def destroy(self, request, *args, **kwargs):
obj = self.get_object_or_none()
self.check_permissions(request, 'destroy', obj)
signals.post_delete.disconnect(
sender=UserStory,
dispatch_uid="user_story_update_project_colors_on_delete")
signals.post_delete.disconnect(
sender=Issue, dispatch_uid="issue_update_project_colors_on_delete")
signals.post_delete.disconnect(
sender=Task,
dispatch_uid="tasks_milestone_close_handler_on_delete")
signals.post_delete.disconnect(
sender=Task, dispatch_uid="tasks_us_close_handler_on_delete")
signals.post_delete.disconnect(
sender=Task, dispatch_uid="task_update_project_colors_on_delete")
signals.post_delete.disconnect(dispatch_uid="refprojdel")
signals.post_delete.disconnect(
dispatch_uid='update_watchers_on_membership_post_delete')
obj.tasks.all().delete()
obj.user_stories.all().delete()
obj.issues.all().delete()
obj.memberships.all().delete()
obj.roles.all().delete()
if obj is None:
raise Http404
self.pre_delete(obj)
self.pre_conditions_on_delete(obj)
obj.delete()
self.post_delete(obj)
return response.NoContent()
def change_email(self, request, pk=None):
"""
Verify the email change to current logged user.
"""
validator = validators.ChangeEmailValidator(data=request.DATA, many=False)
if not validator.is_valid():
return response.BadRequest(validator.errors)
try:
user = models.User.objects.get(email_token=validator.data["email_token"])
except models.User.DoesNotExist:
raise exc.WrongArguments(_("Invalid, are you sure the token is correct and you "
"didn't use it before?"))
self.check_permissions(request, "change_email", user)
old_email = user.email
new_email = user.new_email
user.email = new_email
user.new_email = None
user.email_token = None
user.verified_email = True
user.save(update_fields=["email", "new_email", "email_token", "verified_email"])
user_change_email_signal.send(sender=user.__class__,
user=user,
old_email=old_email,
new_email=new_email)
return response.NoContent()
def change_email(self, request, pk=None):
"""
Verify the email change to current logged user.
"""
serializer = serializers.ChangeEmailSerializer(data=request.DATA,
many=False)
if not serializer.is_valid():
raise exc.WrongArguments(
_("Invalid, are you sure the token is correct and you "
"didn't use it before?"))
try:
user = models.User.objects.get(
email_token=serializer.data["email_token"])
except models.User.DoesNotExist:
raise exc.WrongArguments(
_("Invalid, are you sure the token is correct and you "
"didn't use it before?"))
self.check_permissions(request, "change_email", user)
user.email = user.new_email
user.new_email = None
user.email_token = None
user.save(update_fields=["email", "new_email", "email_token"])
return response.NoContent()
def delete_notifications(self, request, **kwargs):
notifications_ids = request.DATA.get("notifications_ids")
for notification_id in notifications_ids:
notification = Notification.objects.filter(
id=notification_id).first()
notification.delete()
return response.NoContent()
def change_password(self, request, pk=None):
"""
Change password to current logged user.
"""
self.check_permissions(request, "change_password", None)
current_password = request.DATA.get("current_password")
password = request.DATA.get("password")
# NOTE: GitHub users have no password yet (request.user.passwor == '') so
# current_password can be None
if not current_password and request.user.password:
raise exc.WrongArguments(_("Current password parameter needed"))
if not password:
raise exc.WrongArguments(_("New password parameter needed"))
if len(password) < 6:
raise exc.WrongArguments(
_("Invalid password length at least 6 charaters needed"))
if current_password and not request.user.check_password(
current_password):
raise exc.WrongArguments(_("Invalid current password"))
request.user.set_password(password)
request.user.save(update_fields=["password"])
return response.NoContent()
def _bulk_update_order(self, order_field, request, **kwargs):
serializer = serializers.UpdateUserStoriesOrderBulkSerializer(
data=request.DATA)
if not serializer.is_valid():
return response.BadRequest(serializer.errors)
data = serializer.data
project = get_object_or_404(Project, pk=data["project_id"])
self.check_permissions(request, "bulk_update_order", project)
services.update_userstories_order_in_bulk(data["bulk_stories"],
project=project,
field=order_field)
services.snapshot_userstories_in_bulk(data["bulk_stories"],
request.user)
if order_field == "sprint_order":
