If a user was logged in and already verified, the resend_verification
link would cause a server error. This fix addresses that by using the
correct syntax to query the username from the request.
The code base had many references to User.username and other
specific to LocalUser attributes as that was the way it use to exist.
This updates those to query on the generic User model but filtering
by attributes on the LocalUser.
The login function in mediagoblin/auth/views.py grabs the username prior to
form validation. If validation passes, the pre-validated username is passed to
the check_login_simple function.
Lowercasifying of the username occurs as part of form validation. By sending
the pre-validated username, there's a chance of sending a username with
uppercase letters. This will fail to match any user ids in the database, as
all of the usernames are lowercased during the registration process.
This change sends the post-validated username to check_login_simple, so that
any username that was entered by the user with uppercase letters has a chance
to be properly lowercased before being passed.
User table columns (is_admin, status, email_verified) and making sure that
their functionality is instead completely handled by privileges. I also worked
on the meta pages which I hope to finish soon. I set up migrations to ensure
the default privileges are given to users that should have them. Lastly, I made
it so that banned users can log out.
===============================================================================
Made Sure the Vestigial Columns of the User Table were not being Used
===============================================================================
--\ mediagoblin/auth/views.py
--\ mediagoblin/db/models.py
--\ mediagoblin/templates/mediagoblin/base.html
--\ mediagoblin/templates/mediagoblin/moderation/user.html
--\ mediagoblin/templates/mediagoblin/user_pages/collection_lis$
--\ mediagoblin/templates/mediagoblin/user_pages/user.html
--\ mediagoblin/tests/test_auth.py
--\ mediagoblin/tests/test_persona.py
--\ mediagoblin/user_pages/views.py
===============================================================================
Wrote the Migrations to Set up the Default Privileges
===============================================================================
--\ mediagoblin/db/migrations.py
--\ mediagoblin/gmg_commands/users.py
===============================================================================
Work on the Meta Pages
===============================================================================
--\ mediagoblin/meta/routing.py
--\ mediagoblin/meta/views.py
--\ mediagoblin/static/css/base.css
--\ mediagoblin/templates/mediagoblin/meta/terms_of_service.html
===============================================================================
Small Changes
===============================================================================
--\ mediagoblin/templates/mediagoblin/base.html
--| Benevolently made it so that banned users can log out
===============================================================================
X X X X X X X X X X X X X X X X X X X X
===============================================================================
did a few things. I wrote many many many new tests, either in old test files or
in the three new test files I made. I also did some code-keeping work, deleting
trailing whitespace and deleting vestigial code. Lastly, I fixed the parts of
the code which I realized were broken thru the process of running tests.
===============================================================================
Deleted trailing whitespace:
===============================================================================
--\ mediagoblin/decorators.py
--\ mediagoblin/auth/tools.py
--\ mediagoblin/db/migrations.py
--\ mediagoblin/db/models.py
--\ mediagoblin/gmg_commands/users.py
--\ mediagoblin/moderation/forms.py
--\ mediagoblin/moderation/tools.py
--\ mediagoblin/moderation/views.py
--\ mediagoblin/templates/mediagoblin/moderation/media_panel.html
--\ mediagoblin/templates/mediagoblin/moderation/report.html
--\ mediagoblin/templates/mediagoblin/moderation/report_panel.html
--\ mediagoblin/templates/mediagoblin/moderation/user.html
--\ mediagoblin/templates/mediagoblin/moderation/user_panel.html
--\ mediagoblin/templates/mediagoblin/user_pages/report.html
--\ mediagoblin/templates/mediagoblin/utils/report.html
--\ mediagoblin/user_pages/lib.py
--\ mediagoblin/user_pages/views.py
===============================================================================
Deleted Vestigial Code
===============================================================================
--\ mediagoblin/db/util.py
--\ mediagoblin/tests/test_notifications.py
===============================================================================
Modified the Code:
===============================================================================
--\ mediagoblin/moderation/tools.py
--| Encapsulated the code around giving/taking away privileges into two
| funtions.
--\ mediagoblin/moderation/views.py
--| Imported and used the give/take away privilege functions
--| Replaced 'require_admin_or_moderator_login' with
|'user_has_privilege(u"admin")' for adding/taking away privileges, only
| admins are allowed to do this.
--\ mediagoblin/templates/mediagoblin/banned.html
--| Added relevant translation tags
--| Added ability to display indefinite banning
--\ mediagoblin/templates/mediagoblin/user_pages/media.html
--| Made sure the add comments button was only visible for users with the
| `commenter` privilege
--\ mediagoblin/tests/test_submission.py
--| Paroneayea fixed a DetachedInstanceError I was having with the our_user
| function
--\ mediagoblin/tests/tools.py
--| Added a fixture_add_comment_report function for testing.
--\ mediagoblin/tools/response.py
--| Fixed a minor error where a necessary return statement was missing
--| Fit the code within 80 columns
--\ mediagoblin/user_pages/views.py
--| Added a necessary decorator to ensure that only users with the 'commenter'
| privilege can post comments
===============================================================================
Wrote new tests for an old test file:
===============================================================================
--\ mediagoblin/tests/test_auth.py
--| Added a new test to make sure privilege granting on registration happens
| correctly
--\ mediagoblin/tests/test_modelmethods.py*
--| Added a test to ensure the User method has_privilege works properly
===============================================================================
Wrote entirely new files full of tests:
===============================================================================
--\ mediagoblin/tests/test_moderation.py
--\ mediagoblin/tests/test_privileges.py
--\ mediagoblin/tests/test_reporting.py
===============================================================================
===============================================================================
NOTE: Any files I've marked with a * in this commit report, were actually subm-
itted in my last commit. I made that committ to fix an error I was having, so
they weren't properly documented in that report.
