Coverage for ivatar/ivataraccount/views.py: 75%

1# -*- coding: utf-8 -*- 

2""" 

3View classes for ivatar/ivataraccount/ 

4""" 

5 

6from io import BytesIO 

7from ivatar.utils import urlopen, Bluesky 

8import base64 

9import binascii 

10import contextlib 

11from xml.sax import saxutils 

12import gzip 

13 

14from PIL import Image 

15 

16from django.db.models import ProtectedError 

17from django.core.exceptions import ObjectDoesNotExist 

18from django.contrib.auth.decorators import login_required 

19from django.contrib.auth.models import User 

20from django.utils.decorators import method_decorator 

21from django.contrib.messages.views import SuccessMessageMixin 

22from django.contrib import messages 

23from django.views.generic.edit import FormView, UpdateView 

24from django.views.generic.base import View, TemplateView 

25from django.views.generic.detail import DetailView 

26from django.contrib.auth import authenticate, login 

27from django.contrib.auth.forms import UserCreationForm, SetPasswordForm 

28from django.contrib.auth.views import LoginView 

29from django.contrib.auth.views import ( 

30 PasswordResetView as PasswordResetViewOriginal, 

31) 

32from django.utils.translation import gettext_lazy as _ 

33from django.http import HttpResponseRedirect, HttpResponse 

34from django.urls import reverse_lazy, reverse 

35from django.shortcuts import render 

36from django_openid_auth.models import UserOpenID 

37 

38from openid import oidutil 

39from openid.consumer import consumer 

40 

41from ipware import get_client_ip 

42 

43from email_validator import validate_email 

44 

45from libravatar import libravatar_url 

46from ivatar.settings import ( 

47 MAX_NUM_PHOTOS, 

48 MAX_PHOTO_SIZE, 

49 JPEG_QUALITY, 

50 AVATAR_MAX_SIZE, 

51 SOCIAL_AUTH_FEDORA_KEY, 

52) 

53from .gravatar import get_photo as get_gravatar_photo 

54 

55from .forms import AddEmailForm, UploadPhotoForm, AddOpenIDForm 

56from .forms import UpdatePreferenceForm, UploadLibravatarExportForm 

57from .forms import DeleteAccountForm 

58from .models import UnconfirmedEmail, ConfirmedEmail, Photo 

59from .models import UnconfirmedOpenId, ConfirmedOpenId, DjangoOpenIDStore 

60from .models import UserPreference 

61from .models import file_format 

62from .read_libravatar_export import read_gzdata as libravatar_read_gzdata 

63 

64 

65def openid_logging(message, level=0): 

66 """ 

67 Helper method for openid logging 

68 """ 

69 # Normal messages are not that important 

70 # No need for coverage here 

71 if level > 0: # pragma: no cover 

72 print(message) 

73 

74 

75class CreateView(SuccessMessageMixin, FormView): 

76 """ 

77 View class for creating a new user 

78 """ 

79 

80 template_name = "new.html" 

81 form_class = UserCreationForm 

82 

83 def form_valid(self, form): 

84 form.save() 

85 user = authenticate( 

86 username=form.cleaned_data["username"], 

87 password=form.cleaned_data["password1"], 

88 ) 

89 if user is not None: 

90 # If the username looks like a mail address, automagically 

91 # add it as unconfirmed mail and set it also as user's 

92 # email address 

93 with contextlib.suppress(Exception): 

94 self._extracted_from_form_valid_(form, user) 

95 login(self.request, user) 

96 pref = UserPreference.objects.create( 

97 user_id=user.pk 

98 ) # pylint: disable=no-member 

99 pref.save() 

100 return HttpResponseRedirect(reverse_lazy("profile")) 

101 return HttpResponseRedirect(reverse_lazy("login")) # pragma: no cover 

102 

103 def _extracted_from_form_valid_(self, form, user): 

104 # This will error out if it's not a valid address 

105 valid = validate_email(form.cleaned_data["username"]) 

106 user.email = valid.email 

107 user.save() 

108 # The following will also error out if it already exists 

109 unconfirmed = UnconfirmedEmail() 

110 unconfirmed.email = valid.email 

111 unconfirmed.user = user 

112 unconfirmed.save() 

113 unconfirmed.send_confirmation_mail( 

114 url=self.request.build_absolute_uri("/")[:-1] 

115 ) 

116 

117 def get(self, request, *args, **kwargs): 

