# App de gestion des users pour Amap # Goulven Kermarec, Gabriel Détraz # Gplv2 from django.shortcuts import render_to_response, get_object_or_404, render, redirect from django.core.context_processors import csrf from django.core.paginator import Paginator, EmptyPage, PageNotAnInteger from django.template import Context, RequestContext, loader from django.contrib import messages from django.contrib.auth.decorators import login_required, permission_required from django.db.models import Max, ProtectedError from django.db import IntegrityError from django.core.mail import send_mail from django.utils import timezone from django.core.urlresolvers import reverse from django.db import transaction from reversion import revisions as reversion from users.models import User, Right, ListRight, Request from users.models import DelRightForm, DelListRightForm, NewListRightForm from users.models import EditInfoForm, BaseInfoForm, StateForm, RightForm, ListRightForm from users.forms import PassForm, ResetPasswordForm from panier.models import Commande, Credit from amap.settings import REQ_EXPIRE_STR, EMAIL_FROM, ASSO_NAME, ASSO_EMAIL, SITE_NAME, PAGINATION_NUMBER def form(ctx, template, request): c = ctx c.update(csrf(request)) return render_to_response( template, c, context_instance=RequestContext(request) ) def password_change_action(u_form, user, request, req=False): """ Fonction qui effectue le changeemnt de mdp bdd""" if u_form.cleaned_data['passwd1'] != u_form.cleaned_data['passwd2']: messages.error(request, "Les 2 mots de passe différent") return form({'userform': u_form}, 'users/user.html', request) user.set_password(u_form.cleaned_data['passwd1']) with transaction.atomic(), reversion.create_revision(): user.save() reversion.set_comment("Réinitialisation du mot de passe") messages.success(request, "Le mot de passe a changé") if req: req.delete() return redirect("/") return redirect("/users/profil/" + str(user.id)) def reset_passwd_mail(req, request): t = loader.get_template('users/email_passwd_request') c = Context({ 'name': str(req.user.name) + ' ' + str(req.user.surname), 'asso': ASSO_NAME, 'asso_mail': ASSO_EMAIL, 'site_name': SITE_NAME, 'url': request.build_absolute_uri( reverse('users:process', kwargs={'token': req.token})), 'expire_in': REQ_EXPIRE_STR, }) send_mail('Changement de mot de passe', t.render(c), EMAIL_FROM, [req.user.email], fail_silently=False) return @login_required @permission_required('bureau') def new_user(request): user = EditInfoForm(request.POST or None) if user.is_valid(): user = user.save(commit=False) with transaction.atomic(), reversion.create_revision(): user.save() reversion.set_user(request.user) reversion.set_comment("Création") req = Request() req.type = Request.PASSWD req.user = user req.save() reset_passwd_mail(req, request) messages.success(request, "L'utilisateur %s a été crée, un mail pour l'initialisation du mot de passe a été envoyé" % user.pseudo) return redirect("/users/profil/" + str(user.id)) return form({'userform': user}, 'users/user.html', request) @login_required def edit_info(request, userid): try: user = User.objects.get(pk=userid) except User.DoesNotExist: messages.error(request, "Utilisateur inexistant") return redirect("/users/") if not request.user.has_perms(('bureau',)) and user != request.user: messages.error(request, "Vous ne pouvez pas modifier un autre user que vous sans droit bureau") return redirect("/users/profil/" + str(request.user.id)) if not request.user.has_perms(('bureau',)): user = BaseInfoForm(request.POST or None, instance=user) else: user = EditInfoForm(request.POST or None, instance=user) if user.is_valid(): with transaction.atomic(), reversion.create_revision(): user.save() reversion.set_user(request.user) reversion.set_comment("Champs modifié(s) : %s" % ', '.join(field for field in user.changed_data)) messages.success(request, "L'user a bien été modifié") return redirect("/users/profil/" + userid) return form({'userform': user}, 'users/user.html', request) @login_required @permission_required('bureau') def state(request, userid): try: user = User.objects.get(pk=userid) except User.DoesNotExist: messages.error(request, "Utilisateur inexistant") return redirect("/users/") state = StateForm(request.POST or None, instance=user) if state.is_valid(): with transaction.atomic(), reversion.create_revision(): state.save() reversion.set_user(request.user) reversion.set_comment("Champs