Mathis/allianceauth
1
0
Fork 0
mirror of https://gitlab.com/allianceauth/allianceauth.git synced 2025-07-09 12:30:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

The Great Services Refactor (#594)

Browse Source 
* Hooks registration, discovery and retrieval module

Will discover @hooks.register decorated functions inside
the auth_hooks module in any installed django app.

* Class to register modular service apps

* Register service modules URLs

* Example service module

* Refactor services into modules

Each service type has been split out into its own django app/module. A
hook mechanism is provided to register a subclass of the ServiceHook
class. The modules then overload functions defined in ServiceHook as
required to provide interoperability with alliance auth. Service modules
provide their own urls and views for user registration and account
management and a partial template to display on the services page. Where
possible, new modules should provide their own models for local data
storage.

* Added menu items hooks and template tags

* Added menu item hook for broadcasts

* Added str method to ServicesHook

* Added exception handling to hook iterators

* Refactor mumble migration and table name

Upgrading will require `migrate mumble --fake-initial` to be run first
and then `migrate mumble` to rename the table.

* Refactor teamspeak3 migration and rename table

Upgrading will require `migrate teamspeak3 --fake-initial`

* Added module models and migrations for refactoring AuthServicesInfo

* Migrate AuthServiceInfo fields to service modules models

* Added helper for getting a users main character

* Added new style celery instance

* Changed Discord from AuthServicesInfo to DiscordUser model

* Switch celery tasks to staticmethods

* Changed Discourse from AuthServicesInfo to DiscourseUser model

* Changed IPBoard from AuthServicesInfo to IpboardUser model

* Changed Ips4 from AuthServicesInfo to Ips4User model

Also added disable service task.

This service still needs some love though. Was always missing a
deactivate services hook (before refactoring) for reasons I'm unsure of
so I'm reluctant to add it without knowing why.

* Changed Market from AuthServicesInfo to MarketUser model

* Changed Mumble from AuthServicesInfo to MumbleUser model

Switched user foreign key to one to one relationship.
Removed implicit password change on user exists.
Combined regular and blue user creation.

* Changed Openfire from AuthServicesInfo to OpenfireUser model

* Changed SMF from AuthServicesInfo to SmfUser model

Added disable task

* Changed Phpbb3 from AuthServicesInfo to Phpbb3User model

* Changed XenForo from AuthServicesInfo to XenforoUser model

* Changed Teamspeak3 from AuthServicesInfo to Teamspeak3User model

* Remove obsolete manager functions

* Standardise URL format

This will break some callback URLs
Discord changes from /discord_callback/ to /discord/callback/

* Removed unnecessary imports

* Mirror upstream decorator change

* Setup for unit testing

* Unit tests for discord service

* Added add main character helper

* Added Discourse unit tests

* Added Ipboard unit tests

* Added Ips4 unit tests

* Fix naming of market manager, switch to use class methods

* Remove unused hook functions

* Added market service unit tests

* Added corp ticker to add main character helper

* Added mumble unit tests

* Fix url name and remove namespace

* Fix missing return and add missing URL

* Added openfire unit tests

* Added missing return

* Added phpbb3 unit tests

* Fix SmfManager naming inconsistency and switch to classmethods

* Added smf unit tests

* Remove unused functions, Added missing return

* Added xenforo unit tests

* Added missing return

* Fixed reference to old model

* Fixed error preventing groups from syncing on reset request

* Added teamspeak3 unit tests

* Added nose as test runner and some test settings

* Added package requirements for running tests

* Added unit tests for services signals and tasks

* Remove unused tests file

* Fix teamspeak3 service signals

* Added unit tests for teamspeak3 signals

Changed other unit tests setUp to inert signals

* Fix password gen and hashing python3 compatibility

Fixes #630

Adds unit tests to check the password functions run on both platforms.

* Fix unit test to not rely on checking url params

* Add Travis CI settings file

* Remove default blank values from services models

* Added dynamic user model admin actions for syncing service groups

* Remove unused search fields

* Add hook function for syncing nicknames

* Added discord hook for sync nickname

* Added user admin model menu actions for sync nickname hook

* Remove obsolete code

* Rename celery config app to avoid package name clash

* Added new style celerybeat schedule configuration

periodic_task decorator is depreciated

* Added string representations

* Added admin pages for services user models

* Removed legacy code

* Move link discord button to correct template

* Remove blank default fields from example model

* Disallow empty django setting

* Fix typos

* Added coverage configuration file

* Add coverage and coveralls to travis config

Should probably use nose's built in coverage, but this works for now.

* Replace AuthServicesInfo get_or_create instances with get

Reflects upstream changes to AuthServicesInfo behaviour.

* Update mumble user table name

* Split out mumble authenticator requirements

zeroc-ice seems to cause long build times on travis-ci and isn't
required for the core projects functionality or testing.
This commit is contained in:
Basraah 2017-01-25 12:50:16 +10:00 committed by GitHub
parent 5738b015c3
commit 1066e6ac98
195 changed files with 8260 additions and 2699 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
.coveragerc Normal file
View File

@ -0,0 +1,31 @@
[run]
branch = True
source =
alliance_auth
authentication
corputils
eveonline
fleetactivitytracking
fleetup
groupmanagement
hrapplications
notifications
optimer
services
srp
timerboard
omit =
*/migrations/*
*/example/*
[report]
exclude_lines =
if self.debug:
pragma: no cover
raise NotImplementedError
if __name__ == .__main__.:
def __repr__
raise AssertionError
ignore_errors = True

14
.travis.yml Normal file
View File

@ -0,0 +1,14 @@
language: python
python:
- "2.7"
- "3.5"
# command to install dependencies
install:
- pip install requests
- pip install -r requirements.txt
- pip install -r testing-requirements.txt
# command to run tests
script: coverage run runtests.py
cache: pip
after_success:
coveralls

6
alliance_auth/__init__.py
View File

@ -1,4 +1,8 @@
from __future__ import unicode_literals
from __future__ import absolute_import, unicode_literals
# This will make sure the app is always imported when
# Django starts so that shared_task will use this app.
from .celeryapp import app as celery_app # noqa
__version__ = '1.14.2'
NAME = 'Alliance Auth v%s' % __version__

17
alliance_auth/celeryapp.py Normal file
View File

@ -0,0 +1,17 @@
from __future__ import absolute_import, unicode_literals
import os
from celery import Celery
# set the default Django settings module for the 'celery' program.
os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'alliance_auth.settings')
from django.conf import settings # noqa
app = Celery('alliance_auth')
# Using a string here means the worker don't have to serialize
# the configuration object to child processes.
app.config_from_object('django.conf:settings')
# Load task modules from all registered Django app configs.
app.autodiscover_tasks(lambda: settings.INSTALLED_APPS)

127
alliance_auth/hooks.py Normal file
View File

@ -0,0 +1,127 @@
"""
Copyright (c) 2014 Torchbox Ltd and individual contributors.
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. Neither the name of Torchbox nor the names of its contributors may be used
to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Based on https://github.com/torchbox/wagtail/blob/master/wagtail/wagtailcore/hooks.py
"""
from __future__ import unicode_literals
from importlib import import_module
from django.apps import apps
from django.utils.module_loading import module_has_submodule
import logging
logger = logging.getLogger(__name__)
_hooks = {} # Dict of Name: Fn's of registered hooks
_all_hooks_registered = False # If all hooks have been searched for and registered yet
def register(name, fn=None):
"""
Decorator to register a function as a hook
Register hook for ``hook_name``. Can be used as a decorator::
@register('hook_name')
def my_hook(...):
pass
or as a function call::
def my_hook(...):
pass
register('hook_name', my_hook)
:param name: str Name of the hook/callback to register it as
:param fn: function to register in the hook/callback
:return: function Decorator if applied as a decorator
"""
def _hook_add(func):
if name not in _hooks:
logger.debug("Creating new hook %s" % name)
_hooks[name] = []
logger.debug('Registering hook %s for function %s' % (name, fn))
_hooks[name].append(func)
if fn is None:
# Behave like a decorator
def decorator(func):
_hook_add(func)
return func
return decorator
else:
# Behave like a function, just register hook
_hook_add(fn)
def get_app_modules():
"""
Get all the modules of the django app
:return: name, module tuple
"""
for app in apps.get_app_configs():
yield app.name, app.module
def get_app_submodules(module_name):
"""
Get a specific sub module of the app
:param module_name: module name to get
:return: name, module tuple
"""
for name, module in get_app_modules():
if module_has_submodule(module, module_name):
yield name, import_module('{0}.{1}'.format(name, module_name))
def register_all_hooks():
"""
Register all hooks found in 'auth_hooks' sub modules
:return:
"""
global _all_hooks_registered
if not _all_hooks_registered:
logger.debug("Searching for hooks")
hooks = list(get_app_submodules('auth_hooks'))
logger.debug("Got %s hooks" % len(hooks))
_all_hooks_registered = True
def get_hooks(name):
"""
Get all the hook functions for the given hook name
:param name: str name of the hook to get the functions for
:return: list of hook functions
"""
register_all_hooks()
return _hooks.get(name, [])

23
alliance_auth/settings.py.example
View File

@ -15,12 +15,22 @@ import os
import djcelery
from django.contrib import messages
from celery.schedules import crontab
djcelery.setup_loader()
# Celery configuration
BROKER_URL = 'redis://localhost:6379/0'
CELERYBEAT_SCHEDULER = "djcelery.schedulers.DatabaseScheduler"
CELERYBEAT_SCHEDULE = {
"""
Uncomment this if you are using the Teamspeak3 service
'run_ts3_group_update': {
'task': 'services.modules.teamspeak3.tasks.Teamspeak3Tasks.run_ts3_group_update',
'schedule': crontab(minute='*/30'),
},
"""
}
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
@ -64,6 +74,19 @@ INSTALLED_APPS = [
'esi',
'geelweb.django.navhelper',
'bootstrap_pagination',
# Services
'services.modules.mumble',
'services.modules.discord',
'services.modules.discourse',
'services.modules.ipboard',
'services.modules.ips4',
'services.modules.market',
'services.modules.openfire',
'services.modules.smf',
'services.modules.phpbb3',
'services.modules.xenforo',
'services.modules.teamspeak3',
]
MIDDLEWARE = [

0
alliance_auth/tests/__init__.py Normal file
View File

81
alliance_auth/tests/auth_utils.py Normal file
View File

@ -0,0 +1,81 @@
from __future__ import unicode_literals
from django.db.models.signals import m2m_changed, pre_save
from django.contrib.auth.models import User
from services.signals import m2m_changed_user_groups, pre_save_user
from authentication.signals import pre_save_auth_state
from authentication.tasks import make_member, make_blue
from authentication.models import AuthServicesInfo
from authentication.states import MEMBER_STATE, BLUE_STATE, NONE_STATE
from eveonline.models import EveCharacter
class AuthUtils:
def __init__(self):
pass
@staticmethod
def _create_user(username):
return User.objects.create(username=username)
@classmethod
def create_user(cls, username, disconnect_signals=False):
if disconnect_signals:
cls.disconnect_signals()
user = cls._create_user(username)
user.authservicesinfo.state = NONE_STATE
user.authservicesinfo.save()
if disconnect_signals:
cls.connect_signals()
return user
@classmethod
def create_member(cls, username):
cls.disconnect_signals()
user = cls._create_user(username)
user.authservicesinfo.state = MEMBER_STATE
user.authservicesinfo.save()
make_member(user.authservicesinfo)
cls.connect_signals()
return user
@classmethod
def create_blue(cls, username):
cls.disconnect_signals()
user = cls._create_user(username)
user.authservicesinfo.state = BLUE_STATE
user.authservicesinfo.save()
make_blue(user.authservicesinfo)
cls.connect_signals()
return user
@classmethod
def disconnect_signals(cls):
m2m_changed.disconnect(m2m_changed_user_groups, sender=User.groups.through)
pre_save.disconnect(pre_save_user, sender=User)
pre_save.disconnect(pre_save_auth_state, sender=AuthServicesInfo)
@classmethod
def connect_signals(cls):
m2m_changed.connect(m2m_changed_user_groups, sender=User.groups.through)
pre_save.connect(pre_save_user, sender=User)
pre_save.connect(pre_save_auth_state, sender=AuthServicesInfo)
@classmethod
def add_main_character(cls, user, name, character_id, corp_id='', corp_name='', corp_ticker='', alliance_id='',
alliance_name=''):
EveCharacter.objects.create(
character_id=character_id,
character_name=name,
corporation_id=corp_id,
corporation_name=corp_name,
corporation_ticker=corp_ticker,
alliance_id=alliance_id,
alliance_name=alliance_name,
api_id='1234',
user=user
)
AuthServicesInfo.objects.update_or_create(user=user, defaults={'main_char_id': character_id})