118 """ 

119 Handle get for create view 

120 """ 

121 if request.user and request.user.is_authenticated: 

122 return HttpResponseRedirect(reverse_lazy("profile")) 

123 return super().get(self, request, args, kwargs) 

124 

125 

126@method_decorator(login_required, name="dispatch") 

127class PasswordSetView(SuccessMessageMixin, FormView): 

128 """ 

129 View class for changing the password 

130 """ 

131 

132 template_name = "password_change.html" 

133 form_class = SetPasswordForm 

134 success_message = _("password changed successfully - please login again") 

135 success_url = reverse_lazy("profile") 

136 

137 def get_form_kwargs(self): 

138 kwargs = super(PasswordSetView, self).get_form_kwargs() 

139 kwargs["user"] = self.request.user 

140 return kwargs 

141 

142 def form_valid(self, form): 

143 form.save() 

144 super().form_valid(form) 

145 return HttpResponseRedirect(reverse_lazy("login")) 

146 

147 

148@method_decorator(login_required, name="dispatch") 

149class AddEmailView(SuccessMessageMixin, FormView): 

150 """ 

151 View class for adding email addresses 

152 """ 

153 

154 template_name = "add_email.html" 

155 form_class = AddEmailForm 

156 success_url = reverse_lazy("profile") 

157 

158 def form_valid(self, form): 

159 if not form.save(self.request): 

160 return render(self.request, self.template_name, {"form": form}) 

161 

162 messages.success(self.request, _("Address added successfully")) 

163 return super().form_valid(form) 

164 

165 

166@method_decorator(login_required, name="dispatch") 

167class RemoveUnconfirmedEmailView(SuccessMessageMixin, View): 

168 """ 

169 View class for removing a unconfirmed email address 

170 """ 

171 

172 @staticmethod 

173 def post(request, *args, **kwargs): # pylint: disable=unused-argument 

174 """ 

175 Handle post request - removing unconfirmed email 

176 """ 

177 try: 

178 email = UnconfirmedEmail.objects.get( # pylint: disable=no-member 

179 user=request.user, id=kwargs["email_id"] 

180 ) 

181 email.delete() 

182 messages.success(request, _("Address removed")) 

183 except UnconfirmedEmail.DoesNotExist: # pylint: disable=no-member 

184 messages.error(request, _("Address does not exist")) 

185 return HttpResponseRedirect(reverse_lazy("profile")) 

186 

187 

188class ConfirmEmailView(SuccessMessageMixin, TemplateView): 

189 """ 

190 View class for confirming an unconfirmed email address 

191 """ 

192 

193 template_name = "email_confirmed.html" 

194 

195 def get(self, request, *args, **kwargs): 

196 # be tolerant of extra crap added by mail clients 

197 key = kwargs["verification_key"].replace(" ", "") 

198 

199 if len(key) != 64: 

200 messages.error(request, _("Verification key incorrect")) 

201 return HttpResponseRedirect(reverse_lazy("profile")) 

202 

203 try: 

204 unconfirmed = UnconfirmedEmail.objects.get( 

205 verification_key=key 

206 ) # pylint: disable=no-member 

207 except UnconfirmedEmail.DoesNotExist: # pylint: disable=no-member 

208 messages.error(request, _("Verification key does not exist")) 

209 return HttpResponseRedirect(reverse_lazy("profile")) 

210 

211 if ConfirmedEmail.objects.filter(email=unconfirmed.email).count() > 0: 

212 messages.error( 

213 request, 

214 _("This mail address has been taken already and cannot be confirmed"), 

215 ) 

216 return HttpResponseRedirect(reverse_lazy("profile")) 

217 

218 # TODO: Check for a reasonable expiration time in unconfirmed email 

219 

220 (confirmed_id, external_photos) = ConfirmedEmail.objects.create_confirmed_email( 

221 unconfirmed.user, unconfirmed.email, not request.user.is_anonymous 

222 ) 

223 

224 unconfirmed.delete() 

225 

226 # if there's a single image in this user's profile, 

227 # assign it to the new email 

228 confirmed = ConfirmedEmail.objects.get(id=confirmed_id) 

229 if confirmed.user.photo_set.count() == 1: 

230 confirmed.set_photo(confirmed.user.photo_set.first()) 

231 kwargs["photos"] = external_photos 

232 kwargs["email_id"] = confirmed_id 

233 return super().get(request, *args, **kwargs) 

