The Great Services Refactor (#594)

* Hooks registration, discovery and retrieval module

Will discover @hooks.register decorated functions inside
the auth_hooks module in any installed django app.

* Class to register modular service apps

* Register service modules URLs

* Example service module

* Refactor services into modules

Each service type has been split out into its own django app/module. A
hook mechanism is provided to register a subclass of the ServiceHook
class. The modules then overload functions defined in ServiceHook as
required to provide interoperability with alliance auth. Service modules
provide their own urls and views for user registration and account
management and a partial template to display on the services page. Where
possible, new modules should provide their own models for local data
storage.

* Added menu items hooks and template tags

* Added menu item hook for broadcasts

* Added str method to ServicesHook

* Added exception handling to hook iterators

* Refactor mumble migration and table name

Upgrading will require `migrate mumble --fake-initial` to be run first
and then `migrate mumble` to rename the table.

* Refactor teamspeak3 migration and rename table

Upgrading will require `migrate teamspeak3 --fake-initial`

* Added module models and migrations for refactoring AuthServicesInfo

* Migrate AuthServiceInfo fields to service modules models

* Added helper for getting a users main character

* Added new style celery instance

* Changed Discord from AuthServicesInfo to DiscordUser model

* Switch celery tasks to staticmethods

* Changed Discourse from AuthServicesInfo to DiscourseUser model

* Changed IPBoard from AuthServicesInfo to IpboardUser model

* Changed Ips4 from AuthServicesInfo to Ips4User model

Also added disable service task.

This service still needs some love though. Was always missing a
deactivate services hook (before refactoring) for reasons I'm unsure of
so I'm reluctant to add it without knowing why.

* Changed Market from AuthServicesInfo to MarketUser model

* Changed Mumble from AuthServicesInfo to MumbleUser model

Switched user foreign key to one to one relationship.
Removed implicit password change on user exists.
Combined regular and blue user creation.

* Changed Openfire from AuthServicesInfo to OpenfireUser model

* Changed SMF from AuthServicesInfo to SmfUser model

Added disable task

* Changed Phpbb3 from AuthServicesInfo to Phpbb3User model

* Changed XenForo from AuthServicesInfo to XenforoUser model

* Changed Teamspeak3 from AuthServicesInfo to Teamspeak3User model

* Remove obsolete manager functions

* Standardise URL format

This will break some callback URLs
Discord changes from /discord_callback/ to /discord/callback/

* Removed unnecessary imports

* Mirror upstream decorator change

* Setup for unit testing

* Unit tests for discord service

* Added add main character helper

* Added Discourse unit tests

* Added Ipboard unit tests

* Added Ips4 unit tests

* Fix naming of market manager, switch to use class methods

* Remove unused hook functions

* Added market service unit tests

* Added corp ticker to add main character helper

* Added mumble unit tests

* Fix url name and remove namespace

* Fix missing return and add missing URL

* Added openfire unit tests

* Added missing return

* Added phpbb3 unit tests

* Fix SmfManager naming inconsistency and switch to classmethods

* Added smf unit tests

* Remove unused functions, Added missing return

* Added xenforo unit tests

* Added missing return

* Fixed reference to old model

* Fixed error preventing groups from syncing on reset request

* Added teamspeak3 unit tests

* Added nose as test runner and some test settings

* Added package requirements for running tests

* Added unit tests for services signals and tasks

* Remove unused tests file

* Fix teamspeak3 service signals

* Added unit tests for teamspeak3 signals

Changed other unit tests setUp to inert signals

* Fix password gen and hashing python3 compatibility

Fixes #630

Adds unit tests to check the password functions run on both platforms.

* Fix unit test to not rely on checking url params

* Add Travis CI settings file

* Remove default blank values from services models

* Added dynamic user model admin actions for syncing service groups

* Remove unused search fields

* Add hook function for syncing nicknames

* Added discord hook for sync nickname

* Added user admin model menu actions for sync nickname hook

* Remove obsolete code

* Rename celery config app to avoid package name clash

* Added new style celerybeat schedule configuration

periodic_task decorator is depreciated

* Added string representations

* Added admin pages for services user models

* Removed legacy code

* Move link discord button to correct template

* Remove blank default fields from example model

* Disallow empty django setting

* Fix typos

* Added coverage configuration file

* Add coverage and coveralls to travis config

Should probably use nose's built in coverage, but this works for now.

* Replace AuthServicesInfo get_or_create instances with get

Reflects upstream changes to AuthServicesInfo behaviour.