604
alliance_auth/tests/test_settings.py Normal file
View File

@ -0,0 +1,604 @@
"""
Alliance Auth Test Suite Django settings.
"""
import os
import djcelery
from django.contrib import messages
import alliance_auth
djcelery.setup_loader()
# Use nose to run all tests
TEST_RUNNER = 'django_nose.NoseTestSuiteRunner'
NOSE_ARGS = [
#'--with-coverage',
#'--cover-package=',
]
# Celery configuration
CELERY_ALWAYS_EAGER = True # Forces celery to run locally for testing
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(alliance_auth.__file__)))
SECRET_KEY = 'testing only'
DEBUG = True
# Application definition
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'django.contrib.humanize',
'djcelery',
'bootstrapform',
'authentication',
'services',
'eveonline',
'groupmanagement',
'hrapplications',
'timerboard',
'srp',
'optimer',
'corputils',
'fleetactivitytracking',
'notifications',
'esi',
'geelweb.django.navhelper',
'bootstrap_pagination',
'services.modules.mumble',
'services.modules.discord',
'services.modules.discourse',
'services.modules.ipboard',
'services.modules.ips4',
'services.modules.market',
'services.modules.openfire',
'services.modules.smf',
'services.modules.phpbb3',
'services.modules.xenforo',
'services.modules.teamspeak3',
'django_nose',
]
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'django.middleware.locale.LocaleMiddleware',
]
ROOT_URLCONF = 'alliance_auth.urls'
LOCALE_PATHS = (
os.path.join(BASE_DIR, 'locale/'),
)
ugettext = lambda s: s
LANGUAGES = (
('en', ugettext('English')),
('de', ugettext('German')),
)
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': [
os.path.join(BASE_DIR, 'customization/templates'),
os.path.join(BASE_DIR, 'stock/templates'),
],
'APP_DIRS': True,
'OPTIONS': {
'context_processors': [
'django.template.context_processors.debug',
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
'django.template.context_processors.i18n',
'django.template.context_processors.media',
'django.template.context_processors.static',
'django.template.context_processors.tz',
'services.context_processors.auth_settings',
'notifications.context_processors.user_notification_count',
'authentication.context_processors.states',
'authentication.context_processors.membership_state',
'groupmanagement.context_processors.can_manage_groups',
],
},
},
]
# Database
# https://docs.djangoproject.com/en/1.10/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': 'alliance_auth',
'USER': os.environ.get('AA_DB_DEFAULT_USER', None),
'PASSWORD': os.environ.get('AA_DB_DEFAULT_PASSWORD', None),
'HOST': os.environ.get('AA_DB_DEFAULT_HOST', None)
},
}
LOGIN_URL = 'auth_login_user'
SUPERUSER_STATE_BYPASS = 'True' == os.environ.get('AA_SUPERUSER_STATE_BYPASS', 'True')
# Internationalization
# https://docs.djangoproject.com/en/1.10/topics/i18n/
LANGUAGE_CODE = os.environ.get('AA_LANGUAGE_CODE', 'en-us')
TIME_ZONE = os.environ.get('AA_TIME_ZONE', 'UTC')
USE_I18N = True
USE_L10N = True
USE_TZ = True
# Static files (CSS, JavaScript, Images)
STATIC_URL = '/static/'
STATIC_ROOT = os.path.join(BASE_DIR, "static")
STATICFILES_DIRS = (
os.path.join(BASE_DIR, "customization/static"),
os.path.join(BASE_DIR, "stock/static"),
)
# Bootstrap messaging css workaround
MESSAGE_TAGS = {
messages.ERROR: 'danger'
}
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.dummy.DummyCache',
}
}
#####################################################
##
## Auth configuration starts here
##
#####################################################
###########################
# ALLIANCE / CORP TOGGLE
###########################
# Specifies to run membership checks against corp or alliance
# Set to FALSE for alliance
# Set to TRUE for corp
###########################
IS_CORP = 'True' == os.environ.get('AA_IS_CORP', 'True')
#################
# EMAIL SETTINGS
#################
# DOMAIN - The alliance auth domain_url
# EMAIL_HOST - SMTP Server URL
# EMAIL_PORT - SMTP Server PORT
# EMAIL_HOST_USER - Email Username (for gmail, the entire address)
# EMAIL_HOST_PASSWORD - Email Password
# EMAIL_USE_TLS - Set to use TLS encryption
#################
DOMAIN = os.environ.get('AA_DOMAIN', 'https://example.com')
EMAIL_HOST = os.environ.get('AA_EMAIL_HOST', 'smtp.example.com')
EMAIL_PORT = int(os.environ.get('AA_EMAIL_PORT', '587'))
EMAIL_HOST_USER = os.environ.get('AA_EMAIL_HOST_USER', '')
EMAIL_HOST_PASSWORD = os.environ.get('AA_EMAIL_HOST_PASSWORD', '')
EMAIL_USE_TLS = 'True' == os.environ.get('AA_EMAIL_USE_TLS', 'True')
####################
# Front Page Links
####################
# KILLBOARD_URL - URL for your killboard. Blank to hide link
# MEDIA_URL - URL for your media page (youtube etc). Blank to hide link
# FORUM_URL - URL for your forums. Blank to hide link
# SITE_NAME - Name of the auth site.
####################
KILLBOARD_URL = os.environ.get('AA_KILLBOARD_URL', '')
EXTERNAL_MEDIA_URL = os.environ.get('AA_EXTERNAL_MEDIA_URL', '')
FORUM_URL = os.environ.get('AA_FORUM_URL', '')
SITE_NAME = os.environ.get('AA_SITE_NAME', 'Test Alliance Auth')
###################
# SSO Settings
###################
# Optional SSO.
# Get client ID and client secret from registering an app at
# https://developers.eveonline.com/
# Callback URL should be http://mydomain.com/sso/callback
# Leave callback blank to hide SSO button on login page
###################
ESI_SSO_CLIENT_ID = os.environ.get('AA_ESI_SSO_CLIENT_ID', '')
ESI_SSO_CLIENT_SECRET = os.environ.get('AA_ESI_SSO_CLIENT_SECRET', '')
ESI_SSO_CALLBACK_URL = os.environ.get('AA_ESI_SSO_CALLBACK_URL', '')
#########################
# Default Group Settings
#########################
# DEFAULT_AUTH_GROUP - Default group members are put in
# DEFAULT_BLUE_GROUP - Default group for blue members
# MEMBER_CORP_GROUPS - Assign members to a group representing their main corp
# BLUE_CORP_GROUPS - Assign blues to a group representing their main corp
#########################
DEFAULT_AUTH_GROUP = os.environ.get('AA_DEFAULT_ALLIANCE_GROUP', 'Member')
DEFAULT_BLUE_GROUP = os.environ.get('AA_DEFAULT_BLUE_GROUP', 'Blue')
MEMBER_CORP_GROUPS = 'True' == os.environ.get('AA_MEMBER_CORP_GROUPS', 'True')
MEMBER_ALLIANCE_GROUPS = 'True' == os.environ.get('AA_MEMBER_ALLIANCE_GROUPS', 'False')
BLUE_CORP_GROUPS = 'True' == os.environ.get('AA_BLUE_CORP_GROUPS', 'False')
BLUE_ALLIANCE_GROUPS = 'True' == os.environ.get('AA_BLUE_ALLIANCE_GROUPS', 'False')
#########################
# Alliance Service Setup
#########################
# ENABLE_AUTH_FORUM - Enable forum support in the auth for auth'd members
# ENABLE_AUTH_JABBER - Enable jabber support in the auth for auth'd members
# ENABLE_AUTH_MUMBLE - Enable mumble support in the auth for auth'd members
# ENABLE_AUTH_IPBOARD - Enable IPBoard forum support in the auth for auth'd members
# ENABLE_AUTH_DISCORD - Enable Discord support in the auth for auth'd members
# ENABLE_AUTH_DISCOURSE - Enable Discourse support in the auth for auth'd members
# ENABLE_AUTH_IPS4 - Enable IPS4 support in the auth for auth'd members
# ENABLE_AUTH_SMF - Enable SMF forum support in the auth for auth'd members
# ENABLE_AUTH_MARKET = Enable Alliance Market support in auth for auth'd members
# ENABLE_AUTH_PATHFINDER = Enable Alliance Pathfinder suppor in auth for auth'd members
# ENABLE_AUTH_XENFORO = Enable XenForo forums support in the auth for auth'd members
#########################
ENABLE_AUTH_FORUM = 'True' == os.environ.get('AA_ENABLE_AUTH_FORUM', 'True')
ENABLE_AUTH_JABBER = 'True' == os.environ.get('AA_ENABLE_AUTH_JABBER', 'True')
ENABLE_AUTH_MUMBLE = 'True' == os.environ.get('AA_ENABLE_AUTH_MUMBLE', 'True')
ENABLE_AUTH_IPBOARD = 'True' == os.environ.get('AA_ENABLE_AUTH_IPBOARD', 'True')
ENABLE_AUTH_TEAMSPEAK3 = 'True' == os.environ.get('AA_ENABLE_AUTH_TEAMSPEAK3', 'True')
ENABLE_AUTH_DISCORD = 'True' == os.environ.get('AA_ENABLE_AUTH_DISCORD', 'True')
ENABLE_AUTH_DISCOURSE = 'True' == os.environ.get('AA_ENABLE_AUTH_DISCOURSE', 'True')
ENABLE_AUTH_IPS4 = 'True' == os.environ.get('AA_ENABLE_AUTH_IPS4', 'True')
ENABLE_AUTH_SMF = 'True' == os.environ.get('AA_ENABLE_AUTH_SMF', 'True')
ENABLE_AUTH_MARKET = 'True' == os.environ.get('AA_ENABLE_AUTH_MARKET', 'True')
ENABLE_AUTH_XENFORO = 'True' == os.environ.get('AA_ENABLE_AUTH_XENFORO', 'True')
#####################
# Blue service Setup
#####################
# BLUE_STANDING - The default lowest standings setting to consider blue
# ENABLE_BLUE_FORUM - Enable forum support in the auth for blues
# ENABLE_BLUE_JABBER - Enable jabber support in the auth for blues
# ENABLE_BLUE_MUMBLE - Enable mumble support in the auth for blues
# ENABLE_BLUE_IPBOARD - Enable IPBoard forum support in the auth for blues
# ENABLE_BLUE_DISCORD - Enable Discord support in the auth for blues
# ENABLE_BLUE_DISCOURSE - Enable Discord support in the auth for blues
# ENABLE_BLUE_IPS4 - Enable IPS4 forum support in the auth for blues
# ENABLE_BLUE_SMF - Enable SMF forum support in the auth for blues
# ENABLE_BLUE_MARKET - Enable Alliance Market in the auth for blues
# ENABLE_BLUE_PATHFINDER = Enable Pathfinder support in the auth for blues
# ENABLE_BLUE_XENFORO = Enable XenForo forum support in the auth for blue
#####################
BLUE_STANDING = float(os.environ.get('AA_BLUE_STANDING', '5.0'))
ENABLE_BLUE_FORUM = 'True' == os.environ.get('AA_ENABLE_BLUE_FORUM', 'True')
ENABLE_BLUE_JABBER = 'True' == os.environ.get('AA_ENABLE_BLUE_JABBER', 'True')
ENABLE_BLUE_MUMBLE = 'True' == os.environ.get('AA_ENABLE_BLUE_MUMBLE', 'True')
ENABLE_BLUE_IPBOARD = 'True' == os.environ.get('AA_ENABLE_BLUE_IPBOARD', 'True')
ENABLE_BLUE_TEAMSPEAK3 = 'True' == os.environ.get('AA_ENABLE_BLUE_TEAMSPEAK3', 'True')
ENABLE_BLUE_DISCORD = 'True' == os.environ.get('AA_ENABLE_BLUE_DISCORD', 'True')
ENABLE_BLUE_DISCOURSE = 'True' == os.environ.get('AA_ENABLE_BLUE_DISCOURSE', 'True')
ENABLE_BLUE_IPS4 = 'True' == os.environ.get('AA_ENABLE_BLUE_IPS4', 'True')
ENABLE_BLUE_SMF = 'True' == os.environ.get('AA_ENABLE_BLUE_SMF', 'True')
ENABLE_BLUE_MARKET = 'True' == os.environ.get('AA_ENABLE_BLUE_MARKET', 'True')
ENABLE_BLUE_XENFORO = 'True' == os.environ.get('AA_ENABLE_BLUE_XENFORO', 'True')
#########################
# Corp Configuration
#########################
# If running in alliance mode, the following should be for the executor corp#
# CORP_ID - Set this to your corp ID (get this from https://zkillboard.com/corporation/#######)
# CORP_NAME - Set this to your Corporation Name
# CORP_API_ID - Set this to the api id for the corp API key
# CORP_API_VCODE - Set this to the api vcode for the corp API key
########################
CORP_ID = os.environ.get('AA_CORP_ID', '1234')
CORP_NAME = os.environ.get('AA_CORP_NAME', 'Alliance Auth Test Corp')
CORP_API_ID = os.environ.get('AA_CORP_API_ID', '')
CORP_API_VCODE = os.environ.get('AA_CORP_API_VCODE', '')
#########################
# Alliance Configuration
#########################
# ALLIANCE_ID - Set this to your Alliance ID (get this from https://zkillboard.com/alliance/#######)
# ALLIANCE_NAME - Set this to your Alliance Name
########################
ALLIANCE_ID = os.environ.get('AA_ALLIANCE_ID', '12345')
ALLIANCE_NAME = os.environ.get('AA_ALLIANCE_NAME', 'Alliance Auth Test Alliance')
########################
# API Configuration
########################
# MEMBER_API_MASK - Numeric value of minimum API mask required for members
# MEMBER_API_ACCOUNT - Require API to be for Account and not character restricted
# BLUE_API_MASK - Numeric value of minimum API mask required for blues
# BLUE_API_ACCOUNT - Require API to be for Account and not character restricted
# REJECT_OLD_APIS - Require each submitted API be newer than the latest submitted API
# REJECT_OLD_APIS_MARGIN - Margin from latest submitted API ID within which a newly submitted API is still accepted
# API_SSO_VALIDATION - Require users to prove ownership of newly entered API keys via SSO
# Requires SSO to be configured.
#######################
MEMBER_API_MASK = os.environ.get('AA_MEMBER_API_MASK', 268435455)
MEMBER_API_ACCOUNT = 'True' == os.environ.get('AA_MEMBER_API_ACCOUNT', 'True')
BLUE_API_MASK = os.environ.get('AA_BLUE_API_MASK', 8388608)
BLUE_API_ACCOUNT = 'True' == os.environ.get('AA_BLUE_API_ACCOUNT', 'True')
REJECT_OLD_APIS = 'True' == os.environ.get('AA_REJECT_OLD_APIS', 'False')
REJECT_OLD_APIS_MARGIN = os.environ.get('AA_REJECT_OLD_APIS_MARGIN', 50)
API_SSO_VALIDATION = 'True' == os.environ.get('AA_API_SSO_VALIDATION', 'False')
#######################
# EVE Provider Settings
#######################
# EVEONLINE_CHARACTER_PROVIDER - Name of default data source for getting eve character data
# EVEONLINE_CORP_PROVIDER - Name of default data source for getting eve corporation data
# EVEONLINE_ALLIANCE_PROVIDER - Name of default data source for getting eve alliance data
# EVEONLINE_ITEMTYPE_PROVIDER - Name of default data source for getting eve item type data
#
# Available sources are 'esi' and 'xml'. Leaving blank results in the default 'esi' being used.
#######################
EVEONLINE_CHARACTER_PROVIDER = os.environ.get('AA_EVEONLINE_CHARACTER_PROVIDER', 'xml')
EVEONLINE_CORP_PROVIDER = os.environ.get('AA_EVEONLINE_CORP_PROVIDER', 'xml')
EVEONLINE_ALLIANCE_PROVIDER = os.environ.get('AA_EVEONLINE_ALLIANCE_PROVIDER', 'xml')
EVEONLINE_ITEMTYPE_PROVIDER = os.environ.get('AA_EVEONLINE_ITEMTYPE_PROVIDER', 'xml')
#####################
# Alliance Market
#####################
MARKET_URL = os.environ.get('AA_MARKET_URL', 'http://yourdomain.com/market')
#####################
# HR Configuration
#####################
# JACK_KNIFE_URL - Url for the audit page of API Jack knife
# Should seriously replace with your own.
#####################
JACK_KNIFE_URL = os.environ.get('AA_JACK_KNIFE_URL', 'http://example.com/eveapi/audit.php')
#####################
# Forum Configuration
#####################
# IPBOARD_ENDPOINT - Api endpoint if using ipboard
# IPBOARD_APIKEY - Api key to interact with ipboard
# IPBOARD_APIMODULE - Module for alliance auth *leave alone*
#####################
IPBOARD_ENDPOINT = os.environ.get('AA_IPBOARD_ENDPOINT', 'example.com/interface/board/index.php')
IPBOARD_APIKEY = os.environ.get('AA_IPBOARD_APIKEY', 'somekeyhere')
IPBOARD_APIMODULE = 'aa'
########################
# XenForo Configuration
########################
XENFORO_ENDPOINT = os.environ.get('AA_XENFORO_ENDPOINT', 'example.com/api.php')
XENFORO_DEFAULT_GROUP = os.environ.get('AA_XENFORO_DEFAULT_GROUP', 0)
XENFORO_APIKEY = os.environ.get('AA_XENFORO_APIKEY', 'yourapikey')
#####################
######################
# Jabber Configuration
######################
# JABBER_URL - Jabber address url
# JABBER_PORT - Jabber service portal
# JABBER_SERVER - Jabber server url
# OPENFIRE_ADDRESS - Address of the openfire admin console including port
# Please use http with 9090 or https with 9091
# OPENFIRE_SECRET_KEY - Openfire REST API secret key
# BROADCAST_USER - Broadcast user JID
# BROADCAST_USER_PASSWORD - Broadcast user password
######################
JABBER_URL = os.environ.get('AA_JABBER_URL', "example.com")
JABBER_PORT = int(os.environ.get('AA_JABBER_PORT', '5223'))
JABBER_SERVER = os.environ.get('AA_JABBER_SERVER', "example.com")
OPENFIRE_ADDRESS = os.environ.get('AA_OPENFIRE_ADDRESS', "http://example.com:9090")
OPENFIRE_SECRET_KEY = os.environ.get('AA_OPENFIRE_SECRET_KEY', "somekey")
BROADCAST_USER = os.environ.get('AA_BROADCAST_USER', "broadcast@") + JABBER_URL
BROADCAST_USER_PASSWORD = os.environ.get('AA_BROADCAST_USER_PASSWORD', "somepassword")
BROADCAST_SERVICE_NAME = os.environ.get('AA_BROADCAST_SERVICE_NAME', "broadcast")
######################################
# Mumble Configuration
######################################
# MUMBLE_URL - Mumble server url
# MUMBLE_SERVER_ID - Mumble server id
######################################
MUMBLE_URL = os.environ.get('AA_MUMBLE_URL', "example.com")
MUMBLE_SERVER_ID = int(os.environ.get('AA_MUMBLE_SERVER_ID', '1'))
######################################
# PHPBB3 Configuration
######################################
######################################
# Teamspeak3 Configuration
######################################
# TEAMSPEAK3_SERVER_IP - Teamspeak3 server ip
# TEAMSPEAK3_SERVER_PORT - Teamspeak3 server port
# TEAMSPEAK3_SERVERQUERY_USER - Teamspeak3 serverquery username
# TEAMSPEAK3_SERVERQUERY_PASSWORD - Teamspeak3 serverquery password
# TEAMSPEAK3_VIRTUAL_SERVER - Virtual server id
# TEAMSPEAK3_AUTHED_GROUP_ID - Default authed group id
# TEAMSPEAK3_PUBLIC_URL - teamspeak3 public url used for link creation
######################################
TEAMSPEAK3_SERVER_IP = os.environ.get('AA_TEAMSPEAK3_SERVER_IP', '127.0.0.1')
TEAMSPEAK3_SERVER_PORT = int(os.environ.get('AA_TEAMSPEAK3_SERVER_PORT', '10011'))
TEAMSPEAK3_SERVERQUERY_USER = os.environ.get('AA_TEAMSPEAK3_SERVERQUERY_USER', 'serveradmin')
TEAMSPEAK3_SERVERQUERY_PASSWORD = os.environ.get('AA_TEAMSPEAK3_SERVERQUERY_PASSWORD', 'passwordhere')
TEAMSPEAK3_VIRTUAL_SERVER = int(os.environ.get('AA_TEAMSPEAK3_VIRTUAL_SERVER', '1'))
TEAMSPEAK3_PUBLIC_URL = os.environ.get('AA_TEAMSPEAK3_PUBLIC_URL', 'example.com')
######################################
# Discord Configuration
######################################
# DISCORD_GUILD_ID - ID of the guild to manage
# DISCORD_BOT_TOKEN - oauth token of the app bot user
# DISCORD_INVITE_CODE - invite code to the server
# DISCORD_APP_ID - oauth app client ID
# DISCORD_APP_SECRET - oauth app secret
# DISCORD_CALLBACK_URL - oauth callback url
# DISCORD_SYNC_NAMES - enable to force discord nicknames to be set to eve char name (bot needs Manage Nicknames permission)
######################################
DISCORD_GUILD_ID = os.environ.get('AA_DISCORD_GUILD_ID', '')
DISCORD_BOT_TOKEN = os.environ.get('AA_DISCORD_BOT_TOKEN', '')
DISCORD_INVITE_CODE = os.environ.get('AA_DISCORD_INVITE_CODE', '')
DISCORD_APP_ID = os.environ.get('AA_DISCORD_APP_ID', '')
DISCORD_APP_SECRET = os.environ.get('AA_DISCORD_APP_SECRET', '')
DISCORD_CALLBACK_URL = os.environ.get('AA_DISCORD_CALLBACK_URL', 'http://example.com/discord_callback')
DISCORD_SYNC_NAMES = 'True' == os.environ.get('AA_DISCORD_SYNC_NAMES', 'False')
######################################
# Discourse Configuration
######################################
# DISCOURSE_URL - Web address of the forums (no trailing slash)
# DISCOURSE_API_USERNAME - API account username
# DISCOURSE_API_KEY - API Key
# DISCOURSE_SSO_SECRET - SSO secret key
######################################
DISCOURSE_URL = os.environ.get('AA_DISCOURSE_URL', 'https://example.com')
DISCOURSE_API_USERNAME = os.environ.get('AA_DISCOURSE_API_USERNAME', '')
DISCOURSE_API_KEY = os.environ.get('AA_DISCOURSE_API_KEY', '')
DISCOURSE_SSO_SECRET = 'd836444a9e4084d5b224a60c208dce14'
# Example secret from https://meta.discourse.org/t/official-single-sign-on-for-discourse/13045
#####################################
# IPS4 Configuration
#####################################
# IPS4_URL - base url of the IPS4 install (no trailing slash)
# IPS4_API_KEY - API key provided by IPS4
#####################################
IPS4_URL = os.environ.get('AA_IPS4_URL', 'http://example.com/ips4')
IPS4_API_KEY = os.environ.get('AA_IPS4_API_KEY', '')
######################################
# SMF Configuration
######################################
SMF_URL = os.environ.get('AA_SMF_URL', '')
######################################
# Fleet-Up Configuration
######################################
# FLEETUP_APP_KEY - The app key from http://fleet-up.com/Api/MyApps
# FLEETUP_USER_ID - The user id from http://fleet-up.com/Api/MyKeys
# FLEETUP_API_ID - The API id from http://fleet-up.com/Api/MyKeys
# FLEETUP_GROUP_ID - The id of the group you want to pull data from, see http://fleet-up.com/Api/Endpoints#groups_mygroupmemberships
######################################
FLEETUP_APP_KEY = os.environ.get('AA_FLEETUP_APP_KEY', '')
FLEETUP_USER_ID = os.environ.get('AA_FLEETUP_USER_ID', '')
FLEETUP_API_ID = os.environ.get('AA_FLEETUP_API_ID', '')
FLEETUP_GROUP_ID = os.environ.get('AA_FLEETUP_GROUP_ID', '')
PASSWORD_HASHERS = [
'django.contrib.auth.hashers.MD5PasswordHasher',
]
LOGGING = {
'version': 1,
'disable_existing_loggers': False,
'formatters': {
'verbose': {
'format' : "[%(asctime)s] %(levelname)s [%(name)s:%(lineno)s] %(message)s",
'datefmt' : "%d/%b/%Y %H:%M:%S"
},
'simple': {
'format': '%(levelname)s %(message)s'
},
},
'handlers': {
'console': {
'level': 'DEBUG', # edit this line to change logging level to console
'class': 'logging.StreamHandler',
'formatter': 'verbose',
},
'notifications': { # creates notifications for users with logging_notifications permission
'level': 'ERROR', # edit this line to change logging level to notifications
'class': 'notifications.handlers.NotificationHandler',
'formatter': 'verbose',
},
},
'loggers': {
'authentication': {
'handlers': ['console', 'notifications'],
'level': 'DEBUG',
},
'celerytask': {
'handlers': ['console', 'notifications'],
'level': 'DEBUG',
},
'eveonline': {
'handlers': ['console', 'notifications'],
'level': 'DEBUG',
},
'groupmanagement': {
'handlers': ['console', 'notifications'],
'level': 'DEBUG',
},
'hrapplications': {
'handlers': ['console', 'notifications'],
'level': 'DEBUG',
},
'portal': {
'handlers': ['console', 'notifications'],
'level': 'DEBUG',
},
'registration': {
'handlers': ['console', 'notifications'],
'level': 'DEBUG',
},
'services': {
'handlers': ['console', 'notifications'],
'level': 'DEBUG',
},
'srp': {
'handlers': ['console', 'notifications'],
'level': 'DEBUG',
},
'timerboard': {
'handlers': ['console', 'notifications'],
'level': 'DEBUG',
},
'sigtracker': {
'handlers': ['console', 'notifications'],
'level': 'DEBUG',
},
'optimer': {
'handlers': ['console', 'notifications'],
'level': 'DEBUG',
},
'corputils': {
'handlers': ['console', 'notifications'],
'level': 'DEBUG',
},
'fleetactivitytracking': {
'handlers': ['console', 'notifications'],
'level': 'ERROR',
},
'util': {
'handlers': ['console', 'notifications'],
'level': 'DEBUG',
},
'django': {
'handlers': ['console', 'notifications'],
'level': 'ERROR',
},
}
}
LOGGING = None # Comment out to enable logging for debugging

95
alliance_auth/urls.py
View File

@ -21,6 +21,8 @@ from alliance_auth import NAME
admin.site.site_header = NAME
from alliance_auth.hooks import get_hooks
# Functional/Untranslated URL's
urlpatterns = [
# Locale
@ -47,85 +49,6 @@ urlpatterns = [
name='auth_main_character_change'),
url(r'^api_verify_owner/(\w+)/$', eveonline.views.api_sso_validate, name='auth_api_sso'),
# Forum Service Control
url(r'^activate_forum/$', services.views.activate_forum, name='auth_activate_forum'),
url(r'^deactivate_forum/$', services.views.deactivate_forum, name='auth_deactivate_forum'),
url(r'^reset_forum_password/$', services.views.reset_forum_password,
name='auth_reset_forum_password'),
url(r'^set_forum_password/$', services.views.set_forum_password, name='auth_set_forum_password'),
# Jabber Service Control
url(r'^activate_jabber/$', services.views.activate_jabber, name='auth_activate_jabber'),
url(r'^deactivate_jabber/$', services.views.deactivate_jabber, name='auth_deactivate_jabber'),
url(r'^reset_jabber_password/$', services.views.reset_jabber_password,
name='auth_reset_jabber_password'),
# Mumble service control
url(r'^activate_mumble/$', services.views.activate_mumble, name='auth_activate_mumble'),
url(r'^deactivate_mumble/$', services.views.deactivate_mumble, name='auth_deactivate_mumble'),
url(r'^reset_mumble_password/$', services.views.reset_mumble_password,
name='auth_reset_mumble_password'),
url(r'^set_mumble_password/$', services.views.set_mumble_password, name='auth_set_mumble_password'),
# Ipboard service control
url(r'^activate_ipboard/$', services.views.activate_ipboard_forum,
name='auth_activate_ipboard'),
url(r'^deactivate_ipboard/$', services.views.deactivate_ipboard_forum,
name='auth_deactivate_ipboard'),
url(r'^reset_ipboard_password/$', services.views.reset_ipboard_password,
name='auth_reset_ipboard_password'),
url(r'^set_ipboard_password/$', services.views.set_ipboard_password, name='auth_set_ipboard_password'),
# XenForo service control
url(r'^activate_xenforo/$', services.views.activate_xenforo_forum,
name='auth_activate_xenforo'),
url(r'^deactivate_xenforo/$', services.views.deactivate_xenforo_forum,
name='auth_deactivate_xenforo'),
url(r'^reset_xenforo_password/$', services.views.reset_xenforo_password,
name='auth_reset_xenforo_password'),
url(r'^set_xenforo_password/$', services.views.set_xenforo_password, name='auth_set_xenforo_password'),
# Teamspeak3 service control
url(r'^activate_teamspeak3/$', services.views.activate_teamspeak3,
name='auth_activate_teamspeak3'),
url(r'^deactivate_teamspeak3/$', services.views.deactivate_teamspeak3,
name='auth_deactivate_teamspeak3'),
url(r'reset_teamspeak3_perm/$', services.views.reset_teamspeak3_perm,
name='auth_reset_teamspeak3_perm'),
# Discord Service Control
url(r'^activate_discord/$', services.views.activate_discord, name='auth_activate_discord'),
url(r'^deactivate_discord/$', services.views.deactivate_discord, name='auth_deactivate_discord'),
url(r'^reset_discord/$', services.views.reset_discord, name='auth_reset_discord'),
url(r'^discord_callback/$', services.views.discord_callback, name='auth_discord_callback'),
url(r'^discord_add_bot/$', services.views.discord_add_bot, name='auth_discord_add_bot'),
# Discourse Service Control
url(r'^discourse_sso$', services.views.discourse_sso, name='auth_discourse_sso'),
# IPS4 Service Control
url(r'^activate_ips4/$', services.views.activate_ips4,
name='auth_activate_ips4'),
url(r'^deactivate_ips4/$', services.views.deactivate_ips4,
name='auth_deactivate_ips4'),
url(r'^reset_ips4_password/$', services.views.reset_ips4_password,
name='auth_reset_ips4_password'),
url(r'^set_ips4_password/$', services.views.set_ips4_password, name='auth_set_ips4_password'),
# SMF Service Control
url(r'^activate_smf/$', services.views.activate_smf, name='auth_activate_smf'),
url(r'^deactivate_smf/$', services.views.deactivate_smf, name='auth_deactivate_smf'),
url(r'^reset_smf_password/$', services.views.reset_smf_password,
name='auth_reset_smf_password'),
url(r'^set_smf_password/$', services.views.set_smf_password, name='auth_set_smf_password'),
# Alliance Market Control
url(r'^activate_market/$', services.views.activate_market, name='auth_activate_market'),
url(r'^deactivate_market/$', services.views.deactivate_market, name='auth_deactivate_market'),
url(r'^reset_market_password/$', services.views.reset_market_password,
name='auth_reset_market_password'),
url(r'^set_market_password/$', services.views.set_market_password, name='auth_set_market_password'),
# SRP URLS
url(r'^srp_fleet_remove/(\w+)$', srp.views.srp_fleet_remove, name='auth_srp_fleet_remove'),
url(r'^srp_fleet_disable/(\w+)$', srp.views.srp_fleet_disable, name='auth_srp_fleet_disable'),
@ -241,11 +164,6 @@ urlpatterns += i18n_patterns(
# Service Urls
url(_(r'^services/$'), services.views.services_view, name='auth_services'),
url(_(r'^services/jabber_broadcast/$'), services.views.jabber_broadcast_view,
name='auth_jabber_broadcast_view'),
# Teamspeak Urls
url(r'verify_teamspeak3/$', services.views.verify_teamspeak3, name='auth_verify_teamspeak3'),
# Timer URLS
url(_(r'^timers/$'), timerboard.views.timer_view, name='auth_timer_view'),
@ -271,9 +189,6 @@ urlpatterns += i18n_patterns(
url(_(r'^notifications/$'), notifications.views.notification_list, name='auth_notification_list'),
url(_(r'^notifications/(\w+)/$'), notifications.views.notification_view, name='auth_notification_view'),
# Jabber
url(_(r'^set_jabber_password/$'), services.views.set_jabber_password, name='auth_set_jabber_password'),
# FleetActivityTracking (FAT)
url(r'^fat/$', fleetactivitytracking.views.fatlink_view, name='auth_fatlink_view'),
url(r'^fat/statistics/$', fleetactivitytracking.views.fatlink_statistics_view, name='auth_fatlink_view_statistics'),
@ -297,3 +212,9 @@ urlpatterns += i18n_patterns(
url(r'^fat/link/(?P<hash>[a-zA-Z0-9]+)/(?P<fatname>[a-z0-9_-]+)/$',
fleetactivitytracking.views.click_fatlink_view),
)
# Append hooked service urls
services = get_hooks('services_hook')
for svc in services:
urlpatterns += svc().urlpatterns

