Coverage for ivatar/ivataraccount/views.py: 75%

1# -*- coding: utf-8 -*- 

2""" 

3View classes for ivatar/ivataraccount/ 

4""" 

5 

6from io import BytesIO 

7from ivatar.utils import urlopen, Bluesky 

8import base64 

9import binascii 

10import contextlib 

11from xml.sax import saxutils 

12import gzip 

13 

14from PIL import Image 

15 

16from django.db.models import ProtectedError 

17from django.core.exceptions import ObjectDoesNotExist 

18from django.contrib.auth.decorators import login_required 

19from django.contrib.auth.models import User 

20from django.utils.decorators import method_decorator 

21from django.contrib.messages.views import SuccessMessageMixin 

22from django.contrib import messages 

23from django.views.generic.edit import FormView, UpdateView 

24from django.views.generic.base import View, TemplateView 

25from django.views.generic.detail import DetailView 

26from django.contrib.auth import authenticate, login 

27from django.contrib.auth.forms import UserCreationForm, SetPasswordForm 

28from django.contrib.auth.views import LoginView 

29from django.contrib.auth.views import ( 

30 PasswordResetView as PasswordResetViewOriginal, 

31) 

32from django.utils.translation import gettext_lazy as _ 

33from django.http import HttpResponseRedirect, HttpResponse 

34from django.urls import reverse_lazy, reverse 

35from django.shortcuts import render 

36from django_openid_auth.models import UserOpenID 

37 

38from openid import oidutil 

39from openid.consumer import consumer 

40 

41from ipware import get_client_ip 

42 

43from email_validator import validate_email 

44 

45from libravatar import libravatar_url 

46from ivatar.settings import ( 

47 MAX_NUM_PHOTOS, 

48 MAX_PHOTO_SIZE, 

49 JPEG_QUALITY, 

50 AVATAR_MAX_SIZE, 

51 SOCIAL_AUTH_FEDORA_KEY, 

52) 

53from .gravatar import get_photo as get_gravatar_photo 

54 

55from .forms import AddEmailForm, UploadPhotoForm, AddOpenIDForm 

56from .forms import UpdatePreferenceForm, UploadLibravatarExportForm 

57from .forms import DeleteAccountForm 

58from .models import UnconfirmedEmail, ConfirmedEmail, Photo 

59from .models import UnconfirmedOpenId, ConfirmedOpenId, DjangoOpenIDStore 

60from .models import UserPreference 

61from .models import file_format 

62from .read_libravatar_export import read_gzdata as libravatar_read_gzdata 

63 

64 

65def openid_logging(message, level=0): 

66 """ 

67 Helper method for openid logging 

68 """ 

69 # Normal messages are not that important 

70 # No need for coverage here 

71 if level > 0: # pragma: no cover 

72 print(message) 

73 

74 

75class CreateView(SuccessMessageMixin, FormView): 

76 """ 

77 View class for creating a new user 

78 """ 

79 

80 template_name = "new.html" 

81 form_class = UserCreationForm 

82 

83 def form_valid(self, form): 

84 form.save() 

85 user = authenticate( 

86 username=form.cleaned_data["username"], 

87 password=form.cleaned_data["password1"], 

88 ) 

89 if user is not None: 

90 # If the username looks like a mail address, automagically 

91 # add it as unconfirmed mail and set it also as user's 

92 # email address 

93 with contextlib.suppress(Exception): 

94 self._extracted_from_form_valid_(form, user) 

95 login(self.request, user) 

96 pref = UserPreference.objects.create( 

97 user_id=user.pk 

98 ) # pylint: disable=no-member 

99 pref.save() 

100 return HttpResponseRedirect(reverse_lazy("profile")) 

101 return HttpResponseRedirect(reverse_lazy("login")) # pragma: no cover 

102 

103 def _extracted_from_form_valid_(self, form, user): 

104 # This will error out if it's not a valid address 

105 valid = validate_email(form.cleaned_data["username"]) 

106 user.email = valid.email 

107 user.save() 

108 # The following will also error out if it already exists 

109 unconfirmed = UnconfirmedEmail() 

110 unconfirmed.email = valid.email 

111 unconfirmed.user = user 

112 unconfirmed.save() 

113 unconfirmed.send_confirmation_mail( 

114 url=self.request.build_absolute_uri("/")[:-1] 

115 ) 

116 

117 def get(self, request, *args, **kwargs): 

