general: remove obsolete identification token feature (#7824)
This commit is contained in:
parent
f19675211a
commit
24a783380b
|
|
@ -756,9 +756,6 @@ class SettingsDirectory(QommonSettingsDirectory):
|
|||
def misc(self):
|
||||
misc_cfg = get_cfg('misc', {})
|
||||
form = Form(enctype="multipart/form-data")
|
||||
form.add(CheckboxWidget, 'do-not-token',
|
||||
title = _('Do not show anything about identification tokens'),
|
||||
value = misc_cfg.get('do-not-token', False))
|
||||
form.add(WidgetDict, 'namespaces',
|
||||
title = _('Namespaces for prefilling'),
|
||||
value = misc_cfg.get('namespaces', {}))
|
||||
|
|
@ -775,7 +772,7 @@ class SettingsDirectory(QommonSettingsDirectory):
|
|||
r += form.render()
|
||||
return r.getvalue()
|
||||
else:
|
||||
cfg_submit(form, 'misc', ('do-not-token', 'namespaces'))
|
||||
cfg_submit(form, 'misc', ('namespaces',))
|
||||
return redirect('.')
|
||||
|
||||
def export(self):
|
||||
|
|
|
|||
|
|
@ -1,27 +0,0 @@
|
|||
# w.c.s. - web application for online forms
|
||||
# Copyright (C) 2005-2010 Entr'ouvert
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
from qommon.storage import StorableObject
|
||||
|
||||
class AnonymityLink(StorableObject):
|
||||
_names = 'anonylinks'
|
||||
|
||||
key = None
|
||||
name_identifier = None
|
||||
formdata_type = None
|
||||
formdata_def_id = None
|
||||
formdata_id = None
|
||||
|
||||
|
|
@ -23,7 +23,6 @@ from wcs.fields import WidgetField
|
|||
from qommon import template
|
||||
from qommon import get_logger
|
||||
from qommon.form import *
|
||||
from wcs.anonylink import AnonymityLink
|
||||
from qommon.strftime import strftime
|
||||
|
||||
from qommon.admin.texts import TextsDirectory
|
||||
|
|
@ -99,15 +98,8 @@ class FormStatusPage(Directory):
|
|||
user = get_user_from_api_query_string() or get_request().user
|
||||
else:
|
||||
user = get_request().user
|
||||
if user:
|
||||
if user.anonymous:
|
||||
anonylink = AnonymityLink.select(
|
||||
lambda x: x.name_identifier == session.name_identifier and
|
||||
x.formdata_type == 'form' and
|
||||
x.formdata_def_id == self.formdef.id)
|
||||
if len(anonylink) == 1:
|
||||
mine = True
|
||||
elif self.filled.is_submitter(user):
|
||||
if user and not user.anonymous:
|
||||
if self.filled.is_submitter(user):
|
||||
mine = True
|
||||
else:
|
||||
if get_session() and get_session().is_anonymous_submitter(self.filled):
|
||||
|
|
|
|||
|
|
@ -39,7 +39,6 @@ from qommon.form import *
|
|||
from qommon import tokens
|
||||
from qommon import emails
|
||||
|
||||
from wcs.anonylink import AnonymityLink
|
||||
from wcs.categories import Category
|
||||
from wcs.formdef import FormDef
|
||||
from wcs.formdata import FormData
|
||||
|
|
@ -63,22 +62,12 @@ def get_user_forms(formdef):
|
|||
session = get_session()
|
||||
user = session.get_user()
|
||||
user_forms = []
|
||||
if user:
|
||||
if user.anonymous:
|
||||
anonylinks = AnonymityLink.select(
|
||||
lambda x: x.name_identifier == session.name_identifier and
|
||||
x.formdata_type == 'form')
|
||||
for anonylink in anonylinks:
|
||||
if anonylink.formdata_def_id != formdef.id:
|
||||
continue
|
||||
user_forms.append(formdef.data_class().get(anonylink.formdata_id))
|
||||
else:
|
||||
user_forms.extend(formdef.data_class().get_with_indexed_value('user_id', user.id))
|
||||
try:
|
||||
user_forms.extend(formdef.data_class().get_with_indexed_value('user_hash', user.hash))
|
||||
except AttributeError:
|
||||
pass
|
||||
|
||||
if user and not user.anonymous:
|
||||
user_forms.extend(formdef.data_class().get_with_indexed_value('user_id', user.id))
|
||||
try:
|
||||
user_forms.extend(formdef.data_class().get_with_indexed_value('user_hash', user.hash))
|
||||
except AttributeError:
|
||||
pass
|
||||
return user_forms
|
||||
|
||||
from wcs.forms.common import FormStatusPage
|
||||
|
|
@ -798,15 +787,6 @@ class FormPage(Directory):
|
|||
self.keep_tracking_code(filled)
|
||||
session.remove_magictoken(get_request().form.get('magictoken'))
|
||||
|
||||
if not filled.user_id and existing_formdata is None:
|
||||
a = AnonymityLink()
|
||||
a.formdata_type = 'form'
|
||||
a.formdata_def_id = self.formdef.id
|
||||
a.formdata_id = filled.id
|
||||
if session.name_identifier:
