X-Git-Url: https://git.openstreetmap.org./osqa.git/blobdiff_plain/ed90338110c53905e244ffca0ca1a07f4fceb5f0..82cab8e19aff9e3f0aad4ebc7168a4bd241d0efe:/forum/views/auth.py diff --git a/forum/views/auth.py b/forum/views/auth.py index ca8d716..23059e2 100644 --- a/forum/views/auth.py +++ b/forum/views/auth.py @@ -17,9 +17,10 @@ from forum.authentication.forms import SimpleRegistrationForm, SimpleEmailSubscr from forum.utils.mail import send_email from forum.authentication.base import InvalidAuthentication -from forum.authentication import AUTH_PROVIDERS, user_logged_in +from forum.authentication import AUTH_PROVIDERS from forum.models import AuthKeyUserAssociation, ValidationHash, Question, Answer +from forum.actions import UserJoinsAction def signin_page(request, action=None): if action is None: @@ -84,7 +85,9 @@ def prepare_provider_signin(request, provider): except InvalidAuthentication, e: request.session['auth_error'] = e.message - return HttpResponseRedirect(reverse('auth_signin')) + return HttpResponseRedirect(reverse('auth_signin')) + else: + raise Http404() def process_provider_signin(request, provider): @@ -114,7 +117,7 @@ def process_provider_signin(request, provider): uassoc = AuthKeyUserAssociation(user=request.user, key=assoc_key, provider=provider) uassoc.save() request.user.message_set.create(message=_('The new credentials are now associated with your account')) - return HttpResponseRedirect(reverse('user_authsettings')) + return HttpResponseRedirect(reverse('user_authsettings', args=[request.user.id])) return HttpResponseRedirect(reverse('auth_signin')) else: @@ -146,6 +149,7 @@ def external_register(request): user_.is_superuser = True user_.save() + UserJoinsAction(user=user_, ip=request.META['REMOTE_ADDR']).save() if not user_.email_isvalid: send_validation_email(user_) @@ -157,7 +161,7 @@ def external_register(request): request.session['auth_error'] = _("Oops, something went wrong in the middle of this process. Please try again.") return HttpResponseRedirect(request.session.get('on_signin_url', reverse('auth_signin'))) - uassoc = AuthKeyUserAssociation(user=user_, key=request.session['assoc_key'], provider=request.session['auth_provider']) + uassoc = AuthKeyUserAssociation(user=user_, key=assoc_key, provider=auth_provider) uassoc.save() if email_feeds_form.cleaned_data['subscribe'] == 'n': @@ -167,20 +171,17 @@ def external_register(request): del request.session['assoc_key'] del request.session['auth_provider'] - if user_.email_isvalid: - return login_and_forward(request, user_) - else: - return HttpResponseRedirect(reverse('index')) + return login_and_forward(request, user_) else: provider_class = AUTH_PROVIDERS[request.session['auth_provider']].consumer user_data = provider_class.get_user_data(request.session['assoc_key']) + if not user_data: + user_data = request.session.get('auth_consumer_data', {}) + username = user_data.get('username', '') email = user_data.get('email', '') - if not email: - email = request.session.get('auth_email_request', '') - if email: request.session['auth_validated_email'] = email @@ -258,14 +259,12 @@ def validate_email(request, user, code): raise Http404() @login_required -def auth_settings(request): - """ - change password view. +def auth_settings(request, id): + user_ = get_object_or_404(User, id=id) + + if not (request.user.is_superuser or request.user == user_): + return HttpResponseForbidden() - url : /changepw/ - template: authopenid/changepw.html - """ - user_ = request.user auth_keys = user_.auth_keys.all() if user_.has_usable_password(): @@ -284,7 +283,7 @@ def auth_settings(request): user_.set_password(form.cleaned_data['password1']) user_.save() - return HttpResponseRedirect(reverse('user_authsettings')) + return HttpResponseRedirect(reverse('user_authsettings', kwargs={'id': user_.id})) form = FormClass(user=user_) @@ -305,6 +304,7 @@ def auth_settings(request): }) return render_to_response('auth/auth_settings.html', { + 'user': user_, 'form': form, 'has_password': user_.has_usable_password(), 'auth_keys': auth_keys_list, @@ -312,11 +312,12 @@ def auth_settings(request): def remove_external_provider(request, id): association = get_object_or_404(AuthKeyUserAssociation, id=id) - if not association.user == request.user: - raise HttpResponseForbidden() + if not (request.user.is_superuser or request.user == association.user): + return HttpResponseForbidden() + request.user.message_set.create(message=_("You removed the association with %s") % association.provider) association.delete() - return HttpResponseRedirect(reverse('user_authsettings')) + return HttpResponseRedirect(reverse('user_authsettings', kwargs={'id': association.user.id})) def newquestion_signin_action(user): question = Question.objects.filter(author=user).order_by('-added_at')[0] @@ -336,7 +337,17 @@ def login_and_forward(request, user, forward=None, message=None): user.backend = "django.contrib.auth.backends.ModelBackend" login(request, user) - user_logged_in.send(user=user,old_session=old_session,sender=None) + temp_data = request.session.pop('temp_node_data', None) + if temp_data: + request.POST = temp_data + node_type = request.session.pop('temp_node_type') + + if node_type == "question": + from forum.views.writers import ask + return ask(request) + elif node_type == "answer": + from forum.views.writers import answer + return answer(request, request.session.pop('temp_question_id')) if not forward: signin_action = request.session.get('on_signin_action', None)