* Update mumble user table name

* Split out mumble authenticator requirements

zeroc-ice seems to cause long build times on travis-ci and isn't
required for the core projects functionality or testing.

services/modules/openfire/admin.py

@@ -0,0 +1,10 @@
+from __future__ import unicode_literals
+from django.contrib import admin
+from .models import OpenfireUser
+
+
+class OpenfireUserAdmin(admin.ModelAdmin):
+        list_display = ('user', 'username')
+        search_fields = ('user__username', 'username')
+
+admin.site.register(OpenfireUser, OpenfireUserAdmin)

services/modules/openfire/apps.py

@@ -0,0 +1,7 @@
+from __future__ import unicode_literals
+
+from django.apps import AppConfig
+
+
+class OpenfireServiceConfig(AppConfig):
+    name = 'openfire'

services/modules/openfire/auth_hooks.py

@@ -0,0 +1,93 @@
+from __future__ import unicode_literals
+
+from django.conf import settings
+from django.template.loader import render_to_string
+
+from services.hooks import ServicesHook, MenuItemHook
+from alliance_auth import hooks
+
+from .urls import urlpatterns
+from .tasks import OpenfireTasks
+
+import logging
+
+logger = logging.getLogger(__name__)
+
+
+class OpenfireService(ServicesHook):
+    def __init__(self):
+        ServicesHook.__init__(self)
+        self.name = 'openfire'
+        self.urlpatterns = urlpatterns
+        self.service_url = settings.JABBER_URL
+
+    @property
+    def title(self):
+        return "Jabber"
+
+    def delete_user(self, user, notify_user=False):
+        logger.debug('Deleting user %s %s account' % (user, self.name))
+        return OpenfireTasks.delete_user(user, notify_user=notify_user)
+
+    def validate_user(self, user):
+        logger.debug('Validating user %s %s account' % (user, self.name))
+        if OpenfireTasks.has_account(user) and not self.service_active_for_user(user):
+            self.delete_user(user, notify_user=True)
+
+    def update_groups(self, user):
+        logger.debug('Updating %s groups for %s' % (self.name, user))
+        if OpenfireTasks.has_account(user):
+            OpenfireTasks.update_groups.delay(user.pk)
+
+    def update_all_groups(self):
+        logger.debug('Update all %s groups called' % self.name)
+        OpenfireTasks.update_all_groups.delay()
+
+    def service_enabled_members(self):
+        return settings.ENABLE_AUTH_JABBER or False  # TODO: Rename this setting
+
+    def service_enabled_blues(self):
+        return settings.ENABLE_BLUE_JABBER or False  # TODO: Rename this setting
+
+    def render_services_ctrl(self, request):
+        """
+        Example for rendering the service control panel row
+        You can override the default template and create a
+        custom one if you wish.
+        :param request:
+        :return:
+        """
+        urls = self.Urls()
+        urls.auth_activate = 'auth_activate_openfire'
+        urls.auth_deactivate = 'auth_deactivate_openfire'
+        urls.auth_set_password = 'auth_set_openfire_password'
+        urls.auth_reset_password = 'auth_reset_openfire_password'
+        return render_to_string(self.service_ctrl_template, {
+            'service_name': self.title,
+            'urls': urls,
+            'service_url': self.service_url,
+            'username': request.user.openfire.username if OpenfireTasks.has_account(request.user) else ''
+        }, request=request)
+
+
+@hooks.register('services_hook')
+def register_service():
+    return OpenfireService()
+
+
+class JabberBroadcast(MenuItemHook):
+    def __init__(self):
+        MenuItemHook.__init__(self,
+                              'Jabber Broadcast',
+                              'fa fa-lock fa-fw fa-bullhorn grayiconecolor',
+                              'auth_jabber_broadcast_view')
+
+    def render(self, request):
+        if request.user.has_perm('auth.jabber_broadcast'):
+            return MenuItemHook.render(self, request)
+        return ''
+
+
+@hooks.register('menu_util_hook')
+def register_menu():
+    return JabberBroadcast()

services/modules/openfire/forms.py

@@ -0,0 +1,9 @@
+from __future__ import unicode_literals
+
+from django import forms
+from django.utils.translation import ugettext_lazy as _
+
+
+class JabberBroadcastForm(forms.Form):
+    group = forms.ChoiceField(label=_('Group'), widget=forms.Select)
+    message = forms.CharField(label=_('Message'), widget=forms.Textarea)

