From b4a5961886321b239f6774c508c1d36ce65172c4 Mon Sep 17 00:00:00 2001 From: Valentin Samir Date: Sat, 30 May 2015 19:45:59 +0200 Subject: [PATCH] Using fresh user attributs on ticket creation + auth class as string in config --- cas_server/default_settings.py | 7 +------ cas_server/forms.py | 14 +++++--------- cas_server/models.py | 13 ++++++++----- cas_server/urls.py | 2 +- cas_server/utils.py | 11 +++++++++-- cas_server/views.py | 11 ++++------- 6 files changed, 28 insertions(+), 30 deletions(-) diff --git a/cas_server/default_settings.py b/cas_server/default_settings.py index 33b6ce7..0d047b6 100644 --- a/cas_server/default_settings.py +++ b/cas_server/default_settings.py @@ -10,8 +10,6 @@ # (c) 2015 Valentin Samir """Default values for the app's settings""" from django.conf import settings -from . import auth - def setting_default(name, default_value): """if the config `name` is not set, set it the `default_value`""" @@ -21,7 +19,7 @@ def setting_default(name, default_value): setting_default('CAS_LOGIN_TEMPLATE', 'cas_server/login.html') setting_default('CAS_WARN_TEMPLATE', 'cas_server/warn.html') setting_default('CAS_LOGGED_TEMPLATE', 'cas_server/logged.html') -setting_default('CAS_AUTH_CLASS', auth.DjangoAuthUser) +setting_default('CAS_AUTH_CLASS', 'cas_server.auth.DjangoAuthUser') setting_default('CAS_ST_LEN', 30) setting_default('CAS_TICKET_VALIDITY', 300) setting_default('CAS_TICKET_TIMEOUT', 24*3600) @@ -41,6 +39,3 @@ setting_default('CAS_SQL_USER_QUERY', 'SELECT user AS usersame, pass AS ' \ 'password, users.* FROM users WHERE user = %s') setting_default('CAS_SQL_PASSWORD_CHECK', 'crypt') # crypt or plain -def noop(): - """do nothing""" - pass diff --git a/cas_server/forms.py b/cas_server/forms.py index 7a1f627..2bca9f2 100644 --- a/cas_server/forms.py +++ b/cas_server/forms.py @@ -9,13 +9,13 @@ # # (c) 2015 Valentin Samir """forms for the app""" -from . import default_settings +from .default_settings import settings from django import forms -from django.conf import settings from django.utils.translation import ugettext_lazy as _ -from . import models +import utils +import models class UserCredential(forms.Form): """Form used on the login page to retrive user credentials""" @@ -30,17 +30,13 @@ class UserCredential(forms.Form): def clean(self): cleaned_data = super(UserCredential, self).clean() - auth = settings.CAS_AUTH_CLASS(cleaned_data.get("username")) + auth = utils.import_attr(settings.CAS_AUTH_CLASS)(cleaned_data.get("username")) if auth.test_password(cleaned_data.get("password")): try: user = models.User.objects.get(username=auth.username) - user.attributs = auth.attributs() user.save() except models.User.DoesNotExist: - user = models.User.objects.create( - username=auth.username, - attributs=auth.attributs() - ) + user = models.User.objects.create(username=auth.username) user.save() else: raise forms.ValidationError(_(u"Bad user")) diff --git a/cas_server/models.py b/cas_server/models.py index 2e72263..af86402 100644 --- a/cas_server/models.py +++ b/cas_server/models.py @@ -10,15 +10,14 @@ # # (c) 2015 Valentin Samir """models for the app""" -from . import default_settings +from .default_settings import settings -from django.conf import settings from django.db import models from django.db.models import Q from django.contrib import messages -from picklefield.fields import PickledObjectField from django.utils.translation import ugettext_lazy as _ from django.utils import timezone +from picklefield.fields import PickledObjectField import re import os @@ -27,14 +26,18 @@ from datetime import timedelta from concurrent.futures import ThreadPoolExecutor from requests_futures.sessions import FuturesSession -from . import utils +import utils class User(models.Model): """A user logged into the CAS""" username = models.CharField(max_length=30, unique=True) - attributs = PickledObjectField() date = models.DateTimeField(auto_now_add=True, auto_now=True) + @property + def attributs(self): + """return a fresh dict for the user attributs""" + return utils.import_attr(settings.CAS_AUTH_CLASS)(self.username).attributs() + def __unicode__(self): return self.username diff --git a/cas_server/urls.py b/cas_server/urls.py index eb7853b..2ba50ea 100644 --- a/cas_server/urls.py +++ b/cas_server/urls.py @@ -13,7 +13,7 @@ from django.conf.urls import patterns, url from django.views.generic import RedirectView -from . import views +import views urlpatterns = patterns( '', diff --git a/cas_server/utils.py b/cas_server/utils.py index 9ca7749..4a27276 100644 --- a/cas_server/utils.py +++ b/cas_server/utils.py @@ -9,9 +9,9 @@ # # (c) 2015 Valentin Samir """Some util function for the app""" -from . import default_settings +from .default_settings import settings -from django.conf import settings +from django.utils.importlib import import_module from django.core.urlresolvers import reverse from django.http import HttpResponseRedirect @@ -20,6 +20,13 @@ import urllib import random import string +def import_attr(path): + """transform a python module.attr path to the attr""" + if not isinstance(path, str): + return string + module, attr = path.rsplit('.', 1) + return getattr(import_module(module), attr) + def redirect_params(url_name, params=None): """Redirect to `url_name` with `params` as querystring""" url = reverse(url_name) diff --git a/cas_server/views.py b/cas_server/views.py index a199aab..5403b2f 100644 --- a/cas_server/views.py +++ b/cas_server/views.py @@ -10,13 +10,10 @@ # # (c) 2015 Valentin Samir """views for the app""" -from . import default_settings - -default_settings.noop() +from .default_settings import settings from django.shortcuts import render, redirect from django.http import HttpResponse, HttpResponseRedirect -from django.conf import settings from django.contrib import messages from django.utils.decorators import method_decorator from django.utils.translation import ugettext as _ @@ -29,9 +26,9 @@ import requests from lxml import etree from datetime import timedelta -from . import utils -from . import forms -from . import models +import utils +import forms +import models class AttributesMixin(object): """mixin for the attributs methode"""