session[SESSION_KEY]
|
||||
username = request.session[SESSION_KEY]
|
||||
backend_path = request.session[BACKEND_SESSION_KEY]
|
||||
backend = load_backend(backend_path)
|
||||
user = backend.get_user(user_id) or AnonymousUser()
|
||||
user = backend.get_user(username) or AnonymousUser()
|
||||
except KeyError:
|
||||
user = AnonymousUser()
|
||||
return user
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
from django.db import connection
|
||||
from django.contrib.auth.models import User, Permission
|
||||
from auth.models import User, Permission
|
||||
|
||||
from seahub.base.accounts import CcnetUser
|
||||
from seaserv import ccnet_rpc, get_ccnetuser
|
||||
|
||||
|
||||
class ModelBackend(object):
|
||||
@@ -12,11 +15,10 @@ class ModelBackend(object):
|
||||
# TODO: Model, login attribute name and password attribute name should be
|
||||
# configurable.
|
||||
def authenticate(self, username=None, password=None):
|
||||
try:
|
||||
user = User.objects.get(username=username)
|
||||
if user.check_password(password):
|
||||
return user
|
||||
except User.DoesNotExist:
|
||||
ccnetuser = get_ccnetuser(username=username)
|
||||
if ccnetuser and ccnetuser.check_password(password):
|
||||
return ccnetuser
|
||||
|
||||
return None
|
||||
|
||||
def get_group_permissions(self, user_obj):
|
||||
@@ -51,11 +53,8 @@ class ModelBackend(object):
|
||||
return True
|
||||
return False
|
||||
|
||||
def get_user(self, user_id):
|
||||
try:
|
||||
return User.objects.get(pk=user_id)
|
||||
except User.DoesNotExist:
|
||||
return None
|
||||
def get_user(self, username):
|
||||
return get_ccnetuser(username=username)
|
||||
|
||||
|
||||
class RemoteUserBackend(ModelBackend):
|
||||
|
||||
@@ -3,7 +3,7 @@ try:
|
||||
except ImportError:
|
||||
from django.utils.functional import update_wrapper, wraps # Python 2.4 fallback.
|
||||
|
||||
from django.contrib.auth import REDIRECT_FIELD_NAME
|
||||
from auth import REDIRECT_FIELD_NAME
|
||||
from django.http import HttpResponseRedirect
|
||||
from django.utils.decorators import available_attrs
|
||||
from django.utils.http import urlquote
|
||||
|
||||
@@ -1,12 +1,15 @@
|
||||
from django.contrib.auth.models import User
|
||||
from django.contrib.auth import authenticate
|
||||
from django.contrib.auth.tokens import default_token_generator
|
||||
from auth.models import User
|
||||
from auth import authenticate
|
||||
from auth.tokens import default_token_generator
|
||||
|
||||
from django.contrib.sites.models import Site
|
||||
from django.template import Context, loader
|
||||
from django import forms
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
from django.utils.http import int_to_base36
|
||||
|
||||
from seaserv import get_ccnetuser
|
||||
|
||||
class UserCreationForm(forms.ModelForm):
|
||||
"""
|
||||
A form that creates a user, with no privileges, from the given username and password.
|
||||
@@ -111,9 +114,11 @@ class PasswordResetForm(forms.Form):
|
||||
Validates that a user exists with the given e-mail address.
|
||||
"""
|
||||
email = self.cleaned_data["email"]
|
||||
self.users_cache = User.objects.filter(email__iexact=email)
|
||||
if len(self.users_cache) == 0:
|
||||
|
||||
self.users_cache = get_ccnetuser(username=email)
|
||||
if not self.users_cache:
|
||||
raise forms.ValidationError(_("That e-mail address doesn't have an associated user account. Are you sure you've registered?"))
