Beispiel #1
0
def usergroup_edit(name, group):
    space = ProposalSpace.query.filter_by(name=name).first_or_404()
    form = UserGroupForm()
    if group is not None:
        usergroup = UserGroup.query.filter_by(name=group, proposal_space=space).first_or_404()
        if request.method == 'GET':
            form.name.data = usergroup.name
            form.title.data = usergroup.title
            form.users.data = '\r\n'.join([u.email or u.username or '' for u in usergroup.users])
    if form.validate_on_submit():
        if group is None:
            usergroup = UserGroup(proposal_space=space)
        usergroup.name = form.name.data
        usergroup.title = form.title.data
        formdata = [line.strip() for line in
            form.users.data.replace('\r', '\n').replace(',', '\n').split('\n') if line]
        usersdata = lastuser.getusers(names=formdata)
        users = []
        for userdata in usersdata:
            user = User.query.filter_by(userid=userdata['userid']).first()
            if user is None:
                user = User(userid=userdata['userid'], username=userdata['name'], fullname=userdata['title'])
                db.session.add(user)
            users.append(user)
        usergroup.users = users
        db.session.commit()
        return redirect(url_for('usergroup_view', name=space.name, group=usergroup.name), code=303)
    if group is None:
        return render_template('autoform.html', form=form, title="New user group", submit="Create")
    else:
        return render_template('autoform.html', form=form, title="Edit user group", submit="Save")
Beispiel #2
0
def group_add(request):        
    if request.method == 'POST':
        form = UserGroupForm(request.POST)
        message = None
        if form.is_valid():
            try:
                if form.data['name'] == 'admin':
                    message = _("Admin is a reserved group")
                    raise Exception
                
                if _valid_name_regex.search(form.data['name']) == None:
                    message = _("Invalid user group name: '{value}'. Identifiers must begin with a letter or an underscore (_). Subsequent characters can be letters, underscores or numbers").format(value=form.data['name'])
                    raise Exception
            
                group = UserGroup(
                    name = form.data['name'],
                    description = form.data['description']
                )
                group.save()
                    
                core_services.ldap_add_group(group)
                core_services.add_data_directory(group)                               
                          
                return redirect('group_list')
            
            except Exception as e:
                print str(e)
                return render_to_response('group_add.html', {'form': form, 'message': message}, context_instance=RequestContext(request))
                
        else:
            return render_to_response('group_add.html', {'form': form}, context_instance=RequestContext(request))
        