234 

235 

236@method_decorator(login_required, name="dispatch") 

237class RemoveConfirmedEmailView(SuccessMessageMixin, View): 

238 """ 

239 View class for removing a confirmed email address 

240 """ 

241 

242 @staticmethod 

243 def post(request, *args, **kwargs): # pylint: disable=unused-argument 

244 """ 

245 Handle post request - removing confirmed email 

246 """ 

247 try: 

248 email = ConfirmedEmail.objects.get(user=request.user, id=kwargs["email_id"]) 

249 email.delete() 

250 messages.success(request, _("Address removed")) 

251 except ConfirmedEmail.DoesNotExist: # pylint: disable=no-member 

252 messages.error(request, _("Address does not exist")) 

253 return HttpResponseRedirect(reverse_lazy("profile")) 

254 

255 

256@method_decorator(login_required, name="dispatch") 

257class AssignPhotoEmailView(SuccessMessageMixin, TemplateView): 

258 """ 

259 View class for assigning a photo to an email address 

260 """ 

261 

262 model = Photo 

263 template_name = "assign_photo_email.html" 

264 

265 def post(self, request, *args, **kwargs): # pylint: disable=unused-argument 

266 """ 

267 Handle post request - assign photo to email 

268 """ 

269 photo = None 

270 

271 try: 

272 email = ConfirmedEmail.objects.get(user=request.user, id=kwargs["email_id"]) 

273 except ConfirmedEmail.DoesNotExist: # pylint: disable=no-member 

274 messages.error(request, _("Invalid request")) 

275 return HttpResponseRedirect(reverse_lazy("profile")) 

276 

277 if "photoNone" in request.POST: 

278 email.photo = None 

279 else: 

280 if "photo_id" not in request.POST: 

281 messages.error(request, _("Invalid request [photo_id] missing")) 

282 return HttpResponseRedirect(reverse_lazy("profile")) 

283 

284 try: 

285 photo = self.model.objects.get( # pylint: disable=no-member 

286 id=request.POST["photo_id"], user=request.user 

287 ) 

288 except self.model.DoesNotExist: # pylint: disable=no-member 

289 messages.error(request, _("Photo does not exist")) 

290 return HttpResponseRedirect(reverse_lazy("profile")) 

291 email.photo = photo 

292 email.bluesky_handle = None 

293 email.save() 

294 

295 messages.success(request, _("Successfully changed photo")) 

296 return HttpResponseRedirect(reverse_lazy("profile")) 

297 

298 def get_context_data(self, **kwargs): 

299 data = super().get_context_data(**kwargs) 

300 data["email"] = ConfirmedEmail.objects.get(pk=kwargs["email_id"]) 

301 return data 

302 

303 

304@method_decorator(login_required, name="dispatch") 

305class AssignPhotoOpenIDView(SuccessMessageMixin, TemplateView): 

306 """ 

307 View class for assigning a photo to an openid address 

308 """ 

309 

310 model = Photo 

311 template_name = "assign_photo_openid.html" 

312 

313 def post(self, request, *args, **kwargs): # pylint: disable=unused-argument 

314 """ 

315 Handle post - assign photo to openid 

316 """ 

317 photo = None 

318 

319 try: 

320 openid = ConfirmedOpenId.objects.get( # pylint: disable=no-member 

321 user=request.user, id=kwargs["openid_id"] 

322 ) 

323 except ConfirmedOpenId.DoesNotExist: # pylint: disable=no-member 

324 messages.error(request, _("Invalid request")) 

325 return HttpResponseRedirect(reverse_lazy("profile")) 

326 

327 if "photoNone" in request.POST: 

328 openid.photo = None 

329 else: 

330 if "photo_id" not in request.POST: 

331 messages.error(request, _("Invalid request [photo_id] missing")) 

332 return HttpResponseRedirect(reverse_lazy("profile")) 

333 

334 try: 

335 photo = self.model.objects.get( # pylint: disable=no-member 

336 id=request.POST["photo_id"], user=request.user 

337 ) 

338 except self.model.DoesNotExist: # pylint: disable=no-member 

339 messages.error(request, _("Photo does not exist")) 

340 return HttpResponseRedirect(reverse_lazy("profile")) 

341 openid.photo = photo 

342 openid.bluesky_handle = None 

343 openid.save() 

344 

345 messages.success(request, _("Successfully changed photo")) 