services/modules/openfire/manager.py

@@ -0,0 +1,201 @@
+from __future__ import unicode_literals
+from django.utils import six
+import re
+import random
+import string
+try:
+    from urlparse import urlparse
+except ImportError:
+    # python 3
+    from urllib.parse import urlparse
+
+import sleekxmpp
+from django.conf import settings
+import threading
+from ofrestapi.users import Users as ofUsers
+from ofrestapi import exception
+
+import logging
+
+logger = logging.getLogger(__name__)
+
+
+class OpenfireManager:
+    def __init__(self):
+        pass
+
+    @staticmethod
+    def send_broadcast_threaded(group_name, broadcast_message):
+        logger.debug("Starting broadcast to %s with message %s" % (group_name, broadcast_message))
+        broadcast_thread = XmppThread(1, "XMPP Broadcast Thread", 1, group_name, broadcast_message)
+        broadcast_thread.start()
+
+    @staticmethod
+    def __add_address_to_username(username):
+        address = urlparse(settings.OPENFIRE_ADDRESS).netloc.split(":")[0]
+        completed_username = username + "@" + address
+        return completed_username
+
+    @staticmethod
+    def __santatize_username(username):
+        sanatized = username.replace(" ", "_")
+        return sanatized.lower()
+
+    @staticmethod
+    def __generate_random_pass():
+        return ''.join([random.choice(string.ascii_letters + string.digits) for n in range(16)])
+
+    @staticmethod
+    def _sanitize_groupname(name):
+        name = name.strip(' _')
+        return re.sub('[^\w.-]', '', name)
+
+    @staticmethod
+    def add_user(username):
+        logger.debug("Adding username %s to openfire." % username)
+        try:
+            sanatized_username = OpenfireManager.__santatize_username(username)
+            password = OpenfireManager.__generate_random_pass()
+            api = ofUsers(settings.OPENFIRE_ADDRESS, settings.OPENFIRE_SECRET_KEY)
+            api.add_user(sanatized_username, password)
+            logger.info("Added openfire user %s" % username)
+        except exception.UserAlreadyExistsException:
+            # User exist
+            logger.error("Attempting to add a user %s to openfire which already exists on server." % username)
+            return "", ""
+
+        return sanatized_username, password
+
+    @staticmethod
+    def delete_user(username):
+        logger.debug("Deleting user %s from openfire." % username)
+        try:
+            api = ofUsers(settings.OPENFIRE_ADDRESS, settings.OPENFIRE_SECRET_KEY)
+            api.delete_user(username)
+            logger.info("Deleted user %s from openfire." % username)
+            return True
+        except exception.UserNotFoundException:
+            logger.error("Attempting to delete a user %s from openfire which was not found on server." % username)
+            return False
+
+    @staticmethod
+    def lock_user(username):
+        logger.debug("Locking openfire user %s" % username)
+        api = ofUsers(settings.OPENFIRE_ADDRESS, settings.OPENFIRE_SECRET_KEY)
+        api.lock_user(username)
+        logger.info("Locked openfire user %s" % username)
+
+    @staticmethod
+    def unlock_user(username):
+        logger.debug("Unlocking openfire user %s" % username)
+        api = ofUsers(settings.OPENFIRE_ADDRESS, settings.OPENFIRE_SECRET_KEY)
+        api.unlock_user(username)
+        logger.info("Unlocked openfire user %s" % username)
+
+    @staticmethod
+    def update_user_pass(username, password=None):
+        logger.debug("Updating openfire user %s password." % username)
+        try:
+            if not password:
+                password = OpenfireManager.__generate_random_pass()
+            api = ofUsers(settings.OPENFIRE_ADDRESS, settings.OPENFIRE_SECRET_KEY)
+            api.update_user(username, password=password)
+            logger.info("Updated openfire user %s password." % username)
+            return password
+        except exception.UserNotFoundException:
+            logger.error("Unable to update openfire user %s password - user not found on server." % username)
+            return ""
+
+    @staticmethod
+    def update_user_groups(username, groups):
+        logger.debug("Updating openfire user %s groups %s" % (username, groups))
+        api = ofUsers(settings.OPENFIRE_ADDRESS, settings.OPENFIRE_SECRET_KEY)
+        response = api.get_user_groups(username)
+        remote_groups = []
+        if response:
+            remote_groups = response['groupname']
+            if isinstance(remote_groups, six.string_types):
+                remote_groups = [remote_groups]
+        logger.debug("Openfire user %s has groups %s" % (username, remote_groups))
+        add_groups = []
+        del_groups = []
+        for g in groups:
+            g = OpenfireManager._sanitize_groupname(g)
+            if g not in remote_groups:
+                add_groups.append(g)
+        for g in remote_groups:
+            g = OpenfireManager._sanitize_groupname(g)
+            if g not in groups:
+                del_groups.append(g)
+        logger.info(
+            "Updating openfire groups for user %s - adding %s, removing %s" % (username, add_groups, del_groups))
+        if add_groups:
+            api.add_user_groups(username, add_groups)
+        if del_groups:
+            api.delete_user_groups(username, del_groups)
+
+    @staticmethod
+    def delete_user_groups(username, groups):
+        logger.debug("Deleting openfire groups %s from user %s" % (groups, username))
+        api = ofUsers(settings.OPENFIRE_ADDRESS, settings.OPENFIRE_SECRET_KEY)
+        api.delete_user_groups(username, groups)
+        logger.info("Deleted groups %s from openfire user %s" % (groups, username))
+
+    @staticmethod
+    def send_broadcast_message(group_name, broadcast_message):
+        logger.debug("Sending jabber ping to group %s with message %s" % (group_name, broadcast_message))
+        to_address = group_name + '@' + settings.BROADCAST_SERVICE_NAME + '.' + settings.JABBER_URL
+        xmpp = PingBot(settings.BROADCAST_USER, settings.BROADCAST_USER_PASSWORD, to_address, broadcast_message)
+        xmpp.register_plugin('xep_0030')  # Service Discovery
+        xmpp.register_plugin('xep_0199')  # XMPP Ping
+        if xmpp.connect():
+            xmpp.process(block=True)
+            logger.info("Sent jabber ping to group %s" % group_name)
+        else:
+            raise ValueError("Unable to connect to jabber server.")
+
+
+class PingBot(sleekxmpp.ClientXMPP):
+    """
+    A copy-paste of the example client bot from
+    http://sleekxmpp.com/getting_started/sendlogout.html
+    """
+    def __init__(self, jid, password, recipient, message):
+        sleekxmpp.ClientXMPP.__init__(self, jid, password)
+
+        # The message we wish to send, and the JID that
+        # will receive it.
+        self.recipient = recipient
+        self.msg = message
+
+        # The session_start event will be triggered when
+        # the bot establishes its connection with the server
+        # and the XML streams are ready for use. We want to
+        # listen for this event so that we we can initialize
+        # our roster.
+        self.add_event_handler("session_start", self.start)
+
+    def start(self, event):
+        self.send_presence()
+        self.get_roster()
+
+        self.send_message(mto=self.recipient,
+                          mbody=self.msg,
+                          mtype='chat')
+
+        # Using wait=True ensures that the send queue will be
+        # emptied before ending the session.
+        self.disconnect(wait=True)
+
+
+class XmppThread(threading.Thread):
+    def __init__(self, thread_id, name, counter, group, message, ):
+        threading.Thread.__init__(self)
+        self.threadID = thread_id
+        self.name = name
+        self.counter = counter
+        self.group = group
+        self.message = message
+
+    def run(self):
+        OpenfireManager.send_broadcast_message(self.group, self.message)