# NOTE: This is useful according to issue #2851 to update sprints column in the
# browser client when move USs from the backlog to an sprint or between sprints.
has_closed_milestones = project.milestones.filter(
closed=True).exists()
self.headers[
"Taiga-Info-Has-Closed-Milestones"] = has_closed_milestones
return response.NoContent()
def resend_invitation(self, request, **kwargs):
invitation = self.get_object()
self.check_permissions(request, 'resend_invitation', invitation.project)
services.send_invitation(invitation=invitation)
return response.NoContent()
def cancel(self, request, pk=None):
"""
Cancel an account via token
"""
serializer = serializers.CancelAccountSerializer(data=request.DATA,
many=False)
if not serializer.is_valid():
raise exc.WrongArguments(
_("Invalid, are you sure the token is correct?"))
try:
max_age_cancel_account = getattr(settings,
"MAX_AGE_CANCEL_ACCOUNT", None)
user = get_user_for_token(serializer.data["cancel_token"],
"cancel_account",
max_age=max_age_cancel_account)
except exc.NotAuthenticated:
raise exc.WrongArguments(
_("Invalid, are you sure the token is correct?"))
if not user.is_active:
raise exc.WrongArguments(
_("Invalid, are you sure the token is correct?"))
user.cancel()
return response.NoContent()
def test(self, request, pk=None):
slackhook = self.get_object()
self.check_permissions(request, 'test', slackhook)
tasks.test_slackhook(slackhook.url, slackhook.channel)
return response.NoContent()
def test(self, request, pk=None):
letschathook = self.get_object()
self.check_permissions(request, 'test', letschathook)
tasks.test_letschathook(letschathook.url, letschathook.token)
return response.NoContent()
def test(self, request, pk=None):
hipchathook = self.get_object()
self.check_permissions(request, 'test', hipchathook)
tasks.test_hipchathook(hipchathook.url)
return response.NoContent()
def remove_user_from_all_my_projects(self, request, **kwargs):
private_only = request.DATA.get('private_only', False)
user_id = request.DATA.get('user', None)
if user_id is None:
raise exc.WrongArguments(_("Invalid user id"))
user_model = apps.get_model("users", "User")
try:
user = user_model.objects.get(id=user_id)
except user_model.DoesNotExist:
return response.BadRequest(_("The user doesn't exist"))
memberships = models.Membership.objects.filter(
project__owner=request.user, user=user)
if private_only:
memberships = memberships.filter(project__is_private=True)
errors = []
for membership in memberships:
if not services.can_user_leave_project(user, membership.project):
errors.append(membership.project.name)
if len(errors) > 0:
error = _(
"This user can't be removed from the following projects, because that would "
"leave them without any active admin: {}.".format(
", ".join(errors)))
return response.BadRequest(error)
memberships.delete()
return response.NoContent()
def move_userstories_to_sprint(self, request, pk=None, **kwargs):
milestone = get_object_or_error(models.Milestone, request.user, pk=pk)
self.check_permissions(request, "move_related_items", milestone)
validator = validators.UpdateMilestoneBulkValidator(data=request.DATA)
if not validator.is_valid():
return response.BadRequest(validator.errors)
data = validator.data
project = get_object_or_error(Project,
request.user,
pk=data["project_id"])
milestone_result = get_object_or_error(models.Milestone,
request.user,
pk=data["milestone_id"])
if data["bulk_stories"]:
self.check_permissions(request, "move_uss_to_sprint", project)
services.update_userstories_milestone_in_bulk(
data["bulk_stories"], milestone_result)
services.snapshot_userstories_in_bulk(data["bulk_stories"],
request.user)
return response.NoContent()
def delete(self, request, pk):
self.check_permissions(request, "delete", None)
try:
feedback = models.FeedbackEntry.objects.get(id=pk)
except Exception as e:
return response.BadRequest(_("The feedback id doesn't exist"))
feedback.delete()
return response.NoContent()
def refresh_push_id(self, request, **kwargs):
