kpsul/gestioncof/shared.py

99 lines
3 KiB
Python
Raw Normal View History

2016-07-15 00:02:56 +02:00
# -*- coding: utf-8 -*-
from __future__ import division
from __future__ import print_function
from __future__ import unicode_literals
2012-06-27 23:28:35 +02:00
from django.contrib.sites.models import Site
from django.conf import settings
from django_cas_ng.backends import CASBackend
from django_cas_ng.utils import get_cas_client
from django.contrib.auth import get_user_model
from django.db import connection
2012-07-11 17:39:20 +02:00
from gestioncof.models import CofProfile
2012-07-11 17:39:20 +02:00
User = get_user_model()
2012-06-27 23:28:35 +02:00
class COFCASBackend(CASBackend):
2013-10-01 15:27:19 +02:00
def authenticate_cas(self, ticket, service, request):
"""Verifies CAS ticket and gets or creates User object"""
client = get_cas_client(service_url=service)
username, attributes, _ = client.verify_ticket(ticket)
2013-10-01 15:27:19 +02:00
if attributes:
request.session['attributes'] = attributes
if not username:
return None
# Le CAS de l'ENS accepte les logins avec des espaces au début
# et à la fin, ainsi quavec une casse variable. On normalise pour
# éviter les doublons.
username = username.strip().lower()
profiles = CofProfile.objects.filter(login_clipper=username)
2013-10-01 15:27:19 +02:00
if len(profiles) > 0:
profile = profiles.order_by('-is_cof')[0]
user = profile.user
return user
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
# user will have an "unusable" password
user = User.objects.create_user(username, '')
user.save()
return user
def authenticate(self, ticket, service, request):
2012-06-27 23:28:35 +02:00
"""Authenticates CAS ticket and retrieves user data"""
2013-10-01 15:27:19 +02:00
user = self.authenticate_cas(ticket, service, request)
if user is None:
return user
2012-07-11 17:39:20 +02:00
try:
profile = user.profile
2012-07-11 17:39:20 +02:00
except CofProfile.DoesNotExist:
profile, created = CofProfile.objects.get_or_create(user=user)
2012-07-11 17:39:20 +02:00
profile.save()
2012-06-27 23:28:35 +02:00
if not profile.login_clipper:
profile.login_clipper = user.username
profile.save()
if not user.email:
user.email = settings.CAS_EMAIL_FORMAT % profile.login_clipper
user.save()
if profile.is_buro and not user.is_staff:
2012-07-11 17:39:20 +02:00
user.is_staff = True
user.save()
2012-06-27 23:28:35 +02:00
return user
def context_processor(request):
2012-06-27 23:28:35 +02:00
'''Append extra data to the context of the given request'''
data = {
"user": request.user,
"site": Site.objects.get_current(),
}
2012-06-27 23:28:35 +02:00
return data
2013-10-01 15:27:19 +02:00
def lock_table(*models):
query = "LOCK TABLES "
for i, model in enumerate(models):
table = model._meta.db_table
if i > 0:
query += ", "
2013-10-01 15:27:19 +02:00
query += "%s WRITE" % table
cursor = connection.cursor()
2013-10-01 15:27:19 +02:00
cursor.execute(query)
row = cursor.fetchone()
return row
2013-10-01 15:27:19 +02:00
def unlock_tables(*models):
cursor = connection.cursor()
cursor.execute("UNLOCK TABLES")
row = cursor.fetchone()
return row
2013-10-01 15:27:19 +02:00
unlock_table = unlock_tables