services/modules/openfire/migrations/0001_initial.py

@@ -0,0 +1,26 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.10.2 on 2016-12-12 03:27
+from __future__ import unicode_literals
+
+from django.conf import settings
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        ('auth', '0008_alter_user_username_max_length'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='OpenfireUser',
+            fields=[
+                ('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, primary_key=True, related_name='openfire', serialize=False, to=settings.AUTH_USER_MODEL)),
+                ('username', models.CharField(max_length=254)),
+            ],
+        ),
+    ]

services/modules/openfire/models.py

@@ -0,0 +1,15 @@
+from __future__ import unicode_literals
+from django.utils.encoding import python_2_unicode_compatible
+from django.db import models
+
+
+@python_2_unicode_compatible
+class OpenfireUser(models.Model):
+    user = models.OneToOneField('auth.User',
+                                primary_key=True,
+                                on_delete=models.CASCADE,
+                                related_name='openfire')
+    username = models.CharField(max_length=254)
+
+    def __str__(self):
+        return self.username

services/modules/openfire/tasks.py

@@ -0,0 +1,75 @@
+from __future__ import unicode_literals
+
+import logging
+
+from alliance_auth.celeryapp import app
+from django.conf import settings
+from django.core.exceptions import ObjectDoesNotExist
+from django.contrib.auth.models import User
+from notifications import notify
+
+from services.modules.openfire.manager import OpenfireManager
+
+from .models import OpenfireUser
+
+logger = logging.getLogger(__name__)
+
+
+class OpenfireTasks:
+    def __init__(self):
+        pass
+
+    @classmethod
+    def delete_user(cls, user, notify_user=False):
+        if cls.has_account(user):
+            logger.debug("User %s has jabber account %s. Deleting." % (user, user.openfire.username))
+            OpenfireManager.delete_user(user.openfire.username)
+            user.openfire.delete()
+            if notify_user:
+                notify(user, 'Jabber Account Disabled', level='danger')
+            return True
+        return False
+
+    @staticmethod
+    def has_account(user):
+        try:
+            return user.openfire.username != ''
+        except ObjectDoesNotExist:
+            return False
+
+    @staticmethod
+    def disable_jabber():
+        if settings.ENABLE_AUTH_JABBER:
+            logger.warn("ENABLE_AUTH_JABBER still True, after disabling users will still be able to create jabber accounts")
+        if settings.ENABLE_BLUE_JABBER:
+            logger.warn("ENABLE_BLUE_JABBER still True, after disabling blues will still be able to create jabber accounts")
+        logging.debug("Deleting all Openfire users")
+        OpenfireUser.objects.all().delete()
+
+    @staticmethod
+    @app.task(bind=True)
+    def update_groups(self, pk):
+        user = User.objects.get(pk=pk)
+        logger.debug("Updating jabber groups for user %s" % user)
+        if OpenfireTasks.has_account(user):
+            groups = []
+            for group in user.groups.all():
+                groups.append(str(group.name))
+            if len(groups) == 0:
+                groups.append('empty')
+            logger.debug("Updating user %s jabber groups to %s" % (user, groups))
+            try:
+                OpenfireManager.update_user_groups(user.openfire.username, groups)
+            except:
+                logger.exception("Jabber group sync failed for %s, retrying in 10 mins" % user)
+                raise self.retry(countdown=60 * 10)
+            logger.debug("Updated user %s jabber groups." % user)
+        else:
+            logger.debug("User does not have an openfire account")
+
+    @staticmethod
+    @app.task
+    def update_all_groups():
+        logger.debug("Updating ALL jabber groups")
+        for openfire_user in OpenfireUser.objects.exclude(username__exact=''):
+            OpenfireTasks.update_groups.delay(openfire_user.user.pk)

