Newer
Older
David Ormsbee
committed
"""
Models for User Information (students, staff, etc)
David Ormsbee
committed
David Ormsbee
committed
If you make changes to this model, be sure to create an appropriate migration
file and check it in at the same time as your model changes. To do that,
1. Go to the edx-platform dir
2. ./manage.py lms schemamigration student --auto description_of_your_change
3. Add the migration file created in edx-platform/common/djangoapps/student/migrations/
David Ormsbee
committed
"""
import hashlib
import json
import logging
import uuid
from collections import OrderedDict, defaultdict, namedtuple
from datetime import datetime, timedelta
from functools import total_ordering
from importlib import import_module
David Ormsbee
committed
from config_models.models import ConfigurationModel
from course_modes.models import CourseMode, get_cosmetic_verified_display_price
from django.apps import apps
David Ormsbee
committed
from django.conf import settings
from django.contrib.auth.models import User
Brian Wilson
committed
from django.contrib.auth.signals import user_logged_in, user_logged_out
from django.contrib.sites.models import Site
from django.core.cache import cache
from django.core.exceptions import MultipleObjectsReturned, ObjectDoesNotExist
from django.core.validators import FileExtensionValidator, RegexValidator
from django.db.models import Count, Q, Index
from django.db.models.signals import post_save, pre_save
from django.db.utils import ProgrammingError
from django.dispatch import receiver
from django.utils.encoding import python_2_unicode_compatible
from django.utils.functional import cached_property
from django.utils.translation import ugettext_lazy as _
from django.utils.translation import ugettext_noop
from django_countries.fields import CountryField
from edx_django_utils.cache import RequestCache
from edx_rest_api_client.exceptions import SlumberBaseException
from eventtracking import tracker
from model_utils.models import TimeStampedModel
from opaque_keys.edx.django.models import CourseKeyField
from opaque_keys.edx.keys import CourseKey
from simple_history.models import HistoricalRecords
from six import text_type
from six.moves import range
from six.moves.urllib.parse import urlencode
from slumber.exceptions import HttpClientError, HttpServerError
from student.signals import ENROLL_STATUS_CHANGE, ENROLLMENT_TRACK_UPDATED, UNENROLL_DONE
from track import contexts, segment
from util.milestones_helpers import is_entrance_exams_enabled
from util.model_utils import emit_field_changed_events, get_changed_fields_dict
from util.query import use_read_replica_if_available
import openedx.core.djangoapps.django_comment_common.comment_client as cc
from lms.djangoapps.certificates.models import GeneratedCertificate
from lms.djangoapps.courseware.models import (
CourseDynamicUpgradeDeadlineConfiguration,
DynamicUpgradeDeadlineConfiguration,
OrgDynamicUpgradeDeadlineConfiguration
)
from lms.djangoapps.verify_student.models import SoftwareSecurePhotoVerification
from openedx.core.djangoapps.content.course_overviews.models import CourseOverview
from openedx.core.djangoapps.enrollments.api import (
_default_course_mode,
get_enrollment_attributes,
set_enrollment_attributes
)
from openedx.core.djangoapps.site_configuration import helpers as configuration_helpers
from openedx.core.djangoapps.xmodule_django.models import NoneToEmptyManager
from openedx.core.djangolib.model_mixins import DeletableByUserValue
Renzo Lucioni
committed
David Ormsbee
committed
log = logging.getLogger(__name__)
Brian Wilson
committed
AUDIT_LOG = logging.getLogger("audit")
SessionStore = import_module(settings.SESSION_ENGINE).SessionStore # pylint: disable=invalid-name
