From 804ca2f64909d93de6de3476aa3efcbb399f8698 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Se=CC=81bastien=20De=CC=81le=CC=80ze?= Date: Thu, 4 Jun 2020 11:48:27 +0200 Subject: [PATCH] users: create user record on registration MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Creates a user record when a new account is registered. * Disables `invenio-userprofiles` module. * Exposes and uses user record for displaying user information in templates. * Gives role `user` by default when a new record is created. * Removes `organisation` from required fields for users. * Hides `applications` and `security` menu entries. * Creates a new page for editing user data. * Removes useless CSS rules * Adds CSS rules for standalone editor. * Customizes settings page. Co-Authored-by: Sébastien Délèze --- sonar/config.py | 2 +- sonar/modules/ext.py | 9 ++- sonar/modules/users/cli.py | 10 ++- .../users/jsonschemas/users/user-v1.0.0.json | 1 - sonar/modules/users/signals.py | 44 ++++++++++++ sonar/theme/assets/scss/common/_theme.scss | 25 ++----- .../templates/sonar/accounts/profile.html | 36 ++++++++++ .../templates/sonar/accounts/signup.html | 2 - .../theme/templates/sonar/page_settings.html | 69 +++++++++---------- .../sonar/partial/dropdown_user.html | 6 +- .../theme/templates/sonar/partial/navbar.html | 2 +- sonar/theme/views.py | 37 +++++++++- sonar/translations/de/LC_MESSAGES/messages.po | 12 ++-- sonar/translations/en/LC_MESSAGES/messages.po | 12 ++-- sonar/translations/fr/LC_MESSAGES/messages.po | 12 ++-- sonar/translations/it/LC_MESSAGES/messages.po | 12 ++-- sonar/translations/messages.pot | 9 +-- .../test_shibboleth_handlers.py | 2 +- .../test_shibboleth_views_client.py | 2 +- tests/ui/test_views.py | 26 ++++++- tests/ui/users/test_users_cli.py | 1 + tests/ui/users/test_users_signals.py | 32 +++++++++ 22 files changed, 267 insertions(+), 96 deletions(-) create mode 100644 sonar/modules/users/signals.py create mode 100644 sonar/theme/templates/sonar/accounts/profile.html create mode 100644 tests/ui/users/test_users_signals.py diff --git a/sonar/config.py b/sonar/config.py index 2d056797..2b0729d8 100644 --- a/sonar/config.py +++ b/sonar/config.py @@ -128,7 +128,7 @@ def _(x): # User profiles # ============= -USERPROFILES_EXTEND_SECURITY_FORMS = True +USERPROFILES = False # Celery configuration # ==================== diff --git a/sonar/modules/ext.py b/sonar/modules/ext.py index e3338cdf..8c0e9cf6 100644 --- a/sonar/modules/ext.py +++ b/sonar/modules/ext.py @@ -22,10 +22,13 @@ import jinja2 from flask_assets import Bundle, Environment from flask_bootstrap import Bootstrap +from flask_security import user_registered from flask_wiki import Wiki from sonar.modules.permissions import has_admin_access, has_publisher_access, \ has_superuser_access +from sonar.modules.users.api import current_user_record +from sonar.modules.users.signals import user_registered_handler from sonar.modules.utils import get_switch_aai_providers, get_view_code from . import config @@ -39,7 +42,8 @@ def utility_processor(): has_superuser_access=has_superuser_access, ui_version=config.SONAR_APP_UI_VERSION, aai_providers=get_switch_aai_providers, - view_code=get_view_code()) + view_code=get_view_code(), + current_user_record=current_user_record) class Sonar(object): @@ -82,6 +86,9 @@ def init_app(self, app): app.context_processor(utility_processor) + # Connect to