118 """ 

119 Handle get for create view 

120 """ 

121 if request.user and request.user.is_authenticated: 

122 return HttpResponseRedirect(reverse_lazy("profile")) 

123 return super().get(self, request, args, kwargs) 

124 

125 

126@method_decorator(login_required, name="dispatch") 

127class PasswordSetView(SuccessMessageMixin, FormView): 

128 """ 

129 View class for changing the password 

130 """ 

131 

132 template_name = "password_change.html" 

133 form_class = SetPasswordForm 

134 success_message = _("password changed successfully - please login again") 

135 success_url = reverse_lazy("profile") 

136 

137 def get_form_kwargs(self): 

138 kwargs = super(PasswordSetView, self).get_form_kwargs() 

139 kwargs["user"] = self.request.user 

140 return kwargs 

141 

142 def form_valid(self, form): 

143 form.save() 

144 super().form_valid(form) 

145 return HttpResponseRedirect(reverse_lazy("login")) 

146 

147 

148@method_decorator(login_required, name="dispatch") 

149class AddEmailView(SuccessMessageMixin, FormView): 

150 """ 

151 View class for adding email addresses 

152 """ 

153 

154 template_name = "add_email.html" 

155 form_class = AddEmailForm 

156 success_url = reverse_lazy("profile") 

157 

158 def form_valid(self, form): 

159 if not form.save(self.request): 

160 return render(self.request, self.template_name, {"form": form}) 

161 

162 messages.success(self.request, _("Address added successfully")) 

163 return super().form_valid(form) 

164 

165 

166@method_decorator(login_required, name="dispatch") 

167class RemoveUnconfirmedEmailView(SuccessMessageMixin, View): 

168 """ 

169 View class for removing a unconfirmed email address 

170 """ 

171 

172 @staticmethod 

173 def post(request, *args, **kwargs): # pylint: disable=unused-argument 

174 """ 

175 Handle post request - removing unconfirmed email 

176 """ 

177 try: 

178 email = UnconfirmedEmail.objects.get( # pylint: disable=no-member 

179 user=request.user, id=kwargs["email_id"] 

180 ) 

181 email.delete() 

182 messages.success(request, _("Address removed")) 

183 except UnconfirmedEmail.DoesNotExist: # pylint: disable=no-member 

184 messages.error(request, _("Address does not exist")) 

185 return HttpResponseRedirect(reverse_lazy("profile")) 

186 

187 

188class ConfirmEmailView(SuccessMessageMixin, TemplateView): 

189 """ 

190 View class for confirming an unconfirmed email address 

191 """ 

192 

193 template_name = "email_confirmed.html" 

194 

195 def get(self, request, *args, **kwargs): 

196 # be tolerant of extra crap added by mail clients 

197 key = kwargs["verification_key"].replace(" ", "") 

198 

199 if len(key) != 64: 

200 messages.error(request, _("Verification key incorrect")) 

201 return HttpResponseRedirect(reverse_lazy("profile")) 

202 

203 try: 

204 unconfirmed = UnconfirmedEmail.objects.get( 

205 verification_key=key 

206 ) # pylint: disable=no-member 

207 except UnconfirmedEmail.DoesNotExist: # pylint: disable=no-member 

208 messages.error(request, _("Verification key does not exist")) 

209 return HttpResponseRedirect(reverse_lazy("profile")) 

210 

211 if ConfirmedEmail.objects.filter(email=unconfirmed.email).count() > 0: 

212 messages.error( 

213 request, 

214 _("This mail address has been taken already and cannot be confirmed"), 

215 ) 

216 return HttpResponseRedirect(reverse_lazy("profile")) 

217 

218 # TODO: Check for a reasonable expiration time in unconfirmed email 

219 

220 (confirmed_id, external_photos) = ConfirmedEmail.objects.create_confirmed_email( 

221 unconfirmed.user, unconfirmed.email, not request.user.is_anonymous 

222 ) 

223 

224 unconfirmed.delete() 

225 

226 # if there's a single image in this user's profile, 

227 # assign it to the new email 

228 confirmed = ConfirmedEmail.objects.get(id=confirmed_id) 

229 if confirmed.user.photo_set.count() == 1: 

230 confirmed.set_photo(confirmed.user.photo_set.first()) 

231 kwargs["photos"] = external_photos 

232 kwargs["email_id"] = confirmed_id 

233 return super().get(request, *args, **kwargs) 