# enroll status changed events - signaled to email_marketing. See email_marketing.tasks for more info
# ENROLL signal used for free enrollment only
class EnrollStatusChange(object):
"""
Possible event types for ENROLL_STATUS_CHANGE signal
"""
# enroll for a course
enroll = 'enroll'
# unenroll for a course
unenroll = 'unenroll'
# add an upgrade to cart
upgrade_start = 'upgrade_start'
# complete an upgrade purchase
upgrade_complete = 'upgrade_complete'
# add a paid course to the cart
paid_start = 'paid_start'
# complete a paid course purchase
paid_complete = 'paid_complete'
UNENROLLED_TO_ALLOWEDTOENROLL = u'from unenrolled to allowed to enroll'
ALLOWEDTOENROLL_TO_ENROLLED = u'from allowed to enroll to enrolled'
ENROLLED_TO_ENROLLED = u'from enrolled to enrolled'
ENROLLED_TO_UNENROLLED = u'from enrolled to unenrolled'
UNENROLLED_TO_ENROLLED = u'from unenrolled to enrolled'
ALLOWEDTOENROLL_TO_UNENROLLED = u'from allowed to enroll to enrolled'
UNENROLLED_TO_UNENROLLED = u'from unenrolled to unenrolled'
DEFAULT_TRANSITION_STATE = u'N/A'
SCORE_RECALCULATION_DELAY_ON_ENROLLMENT_UPDATE = 30
TRANSITION_STATES = (
(UNENROLLED_TO_ALLOWEDTOENROLL, UNENROLLED_TO_ALLOWEDTOENROLL),
(ALLOWEDTOENROLL_TO_ENROLLED, ALLOWEDTOENROLL_TO_ENROLLED),
(ENROLLED_TO_ENROLLED, ENROLLED_TO_ENROLLED),
(ENROLLED_TO_UNENROLLED, ENROLLED_TO_UNENROLLED),
(UNENROLLED_TO_ENROLLED, UNENROLLED_TO_ENROLLED),
(ALLOWEDTOENROLL_TO_UNENROLLED, ALLOWEDTOENROLL_TO_UNENROLLED),
(UNENROLLED_TO_UNENROLLED, UNENROLLED_TO_UNENROLLED),
(DEFAULT_TRANSITION_STATE, DEFAULT_TRANSITION_STATE)
)
class AnonymousUserId(models.Model):
"""
This table contains user, course_Id and anonymous_user_id
Purpose of this table is to provide user by anonymous_user_id.
We generate anonymous_user_id using md5 algorithm,
and use result in hex form, so its length is equal to 32 bytes.
.. no_pii: We store anonymous_user_ids here, but do not consider them PII under OEP-30.
objects = NoneToEmptyManager()
user = models.ForeignKey(User, db_index=True, on_delete=models.CASCADE)
anonymous_user_id = models.CharField(unique=True, max_length=32)
course_id = CourseKeyField(db_index=True, max_length=255, blank=True)
def anonymous_id_for_user(user, course_id, save=True):
"""
Return a unique id for a (user, course) pair, suitable for inserting
into e.g. personalized survey links.
If user is an `AnonymousUser`, returns `None`
Keyword arguments:
save -- Whether the id should be saved in an AnonymousUserId object.
"""
# This part is for ability to get xblock instance in xblock_noauth handlers, where user is unauthenticated.
assert user
if user.is_anonymous:
Calen Pennington
committed
cached_id = getattr(user, '_anonymous_id', {}).get(course_id)
if cached_id is not None:
return cached_id
# include the secret key as a salt, and to make the ids unique across different LMS installs.
hasher = hashlib.md5()
hasher.update(settings.SECRET_KEY.encode('utf8'))
hasher.update(text_type(user.id).encode('utf8'))
if course_id:
hasher.update(text_type(course_id).encode('utf-8'))
digest = hasher.hexdigest()
if not hasattr(user, '_anonymous_id'):
user._anonymous_id = {} # pylint: disable=protected-access
user._anonymous_id[course_id] = digest # pylint: disable=protected-access
if save is False:
return digest
try:
AnonymousUserId.objects.get_or_create(
user=user,
course_id=course_id,
anonymous_user_id=digest,
)
except IntegrityError:
# Another thread has already created this entry, so
# continue
pass
return digest
"""
Return user by anonymous_user_id using AnonymousUserId lookup table.
Do not raise `django.ObjectDoesNotExist` exception,
if there is no user for anonymous_student_id,
because this function will be used inside xmodule w/o django access.