188
authentication/admin.py
View File

@ -1,22 +1,19 @@
from __future__ import unicode_literals
from django.contrib import admin
from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
from django.contrib.auth.models import User
from django.utils.text import slugify
from authentication.models import AuthServicesInfo
from eveonline.models import EveCharacter
from services.tasks import update_jabber_groups
from services.tasks import update_mumble_groups
from services.tasks import update_forum_groups
from services.tasks import update_ipboard_groups
from services.tasks import update_smf_groups
from services.tasks import update_teamspeak3_groups
from services.tasks import update_discord_groups
from services.tasks import update_discord_nickname
from services.tasks import update_discourse_groups
from alliance_auth.hooks import get_hooks
from services.hooks import ServicesHook
@admin.register(AuthServicesInfo)
class AuthServicesInfoManager(admin.ModelAdmin):
@staticmethod
def main_character(obj):
if obj.main_char_id:
@ -34,120 +31,69 @@ class AuthServicesInfoManager(admin.ModelAdmin):
def has_add_permission(request, obj=None):
return False
def sync_jabber(self, request, queryset):
count = 0
for a in queryset: # queryset filtering doesn't work here?
if a.jabber_username != "":
update_jabber_groups.delay(a.user.pk)
count += 1
self.message_user(request, "%s jabber accounts queued for group sync." % count)
sync_jabber.short_description = "Sync groups for selected jabber accounts"
def sync_mumble(self, request, queryset):
count = 0
for a in queryset:
if a.mumble_username != "":
update_mumble_groups.delay(a.user.pk)
count += 1
self.message_user(request, "%s mumble accounts queued for group sync." % count)
sync_mumble.short_description = "Sync groups for selected mumble accounts"
def sync_forum(self, request, queryset):
count = 0
for a in queryset:
if a.forum_username != "":
update_forum_groups.delay(a.user.pk)
count += 1
self.message_user(request, "%s forum accounts queued for group sync." % count)
sync_forum.short_description = "Sync groups for selected forum accounts"
def sync_ipboard(self, request, queryset):
count = 0
for a in queryset:
if a.ipboard_username != "":
update_ipboard_groups.delay(a.user.pk)
count += 1
self.message_user(request, "%s ipboard accounts queued for group sync." % count)
sync_ipboard.short_description = "Sync groups for selected ipboard accounts"
def sync_smf(self, request, queryset):
count = 0
for a in queryset:
if a.smf_username != "":
update_smf_groups.delay(a.user.pk)
count += 1
self.message_user(request, "%s smf accounts queued for group sync." % count)
sync_smf.short_description = "Sync groups for selected smf accounts"
def sync_teamspeak(self, request, queryset):
count = 0
for a in queryset:
if a.teamspeak3_uid != "":
update_teamspeak3_groups.delay(a.user.pk)
count += 1
self.message_user(request, "%s teamspeak accounts queued for group sync." % count)
sync_teamspeak.short_description = "Sync groups for selected teamspeak accounts"
def sync_discord(self, request, queryset):
count = 0
for a in queryset:
if a.discord_uid != "":
update_discord_groups.delay(a.user.pk)
count += 1
self.message_user(request, "%s discord accounts queued for group sync." % count)
sync_discord.short_description = "Sync groups for selected discord accounts"
def sync_discourse(self, request, queryset):
count = 0
for a in queryset:
if a.discourse_enabled:
update_discourse_groups.delay(a.user.pk)
count += 1
self.message_user(request, "%s discourse accounts queued for group sync." % count)
sync_discourse.short_description = "Sync groups for selected discourse accounts"
def sync_nicknames(self, request, queryset):
count = 0
for a in queryset:
if a.discord_uid != "":
update_discord_nickname(a.user.pk)
count += 1
self.message_user(request, "%s discord accounts queued for nickname sync." % count)
sync_nicknames.short_description = "Sync nicknames for selected discord accounts"
actions = [
'sync_jabber',
'sync_mumble',
'sync_forum',
'sync_ipboard',
'sync_smf',
'sync_teamspeak',
'sync_discord',
'sync_discourse',
'sync_nicknames',
]
search_fields = [
'user__username',
'ipboard_username',
'xenforo_username',
'forum_username',
'jabber_username',
'mumble_username',
'teamspeak3_uid',
'discord_uid',
'ips4_username',
'smf_username',
'market_username',
'main_char_id',
]
list_display = ('user', 'main_character')
def make_service_hooks_update_groups_action(service):
"""
Make a admin action for the given service
:param service: services.hooks.ServicesHook
:return: fn to update services groups for the selected users
"""
def update_service_groups(modeladmin, request, queryset):
for user in queryset: # queryset filtering doesn't work here?
service.update_groups(user)
update_service_groups.__name__ = str('update_{}_groups'.format(slugify(service.name)))
update_service_groups.short_description = "Sync groups for selected {} accounts".format(service.title)
return update_service_groups
def make_service_hooks_sync_nickname_action(service):
"""
Make a sync_nickname admin action for the given service
:param service: services.hooks.ServicesHook
:return: fn to sync nickname for the selected users
"""
def sync_nickname(modeladmin, request, queryset):
for user in queryset: # queryset filtering doesn't work here?
service.sync_nickname(user)
sync_nickname.__name__ = str('sync_{}_nickname'.format(slugify(service.name)))
sync_nickname.short_description = "Sync nicknames for selected {} accounts".format(service.title)
return sync_nickname
class UserAdmin(BaseUserAdmin):
"""
Extending Django's UserAdmin model
"""
def get_actions(self, request):
actions = super(BaseUserAdmin, self).get_actions(request)
for hook in get_hooks('services_hook'):
svc = hook()
# Check update_groups is redefined/overloaded
if svc.update_groups.__module__ != ServicesHook.update_groups.__module__:
action = make_service_hooks_update_groups_action(svc)
actions[action.__name__] = (action,
action.__name__,
action.short_description)
# Create sync nickname action if service implements it
if svc.sync_nickname.__module__ != ServicesHook.sync_nickname.__module__:
action = make_service_hooks_sync_nickname_action(svc)
actions[action.__name__] = (action,
action.__name__,
action.short_description)
return actions
# Re-register UserAdmin
try:
admin.site.unregister(User)
finally:
admin.site.register(User, UserAdmin)

112
authentication/managers.py
View File

@ -24,73 +24,6 @@ class AuthServicesInfoManager:
else:
logger.error("Failed to update user %s main character id to %s: user does not exist." % (user, char_id))
@staticmethod
def update_user_forum_info(username, user):
if User.objects.filter(username=user.username).exists():
logger.debug("Updating user %s forum info: username %s" % (user, username))
authserviceinfo = AuthServicesInfo.objects.get(user=user)
authserviceinfo.forum_username = username
authserviceinfo.save(update_fields=['forum_username'])
logger.info("Updated user %s forum info in authservicesinfo model." % user)
else:
logger.error("Failed to update user %s forum info: user does not exist." % user)
@staticmethod
def update_user_jabber_info(username, user):
if User.objects.filter(username=user.username).exists():
logger.debug("Updating user %s jabber info: username %s" % (user, username))
authserviceinfo = AuthServicesInfo.objects.get(user=user)
authserviceinfo.jabber_username = username
authserviceinfo.save(update_fields=['jabber_username'])
logger.info("Updated user %s jabber info in authservicesinfo model." % user)
else:
logger.error("Failed to update user %s jabber info: user does not exist." % user)
@staticmethod
def update_user_mumble_info(username, user):
if User.objects.filter(username=user.username).exists():
logger.debug("Updating user %s mumble info: username %s" % (user, username))
authserviceinfo = AuthServicesInfo.objects.get(user=user)
authserviceinfo.mumble_username = username
authserviceinfo.save(update_fields=['mumble_username'])
logger.info("Updated user %s mumble info in authservicesinfo model." % user)
else:
logger.error("Failed to update user %s mumble info: user does not exist." % user)
@staticmethod
def update_user_ipboard_info(username, user):
if User.objects.filter(username=user.username).exists():
logger.debug("Updating user %s ipboard info: uername %s" % (user, username))
authserviceinfo = AuthServicesInfo.objects.get(user=user)
authserviceinfo.ipboard_username = username
authserviceinfo.save(update_fields=['ipboard_username'])
logger.info("Updated user %s ipboard info in authservicesinfo model." % user)
else:
logger.error("Failed to update user %s ipboard info: user does not exist." % user)
@staticmethod
def update_user_xenforo_info(username, user):
if User.objects.filter(username=user.username).exists():
logger.debug("Updating user %s xenforo info: uername %s" % (user, username))
authserviceinfo = AuthServicesInfo.objects.get(user=user)
authserviceinfo.xenforo_username = username
authserviceinfo.save(update_fields=['xenforo_username'])
logger.info("Updated user %s xenforo info in authservicesinfo model." % user)
else:
logger.error("Failed to update user %s xenforo info: user does not exist." % user)
@staticmethod
def update_user_teamspeak3_info(uid, perm_key, user):
if User.objects.filter(username=user.username).exists():
logger.debug("Updating user %s teamspeak3 info: uid %s" % (user, uid))
authserviceinfo = AuthServicesInfo.objects.get(user=user)
authserviceinfo.teamspeak3_uid = uid
authserviceinfo.teamspeak3_perm_key = perm_key
authserviceinfo.save(update_fields=['teamspeak3_uid', 'teamspeak3_perm_key'])
logger.info("Updated user %s teamspeak3 info in authservicesinfo model." % user)
else:
logger.error("Failed to update user %s teamspeak3 info: user does not exist." % user)
@staticmethod
def update_is_blue(is_blue, user):
if User.objects.filter(username=user.username).exists():
@ -100,51 +33,6 @@ class AuthServicesInfoManager:
authserviceinfo.save(update_fields=['is_blue'])
logger.info("Updated user %s blue status to %s in authservicesinfo model." % (user, is_blue))
@staticmethod
def update_user_discord_info(user_id, user):
if User.objects.filter(username=user.username).exists():
logger.debug("Updating user %s discord info: user_id %s" % (user, user_id))
authserviceinfo = AuthServicesInfo.objects.get(user=user)
authserviceinfo.discord_uid = user_id
authserviceinfo.save(update_fields=['discord_uid'])
logger.info("Updated user %s discord info in authservicesinfo model." % user)
else:
logger.error("Failed to update user %s discord info: user does not exist." % user)
@staticmethod
def update_user_ips4_info(username, id, user):
if User.objects.filter(username=user.username).exists():
logger.debug("Updating user %s IPS4 info: username %s" % (user, username))
authserviceinfo = AuthServicesInfo.objects.get(user=user)
authserviceinfo.ips4_username = username
authserviceinfo.ips4_id = id
authserviceinfo.save(update_fields=['ips4_username', 'ips4_id'])
logger.info("Updated user %s IPS4 info in authservicesinfo model." % user)
else:
logger.error("Failed to update user %s IPS4 info: user does not exist." % user)
@staticmethod
def update_user_smf_info(username, user):
if User.objects.filter(username=user.username).exists():
logger.debug("Updating user %s forum info: username %s" % (user, username))
authserviceinfo = AuthServicesInfo.objects.get(user=user)
authserviceinfo.smf_username = username
authserviceinfo.save(update_fields=['smf_username'])
logger.info("Updated user %s smf info in authservicesinfo model." % user)
else:
logger.error("Failed to update user %s smf info: user does not exist." % user)
@staticmethod
def update_user_market_info(username, user):
if User.objects.filter(username=user.username).exists():
logger.debug("Updating user %s market info: username %s" % (user, username))
authserviceinfo = AuthServicesInfo.objects.get(user=user)
authserviceinfo.market_username = username
authserviceinfo.save(update_fields=['market_username'])
logger.info("Updated user %s market info in authservicesinfo model." % user)
else:
logger.error("Failed to update user %s market info: user does not exist." % user)
class UserState:
def __init__(self):

275
authentication/migrations/0013_service_modules.py Normal file
View File

@ -0,0 +1,275 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.10.2 on 2016-12-11 23:14
from __future__ import unicode_literals
from django.db import migrations
from django.conf import settings
from django.core.exceptions import ObjectDoesNotExist
import logging
logger = logging.getLogger(__name__)
def optional_dependencies():
"""
Only require these migrations if the given app
is installed. If the app isn't installed then
the relevant AuthServicesInfo field will be LOST
when the data migration is run.
"""
installed_apps = settings.INSTALLED_APPS
dependencies = []
if 'services.modules.xenforo' in installed_apps:
dependencies.append(('xenforo', '0001_initial'))
if 'services.modules.discord' in installed_apps:
dependencies.append(('discord', '0001_initial'))
if 'services.modules.discourse' in installed_apps:
dependencies.append(('discourse', '0001_initial'))
if 'services.modules.ipboard' in installed_apps:
dependencies.append(('ipboard', '0001_initial'))
if 'services.modules.ips4' in installed_apps:
dependencies.append(('ips4', '0001_initial'))
if 'services.modules.market' in installed_apps:
dependencies.append(('market', '0001_initial'))
if 'services.modules.openfire' in installed_apps:
dependencies.append(('openfire', '0001_initial'))
if 'services.modules.smf' in installed_apps:
dependencies.append(('smf', '0001_initial'))
if 'services.modules.teamspeak3' in installed_apps:
dependencies.append(('teamspeak3', '0003_teamspeak3user'))
if 'services.modules.mumble' in installed_apps:
dependencies.append(('mumble', '0003_mumbleuser_user'))
if 'services.modules.phpbb3' in installed_apps:
dependencies.append(('phpbb3', '0001_initial'))
return dependencies
def forward(apps, schema_editor):
installed_apps = settings.INSTALLED_APPS
AuthServicesInfo = apps.get_model("authentication", "AuthServicesInfo")
XenforoUser = apps.get_model('xenforo', 'XenforoUser') if 'services.modules.xenforo' in installed_apps else None
DiscordUser = apps.get_model('discord', 'DiscordUser') if 'services.modules.discord' in installed_apps else None
DiscourseUser = apps.get_model('discourse', 'DiscourseUser') if 'services.modules.discourse' in installed_apps else None
IpboardUser = apps.get_model('ipboard', 'IpboardUser') if 'services.modules.ipboard' in installed_apps else None
Ips4User = apps.get_model('ips4', 'Ips4User') if 'services.modules.ips4' in installed_apps else None
MarketUser = apps.get_model('market', 'MarketUser') if 'services.modules.market' in installed_apps else None
OpenfireUser = apps.get_model('openfire', 'OpenfireUser') if 'services.modules.openfire' in installed_apps else None
SmfUser = apps.get_model('smf', 'SmfUser') if 'services.modules.smf' in installed_apps else None
Teamspeak3User = apps.get_model('teamspeak3', 'Teamspeak3User') if 'services.modules.teamspeak3' in installed_apps else None
MumbleUser = apps.get_model('mumble', 'MumbleUser') if 'services.modules.mumble' in installed_apps else None
Phpbb3User = apps.get_model('phpbb3', 'Phpbb3User') if 'services.modules.phpbb3' in installed_apps else None
for authinfo in AuthServicesInfo.objects.all():
user = authinfo.user
if XenforoUser is not None and authinfo.xenforo_username:
logging.debug('Updating Xenforo info for %s' % user.username)
xfu = XenforoUser()
xfu.user = user
xfu.username = authinfo.xenforo_username
xfu.save()
if DiscordUser is not None and authinfo.discord_uid:
logging.debug('Updating Discord info for %s' % user.username)
du = DiscordUser()
du.user = user
du.uid = authinfo.discord_uid
du.save()
if DiscourseUser is not None and authinfo.discourse_enabled:
logging.debug('Updating Discourse info for %s' % user.username)
du = DiscourseUser()
du.user = user
du.enabled = authinfo.discourse_enabled
du.save()
if IpboardUser is not None and authinfo.ipboard_username:
logging.debug('Updating IPBoard info for %s' % user.username)
ipb = IpboardUser()
ipb.user = user
ipb.username = authinfo.ipboard_username
ipb.save()
if Ips4User is not None and authinfo.ips4_id:
logging.debug('Updating Ips4 info for %s' % user.username)
ips = Ips4User()
ips.user = user
ips.id = authinfo.ips4_id
ips.username = authinfo.ips4_username
ips.save()
if MarketUser is not None and authinfo.market_username:
logging.debug('Updating Market info for %s' % user.username)
mkt = MarketUser()
mkt.user = user
mkt.username = authinfo.market_username
mkt.save()
if OpenfireUser is not None and authinfo.jabber_username:
logging.debug('Updating Openfire (jabber) info for %s' % user.username)
ofu = OpenfireUser()
ofu.user = user
ofu.username = authinfo.jabber_username
ofu.save()
if SmfUser is not None and authinfo.smf_username:
logging.debug('Updating SMF info for %s' % user.username)
smf = SmfUser()
smf.user = user
smf.username = authinfo.smf_username
smf.save()
if Teamspeak3User is not None and authinfo.teamspeak3_uid:
logging.debug('Updating Teamspeak3 info for %s' % user.username)
ts3 = Teamspeak3User()
ts3.user = user
ts3.uid = authinfo.teamspeak3_uid
ts3.perm_key = authinfo.teamspeak3_perm_key
ts3.save()
if MumbleUser is not None and authinfo.mumble_username:
logging.debug('Updating mumble info for %s' % user.username)
try:
mbl = MumbleUser.objects.get(username=authinfo.mumble_username)
mbl.user = user
mbl.save()
except ObjectDoesNotExist:
logger.warn('AuthServiceInfo mumble_username for {} but no '
'corresponding record in MumbleUser, dropping'.format(user.username))
if Phpbb3User is not None and authinfo.forum_username:
logging.debug('Updating phpbb3 info for %s' % user.username)
phb = Phpbb3User()
phb.user = user
phb.username = authinfo.forum_username
phb.save()
def reverse(apps, schema_editor):
User = apps.get_model('auth', 'User')
AuthServicesInfo = apps.get_model("authentication", "AuthServicesInfo")
for user in User.objects.all():
authinfo, c = AuthServicesInfo.objects.get_or_create(user=user)
if hasattr(user, 'xenforo'):
logging.debug('Reversing xenforo for %s' % user.username)
authinfo.xenforo_username = user.xenforo.username
if hasattr(user, 'discord'):
logging.debug('Reversing discord for %s' % user.username)
authinfo.discord_uid = user.discord.uid
if hasattr(user, 'discourse'):
logging.debug('Reversing discourse for %s' % user.username)
authinfo.discourse_enabled = user.discourse.enabled
if hasattr(user, 'ipboard'):
logging.debug('Reversing ipboard for %s' % user.username)
authinfo.ipboard_username = user.ipboard.username
if hasattr(user, 'ips4'):
logging.debug('Reversing ips4 for %s' % user.username)
authinfo.ips4_id = user.ips4.id
authinfo.ips4_username = user.ips4.username
if hasattr(user, 'market'):
logging.debug('Reversing market for %s' % user.username)
authinfo.market_username = user.market.username
if hasattr(user, 'openfire'):
logging.debug('Reversing openfire (jabber) for %s' % user.username)
authinfo.jabber_username = user.openfire.username
if hasattr(user, 'smf'):
logging.debug('Reversing smf for %s' % user.username)
authinfo.smf_username = user.smf.username
if hasattr(user, 'teamspeak3'):
logging.debug('Reversing teamspeak3 for %s' % user.username)
authinfo.teamspeak3_uid = user.teamspeak3.uid
authinfo.teamspeak3_perm_key = user.teamspeak3.perm_key
if hasattr(user, 'mumble'):
logging.debug('Reversing mumble for %s' % user.username)
try:
authinfo.mumble_username = user.mumble.all()[:1].get().username
except ObjectDoesNotExist:
logging.debug('Failed to reverse mumble for %s' % user.username)
if hasattr(user, 'phpbb3'):
logging.debug('Reversing phpbb3 for %s' % user.username)
authinfo.forum_username = user.phpbb3.username
logging.debug('Saving AuthServicesInfo for %s ' % user.username)
authinfo.save()
class Migration(migrations.Migration):
dependencies = optional_dependencies() + [
('authentication', '0012_remove_add_delete_authservicesinfo_permissions'),
]
operations = [
# Migrate data
migrations.RunPython(forward, reverse),
# Remove fields
migrations.RemoveField(
model_name='authservicesinfo',
name='discord_uid',
),
migrations.RemoveField(
model_name='authservicesinfo',
name='discourse_enabled',
),
migrations.RemoveField(
model_name='authservicesinfo',
name='forum_username',
),
migrations.RemoveField(
model_name='authservicesinfo',
name='ipboard_username',
),
migrations.RemoveField(
model_name='authservicesinfo',
name='ips4_id',
),
migrations.RemoveField(
model_name='authservicesinfo',
name='ips4_username',
),
migrations.RemoveField(
model_name='authservicesinfo',
name='jabber_username',
),
migrations.RemoveField(
model_name='authservicesinfo',
name='market_username',
),
migrations.RemoveField(
model_name='authservicesinfo',
name='mumble_username',
),
migrations.RemoveField(
model_name='authservicesinfo',
name='smf_username',
),
migrations.RemoveField(
model_name='authservicesinfo',
name='teamspeak3_perm_key',
),
migrations.RemoveField(
model_name='authservicesinfo',
name='teamspeak3_uid',
),
migrations.RemoveField(
model_name='authservicesinfo',
name='xenforo_username',
),
]

13
authentication/models.py
View File

@ -16,19 +16,6 @@ class AuthServicesInfo(models.Model):
(MEMBER_STATE, 'Member'),
)
ipboard_username = models.CharField(max_length=254, blank=True, default="")
xenforo_username = models.CharField(max_length=254, blank=True, default="")
forum_username = models.CharField(max_length=254, blank=True, default="")
jabber_username = models.CharField(max_length=254, blank=True, default="")
mumble_username = models.CharField(max_length=254, blank=True, default="")
teamspeak3_uid = models.CharField(max_length=254, blank=True, default="")
teamspeak3_perm_key = models.CharField(max_length=254, blank=True, default="")
discord_uid = models.CharField(max_length=254, blank=True, default="")
discourse_enabled = models.BooleanField(default=False, blank=True)
ips4_username = models.CharField(max_length=254, blank=True, default="")
ips4_id = models.CharField(max_length=254, blank=True, default="")
smf_username = models.CharField(max_length=254, blank=True, default="")
market_username = models.CharField(max_length=254, blank=True, default="")
main_char_id = models.CharField(max_length=64, blank=True, default="")
user = models.OneToOneField(User)
state = models.CharField(blank=True, null=True, choices=STATE_CHOICES, default=NONE_STATE, max_length=10)

4
docs/installation/services/mumble.md
View File

@ -11,6 +11,10 @@ The mumble server package can be retrieved from a repository we need to add, mum
Now two packages need to be installed:
sudo apt-get install python-software-properties mumble-server
You will also need to install the python dependencies for the authenticator script:
pip install -r thirdparty/Mumble/requirements.txt
## Configuring Mumble
Mumble ships with a configuration file that needs customization. By default its located at /etc/mumble-server.ini. Open it with your favourite text editor:

11
eveonline/managers.py
View File

@ -3,6 +3,7 @@ from eveonline.models import EveCharacter
from eveonline.models import EveApiKeyPair
from eveonline.models import EveAllianceInfo
from eveonline.models import EveCorporationInfo
from authentication.models import AuthServicesInfo
from eveonline.providers import eve_adapter_factory, EveXmlProvider
from services.managers.eve_api_manager import EveApiManager
import logging
@ -241,6 +242,16 @@ class EveManager(object):
return None
@staticmethod
def get_main_character(user):
"""
Get a characters main
:param user: django.contrib.auth.models.User
:return: EveCharacter
"""
authserviceinfo = AuthServicesInfo.objects.get(user=user)
return EveManager.get_character_by_id(authserviceinfo.main_char_id)
@staticmethod
def get_characters_by_api_id(api_id):
return EveCharacter.objects.filter(api_id=api_id)

0
services/managers/fleetup_manager.py → fleetup/managers.py
View File

2
fleetup/views.py
View File

@ -4,7 +4,7 @@ from django.shortcuts import render
from django.contrib.auth.decorators import login_required
from django.contrib.auth.decorators import permission_required
from django.template.defaulttags import register
from services.managers.fleetup_manager import FleetUpManager
from fleetup.managers import FleetUpManager
from authentication.decorators import members_and_blues
import logging

1
requirements.txt
View File

@ -5,7 +5,6 @@ dnspython
passlib
requests>=2.9.1
bcrypt
zeroc-ice
slugify
requests-oauthlib
sleekxmpp

24
runtests.py Normal file
View File

@ -0,0 +1,24 @@
#!/usr/bin/env python
from __future__ import unicode_literals
import os
import sys
if __name__ == "__main__":
os.environ['DJANGO_SETTINGS_MODULE'] = 'alliance_auth.tests.test_settings'
try:
from django.core.management import execute_from_command_line
except ImportError:
# The above import may fail for some other reason. Ensure that the
# issue is really that Django is missing to avoid masking other
# exceptions on Python 2.
try:
import django
except ImportError:
raise ImportError(
"Couldn't import Django. Are you sure it's installed and "
"available on your PYTHONPATH environment variable? Did you "
"forget to activate a virtual environment?"
)
raise
execute_from_command_line(sys.argv.insert(1, 'test'))

12
services/admin.py
View File

@ -1,17 +1,5 @@
from __future__ import unicode_literals
from django.contrib import admin
from services.models import AuthTS
from services.models import MumbleUser
from services.models import GroupCache
class AuthTSgroupAdmin(admin.ModelAdmin):
fields = ['auth_group', 'ts_group']
filter_horizontal = ('ts_group',)
admin.site.register(AuthTS, AuthTSgroupAdmin)
admin.site.register(MumbleUser)
admin.site.register(GroupCache)

22
services/forms.py
View File

@ -1,14 +1,9 @@
from __future__ import unicode_literals
from django import forms
from services.managers.teamspeak3_manager import Teamspeak3Manager
from django.utils.translation import ugettext_lazy as _
class JabberBroadcastForm(forms.Form):
group = forms.ChoiceField(label=_('Group'), widget=forms.Select)
message = forms.CharField(label=_('Message'), widget=forms.Textarea)
class FleetFormatterForm(forms.Form):
fleet_name = forms.CharField(label=_('Name of Fleet:'), required=True)
fleet_commander = forms.CharField(label=_('Fleet Commander:'), required=True)
@ -26,12 +21,6 @@ class FleetFormatterForm(forms.Form):
comments = forms.CharField(label=_('Comments'), widget=forms.Textarea, required=False)
class DiscordForm(forms.Form):
email = forms.CharField(label=_("Email Address"), required=True)
password = forms.CharField(label=_("Password"), required=True, widget=forms.PasswordInput)
update_avatar = forms.BooleanField(label=_("Update Avatar"), required=False, initial=True)
class ServicePasswordForm(forms.Form):
password = forms.CharField(label=_("Password"), required=True)
@ -40,12 +29,3 @@ class ServicePasswordForm(forms.Form):
if not len(password) >= 8:
raise forms.ValidationError(_("Password must be at least 8 characters long."))
return password
class TeamspeakJoinForm(forms.Form):
username = forms.CharField(widget=forms.HiddenInput())
def clean(self):
if Teamspeak3Manager._get_userid(self.cleaned_data['username']):
return self.cleaned_data
raise forms.ValidationError(_("Unable to locate user %s on server") % self.cleaned_data['username'])

134
services/hooks.py Normal file
View File

@ -0,0 +1,134 @@
from __future__ import unicode_literals
from django.template.loader import render_to_string
from django.utils.safestring import mark_safe
from authentication.states import MEMBER_STATE, BLUE_STATE
from authentication.models import AuthServicesInfo
class ServicesHook:
"""
Abstract base class for creating a compatible services
hook. Decorate with @register('services_hook') to have the
services module registered for callbacks. Must be in
auth_hook(.py) sub module
"""
def __init__(self):
self.name = 'Undefined'
self.urlpatterns = []
self.service_ctrl_template = 'registered/services_ctrl.html'
@property
def title(self):
"""
A nicely formatted title of the service, for client facing
display.
:return: str
"""
return self.name.title()
def delete_user(self, user, notify_user=False):
"""
Delete the users service account, optionally notify them
that the service has been disabled
:param user: Django.contrib.auth.models.User
:param notify_user: Whether the service should sent a
notification to the user about the disabling of their
service account.
:return: True if the service account has been disabled,
or False if it doesnt exist.
"""
pass
def validate_user(self, user):
pass
def sync_nickname(self, user):
"""
Sync the users nickname
:param user: Django.contrib.auth.models.User
:return: None
"""
pass
def update_groups(self, user):
"""
Update the users group membership
:param user: Django.contrib.auth.models.User
:return: None
"""
pass
def update_all_groups(self):
"""
Iterate through and update all users groups
:return: None
"""
pass
def service_enabled_members(self):
"""
Return setting config for service enabled for members
:return: bool True if enabled
"""
return False
def service_enabled_blues(self):
"""
Return setting config for service enabled for Blues
:return: bool True if enabled
"""
return False
def service_active_for_user(self, user):
state = AuthServicesInfo.objects.get(user=user).state
return (
(state == MEMBER_STATE and self.service_enabled_members()) or
(state == BLUE_STATE and self.service_enabled_blues())
)
def show_service_ctrl(self, user, state):
"""
Whether the service control should be displayed to the given user
who has the given service state. Usually this function wont
require overloading.
:param user: django.contrib.auth.models.User
:param state: auth user state
:return: bool True if the service should be shown
"""
return (self.service_enabled_members() and (
state == MEMBER_STATE or user.is_superuser)) or (
self.service_enabled_blues() and (state == BLUE_STATE or user.is_superuser))
def render_services_ctrl(self, request):
"""
Render the services control template row
:param request:
:return:
"""
return ''
def __str__(self):
return self.name or 'Unknown Service Module'
class Urls:
def __init__(self):
self.auth_activate = ''
self.auth_set_password = ''
self.auth_reset_password = ''
self.auth_deactivate = ''
class MenuItemHook:
def __init__(self, text, classes, url_name, order=None):
self.text = text
self.classes = classes
self.url_name = url_name
self.template = 'public/menuitem.html'
self.order = order if order is not None else 9999
def render(self, request):
return render_to_string(self.template,
{'item': self},
request=request)

121
services/managers/mumble_manager.py
View File

@ -1,121 +0,0 @@
from __future__ import unicode_literals
import os
import hashlib
from services.models import MumbleUser
import logging
logger = logging.getLogger(__name__)
class MumbleManager:
def __init__(self):
pass
@staticmethod
def __santatize_username(username):
sanatized = username.replace(" ", "_")
return sanatized
@staticmethod
def __generate_random_pass():
return os.urandom(8).encode('hex')
@staticmethod
def __generate_username(username, corp_ticker):
return "[" + corp_ticker + "]" + username
@staticmethod
def __generate_username_blue(username, corp_ticker):
return "[BLUE][" + corp_ticker + "]" + username
@staticmethod
def _gen_pwhash(password):
return hashlib.sha1(password).hexdigest()
@staticmethod
def create_user(corp_ticker, username):
logger.debug("Creating mumble user with username %s and ticker %s" % (username, corp_ticker))
username_clean = MumbleManager.__santatize_username(MumbleManager.__generate_username(username, corp_ticker))
password = MumbleManager.__generate_random_pass()
pwhash = MumbleManager._gen_pwhash(password)
logger.debug("Proceeding with mumble user creation: clean username %s, pwhash starts with %s" % (
username_clean, pwhash[0:5]))
if MumbleUser.objects.filter(username=username_clean).exists() is False:
logger.info("Creating mumble user %s" % username_clean)
MumbleUser.objects.create(username=username_clean, pwhash=pwhash)
return username_clean, password
else:
logger.warn("Mumble user %s already exists. Updating password")
model = MumbleUser.objects.get(username=username_clean)
model.pwhash = pwhash
model.save()
logger.info("Updated mumble user %s" % username_clean)
return username_clean, password
@staticmethod
def create_blue_user(corp_ticker, username):
logger.debug("Creating mumble blue user with username %s and ticker %s" % (username, corp_ticker))
username_clean = MumbleManager.__santatize_username(
MumbleManager.__generate_username_blue(username, corp_ticker))
password = MumbleManager.__generate_random_pass()
pwhash = MumbleManager._gen_pwhash(password)
logger.debug("Proceeding with mumble user creation: clean username %s, pwhash starts with %s" % (
username_clean, pwhash[0:5]))
if MumbleUser.objects.filter(username=username_clean).exists() is False:
logger.info("Creating mumble user %s" % username_clean)
MumbleUser.objects.create(username=username_clean, pwhash=pwhash)
return username_clean, password
else:
logger.warn("Mumble user %s already exists. Updating password")
model = MumbleUser.objects.get(username=username_clean)
model.pwhash = pwhash
model.save()
logger.info("Updated mumble user %s" % username_clean)
return username_clean, password
@staticmethod
def delete_user(username):
logger.debug("Deleting user %s from mumble." % username)
if MumbleUser.objects.filter(username=username).exists():
MumbleUser.objects.filter(username=username).delete()
logger.info("Deleted user %s from mumble" % username)
return True
logger.error("Unable to delete user %s from mumble: MumbleUser model not found" % username)
return False
@staticmethod
def update_user_password(username, password=None):
logger.debug("Updating mumble user %s password." % username)
if not password:
password = MumbleManager.__generate_random_pass()
pwhash = MumbleManager._gen_pwhash(password)
logger.debug("Proceeding with mumble user %s password update - pwhash starts with %s" % (username, pwhash[0:5]))
if MumbleUser.objects.filter(username=username).exists():
model = MumbleUser.objects.get(username=username)
model.pwhash = pwhash
model.save()
return password
logger.error("User %s not found on mumble. Unable to update password." % username)
return ""
@staticmethod
def update_groups(username, groups):
logger.debug("Updating mumble user %s groups %s" % (username, groups))
safe_groups = list(set([g.replace(' ', '-') for g in groups]))
groups = ''
for g in safe_groups:
groups = groups + g + ','
groups = groups.strip(',')
if MumbleUser.objects.filter(username=username).exists():
logger.info("Updating mumble user %s groups to %s" % (username, safe_groups))
model = MumbleUser.objects.get(username=username)
model.groups = groups
model.save()
else:
logger.error("User %s not found on mumble. Unable to update groups." % username)
@staticmethod
def user_exists(username):
return MumbleUser.objects.filter(username=username).exists()

45
services/migrations/0001_initial.py
View File

@ -17,16 +17,6 @@ class Migration(migrations.Migration):
]
operations = [
migrations.CreateModel(
name='AuthTS',
fields=[
('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('auth_group', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='auth.Group')),
],
options={
'verbose_name': 'Auth / TS Group',
},
),
migrations.CreateModel(
name='DiscordAuthToken',
fields=[
@ -45,39 +35,4 @@ class Migration(migrations.Migration):
('service', models.CharField(choices=[(b'discourse', b'discourse'), (b'discord', b'discord')], max_length=254, unique=True)),
],
),
migrations.CreateModel(
name='MumbleUser',
fields=[
('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('username', models.CharField(max_length=254, unique=True)),
('pwhash', models.CharField(max_length=40)),
('groups', models.TextField(blank=True, null=True)),
],
),
migrations.CreateModel(
name='TSgroup',
fields=[
('ts_group_id', models.IntegerField(primary_key=True, serialize=False)),
('ts_group_name', models.CharField(max_length=30)),
],
options={
'verbose_name': 'TS Group',
},
),
migrations.CreateModel(
name='UserTSgroup',
fields=[
('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('ts_group', models.ManyToManyField(to='services.TSgroup')),
('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
],
options={
'verbose_name': 'User TS Group',
},
),
migrations.AddField(
model_name='authts',
name='ts_group',
field=models.ManyToManyField(to='services.TSgroup'),
),
]

46
services/models.py
View File

@ -3,52 +3,6 @@ from django.utils.encoding import python_2_unicode_compatible
from django.db import models
@python_2_unicode_compatible
class TSgroup(models.Model):
ts_group_id = models.IntegerField(primary_key=True)
ts_group_name = models.CharField(max_length=30)
class Meta:
verbose_name = 'TS Group'
def __str__(self):
return self.ts_group_name
@python_2_unicode_compatible
class AuthTS(models.Model):
auth_group = models.ForeignKey('auth.Group')
ts_group = models.ManyToManyField(TSgroup)
class Meta:
verbose_name = 'Auth / TS Group'
def __str__(self):
return self.auth_group.name
@python_2_unicode_compatible
class UserTSgroup(models.Model):
user = models.ForeignKey('auth.User')
ts_group = models.ManyToManyField(TSgroup)
class Meta:
verbose_name = 'User TS Group'
def __str__(self):
return self.user.name
@python_2_unicode_compatible
class MumbleUser(models.Model):
username = models.CharField(max_length=254, unique=True)
pwhash = models.CharField(max_length=40)
groups = models.TextField(blank=True, null=True)
def __str__(self):
return self.username
@python_2_unicode_compatible
class GroupCache(models.Model):
SERVICE_CHOICES = (

0
services/modules/__init__.py Normal file
View File

0
services/modules/discord/__init__.py Normal file
View File

10
services/modules/discord/admin.py Normal file
View File

@ -0,0 +1,10 @@
from __future__ import unicode_literals
from django.contrib import admin
from .models import DiscordUser
class DiscordUserAdmin(admin.ModelAdmin):
list_display = ('user', 'uid')
search_fields = ('user__username', 'uid')
admin.site.register(DiscordUser, DiscordUserAdmin)

7
services/modules/discord/apps.py Normal file
View File

@ -0,0 +1,7 @@
from __future__ import unicode_literals
from django.apps import AppConfig
class DiscordServiceConfig(AppConfig):
name = 'discord'

59
services/modules/discord/auth_hooks.py Normal file
View File

@ -0,0 +1,59 @@
from __future__ import unicode_literals
import logging
from django.conf import settings
from django.template.loader import render_to_string
from alliance_auth import hooks
from services.hooks import ServicesHook
from .tasks import DiscordTasks
from .urls import urlpatterns
logger = logging.getLogger(__name__)
class DiscordService(ServicesHook):
def __init__(self):
ServicesHook.__init__(self)
self.urlpatterns = urlpatterns
self.name = 'discord'
self.service_ctrl_template = 'registered/discord_service_ctrl.html'
def delete_user(self, user, notify_user=False):
logger.debug('Deleting user %s %s account' % (user, self.name))
return DiscordTasks.delete_user(user, notify_user=notify_user)
def update_groups(self, user):
logger.debug('Processing %s groups for %s' % (self.name, user))
if DiscordTasks.has_account(user):
DiscordTasks.update_groups.delay(user.pk)
def validate_user(self, user):
logger.debug('Validating user %s %s account' % (user, self.name))
if DiscordTasks.has_account(user) and not self.service_active_for_user(user):
self.delete_user(user, notify_user=True)
def sync_nickname(self, user):
logger.debug('Syncing %s nickname for user %s' % (self.name, user))
DiscordTasks.update_nickname.delay(user.pk)
def update_all_groups(self):
logger.debug('Update all %s groups called' % self.name)
DiscordTasks.update_all_groups.delay()
def service_enabled_members(self):
return settings.ENABLE_AUTH_DISCORD or False
def service_enabled_blues(self):
return settings.ENABLE_BLUE_DISCORD or False
def render_services_ctrl(self, request):
return render_to_string(self.service_ctrl_template, {
'discord_uid': request.user.discord.uid if DiscordTasks.has_account(request.user) else None,
}, request=request)
@hooks.register('services_hook')
def register_service():
return DiscordService()

0
services/managers/discord_manager.py → services/modules/discord/manager.py
View File

26
services/modules/discord/migrations/0001_initial.py Normal file
View File

@ -0,0 +1,26 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.10.2 on 2016-12-12 03:14
from __future__ import unicode_literals
from django.conf import settings
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
initial = True
dependencies = [
('auth', '0008_alter_user_username_max_length'),
]
operations = [
migrations.CreateModel(
name='DiscordUser',
fields=[
('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, primary_key=True, related_name='discord', serialize=False, to=settings.AUTH_USER_MODEL)),
('uid', models.CharField(max_length=254)),
],
),
]

0
services/modules/discord/migrations/__init__.py Normal file
View File

15
services/modules/discord/models.py Normal file
View File

@ -0,0 +1,15 @@
from __future__ import unicode_literals
from django.utils.encoding import python_2_unicode_compatible
from django.contrib.auth.models import User
from django.db import models
class DiscordUser(models.Model):
user = models.OneToOneField(User,
primary_key=True,
on_delete=models.CASCADE,
related_name='discord')
uid = models.CharField(max_length=254)
def __str__(self):
return "{} - {}".format(self.user.username, self.uid)

131
services/modules/discord/tasks.py Normal file
View File

@ -0,0 +1,131 @@
from __future__ import unicode_literals
import logging
from alliance_auth.celeryapp import app
from django.conf import settings
from django.contrib.auth.models import User
from django.core.exceptions import ObjectDoesNotExist
from eveonline.managers import EveManager
from notifications import notify
from services.modules.discord.manager import DiscordOAuthManager
from services.tasks import only_one
from .models import DiscordUser
logger = logging.getLogger(__name__)
class DiscordTasks:
def __init__(self):
pass
@classmethod
def add_user(cls, user, code):
user_id = DiscordOAuthManager.add_user(code)
if user_id:
discord_user = DiscordUser()
discord_user.user = user
discord_user.uid = user_id
discord_user.save()
if settings.DISCORD_SYNC_NAMES:
cls.update_nickname.delay(user.pk)
cls.update_groups.delay(user.pk)
return True
return False
@classmethod
def delete_user(cls, user, notify_user=False):
if cls.has_account(user):
logger.debug("User %s has discord account %s. Deleting." % (user, user.discord.uid))
if DiscordOAuthManager.delete_user(user.discord.uid):
user.discord.delete()
if notify_user:
notify(user, 'Discord Account Disabled', level='danger')
return True
return False
@classmethod
def has_account(cls, user):
"""
Check if the user has an account (has a DiscordUser record)
:param user: django.contrib.auth.models.User
:return: bool
"""
try:
user.discord
except ObjectDoesNotExist:
return False
else:
return True
@staticmethod
@app.task(bind=True)
def update_groups(task_self, pk):
user = User.objects.get(pk=pk)
logger.debug("Updating discord groups for user %s" % user)
if DiscordTasks.has_account(user):
groups = []
for group in user.groups.all():
groups.append(str(group.name))
if len(groups) == 0:
logger.debug("No syncgroups found for user. Adding empty group.")
groups.append('empty')
logger.debug("Updating user %s discord groups to %s" % (user, groups))
try:
DiscordOAuthManager.update_groups(user.discord.uid, groups)
except Exception as e:
if task_self:
logger.exception("Discord group sync failed for %s, retrying in 10 mins" % user)
raise task_self.retry(countdown=60 * 10)
else:
# Rethrow
raise e
logger.debug("Updated user %s discord groups." % user)
else:
logger.debug("User does not have a discord account, skipping")
@staticmethod
@app.task
def update_all_groups():
logger.debug("Updating ALL discord groups")
for discord_user in DiscordUser.objects.exclude(uid__exact=''):
DiscordTasks.update_groups.delay(discord_user.user.pk)
@staticmethod
@app.task(bind=True)
def update_nickname(self, pk):
user = User.objects.get(pk=pk)
logger.debug("Updating discord nickname for user %s" % user)
if DiscordTasks.has_account(user):
character = EveManager.get_main_character(user)
logger.debug("Updating user %s discord nickname to %s" % (user, character.character_name))
try:
DiscordOAuthManager.update_nickname(user.discord.uid, character.character_name)
except Exception as e:
if self:
logger.exception("Discord nickname sync failed for %s, retrying in 10 mins" % user)
raise self.retry(countdown=60 * 10)
else:
# Rethrow
raise e
logger.debug("Updated user %s discord nickname." % user)
else:
logger.debug("User %s does not have a discord account" % user)
@staticmethod
@app.task
def update_all_nicknames():
logger.debug("Updating ALL discord nicknames")
for discord_user in DiscordUser.objects.exclude(uid__exact=''):
DiscordTasks.update_nickname.delay(discord_user.user.user_id)
@classmethod
def disable(cls):
if settings.ENABLE_AUTH_DISCORD:
logger.warn(
"ENABLE_AUTH_DISCORD still True, after disabling users will still be able to link Discord accounts")
if settings.ENABLE_BLUE_DISCORD:
logger.warn(
"ENABLE_BLUE_DISCORD still True, after disabling blues will still be able to link Discord accounts")
DiscordUser.objects.all().delete()

27
services/modules/discord/templates/registered/discord_service_ctrl.html Normal file
View File

@ -0,0 +1,27 @@
{% load i18n %}
<tr>
<td class="text-center">Discord</td>
<td class="text-center"></td>
<td class="text-center"><a href="https://discordapp.com/channels/{{ DISCORD_SERVER_ID }}/{{ DISCORD_SERVER_ID}}">https://discordapp.com</a></td>
<td class="text-center">
{% if not discord_uid %}
<a href="{% url 'auth_activate_discord' %}" class="btn btn-warning">
<span class="glyphicon glyphicon-ok"></span>
</a>
{% else %}
<a href="{% url 'auth_reset_discord' %}" class="btn btn-primary">
<span class="glyphicon glyphicon-refresh"></span>
</a>
<a href="{% url 'auth_deactivate_discord' %}" class="btn btn-danger">
<span class="glyphicon glyphicon-remove"></span>
</a>
{% endif %}
{% if request.user.is_superuser %}
<div class="text-center" style="padding-top:5px;">
<a type="button" class="btn btn-success" href="{% url 'auth_discord_add_bot' %}">{% trans "Link Discord" %} Server</a>
</div>
{% endif %}
</td>
</tr>