modifié(s) : %s" % ', '.join(field for field in state.changed_data)) messages.success(request, "Etat changé avec succès") return redirect("/users/profil/" + userid) return form({'userform': state}, 'users/user.html', request) @login_required def password(request, userid): try: user = User.objects.get(pk=userid) except User.DoesNotExist: messages.error(request, "Utilisateur inexistant") return redirect("/users/") if not request.user.has_perms(('bureau',)) and user != request.user: messages.error(request, "Vous ne pouvez pas modifier un autre user que vous sans droit bureau") return redirect("/users/profil/" + str(request.user.id)) if not request.user.has_perms(('bureau',)) and user != request.user and Right.objects.filter(user=user): messages.error(request, "Il faut les droits bureau pour modifier le mot de passe d'un membre actif") return redirect("/users/profil/" + str(request.user.id)) u_form = PassForm(request.POST or None) if u_form.is_valid(): return password_change_action(u_form, user, request) return form({'userform': u_form}, 'users/user.html', request) @login_required @permission_required('bureau') def del_right(request): user_right_list = DelRightForm(request.POST or None) if user_right_list.is_valid(): right_del = user_right_list.cleaned_data['rights'] right_del.delete() messages.success(request, "Droit retiré avec succès") return redirect("/users/") return form({'userform': user_right_list}, 'users/user.html', request) @login_required @permission_required('bureau') def add_right(request, userid): try: user = User.objects.get(pk=userid) except User.DoesNotExist: messages.error(request, "Utilisateur inexistant") return redirect("/users/") right = RightForm(request.POST or None) if right.is_valid(): right = right.save(commit=False) right.user = user try: right.save() messages.success(request, "Droit ajouté") except IntegrityError: pass return redirect("/users/profil/" + userid) return form({'userform': right}, 'users/user.html', request) @login_required @permission_required('bureau') def add_listright(request): listright = NewListRightForm(request.POST or None) if listright.is_valid(): with transaction.atomic(), reversion.create_revision(): listright.save() reversion.set_user(request.user) reversion.set_comment("Création") messages.success(request, "Le droit/groupe a été ajouté") return redirect("/users/index_listright/") return form({'userform': listright}, 'users/user.html', request) @login_required @permission_required('bureau') def edit_listright(request, listrightid): try: listright_instance = ListRight.objects.get(pk=listrightid) except ListRight.DoesNotExist: messages.error(request, u"Entrée inexistante" ) return redirect("/users/") listright = ListRightForm(request.POST or None, instance=listright_instance) if listright.is_valid(): with transaction.atomic(), reversion.create_revision(): listright.save() reversion.set_user(request.user) reversion.set_comment("Champs modifié(s) : %s" % ', '.join(field for field in listright.changed_data)) messages.success(request, "Droit modifié") return redirect("/users/index_listright/") return form({'userform': listright}, 'users/user.html', request) @login_required @permission_required('bureau') def del_listright(request): listright = DelListRightForm(request.POST or None) if listright.is_valid(): listright_dels = listright.cleaned_data['listrights'] for listright_del in listright_dels: try: with transaction.atomic(), reversion.create_revision(): listright_del.delete() reversion.set_comment("Destruction") messages.success(request, "Le droit/groupe a été supprimé") except ProtectedError: messages.error( request, "Le droit %s est affecté à au moins un user, \ vous ne pouvez pas le supprimer" % listright_del) return redirect("/users/index_listright/") return form({'userform': listright}, 'users/user.html', request) @login_required @permission_required('bureau') def index(request): users_list = User.objects.order_by('pk') paginator = Paginator(users_list, PAGINATION_NUMBER) page = request.GET.get('page') try: users_list = paginator.page(page) except PageNotAnInteger: # If page is not an integer, deliver first page. users_list = paginator.page(1) except EmptyPage: # If page is out of range (e.g. 9999), deliver last page of results. users_list = paginator.page(paginator.num_pages) return render(request, 