"""
request_cache = RequestCache('user_by_anonymous_id')
cache_response = request_cache.get_cached_response(uid)
if cache_response.is_found:
return cache_response.value
user = User.objects.get(anonymoususerid__anonymous_user_id=uid)
request_cache.set(uid, user)
return user
def is_username_retired(username):
"""
Checks to see if the given username has been previously retired
"""
locally_hashed_usernames = user_util.get_all_retired_usernames(
username,
settings.RETIRED_USER_SALTS,
settings.RETIRED_USERNAME_FMT
)
# TODO: Revert to this after username capitalization issues detailed in
# PLAT-2276, PLAT-2277, PLAT-2278 are sorted out:
# return User.objects.filter(username__in=list(locally_hashed_usernames)).exists()
# Avoid circular import issues
from openedx.core.djangoapps.user_api.models import UserRetirementStatus
# Sandbox clean builds attempt to create users during migrations, before the database
# is stable so UserRetirementStatus may not exist yet. This workaround can also go
# when we are done with the username updates.
try:
return User.objects.filter(username__in=list(locally_hashed_usernames)).exists() or \
UserRetirementStatus.objects.filter(original_username=username).exists()
except ProgrammingError as exc:
# Check the error message to make sure it's what we expect
if "user_api_userretirementstatus" in text_type(exc):
return User.objects.filter(username__in=list(locally_hashed_usernames)).exists()
raise
def username_exists_or_retired(username):
"""
Check a username for existence -or- retirement against the User model.
"""
return User.objects.filter(username=username).exists() or is_username_retired(username)
def is_email_retired(email):
"""
Checks to see if the given email has been previously retired
"""
locally_hashed_emails = user_util.get_all_retired_emails(
email,
settings.RETIRED_USER_SALTS,
settings.RETIRED_EMAIL_FMT
)
return User.objects.filter(email__in=list(locally_hashed_emails)).exists()
def email_exists_or_retired(email):
"""
Check an email against the User model for existence.
"""
return User.objects.filter(email=email).exists() or is_email_retired(email)
def get_retired_username_by_username(username):
"""
If a UserRetirementStatus object with an original_username matching the given username exists,
returns that UserRetirementStatus.retired_username value. Otherwise, returns a "retired username"
hashed using the newest configured salt.
UserRetirementStatus = apps.get_model('user_api', 'UserRetirementStatus')
try:
status = UserRetirementStatus.objects.filter(original_username=username).order_by('-modified').first()
if status:
return status.retired_username
except UserRetirementStatus.DoesNotExist:
pass
return user_util.get_retired_username(username, settings.RETIRED_USER_SALTS, settings.RETIRED_USERNAME_FMT)
def get_retired_email_by_email(email):
"""
If a UserRetirementStatus object with an original_email matching the given email exists,
returns that UserRetirementStatus.retired_email value. Otherwise, returns a "retired email"
hashed using the newest configured salt.
UserRetirementStatus = apps.get_model('user_api', 'UserRetirementStatus')
try:
status = UserRetirementStatus.objects.filter(original_email=email).order_by('-modified').first()
if status:
return status.retired_email
except UserRetirementStatus.DoesNotExist:
pass
return user_util.get_retired_email(email, settings.RETIRED_USER_SALTS, settings.RETIRED_EMAIL_FMT)
def _get_all_retired_usernames_by_username(username):
"""
Returns a generator of "retired usernames", one hashed with each
configured salt. Used for finding out if the given username has
ever been used and retired.
"""
return user_util.get_all_retired_usernames(username, settings.RETIRED_USER_SALTS, settings.RETIRED_USERNAME_FMT)
def _get_all_retired_emails_by_email(email):
"""
Returns a generator of "retired emails", one hashed with each
configured salt. Used for finding out if the given email has
ever been used and retired.
"""
return user_util.get_all_retired_emails(email, settings.RETIRED_USER_SALTS, settings.RETIRED_EMAIL_FMT)
def get_potentially_retired_user_by_username(username):
"""
Attempt to return a User object based on the username, or if it
does not exist, then any hashed username salted with the historical
salts.
