diff --git a/fas/fas/auth.py b/fas/fas/auth.py index 8892404..c3484be 100644 --- a/fas/fas/auth.py +++ b/fas/fas/auth.py @@ -1,10 +1,5 @@ from turbogears import config -#from fas.fasLDAP import UserAccount -#from fas.fasLDAP import Person -#from fas.fasLDAP import Groups -#from fas.fasLDAP import UserGroup - from fas.model import Groups from fas.model import PersonRoles from fas.model import People diff --git a/fas/fas/cla.py b/fas/fas/cla.py index 44ad841..25a09cf 100644 --- a/fas/fas/cla.py +++ b/fas/fas/cla.py @@ -2,7 +2,6 @@ import turbogears from turbogears import controllers, expose, paginate, identity, redirect, widgets, validate, validators, error_handler from turbogears.database import session -import ldap import cherrypy from datetime import datetime @@ -10,17 +9,8 @@ import re import gpgme import StringIO -import fas.fasLDAP - -from fas.fasLDAP import UserAccount -from fas.fasLDAP import Person -from fas.fasLDAP import Groups -from fas.fasLDAP import UserGroup - from fas.auth import * -from fas.user import knownUser, usernameExists - class CLA(controllers.Controller): def __init__(self): diff --git a/fas/fas/controllers.py b/fas/fas/controllers.py index 8d35d34..c43a77e 100644 --- a/fas/fas/controllers.py +++ b/fas/fas/controllers.py @@ -2,15 +2,10 @@ from turbogears import controllers, expose, config from model import * from turbogears import identity, redirect, widgets, validate, validators, error_handler from cherrypy import request, response -#from fas.fasLDAP import UserAccount -#from fas.fasLDAP import Person -#from fas.fasLDAP import Groups -##from fas.fasLDAP import UserGroup + from turbogears import exception_handler import turbogears -import ldap import time -from operator import itemgetter from fas.user import User from fas.group import Group @@ -18,8 +13,6 @@ from fas.cla import CLA from fas.json_request import JsonRequest #from fas.openid_fas import OpenID -from fas.auth import isAdmin, canAdminGroup, canSponsorGroup, canEditUser - import os import sys reload(sys) @@ -45,6 +38,7 @@ class Root(controllers.RootController): json = JsonRequest() # openid = OpenID() + # TODO: Find a better place for this. os.environ['GNUPGHOME'] = config.get('gpghome') @expose(template="fas.templates.welcome") diff --git a/fas/fas/group.py b/fas/fas/group.py index 5de12db..d204804 100644 --- a/fas/fas/group.py +++ b/fas/fas/group.py @@ -2,25 +2,17 @@ import turbogears from turbogears import controllers, expose, paginate, identity, redirect, widgets, validate, validators, error_handler from turbogears.database import session -import ldap import cherrypy -import fas.fasLDAP - -#from fas.fasLDAP import UserAccount -#from fas.fasLDAP import Person -#from fas.fasLDAP import Groups -#from fas.fasLDAP import UserGroup - from fas.auth import * -from fas.user import knownUser, usernameExists +from fas.user import KnownUser from textwrap import dedent import re -class knownGroup(validators.FancyValidator): +class KnownGroup(validators.FancyValidator): '''Make sure that a group already exists''' def _to_python(self, value, state): return value.strip() @@ -30,7 +22,7 @@ class knownGroup(validators.FancyValidator): except InvalidRequestError: raise validators.Invalid(_("The group '%s' does not exist.") % value, value, state) -class unknownGroup(validators.FancyValidator): +class UnknownGroup(validators.FancyValidator): '''Make sure that a group doesn't already exist''' def _to_python(self, value, state): return value.strip() @@ -42,29 +34,48 @@ class unknownGroup(validators.FancyValidator): else: raise validators.Invalid(_("The group '%s' already exists.") % value, value, state) -class createGroup(validators.Schema): - name = validators.All(unknownGroup(not_empty=True, max=10), validators.String(max=32, min=3)) +class GroupCreate(validators.Schema): + name = validators.All(UnknownGroup(not_empty=True, max=10), validators.String(max=32, min=3)) display_name = validators.NotEmpty owner = validators.All(knownUser(not_empty=True, max=10), validators.String(max=32, min=3)) - prerequisite = knownGroup + prerequisite = KnownGroup #group_type = something -class editGroup(validators.Schema): - groupname = validators.All(knownGroup(not_empty=True, max=10), validators.String(max=32, min=3)) +class GroupSave(validators.Schema): + groupname = validators.All(KnownGroup(not_empty=True, max=10), validators.String(max=32, min=3)) display_name = validators.NotEmpty owner = validators.All(knownUser(not_empty=True, max=10), validators.String(max=32, min=3)) - prerequisite = knownGroup + prerequisite = KnownGroup #group_type = something -class usernameGroupnameExists(validators.Schema): - groupname = validators.All(knownGroup(not_empty=True, max=10), validators.String(max=32, min=3)) - targetname = validators.All(knownUser(not_empty=True, max=10), validators.String(max=32, min=3)) +class GroupApply(validators.Schema): + groupname = KnownGroup() + targetname = KnownUser() -class groupnameExists(validators.Schema): - groupname = validators.All(knownGroup(not_empty=True, max=10), validators.String(max=32, min=3)) +class GroupSponsor(validators.Schema): + groupname = KnownGroup() + targetname = KnownUser() -class groupInvite(validators.Schema): - groupname = validators.All(knownGroup(not_empty=True, max=10), validators.String(max=32, min=3)) +class GroupRemove(validators.Schema): + groupname = KnownGroup() + targetname = KnownUser() + +class GroupUpgrade(validators.Schema): + groupname = KnownGroup() + targetname = KnownUser() + +class GroupDowngrade(validators.Schema): + groupname = KnownGroup() + targetname = KnownUser() + +class GroupView(validators.Schema): + groupname = KnownGroup() + +class GroupEdit(validators.Schema): + groupname = KnownGroup() + +class GroupInvite(validators.Schema): + groupname = KnownGroup() target = validators.Email(not_empty=True, strip=True), #class findUser(widgets.WidgetsList): @@ -112,7 +123,7 @@ class Group(controllers.Controller): return dict(users=users, groups=groups) @identity.require(turbogears.identity.not_anonymous()) - @validate(validators=groupnameExists()) + @validate(validators=GroupView()) @error_handler(error) @expose(template="fas.templates.group.view") def view(self, groupname): @@ -141,7 +152,7 @@ class Group(controllers.Controller): return dict() @identity.require(turbogears.identity.not_anonymous()) - @validate(validators=createGroup()) + @validate(validators=GroupCreate()) @error_handler(error) @expose(template="fas.templates.group.new") def create(self, name, display_name, owner, group_type, needs_sponsor=0, user_can_remove=1, prerequisite='', joinmsg=''): @@ -187,7 +198,7 @@ class Group(controllers.Controller): return dict() @identity.require(turbogears.identity.not_anonymous()) - @validate(validators=groupnameExists()) + @validate(validators=GroupEdit()) @error_handler(error) @expose(template="fas.templates.group.edit") def edit(self, groupname): @@ -202,7 +213,7 @@ class Group(controllers.Controller): return dict(group=group) @identity.require(turbogears.identity.not_anonymous()) - @validate(validators=editGroup()) + @validate(validators=GroupSave()) @error_handler(error) @expose(template="fas.templates.group.edit") def save(self, groupname, display_name, owner, group_type, needs_sponsor=0, user_can_remove=1, prerequisite='', joinmsg=''): @@ -252,7 +263,7 @@ class Group(controllers.Controller): return dict(groups=groups, search=search) @identity.require(turbogears.identity.not_anonymous()) - @validate(validators=usernameGroupnameExists()) + @validate(validators=GroupApply()) @error_handler(error) @expose(template='fas.templates.group.view') def apply(self, groupname, targetname=None): @@ -297,7 +308,7 @@ class Group(controllers.Controller): return dict() @identity.require(turbogears.identity.not_anonymous()) - @validate(validators=usernameGroupnameExists()) + @validate(validators=GroupSponsor()) @error_handler(error) @expose(template='fas.templates.group.view') def sponsor(self, groupname, targetname): @@ -333,7 +344,7 @@ class Group(controllers.Controller): return dict() @identity.require(turbogears.identity.not_anonymous()) - @validate(validators=usernameGroupnameExists()) + @validate(validators=GroupRemove()) @error_handler(error) @expose(template='fas.templates.group.view') def remove(self, groupname, targetname): @@ -371,7 +382,7 @@ class Group(controllers.Controller): return dict() @identity.require(turbogears.identity.not_anonymous()) - @validate(validators=usernameGroupnameExists()) + @validate(validators=GroupUpgrade()) @error_handler(error) @expose(template='fas.templates.group.view') def upgrade(self, groupname, targetname): @@ -412,7 +423,7 @@ class Group(controllers.Controller): return dict() @identity.require(turbogears.identity.not_anonymous()) - @validate(validators=usernameGroupnameExists()) + @validate(validators=GroupDowngrade()) @error_handler(error) @expose(template='fas.templates.group.view') def downgrade(self, groupname, targetname): diff --git a/fas/fas/json_request.py b/fas/fas/json_request.py index 6455528..29327df 100644 --- a/fas/fas/json_request.py +++ b/fas/fas/json_request.py @@ -2,16 +2,8 @@ import turbogears from turbogears import controllers, expose, paginate, identity, redirect, widgets, validate, validators, error_handler from turbogears.database import session -import ldap import cherrypy -import fas.fasLDAP - -#from fas.fasLDAP import UserAccount -#from fas.fasLDAP import Person -#from fas.fasLDAP import Groups -#from fas.fasLDAP import UserGroup - from fas.auth import * from fas.user import knownUser, usernameExists diff --git a/fas/fas/openid_fas.py b/fas/fas/openid_fas.py index 5fbdd22..2b5e43e 100644 --- a/fas/fas/openid_fas.py +++ b/fas/fas/openid_fas.py @@ -2,20 +2,13 @@ import turbogears from turbogears import controllers, expose, paginate, identity, redirect, widgets, validate, validators, error_handler, config from cherrypy import session -import ldap import cherrypy -import fas.fasLDAP from openid.server.server import Server as OpenIDServer from openid.server.server import BROWSER_REQUEST_MODES from openid.server.server import OPENID_PREFIX from openid.store.filestore import FileOpenIDStore -from fas.fasLDAP import UserAccount -from fas.fasLDAP import Person -from fas.fasLDAP import Groups -from fas.fasLDAP import UserGroup - from fas.auth import * from fas.user import knownUser, userNameExists diff --git a/fas/fas/user.py b/fas/fas/user.py index f38d4b9..008c265 100644 --- a/fas/fas/user.py +++ b/fas/fas/user.py @@ -3,8 +3,6 @@ from turbogears import controllers, expose, paginate, identity, redirect, widget from turbogears.database import session import cherrypy -import ldap - import os import re import gpgme @@ -22,7 +20,7 @@ import sha from base64 import b64encode -class knownUser(validators.FancyValidator): +class KnownUser(validators.FancyValidator): '''Make sure that a user already exists''' def _to_python(self, value, state): return value.strip() @@ -32,7 +30,7 @@ class knownUser(validators.FancyValidator): except InvalidRequestError: raise validators.Invalid(_("'%s' does not exist.") % value, value, state) -class nonFedoraEmail(validators.FancyValidator): +class NonFedoraEmail(validators.FancyValidator): '''Make sure that an email address is not @fedoraproject.org''' def _to_python(self, value, state): return value.strip() @@ -40,7 +38,7 @@ class nonFedoraEmail(validators.FancyValidator): if value.endswith('@fedoraproject.org'): raise validators.Invalid(_("To prevent email loops, your email address cannot be @fedoraproject.org."), value, state) -class unknownUser(validators.FancyValidator): +class UnknownUser(validators.FancyValidator): '''Make sure that a user doesn't already exist''' def _to_python(self, value, state): return value.strip() @@ -54,7 +52,7 @@ class unknownUser(validators.FancyValidator): raise validators.Invalid(_("'%s' already exists.") % value, value, state) -class usernameAllowed(validators.FancyValidator): +class ValidUsername(validators.FancyValidator): '''Make