class Register(View):
template_name = 'templates/register.html'
__user = None
__context = None
__option_entity = None
__correlation_id = None
@redirect_if_not_installed
@redirect_if_authenticated
def get(self, request, token):
self.__correlation_id = request.META[
"X-Correlation-ID"] if "X-Correlation-ID" in request.META else ""
self.__user = UserModule()
self.__context = Context()
self.__option_entity = OptionEntity()
if not self.__user.check_register_request(token):
messages.error(
request,
_("Register token is expired or invalid, Please contact system administrator!"
))
return redirect("app.web.login")
self.__context.autoload_options()
self.__context.push({
"page_title":
_("Register · %s") % self.__context.get(
"app_name", os.getenv("APP_NAME", "Silverback")),
"register_request":
self.__user.get_register_request_by_token(token)
})
return render(request, self.template_name, self.__context.get())
class UserEdit(View):
"""User Edit Page Controller"""
template_name = 'templates/admin/user/edit.html'
@login_if_not_authenticated_or_no_permission("manage_settings")
def get(self, request, user_id):
self.__context = Context()
self.__user = UserModule()
self.__correlation_id = request.META[
"X-Correlation-ID"] if "X-Correlation-ID" in request.META else ""
user = self.__user.get_one_by_id(user_id)
if not user:
raise Http404("User not found.")
self.__context.autoload_options()
self.__context.autoload_user(
request.user.id if request.user.is_authenticated else None)
self.__context.push({
"page_title":
_("Edit User · %s") % self.__context.get(
"app_name", os.getenv("APP_NAME", "Silverback")),
"user":
user
})
return render(request, self.template_name, self.__context.get())
def __init__(self):
self.__request = Request()
self.__response = Response()
self.__helpers = Helpers()
self.__form = Form()
self.__user = UserModule()
self.__logger = self.__helpers.get_logger(__name__)
self.__form.add_validator(ExtraRules())
class Register(View, Controller):
"""Register Page Controller"""
template_name = 'templates/register.html'
@redirect_if_not_installed
@redirect_if_authenticated
def get(self, request, token):
self.__user = UserModule()
if not self.__user.check_register_request(token):
messages.error(request, _("Register token is expired or invalid, Please contact system administrator!"))
return redirect("app.web.login")
self.autoload_options()
self.context_push({
"page_title": _("Register · %s") % self.context_get("app_name", os.getenv("APP_NAME", "Silverback")),
"register_request": self.__user.get_register_request_by_token(token)
})
return render(request, self.template_name, self.context_get())
def get(self, request, user_id):
self.__context = Context()
self.__user = UserModule()
self.__correlation_id = request.META[
"X-Correlation-ID"] if "X-Correlation-ID" in request.META else ""
user = self.__user.get_one_by_id(user_id)
if not user:
raise Http404("User not found.")
self.__context.autoload_options()
self.__context.autoload_user(
request.user.id if request.user.is_authenticated else None)
self.__context.push({
"page_title":
_("Edit User · %s") % self.__context.get(
"app_name", os.getenv("APP_NAME", "Silverback")),
"user":
user
})
return render(request, self.template_name, self.__context.get())
class User(View):
"""Update and Delete User Private Endpoint Controller"""
def __init__(self):
self.__request = Request()
self.__response = Response()
self.__helpers = Helpers()
self.__form = Form()
self.__user = UserModule()
self.__logger = self.__helpers.get_logger(__name__)
self.__user_id = None
self.__correlation_id = ""
self.__form.add_validator(ExtraRules())
@allow_if_authenticated_and_has_permission("manage_settings")
def post(self, request, user_id):
self.__correlation_id = request.META[
"X-Correlation-ID"] if "X-Correlation-ID" in request.META else ""
self.__request.set_request(request)
request_data = self.__request.get_request_data(
"post", {
"first_name": "",
"last_name": "",
"username": "",
"role": "",
"email": "",
"update_password": "",
"password": ""
})
if request_data["update_password"] == "":
self.__form.add_inputs({
'first_name': {
'value': request_data["first_name"],
'sanitize': {
'strip': {}
},
'validate': {
'sv_names': {
'error':
_('Error! First name contains invalid characters.')
},
'length_between': {
'param': [0, 20],
'error':
_('Error! First name must be 1 to 20 characters long.'
)
}
}
},
'last_name': {
'value': request_data["last_name"],
'sanitize': {
'strip': {}
},
'validate': {
'sv_names': {
'error':
_('Error! Last name contains invalid characters.')
},
'length_between': {
'param': [0, 20],
'error':
_('Error! Last name must be 1 to 20 characters long.'