"""
locally_hashed_usernames = list(_get_all_retired_usernames_by_username(username))
locally_hashed_usernames.append(username)
potential_users = User.objects.filter(username__in=locally_hashed_usernames)
# Have to disambiguate between several Users here as we could have retirees with
# the same username, but for case.
# If there's only 1 we're done, this should be the common case
if len(potential_users) == 1:
return potential_users[0]
# No user found, throw the usual error
if not potential_users:
raise User.DoesNotExist()
# For a brief period, users were able to retire accounts and make another account with
# the same differently-cased username, like "testuser" and "TestUser".
# If there are two users found, return the one that's the *actual* case-matching username,
# whether retired or not.
if len(potential_users) == 2:
# Figure out which user has been retired.
if potential_users[0].username.startswith(settings.RETIRED_USERNAME_PREFIX):
retired = potential_users[0]
active = potential_users[1]
else:
retired = potential_users[1]
active = potential_users[0]
# If the active (non-retired) user's username doesn't *exactly* match (including case),
# then the retired account must be the one that exactly matches.
return active if active.username == username else retired
# We should have, at most, a retired username and an active one with a username
# differing only by case. If there are more we need to disambiguate them by hand.
raise Exception('Expected 1 or 2 Users, received {}'.format(text_type(potential_users)))
def get_potentially_retired_user_by_username_and_hash(username, hashed_username):
"""
To assist in the retirement process this method will:
- Confirm that any locally hashed username matches the passed in one
(in case of salt mismatches with the upstream script).
- Attempt to return a User object based on the username, or if it
does not exist, the any hashed username salted with the historical
salts.
"""
locally_hashed_usernames = list(_get_all_retired_usernames_by_username(username))
if hashed_username not in locally_hashed_usernames:
raise Exception('Mismatched hashed_username, bad salt?')
locally_hashed_usernames.append(username)
return User.objects.get(username__in=locally_hashed_usernames)
class UserStanding(models.Model):
"""
This table contains a student's account's status.
Currently, we're only disabling accounts; in the future we can imagine
taking away more specific privileges, like forums access, or adding
more specific karma levels or probationary stages.
USER_STANDING_CHOICES = (
(ACCOUNT_DISABLED, u"Account Disabled"),
(ACCOUNT_ENABLED, u"Account Enabled"),
)
user = models.OneToOneField(User, db_index=True, related_name='standing', on_delete=models.CASCADE)
account_status = models.CharField(
blank=True, max_length=31, choices=USER_STANDING_CHOICES
)
changed_by = models.ForeignKey(User, blank=True, on_delete=models.CASCADE)
standing_last_changed_at = models.DateTimeField(auto_now=True)
David Ormsbee
committed
class UserProfile(models.Model):
David Ormsbee
committed
"""This is where we store all the user demographic fields. We have a
separate table for this rather than extending the built-in Django auth_user.
Notes:
David Ormsbee
committed
* Some fields are legacy ones from the first run of 6.002, from which
we imported many users.
* Fields like name and address are intentionally open ended, to account
for international variations. An unfortunate side-effect is that we
cannot efficiently sort on last names for instance.
Replication:
* Only the Portal servers should ever modify this information.
* All fields are replicated into relevant Course databases
Some of the fields are legacy ones that were captured during the initial
MITx fall prototype.
.. pii: Contains many PII fields. Retired in AccountRetirementView.
.. pii_types: name, location, birth_date, gender, biography, phone_number
Afeef Janjua
committed
# cache key format e.g user.<user_id>.profile.country = 'SG'
PROFILE_COUNTRY_CACHE_KEY = u"user.{user_id}.profile.country"
David Ormsbee
committed
db_table = "auth_userprofile"
permissions = (("can_deactivate_users", "Can deactivate, but NOT delete users"),)
David Ormsbee
committed
# CRITICAL TODO/SECURITY
David Ormsbee
committed
# This is not visible to other users, but could introduce holes later
user = models.OneToOneField(User, unique=True, db_index=True, related_name='profile', on_delete=models.CASCADE)
name = models.CharField(blank=True, max_length=255, db_index=True)
meta = models.TextField(blank=True) # JSON dictionary for future expansion
courseware = models.CharField(blank=True, max_length=255, default=u'course.xml')
# Language is deprecated and no longer used. Old rows exist that have
# user-entered free form text values (ex. "English"), some of which have
# non-ASCII values. You probably want UserPreference version of this, which
# stores the user's preferred language code. See openedx/core/djangoapps/lang_pref
# for more information.
language = models.CharField(blank=True, max_length=255, db_index=True)