signal sent when a user is created in Flask-Security. + user_registered.connect(user_registered_handler, weak=False) + def init_config(self, app): """Initialize configuration.""" for k in dir(config): diff --git a/sonar/modules/users/cli.py b/sonar/modules/users/cli.py index 581bd40c..f7f1342b 100644 --- a/sonar/modules/users/cli.py +++ b/sonar/modules/users/cli.py @@ -67,9 +67,15 @@ def import_users(infile): password = hash_password(password) del user_data['password'] + if not user_data.get('roles'): + user_data['roles'] = [UserRecord.ROLE_USER] + roles = user_data.get('roles', []).copy() - if not roles or not isinstance(roles, list): - roles = [] + + for role in roles: + if not datastore.find_role(role): + datastore.create_role(name=role) + datastore.commit() # Create account and activate it datastore.create_user(email=email, password=password, roles=roles) diff --git a/sonar/modules/users/jsonschemas/users/user-v1.0.0.json b/sonar/modules/users/jsonschemas/users/user-v1.0.0.json index 55b172aa..f36239a3 100644 --- a/sonar/modules/users/jsonschemas/users/user-v1.0.0.json +++ b/sonar/modules/users/jsonschemas/users/user-v1.0.0.json @@ -142,7 +142,6 @@ "full_name", "email", "roles", - "organisation", "$schema" ] } diff --git a/sonar/modules/users/signals.py b/sonar/modules/users/signals.py new file mode 100644 index 00000000..edf2ec49 --- /dev/null +++ b/sonar/modules/users/signals.py @@ -0,0 +1,44 @@ +# -*- coding: utf-8 -*- +# +# Swiss Open Access Repository +# Copyright (C) 2019 RERO +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, version 3 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +"""Signals for users.""" + +from sonar.modules.users.api import UserRecord, datastore + + +def user_registered_handler(app, user, confirm_token): + """Called when a new user is registered. + + :param app: App context. + :param user: User account. + """ + # Add a default role to user + role = datastore.find_role(UserRecord.ROLE_USER) + datastore.add_role_to_user(user, role) + datastore.commit() + + # Create user record + user_record = UserRecord.get_user_by_email(user.email) + if not user_record: + user_record = UserRecord.create( + { + 'full_name': user.email, + 'email': user.email, + 'roles': [UserRecord.ROLE_USER] + }, + dbcommit=True) + user_record.reindex() diff --git a/sonar/theme/assets/scss/common/_theme.scss b/sonar/theme/assets/scss/common/_theme.scss index c1165fe1..14a9ddaa 100644 --- a/sonar/theme/assets/scss/common/_theme.scss +++ b/sonar/theme/assets/scss/common/_theme.scss @@ -37,25 +37,8 @@ img.logo { @extend .text-light } -// CSS code to allow `ng-csp="no-inline-css"` -[ng\:cloak], -[ng-cloak], -[data-ng-cloak], -[x-ng-cloak], -.ng-cloak, -.x-ng-cloak, -.ng-hide:not(.ng-hide-animate) { - display: none !important; -} - -ng\:form { - display: block; -} - -.ng-animate-shim { - visibility:hidden; -} - -.ng-anchor { - position:absolute; +.standalone-editor { + legend, button.btn-outline-danger { + display: none; + } } diff --git a/sonar/theme/templates/sonar/accounts/profile.html b/sonar/theme/templates/sonar/accounts/profile.html new file mode 100644 index 00000000..cf656067 --- /dev/null +++ b/sonar/theme/templates/sonar/accounts/profile.html @@ -0,0 +1,36 @@ +{# -*- coding: utf-8 -*- + Swiss Open Access Repository + Copyright (C) 2019 RERO + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as published by + the Free Software Foundation, version 3 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see . +#} + +{% extends 'sonar/page_settings.html' %} + +{%- block settings_body scoped %} +
