8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-12-18 04:53:47 +00:00
re2o/users/views.py

1007 lines
38 KiB
Python
Raw Normal View History

2017-01-15 23:01:18 +00:00
# Re2o est un logiciel d'administration développé initiallement au rezometz. Il
# se veut agnostique au réseau considéré, de manière à être installable en
# quelques clics.
#
# Copyright © 2017 Gabriel Détraz
# Copyright © 2017 Goulven Kermarec
# Copyright © 2017 Augustin Lemesle
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
2016-06-30 18:18:06 +00:00
# App de gestion des users pour re2o
2016-11-11 20:10:10 +00:00
# Goulven Kermarec, Gabriel Détraz, Lemesle Augustin
2016-06-30 18:18:06 +00:00
# Gplv2
2017-10-14 20:10:07 +00:00
"""
Module des views.
On définit les vues pour l'ajout, l'edition des users : infos personnelles,
mot de passe, etc
Permet aussi l'ajout, edition et suppression des droits, des bannissements,
des whitelist, des services users et des écoles
"""
from __future__ import unicode_literals
2017-10-26 15:58:41 +00:00
from django.urls import reverse
from django.shortcuts import get_object_or_404, render, redirect
from django.core.paginator import Paginator, EmptyPage, PageNotAnInteger
from django.contrib import messages
2016-07-09 02:12:09 +00:00
from django.contrib.auth.decorators import login_required, permission_required
2017-10-14 20:10:07 +00:00
from django.db.models import ProtectedError
from django.db import IntegrityError
from django.utils import timezone
from django.db import transaction
from django.http import HttpResponse
from django.views.decorators.csrf import csrf_exempt
from rest_framework.renderers import JSONRenderer
2016-06-30 01:39:07 +00:00
2016-12-11 16:24:04 +00:00
from reversion.models import Version
from reversion import revisions as reversion
from users.serializers import MailSerializer
2017-10-14 20:10:07 +00:00
from users.models import User, Right, Ban, Whitelist, School, ListRight
from users.models import Request, ServiceUser, Adherent, Club
2017-10-14 20:10:07 +00:00
from users.forms import DelRightForm, BanForm, WhitelistForm, DelSchoolForm
from users.forms import DelListRightForm, NewListRightForm, FullAdherentForm
from users.forms import StateForm, FullClubForm
2017-10-14 20:10:07 +00:00
from users.forms import RightForm, SchoolForm, EditServiceUserForm
from users.forms import ServiceUserForm, ListRightForm, AdherentForm, ClubForm
from users.forms import MassArchiveForm, PassForm, ResetPasswordForm
2017-10-14 20:10:07 +00:00
from cotisations.models import Facture
from machines.models import Machine
from preferences.models import OptionalUser, GeneralOption
2016-07-01 22:35:44 +00:00
2017-10-14 20:10:07 +00:00
from re2o.views import form
from re2o.utils import all_has_access, SortTable
def password_change_action(u_form, user, request, req=False):
""" Fonction qui effectue le changeemnt de mdp bdd"""
user.set_user_password(u_form.cleaned_data['passwd1'])
with transaction.atomic(), reversion.create_revision():
user.save()
reversion.set_comment("Réinitialisation du mot de passe")
messages.success(request, "Le mot de passe a changé")
if req:
req.delete()
return redirect("/")
2017-10-26 15:58:41 +00:00
return redirect(reverse(
'users:profil',
kwargs={'userid':str(user.id)}
))
2017-10-14 20:10:07 +00:00
2016-07-08 10:35:53 +00:00
@login_required
2016-07-09 15:16:44 +00:00
@permission_required('cableur')
2016-06-30 18:18:06 +00:00
def new_user(request):
2017-10-14 20:10:07 +00:00
""" Vue de création d'un nouvel utilisateur,
envoie un mail pour le mot de passe"""
user = AdherentForm(request.POST or None)
if user.is_valid():
user = user.save(commit=False)
with transaction.atomic(), reversion.create_revision():
user.save()
reversion.set_user(request.user)
reversion.set_comment("Création")
user.reset_passwd_mail(request)
2017-10-14 20:10:07 +00:00
messages.success(request, "L'utilisateur %s a été crée, un mail\
pour l'initialisation du mot de passe a été envoyé" % user.pseudo)
2017-10-26 15:58:41 +00:00
return redirect(reverse(
'users:profil',
kwargs={'userid':str(user.id)}
))
return form({'userform': user}, 'users/user.html', request)
2017-10-14 20:10:07 +00:00
@login_required
@permission_required('cableur')
def new_club(request):
""" Vue de création d'un nouveau club,
envoie un mail pour le mot de passe"""
club = ClubForm(request.POST or None)
if club.is_valid():
club = club.save(commit=False)
with transaction.atomic(), reversion.create_revision():
club.save()
reversion.set_user(request.user)
reversion.set_comment("Création")
club.reset_passwd_mail(request)
messages.success(request, "L'utilisateur %s a été crée, un mail\
pour l'initialisation du mot de passe a été envoyé" % club.pseudo)
2017-10-26 15:58:41 +00:00
return redirect(reverse(
'users:profil',
kwargs={'userid':str(club.id)}
))
return form({'userform': club}, 'users/user.html', request)
def select_user_edit_form(request, user):
"""Fonction de choix du bon formulaire, en fonction de:
- droit
- type d'object
"""
if not request.user.has_perms(('cableur',)):
if user.is_class_adherent:
user = AdherentForm(request.POST or None, instance=user.adherent)
elif user.is_class_club:
user = ClubForm(request.POST or None, instance=user.club)
else:
if user.is_class_adherent:
user = FullAdherentForm(request.POST or None, instance=user.adherent)
elif user.is_class_club:
user = FullClubForm(request.POST or None, instance=user.club)
return user
2016-07-08 10:35:53 +00:00
@login_required
def edit_info(request, userid):
2017-10-14 20:10:07 +00:00
""" Edite un utilisateur à partir de son id,
si l'id est différent de request.user, vérifie la
possession du droit cableur """
try:
user = User.objects.get(pk=userid)
except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
if not request.user.has_perms(('cableur',)) and user != request.user:
2017-10-14 20:10:07 +00:00
messages.error(request, "Vous ne pouvez pas modifier un autre\
user que vous sans droit cableur")
2017-10-26 15:58:41 +00:00
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
user = select_user_edit_form(request, user)
if user.is_valid():
with transaction.atomic(), reversion.create_revision():
user.save()
reversion.set_user(request.user)
2017-10-14 20:10:07 +00:00
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(
field for field in user.changed_data
))
messages.success(request, "L'user a bien été modifié")
2017-10-26 15:58:41 +00:00
return redirect(reverse(
'users:profil',
kwargs={'userid':str(userid)}
))
return form({'userform': user}, 'users/user.html', request)
2017-10-14 20:10:07 +00:00
2016-07-08 10:35:53 +00:00
@login_required
2016-07-09 15:16:44 +00:00
@permission_required('bureau')
def state(request, userid):
2017-10-14 20:10:07 +00:00
""" Changer l'etat actif/desactivé/archivé d'un user,
need droit bureau """
try:
user = User.objects.get(pk=userid)
except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
state = StateForm(request.POST or None, instance=user)
if state.is_valid():
with transaction.atomic(), reversion.create_revision():
if state.cleaned_data['state'] == User.STATE_ARCHIVE:
user.archive()
elif state.cleaned_data['state'] == User.STATE_ACTIVE:
user.unarchive()
elif state.cleaned_data['state'] == User.STATE_DISABLED:
user.state = User.STATE_DISABLED
reversion.set_user(request.user)
2017-10-14 20:10:07 +00:00
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(
field for field in state.changed_data
))
user.save()
messages.success(request, "Etat changé avec succès")
2017-10-26 15:58:41 +00:00
return redirect(reverse(
'users:profil',
kwargs={'userid':str(userid)}
))
return form({'userform': state}, 'users/user.html', request)
2017-10-14 20:10:07 +00:00
2016-07-08 10:35:53 +00:00
@login_required
def password(request, userid):
2016-11-21 00:49:45 +00:00
""" Reinitialisation d'un mot de passe à partir de l'userid,
pour self par défaut, pour tous sans droit si droit cableur,
pour tous si droit bureau """
try:
user = User.objects.get(pk=userid)
except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users'))
if not request.user.has_perms(('cableur',)) and user != request.user:
2017-10-14 20:10:07 +00:00
messages.error(request, "Vous ne pouvez pas modifier un\
autre user que vous sans droit cableur")
2017-10-26 15:58:41 +00:00
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
2017-10-14 20:10:07 +00:00
if not request.user.has_perms(('bureau',)) and user != request.user\
and Right.objects.filter(user=user):
messages.error(request, "Il faut les droits bureau pour modifier le\
mot de passe d'un membre actif")
2017-10-26 15:58:41 +00:00
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
u_form = PassForm(request.POST or None)
if u_form.is_valid():
return password_change_action(u_form, user, request)
return form({'userform': u_form}, 'users/user.html', request)
2016-07-01 22:35:44 +00:00
2017-10-14 20:10:07 +00:00
2017-06-18 12:59:53 +00:00
@login_required
@permission_required('infra')
def new_serviceuser(request):
""" Vue de création d'un nouvel utilisateur service"""
user = ServiceUserForm(request.POST or None)
if user.is_valid():
user_object = user.save(commit=False)
with transaction.atomic(), reversion.create_revision():
user_object.set_password(user.cleaned_data['password'])
user_object.save()
reversion.set_user(request.user)
reversion.set_comment("Création")
2017-10-14 20:10:07 +00:00
messages.success(
request,
"L'utilisateur %s a été crée" % user_object.pseudo
)
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index-serviceusers'))
2017-06-18 12:59:53 +00:00
return form({'userform': user}, 'users/user.html', request)
2017-10-14 20:10:07 +00:00
2017-06-18 12:59:53 +00:00
@login_required
@permission_required('infra')
def edit_serviceuser(request, userid):
2017-10-14 20:10:07 +00:00
""" Edite un utilisateur à partir de son id,
si l'id est différent de request.user,
vérifie la possession du droit cableur """
2017-06-18 12:59:53 +00:00
try:
user = ServiceUser.objects.get(pk=userid)
except ServiceUser.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
2017-06-18 12:59:53 +00:00
user = EditServiceUserForm(request.POST or None, instance=user)
if user.is_valid():
user_object = user.save(commit=False)
with transaction.atomic(), reversion.create_revision():
if user.cleaned_data['password']:
user_object.set_password(user.cleaned_data['password'])
user_object.save()
reversion.set_user(request.user)
2017-10-14 20:10:07 +00:00
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(
field for field in user.changed_data
))
2017-06-18 12:59:53 +00:00