234 

235 

236@method_decorator(login_required, name="dispatch") 

237class RemoveConfirmedEmailView(SuccessMessageMixin, View): 

238 """ 

239 View class for removing a confirmed email address 

240 """ 

241 

242 @staticmethod 

243 def post(request, *args, **kwargs): # pylint: disable=unused-argument 

244 """ 

245 Handle post request - removing confirmed email 

246 """ 

247 try: 

248 email = ConfirmedEmail.objects.get(user=request.user, id=kwargs["email_id"]) 

249 email.delete() 

250 messages.success(request, _("Address removed")) 

251 except ConfirmedEmail.DoesNotExist: # pylint: disable=no-member 

252 messages.error(request, _("Address does not exist")) 

253 return HttpResponseRedirect(reverse_lazy("profile")) 

254 

255 

256@method_decorator(login_required, name="dispatch") 

257class AssignPhotoEmailView(SuccessMessageMixin, TemplateView): 

258 """ 

259 View class for assigning a photo to an email address 

260 """ 

261 

262 model = Photo 

263 template_name = "assign_photo_email.html" 

264 

265 def post(self, request, *args, **kwargs): # pylint: disable=unused-argument 

266 """ 

267 Handle post request - assign photo to email 

268 """ 

269 photo = None 

270 

271 try: 

272 email = ConfirmedEmail.objects.get(user=request.user, id=kwargs["email_id"]) 

273 except ConfirmedEmail.DoesNotExist: # pylint: disable=no-member 

274 messages.error(request, _("Invalid request")) 

275 return HttpResponseRedirect(reverse_lazy("profile")) 

276 

277 if "photoNone" in request.POST: 

278 email.photo = None 

279 email.bluesky_handle = None 

280 elif "photoBluesky" in request.POST: 

281 # Keep the existing Bluesky handle, clear the photo 

282 email.photo = None 

283 # Don't clear bluesky_handle - keep it as is 

284 else: 

285 if "photo_id" not in request.POST: 

286 messages.error(request, _("Invalid request [photo_id] missing")) 

287 return HttpResponseRedirect(reverse_lazy("profile")) 

288 

289 if request.POST["photo_id"] == "bluesky": 

290 # Handle Bluesky photo selection 

291 email.photo = None 

292 # Don't clear bluesky_handle - keep it as is 

293 else: 

294 try: 

295 photo = self.model.objects.get( # pylint: disable=no-member 

296 id=request.POST["photo_id"], user=request.user 

297 ) 

298 except self.model.DoesNotExist: # pylint: disable=no-member 

299 messages.error(request, _("Photo does not exist")) 

300 return HttpResponseRedirect(reverse_lazy("profile")) 

301 email.photo = photo 

302 email.bluesky_handle = None 

303 email.save() 

304 

305 messages.success(request, _("Successfully changed photo")) 

306 return HttpResponseRedirect(reverse_lazy("profile")) 

307 

308 def get_context_data(self, **kwargs): 

309 data = super().get_context_data(**kwargs) 

310 data["email"] = ConfirmedEmail.objects.get(pk=kwargs["email_id"]) 

311 return data 

312 

313 

314@method_decorator(login_required, name="dispatch") 

315class AssignPhotoOpenIDView(SuccessMessageMixin, TemplateView): 

316 """ 

317 View class for assigning a photo to an openid address 

318 """ 

319 

320 model = Photo 

321 template_name = "assign_photo_openid.html" 

322 

323 def post(self, request, *args, **kwargs): # pylint: disable=unused-argument 

324 """ 

325 Handle post - assign photo to openid 

326 """ 

327 photo = None 

328 

329 try: 

330 openid = ConfirmedOpenId.objects.get( # pylint: disable=no-member 

331 user=request.user, id=kwargs["openid_id"] 

332 ) 

333 except ConfirmedOpenId.DoesNotExist: # pylint: disable=no-member 

334 messages.error(request, _("Invalid request")) 

335 return HttpResponseRedirect(reverse_lazy("profile")) 

336 

337 if "photoNone" in request.POST: 

338 openid.photo = None 

339 else: 

340 if "photo_id" not in request.POST: 

341 messages.error(request, _("Invalid request [photo_id] missing")) 

342 return HttpResponseRedirect(reverse_lazy("profile")) 

343 

344 try: 

