Canonical SSO provider

Merge lp:~canonical-isd-hackers/canonical-identity-provider/better-admin into lp:canonical-identity-provider/release

better-admin
Merge into trunk

Proposed by Łukasz Czyżykowski on 2010-04-22

Status:	Superseded
Proposed branch:	lp:~canonical-isd-hackers/canonical-identity-provider/better-admin
Merge into:	lp:canonical-identity-provider/release
Diff against target:	415 lines (+310/-6) 6 files modified identityprovider/admin.py (+197/-3) identityprovider/models/account.py (+3/-1) identityprovider/models/api.py (+1/-1) identityprovider/models/const.py (+17/-0) identityprovider/models/emailaddress.py (+1/-1) scripts/generate-random-accounts (+91/-0)
To merge this branch:	bzr merge lp:~canonical-isd-hackers/canonical-identity-provider/better-admin
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
Canonical ISD hackers		2010-04-22	Pending
Review via email: mp+23940@code.launchpad.net

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Adrian John San migel

Alexsandr

Corey Russell SR

Damian

Danny Tamez

Diane Montana

Frederico Miranda

Magdalena Shneider

Maximiliano Bertacchini

Rick McMeen

William Grant

abdulhameed omair

alhawiti

fralogos32

marek duda

martin

Łukasz Czyżykowski

to status/vote changes:

Harpianto,ANDI

rocket_69

Canonical SSO provider

Merge lp:~canonical-isd-hackers/canonical-identity-provider/better-admin into lp:canonical-identity-provider/release