346 return HttpResponseRedirect(reverse_lazy("profile")) 

347 

348 def get_context_data(self, **kwargs): 

349 data = super().get_context_data(**kwargs) 

350 data["openid"] = ConfirmedOpenId.objects.get( 

351 pk=kwargs["openid_id"] 

352 ) # pylint: disable=no-member 

353 return data 

354 

355 

356@method_decorator(login_required, name="dispatch") 

357class AssignBlueskyHandleToEmailView(SuccessMessageMixin, TemplateView): 

358 """ 

359 View class for assigning a Bluesky handle to an email address 

360 """ 

361 

362 def post(self, request, *args, **kwargs): # pylint: disable=unused-argument 

363 """ 

364 Handle post request - assign bluesky handle to email 

365 """ 

366 

367 try: 

368 email = ConfirmedEmail.objects.get(user=request.user, id=kwargs["email_id"]) 

369 except ConfirmedEmail.DoesNotExist: # pylint: disable=no-member 

370 messages.error(request, _("Invalid request")) 

371 return HttpResponseRedirect(reverse_lazy("profile")) 

372 

373 if "bluesky_handle" not in request.POST: 

374 messages.error(request, _("Invalid request [bluesky_handle] missing")) 

375 return HttpResponseRedirect(reverse_lazy("profile")) 

376 bluesky_handle = request.POST["bluesky_handle"] 

377 

378 try: 

379 bs = Bluesky() 

380 

381 bs.get_avatar(bluesky_handle) 

382 except Exception as e: 

383 messages.error(request, _(f"Handle '{bluesky_handle}' not found: {e}")) 

384 return HttpResponseRedirect( 

385 reverse_lazy( 

386 "assign_photo_email", kwargs={"email_id": int(kwargs["email_id"])} 

387 ) 

388 ) 

389 try: 

390 email.set_bluesky_handle(bluesky_handle) 

391 except Exception as e: 

392 messages.error(request, _(f"Error: {e}")) 

393 return HttpResponseRedirect( 

394 reverse_lazy( 

395 "assign_photo_email", kwargs={"email_id": int(kwargs["email_id"])} 

396 ) 

397 ) 

398 email.photo = None 

399 email.save() 

400 

401 messages.success(request, _("Successfully assigned Bluesky handle")) 

402 return HttpResponseRedirect(reverse_lazy("profile")) 

403 

404 def get_context_data(self, **kwargs): 

405 data = super().get_context_data(**kwargs) 

406 data["email"] = ConfirmedEmail.objects.get(pk=kwargs["email_id"]) 

407 return data 

408 

409 

410@method_decorator(login_required, name="dispatch") 

411class AssignBlueskyHandleToOpenIdView(SuccessMessageMixin, TemplateView): 

412 """ 

413 View class for assigning a Bluesky handle to an email address 

414 """ 

415 

416 def post(self, request, *args, **kwargs): # pylint: disable=unused-argument 

417 """ 

418 Handle post request - assign bluesky handle to email 

419 """ 

420 

421 try: 

422 openid = ConfirmedOpenId.objects.get( 

423 user=request.user, id=kwargs["open_id"] 

424 ) 

425 except ConfirmedOpenId.DoesNotExist: # pylint: disable=no-member 

426 messages.error(request, _("Invalid request")) 

427 return HttpResponseRedirect(reverse_lazy("profile")) 

428 

429 if "bluesky_handle" not in request.POST: 

430 messages.error(request, _("Invalid request [bluesky_handle] missing")) 

431 return HttpResponseRedirect(reverse_lazy("profile")) 

432 bluesky_handle = request.POST["bluesky_handle"] 

433 

434 try: 

435 bs = Bluesky() 

436 

437 bs.get_avatar(bluesky_handle) 

438 except Exception as e: 

439 messages.error(request, _(f"Handle '{bluesky_handle}' not found: {e}")) 

440 return HttpResponseRedirect( 

441 reverse_lazy( 

442 "assign_photo_openid", kwargs={"openid_id": int(kwargs["open_id"])} 

443 ) 

444 ) 

445 try: 

446 openid.set_bluesky_handle(bluesky_handle) 

447 except Exception as e: 

448 messages.error(request, _(f"Error: {e}")) 

449 return HttpResponseRedirect( 

450 reverse_lazy( 

451 "assign_photo_openid", kwargs={"openid_id": int(kwargs["open_id"])} 

452 ) 