+ +
+{%- endblock settings_body %} + +{%- block javascript %} + + + + + + +{%- endblock javascript %} diff --git a/sonar/theme/templates/sonar/accounts/signup.html b/sonar/theme/templates/sonar/accounts/signup.html index 6dd207b6..d080d756 100644 --- a/sonar/theme/templates/sonar/accounts/signup.html +++ b/sonar/theme/templates/sonar/accounts/signup.html @@ -30,8 +30,6 @@

{{ form_errors(form) }} {{ form.hidden_tag() }} - {{ render_field(form.profile.full_name, errormsg=False) }} - {{ render_field(form.profile.username, errormsg=False) }} {{ render_field(form.email, autofocus=True, errormsg=False) }} {{ render_field(form.password, errormsg=False) }} {%- if form.password_confirm %} diff --git a/sonar/theme/templates/sonar/page_settings.html b/sonar/theme/templates/sonar/page_settings.html index 7b4c68c3..077d36f6 100755 --- a/sonar/theme/templates/sonar/page_settings.html +++ b/sonar/theme/templates/sonar/page_settings.html @@ -20,48 +20,43 @@ {%- block body scoped %}
-
- {%- block settings_menu scoped %} -
-
-
{{ _('Settings') }}
-
    - {%- for item in current_menu.submenu('settings').children if item.visible %} - {%- block settings_menu_item scoped %} - - {{ item.text|safe }} - +
    + {%- block settings_menu scoped %} +
      + {%- for item in current_menu.submenu('settings').children if item.visible %} + {%- block settings_menu_item scoped %} + + {{ item.text|safe }} + + {%- endblock %} + {%- endfor %} +
    + {%- endblock %} +
    +
    + {%- block settings_content scoped %} +
    +
    +
    + {%- block settings_content_title scoped %} + {%- if panel_icon %} + {%- block settings_content_title_icon scoped %} + + {%- endblock %} + {%- endif %} + {{ panel_title|default("") }} {%- endblock %} - {%- endfor %} -
-
- {%- endblock %} -
-
- {%- block settings_content scoped %} -
-
-
- {%- block settings_content_title scoped %} - {%- if panel_icon %} - {%- block settings_content_title_icon scoped %} - - {%- endblock %} - {%- endif %} - {{ panel_title|default("") }} - {%- endblock %} -
- {%- block settings_body scoped %} -
- {%- block settings_form scoped %} - {%- endblock settings_form %} -
- {%- endblock settings_body %} + {%- block settings_body scoped %} +
+ {%- block settings_form scoped %} + {%- endblock settings_form %}
+ {%- endblock settings_body %}
- {%- endblock %}
+ {%- endblock %} +
{%- endblock %} diff --git a/sonar/theme/templates/sonar/partial/dropdown_user.html b/sonar/theme/templates/sonar/partial/dropdown_user.html index f83bf928..d01e2e00 100644 --- a/sonar/theme/templates/sonar/partial/dropdown_user.html +++ b/sonar/theme/templates/sonar/partial/dropdown_user.html @@ -16,12 +16,10 @@ #}
-
{{current_user.email}}
- {%- if config.USERPROFILES %} - +
{{current_user_record.email}}
