zulip/zerver/management/commands/create_user.py

from __future__ import absolute_import
from __future__ import print_function

from typing import Any

import sys
import argparse

from django.core.management.base import BaseCommand, CommandError
from django.core.exceptions import ValidationError
from django.db.utils import IntegrityError
from django.core import validators

from zerver.models import Realm, get_realm, email_to_username
from zerver.lib.actions import do_create_user
from zerver.lib.actions import notify_new_user
from zerver.lib.initial_password import initial_password
from six.moves import input

class Command(BaseCommand):
    help = """Create the specified user with a default initial password.

A user MUST have ALREADY accepted the Terms of Service before creating their
account this way.

Omit both <email> and <full name> for interactive user creation.
"""

    def add_arguments(self, parser):
        # type: (argparse.ArgumentParser) -> None
        parser.add_argument('--this-user-has-accepted-the-tos',
                            dest='tos',
                            action="store_true",
                            default=False,
                            help='Acknowledgement that the user has already accepted the ToS.')
        parser.add_argument('--realm',
                            dest='string_id',
                            type=str,
                            help='The name of the existing realm to which to add the user.')
        parser.add_argument('--password',
                            dest='password',
                            type=str,
                            default='',
                            help='password of new user. For development only.'
                                 'Note that we recommend against setting '
                                 'passwords this way, since they can be snooped by any user account '
                                 'on the server via `ps -ef` or by any superuser with'
                                 'read access to the user\'s bash history.')
        parser.add_argument('--password-file',
                            dest='password_file',
                            type=str,
                            default='',
                            help='The file containing the password of the new user.')
        parser.add_argument('email', metavar='<email>', type=str, nargs='?', default=argparse.SUPPRESS,
                            help='email address of new user')
        parser.add_argument('full_name', metavar='<full name>', type=str, nargs='?', default=argparse.SUPPRESS,
                            help='full name of new user')

    def handle(self, *args, **options):
        # type: (*Any, **Any) -> None
        if not options["tos"]:
            raise CommandError("""You must confirm that this user has accepted the
Terms of Service by passing --this-user-has-accepted-the-tos.""")

        if not options["string_id"]:
            raise CommandError("""Please specify a realm by passing --realm.""")

        try:
            realm = get_realm(options["string_id"])
        except Realm.DoesNotExist:
            raise CommandError("Realm does not exist.")

        try:
            email = options['email']
            full_name = options['full_name']
            try:
                validators.validate_email(email)
            except ValidationError:
                raise CommandError("Invalid email address.")
        except KeyError:
            if 'email' in options or 'full_name' in options:
                raise CommandError("""Either specify an email and full name as two
parameters, or specify no parameters for interactive user creation.""")
            else:
                while True:
                    email = input("Email: ")
                    try:
                        validators.validate_email(email)
                        break
                    except ValidationError:
                        print("Invalid email address.", file=sys.stderr)
                full_name = input("Full name: ")

        try:
            if 'password' in options:
                pw = options['password']
            if 'password_file' in options:
                pw = open(options['password_file'], 'r').read()
            else:
                pw = initial_password(email).encode()
            notify_new_user(do_create_user(email, pw,
                                           realm, full_name, email_to_username(email)),
                            internal=True)
        except IntegrityError:
            raise CommandError("User already exists.")
Enable absolute imports. See PEP 328[1] for details. This feature was introduced in Python 2.5 and will become mandatory in Python 3. [1]: http://www.python.org/dev/peps/pep-0328 (imported from commit 7444eeba8a08d5f91b94c7921848f2274979bd76) 2013-04-23 18:51:17 +02:00			`from __future__ import absolute_import`
Apply Python 3 futurize transform libfuturize.fixes.fix_print_with_import. 2015-11-01 17:11:06 +01:00			`from __future__ import print_function`
Enable absolute imports. See PEP 328[1] for details. This feature was introduced in Python 2.5 and will become mandatory in Python 3. [1]: http://www.python.org/dev/peps/pep-0328 (imported from commit 7444eeba8a08d5f91b94c7921848f2274979bd76) 2013-04-23 18:51:17 +02:00
Annotate most Zulip management commands. 2016-06-04 16:52:18 +02:00			`from typing import Any`

