1 |
|
'''Views for Authentic2 API'''
|
|
1 |
# authentic2 - Authentic2 OIDC IdP plugin
|
|
2 |
# Copyright (C) 2018 Entr'ouvert
|
|
3 |
#
|
|
4 |
# This program is free software: you can redistribute it and/or modify it
|
|
5 |
# under the terms of the GNU Affero General Public License as published
|
|
6 |
# by the Free Software Foundation, either version 3 of the License, or
|
|
7 |
# (at your option) any later version.
|
|
8 |
#
|
|
9 |
# This program is distributed in the hope that it will be useful,
|
|
10 |
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
11 |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
12 |
# GNU Affero General Public License for more details.
|
|
13 |
#
|
|
14 |
# You should have received a copy of the GNU Affero General Public License
|
|
15 |
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
16 |
|
2 |
17 |
import logging
|
3 |
18 |
import smtplib
|
4 |
19 |
|
... | ... | |
121 |
136 |
User.objects.filter(ou=ou, email__iexact=data['email']).exists():
|
122 |
137 |
raise serializers.ValidationError(
|
123 |
138 |
_('You already have an account'))
|
124 |
|
if ou.username_is_unique and not \
|
125 |
|
'username' in data:
|
|
139 |
if (ou.username_is_unique and
|
|
140 |
'username' not in data):
|
126 |
141 |
raise serializers.ValidationError(
|
127 |
142 |
_('Username is required in this ou'))
|
128 |
143 |
if ou.username_is_unique and User.objects.filter(
|
... | ... | |
200 |
215 |
ou=validated_data['ou'],
|
201 |
216 |
context=ctx,
|
202 |
217 |
**registration_data)
|
203 |
|
except smtplib.SMTPException, e:
|
|
218 |
except smtplib.SMTPException as e:
|
204 |
219 |
response = {
|
205 |
220 |
'result': 0,
|
206 |
221 |
'errors': {
|
... | ... | |
387 |
402 |
context={
|
388 |
403 |
'data': original_data,
|
389 |
404 |
})
|
390 |
|
except smtplib.SMTPException, e:
|
|
405 |
except smtplib.SMTPException as e:
|
391 |
406 |
logging.getLogger(__name__).error(u'registration mail could not be sent to user %s '
|
392 |
407 |
'created through API: %s', instance, e)
|
393 |
408 |
return instance
|
... | ... | |
565 |
580 |
if 'service-slug' in self.request.GET and 'service-ou' in self.request.GET:
|
566 |
581 |
service_slug = self.request.GET['service-slug']
|
567 |
582 |
service_ou = self.request.GET['service-ou']
|
568 |
|
service = Service.objects.filter(slug=service_slug, ou__slug=service_ou).prefetch_related('authorized_roles').first()
|
|
583 |
service = Service.objects.filter(
|
|
584 |
slug=service_slug,
|
|
585 |
ou__slug=service_ou
|
|
586 |
).prefetch_related('authorized_roles').first()
|
569 |
587 |
if service and service.authorized_roles.all():
|
570 |
588 |
qs = qs.filter(roles__in=service.authorized_roles.children())
|
571 |
589 |
qs = qs.distinct()
|
... | ... | |
616 |
634 |
hooks.call_hooks('api_modify_response', self, 'synchronization', data)
|
617 |
635 |
return Response(data)
|
618 |
636 |
|
619 |
|
@detail_route(methods=['post'], url_path='password-reset', permission_classes=(DjangoPermission('custom_user.reset_password_user'),))
|
|
637 |
@detail_route(methods=['post'], url_path='password-reset',
|
|
638 |
permission_classes=(DjangoPermission('custom_user.reset_password_user'),))
|
620 |
639 |
def password_reset(self, request, uuid):
|
621 |
640 |
user = self.get_object()
|
622 |
641 |
# An user without email cannot receive the token
|
... | ... | |
742 |
761 |
password = serializers.CharField(required=True, allow_blank=True)
|
743 |
762 |
|
744 |
763 |
|
745 |
|
|
746 |
764 |
class ValidatePasswordAPI(BaseRpcView):
|
747 |
765 |
permission_classes = ()
|
748 |
766 |
authentication_classes = (CsrfExemptSessionAuthentication,)
|
749 |
|
-
|