messages.success(request, "L'user a bien été modifié")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index-serviceusers'))
2017-06-18 12:59:53 +00:00
return form({'userform': user}, 'users/user.html', request)
2017-10-14 20:10:07 +00:00
2017-06-18 12:59:53 +00:00
@login_required
@permission_required('infra')
def del_serviceuser(request, userid):
2017-10-14 20:10:07 +00:00
"""Suppression d'un ou plusieurs serviceusers"""
2017-06-18 12:59:53 +00:00
try:
user = ServiceUser.objects.get(pk=userid)
except ServiceUser.DoesNotExist:
2017-10-14 20:10:07 +00:00
messages.error(request, u"Utilisateur inexistant")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
2017-06-18 12:59:53 +00:00
if request.method == "POST":
with transaction.atomic(), reversion.create_revision():
user.delete()
reversion.set_user(request.user)
messages.success(request, "L'user a été détruite")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index-serviceusers'))
2017-10-14 20:10:07 +00:00
return form(
{'objet': user, 'objet_name': 'serviceuser'},
'users/delete.html',
request
)
2017-06-18 12:59:53 +00:00
2016-07-08 10:35:53 +00:00
@login_required
2016-07-09 02:12:09 +00:00
@permission_required('bureau')
def add_right(request, userid):
2016-11-21 00:49:45 +00:00
""" Ajout d'un droit à un user, need droit bureau """
try:
user = User.objects.get(pk=userid)
except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
2016-07-02 00:07:17 +00:00
right = RightForm(request.POST or None)
if right.is_valid():
right = right.save(commit=False)
right.user = user
try:
2016-10-31 16:52:16 +00:00
with transaction.atomic(), reversion.create_revision():
reversion.set_user(request.user)
reversion.set_comment("Ajout du droit %s" % right.right)
right.save()
messages.success(request, "Droit ajouté")
except IntegrityError:
pass
2017-10-26 15:58:41 +00:00
return redirect(reverse(
'users:profil',
kwargs={'userid':str(userid)}
))
2016-07-02 00:07:17 +00:00
return form({'userform': right}, 'users/user.html', request)
2017-10-14 20:10:07 +00:00
2016-07-08 10:35:53 +00:00
@login_required
2016-07-09 02:12:09 +00:00
@permission_required('bureau')
def del_right(request):
2016-11-21 00:49:45 +00:00
""" Supprimer un droit à un user, need droit bureau """
user_right_list = dict()
for right in ListRight.objects.all():
2017-10-14 20:10:07 +00:00
user_right_list[right] = DelRightForm(right, request.POST or None)
for _keys, right_item in user_right_list.items():
if right_item.is_valid():
right_del = right_item.cleaned_data['rights']
with transaction.atomic(), reversion.create_revision():
reversion.set_user(request.user)
2017-10-14 20:10:07 +00:00
reversion.set_comment("Retrait des droit %s" % ','.join(
str(deleted_right) for deleted_right in right_del
))
right_del.delete()
messages.success(request, "Droit retiré avec succès")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
return form({'userform': user_right_list}, 'users/del_right.html', request)
2017-10-14 20:10:07 +00:00
2016-07-08 10:35:53 +00:00
@login_required
2016-07-09 15:16:44 +00:00
@permission_required('bofh')
def add_ban(request, userid):
2017-10-14 20:10:07 +00:00
""" Ajouter un banissement, nécessite au moins le droit bofh
(a fortiori bureau)
2016-11-21 00:49:45 +00:00
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement"""
try:
user = User.objects.get(pk=userid)
except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
ban_instance = Ban(user=user)
ban = BanForm(request.POST or None, instance=ban_instance)
if ban.is_valid():
with transaction.atomic(), reversion.create_revision():
2017-10-14 20:10:07 +00:00
_ban_object = ban.save()
reversion.set_user(request.user)
reversion.set_comment("Création")
messages.success(request, "Bannissement ajouté")
2017-10-26 15:58:41 +00:00
return redirect(reverse(
'users:profil',
kwargs={'userid':str(userid)}
))
if user.is_ban:
messages.error(
request,
"Attention, cet utilisateur a deja un bannissement actif"
)
return form({'userform': ban}, 'users/user.html', request)
2017-10-14 20:10:07 +00:00
2016-07-08 10:35:53 +00:00
@login_required
2016-07-09 15:16:44 +00:00
@permission_required('bofh')
def edit_ban(request, banid):
2017-10-14 20:10:07 +00:00
""" Editer un bannissement, nécessite au moins le droit bofh
(a fortiori bureau)
2016-11-21 00:49:45 +00:00
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement"""
try:
ban_instance = Ban.objects.get(pk=banid)
2016-07-04 18:04:11 +00:00
except Ban.DoesNotExist:
messages.error(request, "Entrée inexistante")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
ban = BanForm(request.POST or None, instance=ban_instance)
if ban.is_valid():
with transaction.atomic(), reversion.create_revision():
ban.save()
reversion.set_user(request.user)
2017-10-14 20:10:07 +00:00
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(
field for field in ban.changed_data
))
messages.success(request, "Bannissement modifié")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
return form({'userform': ban}, 'users/user.html', request)
2017-10-14 20:10:07 +00:00
2016-07-08 10:35:53 +00:00
@login_required
2016-07-09 15:16:44 +00:00
@permission_required('cableur')
2016-07-04 18:04:11 +00:00
def add_whitelist(request, userid):
2017-10-14 20:10:07 +00:00
""" Accorder un accès gracieux, temporaire ou permanent.