+ {{_('Profile')}} - {% endif %} {% if has_superuser_access() %} {{_('Super administration')}} diff --git a/sonar/theme/templates/sonar/partial/navbar.html b/sonar/theme/templates/sonar/partial/navbar.html index d5362722..fc0d8f24 100644 --- a/sonar/theme/templates/sonar/partial/navbar.html +++ b/sonar/theme/templates/sonar/partial/navbar.html @@ -88,7 +88,7 @@ {% include 'sonar/partial/dropdown_user.html' %} {% endwith %} diff --git a/sonar/theme/views.py b/sonar/theme/views.py index 3003fe3b..0e25c537 100644 --- a/sonar/theme/views.py +++ b/sonar/theme/views.py @@ -26,9 +26,12 @@ import re -from flask import Blueprint, abort, current_app, jsonify, render_template, \ - request -from flask_login import current_user +from flask import Blueprint, abort, current_app, jsonify, redirect, \ + render_template, request, url_for +from flask_babelex import lazy_gettext as _ +from flask_breadcrumbs import register_breadcrumb +from flask_login import current_user, login_required +from flask_menu import current_menu, register_menu from invenio_jsonschemas import current_jsonschemas from invenio_jsonschemas.errors import JSONSchemaNotFound @@ -46,6 +49,34 @@ static_folder='static') +@blueprint.before_app_request +def init_view(): + """Do some stuff before rendering any view.""" + current_menu.submenu('settings').submenu('security').hide() + current_menu.submenu('settings').submenu('applications').hide() + + +@blueprint.route('/users/profile') +@blueprint.route('/users/profile/') +@login_required +@register_menu(blueprint, 'settings.profile', + _('%(icon)s Profile', icon='')) +@register_breadcrumb(blueprint, 'breadcrumbs.profile', _('Profile')) +def profile(pid=None): + """Logged user profile edition page. + + :param pid: Logged user PID. + """ + if pid and pid != current_user_record['pid']: + abort(403) + + if not pid: + return redirect( + url_for('sonar.profile', pid=current_user_record['pid'])) + + return render_template('sonar/accounts/profile.html') + + @blueprint.route('/error') def error(): """Error to generate exception for test purposes.""" diff --git a/sonar/translations/de/LC_MESSAGES/messages.po b/sonar/translations/de/LC_MESSAGES/messages.po index 12c6766f..bbd91d8c 100644 --- a/sonar/translations/de/LC_MESSAGES/messages.po +++ b/sonar/translations/de/LC_MESSAGES/messages.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: sonar 0.4.0\n" "Report-Msgid-Bugs-To: software@rero.ch\n" -"POT-Creation-Date: 2020-06-05 10:30+0200\n" +"POT-Creation-Date: 2020-06-05 10:32+0200\n" "PO-Revision-Date: 2020-05-13 05:58+0000\n" "Last-Translator: Nicolas Prongué , 2020\n" "Language: de\n" @@ -20,6 +20,10 @@ msgstr "" "Content-Transfer-Encoding: 8bit\n" "Generated-By: Babel 2.8.0\n" +#, python-format +msgid "%(icon)s Profile" +msgstr "" + msgid "Abstract" msgstr "" @@ -514,9 +518,6 @@ msgstr "" msgid "Series to which belongs the resource." msgstr "" -msgid "Settings" -msgstr "" - msgid "Sign Up" msgstr "" @@ -2747,3 +2748,6 @@ msgstr "" msgid "vol." msgstr "" +#~ msgid "Settings" +#~ msgstr "" + diff --git a/sonar/translations/en/LC_MESSAGES/messages.po b/sonar/translations/en/LC_MESSAGES/messages.po index 0ed4f716..2d2d774d 100644 --- a/sonar/translations/en/LC_MESSAGES/messages.po +++ b/sonar/translations/en/LC_MESSAGES/messages.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: sonar 0.4.0\n" "Report-Msgid-Bugs-To: software@rero.ch\n" -"POT-Creation-Date: 2020-06-05 10:30+0200\n" +"POT-Creation-Date: 2020-06-05 10:32+0200\n" "PO-Revision-Date: 2020-05-13 05:58+0000\n" "Last-Translator: Nicolas Prongué , 2020\n" "Language: en\n" @@ -20,6 +20,10 @@ msgstr "" "Content-Transfer-Encoding: 8bit\n" "Generated-By: Babel 2.8.0\n" +#, python-format +msgid "%(icon)s Profile" +msgstr "" + msgid "Abstract" msgstr "" @@ -514,9 +518,6 @@ msgstr "" msgid "Series to which belongs the resource." msgstr "" -msgid "Settings" -msgstr "" - msgid "Sign Up" msgstr "" @@ -2747,3 +2748,6 @@ msgstr "" msgid "vol." msgstr "" +#~ msgid "Settings" +#~ msgstr "" + diff --git a/sonar/translations/fr/LC_MESSAGES/messages.po b/sonar/translations/fr/LC_MESSAGES/messages.po index bef4dc94..575f3fd0 100644 --- a/sonar/translations/fr/LC_MESSAGES/messages.po +++ b/sonar/translations/fr/LC_MESSAGES/messages.