)
}
}
},
'username': {
'value': request_data["username"],
'sanitize': {
'strip': {}
},
'validate': {
'alpha_numeric': {
'error':
_('Error! Username must be alpha numeric.')
},
'length_between': {
'param': [4, 10],
'error':
_('Error! Username must be 5 to 10 characters long.'
)
}
}
},
'email': {
'value': request_data["email"],
'sanitize': {
'strip': {}
},
'validate': {
'sv_email': {
'error': _('Error! Email is invalid.')
}
}
},
'role': {
'value': request_data["role"],
'validate': {
'any_of': {
'param': [["admin", "user"]],
'error': _('Error! Role is invalid.')
}
}
}
})
else:
self.__form.add_inputs({
'first_name': {
'value': request_data["first_name"],
'sanitize': {
'strip': {}
},
'validate': {
'sv_names': {
'error':
_('Error! First name contains invalid characters.')
},
'length_between': {
'param': [0, 20],
'error':
_('Error! First name must be 1 to 20 characters long.'
)
}
}
},
'last_name': {
'value': request_data["last_name"],
'sanitize': {
'strip': {}
},
'validate': {
'sv_names': {
'error':
_('Error! Last name contains invalid characters.')
},
'length_between': {
'param': [0, 20],
'error':
_('Error! Last name must be 1 to 20 characters long.'
)
}
}
},
'username': {
'value': request_data["username"],
'sanitize': {
'strip': {}
},
'validate': {
'alpha_numeric': {
'error':
_('Error! Username must be alpha numeric.')
},
'length_between': {
'param': [4, 10],
'error':
_('Error! Username must be 5 to 10 characters long.'
)
}
}
},
'email': {
'value': request_data["email"],
'sanitize': {
'strip': {}
},
'validate': {
'sv_email': {
'error': _('Error! Email is invalid.')
}
}
},
'password': {
'value': request_data["password"],
'validate': {
'sv_password': {
'error':
_('Error! Password must contain at least uppercase letter, lowercase letter, numbers and special character.'
)
},
'length_between': {
'param': [7, 20],
'error':
_('Error! Password length must be from 8 to 20 characters.'
)
}
}
},
'role': {
'value': request_data["role"],
'validate': {
'any_of': {
'param': [["admin", "user"]],
'error': _('Error! Role is invalid.')
}
}
}
})
self.__form.process()
if not self.__form.is_passed():
return JsonResponse(
self.__response.send_errors_failure(self.__form.get_errors(),
{}, self.__correlation_id))
if self.__user.username_used_elsewhere(
user_id, self.__form.get_sinput("username")):
return JsonResponse(
self.__response.send_private_failure(
[{
"type": "error",
"message": _("Error! Username is already used.")
}], {}, self.__correlation_id))
if self.__user.email_used_elsewhere(user_id,
self.__form.get_sinput("email")):
return JsonResponse(
self.__response.send_private_failure([{
"type":
"error",
"message":
_("Error! Email is already used for other account.")
}], {}, self.__correlation_id))
if request_data["update_password"] == "":
result = self.__user.update_one_by_id(
user_id, {
"username":
self.__form.get_sinput("username"),
"email":
self.__form.get_sinput("email"),
"first_name":
self.__form.get_sinput("first_name"),
"last_name":
self.__form.get_sinput("last_name"),
"is_superuser":
True
if self.__form.get_sinput("role") == "admin" else False
})
else:
result = self.__user.update_one_by_id(
user_id, {
"username":
self.__form.get_sinput("username"),
"email":
self.__form.get_sinput("email"),
"first_name":
self.__form.get_sinput("first_name"),
"last_name":
self.__form.get_sinput("last_name"),
"password":
self.__form.get_sinput("password"),
"is_superuser":
True
if self.__form.get_sinput("role") == "admin" else False
})
if result:
return JsonResponse(
self.__response.send_private_success(
[{
"type": "success",
"message": _("User updated successfully.")
}], {}, self.__correlation_id))
else:
return JsonResponse(
self.__response.send_private_failure([{
"type":
"error",
"message":
_("Error! Something goes wrong while creating your account."
)
}], {}, self.__correlation_id))
@allow_if_authenticated_and_has_permission("manage_settings")
def delete(self, request, user_id):
self.__correlation_id = request.META[
"X-Correlation-ID"] if "X-Correlation-ID" in request.META else ""
self.__user_id = request.user.id
if self.__user_id == user_id:
return JsonResponse(
self.__response.send_private_failure(
[{
"type": "error",
"message": _("Error! You can't delete your account.")