Need droit cableur
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement,
raison obligatoire"""
2016-07-04 18:04:11 +00:00
try:
user = User.objects.get(pk=userid)
except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
2016-07-04 18:04:11 +00:00
whitelist_instance = Whitelist(user=user)
2017-10-14 20:10:07 +00:00
whitelist = WhitelistForm(
request.POST or None,
instance=whitelist_instance
)
2016-07-04 18:04:11 +00:00
if whitelist.is_valid():
with transaction.atomic(), reversion.create_revision():
whitelist.save()
reversion.set_user(request.user)
reversion.set_comment("Création")
2016-07-04 18:04:11 +00:00
messages.success(request, "Accès à titre gracieux accordé")
2017-10-26 15:58:41 +00:00
return redirect(reverse(
'users:profil',
kwargs={'userid':str(userid)}
))
if user.is_whitelisted:
messages.error(
request,
"Attention, cet utilisateur a deja un accès gracieux actif"
)
2016-07-04 18:04:11 +00:00
return form({'userform': whitelist}, 'users/user.html', request)
2017-10-14 20:10:07 +00:00
2016-07-08 10:35:53 +00:00
@login_required
2016-07-09 15:16:44 +00:00
@permission_required('cableur')
2016-07-04 18:04:11 +00:00
def edit_whitelist(request, whitelistid):
2017-10-14 20:10:07 +00:00
""" Editer un accès gracieux, temporaire ou permanent.
Need droit cableur
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement,
raison obligatoire"""
2016-07-04 18:04:11 +00:00
try:
whitelist_instance = Whitelist.objects.get(pk=whitelistid)
except Whitelist.DoesNotExist:
messages.error(request, "Entrée inexistante")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
2017-10-14 20:10:07 +00:00
whitelist = WhitelistForm(
request.POST or None,
instance=whitelist_instance
)
2016-07-04 18:04:11 +00:00
if whitelist.is_valid():
with transaction.atomic(), reversion.create_revision():
whitelist.save()
reversion.set_user(request.user)
2017-10-14 20:10:07 +00:00
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(
field for field in whitelist.changed_data
))
2016-07-04 18:04:11 +00:00
messages.success(request, "Whitelist modifiée")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
2016-07-04 18:04:11 +00:00
return form({'userform': whitelist}, 'users/user.html', request)
2017-10-14 20:10:07 +00:00
2016-07-08 10:35:53 +00:00
@login_required
2016-07-09 15:16:44 +00:00
@permission_required('cableur')
2016-07-06 17:45:36 +00:00
def add_school(request):
2017-10-14 20:10:07 +00:00
""" Ajouter un établissement d'enseignement à la base de donnée,
need cableur"""
2016-07-06 17:45:36 +00:00
school = SchoolForm(request.POST or None)
if school.is_valid():
with transaction.atomic(), reversion.create_revision():
school.save()
reversion.set_user(request.user)
reversion.set_comment("Création")
2016-07-06 17:45:36 +00:00
messages.success(request, "L'établissement a été ajouté")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index-school'))
return form({'userform': school}, 'users/user.html', request)
2016-07-06 17:45:36 +00:00
2017-10-14 20:10:07 +00:00
2016-07-08 10:35:53 +00:00
@login_required
2016-07-09 15:16:44 +00:00
@permission_required('cableur')
def edit_school(request, schoolid):
2017-10-14 20:10:07 +00:00
""" Editer un établissement d'enseignement à partir du schoolid dans
la base de donnée, need cableur"""
try:
school_instance = School.objects.get(pk=schoolid)
except School.DoesNotExist:
2017-10-14 20:10:07 +00:00
messages.error(request, u"Entrée inexistante")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
school = SchoolForm(request.POST or None, instance=school_instance)
if school.is_valid():
with transaction.atomic(), reversion.create_revision():
school.save()
reversion.set_user(request.user)
2017-10-14 20:10:07 +00:00
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(
field for field in school.changed_data
))
messages.success(request, "Établissement modifié")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index-school'))
return form({'userform': school}, 'users/user.html', request)
2017-10-14 20:10:07 +00:00
2016-07-08 10:35:53 +00:00
@login_required
2016-07-09 15:16:44 +00:00
@permission_required('cableur')
2016-07-06 17:45:36 +00:00
def del_school(request):
2017-10-14 20:10:07 +00:00
""" Supprimer un établissement d'enseignement à la base de donnée,
need cableur
Objet protégé, possible seulement si aucun user n'est affecté à
l'établissement """
2016-07-06 17:45:36 +00:00
school = DelSchoolForm(request.POST or None)
if school.is_valid():
school_dels = school.cleaned_data['schools']
for school_del in school_dels:
try:
with transaction.atomic(), reversion.create_revision():