Introduce new manage.py command which creates users with default passwords. (imported from commit ba5ed9cb6ee91435b184845019391e5dc38fc3aa) 2012-12-06 23:26:47 +01:00			`import sys`
Django 1.8: declare positional arguments in management commands (imported from commit d9efca1376de92c8187d25f546c79fece8d2d8c6) 2015-08-21 02:10:41 +02:00			`import argparse`
Introduce new manage.py command which creates users with default passwords. (imported from commit ba5ed9cb6ee91435b184845019391e5dc38fc3aa) 2012-12-06 23:26:47 +01:00
			`from django.core.management.base import BaseCommand, CommandError`
			`from django.core.exceptions import ValidationError`
			`from django.db.utils import IntegrityError`
			`from django.core import validators`

Rename models.get_realm_by_string_id to get_realm. Finishes the refactoring started in c1bbd8d. The goal of the refactoring is to change the argument to get_realm from a Realm.domain to a Realm.string_id. The steps were * Add a new function, get_realm_by_string_id. * Change all calls to get_realm to use get_realm_by_string_id instead. * Remove get_realm. * (This commit) Rename get_realm_by_string_id to get_realm. Part of a larger migration to remove the Realm.domain field entirely. 2017-01-04 05:30:48 +01:00			`from zerver.models import Realm, get_realm, email_to_username`
[manual] Rename Django app from zephyr to zerver. This needs to be deployed to both staging and prod at the same off-peak time (and the schema migration run). At the time it is deployed, we need to make a few changes directly in the database: (1) UPDATE django_content_type set app_label='zerver' where app_label='zephyr'; (2) UPDATE south_migrationhistory set app_name='zerver' where app_name='zephyr'; (imported from commit eb3fd719571740189514ef0b884738cb30df1320) 2013-07-29 23:03:31 +02:00			`from zerver.lib.actions import do_create_user`
Update create_user management command. notify_new_user was recently moved to zerver.lib.actions from zerver.views and this wasn't properly updated. This would give an error when doing a `manage.py create_user` from the command line. 2015-11-09 01:58:18 +01:00			`from zerver.lib.actions import notify_new_user`
[manual] Rename Django app from zephyr to zerver. This needs to be deployed to both staging and prod at the same off-peak time (and the schema migration run). At the time it is deployed, we need to make a few changes directly in the database: (1) UPDATE django_content_type set app_label='zerver' where app_label='zephyr'; (2) UPDATE south_migrationhistory set app_name='zerver' where app_name='zephyr'; (imported from commit eb3fd719571740189514ef0b884738cb30df1320) 2013-07-29 23:03:31 +02:00			`from zerver.lib.initial_password import initial_password`
Apply Python 3 futurize transform libmodernize.fixes.fix_input_six. 2015-11-01 17:14:42 +01:00			`from six.moves import input`
Introduce new manage.py command which creates users with default passwords. (imported from commit ba5ed9cb6ee91435b184845019391e5dc38fc3aa) 2012-12-06 23:26:47 +01:00
			`class Command(BaseCommand):`
create_user: Add Terms of Service warning. (imported from commit bdb31aebad397e98db77d3ea95ef17ac9dd4737f) 2013-01-08 23:05:42 +01:00			`help = """Create the specified user with a default initial password.`

			`A user MUST have ALREADY accepted the Terms of Service before creating their`
			`account this way.`
Django 1.8: declare positional arguments in management commands (imported from commit d9efca1376de92c8187d25f546c79fece8d2d8c6) 2015-08-21 02:10:41 +02:00
			`Omit both <email> and <full name> for interactive user creation.`
create_user: Add Terms of Service warning. (imported from commit bdb31aebad397e98db77d3ea95ef17ac9dd4737f) 2013-01-08 23:05:42 +01:00			`"""`