193
services/modules/discord/tests.py Normal file
View File

@ -0,0 +1,193 @@
from __future__ import unicode_literals
try:
# Py3
from unittest import mock
except ImportError:
# Py2
import mock
from django.test import TestCase, RequestFactory
from django.conf import settings
from django.contrib.auth.models import User
from django.core.exceptions import ObjectDoesNotExist
from alliance_auth.tests.auth_utils import AuthUtils
from .auth_hooks import DiscordService
from .models import DiscordUser
from .tasks import DiscordTasks
MODULE_PATH = 'services.modules.discord'
class DiscordHooksTestCase(TestCase):
def setUp(self):
self.member = 'member_user'
member = AuthUtils.create_member(self.member)
DiscordUser.objects.create(user=member, uid='12345')
self.blue = 'blue_user'
blue = AuthUtils.create_blue(self.blue)
DiscordUser.objects.create(user=blue, uid='67891')
self.none_user = 'none_user'
none_user = AuthUtils.create_user(self.none_user)
self.service = DiscordService
def test_has_account(self):
member = User.objects.get(username=self.member)
blue = User.objects.get(username=self.blue)
none_user = User.objects.get(username=self.none_user)
self.assertTrue(DiscordTasks.has_account(member))
self.assertTrue(DiscordTasks.has_account(blue))
self.assertFalse(DiscordTasks.has_account(none_user))
def test_service_enabled(self):
service = self.service()
member = User.objects.get(username=self.member)
blue = User.objects.get(username=self.blue)
none_user = User.objects.get(username=self.none_user)
self.assertTrue(service.service_enabled_members())
self.assertTrue(service.service_enabled_blues())
self.assertTrue(service.service_active_for_user(member))
self.assertTrue(service.service_active_for_user(blue))
self.assertFalse(service.service_active_for_user(none_user))
@mock.patch(MODULE_PATH + '.tasks.DiscordOAuthManager')
def test_update_all_groups(self, manager):
service = self.service()
service.update_all_groups()
# Check member and blue user have groups updated
self.assertTrue(manager.update_groups.called)
self.assertEqual(manager.update_groups.call_count, 2)
def test_update_groups(self):
# Check member has Member group updated
with mock.patch(MODULE_PATH + '.tasks.DiscordOAuthManager') as manager:
service = self.service()
member = User.objects.get(username=self.member)
service.update_groups(member)
self.assertTrue(manager.update_groups.called)
args, kwargs = manager.update_groups.call_args
user_id, groups = args
self.assertIn(settings.DEFAULT_AUTH_GROUP, groups)
self.assertEqual(user_id, member.discord.uid)
# Check none user does not have groups updated
with mock.patch(MODULE_PATH + '.tasks.DiscordOAuthManager') as manager:
service = self.service()
none_user = User.objects.get(username=self.none_user)
service.update_groups(none_user)
self.assertFalse(manager.update_groups.called)
@mock.patch(MODULE_PATH + '.tasks.DiscordOAuthManager')
def test_validate_user(self, manager):
service = self.service()
# Test member is not deleted
member = User.objects.get(username=self.member)
service.validate_user(member)
self.assertTrue(member.discord)
# Test none user is deleted
none_user = User.objects.get(username=self.none_user)
DiscordUser.objects.create(user=none_user, uid='abc123')
service.validate_user(none_user)
self.assertTrue(manager.delete_user.called)
with self.assertRaises(ObjectDoesNotExist):
none_discord = User.objects.get(username=self.none_user).discord
@mock.patch(MODULE_PATH + '.tasks.DiscordOAuthManager')
def test_sync_nickname(self, manager):
service = self.service()
member = User.objects.get(username=self.member)
AuthUtils.add_main_character(member, 'test user', '12345', corp_ticker='AAUTH')
service.sync_nickname(member)
self.assertTrue(manager.update_nickname.called)
args, kwargs = manager.update_nickname.call_args
self.assertEqual(args[0], member.discord.uid)
self.assertEqual(args[1], 'test user')
@mock.patch(MODULE_PATH + '.tasks.DiscordOAuthManager')
def test_delete_user(self, manager):
member = User.objects.get(username=self.member)
service = self.service()
result = service.delete_user(member)
self.assertTrue(result)
self.assertTrue(manager.delete_user.called)
with self.assertRaises(ObjectDoesNotExist):
discord_user = User.objects.get(username=self.member).discord
def test_render_services_ctrl(self):
service = self.service()
member = User.objects.get(username=self.member)
request = RequestFactory().get('/en/services/')
request.user = member
response = service.render_services_ctrl(request)
self.assertTemplateUsed(service.service_ctrl_template)
self.assertIn('/discord/reset/', response)
self.assertIn('/discord/deactivate/', response)
# Test register becomes available
member.discord.delete()
member = User.objects.get(username=self.member)
request.user = member
response = service.render_services_ctrl(request)
self.assertIn('/discord/activate/', response)
# TODO: Test update nicknames
class DiscordViewsTestCase(TestCase):
def setUp(self):
self.member = AuthUtils.create_member('auth_member')
self.member.set_password('password')
self.member.save()
def login(self):
self.client.login(username=self.member.username, password='password')
@mock.patch(MODULE_PATH + '.views.DiscordOAuthManager')
def test_activate(self, manager):
self.login()
manager.generate_oauth_redirect_url.return_value = '/example.com/oauth/'
response = self.client.get('/discord/activate/', follow=False)
self.assertRedirects(response, expected_url='/example.com/oauth/', target_status_code=404)
@mock.patch(MODULE_PATH + '.tasks.DiscordOAuthManager')
def test_callback(self, manager):
self.login()
manager.add_user.return_value = '1234'
response = self.client.get('/discord/callback/', data={'code': '1234'})
self.assertTrue(manager.add_user.called)
self.assertEqual(manager.update_nickname.called, settings.DISCORD_SYNC_NAMES)
self.assertEqual(self.member.discord.uid, '1234')
self.assertRedirects(response, expected_url='/en/services/', target_status_code=200)
@mock.patch(MODULE_PATH + '.tasks.DiscordOAuthManager')
def test_reset(self, manager):
self.login()
DiscordUser.objects.create(user=self.member, uid='12345')
manager.delete_user.return_value = True
response = self.client.get('/discord/reset/')
self.assertRedirects(response, expected_url='/discord/activate/', target_status_code=302)
@mock.patch(MODULE_PATH + '.tasks.DiscordOAuthManager')
def test_deactivate(self, manager):
self.login()
DiscordUser.objects.create(user=self.member, uid='12345')
manager.delete_user.return_value = True
response = self.client.get('/discord/deactivate/')
self.assertTrue(manager.delete_user.called)
self.assertRedirects(response, expected_url='/en/services/', target_status_code=200)
with self.assertRaises(ObjectDoesNotExist):
discord_user = User.objects.get(pk=self.member.pk).discord

17
services/modules/discord/urls.py Normal file
View File

@ -0,0 +1,17 @@
from __future__ import unicode_literals
from django.conf.urls import url, include
from . import views
module_urls = [
# Discord Service Control
url(r'^activate/$', views.activate_discord, name='auth_activate_discord'),
url(r'^deactivate/$', views.deactivate_discord, name='auth_deactivate_discord'),
url(r'^reset/$', views.reset_discord, name='auth_reset_discord'),
url(r'^callback/$', views.discord_callback, name='auth_discord_callback'),
url(r'^add_bot/$', views.discord_add_bot, name='auth_discord_add_bot'),
]
urlpatterns = [
url(r'^discord/', include(module_urls))
]

71
services/modules/discord/views.py Normal file
View File

@ -0,0 +1,71 @@
from __future__ import unicode_literals
import logging
from django.contrib import messages
from django.contrib.auth.decorators import login_required
from django.contrib.auth.decorators import user_passes_test
from django.shortcuts import redirect
from authentication.decorators import members_and_blues
from .manager import DiscordOAuthManager
from .tasks import DiscordTasks
from services.views import superuser_test
logger = logging.getLogger(__name__)
@login_required
@members_and_blues()
def deactivate_discord(request):
logger.debug("deactivate_discord called by user %s" % request.user)
if DiscordTasks.delete_user(request.user):
logger.info("Successfully deactivated discord for user %s" % request.user)
messages.success(request, 'Deactivated Discord account.')
else:
logger.error("Unsuccessful attempt to deactivate discord for user %s" % request.user)
messages.error(request, 'An error occurred while processing your Discord account.')
return redirect("auth_services")
@login_required
@members_and_blues()
def reset_discord(request):
logger.debug("reset_discord called by user %s" % request.user)
if DiscordTasks.delete_user(request.user):
logger.info("Successfully deleted discord user for user %s - forwarding to discord activation." % request.user)
return redirect("auth_activate_discord")
logger.error("Unsuccessful attempt to reset discord for user %s" % request.user)
messages.error(request, 'An error occurred while processing your Discord account.')
return redirect("auth_services")
@login_required
@members_and_blues()
def activate_discord(request):
logger.debug("activate_discord called by user %s" % request.user)
return redirect(DiscordOAuthManager.generate_oauth_redirect_url())
@login_required
@members_and_blues()
def discord_callback(request):
logger.debug("Received Discord callback for activation of user %s" % request.user)
code = request.GET.get('code', None)
if not code:
logger.warn("Did not receive OAuth code from callback of user %s" % request.user)
return redirect("auth_services")
if DiscordTasks.add_user(request.user, code):
logger.info("Successfully activated Discord for user %s" % request.user)
messages.success(request, 'Activated Discord account.')
else:
logger.error("Failed to activate Discord for user %s" % request.user)
messages.error(request, 'An error occurred while processing your Discord account.')
return redirect("auth_services")
@login_required
@user_passes_test(superuser_test)
def discord_add_bot(request):
return redirect(DiscordOAuthManager.generate_bot_add_url())

0
services/modules/discourse/__init__.py Normal file
View File

10
services/modules/discourse/admin.py Normal file
View File

@ -0,0 +1,10 @@
from __future__ import unicode_literals
from django.contrib import admin
from .models import DiscourseUser
class DiscourseUserAdmin(admin.ModelAdmin):
list_display = ('user',)
search_fields = ('user__username',)
admin.site.register(DiscourseUser, DiscourseUserAdmin)

7
services/modules/discourse/apps.py Normal file
View File

@ -0,0 +1,7 @@
from __future__ import unicode_literals
from django.apps import AppConfig
class DiscourseServiceConfig(AppConfig):
name = 'discourse'

57
services/modules/discourse/auth_hooks.py Normal file
View File

@ -0,0 +1,57 @@
from __future__ import unicode_literals
from django.conf import settings
from django.template.loader import render_to_string
from services.hooks import ServicesHook
from alliance_auth import hooks
from eveonline.managers import EveManager
from .urls import urlpatterns
from .tasks import DiscourseTasks
import logging
logger = logging.getLogger(__name__)
class DiscourseService(ServicesHook):
def __init__(self):
ServicesHook.__init__(self)
self.urlpatterns = urlpatterns
self.name = 'discourse'
self.service_ctrl_template = 'registered/discourse_service_ctrl.html'
def delete_user(self, user, notify_user=False):
logger.debug('Deleting user %s %s account' % (user, self.name))
return DiscourseTasks.delete_user(user, notify_user=notify_user)
def update_groups(self, user):
logger.debug('Processing %s groups for %s' % (self.name, user))
if DiscourseTasks.has_account(user):
DiscourseTasks.update_groups.delay(user.pk)
def validate_user(self, user):
logger.debug('Validating user %s %s account' % (user, self.name))
if DiscourseTasks.has_account(user) and not self.service_active_for_user(user):
self.delete_user(user, notify_user=True)
def update_all_groups(self):
logger.debug('Update all %s groups called' % self.name)
DiscourseTasks.update_all_groups.delay()
def service_enabled_members(self):
return settings.ENABLE_AUTH_DISCOURSE or False
def service_enabled_blues(self):
return settings.ENABLE_BLUE_DISCOURSE or False
def render_services_ctrl(self, request):
return render_to_string(self.service_ctrl_template, {
'char': EveManager.get_main_character(request.user)
}, request=request)
@hooks.register('services_hook')
def register_service():
return DiscourseService()

7
services/managers/discourse_manager.py → services/modules/discourse/manager.py
View File

@ -1,7 +1,8 @@
from __future__ import unicode_literals
import logging
import requests
import os
import random
import string
import datetime
import json
import re
@ -11,10 +12,12 @@ from services.models import GroupCache
logger = logging.getLogger(__name__)
class DiscourseError(Exception):
def __init__(self, endpoint, errors):
self.endpoint = endpoint
self.errors = errors
def __str__(self):
return "API execution failed.\nErrors: %s\nEndpoint: %s" % (self.errors, self.endpoint)
@ -188,7 +191,7 @@ class DiscourseManager:
@staticmethod
def __generate_random_pass():
return os.urandom(8).encode('hex')
return ''.join([random.choice(string.ascii_letters + string.digits) for n in range(16)])
@staticmethod
def __get_groups():

26
services/modules/discourse/migrations/0001_initial.py Normal file
View File

@ -0,0 +1,26 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.10.2 on 2016-12-12 03:15
from __future__ import unicode_literals
from django.conf import settings
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
initial = True
dependencies = [
('auth', '0008_alter_user_username_max_length'),
]
operations = [
migrations.CreateModel(
name='DiscourseUser',
fields=[
('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, primary_key=True, related_name='discourse', serialize=False, to=settings.AUTH_USER_MODEL)),
('enabled', models.BooleanField()),
],
),
]

0
services/modules/discourse/migrations/__init__.py Normal file
View File

15
services/modules/discourse/models.py Normal file
View File

@ -0,0 +1,15 @@
from __future__ import unicode_literals
from django.utils.encoding import python_2_unicode_compatible
from django.contrib.auth.models import User
from django.db import models
class DiscourseUser(models.Model):
user = models.OneToOneField(User,
primary_key=True,
on_delete=models.CASCADE,
related_name='discourse')
enabled = models.BooleanField()
def __str__(self):
return self.user.username

62
services/modules/discourse/tasks.py Normal file
View File

@ -0,0 +1,62 @@
from __future__ import unicode_literals
from alliance_auth.celeryapp import app
from django.contrib.auth.models import User
from django.core.exceptions import ObjectDoesNotExist
from notifications import notify
from services.tasks import only_one
from .manager import DiscourseManager
from .models import DiscourseUser
import logging
logger = logging.getLogger(__name__)
class DiscourseTasks:
def __init__(self):
pass
@classmethod
def delete_user(cls, user, notify_user=False):
if cls.has_account(user) and user.discourse.enabled:
logger.debug("User %s has a Discourse account. Disabling login." % user)
if DiscourseManager.disable_user(user):
user.discourse.delete()
if notify_user:
notify(user, 'Discourse Account Disabled', level='danger')
return True
return False
@staticmethod
def has_account(user):
"""
Check if the user has a discourse account
:param user: django.contrib.auth.models.User
:return: bool
"""
try:
return user.discourse.enabled
except ObjectDoesNotExist:
return False
@staticmethod
@app.task(bind=True)
def update_groups(self, pk):
user = User.objects.get(pk=pk)
logger.debug("Updating discourse groups for user %s" % user)
try:
DiscourseManager.update_groups(user)
except:
logger.warn("Discourse group sync failed for %s, retrying in 10 mins" % user)
raise self.retry(countdown=60 * 10)
logger.debug("Updated user %s discourse groups." % user)
@staticmethod
@app.task
def update_all_groups():
logger.debug("Updating ALL discourse groups")
for discourse_user in DiscourseUser.objects.filter(enabled=True):
DiscourseTasks.update_groups.delay(discourse_user.user.pk)

8
services/modules/discourse/templates/registered/discourse_service_ctrl.html Normal file
View File

@ -0,0 +1,8 @@
{% load i18n %}
<td class="text-center">Discourse</td>
<td class="text-center">{{ char.character_name }}</td>
<td class="text-center"><a href="{{ DISCOURSE_URL }}">{{ DISCOURSE_URL }}</a></td>
<td class="text-center">
<a class="btn btn-success" href="{{ DISCOURSE_URL }}"><span class="glyphicon glyphicon-arrow-right"></span></a>
</td>

135
services/modules/discourse/tests.py Normal file
View File

@ -0,0 +1,135 @@
from __future__ import unicode_literals
try:
# Py3
from unittest import mock
except ImportError:
# Py2
import mock
from django.test import TestCase, RequestFactory
from django.conf import settings
from django.contrib.auth.models import User
from django.core.exceptions import ObjectDoesNotExist
from alliance_auth.tests.auth_utils import AuthUtils
from .auth_hooks import DiscourseService
from .models import DiscourseUser
from .tasks import DiscourseTasks
MODULE_PATH = 'services.modules.discourse'
class DiscourseHooksTestCase(TestCase):
def setUp(self):
self.member = 'member_user'
member = AuthUtils.create_member(self.member)
DiscourseUser.objects.create(user=member, enabled=True)
self.blue = 'blue_user'
blue = AuthUtils.create_blue(self.blue)
DiscourseUser.objects.create(user=blue, enabled=True)
self.none_user = 'none_user'
none_user = AuthUtils.create_user(self.none_user)
self.service = DiscourseService
def test_has_account(self):
member = User.objects.get(username=self.member)
blue = User.objects.get(username=self.blue)
none_user = User.objects.get(username=self.none_user)
self.assertTrue(DiscourseTasks.has_account(member))
self.assertTrue(DiscourseTasks.has_account(blue))
self.assertFalse(DiscourseTasks.has_account(none_user))
def test_service_enabled(self):
service = self.service()
member = User.objects.get(username=self.member)
blue = User.objects.get(username=self.blue)
none_user = User.objects.get(username=self.none_user)
self.assertTrue(service.service_enabled_members())
self.assertTrue(service.service_enabled_blues())
self.assertEqual(service.service_active_for_user(member), settings.ENABLE_AUTH_DISCOURSE)
self.assertEqual(service.service_active_for_user(blue), settings.ENABLE_BLUE_DISCOURSE)
self.assertFalse(service.service_active_for_user(none_user))
@mock.patch(MODULE_PATH + '.tasks.DiscourseManager')
def test_update_all_groups(self, manager):
service = self.service()
service.update_all_groups()
# Check member and blue user have groups updated
self.assertTrue(manager.update_groups.called)
self.assertEqual(manager.update_groups.call_count, 2)
def test_update_groups(self):
# Check member has Member group updated
with mock.patch(MODULE_PATH + '.tasks.DiscourseManager') as manager:
service = self.service()
member = User.objects.get(username=self.member)
service.update_groups(member)
self.assertTrue(manager.update_groups.called)
args, kwargs = manager.update_groups.call_args
user, = args
self.assertEqual(user, member)
# Check none user does not have groups updated
with mock.patch(MODULE_PATH + '.tasks.DiscourseManager') as manager:
service = self.service()
none_user = User.objects.get(username=self.none_user)
service.update_groups(none_user)
self.assertFalse(manager.update_groups.called)
@mock.patch(MODULE_PATH + '.tasks.DiscourseManager')
def test_validate_user(self, manager):
service = self.service()
# Test member is not deleted
member = User.objects.get(username=self.member)
service.validate_user(member)
self.assertTrue(member.discourse)
# Test none user is deleted
none_user = User.objects.get(username=self.none_user)
DiscourseUser.objects.create(user=none_user, enabled=True)
service.validate_user(none_user)
self.assertTrue(manager.disable_user.called)
with self.assertRaises(ObjectDoesNotExist):
none_discourse = User.objects.get(username=self.none_user).discourse
@mock.patch(MODULE_PATH + '.tasks.DiscourseManager')
def test_delete_user(self, manager):
member = User.objects.get(username=self.member)
service = self.service()
result = service.delete_user(member)
self.assertTrue(result)
self.assertTrue(manager.disable_user.called)
with self.assertRaises(ObjectDoesNotExist):
discourse_user = User.objects.get(username=self.member).discourse
def test_render_services_ctrl(self):
service = self.service()
member = User.objects.get(username=self.member)
request = RequestFactory().get('/en/services/')
request.user = member
response = service.render_services_ctrl(request)
self.assertTemplateUsed(service.service_ctrl_template)
self.assertIn('href="%s"' % settings.DISCOURSE_URL, response)
class DiscourseViewsTestCase(TestCase):
def setUp(self):
self.member = AuthUtils.create_member('auth_member')
self.member.set_password('password')
self.member.save()
AuthUtils.add_main_character(self.member, 'auth_member', '12345', corp_id='111', corp_name='Test Corporation')
@mock.patch(MODULE_PATH + '.tasks.DiscourseManager')
def test_sso_member(self, manager):
self.client.login(username=self.member.username, password='password')
data = {'sso': 'bm9uY2U9Y2I2ODI1MWVlZmI1MjExZTU4YzAwZmYxMzk1ZjBjMGI%3D%0A',
'sig': '2828aa29899722b35a2f191d34ef9b3ce695e0e6eeec47deb46d588d70c7cb56'}
response = self.client.get('/discourse/sso', data=data, follow=False)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.url[:37], 'https://example.com/session/sso_login')

9
services/modules/discourse/urls.py Normal file
View File

@ -0,0 +1,9 @@
from __future__ import unicode_literals
from django.conf.urls import url
from . import views
urlpatterns = [
# Discourse Service Control
url(r'^discourse/sso$', views.discourse_sso, name='auth_discourse_sso'),
]

119
services/modules/discourse/views.py Normal file
View File

@ -0,0 +1,119 @@
from __future__ import unicode_literals
from django.conf import settings
from django.contrib import messages
from django.contrib.auth.decorators import login_required
from django.shortcuts import render, redirect
from authentication.states import MEMBER_STATE, BLUE_STATE, NONE_STATE
from eveonline.models import EveCharacter
from eveonline.managers import EveManager
from authentication.models import AuthServicesInfo
from .manager import DiscourseManager
from .tasks import DiscourseTasks
from .models import DiscourseUser
import base64
import hmac
import hashlib
try:
from urllib import unquote, urlencode
except ImportError: #py3
from urllib.parse import unquote, urlencode
try:
from urlparse import parse_qs
except ImportError: #py3
from urllib.parse import parse_qs
import logging
logger = logging.getLogger(__name__)
@login_required
def discourse_sso(request):
## Check if user has access
auth = AuthServicesInfo.objects.get(user=request.user)
if not request.user.is_superuser:
if not settings.ENABLE_AUTH_DISCOURSE and auth.state == MEMBER_STATE:
messages.error(request, 'Members are not authorized to access Discourse.')
return redirect('auth_dashboard')
elif not settings.ENABLE_BLUE_DISCOURSE and auth.state == BLUE_STATE:
messages.error(request, 'Blues are not authorized to access Discourse.')
return redirect('auth_dashboard')
elif auth.state == NONE_STATE:
messages.error(request, 'You are not authorized to access Discourse.')
return redirect('auth_dashboard')
if not auth.main_char_id:
messages.error(request, "You must have a main character set to access Discourse.")
return redirect('auth_characters')
main_char = EveManager.get_main_character(request.user)
if main_char is None:
messages.error(request, "Your main character is missing a database model. Please select a new one.")
return redirect('auth_characters')
payload = request.GET.get('sso')
signature = request.GET.get('sig')
if None in [payload, signature]:
messages.error(request, 'No SSO payload or signature. Please contact support if this problem persists.')
return redirect('auth_dashboard')
## Validate the payload
try:
payload = unquote(payload).encode('utf-8')
decoded = base64.decodestring(payload).decode('utf-8')
assert 'nonce' in decoded
assert len(payload) > 0
except AssertionError:
messages.error(request, 'Invalid payload. Please contact support if this problem persists.')
return redirect('auth_dashboard')
key = str(settings.DISCOURSE_SSO_SECRET).encode('utf-8')
h = hmac.new(key, payload, digestmod=hashlib.sha256)
this_signature = h.hexdigest()
if this_signature != signature:
messages.error(request, 'Invalid payload. Please contact support if this problem persists.')
return redirect('auth_dashboard')
## Build the return payload
username = DiscourseManager._sanitize_username(main_char.character_name)
qs = parse_qs(decoded)
params = {
'nonce': qs['nonce'][0],
'email': request.user.email,
'external_id': request.user.pk,
'username': username,
'name': username,
}
if auth.main_char_id:
params['avatar_url'] = 'https://image.eveonline.com/Character/%s_256.jpg' % auth.main_char_id
return_payload = base64.encodestring(urlencode(params).encode('utf-8'))
h = hmac.new(key, return_payload, digestmod=hashlib.sha256)
query_string = urlencode({'sso': return_payload, 'sig': h.hexdigest()})
## Record activation and queue group sync
if not DiscourseTasks.has_account(request.user):
discourse_user = DiscourseUser()
discourse_user.user = request.user
discourse_user.enabled = True
discourse_user.save()
DiscourseTasks.update_groups.apply_async(args=[request.user.pk], countdown=30) # wait 30s for new user creation on Discourse
## Redirect back to Discourse
url = '%s/session/sso_login' % settings.DISCOURSE_URL
return redirect('%s?%s' % (url, query_string))