===============================================================================
===============================================================================
Since sessions are rebuilt, e.g. when you try to post a blank
comment and therefore receive an error message, the session will
be overwritten without the old max_age.
As proposed in issue #354; it adds an attribute max_age
to mediagoblin.tools.session.Session that is passed to
response.set_cookie; max_age is set to 30 days if the
checkbox is selected
the basic_auth branch that persona is forked from
Conflicts:
mediagoblin/templates/mediagoblin/auth/login.html
mediagoblin/templates/mediagoblin/auth/register.html
mediagoblin/templates/mediagoblin/edit/edit_account.html
These are commit messages from the squashed persona stuff:
- added tests and fixed minor errors
- fixed a redirect loop when only persona is enabled and accessing /auth/login
- moved persona.js to plugin's static dir
- fixes for add/remove persona emails
- add and remove personas
- working with multiple plugins
- working version
- switched to hidden form instead of ajax
- beginings
basic_auth branch that openid is forked from
Commits squashed together (in reverse chronological order):
- do the label thing only for boolean fields
- made edit_account to autofocus on the first field
- added feature to render_divs where if field.label == '' then it
will render form.description the same a render_label
- added allow_registration check
- refactored create_user
- removed verification_key from create_user
- removed get_user from openid
- cleanup after removing openid from template_env.globals
- fix for werkzueg 0.9.1
- cleanup after merge
- more tests
- restored openid extra_validation just for safety
- tests for openid
- deleted openid extra_validation
- passed next parameter in session for openid
- fixed a bug that was deleting the messages
- implemented openid store using sqlalchemy
- ask openid provider for 'nickname' to prefill username in registration form
- refactored delete openid url to work with generic urls such as
google and to not allow a user to delete a url if it is there only
one and they don't have a pw
- refactored login to register user workflow, which fixed a problem
where the 'or register with a password link' wasn't showing up when
the finish_login view called the register view because there wasn't
any redirect.
- added the ability to remove openid's
- added the ability to add openids to an existing account
- refactored start_login and finish_login views
- modified edit_account.html to use render_divs
- modified gmg/edit/views to behave appropriatly if no password
authentication is enabled. moved the update email stuff to it's own
funtion to make edit_account view cleaner. edit_account now
modifies the form depending on the plugins.
- minor typos
- added retrieving email from openid provider
- moved allow_registration check to a decorator
- moved check if auth is enabled to a decorator
- changed openid user registration to go through login first
- cleanup after merge
- modified verification emails to use itsdangerous tokens
- added error handling on bad token, fixed route, and added tests
- added support for user to change email address
- added link to login view openid/password in login template
- updated openid get_user function
- modified get_user function to take kwargs instead of username
- no need for user might be email kwarg in check_login_simple
- added gen_password_hash and check_password functions to auth/__init__
- added focus to form input
- made imports fully qualified
- modified basic_auth.check_login to check that the user has a pw_hash first
- changed occurances of form.data['whatever'] to form.whatever.data
- convert tabs to spaces in register template, remove unsed
templates, and fixed trans tags in templates
- in process of openid login. it works, but needs major imporvements
- make password field required in basic_auth form
- check if password field present in basic_auth create_user
- modified openid create_user function
- modified models based on Elronds suggestions
- changed register form action to a variable to be passed in by the
view using the template
- openid plugin v0, still need to authenticate via openid.
- added a register_user function to be able to use in a plugin's
register view, and modified auth/views.register to redirect to
openid/register if appropriate.
- Modified basic_auth plugin to work with modified auth plugin
hooks. Added context variables. Removed basic_auth/tools which was
previously renamed to basic_auth/lib.
- modified auth/__init__ hooks to work better with multiple
plugins. Removed auth/lib.py. And added a basic_extra_verification
function that all plugins will use.
- added models and migrations for openid plugin
as to not conflict with the new federated groups which are also being written.
I also fixed up some of the code in the user_in_group/user_has_privilege decor-
ator. Users are now assigned the default privileges when they sign up, and ass-
iged active once they are activated. I updated the gmg command makeadmin to use
my groups as well. Lastly, I added the decorator to various views, requiring th-
at users belong to appropriate groups to access pages.
--\ mediagoblin/auth/tools.py
--| Added code to assign new users to default privileges
--\ mediagoblin/auth/views.py
--| Added code to assign users to u'active' privilege once the email
| verification is complete
--\ mediagoblin/db/migrations.py
--| Renamed Group class to Privilege class
--\ mediagoblin/db/models.py
--| Renamed Group class to Privilege class
--\ mediagoblin/decorators.py
--| Renamed function based on the Group->Privilege change
--| Rewrote the function to be, ya know, functional
--\ mediagoblin/gmg_commands/users.py
--| Changed the 'makeadmin' command to add the target user to the admin
| privilege group as well as affecting 'is_admin' column
--\ mediagoblin/submit/views.py
--| Added the requirement that a user has the 'uploader' privilege in order
| to submit new media.
--\ mediagoblin/user_pages/views.py
--| Added the requirement that a user has the 'commenter' privilege in order
| to make a comment.
--| Added the requirement that a user has the 'reporter' privilege in order
| to submit new reports.
--| Got rid of some vestigial code in the file_a_report function.