'users/index.html', {'users_list': users_list}) @login_required @permission_required('bureau') def index_listright(request): listright_list = ListRight.objects.order_by('listright') return render(request, 'users/index_listright.html', {'listright_list':listright_list}) @login_required def history(request, object, id): if object == 'user': try: object_instance = User.objects.get(pk=id) except User.DoesNotExist: messages.error(request, "Utilisateur inexistant") return redirect("/users/") if not request.user.has_perms(('bureau',)) and object_instance != request.user: messages.error(request, "Vous ne pouvez pas afficher l'historique d'un autre user que vous sans droit bureau") return redirect("/users/profil/" + str(request.user.id)) elif object == 'listright' and request.user.has_perms(('bureau',)): try: object_instance = ListRight.objects.get(pk=id) except ListRight.DoesNotExist: messages.error(request, "Droit inexistant") return redirect("/users/") else: messages.error(request, "Objet inconnu") return redirect("/users/") reversions = reversion.get_for_object(object_instance) paginator = Paginator(reversions, PAGINATION_NUMBER) page = request.GET.get('page') try: reversions = paginator.page(page) except PageNotAnInteger: # If page is not an integer, deliver first page. reversions = paginator.page(1) except EmptyPage: # If page is out of range (e.g. 9999), deliver last page of results. reversions = paginator.page(paginator.num_pages) return render(request, 'amap/history.html', {'reversions': reversions, 'object': object_instance}) @login_required def mon_profil(request): return redirect("/users/profil/" + str(request.user.id)) @login_required def profil(request, userid): try: users = User.objects.get(pk=userid) except User.DoesNotExist: messages.error(request, "Utilisateur inexistant") return redirect("/users/") if not request.user.has_perms(('bureau',)) and users != request.user: messages.error(request, "Vous ne pouvez pas afficher un autre user que vous sans droit bureau") return redirect("/users/profil/" + str(request.user.id)) list_droits = Right.objects.filter(user=users) paniers_list = Commande.objects.filter(user=users).order_by('pk') credit_list = Credit.objects.filter(user=users).order_by('pk') paginator_paniers = Paginator(paniers_list, PAGINATION_NUMBER) paginator_credit = Paginator(credit_list, PAGINATION_NUMBER) page = request.GET.get('page') try: paniers_list = paginator_paniers.page(page) except PageNotAnInteger: # If page is not an integer, deliver first page. paniers_list = paginator_paniers.page(1) except EmptyPage: # If page is out of range (e.g. 9999), deliver last page of results. paniers_list = paginator_paniers.page(paginator_paniers.num_pages) try: credit_list = paginator_credit.page(page) except PageNotAnInteger: # If page is not an integer, deliver first page. credit_list = paginator_credit.page(1) except EmptyPage: # If page is out of range (e.g. 9999), deliver last page of results. credit_list = paginator_credit.page(paginator_credit.num_pages) return render( request, 'users/profil.html', { 'user': users, 'list_droits': list_droits, 'credit_list': credit_list, 'paniers_list': paniers_list, } ) def reset_password(request): userform = ResetPasswordForm(request.POST or None) if userform.is_valid(): try: user = User.objects.get(pseudo=userform.cleaned_data['pseudo'],email=userform.cleaned_data['email']) except User.DoesNotExist: messages.error(request, "Cet utilisateur n'existe pas") return form({'userform': userform}, 'users/user.html', request) req = Request() req.type = Request.PASSWD req.user = user req.save() reset_passwd_mail(req, request) messages.success(request, "Un mail pour l'initialisation du mot de passe a été envoyé") redirect("/") return form({'userform': userform}, 'users/user.html', request) def process(request, token): valid_reqs = Request.objects.filter(expires_at__gt=timezone.now()) req = get_object_or_404(valid_reqs, token=token) if req.type == Request.PASSWD: return process_passwd(request, req) elif req.type == Request.EMAIL: return process_email(request, req=req) else: messages.error(request, "Entrée incorrecte, contactez un admin") redirect("/") def process_passwd(request, req): u_form = PassForm(request.POST or None) user = req.user if u_form.is_valid(): return password_change_action(u_form, user, request, req=req) return form({'userform': u_form}, 'users/user.html', request)