0
services/modules/example/__init__.py Normal file
View File

7
services/modules/example/apps.py Normal file
View File

@ -0,0 +1,7 @@
from __future__ import unicode_literals
from django.apps import AppConfig
class ExampleServiceConfig(AppConfig):
name = 'example_service'

44
services/modules/example/auth_hooks.py Normal file
View File

@ -0,0 +1,44 @@
from __future__ import unicode_literals
from django.template.loader import render_to_string
from services.hooks import ServicesHook
from alliance_auth import hooks
from .urls import urlpatterns
class ExampleService(ServicesHook):
def __init__(self):
ServicesHook.__init__(self)
self.urlpatterns = urlpatterns
self.service_url = 'http://exampleservice.example.com'
"""
Overload base methods here to implement functionality
"""
def render_services_ctrl(self, request):
"""
Example for rendering the service control panel row
You can override the default template and create a
custom one if you wish.
:param request:
:return:
"""
urls = self.Urls()
urls.auth_activate = 'auth_example_activate'
urls.auth_deactivate = 'auth_example_deactivate'
urls.auth_reset_password = 'auth_example_reset_password'
urls.auth_set_password = 'auth_example_set_password'
return render_to_string(self.service_ctrl_template, {
'service_name': self.title,
'urls': urls,
'service_url': self.service_url,
'username': 'example username'
}, request=request)
@hooks.register('services_hook')
def register_service():
return ExampleService()

16
services/modules/example/models.py Normal file
View File

@ -0,0 +1,16 @@
from __future__ import unicode_literals
from django.utils.encoding import python_2_unicode_compatible
from django.contrib.auth.models import User
from django.db import models
@python_2_unicode_compatible
class ExampleUser(models.Model):
user = models.OneToOneField(User,
primary_key=True,
on_delete=models.CASCADE,
related_name='example')
username = models.CharField(max_length=254)
def __str__(self):
return self.username

10
services/modules/example/urls.py Normal file
View File

@ -0,0 +1,10 @@
from __future__ import unicode_literals
from django.conf.urls import url, include
module_urls = [
# Add your module URLs here
]
urlpatterns = [
url(r'^example/', include(module_urls)),
]

1
services/modules/example/views.py Normal file
View File

@ -0,0 +1 @@
# Add your Views here

0
services/modules/ipboard/__init__.py Normal file
View File

10
services/modules/ipboard/admin.py Normal file
View File

@ -0,0 +1,10 @@
from __future__ import unicode_literals
from django.contrib import admin
from .models import IpboardUser
class IpboardUserAdmin(admin.ModelAdmin):
list_display = ('user', 'username')
search_fields = ('user__username', 'username')
admin.site.register(IpboardUser, IpboardUserAdmin)

7
services/modules/ipboard/apps.py Normal file
View File

@ -0,0 +1,7 @@
from __future__ import unicode_literals
from django.apps import AppConfig
class IpboardServiceConfig(AppConfig):
name = 'ipboard'

68
services/modules/ipboard/auth_hooks.py Normal file
View File

@ -0,0 +1,68 @@
from __future__ import unicode_literals
from django.conf import settings
from django.template.loader import render_to_string
from services.hooks import ServicesHook
from alliance_auth import hooks
from .urls import urlpatterns
from .tasks import IpboardTasks
import logging
logger = logging.getLogger(__name__)
class IpboardService(ServicesHook):
def __init__(self):
ServicesHook.__init__(self)
self.name = 'ipboard'
self.service_url = settings.IPBOARD_ENDPOINT
self.urlpatterns = urlpatterns
@property
def title(self):
return 'IPBoard Forums'
def delete_user(self, user, notify_user=False):
logger.debug('Deleting user %s %s account' % (user, self.name))
return IpboardTasks.delete_user(user, notify_user=notify_user)
def update_groups(self, user):
logger.debug("Updating %s groups for %s" % (self.name, user))
if IpboardTasks.has_account(user):
IpboardTasks.update_groups.delay(user.pk)
def validate_user(self, user):
logger.debug('Validating user %s %s account' % (user, self.name))
if IpboardTasks.has_account(user) and not self.service_active_for_user(user):
self.delete_user(user, notify_user=True)
def update_all_groups(self):
logger.debug('Update all %s groups called' % self.name)
IpboardTasks.update_all_groups.delay()
def service_enabled_members(self):
return settings.ENABLE_AUTH_IPBOARD or False
def service_enabled_blues(self):
return settings.ENABLE_BLUE_IPBOARD or False
def render_services_ctrl(self, request):
urls = self.Urls()
urls.auth_activate = 'auth_activate_ipboard'
urls.auth_deactivate = 'auth_deactivate_ipboard'
urls.auth_reset_password = 'auth_reset_ipboard_password'
urls.auth_set_password = 'auth_set_ipboard_password'
return render_to_string(self.service_ctrl_template, {
'service_name': self.title,
'urls': urls,
'service_url': self.service_url,
'username': request.user.ipboard.username if IpboardTasks.has_account(request.user) else '',
}, request=request)
@hooks.register('services_hook')
def register_service():
return IpboardService()

21
services/managers/ipboard_manager.py → services/modules/ipboard/manager.py
View File

@ -1,5 +1,6 @@
from __future__ import unicode_literals
import os
import random
import string
import re
from hashlib import md5
try:
@ -27,7 +28,11 @@ class IPBoardManager:
@staticmethod
def __generate_random_pass():
return os.urandom(8).encode('hex')
return ''.join([random.choice(string.ascii_letters + string.digits) for n in range(16)])
@staticmethod
def _gen_pwhash(password):
return md5(password.encode('utf-8')).hexdigest()
@staticmethod
def _sanitize_groupname(name):
@ -49,13 +54,13 @@ class IPBoardManager:
except:
return {}
@staticmethod
def add_user(username, email):
@classmethod
def add_user(cls, username, email):
""" Add user to service """
sanatized = str(IPBoardManager.__santatize_username(username))
logger.debug("Adding user to IPBoard with username %s" % sanatized)
plain_password = IPBoardManager.__generate_random_pass()
password = md5(plain_password).hexdigest()
password = cls._gen_pwhash(plain_password)
IPBoardManager.exec_xmlrpc('createUser', username=sanatized, email=str(email), display_name=sanatized,
md5_passwordHash=password)
logger.info("Added IPBoard user with username %s" % sanatized)
@ -75,10 +80,10 @@ class IPBoardManager:
logger.info("Disabled IPBoard user with username %s" % username)
return username
@staticmethod
def update_user(username, email, password):
@classmethod
def update_user(cls, username, email, password):
""" Add user to service """
password = md5(password).hexdigest()
password = cls._gen_pwhash(password)
logger.debug("Updating IPBoard username %s with email %s and password hash starting with %s" % (
username, email, password[0:5]))
IPBoardManager.exec_xmlrpc('updateUser', username=username, email=email, md5_passwordHash=password)

26
services/modules/ipboard/migrations/0001_initial.py Normal file
View File

@ -0,0 +1,26 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.10.2 on 2016-12-12 03:27
from __future__ import unicode_literals
from django.conf import settings
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
initial = True
dependencies = [
('auth', '0008_alter_user_username_max_length'),
]
operations = [
migrations.CreateModel(
name='IpboardUser',
fields=[
('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, primary_key=True, related_name='ipboard', serialize=False, to=settings.AUTH_USER_MODEL)),
('username', models.CharField(max_length=254)),
],
),
]

0
services/modules/ipboard/migrations/__init__.py Normal file
View File

16
services/modules/ipboard/models.py Normal file
View File

@ -0,0 +1,16 @@
from __future__ import unicode_literals
from django.utils.encoding import python_2_unicode_compatible
from django.contrib.auth.models import User
from django.db import models
@python_2_unicode_compatible
class IpboardUser(models.Model):
user = models.OneToOneField(User,
primary_key=True,
on_delete=models.CASCADE,
related_name='ipboard')
username = models.CharField(max_length=254)
def __str__(self):
return self.username

73
services/modules/ipboard/tasks.py Normal file
View File

@ -0,0 +1,73 @@
from __future__ import unicode_literals
from alliance_auth.celeryapp import app
from django.conf import settings
from django.contrib.auth.models import User
from django.core.exceptions import ObjectDoesNotExist
from notifications import notify
from .manager import IPBoardManager
from .models import IpboardUser
import logging
logger = logging.getLogger(__name__)
class IpboardTasks:
def __init__(self):
pass
@classmethod
def delete_user(cls, user, notify_user=False):
if cls.has_account(user):
if IPBoardManager.disable_user(user.ipboard.username):
user.ipboard.delete()
if notify_user:
notify(user, 'IPBoard Account Disabled', level='danger')
return True
return False
@staticmethod
def has_account(user):
try:
return user.ipboard.username != ''
except ObjectDoesNotExist:
return False
@staticmethod
@app.task(bind=True)
def update_groups(self, pk):
user = User.objects.get(pk=pk)
logger.debug("Updating user %s ipboard groups." % user)
groups = []
for group in user.groups.all():
groups.append(str(group.name))
if len(groups) == 0:
groups.append('empty')
logger.debug("Updating user %s ipboard groups to %s" % (user, groups))
try:
IPBoardManager.update_groups(user.ipboard.username, groups)
except:
logger.exception("IPBoard group sync failed for %s, retrying in 10 mins" % user)
raise self.retry(countdown=60 * 10)
logger.debug("Updated user %s ipboard groups." % user)
@staticmethod
@app.task
def update_all_groups():
logger.debug("Updating ALL ipboard groups")
for ipboard_user in IpboardUser.objects.exclude(username__exact=''):
IpboardTasks.update_groups.delay(ipboard_user.user.pk)
@staticmethod
@app.task
def disable():
if settings.ENABLE_AUTH_IPBOARD:
logger.warn(
"ENABLE_AUTH_IPBOARD still True, after disabling users will still be able to create IPBoard accounts")
if settings.ENABLE_BLUE_IPBOARD:
logger.warn(
"ENABLE_BLUE_IPBOARD still True, after disabling blues will still be able to create IPBoard accounts")
logger.debug("Deleting all Ipboard Users")
IpboardUser.objects.all().delete()

207
services/modules/ipboard/tests.py Normal file
View File

@ -0,0 +1,207 @@
from __future__ import unicode_literals
try:
# Py3
from unittest import mock
except ImportError:
# Py2
import mock
from django.test import TestCase, RequestFactory
from django.conf import settings
from django.contrib.auth.models import User
from django import urls
from django.core.exceptions import ObjectDoesNotExist
from alliance_auth.tests.auth_utils import AuthUtils
from .auth_hooks import IpboardService
from .models import IpboardUser
from .tasks import IpboardTasks
from .manager import IPBoardManager
MODULE_PATH = 'services.modules.ipboard'
class IpboardHooksTestCase(TestCase):
def setUp(self):
self.member = 'member_user'
member = AuthUtils.create_member(self.member)
IpboardUser.objects.create(user=member, username=self.member)
self.blue = 'blue_user'
blue = AuthUtils.create_blue(self.blue)
IpboardUser.objects.create(user=blue, username=self.blue)
self.none_user = 'none_user'
none_user = AuthUtils.create_user(self.none_user)
self.service = IpboardService
def test_has_account(self):
member = User.objects.get(username=self.member)
blue = User.objects.get(username=self.blue)
none_user = User.objects.get(username=self.none_user)
self.assertTrue(IpboardTasks.has_account(member))
self.assertTrue(IpboardTasks.has_account(blue))
self.assertFalse(IpboardTasks.has_account(none_user))
def test_service_enabled(self):
service = self.service()
member = User.objects.get(username=self.member)
blue = User.objects.get(username=self.blue)
none_user = User.objects.get(username=self.none_user)
self.assertTrue(service.service_enabled_members())
self.assertTrue(service.service_enabled_blues())
self.assertEqual(service.service_active_for_user(member), settings.ENABLE_AUTH_IPBOARD)
self.assertEqual(service.service_active_for_user(blue), settings.ENABLE_BLUE_IPBOARD)
self.assertFalse(service.service_active_for_user(none_user))
@mock.patch(MODULE_PATH + '.tasks.IPBoardManager')
def test_update_all_groups(self, manager):
service = self.service()
service.update_all_groups()
# Check member and blue user have groups updated
self.assertTrue(manager.update_groups.called)
self.assertEqual(manager.update_groups.call_count, 2)
def test_update_groups(self):
# Check member has Member group updated
with mock.patch(MODULE_PATH + '.tasks.IPBoardManager') as manager:
service = self.service()
member = User.objects.get(username=self.member)
service.update_groups(member)
self.assertTrue(manager.update_groups.called)
# Check none user does not have groups updated
with mock.patch(MODULE_PATH + '.tasks.IPBoardManager') as manager:
service = self.service()
none_user = User.objects.get(username=self.none_user)
service.update_groups(none_user)
self.assertFalse(manager.update_groups.called)
@mock.patch(MODULE_PATH + '.tasks.IPBoardManager')
def test_validate_user(self, manager):
service = self.service()
# Test member is not deleted
member = User.objects.get(username=self.member)
service.validate_user(member)
self.assertTrue(User.objects.get(username=self.member).ipboard)
# Test none user is deleted
none_user = User.objects.get(username=self.none_user)
IpboardUser.objects.create(user=none_user, username='none_user')
service.validate_user(none_user)
self.assertTrue(manager.disable_user.called)
with self.assertRaises(ObjectDoesNotExist):
none_ipboard = User.objects.get(username=self.none_user).ipboard
@mock.patch(MODULE_PATH + '.tasks.IPBoardManager')
def test_delete_user(self, manager):
member = User.objects.get(username=self.member)
service = self.service()
result = service.delete_user(member)
self.assertTrue(result)
self.assertTrue(manager.disable_user.called)
with self.assertRaises(ObjectDoesNotExist):
Ipboard_user = User.objects.get(username=self.member).ipboard
def test_render_services_ctrl(self):
service = self.service()
member = User.objects.get(username=self.member)
request = RequestFactory().get('/en/services/')
request.user = member
response = service.render_services_ctrl(request)
self.assertTemplateUsed(service.service_ctrl_template)
self.assertIn('/ipboard/set_password/', response)
self.assertIn('/ipboard/reset_password/', response)
self.assertIn('/ipboard/deactivate/', response)
# Test register becomes available
member.ipboard.delete()
member = User.objects.get(username=self.member)
request.user = member
response = service.render_services_ctrl(request)
self.assertIn('/ipboard/activate/', response)
class IpboardViewsTestCase(TestCase):
def setUp(self):
self.member = AuthUtils.create_member('auth_member')
self.member.set_password('password')
self.member.email = 'auth_member@example.com'
self.member.save()
AuthUtils.add_main_character(self.member, 'auth_member', '12345', corp_id='111', corp_name='Test Corporation')
def login(self):
self.client.login(username=self.member.username, password='password')
@mock.patch(MODULE_PATH + '.views.IPBoardManager')
def test_activate(self, manager):
self.login()
expected_username = 'auth_member'
expected_password = 'abc123'
manager.add_user.return_value = (expected_username, expected_password)
response = self.client.get(urls.reverse('auth_activate_ipboard'), follow=False)
self.assertEqual(response.status_code, 200)
self.assertContains(response, expected_username)
self.assertContains(response, expected_password)
self.assertTrue(manager.add_user.called)
args, kwargs = manager.add_user.call_args
self.assertEqual(args[0], 'auth_member') # Character name
self.assertEqual(args[1], self.member.email)
self.assertEqual(self.member.ipboard.username, expected_username)
@mock.patch(MODULE_PATH + '.tasks.IPBoardManager')
def test_deactivate(self, manager):
self.login()
IpboardUser.objects.create(user=self.member, username='12345')
manager.disable_user.return_value = True
response = self.client.get(urls.reverse('auth_deactivate_ipboard'))
self.assertTrue(manager.disable_user.called)
self.assertRedirects(response, expected_url=urls.reverse('auth_services'), target_status_code=200)
with self.assertRaises(ObjectDoesNotExist):
ipboard_user = User.objects.get(pk=self.member.pk).ipboard
@mock.patch(MODULE_PATH + '.views.IPBoardManager')
def test_set_password(self, manager):
self.login()
IpboardUser.objects.create(user=self.member, username='12345')
expected_password = 'password'
manager.update_user_password.return_value = expected_password
response = self.client.post(urls.reverse('auth_set_ipboard_password'), data={'password': expected_password})
self.assertTrue(manager.update_user_password.called)
args, kwargs = manager.update_user_password.call_args
self.assertEqual(kwargs['plain_password'], expected_password)
self.assertRedirects(response, expected_url=urls.reverse('auth_services'), target_status_code=200)
@mock.patch(MODULE_PATH + '.views.IPBoardManager')
def test_reset_password(self, manager):
self.login()
IpboardUser.objects.create(user=self.member, username='12345')
response = self.client.get(urls.reverse('auth_reset_ipboard_password'))
self.assertTrue(manager.update_user_password.called)
self.assertTemplateUsed(response, 'registered/service_credentials.html')
class IpboardManagerTestCase(TestCase):
def setUp(self):
self.manager = IPBoardManager
def test_generate_random_password(self):
password = self.manager._IPBoardManager__generate_random_pass()
self.assertEqual(len(password), 16)
self.assertIsInstance(password, type(''))
def test_gen_pwhash(self):
pwhash = self.manager._gen_pwhash('test')
self.assertEqual(pwhash, '098f6bcd4621d373cade4e832627b4f6')

16
services/modules/ipboard/urls.py Normal file
View File

@ -0,0 +1,16 @@
from __future__ import unicode_literals
from django.conf.urls import url, include
from . import views
module_urls = [
# Ipboard service control
url(r'^activate/$', views.activate_ipboard_forum, name='auth_activate_ipboard'),
url(r'^deactivate/$', views.deactivate_ipboard_forum, name='auth_deactivate_ipboard'),
url(r'^reset_password/$', views.reset_ipboard_password, name='auth_reset_ipboard_password'),
url(r'^set_password/$', views.set_ipboard_password, name='auth_set_ipboard_password'),
]
urlpatterns = [
url(r'^ipboard/', include(module_urls))
]

110
services/modules/ipboard/views.py Normal file
View File

@ -0,0 +1,110 @@
from __future__ import unicode_literals
from django.contrib import messages
from django.contrib.auth.decorators import login_required
from django.shortcuts import render, redirect
from authentication.decorators import members_and_blues
from services.forms import ServicePasswordForm
from eveonline.managers import EveManager
from .manager import IPBoardManager
from .tasks import IpboardTasks
from .models import IpboardUser
import logging
logger = logging.getLogger(__name__)
@login_required
@members_and_blues()
def activate_ipboard_forum(request):
logger.debug("activate_ipboard_forum called by user %s" % request.user)
character = EveManager.get_main_character(request.user)
logger.debug("Adding ipboard user for user %s with main character %s" % (request.user, character))
result = IPBoardManager.add_user(character.character_name, request.user.email)
if result[0] != "":
ipboard_user = IpboardUser()
ipboard_user.user = request.user
ipboard_user.username = result[0]
ipboard_user.save()
logger.debug("Updated authserviceinfo for user %s with ipboard credentials. Updating groups." % request.user)
IpboardTasks.update_groups.delay(request.user.pk)
logger.info("Successfully activated ipboard for user %s" % request.user)
messages.success(request, 'Activated IPBoard account.')
credentials = {
'username': result[0],
'password': result[1],
}
return render(request, 'registered/service_credentials.html',
context={'credentials': credentials, 'service': 'IPBoard'})
else:
logger.error("Unsuccessful attempt to activate ipboard for user %s" % request.user)
messages.error(request, 'An error occurred while processing your IPBoard account.')
return redirect("auth_services")
@login_required
@members_and_blues()
def deactivate_ipboard_forum(request):
logger.debug("deactivate_ipboard_forum called by user %s" % request.user)
# false we failed
if IpboardTasks.delete_user(request.user):
logger.info("Successfully deactivated ipboard for user %s" % request.user)
messages.success(request, 'Deactivated IPBoard account.')
else:
logger.error("Unsuccessful attempt to deactviate ipboard for user %s" % request.user)
messages.error(request, 'An error occurred while processing your IPBoard account.')
return redirect("auth_services")
@login_required
@members_and_blues()
def set_ipboard_password(request):
logger.debug("set_ipboard_password called by user %s" % request.user)
error = None
if request.method == 'POST':
logger.debug("Received POST request with form.")
form = ServicePasswordForm(request.POST)
logger.debug("Form is valid: %s" % form.is_valid())
if form.is_valid() and IpboardTasks.has_account(request.user):
password = form.cleaned_data['password']
logger.debug("Form contains password of length %s" % len(password))
result = IPBoardManager.update_user_password(request.user.ipboard.username, request.user.email,
plain_password=password)
if result != "":
logger.info("Successfully set IPBoard password for user %s" % request.user)
messages.success(request, 'Set IPBoard password.')
else:
logger.error("Failed to install custom ipboard password for user %s" % request.user)
messages.error(request, 'An error occurred while processing your IPBoard account.')
return redirect("auth_services")
else:
logger.debug("Request is not type POST - providing empty form.")
form = ServicePasswordForm()
logger.debug("Rendering form for user %s" % request.user)
context = {'form': form, 'service': 'IPBoard', 'error': error}
return render(request, 'registered/service_password.html', context=context)
@login_required
@members_and_blues()
def reset_ipboard_password(request):
logger.debug("reset_ipboard_password called by user %s" % request.user)
if IpboardTasks.has_account(request.user):
result = IPBoardManager.update_user_password(request.user.ipboard.username, request.user.email)
if result != "":
logger.info("Successfully reset ipboard password for user %s" % request.user)
messages.success(request, 'Reset IPBoard password.')
credentials = {
'username': request.user.ipboard.username,
'password': result,
}
return render(request, 'registered/service_credentials.html',
context={'credentials': credentials, 'service': 'IPBoard'})
logger.error("Unsuccessful attempt to reset ipboard password for user %s" % request.user)
messages.error(request, 'An error occurred while processing your IPBoard account.')
return redirect("auth_services")