Commit message

Description of the change

Preview Diff

Subscribers

 === modified file 'identityprovider/admin.py'
 --- identityprovider/admin.py	2010-04-21 15:29:24 +0000
 +++ identityprovider/admin.py	2010-04-30 13:24:33 +0000
@@ -3,22 +3,38 @@
  from django.contrib import admin
  from django import forms
++from django.utils.safestring import mark_safe
++from django.utils.translation import ugettext_lazy as _
  from identityprovider.models import (Account, AccountPassword, EmailAddress,
                                       OpenIDRPConfig, APIUser)
++from identityprovider.utils import encrypt_launchpad_password
  from identityprovider.const import SREG_LABELS
++from identityprovider.models.const import AccountStatus, EmailStatus
  from identityprovider.fields import CommaSeparatedField
  class OpenIDRPConfigForm(forms.ModelForm):
--    displayname = forms.CharField()
++    displayname = forms.CharField(label=_("Display name"))
      trust_root = forms.URLField(verify_exists=False)
      logo = forms.CharField(required=False)
      allowed_sreg = CommaSeparatedField(
--        choices=SREG_LABELS.items(), required=False)
++        choices=SREG_LABELS.items(),
++        required=False,
++        widget=forms.CheckboxSelectMultiple
++    )
++    can_query_any_team = forms.BooleanField(label=_("Can query private teams"),
++                                            required=False)
++    auto_authorize = forms.BooleanField(label=_("Auto-authorize"),
++                                        required=False)
  class OpenIDRPConfigAdmin(admin.ModelAdmin):
++    class Media:
++        css = {
++            'all': ("/assets/identityprovider/admin-fixes.css",)
++        }
++
      form = OpenIDRPConfigForm
      list_display = ('displayname', 'trust_root', 'can_query_any_team',
          'auto_authorize')
@@ -27,17 +43,195 @@
      search_fields = ('displayname', 'trust_root')
++class AccountPasswordInlineForm(forms.ModelForm):
++    class Meta:
++        model = AccountPassword
++
++    password = forms.CharField(widget=forms.PasswordInput, required=False,
++                               label="")
++
++    def __init__(self, *args, **kwargs):
++        initial = kwargs.get('initial', {})
++        initial.update({'password': ''})
++        kwargs['initial'] = initial
++        super(AccountPasswordInlineForm, self).__init__(*args, **kwargs)
++
++
++class AccountPasswordFormset(forms.models.BaseInlineFormSet):
++    def __init__(self, *args, **kwargs):
++        super(AccountPasswordFormset, self).__init__(*args, **kwargs)
++        self.can_delete = False
++
++
  class AccountPasswordInline(admin.TabularInline):
      model = AccountPassword
++    form = AccountPasswordInlineForm
++    formset = AccountPasswordFormset
++
++
++class EmailAddressInlineForm(forms.ModelForm):
++    class Meta:
++        model = EmailAddress
++        exclude = ('person',)
++
++    email = forms.CharField(widget=forms.TextInput(attrs={'size': 40}),
++                            label=_("Email address"))
++
++
++class EmailAddressInlineFormSet(forms.models.BaseInlineFormSet):
++
++    def clean(self):
++        super(EmailAddressInlineFormSet, self).clean()
++        count = 0
++        for form in self.forms:
++            if form.is_valid() and form.cleaned_data:
++                status = form.cleaned_data['status']
++                if status == EmailStatus.PREFERRED:
++                    count += 1
++        if count > 1:
++            raise forms.ValidationError(
++                _("Only one email address can be preferred."))
  class EmailAddressInline(admin.TabularInline):
      model = EmailAddress
++    form = EmailAddressInlineForm
++    formset = EmailAddressInlineFormSet
++    verbose_name_plural = _("Email addresses")
++
++
++class StatusWidget(forms.Select):
++
++    date_status_set = None
++
++    def render(self, name, value, attrs=None, choices=()):
++        select = super(StatusWidget, self).render(name, value, attrs, choices)
++        if self.date_status_set:
++            status_date = _("Set on %s") % self.date_status_set
++        else:
++            status_date = ""
++        return mark_safe("%s %s" % (select, status_date))
++
++
++class ReadOnlyDateTime(forms.widgets.Widget):
++
++    value = None
++
++    def render(self, name, value, attrs=None):
++        return str(self.value)
++
++
++class LPUsernameWidget(forms.widgets.Widget):
++
++    account = None
++
++    def render(self, name, value, attrs=None):
++        return mark_safe(account_to_lp_link(self.account))
++
++
++class LPUsernameField(forms.Field):
++    widget = LPUsernameWidget
++
++
++class AccountAdminForm(forms.ModelForm):
++    class Meta:
++        model = Account
++        exclude = ('date_status_set',)
++
++    def __init__(self, *args, **kwargs):
++        instance = kwargs.get('instance')
++        if instance:
++            widget = self.declared_fields['status'].widget