345 photo = self.model.objects.get( # pylint: disable=no-member 

346 id=request.POST["photo_id"], user=request.user 

347 ) 

348 except self.model.DoesNotExist: # pylint: disable=no-member 

349 messages.error(request, _("Photo does not exist")) 

350 return HttpResponseRedirect(reverse_lazy("profile")) 

351 openid.photo = photo 

352 openid.bluesky_handle = None 

353 openid.save() 

354 

355 messages.success(request, _("Successfully changed photo")) 

356 return HttpResponseRedirect(reverse_lazy("profile")) 

357 

358 def get_context_data(self, **kwargs): 

359 data = super().get_context_data(**kwargs) 

360 data["openid"] = ConfirmedOpenId.objects.get( 

361 pk=kwargs["openid_id"] 

362 ) # pylint: disable=no-member 

363 return data 

364 

365 

366@method_decorator(login_required, name="dispatch") 

367class AssignBlueskyHandleToEmailView(SuccessMessageMixin, TemplateView): 

368 """ 

369 View class for assigning a Bluesky handle to an email address 

370 """ 

371 

372 def post(self, request, *args, **kwargs): # pylint: disable=unused-argument 

373 """ 

374 Handle post request - assign bluesky handle to email 

375 """ 

376 

377 try: 

378 email = ConfirmedEmail.objects.get(user=request.user, id=kwargs["email_id"]) 

379 except ConfirmedEmail.DoesNotExist: # pylint: disable=no-member 

380 messages.error(request, _("Invalid request")) 

381 return HttpResponseRedirect(reverse_lazy("profile")) 

382 

383 if "bluesky_handle" not in request.POST: 

384 messages.error(request, _("Invalid request [bluesky_handle] missing")) 

385 return HttpResponseRedirect(reverse_lazy("profile")) 

386 bluesky_handle = request.POST["bluesky_handle"] 

387 

388 try: 

389 bs = Bluesky() 

390 

391 bs.get_avatar(bluesky_handle) 

392 except Exception as e: 

393 messages.error(request, _(f"Handle '{bluesky_handle}' not found: {e}")) 

394 return HttpResponseRedirect( 

395 reverse_lazy( 

396 "assign_photo_email", kwargs={"email_id": int(kwargs["email_id"])} 

397 ) 

398 ) 

399 try: 

400 email.set_bluesky_handle(bluesky_handle) 

401 except Exception as e: 

402 messages.error(request, _(f"Error: {e}")) 

403 return HttpResponseRedirect( 

404 reverse_lazy( 

405 "assign_photo_email", kwargs={"email_id": int(kwargs["email_id"])} 

406 ) 

407 ) 

408 email.photo = None 

409 email.save() 

410 

411 messages.success(request, _("Successfully assigned Bluesky handle")) 

412 return HttpResponseRedirect(reverse_lazy("profile")) 

413 

414 def get_context_data(self, **kwargs): 

415 data = super().get_context_data(**kwargs) 

416 data["email"] = ConfirmedEmail.objects.get(pk=kwargs["email_id"]) 

417 return data 

418 

419 

420@method_decorator(login_required, name="dispatch") 

421class AssignBlueskyHandleToOpenIdView(SuccessMessageMixin, TemplateView): 

422 """ 

423 View class for assigning a Bluesky handle to an email address 

424 """ 

425 

426 def post(self, request, *args, **kwargs): # pylint: disable=unused-argument 

427 """ 

428 Handle post request - assign bluesky handle to email 

429 """ 

430 

431 try: 

432 openid = ConfirmedOpenId.objects.get( 

433 user=request.user, id=kwargs["open_id"] 

434 ) 

435 except ConfirmedOpenId.DoesNotExist: # pylint: disable=no-member 

436 messages.error(request, _("Invalid request")) 

437 return HttpResponseRedirect(reverse_lazy("profile")) 

438 

439 if "bluesky_handle" not in request.POST: 

440 messages.error(request, _("Invalid request [bluesky_handle] missing")) 

441 return HttpResponseRedirect(reverse_lazy("profile")) 

442 bluesky_handle = request.POST["bluesky_handle"] 

443 

444 try: 

445 bs = Bluesky() 

446 

447 bs.get_avatar(bluesky_handle) 

448 except Exception as e: 

449 messages.error(request, _(f"Handle '{bluesky_handle}' not found: {e}")) 