}], {}, self.__correlation_id))
if self.__user.delete_one_by_id(user_id):
return JsonResponse(
self.__response.send_private_success(
[{
"type": "success",
"message": _("User deleted successfully.")
}], {}, self.__correlation_id))
else:
return JsonResponse(
self.__response.send_private_failure([{
"type":
"error",
"message":
_("Error! Something goes wrong while deleting a user.")
}], {}, self.__correlation_id))
class Users(View):
"""Create and List Users Private Endpoint Controller"""
def __init__(self):
self.__request = Request()
self.__response = Response()
self.__helpers = Helpers()
self.__form = Form()
self.__user = UserModule()
self.__logger = self.__helpers.get_logger(__name__)
self.__user_id = None
self.__correlation_id = ""
self.__form.add_validator(ExtraRules())
@allow_if_authenticated_and_has_permission("manage_settings")
def post(self, request):
self.__correlation_id = request.META[
"X-Correlation-ID"] if "X-Correlation-ID" in request.META else ""
self.__request.set_request(request)
request_data = self.__request.get_request_data(
"post", {
"invitation": "",
"first_name": "",
"last_name": "",
"username": "",
"role": "",
"email": "",
"password": ""
})
if request_data["invitation"] != "":
self.__form.add_inputs({
'first_name': {
'value': request_data["first_name"],
'sanitize': {
'strip': {}
},
'validate': {
'sv_names': {
'error':
_('Error! First name contains invalid characters.')
},
'length_between': {
'param': [0, 20],
'error':
_('Error! First name must be 1 to 20 characters long.'
)
}
}
},
'last_name': {
'value': request_data["last_name"],
'sanitize': {
'strip': {}
},
'validate': {
'sv_names': {
'error':
_('Error! Last name contains invalid characters.')
},
'length_between': {
'param': [0, 20],
'error':
_('Error! Last name must be 1 to 20 characters long.'
)
}
}
},
'username': {
'value': request_data["username"],
'sanitize': {
'strip': {}
},
'validate': {
'alpha_numeric': {
'error':
_('Error! Username must be alpha numeric.')
},
'length_between': {
'param': [4, 10],
'error':
_('Error! Username must be 5 to 10 characters long.'
)
}
}
},
'email': {
'value': request_data["email"],
'sanitize': {
'strip': {}
},
'validate': {
'sv_email': {
'error': _('Error! User email is invalid.')
}
}
},
'password': {
'value': request_data["password"],
'validate': {
'sv_password': {
'error':
_('Error! Password must contain at least uppercase letter, lowercase letter, numbers and special character.'
)
},
'length_between': {
'param': [7, 20],
'error':
_('Error! Password length must be from 8 to 20 characters.'
)
}
}
},
'role': {
'value': request_data["role"],
'validate': {
'any_of': {
'param': [["admin", "user"]],
'error': _('Error! Role is invalid.')
}
}
}
})
else:
self.__form.add_inputs({
'email': {
'value': request_data["email"],
'sanitize': {
'strip': {}
},
'validate': {
'sv_email': {
'error': _('Error! User email is invalid.')
}
}
},
'role': {
'value': request_data["role"],
'validate': {
'any_of': {
'param': [["admin", "user"]],
'error': _('Error! Role is invalid.')
}
}
}
})
self.__form.process()
if not self.__form.is_passed():
return JsonResponse(
self.__response.send_errors_failure(self.__form.get_errors(),
{}, self.__correlation_id))
if self.__user.email_used(self.__form.get_sinput("email")):
return JsonResponse(
self.__response.send_private_failure([{
"type":
"error",
"message":
_("Error! Email is already used for other account.")
}], {}, self.__correlation_id))
if request_data["invitation"] != "" and self.__user.username_used(
self.__form.get_sinput("username")):
return JsonResponse(
self.__response.send_private_failure(
[{
"type": "error",
"message": _("Error! Username is already used.")
}], {}, self.__correlation_id))
if request_data["invitation"] != "":
result = self.__user.insert_one({
"username":
self.__form.get_sinput("username"),
"email":
self.__form.get_sinput("email"),
"first_name":
self.__form.get_sinput("first_name"),
"last_name":
self.__form.get_sinput("last_name"),
"password":
self.__form.get_sinput("password"),
"is_staff":
False,
"is_active":
True,
"is_superuser":
True if self.__form.get_sinput("role") == "admin" else False
})
if result:
return JsonResponse(
self.__response.send_private_success(
[{
"type": "success",
"message": _("Account created successfully.")
}], {}, self.__correlation_id))
else:
return JsonResponse(
self.__response.send_private_failure([{
"type":
"error",
"message":
_("Error! Something goes wrong while creating your account."