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: sonar 0.4.0\n" "Report-Msgid-Bugs-To: software@rero.ch\n" -"POT-Creation-Date: 2020-06-05 10:30+0200\n" +"POT-Creation-Date: 2020-06-05 10:32+0200\n" "PO-Revision-Date: 2020-05-13 05:58+0000\n" "Last-Translator: MarionRERO , 2020\n" "Language: fr\n" @@ -21,6 +21,10 @@ msgstr "" "Content-Transfer-Encoding: 8bit\n" "Generated-By: Babel 2.8.0\n" +#, python-format +msgid "%(icon)s Profile" +msgstr "" + msgid "Abstract" msgstr "Résumé" @@ -523,9 +527,6 @@ msgstr "Série" msgid "Series to which belongs the resource." msgstr "Série à laquelle appartient la ressource." -msgid "Settings" -msgstr "Paramètres" - msgid "Sign Up" msgstr "S'inscrire" @@ -2763,3 +2764,6 @@ msgstr "utilisateur" msgid "vol." msgstr "vol." +#~ msgid "Settings" +#~ msgstr "Paramètres" + diff --git a/sonar/translations/it/LC_MESSAGES/messages.po b/sonar/translations/it/LC_MESSAGES/messages.po index 7b1ed0fb..1240f82b 100644 --- a/sonar/translations/it/LC_MESSAGES/messages.po +++ b/sonar/translations/it/LC_MESSAGES/messages.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: sonar 0.4.0\n" "Report-Msgid-Bugs-To: software@rero.ch\n" -"POT-Creation-Date: 2020-06-05 10:30+0200\n" +"POT-Creation-Date: 2020-06-05 10:32+0200\n" "PO-Revision-Date: 2020-05-13 05:58+0000\n" "Last-Translator: Nicolas Prongué , 2020\n" "Language: it\n" @@ -20,6 +20,10 @@ msgstr "" "Content-Transfer-Encoding: 8bit\n" "Generated-By: Babel 2.8.0\n" +#, python-format +msgid "%(icon)s Profile" +msgstr "" + msgid "Abstract" msgstr "" @@ -514,9 +518,6 @@ msgstr "" msgid "Series to which belongs the resource." msgstr "" -msgid "Settings" -msgstr "" - msgid "Sign Up" msgstr "" @@ -2747,3 +2748,6 @@ msgstr "" msgid "vol." msgstr "" +#~ msgid "Settings" +#~ msgstr "" + diff --git a/sonar/translations/messages.pot b/sonar/translations/messages.pot index b8e78cb6..828d788d 100644 --- a/sonar/translations/messages.pot +++ b/sonar/translations/messages.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: sonar 0.4.0\n" "Report-Msgid-Bugs-To: software@rero.ch\n" -"POT-Creation-Date: 2020-06-05 10:30+0200\n" +"POT-Creation-Date: 2020-06-05 10:32+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -17,6 +17,10 @@ msgstr "" "Content-Transfer-Encoding: 8bit\n" "Generated-By: Babel 2.8.0\n" +#, python-format +msgid "%(icon)s Profile" +msgstr "" + msgid "Abstract" msgstr "" @@ -511,9 +515,6 @@ msgstr "" msgid "Series to which belongs the resource." msgstr "" -msgid "Settings" -msgstr "" - msgid "Sign Up" msgstr "" diff --git a/tests/ui/shibboleth_authenticator/test_shibboleth_handlers.py b/tests/ui/shibboleth_authenticator/test_shibboleth_handlers.py index 42995a3a..be4a3f55 100644 --- a/tests/ui/shibboleth_authenticator/test_shibboleth_handlers.py +++ b/tests/ui/shibboleth_authenticator/test_shibboleth_handlers.py @@ -23,7 +23,7 @@ authorized_signup_handler -def test_authorized_signup_handler(app, valid_sp_configuration, +def test_authorized_signup_handler(app, roles, valid_sp_configuration, valid_attributes, monkeypatch): """Test