450 return HttpResponseRedirect( 

451 reverse_lazy( 

452 "assign_photo_openid", kwargs={"openid_id": int(kwargs["open_id"])} 

453 ) 

454 ) 

455 try: 

456 openid.set_bluesky_handle(bluesky_handle) 

457 except Exception as e: 

458 messages.error(request, _(f"Error: {e}")) 

459 return HttpResponseRedirect( 

460 reverse_lazy( 

461 "assign_photo_openid", kwargs={"openid_id": int(kwargs["open_id"])} 

462 ) 

463 ) 

464 openid.photo = None 

465 openid.save() 

466 

467 messages.success(request, _("Successfully assigned Bluesky handle")) 

468 return HttpResponseRedirect(reverse_lazy("profile")) 

469 

470 def get_context_data(self, **kwargs): 

471 data = super().get_context_data(**kwargs) 

472 data["openid"] = ConfirmedOpenId.objects.get(pk=kwargs["open_id"]) 

473 return data 

474 

475 

476@method_decorator(login_required, name="dispatch") 

477class ImportPhotoView(SuccessMessageMixin, TemplateView): 

478 """ 

479 View class to import a photo from another service 

480 Currently only Gravatar is supported 

481 """ 

482 

483 template_name = "import_photo.html" 

484 

485 def get_context_data(self, **kwargs): 

486 context = super().get_context_data(**kwargs) 

487 context["photos"] = [] 

488 addr = None 

489 if "email_id" in kwargs: 

490 try: 

491 addr = ConfirmedEmail.objects.get(pk=kwargs["email_id"]).email 

492 except ConfirmedEmail.ObjectDoesNotExist: # pylint: disable=no-member 

493 messages.error(self.request, _("Address does not exist")) 

494 return context 

495 

496 if addr := kwargs.get("email_addr", None): 

497 if gravatar := get_gravatar_photo(addr): 

498 context["photos"].append(gravatar) 

499 

500 if libravatar_service_url := libravatar_url( 

501 email=addr, 

502 default=404, 

503 size=AVATAR_MAX_SIZE, 

504 ): 

505 try: 

506 urlopen(libravatar_service_url) 

507 except OSError as exc: 

508 print(f"Exception caught during photo import: {exc}") 

509 else: 

510 context["photos"].append( 

511 { 

512 "service_url": libravatar_service_url, 

513 "thumbnail_url": f"{libravatar_service_url}&s=80", 

514 "image_url": f"{libravatar_service_url}&s=512", 

515 "width": 80, 

516 "height": 80, 

517 "service_name": "Libravatar", 

518 } 

519 ) 

520 

521 return context 

522 

523 def post( 

524 self, request, *args, **kwargs 

525 ): # pylint: disable=no-self-use,unused-argument,too-many-branches,line-too-long 

526 """ 

527 Handle post to photo import 

528 """ 

529 

530 imported = None 

531 

532 email_id = kwargs.get("email_id", request.POST.get("email_id", None)) 

533 addr = kwargs.get("email", request.POST.get("email_addr", None)) 

534 

535 if email_id: 

536 email = ConfirmedEmail.objects.filter(id=email_id, user=request.user) 

537 if email.exists(): 

538 addr = email.first().email 

539 else: 

540 messages.error(request, _("Address does not exist")) 

541 return HttpResponseRedirect(reverse_lazy("profile")) 

542 

543 if "photo_Gravatar" in request.POST: 

544 photo = Photo() 

545 photo.user = request.user 

546 photo.ip_address = get_client_ip(request)[0] 

547 if photo.import_image("Gravatar", addr): 

548 messages.success(request, _("Gravatar image successfully imported")) 

549 else: 

550 # Honestly, I'm not sure how to test this... 

551 messages.error( 

552 request, _("Gravatar image import not successful") 

553 ) # pragma: no cover 

554 imported = True 

555 

556 if "photo_Libravatar" in request.POST: 

557 photo = Photo() 

558 photo.user = request.user 

559 photo.ip_address = get_client_ip(request)[0] 

560 if photo.import_image("Libravatar", addr): 

561 messages.success(request, _("Libravatar image successfully imported")) 

562 else: 

563 # Honestly, I'm not sure how to test this... 