|
||||
a.name_identifier = session.name_identifier
|
||||
# XXX nothing with anonylink.key ?
|
||||
a.store()
|
||||
get_logger().info('form %s - done (id: %s)' % (self.formdef.name, filled.id))
|
||||
url = None
|
||||
if existing_formdata is None:
|
||||
|
|
@ -1105,9 +1085,6 @@ class RootDirectory(AccessControlled, Directory):
|
|||
if user.can_go_in_backoffice():
|
||||
r += htmltext('<a href="%sbackoffice/">%s</a> - ') % (root_url, _('Back Office'))
|
||||
if user.anonymous:
|
||||
if not get_cfg('misc', {}).get('do-not-token', False):
|
||||
r += htmltext('<a href="%stoken">%s</a> - ') % (root_url, _('Enter Identification Token'))
|
||||
|
||||
if get_cfg('saml_identities', {}).get('creation', 'admin') != 'admin':
|
||||
r += htmltext('<a href="%sregister">%s</a> - ') % (root_url, _('Register'))
|
||||
|
||||
|
|
|
|||
55
wcs/root.py
55
wcs/root.py
|
|
@ -48,7 +48,6 @@ from qommon.afterjobs import AfterJobStatusDirectory
|
|||
from categories import Category
|
||||
from data_sources import NamedDataSource
|
||||
from formdef import FormDef
|
||||
from anonylink import AnonymityLink
|
||||
from roles import Role
|
||||
from wcs.api import get_user_from_api_query_string, ApiDirectory
|
||||
from myspace import MyspaceDirectory
|
||||
|
|
@ -193,7 +192,7 @@ class RegisterDirectory(Directory):
|
|||
|
||||
|
||||
class RootDirectory(Directory):
|
||||
_q_exports = ['admin', 'backoffice', 'forms', 'login', 'logout', 'token', 'saml',
|
||||
_q_exports = ['admin', 'backoffice', 'forms', 'login', 'logout', 'saml',
|
||||
'ident', 'register', 'afterjobs', 'themes', 'myspace', 'user', 'roles',
|
||||
'pages', ('tmp-upload', 'tmp_upload'), 'api', '__version__',
|
||||
'tryauth', 'auth', 'preview']
|
||||
|
|
@ -233,58 +232,6 @@ class RootDirectory(Directory):
|
|||
# (and to set it as none/get/soap?)
|
||||
return self.saml.slo_sp()
|
||||
|
||||
def token(self):
|
||||
if not get_request().user:
|
||||
raise errors.AccessUnauthorizedError()
|
||||
|
||||
form = Form(enctype='multipart/form-data')
|
||||
form.add(StringWidget, 'token', title = _('Identification Token'),
|
||||
required = True, size = 30)
|
||||
form.add_submit('submit', _('Submit'))
|
||||
form.add_submit('cancel', _('Cancel'))
|
||||
|
||||
if form.get_widget('cancel').parse():
|
||||
return redirect('.')
|
||||
|
||||
if not form.is_submitted() or form.has_errors():
|
||||
template.html_top(_('Identification Token'))
|
||||
# TODO: include explanation about identification token (?)
|
||||
r = TemplateIO(html=True)
|
||||
r += htmltext('<p>%s</p>') % _('Please enter your identification token.')
|
||||
r += htmltext(form.render())
|
||||
return r.getvalue()
|
||||
else:
|
||||
session = get_session()
|
||||
if get_request().user:
|
||||
lasso_dump = get_request().user.lasso_dump
|
||||
else:
|
||||
return template.error_page('No Lasso Identity Dump (???)')
|
||||
token = form.get_widget('token').parse()
|
||||
users_with_token = list(get_publisher().user_class.get_users_with_identification_token(token))
|
||||
if len(users_with_token) == 0:
|
||||
return template.error_page(_('Unknown Token'))
|
||||
|
||||
user = users_with_token[0]
|
||||
user.name_identifiers.append(session.name_identifier)
|
||||
user.lasso_dump = str(lasso_dump)
|
||||
user.identification_token = None
|
||||
user.store()
|
||||
|
||||
session.set_user(user.id)
|
||||
|
||||
for anonylink in AnonymityLink.select(
|
||||
lambda x: x.name_identifier == session.name_identifier):
|
||||
if anonylink.formdata_type == 'form':
|
||||
fdef = FormDef.get(anonylink.formdata_def_id)
|
||||
else:
|
||||
continue # ?