|
||||
|
||||
return email
|
||||
|
||||
def save(self, domain_override=None, email_template_name='registration/password_reset_email.html',
|
||||
@@ -122,7 +127,8 @@ class PasswordResetForm(forms.Form):
|
||||
Generates a one-use only link for resetting password and sends to the user
|
||||
"""
|
||||
from django.core.mail import send_mail
|
||||
for user in self.users_cache:
|
||||
|
||||
ccnetuser = self.users_cache
|
||||
if not domain_override:
|
||||
current_site = Site.objects.get_current()
|
||||
site_name = current_site.name
|
||||
@@ -130,17 +136,18 @@ class PasswordResetForm(forms.Form):
|
||||
else:
|
||||
site_name = domain = domain_override
|
||||
t = loader.get_template(email_template_name)
|
||||
|
||||
c = {
|
||||
'email': user.email,
|
||||
'email': ccnetuser.username,
|
||||
'domain': domain,
|
||||
'site_name': site_name,
|
||||
'uid': int_to_base36(user.id),
|
||||
'user': user,
|
||||
'token': token_generator.make_token(user),
|
||||
'uid': int_to_base36(ccnetuser.id),
|
||||
'user': ccnetuser,
|
||||
'token': token_generator.make_token(ccnetuser),
|
||||
'protocol': use_https and 'https' or 'http',
|
||||
}
|
||||
send_mail(_("Password reset on %s") % site_name,
|
||||
t.render(Context(c)), None, [user.email])
|
||||
t.render(Context(c)), None, [ccnetuser.username])
|
||||
|
||||
class SetPasswordForm(forms.Form):
|
||||
"""
|
||||
@@ -152,6 +159,7 @@ class SetPasswordForm(forms.Form):
|
||||
|
||||
def __init__(self, user, *args, **kwargs):
|
||||
self.user = user
|
||||
|
||||
super(SetPasswordForm, self).__init__(*args, **kwargs)
|
||||
|
||||
def clean_new_password2(self):
|
||||
|
||||
@@ -5,7 +5,7 @@ from django.core.exceptions import ImproperlyConfigured
|
||||
class LazyUser(object):
|
||||
def __get__(self, request, obj_type=None):
|
||||
if not hasattr(request, '_cached_user'):
|
||||
from django.contrib.auth import get_user
|
||||
from auth import get_user
|
||||
request._cached_user = get_user(request)
|
||||
return request._cached_user
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
import datetime
|
||||
import urllib
|
||||
|
||||
from django.contrib import auth
|
||||
import auth
|
||||
from django.core.exceptions import ImproperlyConfigured
|
||||
from django.db import models
|
||||
from django.db.models.manager import EmptyManager
|
||||
|
||||
@@ -51,9 +51,12 @@ class PasswordResetTokenGenerator(object):
|
||||
# invalid as soon as it is used.
|
||||
# We limit the hash to 20 chars to keep URL short
|
||||
from django.utils.hashcompat import sha_constructor
|
||||
import datetime
|
||||
ctime = datetime.datetime.fromtimestamp(user.ctime/1000000)
|
||||
hash = sha_constructor(settings.SECRET_KEY + unicode(user.id) +
|
||||
user.password + user.last_login.strftime('%Y-%m-%d %H:%M:%S') +
|
||||
user.password + ctime.strftime('%Y-%m-%d %H:%M:%S') +
|
||||
unicode(timestamp)).hexdigest()[::2]
|
||||
|
||||
return "%s-%s" % (ts_b36, hash)
|
||||
|
||||
def _num_days(self, dt):