Django 1.8: declare positional arguments in management commands (imported from commit d9efca1376de92c8187d25f546c79fece8d2d8c6) 2015-08-21 02:10:41 +02:00			`def add_arguments(self, parser):`
Annotate most Zulip management commands. 2016-06-04 16:52:18 +02:00			`# type: (argparse.ArgumentParser) -> None`
Django 1.8: declare positional arguments in management commands (imported from commit d9efca1376de92c8187d25f546c79fece8d2d8c6) 2015-08-21 02:10:41 +02:00			`parser.add_argument('--this-user-has-accepted-the-tos',`
			`dest='tos',`
			`action="store_true",`
			`default=False,`
			`help='Acknowledgement that the user has already accepted the ToS.')`
Access realm by `string_id` in management commands. `Realm.string_id` replaces 'Realm.domain' in the management commands. Fixes #2325. 2016-11-16 21:16:02 +01:00			`parser.add_argument('--realm',`
			`dest='string_id',`
Django 1.8: declare positional arguments in management commands (imported from commit d9efca1376de92c8187d25f546c79fece8d2d8c6) 2015-08-21 02:10:41 +02:00			`type=str,`
			`help='The name of the existing realm to which to add the user.')`
Add password argument to `manage.py create_user`. Tweaked by tabbott to provide clear --help output recommending against setting passwords this way. 2017-07-08 07:25:17 +02:00			`parser.add_argument('--password',`
			`dest='password',`
			`type=str,`
			`default='',`
create_user: Receive password input from a file instead of shell arg. This is to be used for the case of container orchestration instead of shell arg to prevent snooping by any user account on the server via `ps -ef` or any superuser with read access to the user\'s bash history. 2017-07-18 05:50:54 +02:00			`help='password of new user. For development only.'`
			`'Note that we recommend against setting '`
create_user: Separate password help into multiple lines. This line is too long and ./tools/lint --pep8 is failing because of this. 2017-07-08 23:12:34 +02:00			`'passwords this way, since they can be snooped by any user account '`
create_user: Receive password input from a file instead of shell arg. This is to be used for the case of container orchestration instead of shell arg to prevent snooping by any user account on the server via `ps -ef` or any superuser with read access to the user\'s bash history. 2017-07-18 05:50:54 +02:00			'on the server via `ps -ef` or by any superuser with'
			`'read access to the user\'s bash history.')`
			`parser.add_argument('--password-file',`
			`dest='password_file',`
			`type=str,`
			`default='',`
			`help='The file containing the password of the new user.')`
Django 1.8: declare positional arguments in management commands (imported from commit d9efca1376de92c8187d25f546c79fece8d2d8c6) 2015-08-21 02:10:41 +02:00			`parser.add_argument('email', metavar='<email>', type=str, nargs='?', default=argparse.SUPPRESS,`
			`help='email address of new user')`
			`parser.add_argument('full_name', metavar='<full name>', type=str, nargs='?', default=argparse.SUPPRESS,`
			`help='full name of new user')`
Introduce new manage.py command which creates users with default passwords. (imported from commit ba5ed9cb6ee91435b184845019391e5dc38fc3aa) 2012-12-06 23:26:47 +01:00
			`def handle(self, args, *options):`
Annotate most Zulip management commands. 2016-06-04 16:52:18 +02:00			`# type: (Any, *Any) -> None`
create_user: Add Terms of Service warning. (imported from commit bdb31aebad397e98db77d3ea95ef17ac9dd4737f) 2013-01-08 23:05:42 +01:00			`if not options["tos"]:`
			`raise CommandError("""You must confirm that this user has accepted the`
			`Terms of Service by passing --this-user-has-accepted-the-tos.""")`

Access realm by `string_id` in management commands. `Realm.string_id` replaces 'Realm.domain' in the management commands. Fixes #2325. 2016-11-16 21:16:02 +01:00			`if not options["string_id"]:`
			`raise CommandError("""Please specify a realm by passing --realm.""")`
create_user: ask for realm as part of user creation. With open realms, you can't infer the realm from the e-mail address. (imported from commit c05afa586f121a38673f9e62281cf26c8590570b) 2013-03-21 19:07:03 +01:00
			`try:`
Rename models.get_realm_by_string_id to get_realm. Finishes the refactoring started in c1bbd8d. The goal of the refactoring is to change the argument to get_realm from a Realm.domain to a Realm.string_id. The steps were * Add a new function, get_realm_by_string_id. * Change all calls to get_realm to use get_realm_by_string_id instead. * Remove get_realm. * (This commit) Rename get_realm_by_string_id to get_realm. Part of a larger migration to remove the Realm.domain field entirely. 2017-01-04 05:30:48 +01:00			`realm = get_realm(options["string_id"])`
create_user: ask for realm as part of user creation. With open realms, you can't infer the realm from the e-mail address. (imported from commit c05afa586f121a38673f9e62281cf26c8590570b) 2013-03-21 19:07:03 +01:00			`except Realm.DoesNotExist:`
			`raise CommandError("Realm does not exist.")`