school_del.delete()
reversion.set_comment("Destruction")
2016-07-06 17:45:36 +00:00
messages.success(request, "L'établissement a été supprimé")
except ProtectedError:
messages.error(
request,
"L'établissement %s est affecté à au moins un user, \
2016-07-08 01:40:04 +00:00
vous ne pouvez pas le supprimer" % school_del)
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index-school'))
2016-07-06 17:45:36 +00:00
return form({'userform': school}, 'users/user.html', request)
2017-10-14 20:10:07 +00:00
@login_required
@permission_required('bureau')
def add_listright(request):
2016-11-21 00:49:45 +00:00
""" Ajouter un droit/groupe, nécessite droit bureau.
Obligation de fournir un gid pour la synchro ldap, unique """
listright = NewListRightForm(request.POST or None)
if listright.is_valid():
with transaction.atomic(), reversion.create_revision():
listright.save()
reversion.set_user(request.user)
reversion.set_comment("Création")
messages.success(request, "Le droit/groupe a été ajouté")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index-listright'))
return form({'userform': listright}, 'users/user.html', request)
2017-10-14 20:10:07 +00:00
@login_required
@permission_required('bureau')
def edit_listright(request, listrightid):
2017-10-14 20:10:07 +00:00
""" Editer un groupe/droit, necessite droit bureau,
à partir du listright id """
try:
listright_instance = ListRight.objects.get(pk=listrightid)
except ListRight.DoesNotExist:
2017-10-14 20:10:07 +00:00
messages.error(request, u"Entrée inexistante")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
2017-10-14 20:10:07 +00:00
listright = ListRightForm(
request.POST or None,
instance=listright_instance
)
if listright.is_valid():
with transaction.atomic(), reversion.create_revision():
listright.save()
reversion.set_user(request.user)
2017-10-14 20:10:07 +00:00
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(
field for field in listright.changed_data
))
messages.success(request, "Droit modifié")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index-listright'))
return form({'userform': listright}, 'users/user.html', request)
2017-10-14 20:10:07 +00:00
@login_required
@permission_required('bureau')
def del_listright(request):
2017-10-14 20:10:07 +00:00
""" Supprimer un ou plusieurs groupe, possible si il est vide, need droit
bureau """
listright = DelListRightForm(request.POST or None)
if listright.is_valid():
listright_dels = listright.cleaned_data['listrights']
for listright_del in listright_dels:
try:
with transaction.atomic(), reversion.create_revision():
listright_del.delete()
reversion.set_comment("Destruction")
messages.success(request, "Le droit/groupe a été supprimé")
except ProtectedError:
messages.error(
request,
"L'établissement %s est affecté à au moins un user, \
vous ne pouvez pas le supprimer" % listright_del)
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index-listright'))
return form({'userform': listright}, 'users/user.html', request)
2017-10-14 20:10:07 +00:00
@login_required
@permission_required('bureau')
def mass_archive(request):
""" Permet l'archivage massif"""
to_archive_date = MassArchiveForm(request.POST or None)
to_archive_list = []
if to_archive_date.is_valid():
date = to_archive_date.cleaned_data['date']
2017-10-14 20:10:07 +00:00
to_archive_list = [user for user in
User.objects.exclude(state=User.STATE_ARCHIVE)
if not user.end_access()
or user.end_access() < date]
if "valider" in request.POST:
for user in to_archive_list:
with transaction.atomic(), reversion.create_revision():
user.archive()
user.save()
reversion.set_user(request.user)
reversion.set_comment("Archivage")
2017-10-14 20:10:07 +00:00
messages.success(request, "%s users ont été archivés" % len(
to_archive_list
))
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
2017-10-14 20:10:07 +00:00
return form(
{'userform': to_archive_date, 'to_archive_list': to_archive_list},
'users/mass_archive.html',
request
)
2016-07-08 10:35:53 +00:00
@login_required
@permission_required('cableur')
2016-07-01 22:35:44 +00:00
def index(request):
""" Affiche l'ensemble des adherents, need droit cableur """
2017-10-14 20:10:07 +00:00
options, _created = GeneralOption.objects.get_or_create()
pagination_number = options.pagination_number
users_list = Adherent.objects.select_related('room')
users_list = SortTable.sort(
users_list,
request.GET.get('col'),
request.GET.get('order'),
SortTable.USERS_INDEX
)
paginator = Paginator(users_list, pagination_number)
page = request.GET.get('page')
try:
users_list = paginator.page(page)
except PageNotAnInteger:
# If page is not an integer, deliver first page.
users_list = paginator.page(1)
except EmptyPage:
# If page is out of range (e.g. 9999), deliver last page of results.
users_list = paginator.page(paginator.num_pages)
return render(request, 'users/index.html', {'users_list': users_list})
2016-07-03 16:09:58 +00:00
2017-10-14 20:10:07 +00:00
@login_required
@permission_required('cableur')
def index_clubs(request):
""" Affiche l'ensemble des clubs, need droit cableur """
options, _created = GeneralOption.objects.get_or_create()
pagination_number = options.pagination_number
clubs_list = Club.objects.select_related('room')
clubs_list = SortTable.sort(
clubs_list,
request.GET.get('col'),
request.GET.get('order'),
SortTable.USERS_INDEX
)
paginator = Paginator(clubs_list, pagination_number)
page = request.GET.get('page')
try:
clubs_list = paginator.page(page)
except PageNotAnInteger:
# If page is not an integer, deliver first page.
clubs_list = paginator.page(1)
except EmptyPage:
# If page is out of range (e.g. 9999), deliver last page of results.
clubs_list = paginator.page(paginator.num_pages)
return render(request, 'users/index_clubs.html', {'clubs_list': clubs_list})
2016-07-08 10:35:53 +00:00
@login_required
2016-07-09 15:16:44 +00:00
@permission_required('cableur')
def index_ban(request):
2016-11-21 00:49:45 +00:00
""" Affiche l'ensemble des ban, need droit cableur """
2017-10-14 20:10:07 +00:00
options, _created = GeneralOption.objects.get_or_create()
pagination_number = options.pagination_number
ban_list = Ban.objects.select_related('user')
ban_list = SortTable.sort(
ban_list,
request.GET.get('col'),
request.GET.get('order'),
SortTable.USERS_INDEX_BAN
)
paginator = Paginator(ban_list, pagination_number)
page = request.GET.get('page')
try:
ban_list = paginator.page(page)
except PageNotAnInteger:
# If page isn't an integer, deliver first page
ban_list = paginator.page(1)
except EmptyPage:
2017-10-14 20:10:07 +00:00
# If page is out of range (e.g. 9999), deliver last page of results.
ban_list = paginator.page(paginator.num_pages)
return render(request, 'users/index_ban.html', {'ban_list': ban_list})
2017-10-14 20:10:07 +00:00
2016-07-08 10:35:53 +00:00
@login_required
2016-07-09 15:16:44 +00:00
@permission_required('cableur')
def index_white(request):
2016-11-21 00:49:45 +00:00
""" Affiche l'ensemble des whitelist, need droit cableur """
2017-10-14 20:10:07 +00:00
options, _created = GeneralOption.objects.get_or_create()
2017-09-19 02:45:33 +00:00
pagination_number = options.pagination_number
white_list = Whitelist.objects.select_related('user')
white_list = SortTable.sort(
white_list,
request.GET.get('col'),
request.GET.get('order'),
SortTable.USERS_INDEX_BAN
)
2017-09-19 02:45:33 +00:00
paginator = Paginator(white_list, pagination_number)
page = request.GET.get('page')
try:
white_list = paginator.page(page)
except PageNotAnInteger:
# If page isn't an integer, deliver first page
white_list = paginator.page(1)
except EmptyPage:
2017-10-14 20:10:07 +00:00
# If page is out of range (e.g. 9999), deliver last page of results.
white_list = paginator.page(paginator.num_pages)
return render(
request,
'users/index_whitelist.html',
{'white_list': white_list}
)
2017-10-14 20:10:07 +00:00
2016-07-08 10:35:53 +00:00
@login_required
2016-07-09 15:16:44 +00:00
@permission_required('cableur')
def index_school(request):
2016-11-21 00:49:45 +00:00
""" Affiche l'ensemble des établissement, need droit cableur """
school_list = School.objects.order_by('name')
2017-10-14 20:10:07 +00:00
return render(
request,
'users/index_schools.html',
{'school_list': school_list}
)
@login_required
@permission_required('cableur')
def index_listright(request):
2016-11-21 00:49:45 +00:00
""" Affiche l'ensemble des droits , need droit cableur """
listright_list = ListRight.objects.order_by('listright')
2017-10-14 20:10:07 +00:00
return render(
request,
'users/index_listright.html',
{'listright_list': listright_list}
)
2017-06-18 12:59:53 +00:00
@login_required
@permission_required('cableur')
def index_serviceusers(request):
""" Affiche les users de services (pour les accès ldap)"""
serviceusers_list = ServiceUser.objects.order_by('pseudo')
2017-10-14 20:10:07 +00:00
return render(
request,
'users/index_serviceusers.html',
{'serviceusers_list': serviceusers_list}
)
2017-06-18 12:59:53 +00:00
@login_required
2017-10-14 20:10:07 +00:00
def history(request, object_name, object_id):
2016-11-21 00:49:45 +00:00
""" Affichage de l'historique : (acl, argument)
user : self or cableur, userid,
ban : self or cableur, banid,
whitelist : self or cableur, whitelistid,
school : cableur, schoolid,
listright : cableur, listrightid """
2017-10-14 20:10:07 +00:00
if object_name == 'user':
try:
2017-10-14 20:10:07 +00:00
object_instance = User.objects.get(pk=object_id)
except User.DoesNotExist:
2017-10-14 20:10:07 +00:00
messages.error(request, "Utilisateur inexistant")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
2017-10-14 20:10:07 +00:00
if not request.user.has_perms(('cableur',)) and\
object_instance != request.user:
messages.error(request, "Vous ne pouvez pas afficher\
l'historique d'un autre user que vous sans droit cableur")
2017-10-26 15:58:41 +00:00
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
2017-10-14 20:10:07 +00:00
elif object_name == 'serviceuser' and request.user.has_perms(('cableur',)):
2017-06-18 12:59:53 +00:00
try:
2017-10-14 20:10:07 +00:00
object_instance = ServiceUser.objects.get(pk=object_id)
2017-06-18 12:59:53 +00:00
except ServiceUser.DoesNotExist:
2017-10-14 20:10:07 +00:00
messages.error(request, "User service inexistant")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
2017-10-14 20:10:07 +00:00
elif object_name == 'ban':
try:
2017-10-14 20:10:07 +00:00
object_instance = Ban.objects.get(pk=object_id)
except Ban.DoesNotExist:
2017-10-14 20:10:07 +00:00
messages.error(request, "Bannissement inexistant")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
2017-10-14 20:10:07 +00:00
if not request.user.has_perms(('cableur',)) and\
object_instance.user != request.user:
messages.error(request, "Vous ne pouvez pas afficher les bans\
d'un autre user que vous sans droit cableur")
2017-10-26 15:58:41 +00:00
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
2017-10-14 20:10:07 +00:00
elif object_name == 'whitelist':
try:
2017-10-14 20:10:07 +00:00
object_instance = Whitelist.objects.get(pk=object_id)
except Whitelist.DoesNotExist:
messages.error(request, "Whitelist inexistant")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
2017-10-14 20:10:07 +00:00
if not request.user.has_perms(('cableur',)) and\
object_instance.user != request.user:
messages.error(request, "Vous ne pouvez pas afficher les\
whitelist d'un autre user que vous sans droit cableur")
2017-10-26 15:58:41 +00:00
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
2017-10-14 20:10:07 +00:00
elif object_name == 'school' and request.user.has_perms(('cableur',)):
try:
2017-10-14 20:10:07 +00:00
object_instance = School.objects.get(pk=object_id)
except School.DoesNotExist:
2017-10-14 20:10:07 +00:00
messages.error(request, "Ecole inexistante")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
2017-10-14 20:10:07 +00:00
elif object_name == 'listright' and request.user.has_perms(('cableur',)):
try:
2017-10-14 20:10:07 +00:00
object_instance = ListRight.objects.get(pk=object_id)
except ListRight.DoesNotExist:
2017-10-14 20:10:07 +00:00
messages.error(request, "Droit inexistant")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
else:
messages.error(request, "Objet inconnu")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
2017-10-14 20:10:07 +00:00
options, _created = GeneralOption.objects.get_or_create()
pagination_number = options.pagination_number
2016-12-11 16:24:04 +00:00
reversions = Version.objects.get_for_object(object_instance)
paginator = Paginator(reversions, pagination_number)
2016-07-27 01:36:28 +00:00
page = request.GET.get('page')
try:
reversions = paginator.page(page)
except PageNotAnInteger:
# If page is not an integer, deliver first page.
reversions = paginator.page(1)
except EmptyPage:
# If page is out of range (e.g. 9999), deliver last page of results.
reversions = paginator.page(paginator.num_pages)
2017-10-14 20:10:07 +00:00
return render(
request,
're2o/history.html',
{'reversions': reversions, 'object': object_instance}
)
@login_required
def mon_profil(request):
2016-11-21 00:49:45 +00:00
""" Lien vers profil, renvoie request.id à la fonction """
2017-10-26 15:58:41 +00:00
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
2017-10-14 20:10:07 +00:00
2016-07-08 10:35:53 +00:00
@login_required
def profil(request, userid):
2016-11-21 00:49:45 +00:00
""" Affiche un profil, self or cableur, prend un userid en argument """
try:
users = User.objects.get(pk=userid)
except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
2017-10-26 15:58:41 +00:00
return redirect(reverse('users:index'))
if not request.user.has_perms(('cableur',)) and users != request.user:
2017-10-14 20:10:07 +00:00
messages.error(request, "Vous ne pouvez pas afficher un autre user\
que vous sans droit cableur")
2017-10-26 15:58:41 +00:00
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
2017-10-14 20:10:07 +00:00
machines = Machine.objects.filter(user=users).select_related('user')\
.prefetch_related('interface_set__domain__extension')\
.prefetch_related('interface_set__ipv4__ip_type__extension')\
.prefetch_related('interface_set__type')\
.prefetch_related('interface_set__domain__related_domain__extension')
machines = SortTable.sort(
machines,
request.GET.get('col'),
request.GET.get('order'),
SortTable.MACHINES_INDEX
)
2017-10-10 23:02:50 +00:00
factures = Facture.objects.filter(user=users)
factures = SortTable.sort(
factures,
request.GET.get('col'),
request.GET.get('order'),
SortTable.COTISATIONS_INDEX
)
2017-10-10 23:02:50 +00:00
bans = Ban.objects.filter(user=users)
bans = SortTable.sort(
bans,
request.GET.get('col'),
request.GET.get('order'),
SortTable.USERS_INDEX_BAN
)
2017-10-10 23:02:50 +00:00
whitelists = Whitelist.objects.filter(user=users)
whitelists = SortTable.sort(
whitelists,
request.GET.get('col'),
request.GET.get('order'),
SortTable.USERS_INDEX_WHITE
)
list_droits = Right.objects.filter(user=users)
2017-10-14 20:10:07 +00:00
options, _created = OptionalUser.objects.get_or_create()
2017-06-26 17:23:01 +00:00
user_solde = options.user_solde
return render(
request,
'users/profil.html',
{
'user': users,
'machines_list': machines,
'facture_list': factures,
'ban_list': bans,
'white_list': whitelists,
2016-07-09 15:16:44 +00:00
'list_droits': list_droits,
2017-06-26 17:23:01 +00:00
'user_solde': user_solde,
2016-07-08 01:40:04 +00:00
}
)
2016-07-03 16:09:58 +00:00
2017-10-14 20:10:07 +00:00
2016-07-20 10:06:33 +00:00
def reset_password(request):
2016-11-21 00:49:45 +00:00
""" Reintialisation du mot de passe si mdp oublié """
2016-07-20 10:06:33 +00:00
userform = ResetPasswordForm(request.POST or None)
if userform.is_valid():
try:
2017-10-14 20:10:07 +00:00
user = User.objects.get(
pseudo=userform.cleaned_data['pseudo'],
email=userform.cleaned_data['email']
)
2016-07-20 10:06:33 +00:00
except User.DoesNotExist:
messages.error(request, "Cet utilisateur n'existe pas")
return form({'userform': userform}, 'users/user.html', request)
user.reset_passwd_mail(request)
2017-10-14 20:10:07 +00:00
messages.success(request, "Un mail pour l'initialisation du mot\
de passe a été envoyé")
redirect("/")
2016-07-20 10:06:33 +00:00
return form({'userform': userform}, 'users/user.html', request)
2017-10-14 20:10:07 +00:00
def process(request, token):
2017-10-14 20:10:07 +00:00
"""Process, lien pour la reinitialisation du mot de passe"""
valid_reqs = Request.objects.filter(expires_at__gt=timezone.now())
req = get_object_or_404(valid_reqs, token=token)
if req.type == Request.PASSWD:
return process_passwd(request, req)
else:
2016-07-20 10:06:33 +00:00
messages.error(request, "Entrée incorrecte, contactez un admin")
redirect("/")
2017-10-14 20:10:07 +00:00
def process_passwd(request, req):
2017-10-14 20:10:07 +00:00
"""Process le changeemnt de mot de passe, renvoie le formulaire
demandant le nouveau password"""
u_form = PassForm(request.POST or None)
user = req.user
if u_form.is_valid():
return password_change_action(u_form, user, request, req=req)
return form({'userform': u_form}, 'users/user.html', request)
2017-10-14 20:10:07 +00:00
class JSONResponse(HttpResponse):
2017-10-14 20:10:07 +00:00
""" Framework Rest """
def __init__(self, data, **kwargs):
content = JSONRenderer().render(data)
kwargs['content_type'] = 'application/json'
super(JSONResponse, self).__init__(content, **kwargs)
2017-10-14 20:10:07 +00:00
@csrf_exempt
@login_required
@permission_required('serveur')
def mailing(request):
2017-10-04 15:53:30 +00:00
""" Fonction de serialisation des addresses mail de tous les users
Pour generation de ml all users"""
2017-09-15 00:44:50 +00:00
mails = all_has_access().values('email').distinct()
seria = MailSerializer(mails, many=True)
return JSONResponse(seria.data)