++            widget.date_status_set = instance.date_status_set
++
++            widget = self.declared_fields['date_created'].widget
++            widget.value = instance.date_created
++
++            widget = self.declared_fields['lp_username'].widget
++            widget.account = instance
++        super(AccountAdminForm, self).__init__(*args, **kwargs)
++
++    date_created = forms.DateTimeField(widget=ReadOnlyDateTime, required=False)
++    lp_username = LPUsernameField(label=_("LP username"), required=False)
++    status = forms.TypedChoiceField(widget=StatusWidget,
++                                    choices=AccountStatus._get_choices())
++
++    displayname = forms.CharField(label=_("Display name"),
++                                  widget=forms.TextInput)
++    openid_identifier = forms.CharField(label=_("OpenID identifier"),
++                                        widget=forms.TextInput)
++
++
++def account_to_lp_link(account):
++    if account and account.person:
++        return ('<a href="https://launchpad.net/~%s">%s</a>' %
++                    (account.person.name, account.person.name))
++        return ""
  class AccountAdmin(admin.ModelAdmin):
      inlines = [AccountPasswordInline, EmailAddressInline]
++    form = AccountAdminForm
++
++    def preferred_email(self, account):
++        return account.preferredemail or ''
++
++    def name(self, account):
++        return account_to_lp_link(account)
++    name.short_description = _("LP username")
++    name.allow_tags = True
++
++    def save_formset(self, request, form, formset, change):
++        if formset.model is AccountPassword:
++            password = formset.forms[0].cleaned_data.get('password')
++            instances = formset.save(commit=False)
++            if len(instances) == 1 and password:
++                instance = instances[0]
++                encrypted_password = encrypt_launchpad_password(password)
++                instance.password = encrypted_password
++                instance.save()
++        else:
++            super(AccountAdmin, self).save_formset(
++                request, form, formset, change)
++
++    fieldsets = (
++        (None, {
++            'fields': ('date_created', 'lp_username', 'creation_rationale',
++                       'status', 'displayname', 'openid_identifier')
++        }),
++    )
++
++    list_display = ('__unicode__', 'preferred_email', 'name', 'status')
++    search_fields = ('displayname', 'emailaddress__email', 'openid_identifier')
++    list_filter = ('date_created', 'status', 'date_status_set')
++
++
++class APIUserAdminForm(forms.ModelForm):
++    class Meta:
++        model = APIUser
++
++    def __init__(self, *args, **kwargs):
++        kwargs['initial'] = {'password': ''}
++        super(APIUserAdminForm, self).__init__(*args, **kwargs)
++
++    password = forms.CharField(required=False)
++
++
++class APIUserAdmin(admin.ModelAdmin):
++    model = APIUser
++
++    form = APIUserAdminForm
++
++    search_fields = ['username']
++
++    def save_model(self, request, obj, form, change):
++        password = form.cleaned_data.get('password')
++        if password:
++            obj.set_password(password)
++        obj.save()
++
++
  admin.site.register(Account, AccountAdmin)
  admin.site.register(OpenIDRPConfig, OpenIDRPConfigAdmin)
--admin.site.register(APIUser)
++admin.site.register(APIUser, APIUserAdmin)
 === modified file 'identityprovider/models/account.py'
 --- identityprovider/models/account.py	2010-04-21 15:29:24 +0000
 +++ identityprovider/models/account.py	2010-04-30 13:24:33 +0000
@@ -59,10 +59,12 @@
  class Account(models.Model):
      implements(IAccount)
--    date_created = models.DateTimeField(default=datetime.datetime.utcnow)
++    date_created = models.DateTimeField(default=datetime.datetime.utcnow,
++                                        editable=False)
      creation_rationale = \
              models.IntegerField(
                  choices=AccountCreationRationale._get_choices())
++
      status = models.IntegerField(choices=AccountStatus._get_choices())
      date_status_set = models.DateTimeField(default=datetime.datetime.utcnow)
      displayname = models.TextField()
 === modified file 'identityprovider/models/api.py'
 --- identityprovider/models/api.py	2010-04-21 15:29:24 +0000
 +++ identityprovider/models/api.py	2010-04-30 13:24:33 +0000
@@ -10,7 +10,7 @@
  class APIUser(models.Model):
      username = models.CharField(max_length=256)
--    password = models.CharField(max_length=256)
++    password = models.CharField(max_length=256, editable=False)
      created_at = models.DateTimeField(auto_now_add=True)
      updated_at = models.DateTimeField(auto_now=True)
 === modified file 'identityprovider/models/const.py'
 --- identityprovider/models/const.py	2010-04-21 15:29:24 +0000
 +++ identityprovider/models/const.py	2010-04-30 13:24:33 +0000
@@ -1,5 +1,7 @@