    else:
        form = UserGroupForm()
        return render_to_response('group_add.html', {'form': form}, context_instance=RequestContext(request))
Beispiel #3
0
 def post(self):
     form = UserGroupForm(data=request.get_json())
     if not form.validate():
         abort(400)
     group = UserGroup(**form.data)
     db.session.add(group)
     db.session.commit()
     response = jsonify(**group.to_dict())
     response.status_code = 201
     response.headers.add("Location", f"groups/{group.id}")
     return response
Beispiel #4
0
 def put(self, group_id):
     group = UserGroup.query.filter_by(id=int(group_id)).first()
     if not group:
         abort(404)
     form = UserGroupForm(data=request.get_json())
     if not form.validate():
         abort(400)
     columns_keys = UserGroup.__table__.columns.keys()
     for field in columns_keys:
         if field in form.data:
             setattr(group, field, form.data[field])
     db.session.commit()
     response = jsonify(group.to_dict())
     response.status_code = 200
     return response
Beispiel #5
0
def usergroup_edit(name, group):
    space = ProposalSpace.query.filter_by(name=name).first_or_404()
    form = UserGroupForm()
    if group is not None:
        usergroup = UserGroup.query.filter_by(
            name=group, proposal_space=space).first_or_404()
        if request.method == 'GET':
            form.name.data = usergroup.name
            form.title.data = usergroup.title
            form.users.data = '\r\n'.join(
                [u.email or u.username or '' for u in usergroup.users])
    if form.validate_on_submit():
        if group is None:
            usergroup = UserGroup(proposal_space=space)
        usergroup.name = form.name.data
        usergroup.title = form.title.data
        formdata = [
            line.strip() for line in form.users.data.replace(
                '\r', '\n').replace(',', '\n').split('\n') if line
        ]
        usersdata = lastuser.getusers(names=formdata)
        users = []
        for userdata in usersdata:
            user = User.query.filter_by(userid=userdata['userid']).first()
            if user is None:
                user = User(userid=userdata['userid'],
                            username=userdata['name'],
                            fullname=userdata['title'])
                db.session.add(user)
            users.append(user)
        usergroup.users = users
        db.session.commit()
        return redirect(url_for('usergroup_view',
                                name=space.name,
                                group=usergroup.name),
                        code=303)
    if group is None:
        return render_template('autoform.html',
                               form=form,
                               title="New user group",
                               submit="Create")
    else:
        return render_template('autoform.html',
                               form=form,
                               title="Edit user group",
                               submit="Save")
Beispiel #6
0
def vet_user(request, user_id):
    user = User.objects.get(pk=user_id)
    try:
        rating = OrganisationalRating.objects.get(user=user)
    except OrganisationalRating.DoesNotExist:
        rating = None
    msg = ''
    if request.method == 'POST':
        form = VettingForm(request.POST, instance=rating)
        group_form = UserGroupForm(request.POST, instance=user)
        msg = None
        if form.is_valid() and group_form.is_valid():
            if not rating:
                rating = form.save(commit=False)
                rating.user_id = user.id
                rating.save()
            else:
                form.save()
            group_form.save()
            user.save()
            typeuser = ContentType.objects.filter(name='user').all()[0]
            log = LogEntry(user_id=request.user.id,
                           content_type=typeuser,
                           object_id=user.id,
                           object_repr=user.username,
                           action_flag=2,
                           change_message="vetted")
            log.save()
            msg = 'User updated'
    else:
        form = VettingForm(instance=rating)
        group_form = UserGroupForm(instance=user)
    email_verified = EmailAddress.objects.filter(user=user, verified=True).exists()
    ctx = {
        'email_verified': email_verified,
        'original': user,
        'user': user,
        'form': form,
        'group_form': group_form,
        'msg': msg,
        'vetted': user.is_active
    }
    return render_to_response('admin/auth/user/vet_user.html', ctx, context_instance=RequestContext(request))
Beispiel #7
0
def usergroup_add(request):
    """View for adding new user group"""

    if request.method == 'POST':
        form = UserGroupForm(request.POST)
        if form.is_valid():    
            username = request.user.username
            groupname = form.cleaned_data['groupname']

            group = LdapUserGroup(name=groupname, owner=username, members=[])
            
            try:
                group.save()            
            except ldap.ALREADY_EXISTS:
                return usergroups(request, err={'err': 'usergroup_exist'})
                
            return usergroups(request, usergroup_modification={'groupname': groupname, 'modification': 'add'})
    else:
        form = UserGroupForm()

    return render_to_response('group_add.html',  {'form': form,}, context_instance=RequestContext(request))
Beispiel #8
0
def vet_user(request, user_id):
    user = User.objects.get(pk=user_id)
    try:
        rating = OrganisationalRating.objects.get(user=user)
    except OrganisationalRating.DoesNotExist:
        rating = None
    msg = ''
    if request.method == 'POST':
        form = VettingForm(request.POST, instance=rating)
        group_form = UserGroupForm(request.POST, instance=user)
        msg = None
        if form.is_valid() and group_form.is_valid():
            if not rating:
                rating = form.save(commit=False)
                rating.user_id = user.id
                rating.save()
            else:
                form.save()
            group_form.save()
            user.save()
            typeuser = ContentType.objects.filter(name='user').all()[0]
            log = LogEntry(user_id=request.user.id,
                           content_type=typeuser,
                           object_id=user.id,
                           object_repr=user.username,
                           action_flag=2,
                           change_message="vetted")
            log.save()
            msg = 'User updated'
    else:
        form = VettingForm(instance=rating)
        group_form = UserGroupForm(instance=user)
    email_verified = EmailAddress.objects.filter(user=user,
                                                 verified=True).exists()
    ctx = {
        'email_verified': email_verified,
        'original': user,
        'user': user,
        'form': form,
        'group_form': group_form,
        'msg': msg,
        'vetted': user.is_active
    }
    return render_to_response('admin/auth/user/vet_user.html',
                              ctx,
                              context_instance=RequestContext(request))