Merge pull request #101 from AERPAW-Platform-Control/develop

Release prep

accounts/cilogon_auth.py

@@ -1,8 +1,14 @@
 import unicodedata
 
+from django.conf import settings
+from django.contrib import messages
 from django.contrib.auth.models import Group
+from django.core.mail import BadHeaderError
+from django.http import HttpResponse
 from mozilla_django_oidc.auth import OIDCAuthenticationBackend
 
+from usercomms.usercomms import portal_mail
+
 
 def generate_username(oidc_claim_email):
     # Using Python 3 and Django 1.11+, usernames can contain alphanumeric
@@ -65,6 +71,28 @@ def create_user(self, claims):
         user.groups.add(aug)
         user.save()
 
+        # send welcome email and set initial usercomm message
+        sender = settings.EMAIL_HOST_USER
+        reference_url = 'https://' + str(self.request.get_host()) + '/accounts/profile'
+        body_message = """
+Welcome to the AERPAW Portal
+        
+User manuals, tutorials, and other relevant documentation can be found at the following links; 
+please refer to relevant instructions before attempting to use this Portal.
+- AERPAW main website: https://www.aerpaw.org
+- AERPAW wiki: https://sites.google.com/ncsu.edu/aerpaw-wiki
+- AERPAW Acceptable Use Policy: https://sites.google.com/ncsu.edu/aerpaw-wiki/aerpaw-user-manual/2-experiment-web-portal/acceptable-use-policy-aup
+"""
+        reference_note = 'New user signup for: ' + user.display_name
+        subject = '[AERPAW] Welcome ' + user.display_name + ' to the AERPAW portal!'
+        receivers = [user]
+        try:
+            portal_mail(subject=subject, body_message=body_message, sender=sender, receivers=receivers,
+                        reference_note=reference_note, reference_url=reference_url)
+            messages.info(self.request, 'Success! Welcome email to user: ' + user.display_name + ' has been sent')
+        except BadHeaderError:
+            return HttpResponse('Invalid header found.')
+
         return user
 
     def update_user(self, user, claims):

accounts/forms.py

@@ -40,16 +40,18 @@ class AerpawRoleRequestForm(forms.ModelForm):
     def __init__(self, *args, **kwargs):
         self.user = kwargs.pop('user', None)
         super(AerpawRoleRequestForm, self).__init__(*args, **kwargs)
-        self.fields['purpose'].label = "Reason for request?"
+        self.fields['purpose'].label = "Purpose of request?"
         all_choices = AerpawUserRoleChoice.choices()
         cur_roles = self.user.groups.all()
-        cur_role_list = []
+        # per GH issue #85 - hide administrative roles from dropdown list
+        cur_role_list = ['site_admin', 'operator', 'resource_manager', 'user_manager']
         for role in cur_roles:
             cur_role_list.append(str(role))
         display_choices = [('', '--------')]
         for ch in all_choices:
             if str(ch[0]) not in cur_role_list:
                 display_choices.append(ch)
+        display_choices.sort()
         self.fields['requested_role'].choices = display_choices
 
     class Meta:
@@ -61,5 +63,5 @@ class Meta:
 
     requested_role = forms.ChoiceField(
         widget=forms.Select,
-        label='Role Function'
+        label='Requested Role'
     )

accounts/models.py

@@ -21,12 +21,12 @@
 
 
 class AerpawUserRoleChoice(Enum):  # A subclass of Enum
-    site_admin = 'is Administrator'
-    operator = 'is Operator'
-    project_manager = 'can Create Projects'
-    resource_manager = 'can Manage Resources'
-    user_manager = 'can Manager User Roles'
-    aerpaw_user = 'is AERPAW User'
+    site_admin = 'Administrator'
+    operator = 'Operator'
+    project_manager = 'Principal Investigator (PI)'
+    resource_manager = 'Resource Manager'
+    user_manager = 'User Role Manager'
+    aerpaw_user = 'AERPAW User'
 
     @classmethod
     def choices(cls):
@@ -95,7 +95,7 @@ def is_site_admin(self):
 def is_PI(user):
     print(user)
     print(user.groups.all())
-    return user.groups.filter(name='PI').exists()
+    return user.groups.filter(name='project_manager').exists()
 
 
 def is_project_member(user, project_group):

accounts/views.py

@@ -1,15 +1,16 @@
-# accounts/views.py
-
 import os
 import subprocess
 import tempfile
 from zipfile import ZipFile
 
 from django.contrib import messages
 from django.contrib.auth.decorators import login_required
+from django.core.mail import BadHeaderError
 from django.http import FileResponse
+from django.http import HttpResponse
 from django.shortcuts import render, redirect
 