453 ) 

454 openid.photo = None 

455 openid.save() 

456 

457 messages.success(request, _("Successfully assigned Bluesky handle")) 

458 return HttpResponseRedirect(reverse_lazy("profile")) 

459 

460 def get_context_data(self, **kwargs): 

461 data = super().get_context_data(**kwargs) 

462 data["openid"] = ConfirmedOpenId.objects.get(pk=kwargs["open_id"]) 

463 return data 

464 

465 

466@method_decorator(login_required, name="dispatch") 

467class ImportPhotoView(SuccessMessageMixin, TemplateView): 

468 """ 

469 View class to import a photo from another service 

470 Currently only Gravatar is supported 

471 """ 

472 

473 template_name = "import_photo.html" 

474 

475 def get_context_data(self, **kwargs): 

476 context = super().get_context_data(**kwargs) 

477 context["photos"] = [] 

478 addr = None 

479 if "email_id" in kwargs: 

480 try: 

481 addr = ConfirmedEmail.objects.get(pk=kwargs["email_id"]).email 

482 except ConfirmedEmail.ObjectDoesNotExist: # pylint: disable=no-member 

483 messages.error(self.request, _("Address does not exist")) 

484 return context 

485 

486 if addr := kwargs.get("email_addr", None): 

487 if gravatar := get_gravatar_photo(addr): 

488 context["photos"].append(gravatar) 

489 

490 if libravatar_service_url := libravatar_url( 

491 email=addr, 

492 default=404, 

493 size=AVATAR_MAX_SIZE, 

494 ): 

495 try: 

496 urlopen(libravatar_service_url) 

497 except OSError as exc: 

498 print(f"Exception caught during photo import: {exc}") 

499 else: 

500 context["photos"].append( 

501 { 

502 "service_url": libravatar_service_url, 

503 "thumbnail_url": f"{libravatar_service_url}&s=80", 

504 "image_url": f"{libravatar_service_url}&s=512", 

505 "width": 80, 

506 "height": 80, 

507 "service_name": "Libravatar", 

508 } 

509 ) 

510 

511 return context 

512 

513 def post( 

514 self, request, *args, **kwargs 

515 ): # pylint: disable=no-self-use,unused-argument,too-many-branches,line-too-long 

516 """ 

517 Handle post to photo import 

518 """ 

519 

520 imported = None 

521 

522 email_id = kwargs.get("email_id", request.POST.get("email_id", None)) 

523 addr = kwargs.get("email", request.POST.get("email_addr", None)) 

524 

525 if email_id: 

526 email = ConfirmedEmail.objects.filter(id=email_id, user=request.user) 

527 if email.exists(): 

528 addr = email.first().email 

529 else: 

530 messages.error(request, _("Address does not exist")) 

531 return HttpResponseRedirect(reverse_lazy("profile")) 

532 

533 if "photo_Gravatar" in request.POST: 

534 photo = Photo() 

535 photo.user = request.user 

536 photo.ip_address = get_client_ip(request)[0] 

537 if photo.import_image("Gravatar", addr): 

538 messages.success(request, _("Gravatar image successfully imported")) 

539 else: 

540 # Honestly, I'm not sure how to test this... 

541 messages.error( 

542 request, _("Gravatar image import not successful") 

543 ) # pragma: no cover 

544 imported = True 

545 

546 if "photo_Libravatar" in request.POST: 

547 photo = Photo() 

548 photo.user = request.user 

549 photo.ip_address = get_client_ip(request)[0] 

550 if photo.import_image("Libravatar", addr): 

551 messages.success(request, _("Libravatar image successfully imported")) 

552 else: 

553 # Honestly, I'm not sure how to test this... 

554 messages.error( 

555 request, _("Libravatar image import not successful") 

556 ) # pragma: no cover 

557 imported = True 

558 if not imported: 

559 messages.warning(request, _("Nothing importable")) 

560 return HttpResponseRedirect(reverse_lazy("profile")) 

561 

562 

563@method_decorator(login_required, name="dispatch") 

564class RawImageView(DetailView): 

565 """ 

566 View to return (binary) raw image data, for use in <img/>-tags 

567 """ 

568 

569 model = Photo 

570 

571 def get(self, request, *args, **kwargs): 

572 photo = self.model.objects.get(pk=kwargs["pk"]) # pylint: disable=no-member 

573 if photo.user.id != request.user.id and not request.user.is_staff: 