|
||||
data = fdef.data_class().get(anonylink.formdata_id)
|
||||
data.user_id = user.id
|
||||
data.store()
|
||||
anonylink.remove_self()
|
||||
|
||||
return redirect('.')
|
||||
|
||||
def user(self):
|
||||
if get_request().is_json():
|
||||
return self.user_json()
|
||||
|
|
|
|||
15
wcs/sql.py
15
wcs/sql.py
|
|
@ -392,7 +392,6 @@ def do_user_table():
|
|||
is_admin bool,
|
||||
anonymous bool,
|
||||
name_identifiers text[],
|
||||
identification_token varchar,
|
||||
lasso_dump text,
|
||||
last_seen timestamp)''' % table_name)
|
||||
cur.execute('''SELECT column_name FROM information_schema.columns
|
||||
|
|
@ -400,7 +399,7 @@ def do_user_table():
|
|||
existing_fields = set([x[0] for x in cur.fetchall()])
|
||||
|
||||
needed_fields = set(['id', 'name', 'email', 'roles', 'is_admin',
|
||||
'anonymous', 'name_identifiers', 'identification_token',
|
||||
'anonymous', 'name_identifiers',
|
||||
'lasso_dump', 'last_seen'])
|
||||
|
||||
from admin.settings import UserFieldsFormDef
|
||||
|
|
@ -1241,7 +1240,6 @@ class SqlUser(SqlMixin, wcs.users.User):
|
|||
('is_admin', 'bool'),
|
||||
('anonymous', 'bool'),
|
||||
('name_identifiers', 'varchar[]'),
|
||||
('identification_token', 'varchar'),
|
||||
('lasso_dump', 'text'),
|
||||
('last_seen', 'timestamp')
|
||||
]
|
||||
|
|
@ -1262,7 +1260,6 @@ class SqlUser(SqlMixin, wcs.users.User):
|
|||
'is_admin': self.is_admin,
|
||||
'anonymous': self.anonymous,
|
||||
'name_identifiers': self.name_identifiers,
|
||||
'identification_token': self.identification_token,
|
||||
'lasso_dump': self.lasso_dump,
|
||||
'last_seen': None,
|
||||
}
|
||||
|
|
@ -1303,8 +1300,8 @@ class SqlUser(SqlMixin, wcs.users.User):
|
|||
def _row2ob(cls, row):
|
||||
o = cls()
|
||||
(o.id, o.name, o.email, o.roles, o.is_admin, o.anonymous,
|
||||
o.name_identifiers, o.identification_token, o.lasso_dump,
|
||||
o.last_seen) = tuple(row[:10])
|
||||
o.name_identifiers, o.lasso_dump,
|
||||
o.last_seen) = tuple(row[:9])
|
||||
if o.last_seen:
|
||||
o.last_seen = time.mktime(o.last_seen.timetuple())
|
||||
if o.roles:
|
||||
|
|
@ -1587,7 +1584,7 @@ def get_yearly_totals(period_start=None, period_end=None, criterias=None):
|
|||
return result
|
||||
|
||||
|
||||
SQL_LEVEL = 3
|
||||
SQL_LEVEL = 4
|
||||
|
||||
def migrate_global_views(conn, cur):
|
||||
cur.execute('''SELECT COUNT(*) FROM information_schema.tables
|
||||
|
|
@ -1620,7 +1617,9 @@ def migrate():
|
|||
# make sure all formdefs have up-to-date views
|
||||
do_formdef_tables(formdef, conn=conn, cur=cur, rebuild_views=True)
|
||||
migrate_global_views(conn, cur)
|
||||
if sql_level < 3: # 3: introduction of _structured for user fields
|
||||
if sql_level < 4:
|
||||
# 3: introduction of _structured for user fields
|
||||
# 4: removal of identification_token
|
||||
do_user_table()
|
||||
|
||||
cur.execute('''UPDATE wcs_meta SET value = %s WHERE key = %s''', (
|
||||
|
|
|
|||
|
|
@ -34,7 +34,6 @@ class User(StorableObject):
|
|||
form_data = None # dumping ground for custom fields
|
||||
|
||||
name_identifiers = None
|
||||
identification_token = None
|
||||
lasso_dump = None
|
||||
|
||||
last_seen = None
|
||||
|
|
@ -147,10 +146,6 @@ class User(StorableObject):
|
|||
return cls.select([st.Equal('email', email)])
|
||||
get_users_with_email = classmethod(get_users_with_email)
|
||||
|
||||
def get_users_with_identification_token(cls, token):
|
||||
return cls.select([st.Equal('identification_token', token)])
|
||||
get_users_with_identification_token = classmethod(get_users_with_identification_token)
|
||||
|
||||
def get_substitution_variables(self, prefix='session_'):
|
||||
d = {
|
||||
prefix+'user': self,
|
||||
|
|
|
|||
Loading…
Reference in New Issue