services/modules/openfire/tests.py

@@ -0,0 +1,207 @@
+from __future__ import unicode_literals
+
+try:
+    # Py3
+    from unittest import mock
+except ImportError:
+    # Py2
+    import mock
+
+from django.test import TestCase, RequestFactory
+from django.conf import settings
+from django import urls
+from django.contrib.auth.models import User
+from django.core.exceptions import ObjectDoesNotExist
+
+from alliance_auth.tests.auth_utils import AuthUtils
+
+from .auth_hooks import OpenfireService
+from .models import OpenfireUser
+from .tasks import OpenfireTasks
+
+MODULE_PATH = 'services.modules.openfire'
+
+
+class OpenfireHooksTestCase(TestCase):
+    def setUp(self):
+        self.member = 'member_user'
+        member = AuthUtils.create_member(self.member)
+        OpenfireUser.objects.create(user=member, username=self.member)
+        self.blue = 'blue_user'
+        blue = AuthUtils.create_blue(self.blue)
+        OpenfireUser.objects.create(user=blue, username=self.blue)
+        self.none_user = 'none_user'
+        none_user = AuthUtils.create_user(self.none_user)
+        self.service = OpenfireService
+
+    def test_has_account(self):
+        member = User.objects.get(username=self.member)
+        blue = User.objects.get(username=self.blue)
+        none_user = User.objects.get(username=self.none_user)
+        self.assertTrue(OpenfireTasks.has_account(member))
+        self.assertTrue(OpenfireTasks.has_account(blue))
+        self.assertFalse(OpenfireTasks.has_account(none_user))
+
+    def test_service_enabled(self):
+        service = self.service()
+        member = User.objects.get(username=self.member)
+        blue = User.objects.get(username=self.blue)
+        none_user = User.objects.get(username=self.none_user)
+        self.assertTrue(service.service_enabled_members())
+        self.assertTrue(service.service_enabled_blues())
+
+        self.assertEqual(service.service_active_for_user(member), settings.ENABLE_AUTH_JABBER)
+        self.assertEqual(service.service_active_for_user(blue), settings.ENABLE_BLUE_JABBER)
+        self.assertFalse(service.service_active_for_user(none_user))
+
+    @mock.patch(MODULE_PATH + '.tasks.OpenfireManager')
+    def test_update_all_groups(self, manager):
+        service = self.service()
+        service.update_all_groups()
+        # Check member and blue user have groups updated
+        self.assertTrue(manager.update_user_groups.called)
+        self.assertEqual(manager.update_user_groups.call_count, 2)
+
+    def test_update_groups(self):
+        # Check member has Member group updated
+        with mock.patch(MODULE_PATH + '.tasks.OpenfireManager') as manager:
+            service = self.service()
+            member = User.objects.get(username=self.member)
+            service.update_groups(member)
+            self.assertTrue(manager.update_user_groups.called)
+            args, kwargs = manager.update_user_groups.call_args
+            user_id, groups = args
+            self.assertIn(settings.DEFAULT_AUTH_GROUP, groups)
+            self.assertEqual(user_id, member.openfire.username)
+
+        # Check none user does not have groups updated
+        with mock.patch(MODULE_PATH + '.tasks.OpenfireManager') as manager:
+            service = self.service()
+            none_user = User.objects.get(username=self.none_user)
+            service.update_groups(none_user)
+            self.assertFalse(manager.update_user_groups.called)
+
+    @mock.patch(MODULE_PATH + '.tasks.OpenfireManager')
+    def test_validate_user(self, manager):
+        service = self.service()
+        # Test member is not deleted
+        member = User.objects.get(username=self.member)
+        service.validate_user(member)
+        self.assertTrue(member.openfire)
+
+        # Test none user is deleted
+        none_user = User.objects.get(username=self.none_user)
+        OpenfireUser.objects.create(user=none_user, username='abc123')
+        service.validate_user(none_user)
+        self.assertTrue(manager.delete_user.called)
+        with self.assertRaises(ObjectDoesNotExist):
+            none_openfire = User.objects.get(username=self.none_user).openfire
+
+    @mock.patch(MODULE_PATH + '.tasks.OpenfireManager')
+    def test_delete_user(self, manager):
+        member = User.objects.get(username=self.member)
+
+        service = self.service()
+        result = service.delete_user(member)
+
+        self.assertTrue(result)