|
||||
|
||||
@@ -1,12 +1,6 @@
|
||||
import re
|
||||
from django.conf import settings
|
||||
from django.contrib.auth import REDIRECT_FIELD_NAME
|
||||
# Avoid shadowing the login() view below.
|
||||
from django.contrib.auth import login as auth_login
|
||||
from django.contrib.auth.decorators import login_required
|
||||
from django.contrib.auth.forms import AuthenticationForm
|
||||
from django.contrib.auth.forms import PasswordResetForm, SetPasswordForm, PasswordChangeForm
|
||||
from django.contrib.auth.tokens import default_token_generator
|
||||
from django.views.decorators.csrf import csrf_protect
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.shortcuts import render_to_response, get_object_or_404
|
||||
@@ -15,9 +9,18 @@ from django.http import HttpResponseRedirect, Http404
|
||||
from django.template import RequestContext
|
||||
from django.utils.http import urlquote, base36_to_int
|
||||
from django.utils.translation import ugettext as _
|
||||
from django.contrib.auth.models import User
|
||||
from django.views.decorators.cache import never_cache
|
||||
|
||||
from auth import REDIRECT_FIELD_NAME
|
||||
from auth import login as auth_login
|
||||
from auth.decorators import login_required
|
||||
from auth.forms import AuthenticationForm
|
||||
from auth.forms import PasswordResetForm, SetPasswordForm, PasswordChangeForm
|
||||
from auth.tokens import default_token_generator
|
||||
from auth.models import User
|
||||
|
||||
from seaserv import get_ccnetuser
|
||||
|
||||
@csrf_protect
|
||||
@never_cache
|
||||
def login(request, template_name='registration/login.html',
|
||||
@@ -44,6 +47,7 @@ def login(request, template_name='registration/login.html',
|
||||
# Okay, security checks complete. Log the user in.
|
||||
auth_login(request, form.get_user())
|
||||
|
||||
|
||||
if request.session.test_cookie_worked():
|
||||
request.session.delete_test_cookie()
|
||||
|
||||
@@ -68,7 +72,7 @@ def login(request, template_name='registration/login.html',
|
||||
|
||||
def logout(request, next_page=None, template_name='registration/logged_out.html', redirect_field_name=REDIRECT_FIELD_NAME):
|
||||
"Logs out the user and displays 'You are logged out' message."
|
||||
from django.contrib.auth import logout
|
||||
from auth import logout
|
||||
logout(request)
|
||||
if next_page is None:
|
||||
redirect_to = request.REQUEST.get(redirect_field_name, '')
|
||||
@@ -107,7 +111,7 @@ def password_reset(request, is_admin_site=False, template_name='registration/pas
|
||||
password_reset_form=PasswordResetForm, token_generator=default_token_generator,
|
||||
post_reset_redirect=None):
|
||||
if post_reset_redirect is None:
|
||||
post_reset_redirect = reverse('django.contrib.auth.views.password_reset_done')
|
||||
post_reset_redirect = reverse('auth.views.password_reset_done')
|
||||
if request.method == "POST":
|
||||
form = password_reset_form(request.POST)
|
||||
if form.is_valid():
|
||||
@@ -141,19 +145,22 @@ def password_reset_confirm(request, uidb36=None, token=None, template_name='regi
|
||||
"""
|
||||
assert uidb36 is not None and token is not None # checked by URLconf
|
||||
if post_reset_redirect is None:
|
||||
post_reset_redirect = reverse('django.contrib.auth.views.password_reset_complete')
|
||||
post_reset_redirect = reverse('auth.views.password_reset_complete')
|
||||
try:
|
||||
uid_int = base36_to_int(uidb36)
|
||||
except ValueError:
|
||||
raise Http404
|
||||
|
||||
user = get_object_or_404(User, id=uid_int)
|
||||
ccnetuser = get_ccnetuser(userid=uid_int)
|
||||
if not ccnetuser:
|
||||
raise Http404
|
||||
|
||||
context_instance = RequestContext(request)
|
||||
|
||||
if token_generator.check_token(user, token):
|
||||
if token_generator.check_token(ccnetuser, token):
|
||||
context_instance['validlink'] = True
|
||||
if request.method == 'POST':
|
||||
form = set_password_form(user, request.POST)
|
||||
form = set_password_form(ccnetuser, request.POST)
|
||||
if form.is_valid():
|
||||
form.save()
|
||||
return HttpResponseRedirect(post_reset_redirect)
|
||||
@@ -174,7 +181,7 @@ def password_reset_complete(request, template_name='registration/password_reset_
|
||||
def password_change(request, template_name='registration/password_change_form.html',
|
||||
post_change_redirect=None, password_change_form=PasswordChangeForm):
|
||||
if post_change_redirect is None:
|
||||
post_change_redirect = reverse('django.contrib.auth.views.password_change_done')
|
||||
post_change_redirect = reverse('auth.views.password_change_done')
|
||||
if request.method == "POST":
|
||||
form = password_change_form(user=request.user, data=request.POST)
|
||||
if form.is_valid():
|
||||
|
||||
@@ -25,10 +25,7 @@ consult a specific backend's documentation for details.