0
services/modules/ips4/__init__.py Normal file
View File

10
services/modules/ips4/admin.py Normal file
View File

@ -0,0 +1,10 @@
from __future__ import unicode_literals
from django.contrib import admin
from .models import Ips4User
class Ips4UserAdmin(admin.ModelAdmin):
list_display = ('user', 'username', 'id')
search_fields = ('user__username', 'username', 'id')
admin.site.register(Ips4User, Ips4UserAdmin)

7
services/modules/ips4/apps.py Normal file
View File

@ -0,0 +1,7 @@
from __future__ import unicode_literals
from django.apps import AppConfig
class Ips4ServiceConfig(AppConfig):
name = 'ips4'

53
services/modules/ips4/auth_hooks.py Normal file
View File

@ -0,0 +1,53 @@
from __future__ import unicode_literals
from django.conf import settings
from django.template.loader import render_to_string
from services.hooks import ServicesHook
from alliance_auth import hooks
from .urls import urlpatterns
from .tasks import Ips4Tasks
class Ips4Service(ServicesHook):
def __init__(self):
ServicesHook.__init__(self)
self.name = 'ips4'
self.urlpatterns = urlpatterns
self.service_url = settings.IPS4_URL
@property
def title(self):
return 'IPS4'
def service_enabled_members(self):
return settings.ENABLE_AUTH_IPS4 or False
def service_enabled_blues(self):
return settings.ENABLE_BLUE_IPS4 or False
def render_services_ctrl(self, request):
"""
Example for rendering the service control panel row
You can override the default template and create a
custom one if you wish.
:param request:
:return:
"""
urls = self.Urls()
urls.auth_activate = 'auth_activate_ips4'
urls.auth_deactivate = 'auth_deactivate_ips4'
urls.auth_reset_password = 'auth_reset_ips4_password'
urls.auth_set_password = 'auth_set_ips4_password'
return render_to_string(self.service_ctrl_template, {
'service_name': self.title,
'urls': urls,
'service_url': self.service_url,
'username': request.user.ips4.username if Ips4Tasks.has_account(request.user) else ''
}, request=request)
@hooks.register('services_hook')
def register_service():
return Ips4Service()

62
services/managers/ips4_manager.py → services/modules/ips4/manager.py
View File

@ -1,6 +1,8 @@
from __future__ import unicode_literals
import logging
import os
import random
import string
import re
from django.db import connections
from passlib.hash import bcrypt
@ -16,18 +18,16 @@ class Ips4Manager:
MEMBER_GROUP_ID = 3
@staticmethod
def add_user(username, email):
@classmethod
def add_user(cls, username, email):
logger.debug("Adding new IPS4 user %s" % username)
plain_password = Ips4Manager.__generate_random_pass()
hash = bcrypt.encrypt(plain_password, rounds=13)
hash_result = hash
rounds_striped = hash_result.strip('$2a$13$')
salt = rounds_striped[:22]
group = Ips4Manager.MEMBER_GROUP_ID
plain_password = cls.__generate_random_pass()
hash = cls._gen_pwhash(plain_password)
salt = cls._get_salt(hash)
group = cls.MEMBER_GROUP_ID
cursor = connections['ips4'].cursor()
cursor.execute(Ips4Manager.SQL_ADD_USER, [username, email, hash, salt, group])
member_id = Ips4Manager.get_user_id(username)
cursor.execute(cls.SQL_ADD_USER, [username, email, hash, salt, group])
member_id = cls.get_user_id(username)
return username, plain_password, member_id
@staticmethod
@ -44,7 +44,17 @@ class Ips4Manager:
@staticmethod
def __generate_random_pass():
return os.urandom(8).encode('hex')
return ''.join([random.choice(string.ascii_letters + string.digits) for n in range(16)])
@staticmethod
def _gen_pwhash(password):
return bcrypt.encrypt(password.encode('utf-8'), rounds=13)
@staticmethod
def _get_salt(pw_hash):
search = re.compile(r"^\$2[a-z]?\$([0-9]+)\$(.{22})(.{31})$")
match = re.match(search, pw_hash)
return match.group(2)
@staticmethod
def delete_user(id):
@ -58,17 +68,15 @@ class Ips4Manager:
logger.exception("Failed to delete IPS4 user id %s" % id)
return False
@staticmethod
def update_user_password(username):
@classmethod
def update_user_password(cls, username):
logger.debug("Updating IPS4 user id %s password" % id)
if Ips4Manager.check_user(username):
if cls.check_user(username):
plain_password = Ips4Manager.__generate_random_pass()
hash = bcrypt.encrypt(plain_password, rounds=13)
hash_result = hash
rounds_striped = hash_result.strip('$2a$13$')
salt = rounds_striped[:22]
hash = cls._gen_pwhash(plain_password)
salt = cls._get_salt(hash)
cursor = connections['ips4'].cursor()
cursor.execute(Ips4Manager.SQL_UPDATE_PASSWORD, [hash, salt, username])
cursor.execute(cls.SQL_UPDATE_PASSWORD, [hash, salt, username])
return plain_password
else:
logger.error("Unable to update ips4 user %s password" % username)
@ -86,16 +94,14 @@ class Ips4Manager:
logger.debug("User %s not found on IPS4" % username)
return False
@staticmethod
def update_custom_password(username, plain_password):
@classmethod
def update_custom_password(cls, username, plain_password):
logger.debug("Updating IPS4 user id %s password" % id)
if Ips4Manager.check_user(username):
hash = bcrypt.encrypt(plain_password, rounds=13)
hash_result = hash
rounds_striped = hash_result.strip('$2a$13$')
salt = rounds_striped[:22]
if cls.check_user(username):
hash = cls._gen_pwhash(plain_password)
salt = cls._get_salt(hash)
cursor = connections['ips4'].cursor()
cursor.execute(Ips4Manager.SQL_UPDATE_PASSWORD, [hash, salt, username])
cursor.execute(cls.SQL_UPDATE_PASSWORD, [hash, salt, username])
return plain_password
else:
logger.error("Unable to update ips4 user %s password" % username)

27
services/modules/ips4/migrations/0001_initial.py Normal file
View File

@ -0,0 +1,27 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.10.2 on 2016-12-12 03:27
from __future__ import unicode_literals
from django.conf import settings
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
initial = True
dependencies = [
('auth', '0008_alter_user_username_max_length'),
]
operations = [
migrations.CreateModel(
name='Ips4User',
fields=[
('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, primary_key=True, related_name='ips4', serialize=False, to=settings.AUTH_USER_MODEL)),
('username', models.CharField(max_length=254)),
('id', models.CharField(max_length=254)),
],
),
]

0
services/modules/ips4/migrations/__init__.py Normal file
View File

17
services/modules/ips4/models.py Normal file
View File

@ -0,0 +1,17 @@
from __future__ import unicode_literals
from django.utils.encoding import python_2_unicode_compatible
from django.contrib.auth.models import User
from django.db import models
@python_2_unicode_compatible
class Ips4User(models.Model):
user = models.OneToOneField(User,
primary_key=True,
on_delete=models.CASCADE,
related_name='ips4')
username = models.CharField(max_length=254)
id = models.CharField(max_length=254)
def __str__(self):
return self.username

43
services/modules/ips4/tasks.py Normal file
View File

@ -0,0 +1,43 @@
from __future__ import unicode_literals, absolute_import
from django.conf import settings
from django.core.exceptions import ObjectDoesNotExist
from .manager import Ips4Manager
from .models import Ips4User
import logging
logger = logging.getLogger(__name__)
class Ips4Tasks:
def __init__(self):
pass
@classmethod
def delete_user(cls, user):
logging.debug("Attempting to delete IPS4 account for %s" % user)
if cls.has_account(user) and Ips4Manager.delete_user(user.ips4.id):
user.ips4.delete()
logger.info("Successfully deactivated IPS4 for user %s" % user)
return True
return False
@staticmethod
def has_account(user):
try:
return user.ips4.id != ''
except ObjectDoesNotExist:
return False
@staticmethod
def disable():
if settings.ENABLE_AUTH_IPS4:
logger.warn(
"ENABLE_AUTH_IPS4 still True, after disabling users will still be able to create IPS4 accounts")
if settings.ENABLE_BLUE_IPS4:
logger.warn(
"ENABLE_BLUE_IPS4 still True, after disabling blues will still be able to create IPS4 accounts")
logging.debug("Deleting all IPS4 users")
Ips4User.objects.all().delete()

164
services/modules/ips4/tests.py Normal file
View File

@ -0,0 +1,164 @@
from __future__ import unicode_literals
try:
# Py3
from unittest import mock
except ImportError:
# Py2
import mock
from django.test import TestCase, RequestFactory
from django.conf import settings
from django import urls
from django.contrib.auth.models import User
from django.core.exceptions import ObjectDoesNotExist
from alliance_auth.tests.auth_utils import AuthUtils
from .auth_hooks import Ips4Service
from .models import Ips4User
from .tasks import Ips4Tasks
MODULE_PATH = 'services.modules.ips4'
class Ips4HooksTestCase(TestCase):
def setUp(self):
self.member = 'member_user'
member = AuthUtils.create_member(self.member)
Ips4User.objects.create(user=member, id='12345', username=self.member)
self.blue = 'blue_user'
blue = AuthUtils.create_blue(self.blue)
Ips4User.objects.create(user=blue, id='67891', username=self.blue)
self.none_user = 'none_user'
none_user = AuthUtils.create_user(self.none_user)
self.service = Ips4Service
def test_has_account(self):
member = User.objects.get(username=self.member)
blue = User.objects.get(username=self.blue)
none_user = User.objects.get(username=self.none_user)
self.assertTrue(Ips4Tasks.has_account(member))
self.assertTrue(Ips4Tasks.has_account(blue))
self.assertFalse(Ips4Tasks.has_account(none_user))
def test_service_enabled(self):
service = self.service()
member = User.objects.get(username=self.member)
blue = User.objects.get(username=self.blue)
none_user = User.objects.get(username=self.none_user)
self.assertTrue(service.service_enabled_members())
self.assertTrue(service.service_enabled_blues())
self.assertEqual(service.service_active_for_user(member), settings.ENABLE_AUTH_IPS4)
self.assertEqual(service.service_active_for_user(blue), settings.ENABLE_BLUE_IPS4)
self.assertFalse(service.service_active_for_user(none_user))
def test_render_services_ctrl(self):
service = self.service()
member = User.objects.get(username=self.member)
request = RequestFactory().get('/en/services/')
request.user = member
response = service.render_services_ctrl(request)
self.assertTemplateUsed(service.service_ctrl_template)
self.assertIn(urls.reverse('auth_set_ips4_password'), response)
self.assertIn(urls.reverse('auth_reset_ips4_password'), response)
self.assertIn(urls.reverse('auth_deactivate_ips4'), response)
# Test register becomes available
member.ips4.delete()
member = User.objects.get(username=self.member)
request.user = member
response = service.render_services_ctrl(request)
self.assertIn(urls.reverse('auth_activate_ips4'), response)
class Ips4ViewsTestCase(TestCase):
def setUp(self):
self.member = AuthUtils.create_member('auth_member')
self.member.set_password('password')
self.member.email = 'auth_member@example.com'
self.member.save()
AuthUtils.add_main_character(self.member, 'auth_member', '12345', corp_id='111', corp_name='Test Corporation')
def login(self):
self.client.login(username=self.member.username, password='password')
@mock.patch(MODULE_PATH + '.views.Ips4Manager')
def test_activate(self, manager):
self.login()
expected_username = 'auth_member'
expected_password = 'password'
expected_id = '1234'
manager.add_user.return_value = (expected_username, expected_password, expected_id)
response = self.client.get(urls.reverse('auth_activate_ips4'), follow=False)
self.assertTrue(manager.add_user.called)
args, kwargs = manager.add_user.call_args
self.assertEqual(args[0], expected_username)
self.assertEqual(args[1], self.member.email)
self.assertTemplateUsed(response, 'registered/service_credentials.html')
self.assertContains(response, expected_username)
self.assertContains(response, expected_password)
@mock.patch(MODULE_PATH + '.tasks.Ips4Manager')
def test_deactivate(self, manager):
self.login()
Ips4User.objects.create(user=self.member, username='12345', id='1234')
manager.delete_user.return_value = True
response = self.client.get(urls.reverse('auth_deactivate_ips4'))
self.assertTrue(manager.delete_user.called)
self.assertRedirects(response, expected_url=urls.reverse('auth_services'), target_status_code=200)
with self.assertRaises(ObjectDoesNotExist):
ips4_user = User.objects.get(pk=self.member.pk).ips4
@mock.patch(MODULE_PATH + '.views.Ips4Manager')
def test_set_password(self, manager):
self.login()
Ips4User.objects.create(user=self.member, username='12345', id='1234')
expected_password = 'password'
manager.update_user_password.return_value = expected_password
response = self.client.post(urls.reverse('auth_set_ips4_password'), data={'password': expected_password})
self.assertTrue(manager.update_custom_password.called)
args, kwargs = manager.update_custom_password.call_args
self.assertEqual(kwargs['plain_password'], expected_password)
self.assertRedirects(response, expected_url=urls.reverse('auth_services'), target_status_code=200)
@mock.patch(MODULE_PATH + '.views.Ips4Manager')
def test_reset_password(self, manager):
self.login()
Ips4User.objects.create(user=self.member, username='12345', id='1234')
response = self.client.get(urls.reverse('auth_reset_ips4_password'))
self.assertTrue(manager.update_user_password.called)
self.assertTemplateUsed(response, 'registered/service_credentials.html')
class Ips4ManagerTestCase(TestCase):
def setUp(self):
from .manager import Ips4Manager
self.manager = Ips4Manager
def test_generate_random_password(self):
password = self.manager._Ips4Manager__generate_random_pass()
self.assertEqual(len(password), 16)
self.assertIsInstance(password, type(''))
def test_gen_pwhash(self):
pwhash = self.manager._gen_pwhash('test')
salt = self.manager._get_salt(pwhash)
self.assertIsInstance(pwhash, str)
self.assertGreaterEqual(len(pwhash), 59)
self.assertIsInstance(salt, str)
self.assertEqual(len(salt), 22)

16
services/modules/ips4/urls.py Normal file
View File

@ -0,0 +1,16 @@
from __future__ import unicode_literals
from django.conf.urls import url, include
from . import views
module_urls = [
# IPS4 Service Control
url(r'^activate/$', views.activate_ips4, name='auth_activate_ips4'),
url(r'^deactivate/$', views.deactivate_ips4, name='auth_deactivate_ips4'),
url(r'^reset_password/$', views.reset_ips4_password, name='auth_reset_ips4_password'),
url(r'^set_password/$', views.set_ips4_password, name='auth_set_ips4_password'),
]
urlpatterns = [
url(r'^ips4/', include(module_urls))
]

107
services/modules/ips4/views.py Normal file
View File

@ -0,0 +1,107 @@
from __future__ import unicode_literals
from django.contrib import messages
from django.contrib.auth.decorators import login_required
from django.shortcuts import render, redirect
from authentication.decorators import members_and_blues
from eveonline.managers import EveManager
from services.forms import ServicePasswordForm
from .manager import Ips4Manager
from .models import Ips4User
from .tasks import Ips4Tasks
import logging
logger = logging.getLogger(__name__)
@login_required
@members_and_blues()
def activate_ips4(request):
logger.debug("activate_ips4 called by user %s" % request.user)
character = EveManager.get_main_character(request.user)
logger.debug("Adding IPS4 user for user %s with main character %s" % (request.user, character))
result = Ips4Manager.add_user(character.character_name, request.user.email)
# if empty we failed
if result[0] != "" and not Ips4Tasks.has_account(request.user):
ips_user = Ips4User.objects.create(user=request.user, id=result[2], username=result[0])
logger.debug("Updated authserviceinfo for user %s with IPS4 credentials." % request.user)
# update_ips4_groups.delay(request.user.pk)
logger.info("Successfully activated IPS4 for user %s" % request.user)
messages.success(request, 'Activated IPSuite4 account.')
credentials = {
'username': result[0],
'password': result[1],
}
return render(request, 'registered/service_credentials.html',
context={'credentials': credentials, 'service': 'IPSuite4'})
else:
logger.error("Unsuccessful attempt to activate IPS4 for user %s" % request.user)
messages.error(request, 'An error occurred while processing your IPSuite4 account.')
return redirect("auth_services")
@login_required
@members_and_blues()
def reset_ips4_password(request):
logger.debug("reset_ips4_password called by user %s" % request.user)
if Ips4Tasks.has_account(request.user):
result = Ips4Manager.update_user_password(request.user.ips4.username)
# false we failed
if result != "":
logger.info("Successfully reset IPS4 password for user %s" % request.user)
messages.success(request, 'Reset IPSuite4 password.')
credentials = {
'username': request.user.ips4.username,
'password': result,
}
return render(request, 'registered/service_credentials.html',
context={'credentials': credentials, 'service': 'IPSuite4'})
logger.error("Unsuccessful attempt to reset IPS4 password for user %s" % request.user)
messages.error(request, 'An error occurred while processing your IPSuite4 account.')
return redirect("auth_services")
@login_required
@members_and_blues()
def set_ips4_password(request):
logger.debug("set_ips4_password called by user %s" % request.user)
if request.method == 'POST':
logger.debug("Received POST request with form.")
form = ServicePasswordForm(request.POST)
logger.debug("Form is valid: %s" % form.is_valid())
if form.is_valid() and Ips4Tasks.has_account(request.user):
password = form.cleaned_data['password']
logger.debug("Form contains password of length %s" % len(password))
result = Ips4Manager.update_custom_password(request.user.ips4.username, plain_password=password)
if result != "":
logger.info("Successfully set IPS4 password for user %s" % request.user)
messages.success(request, 'Set IPSuite4 password.')
else:
logger.error("Failed to install custom IPS4 password for user %s" % request.user)
messages.error(request, 'An error occurred while processing your IPSuite4 account.')
return redirect('auth_services')
else:
logger.debug("Request is not type POST - providing empty form.")
form = ServicePasswordForm()
logger.debug("Rendering form for user %s" % request.user)
context = {'form': form, 'service': 'IPS4'}
return render(request, 'registered/service_password.html', context=context)
@login_required
@members_and_blues()
def deactivate_ips4(request):
logger.debug("deactivate_ips4 called by user %s" % request.user)
if Ips4Tasks.delete_user(request.user):
logger.info("Successfully deactivated IPS4 for user %s" % request.user)
messages.success(request, 'Deactivated IPSuite4 account.')
else:
logger.error("Unsuccessful attempt to deactivate IPS4 for user %s" % request.user)
messages.error(request, 'An error occurred while processing your IPSuite4 account.')
return redirect("auth_services")

0
services/modules/market/__init__.py Normal file
View File

10
services/modules/market/admin.py Normal file
View File

@ -0,0 +1,10 @@
from __future__ import unicode_literals
from django.contrib import admin
from .models import MarketUser
class MarketUserAdmin(admin.ModelAdmin):
list_display = ('user', 'username')
search_fields = ('user__username', 'username')
admin.site.register(MarketUser, MarketUserAdmin)

7
services/modules/market/apps.py Normal file
View File

@ -0,0 +1,7 @@
from __future__ import unicode_literals
from django.apps import AppConfig
class MarketServiceConfig(AppConfig):
name = 'market'

59
services/modules/market/auth_hooks.py Normal file
View File

@ -0,0 +1,59 @@
from __future__ import unicode_literals
from django.conf import settings
from django.template.loader import render_to_string
from services.hooks import ServicesHook
from alliance_auth import hooks
from .urls import urlpatterns
from .tasks import MarketTasks
import logging
logger = logging.getLogger(__name__)
class MarketService(ServicesHook):
def __init__(self):
ServicesHook.__init__(self)
self.name = 'market'
self.urlpatterns = urlpatterns
self.service_url = settings.MARKET_URL
@property
def title(self):
return "Alliance Market"
def delete_user(self, user, notify_user=False):
logger.debug('Deleting user %s %s account' % (user, self.name))
return MarketTasks.delete_user(user, notify_user=notify_user)
def validate_user(self, user):
logger.debug('Validating user %s %s account' % (user, self.name))
if MarketTasks.has_account(user) and self.service_active_for_user(user):
self.delete_user(user)
def service_enabled_members(self):
return settings.ENABLE_AUTH_MARKET or False
def service_enabled_blues(self):
return settings.ENABLE_BLUE_MARKET or False
def render_services_ctrl(self, request):
urls = self.Urls()
urls.auth_activate = 'auth_activate_market'
urls.auth_deactivate = 'auth_deactivate_market'
urls.auth_reset_password = 'auth_reset_market_password'
urls.auth_set_password = 'auth_set_market_password'
return render_to_string(self.service_ctrl_template, {
'service_name': self.title,
'urls': urls,
'service_url': self.service_url,
'username': request.user.market.username if MarketTasks.has_account(request.user) else ''
}, request=request)
@hooks.register('services_hook')
def register_service():
return MarketService()

108
services/managers/market_manager.py → services/modules/market/manager.py
View File