# Location is no longer used, but is held here for backwards compatibility
# for users imported from our first class.
location = models.CharField(blank=True, max_length=255, db_index=True)
# Optional demographic data we started capturing from Fall 2012
this_year = datetime.now(UTC).year
VALID_YEARS = list(range(this_year, this_year - 120, -1))
year_of_birth = models.IntegerField(blank=True, null=True, db_index=True)
GENDER_CHOICES = (
(u'm', ugettext_noop(u'Male')),
(u'f', ugettext_noop(u'Female')),
# Translators: 'Other' refers to the student's gender
gender = models.CharField(
blank=True, null=True, max_length=6, db_index=True, choices=GENDER_CHOICES
)
# [03/21/2013] removed these, but leaving comment since there'll still be
# p_se and p_oth in the existing data in db.
# ('p_se', 'Doctorate in science or engineering'),
# ('p_oth', 'Doctorate in another field'),
LEVEL_OF_EDUCATION_CHOICES = (
(u'p', ugettext_noop(u'Doctorate')),
(u'm', ugettext_noop(u"Master's or professional degree")),
(u'b', ugettext_noop(u"Bachelor's degree")),
(u'a', ugettext_noop(u"Associate degree")),
(u'hs', ugettext_noop(u"Secondary/high school")),
(u'jhs', ugettext_noop(u"Junior secondary/junior high/middle school")),
(u'el', ugettext_noop(u"Elementary/primary school")),
# Translators: 'None' refers to the student's level of education
# Translators: 'Other' refers to the student's level of education
level_of_education = models.CharField(
blank=True, null=True, max_length=6, db_index=True,
choices=LEVEL_OF_EDUCATION_CHOICES
)
mailing_address = models.TextField(blank=True, null=True)
city = models.TextField(blank=True, null=True)
country = CountryField(blank=True, null=True)
goals = models.TextField(blank=True, null=True)
allow_certificate = models.BooleanField(default=1)
bio = models.CharField(blank=True, null=True, max_length=3000, db_index=False)
profile_image_uploaded_at = models.DateTimeField(null=True, blank=True)
Cory Lee
committed
phone_regex = RegexValidator(regex=r'^\+?1?\d*$', message="Phone number can only contain numbers.")
phone_number = models.CharField(validators=[phone_regex], blank=True, null=True, max_length=50)
@property
def has_profile_image(self):
"""
Convenience method that returns a boolean indicating whether or not
this user has uploaded a profile image.
"""
return self.profile_image_uploaded_at is not None
@property
def age(self):
""" Convenience method that returns the age given a year_of_birth. """
year_of_birth = self.year_of_birth
year = datetime.now(UTC).year
if year_of_birth is not None:
return self._calculate_age(year, year_of_birth)
@property
def level_of_education_display(self):
""" Convenience method that returns the human readable level of education. """
if self.level_of_education:
return self.__enumerable_to_display(self.LEVEL_OF_EDUCATION_CHOICES, self.level_of_education)
@property
def gender_display(self):
""" Convenience method that returns the human readable gender. """
if self.gender:
return self.__enumerable_to_display(self.GENDER_CHOICES, self.gender)
def get_meta(self): # pylint: disable=missing-docstring
js_str = dict()
js_str = json.loads(self.meta)
def set_meta(self, meta_json): # pylint: disable=missing-docstring
self.meta = json.dumps(meta_json)
def set_login_session(self, session_id=None):
"""
Sets the current session id for the logged-in user.
If session_id doesn't match the existing session,
deletes the old session object.
"""
meta = self.get_meta()
old_login = meta.get('session_id', None)
if old_login:
SessionStore(session_key=old_login).delete()
meta['session_id'] = session_id
self.set_meta(meta)
self.save()
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
def requires_parental_consent(self, date=None, age_limit=None, default_requires_consent=True):
"""Returns true if this user requires parental consent.
Args:
date (Date): The date for which consent needs to be tested (defaults to now).
age_limit (int): The age limit at which parental consent is no longer required.
This defaults to the value of the setting 'PARENTAL_CONTROL_AGE_LIMIT'.
default_requires_consent (bool): True if users require parental consent if they
have no specified year of birth (default is True).
Returns:
True if the user requires parental consent.