Introduce new manage.py command which creates users with default passwords. (imported from commit ba5ed9cb6ee91435b184845019391e5dc38fc3aa) 2012-12-06 23:26:47 +01:00			`try:`
Django 1.8: declare positional arguments in management commands (imported from commit d9efca1376de92c8187d25f546c79fece8d2d8c6) 2015-08-21 02:10:41 +02:00			`email = options['email']`
			`full_name = options['full_name']`
Introduce new manage.py command which creates users with default passwords. (imported from commit ba5ed9cb6ee91435b184845019391e5dc38fc3aa) 2012-12-06 23:26:47 +01:00			`try:`
			`validators.validate_email(email)`
			`except ValidationError:`
			`raise CommandError("Invalid email address.")`
Django 1.8: declare positional arguments in management commands (imported from commit d9efca1376de92c8187d25f546c79fece8d2d8c6) 2015-08-21 02:10:41 +02:00			`except KeyError:`
			`if 'email' in options or 'full_name' in options:`
create_user: fix missing spaces in options error message. (imported from commit 25ea284b17dfb3160aca336e31203991f70994d8) 2013-01-08 23:08:13 +01:00			`raise CommandError("""Either specify an email and full name as two`
			`parameters, or specify no parameters for interactive user creation.""")`
Introduce new manage.py command which creates users with default passwords. (imported from commit ba5ed9cb6ee91435b184845019391e5dc38fc3aa) 2012-12-06 23:26:47 +01:00			`else:`
			`while True:`
Apply Python 3 futurize transform libmodernize.fixes.fix_input_six. 2015-11-01 17:14:42 +01:00			`email = input("Email: ")`
Introduce new manage.py command which creates users with default passwords. (imported from commit ba5ed9cb6ee91435b184845019391e5dc38fc3aa) 2012-12-06 23:26:47 +01:00			`try:`
			`validators.validate_email(email)`
			`break`
			`except ValidationError:`
Apply Python 3 futurize transform libfuturize.fixes.fix_print_with_import. 2015-11-01 17:11:06 +01:00			`print("Invalid email address.", file=sys.stderr)`
Apply Python 3 futurize transform libmodernize.fixes.fix_input_six. 2015-11-01 17:14:42 +01:00			`full_name = input("Full name: ")`
Introduce new manage.py command which creates users with default passwords. (imported from commit ba5ed9cb6ee91435b184845019391e5dc38fc3aa) 2012-12-06 23:26:47 +01:00
			`try:`
create_user: Receive password input from a file instead of shell arg. This is to be used for the case of container orchestration instead of shell arg to prevent snooping by any user account on the server via `ps -ef` or any superuser with read access to the user\'s bash history. 2017-07-18 05:50:54 +02:00			`if 'password' in options:`
			`pw = options['password']`
			`if 'password_file' in options:`
			`pw = open(options['password_file'], 'r').read()`
			`else:`
			`pw = initial_password(email).encode()`
Add password argument to `manage.py create_user`. Tweaked by tabbott to provide clear --help output recommending against setting passwords this way. 2017-07-08 07:25:17 +02:00			`notify_new_user(do_create_user(email, pw,`
pep8: Fix many rule E128 violations. [Tweaked by tabbott to adjust some approaches used in wrapping] 2016-12-03 00:04:17 +01:00			`realm, full_name, email_to_username(email)),`
			`internal=True)`
Introduce new manage.py command which creates users with default passwords. (imported from commit ba5ed9cb6ee91435b184845019391e5dc38fc3aa) 2012-12-06 23:26:47 +01:00			`except IntegrityError:`
			`raise CommandError("User already exists.")`