)
}], {}, self.__correlation_id))
else:
self.__user.delete_register_request_by_email(
self.__form.get_sinput("email"))
token = self.__user.create_register_request(
self.__form.get_sinput("email"),
self.__form.get_sinput("role"))
if not token:
return JsonResponse(
self.__response.send_private_failure([{
"type":
"error",
"message":
_("Error! Something goes wrong while creating reset request."
)
}], {}, self.__correlation_id))
message = self.__user.send_register_request_message(
self.__form.get_sinput("email"), token)
if not message:
return JsonResponse(
self.__response.send_private_failure([{
"type":
"error",
"message":
_("Error! Something goes wrong while sending register request."
)
}], {}, self.__correlation_id))
else:
return JsonResponse(
self.__response.send_private_success([{
"type":
"success",
"message":
_("Register Request instructions sent successfully.")
}], {}, self.__correlation_id))
@allow_if_authenticated_and_has_permission("manage_settings")
def get(self, request):
self.__correlation_id = request.META[
"X-Correlation-ID"] if "X-Correlation-ID" in request.META else ""
self.__request.set_request(request)
request_data = self.__request.get_request_data("get", {
"offset": 0,
"limit": 20
})
try:
offset = int(request_data["offset"])
limit = int(request_data["limit"])
except Exception:
offset = 0
limit = 20
return JsonResponse(
self.__response.send_private_success(
[], {
'users':
self.__format_users(self.__user.get_all(offset, limit)),
'metadata': {
'offset': offset,
'limit': limit,
'count': self.__user.count_all()
}
}, self.__correlation_id))
def __format_users(self, users):
users_list = []
for user in users:
users_list.append({
"id":
user.id,
"username":
user.username,
"first_name":
user.first_name,
"last_name":
user.last_name,
"email":
user.email,
"role":
"Admin" if user.is_superuser == 1 else "User",
"created_at":
user.date_joined.strftime("%b %d %Y %H:%M:%S"),
"edit_url":
reverse("app.web.admin.user.edit", kwargs={'user_id':
user.id}),
"delete_url":
reverse("app.api.private.v1.admin.user.endpoint",
kwargs={'user_id': user.id})
})
return users_list
class Register(View):
__request = None
__response = None
__helpers = None
__form = None
__user = None
__logger = None
__correlation_id = None
def __init__(self):
self.__request = Request()
self.__response = Response()
self.__helpers = Helpers()
self.__form = Form()
self.__user = UserModule()
self.__logger = self.__helpers.get_logger(__name__)
self.__form.add_validator(ExtraRules())
@stop_request_if_authenticated
def post(self, request):
self.__correlation_id = request.META["X-Correlation-ID"] if "X-Correlation-ID" in request.META else ""
self.__request.set_request(request)
request_data = self.__request.get_request_data("post", {
"register_request_token": "",
"first_name": "",
"last_name": "",
"username": "",
"email": "",
"password": ""
})
self.__form.add_inputs({
'first_name': {
'value': request_data["first_name"],
'sanitize': {
'strip': {}
},
'validate': {
'sv_names': {
'error': _('Error! First name contains invalid characters.')
},
'length_between': {
'param': [0, 20],
'error': _('Error! First name must be 1 to 20 characters long.')
}
}
},
'last_name': {
'value': request_data["last_name"],
'sanitize': {
'strip': {}
},
'validate': {
'sv_names': {
'error': _('Error! Last name contains invalid characters.')
},
'length_between': {
'param': [0, 20],
'error': _('Error! Last name must be 1 to 20 characters long.')
}
}
},
'username': {
'value': request_data["username"],
'sanitize': {
'escape': {},
'strip': {}
},
'validate': {
'alpha_numeric': {
'error': _('Error! Username must be alpha numeric.')
},
'length_between': {
'param': [4, 10],
'error': _('Error! Username must be 5 to 10 characters long.')
}
}
},
'email': {
'value': request_data["email"],
'sanitize': {
'escape': {},
'strip': {}
},
'validate': {
'sv_email': {
'error': _('Error! Admin email is invalid.')
}
}
},
'password': {
'value': request_data["password"],
'validate': {
'sv_password': {
'error': _('Error! Password must contain at least uppercase letter, lowercase letter, numbers and special character.')
},
'length_between': {
'param': [7, 20],
'error': _('Error! Password length must be from 8 to 20 characters.')
}
}
}
})
self.__form.process()
if not self.__form.is_passed():
return JsonResponse(self.__response.send_errors_failure(self.__form.get_errors(), {}, self.__correlation_id))
register_request = self.__user.get_register_request_by_token(request_data["register_request_token"])
if not register_request:
return JsonResponse(self.__response.send_private_failure([{
"type": "error",
"message": _("Error! Register token is invalid or expired.")