"""
if age_limit is None:
age_limit = getattr(settings, 'PARENTAL_CONSENT_AGE_LIMIT', None)
if age_limit is None:
return False
# Return True if either:
# a) The user has a year of birth specified and that year is fewer years in the past than the limit.
# b) The user has no year of birth specified and the default is to require consent.
#
# Note: we have to be conservative using the user's year of birth as their birth date could be
# December 31st. This means that if the number of years since their birth year is exactly equal
# to the age limit then we have to assume that they might still not be old enough.
year_of_birth = self.year_of_birth
if year_of_birth is None:
return default_requires_consent
age = self.age
else:
age = self._calculate_age(date.year, year_of_birth)
def __enumerable_to_display(self, enumerables, enum_value):
""" Get the human readable value from an enumerable list of key-value pairs. """
return dict(enumerables)[enum_value]
def _calculate_age(self, year, year_of_birth):
"""Calculate the youngest age for a user with a given year of birth.
:param year: year
:param year_of_birth: year of birth
:return: youngest age a user could be for the given year
"""
# There are legal implications regarding how we can contact users and what information we can make public
# based on their age, so we must take the most conservative estimate.
return year - year_of_birth - 1
Afeef Janjua
committed
@classmethod
def country_cache_key_name(cls, user_id):
"""Return cache key name to be used to cache current country.
Args:
user_id(int): Id of user.
Returns:
Unicode cache key
"""
return cls.PROFILE_COUNTRY_CACHE_KEY.format(user_id=user_id)
@receiver(models.signals.post_save, sender=UserProfile)
def invalidate_user_profile_country_cache(sender, instance, **kwargs): # pylint: disable=unused-argument, invalid-name
"""Invalidate the cache of country in UserProfile model. """
changed_fields = getattr(instance, '_changed_fields', {})
if 'country' in changed_fields:
cache_key = UserProfile.country_cache_key_name(instance.user_id)
cache.delete(cache_key)
log.info("Country changed in UserProfile for %s, cache deleted", instance.user_id)
@receiver(pre_save, sender=UserProfile)
def user_profile_pre_save_callback(sender, **kwargs):
"""
Ensure consistency of a user profile before saving it.
"""
user_profile = kwargs['instance']
# Remove profile images for users who require parental consent
if user_profile.requires_parental_consent() and user_profile.has_profile_image:
user_profile.profile_image_uploaded_at = None
# Cache "old" field values on the model instance so that they can be
# retrieved in the post_save callback when we emit an event with new and
# old field values.
user_profile._changed_fields = get_changed_fields_dict(user_profile, sender)
@receiver(post_save, sender=UserProfile)
def user_profile_post_save_callback(sender, **kwargs):
"""
Emit analytics events after saving the UserProfile.
"""
user_profile = kwargs['instance']
# pylint: disable=protected-access
emit_field_changed_events(
user_profile,
user_profile.user,
sender._meta.db_table,
excluded_fields=['meta']
@receiver(pre_save, sender=User)
def user_pre_save_callback(sender, **kwargs):
"""
Capture old fields on the user instance before save and cache them as a
private field on the current model for use in the post_save callback.
"""
user = kwargs['instance']
user._changed_fields = get_changed_fields_dict(user, sender)
@receiver(post_save, sender=User)
def user_post_save_callback(sender, **kwargs):
Jesse Shapiro
committed
When a user is modified and either its `is_active` state or email address
is changed, and the user is, in fact, active, then check to see if there
are any courses that it needs to be automatically enrolled in.
Additionally, emit analytics events after saving the User.
"""
user = kwargs['instance']
Jesse Shapiro
committed
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
changed_fields = user._changed_fields
if 'is_active' in changed_fields or 'email' in changed_fields:
if user.is_active:
ceas = CourseEnrollmentAllowed.for_user(user).filter(auto_enroll=True)
for cea in ceas:
enrollment = CourseEnrollment.enroll(user, cea.course_id)
manual_enrollment_audit = ManualEnrollmentAudit.get_manual_enrollment_by_email(user.email)
if manual_enrollment_audit is not None:
# get the enrolled by user and reason from the ManualEnrollmentAudit table.
# then create a new ManualEnrollmentAudit table entry for the same email
# different transition state.
ManualEnrollmentAudit.create_manual_enrollment_audit(
manual_enrollment_audit.enrolled_by,
user.email,
ALLOWEDTOENROLL_TO_ENROLLED,
manual_enrollment_audit.reason,
enrollment
)
# Because `emit_field_changed_events` removes the record of the fields that
# were changed, wait to do that until after we've checked them as part of
# the condition on whether we want to check for automatic enrollments.
# pylint: disable=protected-access
emit_field_changed_events(
user,
user,
sender._meta.db_table,
excluded_fields=['last_login', 'first_name', 'last_name'],
hidden_fields=['password']
)
asadiqbal08
committed
class UserSignupSource(models.Model):
"""
This table contains information about users registering
via Micro-Sites
asadiqbal08
committed
"""
user = models.ForeignKey(User, db_index=True, on_delete=models.CASCADE)
asadiqbal08
committed
site = models.CharField(max_length=255, db_index=True)
def unique_id_for_user(user, save=True):
"""
Return a unique id for a user, suitable for inserting into
e.g. personalized survey links.
Keyword arguments:
save -- Whether the id should be saved in an AnonymousUserId object.
# Setting course_id to '' makes it not affect the generated hash,
# and thus produce the old per-student anonymous id
return anonymous_id_for_user(user, None, save=save)
# TODO: Should be renamed to generic UserGroup, and possibly
users = models.ManyToManyField(User, db_index=True)
name = models.CharField(blank=False, max_length=32, db_index=True)
description = models.TextField(blank=True)
David Ormsbee
committed
David Ormsbee
committed
class Registration(models.Model):
"""
Allows us to wait for e-mail before user is registered. A
registration profile is created when the user creates an
account, but that account is inactive. Once the user clicks
on the activation key, it becomes active.
.. no_pii:
"""
David Ormsbee
committed
db_table = "auth_registration"
user = models.OneToOneField(User, on_delete=models.CASCADE)
activation_key = models.CharField((u'activation key'), max_length=32, unique=True, db_index=True)
David Ormsbee
committed
def register(self, user):
# MINOR TODO: Switch to crypto-secure key
self.activation_key = uuid.uuid4().hex
self.user = user
David Ormsbee
committed
self.save()
def activate(self):
self.user.is_active = True
self.user.save(update_fields=['is_active'])
Awais Jibran
committed
log.info(u'User %s (%s) account is successfully activated.', self.user.username, self.user.email)
David Ormsbee
committed
class PendingNameChange(DeletableByUserValue, models.Model):
"""
This model keeps track of pending requested changes to a user's email address.
.. pii: Contains new_name, retired in LMSAccountRetirementView
.. pii_types: name
.. pii_retirement: local_api
"""
user = models.OneToOneField(User, unique=True, db_index=True, on_delete=models.CASCADE)
new_name = models.CharField(blank=True, max_length=255)
rationale = models.CharField(blank=True, max_length=1024)
class PendingEmailChange(DeletableByUserValue, models.Model):
"""
This model keeps track of pending requested changes to a user's email address.
.. pii: Contains new_email, retired in AccountRetirementView
.. pii_types: email_address
.. pii_retirement: local_api
user = models.OneToOneField(User, unique=True, db_index=True, on_delete=models.CASCADE)
new_email = models.CharField(blank=True, max_length=255, db_index=True)
activation_key = models.CharField((u'activation key'), max_length=32, unique=True, db_index=True)
def request_change(self, email):
"""Request a change to a user's email.
Implicitly saves the pending email change record.
Arguments:
email (unicode): The proposed new email for the user.
Returns:
unicode: The activation code to confirm the change.
"""
self.new_email = email
self.activation_key = uuid.uuid4().hex
self.save()
return self.activation_key
class PendingSecondaryEmailChange(DeletableByUserValue, models.Model):
"""
This model keeps track of pending requested changes to a user's secondary email address.
.. pii: Contains new_secondary_email, not currently retired
.. pii_types: email_address
.. pii_retirement: retained
"""
user = models.OneToOneField(User, unique=True, db_index=True, on_delete=models.CASCADE)
new_secondary_email = models.CharField(blank=True, max_length=255, db_index=True)
activation_key = models.CharField((u'activation key'), max_length=32, unique=True, db_index=True)
EVENT_NAME_ENROLLMENT_ACTIVATED = 'edx.course.enrollment.activated'
EVENT_NAME_ENROLLMENT_DEACTIVATED = 'edx.course.enrollment.deactivated'
EVENT_NAME_ENROLLMENT_MODE_CHANGED = 'edx.course.enrollment.mode_changed'
class LoginFailures(models.Model):
"""
This model will keep track of failed login attempts.