564 messages.error( 

565 request, _("Libravatar image import not successful") 

566 ) # pragma: no cover 

567 imported = True 

568 if not imported: 

569 messages.warning(request, _("Nothing importable")) 

570 return HttpResponseRedirect(reverse_lazy("profile")) 

571 

572 

573@method_decorator(login_required, name="dispatch") 

574class RawImageView(DetailView): 

575 """ 

576 View to return (binary) raw image data, for use in <img/>-tags 

577 """ 

578 

579 model = Photo 

580 

581 def get(self, request, *args, **kwargs): 

582 photo = self.model.objects.get(pk=kwargs["pk"]) # pylint: disable=no-member 

583 if photo.user.id != request.user.id and not request.user.is_staff: 

584 return HttpResponseRedirect(reverse_lazy("home")) 

585 return HttpResponse(BytesIO(photo.data), content_type=f"image/{photo.format}") 

586 

587 

588@method_decorator(login_required, name="dispatch") 

589class DeletePhotoView(SuccessMessageMixin, View): 

590 """ 

591 View class for deleting a photo 

592 """ 

593 

594 model = Photo 

595 

596 def get(self, request, *args, **kwargs): # pylint: disable=unused-argument 

597 """ 

598 Handle get - delete photo 

599 """ 

600 try: 

601 photo = self.model.objects.get( # pylint: disable=no-member 

602 pk=kwargs["pk"], user=request.user 

603 ) 

604 photo.delete() 

605 except (self.model.DoesNotExist, ProtectedError): # pylint: disable=no-member 

606 messages.error(request, _("No such image or no permission to delete it")) 

607 return HttpResponseRedirect(reverse_lazy("profile")) 

608 messages.success(request, _("Photo deleted successfully")) 

609 return HttpResponseRedirect(reverse_lazy("profile")) 

610 

611 

612@method_decorator(login_required, name="dispatch") 

613class UploadPhotoView(SuccessMessageMixin, FormView): 

614 """ 

615 View class responsible for photo upload 

616 """ 

617 

618 model = Photo 

619 template_name = "upload_photo.html" 

620 form_class = UploadPhotoForm 

621 success_message = _("Successfully uploaded") 

622 success_url = reverse_lazy("profile") 

623 

624 def post(self, request, *args, **kwargs): 

625 num_photos = request.user.photo_set.count() 

626 if num_photos >= MAX_NUM_PHOTOS: 

627 messages.error( 

628 request, _("Maximum number of photos (%i) reached" % MAX_NUM_PHOTOS) 

629 ) 

630 return HttpResponseRedirect(reverse_lazy("profile")) 

631 return super().post(request, *args, **kwargs) 

632 

633 def form_valid(self, form): 

634 photo_data = self.request.FILES["photo"] 

635 if photo_data.size > MAX_PHOTO_SIZE: 

636 messages.error(self.request, _("Image too big")) 

637 return HttpResponseRedirect(reverse_lazy("profile")) 

638 

639 photo = form.save(self.request, photo_data) 

640 

641 if not photo: 

642 messages.error(self.request, _("Invalid Format")) 

643 return HttpResponseRedirect(reverse_lazy("profile")) 

644 

645 # Override success URL -> Redirect to crop page. 

646 self.success_url = reverse_lazy("crop_photo", args=[photo.pk]) 

647 return super().form_valid(form) 

648 

649 

650@method_decorator(login_required, name="dispatch") 

651class AddOpenIDView(SuccessMessageMixin, FormView): 

652 """ 

653 View class for adding OpenID 

654 """ 

655 

656 template_name = "add_openid.html" 

657 form_class = AddOpenIDForm 

658 success_url = reverse_lazy("profile") 

659 

660 def form_valid(self, form): 

661 if openid_id := form.save(self.request.user): 

662 # At this point we have an unconfirmed OpenID, but 

663 # we do not add the message, that we successfully added it, 

664 # since this is misleading 

665 return HttpResponseRedirect( 

666 reverse_lazy("openid_redirection", args=[openid_id]) 

667 ) 

668 else: 

669 return render(self.request, self.template_name, {"form": form}) 

670 

671 

672@method_decorator(login_required, name="dispatch") 

673class RemoveUnconfirmedOpenIDView(View): 

674 """ 

675 View class for removing a unconfirmed OpenID 

676 """ 

677 

678 model = UnconfirmedOpenId 

679 

680 def post(self, request, *args, **kwargs): # pylint: disable=unused-argument 

681 """ 

682 Handle post - remove unconfirmed openid 

683 """ 

684 try: 