  # Copyright 2010 Canonical Ltd.  This software is licensed under the
  # GNU Affero General Public License version 3 (see the file LICENSE).
++from django.utils.translation import ugettext_lazy as _
++
  class BaseConst:
@@ -42,6 +44,21 @@
      DEACTIVATED = 30
      SUSPENDED = 40
++    _verbose = {
++        # The account has not yet been activated.
++        NOACCOUNT: _("No activated"),
++        # The account is active.
++        ACTIVE: _("Active"),
++        # The account has been deactivated by the account's owner.
++        DEACTIVATED: _("Deactivated (by user)"),
++        # The account has been suspended by an admin.
++        SUSPENDED: _("Suspended (by admin)"),
++    }
++
++    @classmethod
++    def _get_choices(cls):
++        return sorted(cls._verbose.items())
++
  class EmailStatus(BaseConst):
      NEW = 1
 === modified file 'identityprovider/models/emailaddress.py'
 --- identityprovider/models/emailaddress.py	2010-04-21 15:29:24 +0000
 +++ identityprovider/models/emailaddress.py	2010-04-30 13:24:33 +0000
@@ -16,7 +16,7 @@
  class EmailAddress(models.Model):
      email = models.TextField()
      person = models.ForeignKey(Person, db_column='person',
--        blank=True, null=True)
++        blank=True, null=True, editable=False)
      status = models.IntegerField(choices=EmailStatus._get_choices())
      date_created = models.DateTimeField(default=datetime.datetime.utcnow,
          blank=True, editable=False)
 === added file 'scripts/generate-random-accounts'
 --- scripts/generate-random-accounts	1970-01-01 00:00:00 +0000
 +++ scripts/generate-random-accounts	2010-04-30 13:24:33 +0000
@@ -0,0 +1,91 @@
++#!/usr/bin/env python
++import os
++import sys
++import random
++import string
++import math
++
++os.environ['DJANGO_SETTINGS_MODULE'] = 'settings'
++sys.path.append('.')
++
++# percent of accounts with associated person
++ACCOUNTS_WITH_PERSON = 0.8
++ACCOUNT_MAX_EMAILS = 5
++
++from identityprovider.models import Account, Person, LPAccount
++from identityprovider.models.const import (
++    AccountCreationRationale, EmailStatus, AccountStatus)
++
++def generate_string(length):
++    return "".join(random.choice(string.lowercase)
++                   for x in range(random.randint(length - 3, length + 3)))
++
++def generate_password():
++    return (generate_string(10) + random.choice(string.digits) +
++            random.choice(string.uppercase))
++
++def generate_email():
++    return "%s@%s.%s" % (generate_string(5), generate_string(8),
++                         random.choice(["com", "edu", "co.uk", "pl", "org"]))
++
++def generate_lp_name():
++    while True:
++        name = "-".join(generate_string(6)
++                        for c in range(random.randint(1, 3)))
++        if Person.objects.filter(name=name).count() == 0:
++            return name
++
++def generate_person(account):
++    Person.objects.create(
++        displayname=account.displayname,
++        name=generate_lp_name(),
++        lp_account=LPAccount.objects.create(
++            openid_identifier=account.openid_identifier)
++    )
++
++def generate_account():
++    account = Account.objects.create_account(
++        " ".join([generate_string(5).title(), generate_string(5).title()]),
++        generate_email(),
++        generate_password(),
++        random.choice(dict(AccountCreationRationale._get_choices()).keys())
++    )
++    for i in range(random.randint(0, ACCOUNT_MAX_EMAILS - 1)):
++        try:
++            account.emailaddress_set.create(
++                qemail=generate_email(),
++                status=random.choice([EmailStatus.NEW,
++                                      EmailStatus.VALIDATED,
++                                      EmailStatus.OLD])
++                )
++        except Exception:
++            # Ignore case when generated email is already in the db
++            pass
++    if random.random() > (1.0 - ACCOUNTS_WITH_PERSON):
++        generate_person(account)
++
++    statuses = [(0.9, AccountStatus.SUSPENDED),
++                (0.8, AccountStatus.DEACTIVATED),
++                (0.6, AccountStatus.NOACCOUNT),
++                (0.0, AccountStatus.ACTIVE)]
++    for probability, status in statuses:
++        if random.random() > probability:
++            account.status = status
++            account.save()
++            break
++    return account
++
++if __name__ == '__main__':
++    try:
++        accounts_count = int(sys.argv[1])
++        print "Generating %d accounts" % accounts_count
++
++        interval = 10 ** (int(math.log10(accounts_count)) - 1)
++        for i in xrange(accounts_count):
++            generate_account()
++            if i > 0 and (i % interval) == 0:
++                print "Created %d accounts" % i
++        print "Created %d accounts" % accounts_count
++
++    except (ValueError, IndexError, TypeError):
++        print "Usage: %s number-of-accounts-to-create" % sys.argv[0]