from taiga.users.models import User
new_push_id = request.DATA.get("push_id")
user = User.objects.filter(id=request.user.id).first()
user.push_id = new_push_id
user.save()
return response.NoContent()
def destroy(self, request, pk=None):
user = self.get_object()
self.check_permissions(request, "destroy", user)
stream = request.stream
request_data = stream is not None and stream.GET or None
user_cancel_account_signal.send(sender=user.__class__, user=user, request_data=request_data)
user.cancel()
return response.NoContent()
def resend_invitation(self, request, **kwargs):
invitation = self.get_object()
self.check_permissions(request, "resend_invitation",
invitation.project)
self.pre_conditions_on_save(invitation)
services.send_invitation(invitation=invitation)
return response.NoContent()
def change_is_agent(self, request):
try:
user = models.User.objects.get(id=request.DATA.get("id"))
except models.User.DoesNotExist:
raise exc.WrongArguments("Invalid, cannot find the user with given id")
user.is_agent = request.DATA.get("is_agent")
user.save(update_fields=["is_agent"])
return response.NoContent()
def bulk_update_order(self, request, **kwargs):
if self.request.user.is_anonymous():
return response.Unauthorized()
validator = validators.UpdateProjectOrderBulkValidator(data=request.DATA, many=True)
if not validator.is_valid():
return response.BadRequest(validator.errors)
data = validator.data
services.update_projects_order_in_bulk(data, "user_order", request.user)
return response.NoContent(data=None)
def create(self, request, *args, **kwargs):
projects = models.Project.objects.filter(owner=request.user,
is_private=True)
for project in projects:
services.orphan_project(project)
if settings.CELERY_ENABLED:
services.delete_projects.delay(projects)
else:
services.delete_projects(projects)
return response.NoContent()
def destroy(self, request, *args, **kwargs):
obj = self.get_object_or_none()
self.check_permissions(request, 'destroy', obj)
if obj is None:
raise Http404
self.pre_delete(obj)
self.pre_conditions_on_delete(obj)
obj.delete()
self.post_delete(obj)
return response.NoContent()
def modules(self, request, pk=None):
project = self.get_object()
self.check_permissions(request, 'modules', project)
modules_config = services.get_modules_config(project)
if request.method == "GET":
return response.Ok(modules_config.config)
else:
modules_config.config.update(request.DATA)
modules_config.save()
return response.NoContent()
def change_facebookinfo(self, request):
user = models.User.objects.get(id=request.DATA.get("id"))
facebookid = request.DATA.get("photo")
#create folder facebook if not exist
filepath = os.path.join(settings.MEDIA_ROOT,'user','facebook',facebookid)
#filepath = settings.MEDIA_ROOT + "user/facebook/" + facebookid
if not os.path.isdir(filepath):
os.makedirs(filepath)
filename_photo_download = filepath + "/photo_download"
filename_photo = filepath + "/photo"
facebookurl = "http://graph.facebook.com/" + facebookid + "/picture?width=9999"
try:
#urlretrieve("http://graph.facebook.com/100010961041067/picture", filename)
urlretrieve(facebookurl, filename_photo_download)
if not os.path.exists(filename_photo):
shutil.copy2(filename_photo_download,filename_photo)
else :
if not os.path.getsize(filename_photo_download) == os.path.getsize(filename_photo):
filenames_blob = filepath + "/*_crop.*"
files_removed = glob.glob(filenames_blob)
for f in files_removed:
os.remove(f)
avatar = "user/facebook/" + facebookid + "/photo"
user.photo = avatar
# user.full_name = request.DATA.get("full_name")
user.save(update_fields=["photo","full_name"])
except Exception as e:
# raise exc.WrongArguments(_(e))
raise e
# facebookid = '100010961041067'
# url = "http://graph.facebook.com/%s/picture?type=large" % facebookid
#try:
# response = request('GET', url, params={'type': 'large'})
#except Exception:
raise exc.WrongArguments(_("Invalid image format"))
#else:
#make sure we have crop images