574 return HttpResponseRedirect(reverse_lazy("home")) 

575 return HttpResponse(BytesIO(photo.data), content_type=f"image/{photo.format}") 

576 

577 

578@method_decorator(login_required, name="dispatch") 

579class DeletePhotoView(SuccessMessageMixin, View): 

580 """ 

581 View class for deleting a photo 

582 """ 

583 

584 model = Photo 

585 

586 def get(self, request, *args, **kwargs): # pylint: disable=unused-argument 

587 """ 

588 Handle get - delete photo 

589 """ 

590 try: 

591 photo = self.model.objects.get( # pylint: disable=no-member 

592 pk=kwargs["pk"], user=request.user 

593 ) 

594 photo.delete() 

595 except (self.model.DoesNotExist, ProtectedError): # pylint: disable=no-member 

596 messages.error(request, _("No such image or no permission to delete it")) 

597 return HttpResponseRedirect(reverse_lazy("profile")) 

598 messages.success(request, _("Photo deleted successfully")) 

599 return HttpResponseRedirect(reverse_lazy("profile")) 

600 

601 

602@method_decorator(login_required, name="dispatch") 

603class UploadPhotoView(SuccessMessageMixin, FormView): 

604 """ 

605 View class responsible for photo upload 

606 """ 

607 

608 model = Photo 

609 template_name = "upload_photo.html" 

610 form_class = UploadPhotoForm 

611 success_message = _("Successfully uploaded") 

612 success_url = reverse_lazy("profile") 

613 

614 def post(self, request, *args, **kwargs): 

615 num_photos = request.user.photo_set.count() 

616 if num_photos >= MAX_NUM_PHOTOS: 

617 messages.error( 

618 request, _("Maximum number of photos (%i) reached" % MAX_NUM_PHOTOS) 

619 ) 

620 return HttpResponseRedirect(reverse_lazy("profile")) 

621 return super().post(request, *args, **kwargs) 

622 

623 def form_valid(self, form): 

624 photo_data = self.request.FILES["photo"] 

625 if photo_data.size > MAX_PHOTO_SIZE: 

626 messages.error(self.request, _("Image too big")) 

627 return HttpResponseRedirect(reverse_lazy("profile")) 

628 

629 photo = form.save(self.request, photo_data) 

630 

631 if not photo: 

632 messages.error(self.request, _("Invalid Format")) 

633 return HttpResponseRedirect(reverse_lazy("profile")) 

634 

635 # Override success URL -> Redirect to crop page. 

636 self.success_url = reverse_lazy("crop_photo", args=[photo.pk]) 

637 return super().form_valid(form) 

638 

639 

640@method_decorator(login_required, name="dispatch") 

641class AddOpenIDView(SuccessMessageMixin, FormView): 

642 """ 

643 View class for adding OpenID 

644 """ 

645 

646 template_name = "add_openid.html" 

647 form_class = AddOpenIDForm 

648 success_url = reverse_lazy("profile") 

649 

650 def form_valid(self, form): 

651 if openid_id := form.save(self.request.user): 

652 # At this point we have an unconfirmed OpenID, but 

653 # we do not add the message, that we successfully added it, 

654 # since this is misleading 

655 return HttpResponseRedirect( 

656 reverse_lazy("openid_redirection", args=[openid_id]) 

657 ) 

658 else: 

659 return render(self.request, self.template_name, {"form": form}) 

660 

661 

662@method_decorator(login_required, name="dispatch") 

663class RemoveUnconfirmedOpenIDView(View): 

664 """ 

665 View class for removing a unconfirmed OpenID 

666 """ 

667 

668 model = UnconfirmedOpenId 

669 

670 def post(self, request, *args, **kwargs): # pylint: disable=unused-argument 

671 """ 

672 Handle post - remove unconfirmed openid 

673 """ 

674 try: 

675 openid = self.model.objects.get( # pylint: disable=no-member 

676 user=request.user, id=kwargs["openid_id"] 

677 ) 

678 openid.delete() 

679 messages.success(request, _("ID removed")) 

680 except self.model.DoesNotExist: # pragma: no cover pylint: disable=no-member,line-too-long 

681 messages.error(request, _("ID does not exist")) 

682 return HttpResponseRedirect(reverse_lazy("profile")) 

683 

684 

685@method_decorator(login_required, name="dispatch") 

686class RemoveConfirmedOpenIDView(View): 