|
||||
|
||||
from django.conf.urls.defaults import *
|
||||
|
||||
from django.contrib.auth import views as auth_views
|
||||
|
||||
from seahub.views import password_change
|
||||
|
||||
from auth import views as auth_views
|
||||
|
||||
urlpatterns = patterns('',
|
||||
url(r'^login/$',
|
||||
@@ -40,7 +37,7 @@ urlpatterns = patterns('',
|
||||
{'template_name': 'registration/logout.html'},
|
||||
name='auth_logout'),
|
||||
url(r'^password/change/$',
|
||||
password_change,
|
||||
auth_views.password_change,
|
||||
name='auth_password_change'),
|
||||
url(r'^password/change/done/$',
|
||||
auth_views.password_change_done,
|
||||
|
||||
@@ -3,13 +3,15 @@ import random
|
||||
import re
|
||||
|
||||
from django.conf import settings
|
||||
from django.contrib.auth.models import User
|
||||
from auth.models import User
|
||||
|
||||
from django.db import models
|
||||
from django.db import transaction
|
||||
from django.template.loader import render_to_string
|
||||
from django.utils.hashcompat import sha_constructor
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
|
||||
from seaserv import ccnet_rpc, get_ccnetuser
|
||||
|
||||
SHA1_RE = re.compile('^[a-f0-9]{40}$')
|
||||
|
||||
@@ -51,12 +53,13 @@ class RegistrationManager(models.Manager):
|
||||
except self.model.DoesNotExist:
|
||||
return False
|
||||
if not profile.activation_key_expired():
|
||||
user = profile.user
|
||||
user.is_active = True
|
||||
user.save()
|
||||
# Activate emailuser
|
||||
ccnetuser = get_ccnetuser(userid=profile.emailuser_id)
|
||||
ccnetuser.is_active = True
|
||||
ccnetuser.save()
|
||||
profile.activation_key = self.model.ACTIVATED
|
||||
profile.save()
|
||||
return user
|
||||
return ccnetuser
|
||||
return False
|
||||
|
||||
def create_inactive_user(self, username, email, password,
|
||||
@@ -70,16 +73,19 @@ class RegistrationManager(models.Manager):
|
||||
user. To disable this, pass ``send_email=False``.
