~azzar1/unity/add-show-desktop-key

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
# IVLE
# Copyright (C) 2007-2009 The University of Melbourne
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA

# Author: Will Grant, Nick Chadwick

import urllib
import datetime
try:
    import mod_python.Cookie
except ImportError:
    # This needs to be importable from outside Apache.
    pass

import ivle.pulldown_subj
import ivle.webapp.security
from ivle.auth import authenticate, AuthError
from ivle.webapp.base.xhtml import XHTMLView
from ivle.webapp.base.plugins import CookiePlugin

class LoginView(XHTMLView):
    '''A view to allow a user to log in.'''
    template = 'login.html'
    allow_overlays = False

    def authorize(self, req):
        return True

    def populate(self, req, ctx):
        fields = req.get_fieldstorage()
        nexturl = fields.getfirst('url')

        if nexturl is None:
            nexturl = '/'

        # We are already logged in. If it is a POST, they might be trying to
        # clobber their session with some new credentials. That's their own
        # business, so we let them do it. Otherwise, we don't bother prompting
        # and just redirect to the destination.
        # Note that req.user is None even if we are 'logged in', if the user is
        # invalid (state != enabled, or expired).
        if req.method != "POST" and req.user is not None:
            req.throw_redirect(nexturl)

        # Don't give any URL if we want /.
        if nexturl == '/':
            query_string = ''
        else:
            query_string = '?url=' + urllib.quote(nexturl, safe="/~")

        ctx['path'] = req.make_path('+login') + query_string

        # If this succeeds, the user is invalid.
        user = ivle.webapp.security.get_user_details(req)
        if user is not None:
            if user.state == "no_agreement":
                # Authenticated, but need to accept the ToS. Send them there.
                # IMPORTANT NOTE FOR HACKERS: You can't simply disable this
                # if you are not planning to display a ToS page - the ToS
                # acceptance process actually calls usrmgt to create the user
                # jails and related stuff.
                req.throw_redirect(req.make_path('+tos') + query_string)
            elif user.state == "pending":
                # FIXME: this isn't quite the right answer, but it
                # should be more robust in the short term.
                session = req.get_session()
                session.invalidate()
                session.delete()
                user.state = u'no_agreement'
                req.store.commit()
                req.throw_redirect(nexturl)

        if req.method == "POST":
            # While req.user is normally set to get_user_details, it won't set
            # it if the account isn't valid. So we get it ourselves.
            user = ivle.webapp.security.get_user_details(req)

            badlogin = None

            username = fields.getfirst('user')
            password = fields.getfirst('pass')
            if username is not None:
                # From this point onwards, we will be showing an error message
                # if unsuccessful.
                # Authenticate
                if password is None:
                    badlogin = "No password supplied."
                else:
                    user = None
                    try:
                        # Username is case insensitive
                        user = authenticate.authenticate(req.config, req.store,
                                    username.value.lower(), password.value)
                    except AuthError, msg:
                        badlogin = msg
                    if user is None:
                        # Must have got an error. Do not authenticate.
                        # The except: above will have set a message.
                        pass
                    else:
                        # Success - Set the session and redirect to the URL.
                        session = req.get_session()
                        session['login'] = user.login
                        session.save()
                        session.unlock()
                        user.last_login = datetime.datetime.now()

                        # Create cookies for plugins that might request them.
                        for plugin in req.config.plugin_index[CookiePlugin]:
                            for cookie in plugin.cookies:
                                # The function can be None if they just need to be
                                # deleted at logout.
                                if plugin.cookies[cookie] is not None:
                                    req.add_cookie(mod_python.Cookie.Cookie(cookie,
                                          plugin.cookies[cookie](user), path='/'))

                        # Add any new enrolments.
                        ivle.pulldown_subj.enrol_user(req.config, req.store, user)
                        req.store.commit()

                        req.throw_redirect(nexturl)

                # We didn't succeed.
                # Render the login form with the error message.
                ctx['error'] = badlogin


class LogoutView(XHTMLView):
    '''A view to log the current session out.'''
    template = 'logout.html'
    allow_overlays = False

    def authorize(self, req):
        # This can be used by any authenticated user, even if they haven't
        # accepted the ToS yet.
        return ivle.webapp.security.get_user_details(req) is not None

    def populate(self, req, ctx):
        if req.method == "POST":
            req.logout()
        else:
            ctx['path'] =  req.make_path('+logout')