+        self.assertTrue(manager.delete_user.called)
+        with self.assertRaises(ObjectDoesNotExist):
+            openfire_user = User.objects.get(username=self.member).openfire
+
+    def test_render_services_ctrl(self):
+        service = self.service()
+        member = User.objects.get(username=self.member)
+        request = RequestFactory().get('/en/services/')
+        request.user = member
+
+        response = service.render_services_ctrl(request)
+        self.assertTemplateUsed(service.service_ctrl_template)
+        self.assertIn(urls.reverse('auth_deactivate_openfire'), response)
+        self.assertIn(urls.reverse('auth_reset_openfire_password'), response)
+        self.assertIn(urls.reverse('auth_set_openfire_password'), response)
+
+        # Test register becomes available
+        member.openfire.delete()
+        member = User.objects.get(username=self.member)
+        request.user = member
+        response = service.render_services_ctrl(request)
+        self.assertIn(urls.reverse('auth_activate_openfire'), response)
+
+
+class OpenfireViewsTestCase(TestCase):
+    def setUp(self):
+        self.member = AuthUtils.create_member('auth_member')
+        self.member.set_password('password')
+        self.member.email = 'auth_member@example.com'
+        self.member.save()
+        AuthUtils.add_main_character(self.member, 'auth_member', '12345', corp_id='111', corp_name='Test Corporation')
+
+    def login(self):
+        self.client.login(username=self.member.username, password='password')
+
+    @mock.patch(MODULE_PATH + '.tasks.OpenfireManager')
+    @mock.patch(MODULE_PATH + '.views.OpenfireManager')
+    def test_activate(self, manager, tasks_manager):
+        self.login()
+        expected_username = 'auth_member'
+        manager.add_user.return_value = (expected_username, 'abc123')
+
+        response = self.client.get(urls.reverse('auth_activate_openfire'))
+
+        self.assertTrue(manager.add_user.called)
+        self.assertTrue(tasks_manager.update_user_groups.called)
+        self.assertEqual(response.status_code, 200)
+        self.assertTemplateUsed('registered/service_credentials.html')
+        self.assertContains(response, expected_username)
+        openfire_user = OpenfireUser.objects.get(user=self.member)
+        self.assertEqual(openfire_user.username, expected_username)
+
+    @mock.patch(MODULE_PATH + '.tasks.OpenfireManager')
+    def test_deactivate(self, manager):
+        self.login()
+        OpenfireUser.objects.create(user=self.member, username='some member')
+
+        response = self.client.get(urls.reverse('auth_deactivate_openfire'))
+
+        self.assertTrue(manager.delete_user.called)
+        self.assertRedirects(response, expected_url=urls.reverse('auth_services'), target_status_code=200)
+        with self.assertRaises(ObjectDoesNotExist):
+            openfire_user = User.objects.get(pk=self.member.pk).openfire
+
+    @mock.patch(MODULE_PATH + '.views.OpenfireManager')
+    def test_set_password(self, manager):
+        self.login()
+        OpenfireUser.objects.create(user=self.member, username='some member')
+
+        response = self.client.post(urls.reverse('auth_set_openfire_password'), data={'password': '1234asdf'})
+
+        self.assertTrue(manager.update_user_pass.called)
+        args, kwargs = manager.update_user_pass.call_args
+        self.assertEqual(kwargs['password'], '1234asdf')
+        self.assertRedirects(response, expected_url=urls.reverse('auth_services'), target_status_code=200)
+
+    @mock.patch(MODULE_PATH + '.views.OpenfireManager')
+    def test_reset_password(self, manager):
+        self.login()
+        OpenfireUser.objects.create(user=self.member, username='some member')
+
+        manager.update_user_pass.return_value = 'hunter2'
+
+        response = self.client.get(urls.reverse('auth_reset_openfire_password'))
+
+        self.assertTemplateUsed(response, 'registered/service_credentials.html')
+        self.assertContains(response, 'some member')
+        self.assertContains(response, 'hunter2')
+
+
+class OpenfireManagerTestCase(TestCase):
+    def setUp(self):
+        from .manager import OpenfireManager
+        self.manager = OpenfireManager
+
+    def test_generate_random_password(self):
+        password = self.manager._OpenfireManager__generate_random_pass()
+
+        self.assertEqual(len(password), 16)
+        self.assertIsInstance(password, type(''))

