← Back to branch summary

~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to ivle/webapp/security/views.py

  • Committer: William Grant
  • Date: 2009-02-23 23:47:02 UTC
  • mfrom: (1099.1.211 new-dispatch)
  • Revision ID: grantw@unimelb.edu.au-20090223234702-db4b1llly46ignwo
Merge from lp:~ivle-dev/ivle/new-dispatch.

Pretty much everything changes. Reread the setup docs. Backup your databases.
Every file is now in a different installed location, the configuration system
is rewritten, the dispatch system is rewritten, URLs are different, the
database is different, worksheets and exercises are no longer on the
filesystem, we use a templating engine, jail service protocols are rewritten,
we don't repeat ourselves, we have authorization rewritten, phpBB is gone,
and probably lots of other things that I cannot remember.

This is certainly the biggest commit I have ever made, and hopefully
the largest I ever will.

Show diffs side-by-side

added added

removed removed

Lines of Context:
ivle/webapp/security/views.py
25
25
    # This needs to be importable from outside Apache.
26
26
    pass
27
27
 
28
 
import ivle.pulldown_subj
 
28
import ivle.util
29
29
import ivle.webapp.security
30
30
from ivle.auth import authenticate, AuthError
31
31
from ivle.webapp.base.xhtml import XHTMLView
43
43
        fields = req.get_fieldstorage()
44
44
        nexturl = fields.getfirst('url')
45
45
 
46
 
        # XXX Warning that Internet Explorer is unsupported
47
 
        # Test if the user is in Internet Explorer
48
 
        try:
49
 
            useragent = req.headers_in['User-Agent']
50
 
            # A bit of very basic UA string detection
51
 
            ctx['msie'] = ('MSIE' in useragent
52
 
                           and 'AppleWebKit' not in useragent
53
 
                           and 'Gecko' not in useragent
54
 
                           and 'Opera' not in useragent)
55
 
        except KeyError:
56
 
            ctx['msie'] = False
57
 
 
58
46
        if nexturl is None:
59
47
            nexturl = '/'
60
48
 
61
 
        # We are already logged in. If it is a POST, they might be trying to
62
 
        # clobber their session with some new credentials. That's their own
63
 
        # business, so we let them do it. Otherwise, we don't bother prompting
64
 
        # and just redirect to the destination.
 
49
        # We are already logged in. Don't bother logging in again.
65
50
        # Note that req.user is None even if we are 'logged in', if the user is
66
 
        # invalid (state != enabled, or expired).
67
 
        if req.method != "POST" and req.user is not None:
 
51
        # invalid.
 
52
        if req.user is not None:
68
53
            req.throw_redirect(nexturl)
69
54
 
70
55
        # Don't give any URL if we want /.
73
58
        else:
74
59
            query_string = '?url=' + urllib.quote(nexturl, safe="/~")
75
60
 
76
 
        ctx['path'] = req.make_path('+login') + query_string
 
61
        ctx['path'] = ivle.util.make_path('+login') + query_string
77
62
 
78
63
        # If this succeeds, the user is invalid.
79
64
        user = ivle.webapp.security.get_user_details(req)
84
69
                # if you are not planning to display a ToS page - the ToS
85
70
                # acceptance process actually calls usrmgt to create the user
86
71
                # jails and related stuff.
87
 
                req.throw_redirect(req.make_path('+tos') + query_string)
 
72
                req.throw_redirect(ivle.util.make_path('+tos') + query_string)
88
73
            elif user.state == "pending":
89
74
                # FIXME: this isn't quite the right answer, but it
90
75
                # should be more robust in the short term.
113
98
                else:
114
99
                    user = None
115
100
                    try:
116
 
                        # Username is case insensitive
117
 
                        user = authenticate.authenticate(req.config, req.store,
118
 
                                    username.value.lower(), password.value)
 
101
                        user = authenticate.authenticate(req.store,
 
102
                                    username.value, password.value)
119
103
                    except AuthError, msg:
120
104
                        badlogin = msg
121
105
                    if user is None:
127
111
                        session = req.get_session()
128
112
                        session['login'] = user.login
129
113
                        session.save()
130
 
                        session.unlock()
131
114
                        user.last_login = datetime.datetime.now()
 
115
                        req.store.commit()
132
116
 
133
117
                        # Create cookies for plugins that might request them.
134
118
                        for plugin in req.config.plugin_index[CookiePlugin]:
139
123
                                    req.add_cookie(mod_python.Cookie.Cookie(cookie,
140
124
                                          plugin.cookies[cookie](user), path='/'))
141
125
 
142
 
                        # Add any new enrolments.
143
 
                        ivle.pulldown_subj.enrol_user(req.config, req.store, user)
144
 
                        req.store.commit()
145
 
 
146
126
                        req.throw_redirect(nexturl)
147
127
 
148
128
                # We didn't succeed.
164
144
        if req.method == "POST":
165
145
            req.logout()
166
146
        else:
167
 
            ctx['path'] =  req.make_path('+logout')
 
147
            ctx['path'] =  ivle.util.make_path('+logout')