profiles package¶

Handling OAuth-2 authorization and user authentication.
Verification of students.

User can log in (and sign up) through one of the available OAuth providers (VK, Google). For each social auth a new user (instance of django.contrib.auth.models.User) is created. This process is handled by core.settings.SOCIAL_AUTH_PIPELINE. For each new user an profiles.models.UserProfile is created (See profiles.signals).

profiles.models.StudentInfo stores info about all DGAP students (received from administration). If system can associate logged user with DGAP student (profiles.psa.approve_student()), then link to UserProfile is created.

Each student have only one StudentInfo but can have multile User (one for each OAuth provider)

Todo

Refactoring in auth system needed. Now multiple accounts of singe student are linked through User -> UserProfile -> StudentInfo. Super stupid.

profiles.models module¶

class profiles.models.StudentInfo(*args, **kwargs)[source]¶

Bases: django.db.models.base.Model

Model for storing info about students. Created from administration database. If user is verificated as enrolled student (by vk profile or corporate email), StudentInfo is linked with UserProfile. See profiles.psa.approve_student().

course¶: Course. Valid for students in gap year

fio¶: Student’s full name

first_name¶: Student’s first name

group¶: Academic group. If data is taken from settlement database (like in 2017), for students in gap year group number is outdated. Must be taken into account when managing elections.

last_name¶: Student’s last name

phystech¶: Student’s corporate email - name.surname@phystech.edu. Used for student’s verification

room¶: Student’s room. Currently unused, but who knows?

sex¶

Student’s sex. Currently used to obtain genitive case of user’s name when creating official papers.

See fin_aid.create_paper

static upload_csv(filename='~/spiski.csv')[source]¶: Populate database from csv with student’s data. CSV can be obtained, for example, from settlement database. :param str filename: file name (including path) of csv file with student’s data

vk¶

Link to student’s vk.com profile. It is quite challenging to obtain links for all students, but during last two elections electoral commission did it so we only have to collect accounts of freshmen yearly, which is much easier.

This field includes https:// prefix and contains screen name, not id!

https://vk.com/smnnk, not vk.com/smmnk or https://vk.com/id28749823.

class profiles.models.UserProfile(*args, **kwargs)[source]¶

Bases: django.db.models.base.Model

Helper model, created after each new user registration.

Formerly stored essential data about user, now only links to StudentInfo

dorm¶: Super old, lol

group¶: Not used now

is_approved¶: True if user is approved ad DGAP student. Variable is set in profiles.psa.approve_student()

is_subscribed¶: Currently notifications are moved to standalone app notifications, so this setting should migrate to notification.models.UserNotificationsSettings, because different nitification services are available (vk, email, telegram).

middlename¶: Not used now

room¶: Not used now

student_info¶: Link to StudentInfo

user¶: Link to user

profiles.models.is_same_student(student1: django.contrib.auth.models.User, student2: django.contrib.auth.models.User)[source]¶: Returns True if student1 and student2 are linked to the same StudentInfo (= they belong to one person)

profiles.models.is_same_student_or_admin(student1: django.contrib.auth.models.User, student2: django.contrib.auth.models.User, group_name)[source]¶

Checks if student1 is the same student as student2 or student1 is admin with appropriate access rights.

Returns True if both student1 and student2 are linked to the same StudentInfo or student1 has specific group or student1 is superuser. Can be useful when checkng access/update permissions: student may create object from one social account and then login from another.

profiles.models.same_users_list(user: django.contrib.auth.models.User)[source]¶

Get list of all users, associated with given user’s StudentInfo.

Logins through different OAuth providers create multiple User objects for one student. This function allows us to get list of all User objects, belonging to the same student. It must be taken into account when working with user-related objects.

Let’s imagine fragment of dispatch method in UpdateView

Correct usage:

if author not in same_users_list(user):
    raise PermissionDenied

Incorrect usage:

if author != user:
    raise PermissionDenied

profiles.admin module¶

Admin classes for models in profiles.models.

Quite obvious, only custom admin for django.contrib.auth.models.User may raise some interest. See source code.

profiles.psa module¶

class profiles.psa.MiptOAuth2(strategy=None, *args, **kwargs)[source]¶

Bases: social_core.backends.oauth.BaseOAuth2

MIPT OAuth authentication backend. Not used currently

class profiles.psa.SocialAuthExceptionMiddlewareExtended(get_response=None)[source]¶

Bases: social_django.middleware.SocialAuthExceptionMiddleware

Exception wich raised after authentification error. Describing message is provided

Currently handled errors: AuthForbidden: users can login only with google accounta at @phystech.edu. See core.settings.SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS AuthAlreadyAssociated: you can associate your social account with only on user.

profiles.psa.approve_student(backend, user, response, *args, **kwargs)[source]¶

Tries to verify user as enrolled student.

If backend is google-oauth2, then user.email should be student’s corporate email
If backend is vk-oauth-2, then user.username is vk profile’s screen name

Function is invoked as part of core.settings.SOCIAL_AUTH_PIPELINE. user.email & so on are populated after social login also in that pipeline

profiles.psa.set_middlename(backend, user, response, *args, **kwargs)[source]¶: Legacy social auth middleware to set middlename. Currently middlename is stored in profiles.models.StudentInfo

profiles.app module¶

class profiles.app.ProfilesConfig(app_name, app_module)[source]¶

Bases: django.apps.config.AppConfig

Configuration class for profiles module

ready()[source]¶: Connect profiles.signals

profiles.signals module¶

profiles.signals.create_user_profile(sender, instance, created, **kwargs)[source]¶: Receives post_save signal from User. Creates profiles.models.Userprofile for new users

profiles.signals.update_student_info(sender, instance, created, **kwargs)[source]¶

Receives post_save signal from profiles.models.StudentInfo. Updates linked profiles.models.UserProfile

As UserProfile is no longer used to store ersonal data, this function is unnecessary.

profiles.tests module¶

profiles.urls module¶

URL dispatcher for module profiles.

At root url info about user is shown (see profiles.views.profile_view())
Call to change_subscribing url changes subscribing status - profiles.views.change_subscribing_status()

profiles.views module¶

Currently uses only one template - profiles/profile.html

class profiles.views.UserChangeEmail(**kwargs)[source]¶

Bases: django.views.generic.edit.UpdateView

Legacy function for changing user email. Currently not used

model¶: alias of User

profiles.views.change_subscribing_status(request)[source]¶

Subscribe/unsubscrube from notifications.

request.user.userprofile.is_subscribed = not request.user.userprofile.is_subscribed

profiles.views.profile_view(request)[source]¶

Super old and super shitty view displaying info about current user. Looks like a bit of refactoring needed.

Adds error messages if user is not approved & so on.
Sets context variables with user’s social services logins
Renders template profiles/profile.html