|
||||
|
||||
"""
|
||||
new_user = User.objects.create_user(username, email, password)
|
||||
new_user.is_active = False
|
||||
new_user.save()
|
||||
|
||||
registration_profile = self.create_profile(new_user)
|
||||
from seahub.base.accounts import CcnetUser
|
||||
|
||||
ccnetuser = CcnetUser.objects.create_user(username, password, False, False)
|
||||
ccnetuser.is_active = False
|
||||
ccnetuser.save()
|
||||
|
||||
registration_profile = self.create_profile(ccnetuser)
|
||||
|
||||
if send_email:
|
||||
registration_profile.send_activation_email(site)
|
||||
|
||||
return new_user
|
||||
return ccnetuser
|
||||
create_inactive_user = transaction.commit_on_success(create_inactive_user)
|
||||
|
||||
def create_profile(self, user):
|
||||
@@ -97,7 +103,7 @@ class RegistrationManager(models.Manager):
|
||||
if isinstance(username, unicode):
|
||||
username = username.encode('utf-8')
|
||||
activation_key = sha_constructor(salt+username).hexdigest()
|
||||
return self.create(user=user,
|
||||
return self.create(emailuser_id=user.id,
|
||||
activation_key=activation_key)
|
||||
|
||||
def delete_expired_users(self):
|
||||
@@ -142,10 +148,9 @@ class RegistrationManager(models.Manager):
|
||||
"""
|
||||
for profile in self.all():
|
||||
if profile.activation_key_expired():
|
||||
user = profile.user
|
||||
if not user.is_active:
|
||||
user.delete()
|
||||
|
||||
ccnetuser = get_ccnetuser(userid=profile.emailuser_id)
|
||||
if not ccnetuser.is_active:
|
||||
ccnet_rpc.remove_emailuser(ccnetuser.username)
|
||||
|
||||
class RegistrationProfile(models.Model):
|
||||
"""
|
||||
@@ -165,7 +170,8 @@ class RegistrationProfile(models.Model):
|
||||
"""
|
||||
ACTIVATED = u"ALREADY_ACTIVATED"
|
||||
|
||||
user = models.ForeignKey(User, unique=True, verbose_name=_('user'))
|
||||
# user = models.ForeignKey(User, unique=True, verbose_name=_('user'))
|
||||
emailuser_id = models.IntegerField()
|
||||
activation_key = models.CharField(_('activation key'), max_length=40)
|
||||
|
||||
objects = RegistrationManager()
|
||||
@@ -175,7 +181,7 @@ class RegistrationProfile(models.Model):
|
||||
verbose_name_plural = _('registration profiles')
|
||||
|
||||
def __unicode__(self):
|
||||
return u"Registration information for %s" % self.user
|
||||
return u"Registration information for %s" % self.emailuser_id
|
||||
|
||||
def activation_key_expired(self):
|
||||
"""
|
||||
@@ -200,8 +206,12 @@ class RegistrationProfile(models.Model):
|
||||
|
||||
"""
|
||||
expiration_date = datetime.timedelta(days=settings.ACCOUNT_ACTIVATION_DAYS)
|
||||
|
||||
ccnetuser = get_ccnetuser(userid=self.emailuser_id)
|
||||
|
||||
return self.activation_key == self.ACTIVATED or \
|
||||
(self.user.date_joined + expiration_date <= datetime.datetime.now())
|
||||
(datetime.datetime.fromtimestamp(ccnetuser.ctime/1000000) + expiration_date <= datetime.datetime.now())
|
||||
|
||||
activation_key_expired.boolean = True
|
||||
|
||||
def send_activation_email(self, site):
|
||||
@@ -254,5 +264,6 @@ class RegistrationProfile(models.Model):
|
||||
message = render_to_string('registration/activation_email.txt',
|
||||
ctx_dict)
|
||||
|
||||
self.user.email_user(subject, message, settings.DEFAULT_FROM_EMAIL)
|
||||
ccnetuser = get_ccnetuser(userid=self.emailuser_id)
|
||||
ccnetuser.email_user(subject, message, settings.DEFAULT_FROM_EMAIL)
|
||||
|
||||
|
||||
@@ -11,6 +11,7 @@ from service import get_groups, get_group
|
||||
from service import get_users, get_user, get_events, count_event
|
||||
from service import get_repos, get_repo, get_commits, get_branches
|
||||
from service import get_binding_userids
|
||||
from service import get_ccnetuser
|
||||
|
||||
from service import CCNET_CONF_PATH
|
||||
|
||||
|
||||
@@ -296,6 +296,20 @@ def get_user(user_id):
|
||||
user = ccnet_rpc.get_user(user_id)
|
||||
return user
|
||||
|
||||
def get_ccnetuser(username=None, userid=None):