services/modules/openfire/urls.py

@@ -0,0 +1,28 @@
+from __future__ import unicode_literals
+from django.conf.urls import url, include
+from django.conf.urls.i18n import i18n_patterns
+from django.utils.translation import ugettext_lazy as _
+
+from . import views
+
+module_urls = [
+    # Jabber Service Control
+    url(r'^activate/$', views.activate_jabber, name='auth_activate_openfire'),
+    url(r'^deactivate/$', views.deactivate_jabber, name='auth_deactivate_openfire'),
+    url(r'^reset_password/$', views.reset_jabber_password, name='auth_reset_openfire_password'),
+]
+
+module_i18n_urls = [
+    url(_(r'^set_password/$'), views.set_jabber_password, name='auth_set_openfire_password'),
+]
+
+urlpatterns = [
+    url(r'^openfire/', include(module_urls))
+]
+
+urlpatterns += i18n_patterns(
+    # Jabber Broadcast
+    url(_(r'^services/jabber_broadcast/$'), views.jabber_broadcast_view, name='auth_jabber_broadcast_view'),
+    # Jabber
+    url(r'openfire/', include(module_i18n_urls))
+)

services/modules/openfire/views.py

@@ -0,0 +1,160 @@
+from __future__ import unicode_literals
+
+from django.contrib import messages
+from django.contrib.auth.decorators import login_required, permission_required
+from django.contrib.auth.models import Group
+from django.shortcuts import render, redirect
+
+from authentication.decorators import members_and_blues
+from eveonline.managers import EveManager
+from eveonline.models import EveCharacter
+from services.forms import ServicePasswordForm
+
+from .manager import OpenfireManager
+from .tasks import OpenfireTasks
+from .forms import JabberBroadcastForm
+from .models import OpenfireUser
+
+import datetime
+
+import logging
+
+logger = logging.getLogger(__name__)
+
+
+@login_required
+@members_and_blues()
+def activate_jabber(request):
+    logger.debug("activate_jabber called by user %s" % request.user)
+    character = EveManager.get_main_character(request.user)
+    logger.debug("Adding jabber user for user %s with main character %s" % (request.user, character))
+    info = OpenfireManager.add_user(character.character_name)
+    # If our username is blank means we already had a user
+    if info[0] is not "":
+        OpenfireUser.objects.update_or_create(user=request.user, defaults={'username': info[0]})
+        logger.debug("Updated authserviceinfo for user %s with jabber credentials. Updating groups." % request.user)
+        OpenfireTasks.update_groups.delay(request.user.pk)
+        logger.info("Successfully activated jabber for user %s" % request.user)
+        messages.success(request, 'Activated jabber account.')
+        credentials = {
+            'username': info[0],
+            'password': info[1],
+        }
+        return render(request, 'registered/service_credentials.html',
+                      context={'credentials': credentials, 'service': 'Jabber'})
+    else:
+        logger.error("Unsuccessful attempt to activate jabber for user %s" % request.user)
+        messages.error(request, 'An error occurred while processing your jabber account.')
+    return redirect("auth_services")
+
+
+@login_required
+@members_and_blues()
+def deactivate_jabber(request):
+    logger.debug("deactivate_jabber called by user %s" % request.user)
+    if OpenfireTasks.has_account(request.user) and OpenfireTasks.delete_user(request.user):
+        logger.info("Successfully deactivated jabber for user %s" % request.user)
+        messages.success(request, 'Deactivated jabber account.')
+    else:
+        logger.error("Unsuccessful attempt to deactivate jabber for user %s" % request.user)
+        messages.error(request, 'An error occurred while processing your jabber account.')
+    return redirect("auth_services")
+
+
+@login_required
+@members_and_blues()
+def reset_jabber_password(request):
+    logger.debug("reset_jabber_password called by user %s" % request.user)
+    if OpenfireTasks.has_account(request.user):
+        result = OpenfireManager.update_user_pass(request.user.openfire.username)
+        # If our username is blank means we failed
+        if result != "":
+            logger.info("Successfully reset jabber password for user %s" % request.user)
+            messages.success(request, 'Reset jabber password.')
+            credentials = {
+                'username': request.user.openfire.username,
+                'password': result,
+            }
+            return render(request, 'registered/service_credentials.html',