685 openid = self.model.objects.get( # pylint: disable=no-member 

686 user=request.user, id=kwargs["openid_id"] 

687 ) 

688 openid.delete() 

689 messages.success(request, _("ID removed")) 

690 except self.model.DoesNotExist: # pragma: no cover pylint: disable=no-member,line-too-long 

691 messages.error(request, _("ID does not exist")) 

692 return HttpResponseRedirect(reverse_lazy("profile")) 

693 

694 

695@method_decorator(login_required, name="dispatch") 

696class RemoveConfirmedOpenIDView(View): 

697 """ 

698 View class for removing a confirmed OpenID 

699 """ 

700 

701 model = ConfirmedOpenId 

702 

703 def post(self, request, *args, **kwargs): # pylint: disable=unused-argument 

704 """ 

705 Handle post - remove confirmed openid 

706 """ 

707 try: 

708 openid = self.model.objects.get( # pylint: disable=no-member 

709 user=request.user, id=kwargs["openid_id"] 

710 ) 

711 try: 

712 openidobj = ( 

713 UserOpenID.objects.get( # pylint: disable=no-member,line-too-long 

714 user_id=request.user.id, claimed_id=openid.openid 

715 ) 

716 ) 

717 openidobj.delete() 

718 except Exception as exc: # pylint: disable=broad-except 

719 # Why it is not there? 

720 print(f"How did we get here: {exc}") 

721 openid.delete() 

722 messages.success(request, _("ID removed")) 

723 except self.model.DoesNotExist: # pylint: disable=no-member 

724 messages.error(request, _("ID does not exist")) 

725 return HttpResponseRedirect(reverse_lazy("profile")) 

726 

727 

728@method_decorator(login_required, name="dispatch") 

729class RedirectOpenIDView(View): 

730 """ 

731 Redirect view for OpenID 

732 """ 

733 

734 model = UnconfirmedOpenId 

735 

736 def get(self, request, *args, **kwargs): # pylint: disable=unused-argument 

737 """ 

738 Handle get for OpenID redirect view 

739 """ 

740 try: 

741 unconfirmed = self.model.objects.get( # pylint: disable=no-member 

742 user=request.user, id=kwargs["openid_id"] 

743 ) 

744 except self.model.DoesNotExist: # pragma: no cover pylint: disable=no-member,line-too-long 

745 messages.error(request, _("ID does not exist")) 

746 return HttpResponseRedirect(reverse_lazy("profile")) 

747 

748 user_url = unconfirmed.openid 

749 session = {"id": request.session.session_key} 

750 

751 oidutil.log = openid_logging 

752 openid_consumer = consumer.Consumer(session, DjangoOpenIDStore()) 

753 

754 try: 

755 auth_request = openid_consumer.begin(user_url) 

756 except consumer.DiscoveryFailure as exc: 

757 messages.error(request, _(f"OpenID discovery failed: {exc}")) 

758 return HttpResponseRedirect(reverse_lazy("profile")) 

759 except UnicodeDecodeError as exc: # pragma: no cover 

760 msg = _( 

761 "OpenID discovery failed (userid=%(userid)s) for " 

762 "%(userurl)s: %(message)s" 

763 % { 

764 "userid": request.user.id, 

765 "userurl": user_url.encode("utf-8"), 

766 "message": exc, 

767 } 

768 ) 

769 print(f"message: {msg}") 

770 messages.error(request, msg) 

771 

772 if auth_request is None: # pragma: no cover 

773 messages.error(request, _("OpenID discovery failed")) 

774 return HttpResponseRedirect(reverse_lazy("profile")) 

775 

776 realm = request.build_absolute_uri("/")[:-1] # pragma: no cover 

777 return_url = realm + reverse( # pragma: no cover 

778 "confirm_openid", args=[kwargs["openid_id"]] 

779 ) 

780 return HttpResponseRedirect( # pragma: no cover 

781 auth_request.redirectURL(realm, return_url) 

782 ) 

783 

784 

785@method_decorator(login_required, name="dispatch") 

786class ConfirmOpenIDView(View): # pragma: no cover 

787 """ 

788 Confirm OpenID view 

789 """ 

790 

791 model = UnconfirmedOpenId 

792 model_confirmed = ConfirmedOpenId 

793 

794 def do_request(self, data, *args, **kwargs): # pylint: disable=unused-argument 

795 """ 

796 Handle request, called by get() or post()