From 29f9440f25238336bd2dd21aebfef8d042829675 Mon Sep 17 00:00:00 2001
From: Hugo LEVY-FALK <hugo.levy--falk@supelec.fr>
Date: Sat, 10 Mar 2018 14:48:48 +0100
Subject: [PATCH] Gestion des utilisateurs

---
 settings/forms.py                         |  2 +-
 settings/templates/settings/settings.html | 22 ++++++++++-
 templates/nav_bar.html                    |  5 +--
 users/forms.py                            | 12 +++++-
 users/urls.py                             | 40 +++++++++++++++++--
 users/views.py                            | 47 ++++++++++++++++++-----
 6 files changed, 108 insertions(+), 20 deletions(-)

diff --git a/settings/forms.py b/settings/forms.py
index 1fc815e..aec463b 100644
--- a/settings/forms.py
+++ b/settings/forms.py
@@ -15,5 +15,5 @@ class SelectUserForm(forms.Form):
 
     def populate(self):
         admins,_ = Group.objects.get_or_create(name='admins')
-        choices = [(u.pk, u.first_name + ' ' + u.last_name + '(' + u.username + ')') for u in User.objects.all()]
+        choices = [(u.pk, u.first_name + ' ' + u.last_name + ' (' + u.username + ')') for u in User.objects.all()]
         self.fields['pk'].choices = choices
diff --git a/settings/templates/settings/settings.html b/settings/templates/settings/settings.html
index 06e86d0..9f99ea0 100644
--- a/settings/templates/settings/settings.html
+++ b/settings/templates/settings/settings.html
@@ -80,9 +80,11 @@
         <th>Nombre de catégories</th>
         <th>Numéro de téléphone</th>
         <th>Inscription</th>
+        <th>Administrateur</th>
+        <th></th>
 {% for school in schools %}
     <tr>
-		<th><a href="{{school.get_absolute_url}}">{{school.name}}</a></th>
+        <th><a href="{{school.get_absolute_url}}">{{school.name}}</a></th>
         <td>{{school.content_set.count}}</td>
         <td>{{school.number_of_categories}}</td>
         <td>{{school.phone}}</td>
@@ -99,9 +101,27 @@
             </span>
             {% endif %}
         </td>
+        <td>
+            {% if school.admin %}
+            {{school.admin.first_name}} {{school.admin.last_name}} ({{school.admin.username}})
+            {% else %}
+            Non défini
+            {% endif %}
+        </td>
+        <td>
+            <a href="{% url 'users:edit-admin' school.pk %}" class="btn btn-outline-primary btn-sm">
+                <i class="fa fa-edit"></i>
+                Définir
+            </a>
+        </td>
     </tr>
 {% endfor %}
 </table>
+<h2>Utilisateurs</h2>
+<a class="btn btn-success btn-lg" href="{% url 'users:new-user' %}">
+    <i class="fa fa-plus"></i>
+    Ajouter un utilisateur
+</a>
 <h2>Réglages</h2>
 <a class="btn btn-primary btn-sm" href="{% url 'settings:site-settings' %}">
     <i class="fas fa-edit"></i>
diff --git a/templates/nav_bar.html b/templates/nav_bar.html
index 8461033..7d1ad26 100644
--- a/templates/nav_bar.html
+++ b/templates/nav_bar.html
@@ -38,10 +38,7 @@
       	</li>
 	{% else %}
 		<li class="nav-item {% if active == 4 %}active{% endif %}">
-            <a class="nav-link" href="{% url 'users:login' %}">Connexion<span class="sr-only">(current)</span></a>
-		</li>
-        <li class="nav-item">
-            <a class="nav-link" href="{% url 'users:new-user' %}">Inscription<span class="sr-only">(current)</span></a>
+			<a class="nav-link" href="{% url 'users:login' %}">Connexion<span class="sr-only">(current)</span></a>
 		</li>
 
 	{% endif %}
diff --git a/users/forms.py b/users/forms.py
index ac12e8a..a870a6c 100644
--- a/users/forms.py
+++ b/users/forms.py
@@ -19,7 +19,17 @@ class EditName(forms.ModelForm):
 class CreateUser(forms.ModelForm):
     class Meta:
         model = User
-        fields = '__all__'
+        fields = [
+            'username',
+            'first_name',
+            'last_name',
+            'email',
+            'groups',
+            'password',
+        ]
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.fields['password'].widget = forms.PasswordInput()
 
 
 class EditPhone(forms.ModelForm):
diff --git a/users/urls.py b/users/urls.py
index 26563ae..f29190f 100644
--- a/users/urls.py
+++ b/users/urls.py
@@ -1,16 +1,43 @@
-from django.urls import path, include
+from django.urls import path
+from django.contrib.auth import views as auth_views
 from . import views
 
 app_name = 'users'
 urlpatterns = [
     path(
-        'user/new',
+        'new',
         views.create_user,
         name='new-user'
     ),
     path(
-        'user/',
-        include('django.contrib.auth.urls')
+        'login',
+        auth_views.LoginView.as_view(template_name="edit.html"),
+        name='login'
+    ),
+    path(
+        'logout',
+        auth_views.LogoutView.as_view(),
+        name='logout'
+    ),
+    path(
+        'password_change',
+        auth_views.PasswordChangeView.as_view(template_name="edit.html"),
+        name='password-change'
+    ),
+    path(
+        'password_change/done',
+        auth_views.PasswordChangeDoneView.as_view(template_name="base.html"),
+        name='password-change-done'
+    ),
+    path(
+        'reset/<uidb64>/<token>/',
+        auth_views.PasswordResetConfirmView.as_view(template_name="edit.html"),
+        name='password-reset-confirm'
+    ),
+    path(
+        'reset/done/',
+        auth_views.PasswordResetCompleteView.as_view(template_name="base.html"),
+        name='password-reset-done'
     ),
     path(
         'school/new',
@@ -47,6 +74,11 @@ urlpatterns = [
         views.edit_jury_2,
         name='edit-jury-2'
     ),
+    path(
+        'school/<int:pk>/edit_admin',
+        views.edit_admin,
+        name='edit-admin'
+    ),
     path(
         'school/<int:pk>/validate',
         views.validate,
diff --git a/users/views.py b/users/views.py
index 87f3eb5..3162735 100644
--- a/users/views.py
+++ b/users/views.py
@@ -3,6 +3,7 @@ from django.urls import reverse
 from django.shortcuts import get_object_or_404, redirect, render
 from django.contrib.admin.views.decorators import staff_member_required
 