|
||||
# Get emailuser from db
|
||||
if username != None:
|
||||
emailuser = ccnet_rpc.get_emailuser(username)
|
||||
if userid != None:
|
||||
emailuser = ccnet_rpc.get_emailuser_by_id(userid)
|
||||
if emailuser == None:
|
||||
return None
|
||||
|
||||
# And convert to ccnetuser
|
||||
from seahub.base.accounts import convert_to_ccnetuser
|
||||
ccnetuser = convert_to_ccnetuser(emailuser)
|
||||
|
||||
return ccnetuser
|
||||
|
||||
def get_groups():
|
||||
"""Get group object list. """
|
||||
|
||||
6
urls.py
6
urls.py
@@ -8,8 +8,8 @@ from seahub.views import root, peers, groups, myhome, \
|
||||
ownerhome, remove_fetched_repo
|
||||
|
||||
# Uncomment the next two lines to enable the admin:
|
||||
from django.contrib import admin
|
||||
admin.autodiscover()
|
||||
#from django.contrib import admin
|
||||
#admin.autodiscover()
|
||||
|
||||
urlpatterns = patterns('',
|
||||
# Example:
|
||||
@@ -20,7 +20,7 @@ urlpatterns = patterns('',
|
||||
# (r'^admin/doc/', include('django.contrib.admindocs.urls')),
|
||||
|
||||
# Uncomment the next line to enable the admin:
|
||||
(r'^admin/', include(admin.site.urls)),
|
||||
#(r'^admin/', include(admin.site.urls)),
|
||||
|
||||
(r'^accounts/', include('base.registration_urls')),
|
||||
|
||||
|
||||
75
views.py
75
views.py
@@ -1,19 +1,20 @@
|
||||
from django.http import HttpResponse, HttpResponseRedirect
|
||||
from django.http import HttpResponse, HttpResponseRedirect, Http404
|
||||
from django.shortcuts import render_to_response
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.template import RequestContext
|
||||
from django.contrib.auth.decorators import login_required
|
||||
from auth.decorators import login_required
|
||||
from django.db import IntegrityError
|
||||
from django.contrib.auth.models import User
|
||||
from auth.models import User
|
||||
from django.views.decorators.csrf import csrf_protect
|
||||
from django.contrib.auth.forms import AuthenticationForm, PasswordResetForm, SetPasswordForm, PasswordChangeForm
|
||||
from auth.forms import AuthenticationForm, PasswordResetForm, SetPasswordForm, PasswordChangeForm
|
||||
|
||||
from seaserv import cclient, ccnet_rpc, get_groups, get_users, get_repos, \
|
||||
get_repo, get_commits, get_branches, \
|
||||
seafserv_threaded_rpc, get_binding_userids
|
||||
seafserv_threaded_rpc, get_binding_userids, get_ccnetuser
|
||||
|
||||
from seahub.share.models import GroupShare, UserShare
|
||||
from seahub.share.forms import GroupAddRepoForm
|
||||
from seahub.base.accounts import CcnetUser
|
||||
from forms import AddUserForm
|
||||
|
||||
@login_required
|
||||
@@ -272,11 +273,11 @@ def useradmin(request):
|
||||
if not request.user.is_staff:
|
||||
raise Http404
|
||||
|
||||
users = User.objects.all()
|
||||
users = ccnet_rpc.get_emailusers(-1,-1)
|
||||
for user in users:
|
||||
try:
|
||||
user.userid_list = get_binding_userids(user.username)
|
||||
user.ccnet_user = ccnet_rpc.get_user(user.profile.ccnet_user_id)
|
||||
user.userid_list = get_binding_userids(user.get_email())
|
||||
# user.ccnet_user = ccnet_rpc.get_user(user.profile.ccnet_user_id)
|
||||
user.role_list = user.ccnet_user.props.role_list.split(',')
|
||||
except:
|
||||
user.ccnet_user = None
|
||||
@@ -317,32 +318,24 @@ def user_remove(request, user_id):
|
||||
if not request.user.is_staff:
|
||||
raise Http404
|
||||
|
||||
user = User.objects.get(id=user_id)
|
||||
user.delete()
|
||||
|
||||
# Also remove from ccnet EmailUser table and Binding table
|
||||
ccnet_rpc.remove_emailuser(user.username)
|
||||
ccnet_rpc.remove_binding(user.username)
|
||||
ccnetuser = get_ccnetuser(userid=int(user_id))
|
||||
ccnetuser.delete()
|
||||
|
||||
return HttpResponseRedirect(request.META['HTTP_REFERER'])
|
||||
|
||||
@login_required
|
||||
def activate_user(request, user_id):
|
||||
"""The user id is django user id."""
