1. 16 May, 2013 12 commits
  2. 15 May, 2013 20 commits
    • Kostas Papadimitriou's avatar
      astakos: User activation flow improvements · 7319c9be
      Kostas Papadimitriou authored
      Major refactoring on user email verification/activation process
      ---------------------------------------------------------------
      Activation logic moved from dispersed code in functions/view modules to
      ActivationBackend methods. All user activation handling code in astakos views
      and command line utilities was updated to use activation backend instances.
      
      User moderation takes place right after user has verified the email address used
      during the signup process. This solves issues caused when users signed up using
      an existing but not yet verified email, causing invalidation of previously
      moderated accounts.
      
      A bunch of new fields added in AstakosUser model. Those fields added to clear up
      a bit the identification of user status at a given time and additionaly keep
      track of when specific user actions took place as a reference for
      administrators. The following section contains detailed description of each
      introduced field.
      
      Introduced AstakosUser fields
      -----------------------------
      
      Fields get properly set across sigup/activation/moderation processes.
      
      * verification_code
        Unique identifier used instead of user auth token in user email
        verification url. This is initially set when user signup and gets updated
        each time a new verification mail is sent (requested either by admin or user)
      
      * verified_at
        The date user email got verified.
      
      * moderated
        Whether or not the used passed through moderation process.
      
      * moderated_at
        The date user got moderated.
      
      * moderated_data
        A snapshot of user instance by the time of moderation (in json format).
      
      * accepted_policy
        A string to identify if user was automatically moderated/accepted.
      
      * accepted_email
        The email used during user activation.
      
      * deactivated_reason
        Reason user got deactivated, provided by the administrator.
      
      * deactivated_at
        Date user got deactivated.
      
      * activated_at
        Date user got activated.
      
      * is_rejected
        Whether or not account was rejected.
      
      South data migration included.
      ******************************
      
      Handles user entries as follows
      
      Users with no activation_sent date
      ----------------------------------
      - Generate and fill verification_code field.
      - Once user will visit the activation url an additional moderation step
        will be required to activate the user.
      
      Users with verified email which are not active
      ----------------------------------------------
      - Set moderated to True
      - Set is_active to False
      - Set moderated_at to user.auth_token_created
      - Set accepted_email to user.email
      - Set accepted_policy to 'migration'
      - Set deactivated_reason to "migration"
      - Set deactivated_at to user.updated
      
      Users with verified email which are active
      ------------------------------------------
      - Set moderated to True
      - Set moderated_at to user.auth_token_created
      - Set accepted_policy to 'migration'
      - Set accepted_email to user.email
      - Set verified_at to user.moderated_at
      
      Users with no verified email and activation_sent set
      ----------------------------------------------------
      - Set moderated to True
      - Set moderated_at to user.updated
      - Set verification_code to user.auth_token (to avoid invalidating old
        activation urls)
      
      Updated management commands
      ***************************
      - New options --pending-moderation, --pending-verification added in `user-list`
        command.
      - New fields verified/moderated included in `user-list` command.
      - New moderation options `--accept`/`--reject` added in `user-modify` command.
        `--reject` can optionally be combined with `--reject-reason`.
      
      Other changes
      *************
      - Cleaned up explicit smtp error handling when sending email notifications.
      - Prevent already signed in users from using an account activation url
      - Allow user to logout even when latest terms where not accepted
      - Renamed templates
          * helpdesk_notification.txt -> account_activated_notification.txt
          * account_creation_notification.txt ->
              account_pending_moderation_notification.txt
      - Updated im tests
      7319c9be
    • Kostas Papadimitriou's avatar
      astakos: Update tests · f8e6c3cb
      Kostas Papadimitriou authored
      - In sync with new AstakosUser model
      - Remove nested settings wrappers to slightly increase tests performance
      f8e6c3cb
    • Kostas Papadimitriou's avatar
      99280222
    • Kostas Papadimitriou's avatar
      44a40b77
    • Giorgos Korfiatis's avatar
      astakos: Remove two options from resource-import · e0506742
      Giorgos Korfiatis authored
      --service: We do not support automatic importing of resources
      --conf: Use resource-modify to configure resource limit
      e0506742
    • Giorgos Korfiatis's avatar
      astakos: Improve quota syncing · 1542c439
      Giorgos Korfiatis authored
       - Split code that lists and syncs quotas
       - Merge the latter with qh_sync_users
       - Move qh_sync_projects in quotas.py; sync only active members
       - Add missing select for update in project suspend
       - Clean up quotas.py
      1542c439
    • Giorgos Korfiatis's avatar
      201a9714
    • Giorgos Korfiatis's avatar
      astakos: Remove membership policy settings · b0eb658d
      Giorgos Korfiatis authored
      Available join and leave policies are internally defined and should
      not be changed by settings. Move policy descriptions to presentation.py.
      
      Do not convert to string the lookup key in templatetags/filters.py
      b0eb658d
    • Giorgos Korfiatis's avatar
      astakos: Remove obsolete code · 1b7abb22
      Giorgos Korfiatis authored
      Remove project_tests.py, empty package im.endpoints and fixtures
      1b7abb22
    • Christos Stavrakakis's avatar
      859b737b
    • Christos Stavrakakis's avatar
      Use custom method for joining urls · 020a08fa
      Christos Stavrakakis authored
      Implement 'join_urls' method for joining a base URL with a path,
      without worrying about redundant or missing "/". Do not use
      'urlparse.urljoin', since it has different semantics.
      020a08fa
    • Christos Stavrakakis's avatar
      cyclades: fix db migration · 984f8dce
      Christos Stavrakakis authored
      Migration 0066 should not run on a fresh installation.
      984f8dce
    • Sofia Papagiannaki's avatar
      pithos: use common proxy functionality for astakos services · e8bc8a17
      Sofia Papagiannaki authored
      Remove pithos.api.delegate module
      Keep top level api urls for this version
      e8bc8a17
    • Sofia Papagiannaki's avatar
      d8b8aebd
    • Sofia Papagiannaki's avatar
      33fbf102
    • Sofia Papagiannaki's avatar
      pithos: change resource usage retrieval · 064f576f
      Sofia Papagiannaki authored
      Replace ``astakosclient.get_info()`` with ``astakosclient.get_quotas()``
      064f576f
    • Sofia Papagiannaki's avatar
      astakos: change authenticate api call · f1495806
      Sofia Papagiannaki authored
      ``/astakos/api/authenticate`` call
      does not include any more resource usage in the reply.
      (``usage`` request parameter has become obsolete)
      The services in order to get the resource usage should call
      ``/astakos/api/quotas`` instead.
      f1495806
    • Christos Stavrakakis's avatar
      cyclades: Make cyclades work with pycrypto==2.6 · 22aabeec
      Christos Stavrakakis authored
      In PyCrypto 2.6, it is mandatory to use an IV of 16 bytes when using AES
      encryption. This commit updates 'aes_encrypt' module to use a random IV.
      Also, a data migration is required to re-encrypt the old passwords, as
      otherwise it will not possible to decrypt them.
      22aabeec
    • Christos Stavrakakis's avatar
      ac0db874
    • Christos Stavrakakis's avatar
      pep8 fixes · 4ab55fe4
      Christos Stavrakakis authored
      4ab55fe4
  3. 14 May, 2013 8 commits