+from settings.forms import SelectUserForm
 from content.models import Category
 
 from .models import School
@@ -29,7 +30,8 @@ def create_school(request):
     school_form = forms.CreateSchool(request.POST or None)
     if school_form.is_valid():
         s = school_form.save()
-        messages.success(request, "L'école {} a bien été créée.".format(s.name))
+        messages.success(
+            request, "L'école {} a bien été créée.".format(s.name))
         return redirect(reverse('settings:index'))
     return render(request, 'edit.html', {
         'form': school_form,
@@ -44,7 +46,7 @@ def school(request, pk):
     if not can:
         messages.error(request, 'Vous ne pouvez pas accéder à cette page')
         return redirect(reverse('home'))
-    return render(request, 'users/school.html', {'school':school})
+    return render(request, 'users/school.html', {'school': school})
 
 
 def edit_phone(request, pk):
@@ -56,7 +58,8 @@ def edit_phone(request, pk):
     school_form = forms.EditPhone(request.POST or None, instance=school)
     if school_form.is_valid():
         s = school_form.save()
-        messages.success(request, "L'école {} a bien été modifiée.".format(s.name))
+        messages.success(
+            request, "L'école {} a bien été modifiée.".format(s.name))
         return redirect(s.get_absolute_url())
     return render(request, 'edit.html', {
         'form': school_form,
@@ -74,7 +77,8 @@ def edit_logo(request, pk):
     school_form = forms.EditLogo(request.POST or None, instance=school)
     if school_form.is_valid():
         s = school_form.save()
-        messages.success(request, "L'école {} a bien été modifiée.".format(s.name))
+        messages.success(
+            request, "L'école {} a bien été modifiée.".format(s.name))
         return redirect(s.get_absolute_url())
     return render(request, 'edit.html', {
         'form': school_form,
@@ -92,7 +96,8 @@ def edit_mail(request, pk):
     user_form = forms.EditMail(request.POST or None, instance=school.admin)
     if user_form.is_valid():
         s = user_form.save()
-        messages.success(request, "L'école {} a bien été modifiée.".format(s.school.name))
+        messages.success(
+            request, "L'école {} a bien été modifiée.".format(s.school.name))
         return redirect(s.school.get_absolute_url())
     return render(request, 'edit.html', {
         'form': user_form,
@@ -110,7 +115,8 @@ def edit_jury_1(request, pk):
     school_form = forms.EditJury1(request.POST or None, instance=school)
     if school_form.is_valid():
         s = school_form.save()
-        messages.success(request, "L'école {} a bien été modifiée.".format(s.name))
+        messages.success(
+            request, "L'école {} a bien été modifiée.".format(s.name))
         return redirect(s.get_absolute_url())
     return render(request, 'edit.html', {
         'form': school_form,
@@ -128,7 +134,8 @@ def edit_jury_2(request, pk):
     school_form = forms.EditJury2(request.POST or None, instance=school)
     if school_form.is_valid():
         s = school_form.save()
-        messages.success(request, "L'école {} a bien été modifiée.".format(s.name))
+        messages.success(
+            request, "L'école {} a bien été modifiée.".format(s.name))
         return redirect(s.get_absolute_url())
     return render(request, 'edit.html', {
         'form': school_form,
@@ -146,7 +153,8 @@ def edit_name(request, pk):
     school_form = forms.EditName(request.POST or None, instance=school)
     if school_form.is_valid():
         s = school_form.save()
-        messages.success(request, "L'école {} a bien été modifiée.".format(s.name))
+        messages.success(
+            request, "L'école {} a bien été modifiée.".format(s.name))
         return redirect(s.get_absolute_url())
     return render(request, 'edit.html', {
         'form': school_form,
@@ -155,6 +163,26 @@ def edit_name(request, pk):
     })
 
 
+@staff_member_required
+def edit_admin(request, pk):
+    school = get_object_or_404(School, pk=pk)
+    user_form = SelectUserForm(request.POST or None)
+    user_form.populate()
+    if user_form.is_valid():
+        user = user_form.get_user()
+        school.admin = user
+        school.save()
+        user.save()
+        messages.success(request, user.username +
+                         ' a été nommé admin de ' + school.name)
+        return redirect(reverse('settings:index'))
+    return render(request, 'edit.html', {
+        'form': user_form,
+        'title': "Définir l'administrateur de {}".format(school.name),
+        'validate': 'Ajouter'
+    })
+
+
 def validate(request, pk):
     school = get_object_or_404(School, pk=pk)
     can = request.user.is_staff or request.user == school.admin
@@ -189,7 +217,8 @@ def validate(request, pk):
 
     for category in Category.objects.all():
         if not category.content_set.filter(school_owner=school):
-            messages.warning(request, 'Pas de contenu dans la catégorie {}.'.format(category.name))
+            messages.warning(
+                request, 'Pas de contenu dans la catégorie {}.'.format(category.name))
 
     if phone_ok and mail_ok:
         school.validated = True