.. no_pii:
"""
user = models.ForeignKey(User, on_delete=models.CASCADE)
failure_count = models.IntegerField(default=0)
lockout_until = models.DateTimeField(null=True)
@classmethod
def _get_record_for_user(cls, user):
"""
Gets a user's record, and fixes any duplicates that may have arisen due to get_or_create
race conditions. See https://code.djangoproject.com/ticket/13906 for details.
Use this method in place of `LoginFailures.objects.get(user=user)`
"""
records = LoginFailures.objects.filter(user=user).order_by('-lockout_until')
for extra_record in records[1:]:
extra_record.delete()
return records.get()
@classmethod
def is_feature_enabled(cls):
"""
Returns whether the feature flag around this functionality has been set
"""
return settings.FEATURES['ENABLE_MAX_FAILED_LOGIN_ATTEMPTS']
@classmethod
def is_user_locked_out(cls, user):
"""
Static method to return in a given user has his/her account locked out
"""
try:
record = cls._get_record_for_user(user)
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
if not record.lockout_until:
return False
now = datetime.now(UTC)
until = record.lockout_until
is_locked_out = until and now < until
return is_locked_out
except ObjectDoesNotExist:
return False
@classmethod
def increment_lockout_counter(cls, user):
"""
Ticks the failed attempt counter
"""
record, _ = LoginFailures.objects.get_or_create(user=user)
record.failure_count = record.failure_count + 1
max_failures_allowed = settings.MAX_FAILED_LOGIN_ATTEMPTS_ALLOWED
# did we go over the limit in attempts
if record.failure_count >= max_failures_allowed:
# yes, then store when this account is locked out until
lockout_period_secs = settings.MAX_FAILED_LOGIN_ATTEMPTS_LOCKOUT_PERIOD_SECS
record.lockout_until = datetime.now(UTC) + timedelta(seconds=lockout_period_secs)
record.save()
@classmethod
def clear_lockout_counter(cls, user):
"""
Removes the lockout counters (normally called after a successful login)
"""
try:
entry = cls._get_record_for_user(user)
entry.delete()
except ObjectDoesNotExist:
return
Josue Balandrano Coronel
committed
def __str__(self):
"""Str -> Username: count - date."""
Josue Balandrano Coronel
committed
count=self.failure_count,
date=self.lockout_until.isoformat() if self.lockout_until else '-'
Josue Balandrano Coronel
committed
class Meta:
verbose_name = 'Login Failure'
verbose_name_plural = 'Login Failures'
class CourseEnrollmentException(Exception):
pass
class NonExistentCourseError(CourseEnrollmentException):
pass
class EnrollmentClosedError(CourseEnrollmentException):
pass
class CourseFullError(CourseEnrollmentException):
pass
class AlreadyEnrolledError(CourseEnrollmentException):
pass
class CourseEnrollmentManager(models.Manager):
"""
Custom manager for CourseEnrollment with Table-level filter methods.
"""
def num_enrolled_in(self, course_id):
"""
Returns the count of active enrollments in a course.
'course_id' is the course_id to return enrollments
"""
enrollment_number = super(CourseEnrollmentManager, self).get_queryset().filter(
course_id=course_id,
is_active=1
).count()
return enrollment_number
def num_enrolled_in_exclude_admins(self, course_id):
"""
Returns the count of active enrollments in a course excluding instructors, staff and CCX coaches.
Arguments:
course_id (CourseLocator): course_id to return enrollments (count).
Returns:
int: Count of enrollments excluding staff, instructors and CCX coaches.
"""
# To avoid circular imports.
from student.roles import CourseCcxCoachRole, CourseInstructorRole, CourseStaffRole
course_locator = course_id
if getattr(course_id, 'ccx', None):
course_locator = course_id.to_course_locator()
staff = CourseStaffRole(course_locator).users_with_role()
admins = CourseInstructorRole(course_locator).users_with_role()
coaches = CourseCcxCoachRole(course_locator).users_with_role()