user_data = self.admin_serializer_class(user)
return response.NoContent()
def remove_invitation_from_all_my_projects(self, request, **kwargs):
private_only = request.DATA.get('private_only', False)
email = request.DATA.get('email', None)
if email is None:
raise exc.WrongArguments(_("Email is required"))
memberships = models.Membership.objects.filter(
project__owner=request.user, email=email, user__isnull=True)
if private_only:
memberships = memberships.filter(project__is_private=True)
memberships.delete()
return response.NoContent()
def bulk_update_kanban_order(self, request, **kwargs):
serializer = serializers.UpdateUserStoriesOrderBulkSerializer(data=request.DATA)
if not serializer.is_valid():
return response.BadRequest(serializer.errors)
data = serializer.data
project = get_object_or_404(Project, pk=data["project_id"])
self.check_permissions(request, "bulk_update_order", project)
services.update_userstories_order_in_bulk(data["bulk_stories"],
project=project,
field="kanban_order")
services.snapshot_userstories_in_bulk(data["bulk_stories"], request.user)
return response.NoContent()
def bulk_update_milestone(self, request, **kwargs):
validator = validators.UpdateMilestoneBulkValidator(data=request.DATA)
if not validator.is_valid():
return response.BadRequest(validator.errors)
data = validator.data
project = get_object_or_404(Project, pk=data["project_id"])
milestone = get_object_or_404(Milestone, pk=data["milestone_id"])
self.check_permissions(request, "bulk_update_milestone", project)
services.update_userstories_milestone_in_bulk(data["bulk_stories"], milestone)
services.snapshot_userstories_in_bulk(data["bulk_stories"], request.user)
return response.NoContent()
def bulk_update_order(self, request, **kwargs):
bulk_data = request.DATA.get(self.bulk_update_param, None)
if bulk_data is None:
raise exc.BadRequest(_("{param} parameter is mandatory".format(param=self.bulk_update_param)))
project_id = request.DATA.get('project', None)
if project_id is None:
raise exc.BadRequest(_("project parameter is mandatory"))
project = get_object_or_404(Project, id=project_id)
self.check_permissions(request, 'bulk_update_order', project)
self.__class__.bulk_update_order_action(project, request.user, bulk_data)
return response.NoContent(data=None)
def destroy(self, request, *args, **kwargs):
obj = self.get_object_or_none()
self.check_permissions(request, 'destroy', obj)
if obj is None:
raise Http404
self.pre_delete(obj)
self.pre_conditions_on_delete(obj)
services.orphan_project(obj)
if settings.CELERY_ENABLED:
services.delete_project.delay(obj.id)
else:
services.delete_project(obj.id)
return response.NoContent()
def _bulk_update_order(self, order_field, request, **kwargs):
serializer = serializers.UpdateUserStoriesOrderBulkSerializer(data=request.DATA)
if not serializer.is_valid():
return response.BadRequest(serializer.errors)
data = serializer.data
project = get_object_or_404(Project, pk=data["project_id"])
self.check_permissions(request, "bulk_update_order", project)
if project.blocked_code is not None:
raise exc.Blocked(_("Blocked element"))
services.update_userstories_order_in_bulk(data["bulk_stories"],
project=project,
field=order_field)
services.snapshot_userstories_in_bulk(data["bulk_stories"], request.user)
return response.NoContent()
def bulk_update_order(self, request, **kwargs):
bulk_data = request.DATA.get(self.bulk_update_param, None)
if bulk_data is None:
raise exc.BadRequest(
_("'{param}' parameter is mandatory".format(
param=self.bulk_update_param)))
project_id = request.DATA.get("project", None)
if project_id is None:
raise exc.BadRequest(_("'project' parameter is mandatory"))
project = get_object_or_404(Project, id=project_id)
self.check_permissions(request, "bulk_update_order", project)
if project.blocked_code is not None:
raise exc.Blocked(_("Blocked element"))
self.__class__.bulk_update_order_action(project, request.user,
bulk_data)
return response.NoContent(data=None)