signup handler.""" app.config.update(SHIBBOLETH_SERVICE_PROVIDER=valid_sp_configuration) diff --git a/tests/ui/shibboleth_authenticator/test_shibboleth_views_client.py b/tests/ui/shibboleth_authenticator/test_shibboleth_views_client.py index cdbaeef1..b8219019 100644 --- a/tests/ui/shibboleth_authenticator/test_shibboleth_views_client.py +++ b/tests/ui/shibboleth_authenticator/test_shibboleth_views_client.py @@ -43,7 +43,7 @@ def test_login(app, client, valid_sp_configuration): assert client.get('/shibboleth/login/idp').status_code == 500 -def test_authorized(monkeypatch, app, client, user_without_role, +def test_authorized(monkeypatch, app, client, roles, user_without_role, valid_attributes): """Test authorized view.""" # Test unexisting identity provider diff --git a/tests/ui/test_views.py b/tests/ui/test_views.py index be759717..b33bb0f7 100644 --- a/tests/ui/test_views.py +++ b/tests/ui/test_views.py @@ -19,7 +19,8 @@ import pytest from flask import url_for -from invenio_accounts.testutils import login_user_via_session +from invenio_accounts.testutils import login_user_via_session, \ + login_user_via_view def test_error(client): @@ -158,3 +159,26 @@ def test_schemas(client, admin, user): assert res.status_code == 200 assert not res.json['schema']['properties'].get('organisation') assert not res.json['schema']['properties'].get('roles') + + +def test_profile(client, user): + """Test profile page.""" + # Not logged + res = client.get(url_for('sonar.profile')) + assert res.status_code == 302 + assert res.location.find('/login/') != -1 + + # Logged and redirected with user PID as param + login_user_via_view(client, email=user['email'], password='123456') + res = client.get(url_for('sonar.profile')) + assert res.status_code == 302 + assert res.location.find( + '/users/profile/{pid}'.format(pid=user['pid'])) != -1 + + # Logged + res = client.get(url_for('sonar.profile', pid=user['pid'])) + assert res.status_code == 200 + + # Wrong PID + res = client.get(url_for('sonar.profile', pid='wrong')) + assert res.status_code == 403 diff --git a/tests/ui/users/test_users_cli.py b/tests/ui/users/test_users_cli.py index 1b37c4b1..3aab6254 100644 --- a/tests/ui/users/test_users_cli.py +++ b/tests/ui/users/test_users_cli.py @@ -55,3 +55,4 @@ def test_import_users(app, script_info, organisation): obj=script_info) user = datastore.find_user(email='rero.sonar+user@gmail.com') assert user + assert user.roles[0].name == 'user' diff --git a/tests/ui/users/test_users_signals.py b/tests/ui/users/test_users_signals.py new file mode 100644 index 00000000..e111d77e --- /dev/null +++ b/tests/ui/users/test_users_signals.py @@ -0,0 +1,32 @@ +# -*- coding: utf-8 -*- +# +# Swiss Open Access Repository +# Copyright (C) 2019 RERO +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, version 3 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +"""Test signals for users.""" + +from sonar.modules.users.api import UserRecord +from sonar.modules.users.signals import user_registered_handler + + +def test_user_registered_handler(app, roles, user_without_role): + """Test user confirmed signal.""" + assert not user_without_role.roles + user_registered_handler(app, user_without_role, None) + assert user_without_role.roles[0].name == 'user' + + user = UserRecord.get_user_by_email(user_without_role.email) + assert user + assert user['roles'] == ['user']