sure that a username isn't blacklisted''' def _to_python(self, value, state): return value.strip() @@ -63,40 +61,43 @@ class usernameAllowed(validators.FancyValidator): if re.compile(username_blacklist).match(value): raise validators.Invalid(_("'%s' is an illegal username.") % value, value, state) -class editUser(validators.Schema): - targetname = validators.All(knownUser(not_empty=True, max=32), validators.String(max=32, min=3)) +class UserSave(validators.Schema): + targetname = KnownUser() human_name = validators.String(not_empty=True, max=42) #mail = validators.All( # validators.Email(not_empty=True, strip=True, max=128), - # nonFedoraEmail(not_empty=True, strip=True, max=128), + # NonFedoraEmail(not_empty=True, strip=True, max=128), #) #fedoraPersonBugzillaMail = validators.Email(strip=True, max=128) #fedoraPersonKeyId- Save this one for later :) postal_address = validators.String(max=512) -class newUser(validators.Schema): +class UserCreate(validators.Schema): username = validators.All( - unknownUser(not_empty=True, max=10), - usernameAllowed(not_empty=True), + UnknownUser(), + ValidUsername(not_empty=True), validators.String(max=32, min=3), ) human_name = validators.String(not_empty=True, max=42) email = validators.All( validators.Email(not_empty=True, strip=True), - nonFedoraEmail(not_empty=True, strip=True), + NonFedoraEmail(not_empty=True, strip=True), ) #fedoraPersonBugzillaMail = validators.Email(strip=True) postal_address = validators.String(max=512) -class changePass(validators.Schema): +class UserSetPassword(validators.Schema): currentpassword = validators.String() # TODO (after we're done with most testing): Add complexity requirements? password = validators.String(min=8) passwordcheck = validators.String() chained_validators = [validators.FieldsMatch('password', 'passwordcheck')] -class usernameExists(validators.Schema): - username = validators.All(knownUser(max=10), validators.String(max=32, min=3)) +class UserView(validators.Schema): + username = KnownUser() + +class UserEdit(validators.Schema): + username = KnownUser() def generatePassword(password=None,length=14,salt=''): ''' Generate Password ''' @@ -147,7 +148,7 @@ class User(controllers.Controller): return dict(tg_errors=tg_errors) @identity.require(turbogears.identity.not_anonymous()) - @validate(validators=usernameExists()) + @validate(validators=UserView()) @error_handler(error) @expose(template="fas.templates.user.view") def view(self, username=None): @@ -176,8 +177,8 @@ class User(controllers.Controller): return dict(person=person, groups=groups, cla=cla, personal=personal, admin=admin) @identity.require(turbogears.identity.not_anonymous()) -# @validate(validators=usernameExists()) -# @error_handler(error) + @validate(validators=UserEdit()) + @error_handler(error) @expose(template="fas.templates.user.edit") def edit(self, targetname=None): '''Edit a user @@ -195,7 +196,7 @@ class User(controllers.Controller): return dict(target=target) @identity.require(turbogears.identity.not_anonymous()) - @validate(validators=editUser()) + @validate(validators=UserSave()) @error_handler(error) @expose(template='fas.templates.user.edit') def save(self, targetname, human_name, telephone, postal_address, email, ircnick=None, gpg_keyid=None, comments='', timezone='UTC'): @@ -246,7 +247,7 @@ class User(controllers.Controller): turbogears.redirect('/user/view/%s' % turbogears.identity.current.user_name) return dict() - @validate(validators=newUser()) + @validate(validators=UserCreate()) @error_handler(error) @expose(template='fas.templates.new') def create(self, username, human_name, email, telephone, postal_address): @@ -285,7 +286,7 @@ class User(controllers.Controller): return dict() @identity.require(turbogears.identity.not_anonymous()) - @validate(validators=changePass()) + @validate(validators=UserSetPassword()) @error_handler(error) @expose(template="fas.templates.user.changepass") def setpass(self, currentpassword, password, passwordcheck):