|
||||
"""The user id is emailuser id."""
|
||||
|
||||
if not request.user.is_staff:
|
||||
raise Http404
|
||||
|
||||
try:
|
||||
user = User.objects.get(pk=user_id)
|
||||
user.is_active = True
|
||||
user.save()
|
||||
except User.DoesNotExist:
|
||||
pass
|
||||
ccnetuser = get_ccnetuser(userid=int(user_id))
|
||||
ccnetuser.is_active = True
|
||||
ccnetuser.save()
|
||||
|
||||
return HttpResponseRedirect(request.META['HTTP_REFERER'])
|
||||
|
||||
|
||||
@login_required
|
||||
def user_add(request):
|
||||
"""Add a user"""
|
||||
@@ -354,14 +347,11 @@ def user_add(request):
|
||||
form = AddUserForm(request.POST)
|
||||
if form.is_valid():
|
||||
email = form.cleaned_data['email']
|
||||
username = email
|
||||
password = form.cleaned_data['password1']
|
||||
new_user = User.objects.create_user(username, email, password)
|
||||
new_user.is_active = True
|
||||
new_user.save()
|
||||
|
||||
# Also save to ccnet EmailUser table
|
||||
ccnet_rpc.add_emailuser(username, password)
|
||||
ccnetuser = CcnetUser(username=email, raw_password=password)
|
||||
ccnetuser.is_active = True
|
||||
ccnetuser.save()
|
||||
|
||||
return HttpResponseRedirect(reverse('useradmin', args=[]))
|
||||
else:
|
||||
@@ -370,32 +360,3 @@ def user_add(request):
|
||||
return render_to_response("add_user_form.html", {
|
||||
'form': form,
|
||||
}, context_instance=RequestContext(request))
|
||||
|
||||
@csrf_protect
|
||||
@login_required
|
||||
def password_change(request,
|
||||
template_name='registration/password_change_form.html',
|
||||
post_change_redirect=None,
|
||||
password_change_form=PasswordChangeForm,
|
||||
current_app=None, extra_context=None):
|
||||
if post_change_redirect is None:
|
||||
post_change_redirect = reverse('django.contrib.auth.views.password_change_done')
|
||||
if request.method == "POST":
|
||||
form = password_change_form(user=request.user, data=request.POST)
|
||||
if form.is_valid():
|
||||
form.save()
|
||||
|
||||
# Also change ccnet EmailUser table
|
||||
email = request.user.username
|
||||
passwd = request.POST.get('new_password1')
|
||||
ccnet_rpc.change_emailuser(email, passwd)
|
||||
|
||||
return HttpResponseRedirect(post_change_redirect)
|
||||
else:
|
||||
form = password_change_form(user=request.user)
|
||||
context = {
|
||||
'form': form,
|
||||
}
|
||||
context.update(extra_context or {})
|
||||
return render_to_response(template_name, context,
|
||||
context_instance=RequestContext(request, current_app=current_app))
|
||||
|
||||
Reference in New Issue
Block a user