+                          context={'credentials': credentials, 'service': 'Jabber'})
+    logger.error("Unsuccessful attempt to reset jabber for user %s" % request.user)
+    messages.error(request, 'An error occurred while processing your jabber account.')
+    return redirect("auth_services")
+
+
+@login_required
+@permission_required('auth.jabber_broadcast')
+def jabber_broadcast_view(request):
+    logger.debug("jabber_broadcast_view called by user %s" % request.user)
+    allchoices = []
+    if request.user.has_perm('auth.jabber_broadcast_all'):
+        allchoices.append(('all', 'all'))
+        for g in Group.objects.all():
+            allchoices.append((str(g.name), str(g.name)))
+    else:
+        for g in request.user.groups.all():
+            allchoices.append((str(g.name), str(g.name)))
+    if request.method == 'POST':
+        form = JabberBroadcastForm(request.POST)
+        form.fields['group'].choices = allchoices
+        logger.debug("Received POST request containing form, valid: %s" % form.is_valid())
+        if form.is_valid():
+            main_char = EveManager.get_main_character(request.user)
+            logger.debug("Processing jabber broadcast for user %s with main character %s" % (request.user, main_char))
+            if main_char is not None:
+                message_to_send = form.cleaned_data[
+                                      'message'] + "\n##### SENT BY: " + "[" + main_char.corporation_ticker + "]" + \
+                                  main_char.character_name + " TO: " + \
+                                  form.cleaned_data['group'] + " WHEN: " + datetime.datetime.utcnow().strftime(
+                    "%Y-%m-%d %H:%M:%S") + " #####\n##### Replies are NOT monitored #####\n"
+                group_to_send = form.cleaned_data['group']
+
+                OpenfireManager.send_broadcast_threaded(group_to_send, message_to_send, )
+
+            else:
+                message_to_send = form.cleaned_data[
+                    'message'] + "\n##### SENT BY: " + "No character but can send pings?" + " TO: " + \
+                    form.cleaned_data['group'] + " WHEN: " + datetime.datetime.utcnow().strftime(
+                    "%Y-%m-%d %H:%M:%S") + " #####\n##### Replies are NOT monitored #####\n"
+                group_to_send = form.cleaned_data['group']
+
+                OpenfireManager.send_broadcast_threaded(group_to_send, message_to_send, )
+
+            messages.success(request, 'Sent jabber broadcast to %s' % group_to_send)
+            logger.info("Sent jabber broadcast on behalf of user %s" % request.user)
+    else:
+        form = JabberBroadcastForm()
+        form.fields['group'].choices = allchoices
+        logger.debug("Generated broadcast form for user %s containing %s groups" % (
+            request.user, len(form.fields['group'].choices)))
+
+    context = {'form': form}
+    return render(request, 'registered/jabberbroadcast.html', context=context)
+
+
+@login_required
+@members_and_blues()
+def set_jabber_password(request):
+    logger.debug("set_jabber_password called by user %s" % request.user)
+    if request.method == 'POST':
+        logger.debug("Received POST request with form.")
+        form = ServicePasswordForm(request.POST)
+        logger.debug("Form is valid: %s" % form.is_valid())
+        if form.is_valid() and OpenfireTasks.has_account(request.user):
+            password = form.cleaned_data['password']
+            logger.debug("Form contains password of length %s" % len(password))
+            result = OpenfireManager.update_user_pass(request.user.openfire.username, password=password)
+            if result != "":
+                logger.info("Successfully set jabber password for user %s" % request.user)
+                messages.success(request, 'Set jabber password.')
+            else:
+                logger.error("Failed to install custom jabber password for user %s" % request.user)
+                messages.error(request, 'An error occurred while processing your jabber account.')
+            return redirect("auth_services")
+    else:
+        logger.debug("Request is not type POST - providing empty form.")
+        form = ServicePasswordForm()
+
+    logger.debug("Rendering form for user %s" % request.user)
+    context = {'form': form, 'service': 'Jabber'}
+    return render(request, 'registered/service_password.html', context=context)