Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def validate_email(email):
if not valid_email(email):
raise ValidationError('Invalid email.')
def validate_calnet_uid(uid):
"""Verifies whether a given CalNet UID is eligible for a new OCF account.
Checks that:
- User doesn't already have an OCF account
- Affiliate type is eligible"""
# check for existing OCF accounts
existing_accounts = search.users_by_calnet_uid(uid)
if existing_accounts:
raise ValidationError(
'CalNet UID already has account: ' + str(existing_accounts))
attrs = search.user_attrs_ucb(uid)
if not attrs:
raise ValidationError("CalNet UID can't be found in university LDAP.")
@contextmanager
def validate_section():
try:
yield
except ValidationWarning as ex:
warnings.append(str(ex))
except ValidationError as ex:
errors.append(str(ex))
# TODO: figure out where to sanitize real_name
# user name
with validate_section():
if username_pending(session, request):
raise ValidationError('Username {} has already been requested.'.format(
request.user_name,
))
validate_username(request.user_name, request.real_name)
# calnet uid / callink oid
with validate_section():
if request.is_group:
validate_callink_oid(request.callink_oid)
else:
validate_calnet_uid(request.calnet_uid)
if user_has_request_pending(session, request):
raise ValidationError('You have already requested an account.')
# email
def validate_password(username, password):
try:
validators.validate_password(username, password)
except ValueError as ex:
raise ValidationError(str(ex))
unvalidated_recs = name_field_abbrevs[0]
for i in range(1, len(name_fields)):
new_unvalidated_recs = []
for name_field_abbrev in name_field_abbrevs[i]:
for rec in unvalidated_recs:
new_unvalidated_recs.append(rec + name_field_abbrev)
unvalidated_recs = new_unvalidated_recs
validated_recs: List[Any] = []
while len(validated_recs) < n and len(unvalidated_recs) > 0:
rec = unvalidated_recs.pop(randint(0, len(unvalidated_recs) - 1))
try:
validate_username(rec, real_name)
validated_recs.append(rec)
except (ValidationError, ValidationWarning):
pass # Account name wasn't valid, skip this recommendation
return validated_recs
if username_pending(session, request):
raise ValidationError('Username {} has already been requested.'.format(
request.user_name,
))
validate_username(request.user_name, request.real_name)
# calnet uid / callink oid
with validate_section():
if request.is_group:
validate_callink_oid(request.callink_oid)
else:
validate_calnet_uid(request.calnet_uid)
if user_has_request_pending(session, request):
raise ValidationError('You have already requested an account.')
# email
with validate_section():
validate_email(request.email)
# password
with validate_section():
password = decrypt_password(
request.encrypted_password,
RSA.importKey(open(credentials.encryption_key).read()),
)
validate_password(request.user_name, password)
return errors, warnings