}], {}, self.__correlation_id))
payload = json.loads(register_request.payload)
if self.__user.username_used(self.__form.get_sinput("username")):
return JsonResponse(self.__response.send_private_failure([{
"type": "error",
"message": _("Error! Username is already used.")
}], {}, self.__correlation_id))
if self.__user.email_used(self.__form.get_sinput("email")):
return JsonResponse(self.__response.send_private_failure([{
"type": "error",
"message": _("Error! Email is already used for other account.")
}], {}, self.__correlation_id))
result = self.__user.insert_one({
"username": self.__form.get_sinput("username"),
"email": self.__form.get_sinput("email"),
"first_name": self.__form.get_sinput("first_name"),
"last_name": self.__form.get_sinput("last_name"),
"password": self.__form.get_sinput("password"),
"is_staff": False,
"is_active": True,
"is_superuser": True if payload["role"] == "admin" else False
})
if result:
self.__user.delete_register_request_by_token(request_data["register_request_token"])
return JsonResponse(self.__response.send_private_success([{
"type": "success",
"message": _("Account created successfully.")
}], {}, self.__correlation_id))
else:
return JsonResponse(self.__response.send_private_failure([{
"type": "error",
"message": _("Error! Something goes wrong while creating your account.")
}], {}, self.__correlation_id))
def __init__(self):
self.__user = UserModule()
class Register(View, Controller):
"""Register Private Endpoint Controller"""
def __init__(self):
self.__user = UserModule()
@stop_request_if_authenticated
def post(self, request):
request_data = self.get_request_data(
request, "post", {
"register_request_token": "",
"first_name": "",
"last_name": "",
"username": "",
"email": "",
"password": ""
})
self.form().add_inputs({
'first_name': {
'value': request_data["first_name"],
'sanitize': {
'strip': {}
},
'validate': {
'sv_names': {
'error':
_('Error! First name contains invalid characters.')
},
'length_between': {
'param': [0, 20],
'error':
_('Error! First name must be 1 to 20 characters long.')
}
}
},
'last_name': {
'value': request_data["last_name"],
'sanitize': {
'strip': {}
},
'validate': {
'sv_names': {
'error':
_('Error! Last name contains invalid characters.')
},
'length_between': {
'param': [0, 20],
'error':
_('Error! Last name must be 1 to 20 characters long.')
}
}
},
'username': {
'value': request_data["username"],
'sanitize': {
'strip': {}
},
'validate': {
'alpha_numeric': {
'error': _('Error! Username must be alpha numeric.')
},
'length_between': {
'param': [4, 10],
'error':
_('Error! Username must be 5 to 10 characters long.')
}
}
},
'email': {
'value': request_data["email"],
'sanitize': {
'strip': {}
},
'validate': {
'sv_email': {
'error': _('Error! Admin email is invalid.')
}
}
},
'password': {
'value': request_data["password"],
'validate': {
'sv_password': {
'error':
_('Error! Password must contain at least uppercase letter, lowercase letter, numbers and special character.'
)
},
'length_between': {
'param': [7, 20],
'error':
_('Error! Password length must be from 8 to 20 characters.'
)
}
}
}
})
self.form().process()
if not self.form().is_passed():
return self.json(self.form().get_errors())
register_request = self.__user.get_register_request_by_token(
request_data["register_request_token"])
if not register_request:
return self.json([{
"type":
"error",
"message":
_("Error! Register token is invalid or expired.")
}])
payload = json.loads(register_request.payload)
if self.__user.username_used(self.form().get_sinput("username")):
return self.json([{
"type": "error",
"message": _("Error! Username is already used.")
}])
if self.__user.email_used(self.form().get_sinput("email")):
return self.json([{
"type":
"error",
"message":
_("Error! Email is already used for other account.")
}])
result = self.__user.insert_one({
"username":
self.form().get_sinput("username"),
"email":
self.form().get_sinput("email"),
"first_name":
self.form().get_sinput("first_name"),
"last_name":
self.form().get_sinput("last_name"),
"password":
self.form().get_sinput("password"),
"is_staff":
False,
"is_active":
True,
"is_superuser":
True if payload["role"] == "admin" else False
})
if result:
self.__user.delete_register_request_by_token(
request_data["register_request_token"])
return self.json([{
"type": "success",
"message": _("Account created successfully.")
}])
else:
return self.json([{
"type":
"error",
"message":
_("Error! Something goes wrong while creating your account.")
}])