@ -1,6 +1,8 @@
from __future__ import unicode_literals
import logging
import os
import random
import string
import re
from django.db import connections
from passlib.hash import bcrypt
@ -10,7 +12,7 @@ from passlib.hash import bcrypt
logger = logging.getLogger(__name__)
class marketManager:
class MarketManager:
def __init__(self):
pass
@ -32,13 +34,23 @@ class marketManager:
@staticmethod
def __generate_random_pass():
return os.urandom(8).encode('hex')
return ''.join([random.choice(string.ascii_letters + string.digits) for n in range(16)])
@staticmethod
def check_username(username):
def _gen_pwhash(password):
return bcrypt.encrypt(password.encode('utf-8'), rounds=13)
@staticmethod
def _get_salt(pw_hash):
search = re.compile(r"^\$2[a-z]?\$([0-9]+)\$(.{22})(.{31})$")
match = re.match(search, pw_hash)
return match.group(2)
@classmethod
def check_username(cls, username):
logger.debug("Checking alliance market username %s" % username)
cursor = connections['market'].cursor()
cursor.execute(marketManager.SQL_CHECK_USERNAME, [marketManager.__santatize_username(username)])
cursor.execute(cls.SQL_CHECK_USERNAME, [cls.__santatize_username(username)])
row = cursor.fetchone()
if row:
logger.debug("Found user %s on alliance market" % username)
@ -46,11 +58,11 @@ class marketManager:
logger.debug("User %s not found on alliance market" % username)
return False
@staticmethod
def check_user_email(username, email):
@classmethod
def check_user_email(cls, username, email):
logger.debug("Checking if alliance market email exists for user %s" % username)
cursor = connections['market'].cursor()
cursor.execute(marketManager.SQL_CHECK_EMAIL, [email])
cursor.execute(cls.SQL_CHECK_EMAIL, [email])
row = cursor.fetchone()
if row:
logger.debug("Found user %s email address on alliance market" % username)
@ -58,21 +70,19 @@ class marketManager:
logger.debug("User %s email address not found on alliance market" % username)
return False
@staticmethod
def add_user(username, email, characterid, charactername):
@classmethod
def add_user(cls, username, email, characterid, charactername):
logger.debug("Adding new market user %s" % username)
plain_password = marketManager.__generate_random_pass()
hash = bcrypt.encrypt(plain_password, rounds=13)
hash_result = hash
rounds_striped = hash_result.strip('$2a$13$')
salt = rounds_striped[:22]
username_clean = marketManager.__santatize_username(username)
if not marketManager.check_username(username):
if not marketManager.check_user_email(username, email):
plain_password = cls.__generate_random_pass()
hash = cls._gen_pwhash(plain_password)
salt = cls._get_salt(hash)
username_clean = cls.__santatize_username(username)
if not cls.check_username(username):
if not cls.check_user_email(username, email):
try:
logger.debug("Adding user %s to alliance market" % username)
cursor = connections['market'].cursor()
cursor.execute(marketManager.SQL_ADD_USER, [username_clean, username_clean, email, email, salt,
cursor.execute(cls.SQL_ADD_USER, [username_clean, username_clean, email, email, salt,
hash, characterid, charactername])
return username_clean, plain_password
except:
@ -80,65 +90,59 @@ class marketManager:
return "", ""
else:
logger.debug("Alliance market email %s already exists Updating instead" % email)
username_clean, password = marketManager.update_user_info(username)
username_clean, password = cls.update_user_info(username)
return username_clean, password
else:
logger.debug("Alliance market username %s already exists Updating instead" % username)
username_clean, password = marketManager.update_user_info(username)
username_clean, password = cls.update_user_info(username)
return username_clean, password
@staticmethod
def disable_user(username):
@classmethod
def disable_user(cls, username):
logger.debug("Disabling alliance market user %s " % username)
cursor = connections['market'].cursor()
cursor.execute(marketManager.SQL_DISABLE_USER, [username])
cursor.execute(cls.SQL_DISABLE_USER, [username])
return True
@staticmethod
def update_custom_password(username, plain_password):
@classmethod
def update_custom_password(cls, username, plain_password):
logger.debug("Updating alliance market user %s password" % username)
if marketManager.check_username(username):
username_clean = marketManager.__santatize_username(username)
hash = bcrypt.encrypt(plain_password, rounds=13)
hash_result = hash
rounds_striped = hash_result.strip('$2a$13$')
salt = rounds_striped[:22]
if cls.check_username(username):
username_clean = cls.__santatize_username(username)
hash = cls._gen_pwhash(plain_password)
salt = cls._get_salt(hash)
cursor = connections['market'].cursor()
cursor.execute(marketManager.SQL_UPDATE_PASSWORD, [hash, salt, username_clean])
cursor.execute(cls.SQL_UPDATE_PASSWORD, [hash, salt, username_clean])
return plain_password
else:
logger.error("Unable to update alliance market user %s password" % username)
return ""
@staticmethod
def update_user_password(username):
@classmethod
def update_user_password(cls, username):
logger.debug("Updating alliance market user %s password" % username)
if marketManager.check_username(username):
username_clean = marketManager.__santatize_username(username)
plain_password = marketManager.__generate_random_pass()
hash = bcrypt.encrypt(plain_password, rounds=13)
hash_result = hash
rounds_striped = hash_result.strip('$2a$13$')
salt = rounds_striped[:22]
if cls.check_username(username):
username_clean = cls.__santatize_username(username)
plain_password = cls.__generate_random_pass()
hash = cls._gen_pwhash(plain_password)
salt = cls._get_salt(hash)
cursor = connections['market'].cursor()
cursor.execute(marketManager.SQL_UPDATE_PASSWORD, [hash, salt, username_clean])
cursor.execute(cls.SQL_UPDATE_PASSWORD, [hash, salt, username_clean])
return plain_password
else:
logger.error("Unable to update alliance market user %s password" % username)
return ""
@staticmethod
def update_user_info(username):
@classmethod
def update_user_info(cls, username):
logger.debug("Updating alliance market user %s" % username)
try:
username_clean = marketManager.__santatize_username(username)
plain_password = marketManager.__generate_random_pass()
hash = bcrypt.encrypt(plain_password, rounds=13)
hash_result = hash
rounds_striped = hash_result.strip('$2a$13$')
salt = rounds_striped[:22]
username_clean = cls.__santatize_username(username)
plain_password = cls.__generate_random_pass()
hash = cls._gen_pwhash(plain_password)
salt = cls._get_salt(hash)
cursor = connections['market'].cursor()
cursor.execute(marketManager.SQL_UPDATE_USER, [hash, salt, username_clean])
cursor.execute(cls.SQL_UPDATE_USER, [hash, salt, username_clean])
return username_clean, plain_password
except:
logger.debug("Alliance market update user failed for %s" % username)

26
services/modules/market/migrations/0001_initial.py Normal file
View File

@ -0,0 +1,26 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.10.2 on 2016-12-12 03:27
from __future__ import unicode_literals
from django.conf import settings
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
initial = True
dependencies = [
('auth', '0008_alter_user_username_max_length'),
]
operations = [
migrations.CreateModel(
name='MarketUser',
fields=[
('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, primary_key=True, related_name='market', serialize=False, to=settings.AUTH_USER_MODEL)),
('username', models.CharField(max_length=254)),
],
),
]

0
services/modules/market/migrations/__init__.py Normal file
View File

16
services/modules/market/models.py Normal file
View File

@ -0,0 +1,16 @@
from __future__ import unicode_literals
from django.utils.encoding import python_2_unicode_compatible
from django.contrib.auth.models import User
from django.db import models
@python_2_unicode_compatible
class MarketUser(models.Model):
user = models.OneToOneField(User,
primary_key=True,
on_delete=models.CASCADE,
related_name='market')
username = models.CharField(max_length=254)
def __str__(self):
return self.username

44
services/modules/market/tasks.py Normal file
View File

@ -0,0 +1,44 @@
from __future__ import unicode_literals
from django.conf import settings
from django.core.exceptions import ObjectDoesNotExist
from notifications import notify
from .models import MarketUser
from .manager import MarketManager
import logging
logger = logging.getLogger(__name__)
class MarketTasks:
def __init__(self):
pass
@classmethod
def delete_user(cls, user, notify_user=False):
if cls.has_account(user):
logger.debug("User %s has a Market account %s. Deleting." % (user, user.market.username))
if MarketManager.disable_user(user.market.username):
user.market.delete()
if notify_user:
notify(user, 'Alliance Market Account Disabled', level='danger')
return True
return False
@staticmethod
def has_account(user):
try:
return user.market.username != ''
except ObjectDoesNotExist:
return False
@staticmethod
def disable():
if settings.ENABLE_AUTH_MARKET:
logger.warn("ENABLE_AUTH_MARKET still True, after disabling users will still be able to activate Market accounts")
if settings.ENABLE_BLUE_MARKET:
logger.warn("ENABLE_BLUE_MARKET still True, after disabling blues will still be able to activate Market accounts")
MarketUser.objects.all().delete()

176
services/modules/market/tests.py Normal file
View File

@ -0,0 +1,176 @@
from __future__ import unicode_literals
try:
# Py3
from unittest import mock
except ImportError:
# Py2
import mock
from django.test import TestCase, RequestFactory
from django.conf import settings
from django import urls
from django.contrib.auth.models import User
from django.core.exceptions import ObjectDoesNotExist
from alliance_auth.tests.auth_utils import AuthUtils
from .auth_hooks import MarketService
from .models import MarketUser
from .tasks import MarketTasks
MODULE_PATH = 'services.modules.market'
class MarketHooksTestCase(TestCase):
def setUp(self):
self.member = 'member_user'
member = AuthUtils.create_member(self.member)
MarketUser.objects.create(user=member, username=self.member)
self.blue = 'blue_user'
blue = AuthUtils.create_blue(self.blue)
MarketUser.objects.create(user=blue, username=self.blue)
self.none_user = 'none_user'
none_user = AuthUtils.create_user(self.none_user)
self.service = MarketService
def test_has_account(self):
member = User.objects.get(username=self.member)
blue = User.objects.get(username=self.blue)
none_user = User.objects.get(username=self.none_user)
self.assertTrue(MarketTasks.has_account(member))
self.assertTrue(MarketTasks.has_account(blue))
self.assertFalse(MarketTasks.has_account(none_user))
def test_service_enabled(self):
service = self.service()
member = User.objects.get(username=self.member)
blue = User.objects.get(username=self.blue)
none_user = User.objects.get(username=self.none_user)
self.assertTrue(service.service_enabled_members())
self.assertTrue(service.service_enabled_blues())
self.assertEqual(service.service_active_for_user(member), settings.ENABLE_AUTH_MARKET)
self.assertEqual(service.service_active_for_user(blue), settings.ENABLE_BLUE_MARKET)
self.assertFalse(service.service_active_for_user(none_user))
@mock.patch(MODULE_PATH + '.tasks.MarketManager')
def test_delete_user(self, manager):
member = User.objects.get(username=self.member)
service = self.service()
result = service.delete_user(member)
self.assertTrue(result)
self.assertTrue(manager.disable_user.called)
with self.assertRaises(ObjectDoesNotExist):
market_user = User.objects.get(username=self.member).market
def test_render_services_ctrl(self):
service = self.service()
member = User.objects.get(username=self.member)
request = RequestFactory().get('/en/services/')
request.user = member
response = service.render_services_ctrl(request)
self.assertTemplateUsed(service.service_ctrl_template)
self.assertIn(urls.reverse('auth_set_market_password'), response)
self.assertIn(urls.reverse('auth_reset_market_password'), response)
self.assertIn(urls.reverse('auth_deactivate_market'), response)
# Test register becomes available
member.market.delete()
member = User.objects.get(username=self.member)
request.user = member
response = service.render_services_ctrl(request)
self.assertIn(urls.reverse('auth_activate_market'), response)
class MarketViewsTestCase(TestCase):
def setUp(self):
self.member = AuthUtils.create_member('auth_member')
self.member.set_password('password')
self.member.email = 'auth_member@example.com'
self.member.save()
AuthUtils.add_main_character(self.member, 'auth_member', '12345', corp_id='111', corp_name='Test Corporation')
def login(self):
self.client.login(username=self.member.username, password='password')
@mock.patch(MODULE_PATH + '.views.MarketManager')
def test_activate(self, manager):
self.login()
expected_username = 'auth_member'
expected_password = 'password'
expected_id = '1234'
manager.add_user.return_value = (expected_username, expected_password, expected_id)
response = self.client.get(urls.reverse('auth_activate_market'), follow=False)
self.assertTrue(manager.add_user.called)
args, kwargs = manager.add_user.call_args
self.assertEqual(args[0], expected_username)
self.assertEqual(args[1], self.member.email)
self.assertTemplateUsed(response, 'registered/service_credentials.html')
self.assertContains(response, expected_username)
self.assertContains(response, expected_password)
@mock.patch(MODULE_PATH + '.tasks.MarketManager')
def test_deactivate(self, manager):
self.login()
MarketUser.objects.create(user=self.member, username='12345')
manager.disable_user.return_value = True
response = self.client.get(urls.reverse('auth_deactivate_market'))
self.assertTrue(manager.disable_user.called)
self.assertRedirects(response, expected_url=urls.reverse('auth_services'), target_status_code=200)
with self.assertRaises(ObjectDoesNotExist):
market_user = User.objects.get(pk=self.member.pk).market
@mock.patch(MODULE_PATH + '.views.MarketManager')
def test_set_password(self, manager):
self.login()
MarketUser.objects.create(user=self.member, username='12345')
expected_password = 'password'
manager.update_user_password.return_value = expected_password
response = self.client.post(urls.reverse('auth_set_market_password'), data={'password': expected_password})
self.assertTrue(manager.update_custom_password.called)
args, kwargs = manager.update_custom_password.call_args
self.assertEqual(args[1], expected_password)
self.assertRedirects(response, expected_url=urls.reverse('auth_services'), target_status_code=200)
@mock.patch(MODULE_PATH + '.views.MarketManager')
def test_reset_password(self, manager):
self.login()
MarketUser.objects.create(user=self.member, username='12345')
response = self.client.get(urls.reverse('auth_reset_market_password'))
self.assertTrue(manager.update_user_password.called)
self.assertTemplateUsed(response, 'registered/service_credentials.html')
class MarketManagerTestCase(TestCase):
def setUp(self):
from .manager import MarketManager
self.manager = MarketManager
def test_generate_random_password(self):
password = self.manager._MarketManager__generate_random_pass()
self.assertEqual(len(password), 16)
self.assertIsInstance(password, type(''))
def test_gen_pwhash(self):
pwhash = self.manager._gen_pwhash('test')
salt = self.manager._get_salt(pwhash)
self.assertIsInstance(pwhash, str)
self.assertGreaterEqual(len(pwhash), 59)
self.assertIsInstance(salt, str)
self.assertEqual(len(salt), 22)

16
services/modules/market/urls.py Normal file
View File

@ -0,0 +1,16 @@
from __future__ import unicode_literals
from django.conf.urls import url, include
from . import views
module_urls = [
# Alliance Market Control
url(r'^activate/$', views.activate_market, name='auth_activate_market'),
url(r'^deactivate/$', views.deactivate_market, name='auth_deactivate_market'),
url(r'^reset_password/$', views.reset_market_password, name='auth_reset_market_password'),
url(r'^set_password/$', views.set_market_password, name='auth_set_market_password'),
]
urlpatterns = [
url(r'^market/', include(module_urls))
]

107
services/modules/market/views.py Normal file
View File

@ -0,0 +1,107 @@
from __future__ import unicode_literals
from django.contrib import messages
from django.contrib.auth.decorators import login_required
from django.shortcuts import render, redirect
from authentication.decorators import members_and_blues
from services.forms import ServicePasswordForm
from eveonline.managers import EveManager
from .manager import MarketManager
from .models import MarketUser
from .tasks import MarketTasks
import logging
logger = logging.getLogger(__name__)
@login_required
@members_and_blues()
def activate_market(request):
logger.debug("activate_market called by user %s" % request.user)
character = EveManager.get_main_character(request.user)
if character is not None:
logger.debug("Adding market user for user %s with main character %s" % (request.user, character))
result = MarketManager.add_user(character.character_name, request.user.email, character.character_id,
character.character_name)
# if empty we failed
if result[0] != "":
MarketUser.objects.create(user=request.user, username=result[0])
logger.debug("Updated authserviceinfo for user %s with market credentials." % request.user)
logger.info("Successfully activated market for user %s" % request.user)
messages.success(request, 'Activated Alliance Market account.')
credentials = {
'username': result[0],
'password': result[1],
}
return render(request, 'registered/service_credentials.html',
context={'credentials': credentials, 'service': 'Alliance Market'})
logger.error("Unsuccessful attempt to activate market for user %s" % request.user)
messages.error(request, 'An error occurred while processing your Alliance Market account.')
return redirect("auth_services")
@login_required
@members_and_blues()
def deactivate_market(request):
logger.debug("deactivate_market called by user %s" % request.user)
# false we failed
if MarketTasks.delete_user(request.user):
logger.info("Successfully deactivated market for user %s" % request.user)
messages.success(request, 'Deactivated Alliance Market account.')
else:
logger.error("Unsuccessful attempt to activate market for user %s" % request.user)
messages.error(request, 'An error occurred while processing your Alliance Market account.')
return redirect("auth_services")
@login_required
@members_and_blues()
def reset_market_password(request):
logger.debug("reset_market_password called by user %s" % request.user)
if MarketTasks.has_account(request.user):
result = MarketManager.update_user_password(request.user.market.username)
# false we failed
if result != "":
logger.info("Successfully reset market password for user %s" % request.user)
messages.success(request, 'Reset Alliance Market password.')
credentials = {
'username': request.user.market.username,
'password': result,
}
return render(request, 'registered/service_credentials.html',
context={'credentials': credentials, 'service': 'Alliance Market'})
logger.error("Unsuccessful attempt to reset market password for user %s" % request.user)
messages.error(request, 'An error occurred while processing your Alliance Market account.')
return redirect("auth_services")
@login_required
@members_and_blues()
def set_market_password(request):
logger.debug("set_market_password called by user %s" % request.user)
if request.method == 'POST':
logger.debug("Received POST request with form.")
form = ServicePasswordForm(request.POST)
logger.debug("Form is valid: %s" % form.is_valid())
if form.is_valid() and MarketTasks.has_account(request.user):
password = form.cleaned_data['password']
logger.debug("Form contains password of length %s" % len(password))
result = MarketManager.update_custom_password(request.user.market.username, password)
if result != "":
logger.info("Successfully reset market password for user %s" % request.user)
messages.success(request, 'Set Alliance Market password.')
else:
logger.error("Failed to install custom market password for user %s" % request.user)
messages.error(request, 'An error occurred while processing your Alliance Market account.')
return redirect("auth_services")
else:
logger.debug("Request is not type POST - providing empty form.")
form = ServicePasswordForm()
logger.debug("Rendering form for user %s" % request.user)
context = {'form': form, 'service': 'Market'}
return render(request, 'registered/service_password.html', context=context)

0
services/modules/mumble/__init__.py Normal file
View File

11
services/modules/mumble/admin.py Normal file
View File

@ -0,0 +1,11 @@
from __future__ import unicode_literals
from django.contrib import admin
from .models import MumbleUser
class MumbleUserAdmin(admin.ModelAdmin):
fields = ('user', 'username', 'groups') # pwhash is hidden from admin panel
list_display = ('user', 'username', 'groups')
search_fields = ('user__username', 'username', 'groups')
admin.site.register(MumbleUser, MumbleUserAdmin)

7
services/modules/mumble/apps.py Normal file
View File

@ -0,0 +1,7 @@
from __future__ import unicode_literals
from django.apps import AppConfig
class MumbleServiceConfig(AppConfig):
name = 'mumble'

68
services/modules/mumble/auth_hooks.py Normal file
View File

@ -0,0 +1,68 @@
from __future__ import unicode_literals
from django.template.loader import render_to_string
from django.conf import settings
from notifications import notify
from alliance_auth import hooks
from services.hooks import ServicesHook
from .tasks import MumbleTasks
from .manager import MumbleManager
from .urls import urlpatterns
import logging
logger = logging.getLogger(__name__)
class MumbleService(ServicesHook):
def __init__(self):
ServicesHook.__init__(self)
self.name = 'mumble'
self.urlpatterns = urlpatterns
self.service_url = settings.MUMBLE_URL
def delete_user(self, user, notify_user=False):
logging.debug("Deleting user %s %s account" % (user, self.name))
if MumbleManager.delete_user(user):
if notify_user:
notify(user, 'Mumble Account Disabled', level='danger')
return True
return False
def update_groups(self, user):
logger.debug("Updating %s groups for %s" % (self.name, user))
if MumbleTasks.has_account(user):
MumbleTasks.update_groups.delay(user.pk)
def validate_user(self, user):
if MumbleTasks.has_account(user) and not self.service_active_for_user(user):
self.delete_user(user, notify_user=True)
def update_all_groups(self):
logger.debug("Updating all %s groups" % self.name)
MumbleTasks.update_all_groups.delay()
def service_enabled_members(self):
return settings.ENABLE_AUTH_MUMBLE or False
def service_enabled_blues(self):
return settings.ENABLE_BLUE_MUMBLE or False
def render_services_ctrl(self, request):
urls = self.Urls()
urls.auth_activate = 'auth_activate_mumble'
urls.auth_deactivate = 'auth_deactivate_mumble'
urls.auth_reset_password = 'auth_reset_mumble_password'
urls.auth_set_password = 'auth_set_mumble_password'
return render_to_string(self.service_ctrl_template, {
'service_name': self.title,
'urls': urls,
'service_url': self.service_url,
'username': request.user.mumble.username if MumbleTasks.has_account(request.user) else '',
}, request=request)
@hooks.register('services_hook')
def register_mumble_service():
return MumbleService()

105
services/modules/mumble/manager.py Executable file
View File

@ -0,0 +1,105 @@
from __future__ import unicode_literals
import random
import string
import hashlib
from django.core.exceptions import ObjectDoesNotExist
from .models import MumbleUser
import logging
logger = logging.getLogger(__name__)
class MumbleManager:
def __init__(self):
pass
@staticmethod
def __santatize_username(username):
sanatized = username.replace(" ", "_")
return sanatized
@staticmethod
def __generate_random_pass():
return ''.join([random.choice(string.ascii_letters + string.digits) for n in range(16)])
@staticmethod
def __generate_username(username, corp_ticker):
return "[" + corp_ticker + "]" + username
@staticmethod
def __generate_username_blue(username, corp_ticker):
return "[BLUE][" + corp_ticker + "]" + username
@staticmethod
def _gen_pwhash(password):
return hashlib.sha1(password.encode('utf-8')).hexdigest()
@staticmethod
def create_user(user, corp_ticker, username, blue=False):
logger.debug("Creating%s mumble user with username %s and ticker %s" % (' blue' if blue else '',
username, corp_ticker))
username_clean = MumbleManager.__santatize_username(
MumbleManager.__generate_username_blue(username, corp_ticker) if blue else
MumbleManager.__generate_username(username, corp_ticker))
password = MumbleManager.__generate_random_pass()
pwhash = MumbleManager._gen_pwhash(password)
logger.debug("Proceeding with mumble user creation: clean username %s, pwhash starts with %s" % (
username_clean, pwhash[0:5]))
if not MumbleUser.objects.filter(username=username_clean).exists():
logger.info("Creating mumble user %s" % username_clean)
MumbleUser.objects.create(user=user, username=username_clean, pwhash=pwhash)
return username_clean, password
else:
logger.warn("Mumble user %s already exists.")
return False
@staticmethod
def delete_user(user):
logger.debug("Deleting user %s from mumble." % user)
if MumbleUser.objects.filter(user=user).exists():
MumbleUser.objects.filter(user=user).delete()
logger.info("Deleted user %s from mumble" % user)
return True
logger.error("Unable to delete user %s from mumble: MumbleUser model not found" % user)
return False
@staticmethod
def update_user_password(user, password=None):
logger.debug("Updating mumble user %s password." % user)
if not password:
password = MumbleManager.__generate_random_pass()
pwhash = MumbleManager._gen_pwhash(password)
logger.debug("Proceeding with mumble user %s password update - pwhash starts with %s" % (user, pwhash[0:5]))
try:
model = MumbleUser.objects.get(user=user)
model.pwhash = pwhash
model.save()
return password
except ObjectDoesNotExist:
logger.error("User %s not found on mumble. Unable to update password." % user)
return False
@staticmethod
def update_groups(user, groups):
logger.debug("Updating mumble user %s groups %s" % (user, groups))
safe_groups = list(set([g.replace(' ', '-') for g in groups]))
groups = ''
for g in safe_groups:
groups = groups + g + ','
groups = groups.strip(',')
if MumbleUser.objects.filter(user=user).exists():
logger.info("Updating mumble user %s groups to %s" % (user, safe_groups))
model = MumbleUser.objects.get(user=user)
model.groups = groups
model.save()
return True
else:
logger.error("User %s not found on mumble. Unable to update groups." % user)
return False
@staticmethod
def user_exists(username):
return MumbleUser.objects.filter(username=username).exists()

Some files were not shown because too many files have changed in this diff Show More