2016-07-15 00:02:56 +02:00
|
|
|
|
# -*- coding: utf-8 -*-
|
|
|
|
|
|
|
|
|
|
from __future__ import division
|
|
|
|
|
from __future__ import print_function
|
|
|
|
|
from __future__ import unicode_literals
|
|
|
|
|
|
2012-06-27 23:28:35 +02:00
|
|
|
|
from django.contrib.sites.models import Site
|
|
|
|
|
from django.conf import settings
|
2016-05-26 22:20:04 +02:00
|
|
|
|
from django_cas_ng.backends import CASBackend
|
|
|
|
|
from django_cas_ng.utils import get_cas_client
|
|
|
|
|
from django.contrib.auth import get_user_model
|
2014-08-19 12:54:22 +02:00
|
|
|
|
from django.contrib.auth.models import User as DjangoUser
|
2016-06-10 23:59:41 +02:00
|
|
|
|
from django.db import connection
|
2014-08-19 12:54:22 +02:00
|
|
|
|
from django.core.mail import send_mail
|
|
|
|
|
from django.template import Template, Context
|
2012-07-11 17:39:20 +02:00
|
|
|
|
|
2016-12-22 02:00:10 +01:00
|
|
|
|
from gestioncof.models import CofProfile
|
2012-07-11 17:39:20 +02:00
|
|
|
|
|
2016-05-26 22:20:04 +02:00
|
|
|
|
User = get_user_model()
|
|
|
|
|
|
2016-07-09 21:19:37 +02:00
|
|
|
|
|
2012-06-27 23:28:35 +02:00
|
|
|
|
class COFCASBackend(CASBackend):
|
2013-10-01 15:27:19 +02:00
|
|
|
|
def authenticate_cas(self, ticket, service, request):
|
|
|
|
|
"""Verifies CAS ticket and gets or creates User object"""
|
|
|
|
|
|
2016-05-26 22:20:04 +02:00
|
|
|
|
client = get_cas_client(service_url=service)
|
2016-07-09 21:19:37 +02:00
|
|
|
|
username, attributes, _ = client.verify_ticket(ticket)
|
2013-10-01 15:27:19 +02:00
|
|
|
|
if attributes:
|
|
|
|
|
request.session['attributes'] = attributes
|
|
|
|
|
if not username:
|
|
|
|
|
return None
|
2016-11-05 18:31:40 +01:00
|
|
|
|
|
|
|
|
|
# Le CAS de l'ENS accepte les logins avec des espaces au début
|
|
|
|
|
# et à la fin, ainsi qu’avec une casse variable. On normalise pour
|
|
|
|
|
# éviter les doublons.
|
|
|
|
|
username = username.strip().lower()
|
|
|
|
|
|
2016-07-09 21:19:37 +02:00
|
|
|
|
profiles = CofProfile.objects.filter(login_clipper=username)
|
2013-10-01 15:27:19 +02:00
|
|
|
|
if len(profiles) > 0:
|
|
|
|
|
profile = profiles.order_by('-is_cof')[0]
|
|
|
|
|
user = profile.user
|
|
|
|
|
return user
|
|
|
|
|
try:
|
|
|
|
|
user = User.objects.get(username=username)
|
|
|
|
|
except User.DoesNotExist:
|
|
|
|
|
# user will have an "unusable" password
|
|
|
|
|
user = User.objects.create_user(username, '')
|
|
|
|
|
user.save()
|
|
|
|
|
return user
|
|
|
|
|
|
|
|
|
|
def authenticate(self, ticket, service, request):
|
2012-06-27 23:28:35 +02:00
|
|
|
|
"""Authenticates CAS ticket and retrieves user data"""
|
2013-10-01 15:27:19 +02:00
|
|
|
|
user = self.authenticate_cas(ticket, service, request)
|
|
|
|
|
if user is None:
|
|
|
|
|
return user
|
2012-07-11 17:39:20 +02:00
|
|
|
|
try:
|
2016-05-24 00:02:25 +02:00
|
|
|
|
profile = user.profile
|
2012-07-11 17:39:20 +02:00
|
|
|
|
except CofProfile.DoesNotExist:
|
2016-07-09 21:19:37 +02:00
|
|
|
|
profile, created = CofProfile.objects.get_or_create(user=user)
|
2012-07-11 17:39:20 +02:00
|
|
|
|
profile.save()
|
2012-06-27 23:28:35 +02:00
|
|
|
|
if not profile.login_clipper:
|
|
|
|
|
profile.login_clipper = user.username
|
|
|
|
|
profile.save()
|
|
|
|
|
if not user.email:
|
|
|
|
|
user.email = settings.CAS_EMAIL_FORMAT % profile.login_clipper
|
|
|
|
|
user.save()
|
2016-08-26 22:18:22 +02:00
|
|
|
|
if profile.is_buro and not user.is_staff:
|
2012-07-11 17:39:20 +02:00
|
|
|
|
user.is_staff = True
|
|
|
|
|
user.save()
|
2012-06-27 23:28:35 +02:00
|
|
|
|
return user
|
|
|
|
|
|
2016-07-09 21:19:37 +02:00
|
|
|
|
|
|
|
|
|
def context_processor(request):
|
2012-06-27 23:28:35 +02:00
|
|
|
|
'''Append extra data to the context of the given request'''
|
|
|
|
|
data = {
|
|
|
|
|
"user": request.user,
|
|
|
|
|
"site": Site.objects.get_current(),
|
|
|
|
|
}
|
|
|
|
|
return data
|
2013-09-05 22:20:52 +02:00
|
|
|
|
|
2016-07-09 21:19:37 +02:00
|
|
|
|
|
2013-10-01 15:27:19 +02:00
|
|
|
|
def lock_table(*models):
|
|
|
|
|
query = "LOCK TABLES "
|
|
|
|
|
for i, model in enumerate(models):
|
|
|
|
|
table = model._meta.db_table
|
2016-07-09 21:19:37 +02:00
|
|
|
|
if i > 0:
|
|
|
|
|
query += ", "
|
2013-10-01 15:27:19 +02:00
|
|
|
|
query += "%s WRITE" % table
|
2013-09-05 22:20:52 +02:00
|
|
|
|
cursor = connection.cursor()
|
2013-10-01 15:27:19 +02:00
|
|
|
|
cursor.execute(query)
|
2013-09-05 22:20:52 +02:00
|
|
|
|
row = cursor.fetchone()
|
|
|
|
|
return row
|
|
|
|
|
|
2016-07-09 21:19:37 +02:00
|
|
|
|
|
2013-10-01 15:27:19 +02:00
|
|
|
|
def unlock_tables(*models):
|
2013-09-05 22:20:52 +02:00
|
|
|
|
cursor = connection.cursor()
|
|
|
|
|
cursor.execute("UNLOCK TABLES")
|
|
|
|
|
row = cursor.fetchone()
|
|
|
|
|
return row
|
2013-10-01 15:27:19 +02:00
|
|
|
|
|
|
|
|
|
unlock_table = unlock_tables
|