687 """ 

688 View class for removing a confirmed OpenID 

689 """ 

690 

691 model = ConfirmedOpenId 

692 

693 def post(self, request, *args, **kwargs): # pylint: disable=unused-argument 

694 """ 

695 Handle post - remove confirmed openid 

696 """ 

697 try: 

698 openid = self.model.objects.get( # pylint: disable=no-member 

699 user=request.user, id=kwargs["openid_id"] 

700 ) 

701 try: 

702 openidobj = ( 

703 UserOpenID.objects.get( # pylint: disable=no-member,line-too-long 

704 user_id=request.user.id, claimed_id=openid.openid 

705 ) 

706 ) 

707 openidobj.delete() 

708 except Exception as exc: # pylint: disable=broad-except 

709 # Why it is not there? 

710 print(f"How did we get here: {exc}") 

711 openid.delete() 

712 messages.success(request, _("ID removed")) 

713 except self.model.DoesNotExist: # pylint: disable=no-member 

714 messages.error(request, _("ID does not exist")) 

715 return HttpResponseRedirect(reverse_lazy("profile")) 

716 

717 

718@method_decorator(login_required, name="dispatch") 

719class RedirectOpenIDView(View): 

720 """ 

721 Redirect view for OpenID 

722 """ 

723 

724 model = UnconfirmedOpenId 

725 

726 def get(self, request, *args, **kwargs): # pylint: disable=unused-argument 

727 """ 

728 Handle get for OpenID redirect view 

729 """ 

730 try: 

731 unconfirmed = self.model.objects.get( # pylint: disable=no-member 

732 user=request.user, id=kwargs["openid_id"] 

733 ) 

734 except self.model.DoesNotExist: # pragma: no cover pylint: disable=no-member,line-too-long 

735 messages.error(request, _("ID does not exist")) 

736 return HttpResponseRedirect(reverse_lazy("profile")) 

737 

738 user_url = unconfirmed.openid 

739 session = {"id": request.session.session_key} 

740 

741 oidutil.log = openid_logging 

742 openid_consumer = consumer.Consumer(session, DjangoOpenIDStore()) 

743 

744 try: 

745 auth_request = openid_consumer.begin(user_url) 

746 except consumer.DiscoveryFailure as exc: 

747 messages.error(request, _(f"OpenID discovery failed: {exc}")) 

748 return HttpResponseRedirect(reverse_lazy("profile")) 

749 except UnicodeDecodeError as exc: # pragma: no cover 

750 msg = _( 

751 "OpenID discovery failed (userid=%(userid)s) for " 

752 "%(userurl)s: %(message)s" 

753 % { 

754 "userid": request.user.id, 

755 "userurl": user_url.encode("utf-8"), 

756 "message": exc, 

757 } 

758 ) 

759 print(f"message: {msg}") 

760 messages.error(request, msg) 

761 

762 if auth_request is None: # pragma: no cover 

763 messages.error(request, _("OpenID discovery failed")) 

764 return HttpResponseRedirect(reverse_lazy("profile")) 

765 

766 realm = request.build_absolute_uri("/")[:-1] # pragma: no cover 

767 return_url = realm + reverse( # pragma: no cover 

768 "confirm_openid", args=[kwargs["openid_id"]] 

769 ) 

770 return HttpResponseRedirect( # pragma: no cover 

771 auth_request.redirectURL(realm, return_url) 

772 ) 

773 

774 

775@method_decorator(login_required, name="dispatch") 

776class ConfirmOpenIDView(View): # pragma: no cover 

777 """ 

778 Confirm OpenID view 

779 """ 

780 

781 model = UnconfirmedOpenId 

782 model_confirmed = ConfirmedOpenId 

783 

784 def do_request(self, data, *args, **kwargs): # pylint: disable=unused-argument 

785 """ 

786 Handle request, called by get() or post() 

787 """ 

788 session = {"id": self.request.session.session_key} 

789 current_url = self.request.build_absolute_uri("/")[:-1] + self.request.path 

790 openid_consumer = consumer.Consumer(session, DjangoOpenIDStore()) 

791 info = openid_consumer.complete(data, current_url) 

792 if info.status == consumer.FAILURE: 

793 messages.error( 

794 self.request, _('Confirmation failed: "') + str(info.message) + '"' 

795 ) 

796 return HttpResponseRedirect(reverse_lazy("profile")) 

797