+from usercomms.usercomms import portal_mail
 from .accounts import create_new_role_request
 from .forms import AerpawUserSignupForm, AerpawUserCredentialForm, AerpawRoleRequestForm, AerpawUser
 from .models import create_new_signup, update_credential
@@ -46,16 +47,39 @@ def request_roles(request):
     :param request:
     :return:
     """
-    if request.method == "POST":
+    if request.user.is_aerpaw_user() and request.user.is_project_manager():
+        has_role_options = False
+    else:
+        has_role_options = True
+    if request.method == 'GET':
+        form = AerpawRoleRequestForm(user=request.user)
+    else:
         form = AerpawRoleRequestForm(request.POST, user=request.user)
         if form.is_valid():
-            # signup_uuid = create_new_signup(request, form)
             role_request = create_new_role_request(request, form)
-            messages.info(request, 'INFO: Role Request has been created for - {0}'.format(str(role_request)))
+            subject = '[AERPAW] User: ' + request.user.display_name + ' has requested role: ' + role_request
+            body_message = form.cleaned_data['purpose']
+            sender = request.user
+            receivers = []
+            if role_request == 'is Administrator':
+                user_managers = AerpawUser.objects.filter(is_superuser=True).distinct()
+            elif role_request in ['is Operator', 'can Manage Resources', 'can Manage User Roles']:
+                user_managers = AerpawUser.objects.filter(groups__name__in=['site_admin']).distinct()
+            else:
+                user_managers = AerpawUser.objects.filter(groups__name__in=['site_admin', 'user_manager']).distinct()
+            for um in user_managers:
+                receivers.append(um)
+            reference_note = 'Add role ' + str(role_request)
+            reference_url = 'https://' + str(request.get_host()) + '/manage/user_requests'
+            try:
+                portal_mail(subject=subject, body_message=body_message, sender=sender, receivers=receivers,
+                            reference_note=reference_note, reference_url=reference_url)
+                messages.info(request, 'Success! Request to add role: ' + role_request + ' has been sent')
+            except BadHeaderError:
+                return HttpResponse('Invalid header found.')
             return redirect('profile')
-    else:
-        form = AerpawRoleRequestForm(user=request.user)
-    return render(request, 'request_roles.html', {'form': form})
+
+    return render(request, 'request_roles.html', {'form': form, 'has_role_options': has_role_options})
 
 
 @login_required
@@ -89,7 +113,7 @@ def credential(request):
         if 'savebtn' in request.POST and form.is_valid():
             if request.POST['publickey']:
                 update_credential(request, form)
-                form = AerpawUserCredentialForm() # clear form
+                form = AerpawUserCredentialForm()  # clear form
             render(request, 'credential.html', {'form': form})
 
         elif 'generatebtn' in request.POST:
@@ -109,7 +133,6 @@ def credential(request):
                     open(os.path.join(tempfile.gettempdir(), 'aerpaw_id_rsa.zip'), 'rb'),
                     as_attachment=True)
             except Exception as e:
-                print(output)
                 print(e)
     else:
         form = AerpawUserCredentialForm()

base/settings.py

@@ -22,6 +22,7 @@
 load_dotenv(verbose=True, dotenv_path=env_path)
 
 SESSION_EXPIRE_AT_BROWSER_CLOSE = True
+SESSION_COOKIE_AGE = 3600
 
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/3.1/howto/deployment/checklist/
@@ -56,8 +57,9 @@
     'experiments',  # aerpaw experiments
     'projects',  # aerpaw projects
     'profiles',  # aerpaw profiles
-    'cicd',  # aerpaw cicd
+    # 'cicd',  # aerpaw cicd (RM_CICD: Deactivate until further notice 8/15/2021)
     'user_groups',  # user_groups
+    'usercomms',  # aerpaw user communications
 ]
 
 AUTHENTICATION_BACKENDS = (
@@ -91,8 +93,9 @@
             os.path.join(BASE_DIR, 'templates/reservations'),
             os.path.join(BASE_DIR, 'templates/resources'),
             os.path.join(BASE_DIR, 'templates/profiles'),
-            os.path.join(BASE_DIR, 'templates/cicd'),
+            # os.path.join(BASE_DIR, 'templates/cicd'),
             os.path.join(BASE_DIR, 'templates/manage'),
+            os.path.join(BASE_DIR, 'templates/usercomms'),
         ],
         'APP_DIRS': True,
         'OPTIONS': {
@@ -213,7 +216,13 @@
 # Auth user model (custom user account)
 AUTH_USER_MODEL = 'accounts.AerpawUser'
 
-# AERPAW Email 
+# Django running behind Nginx reverse proxy
+USE_X_FORWARDED_HOST = True
+
+# AERPAW Email for development (use only 1 email backend at a time)
+# EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
+
+# AERPAW Email for production (use only 1 email backend at a time)
 EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
 EMAIL_HOST = os.getenv('EMAIL_HOST')
 EMAIL_PORT = os.getenv('EMAIL_PORT')
@@ -225,3 +234,5 @@
 
 # account for Django 3.2 (Warning models.W042)
 DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'
+
+AERPAW_MAP_URL = os.getenv('AERPAW_MAP_URL', None)

base/urls.py

@@ -30,6 +30,7 @@
     path('reservations/', include('reservations.urls')),
     path('resources/', include('resources.urls')),
     path('profile/', include('profiles.urls')),
-    path('cicd/', include('cicd.urls')),
+    # path('cicd/', include('cicd.urls')), # RM_CICD
     path('manage/', include('user_groups.urls')),
+    path('messages/', include('usercomms.urls')),
 ]

base/views.py

@@ -1,8 +1,6 @@
-from uuid import UUID
 import os
-from django.contrib import messages
-from django.shortcuts import render, redirect, get_object_or_404
-from django.utils import timezone
+
+from django.shortcuts import render
 
 
 def home(request):
@@ -18,4 +16,4 @@ def home(request):
         }
         return render(request, 'home.html', {'operator_cicd': operator_cicd})
     else:
-        return render(request, 'home.html')
+        return render(request, 'home.html')

compose/development-compose.yml

@@ -2,8 +2,9 @@ version: '3.6'
 services:
 
   database:
-    image: postgres:12
+    image: postgres:14
     container_name: aerpaw-db
+    restart: unless-stopped
     ports:
       - ${POSTGRES_PORT}:5432
     volumes:
@@ -18,6 +19,7 @@ services:
   nginx:
     image: nginx:1
     container_name: aerpaw-nginx
+    restart: unless-stopped
     ports:
       - ${NGINX_HTTP_PORT}:80
       - ${NGINX_HTTPS_PORT}:443