def test_save(self):
user_profile = UserProfile(user=User.objects.create_user(
'john', '*****@*****.**', 'johnpassword'),
bio='my bio')
user_profile.save()
self.assertEqual(user_profile,
UserProfile.objects.get(id=user_profile.id))
def register(request):
"""Function to register users."""
context = {}
if request.method == 'POST':
try:
username = request.POST.get('name')
email = request.POST.get('email')
password1 = request.POST.get('password1')
password2 = request.POST.get('password2')
if password2 == password1:
user = User.objects.create_user(
password=password1,
username=username,
email=email)
user_info = UserProfile(user=user, name=username, email=email)
user_info.save()
context = {'success': True, 'message': 'successfully saved'}
context.update(csrf(request))
return render_to_response("LoginStatus.html", context)
except:
context = {'success': False, 'message': 'NOT saved'}
context.update(csrf(request))
return render_to_response("LoginStatus.html", context)
context.update(csrf(request))
return render_to_response("register.html", context)
def obj_create(self, bundle, **kwargs):
#validator not being called
data = bundle.data
user = bundle.request.user
thegroup = Group.objects.create(name=data['name'])
thegroup.save()
#creator of the group can edit by default
assign_perm(UserProfile.get_permission_name('edit'), user, thegroup)
assign_perm(UserProfile.get_permission_name('view'), user, thegroup)
bundle.obj = thegroup
# User always has edit permissions for group he made
user.groups.add(thegroup)
user.save()
# Users are in the group
if 'users' in data:
thegroup.user_set = []
users = [User.objects.get(pk=userid) for userid in data['users']]
thegroup.user_set = users
if 'request_id' in data and data['request_id']:
req = Request.objects.get(id=data['request_id'])
assign_perm(Request.get_permission_name('view'), thegroup, req)
thegroup.save()
return bundle
def obj_create(self, bundle, **kwargs):
#validator not being called
data = bundle.data
user = bundle.request.user
thegroup = Group.objects.create(name=data['name'])
thegroup.save()
#creator of the group can edit by default
assign_perm(UserProfile.get_permission_name('edit'), user, thegroup)
assign_perm(UserProfile.get_permission_name('view'), user, thegroup)
bundle.obj = thegroup
# User always has edit permissions for group he made
user.groups.add(thegroup)
user.save()
# Users are in the group
if 'users' in data:
thegroup.user_set = []
users = [User.objects.get(pk=userid) for userid in data['users']]
thegroup.user_set = users
if 'request_id' in data and data['request_id']:
req = Request.objects.get(id=data['request_id'])
assign_perm(Request.get_permission_name('view'), thegroup, req)
thegroup.save()
return bundle
def handle(self, *args, **options):
for user in User.objects.all():
try:
up = UserProfile.objects.get(user=user)
except Exception as e:
print "no userprofile for %s" % user.username
up = UserProfile(user=user)
up.save()
def handle(self, *args, **options):
for user in User.objects.all():
try:
up = UserProfile.objects.get(user=user)
except Exception as e:
print "no userprofile for %s" % user.username
up = UserProfile(user=user)
up.save()
def test_get_announcers_and_profile(self):
user = User(username='******', password='******')
user.save()
user_profile = UserProfile(user=user, bio='my bio')
user_profile.save()
programme = Programme.objects.create(name="Test programme", synopsis="This is a description", current_season=1, _runtime=60, start_date=datetime.date(2014, 1, 31))
role = Role.objects.create(person=user, programme=programme)
self.assertEqual(programme, Programme.objects.get(id=programme.id))
self.assertEqual(user_profile, UserProfile.objects.get(id=user_profile.id))
self.assertEqual(user, user_profile.user)
self.assertEqual(user, programme.announcers.all()[0])
def handle(self, *args, **options):
excluded = ['public', 'AnonymousUser']
for user in User.objects.all():
group = Group.objects.get(name=user.username)
assign_perm(UserProfile.get_permission_name('edit'), user, group)
print '1 set %s %s' % (group.name, user.username)
#retroactive support for editing permissions on groups
#make everyone an editor of the group because we can't track who created the group
for group in Group.objects.all().exclude(name__in=excluded):
for user in group.user_set.all():
assign_perm(UserProfile.get_permission_name('edit'), user, group)
assign_perm(UserProfile.get_permission_name('view'), user, group)
print '2 set %s %s' % (group.name, user.username)
def dehydrate(self, bundle):
if 'request_id' not in bundle.data.keys():
bundle.data['request_id'] = bundle.request.GET.get("request_id", None)
bundle.data['toggle_to_edit'] = bundle.request.user.has_perm(UserProfile.get_permission_name('edit'), bundle.obj)
if bundle.data['request_id']:
checker = ObjectPermissionChecker(bundle.obj)
bundle.data['toggle_to_edit'] = checker.has_perm(Request.get_permission_name('edit'), Request.objects.get(id=bundle.data['request_id']))
if not bundle.request.user.is_authenticated():
bundle.data['can_edit'] = False
bundle.data['can_edit'] = bundle.request.user.has_perm(UserProfile.get_permission_name('edit'), bundle.obj)
bundle.data['type'] = 'group'
for usr in bundle.data['users']:
usr.data['toggle_to_edit'] = usr.obj.has_perm(UserProfile.get_permission_name('edit'), bundle.obj)
return bundle
def post(self, request):
register_form = RegisterForm(request.POST)
if register_form.is_valid():
user_name = request.POST.get('email', None)
# 如果用户已存在,则提示错误
if UserProfile.objects.filter(email=user_name):
return render(request, 'register.html', {
'register_form': register_form,
'msg': "用户已存在"
})
pass_word = request.POST.get('password', None)
# 实例化一个用户对象
user_profile = UserProfile()
user_profile.username = user_name
user_profile.email = user_name
user_profile.is_active = False
# 对保存到数据库的密码进行加密
user_profile.password = make_password(pass_word)
user_profile.save()
send_register_eamil(user_name, 'register')
return render(request, 'login.html')
else:
return render(request, 'register.html',
{'register_form': register_form})
def post(self, request):
print(1)
register_form = RegisterForm(request.POST)
if register_form.is_valid():
print(2)
user_name = request.POST.get('email')
# 如果用户已存在,则提示错误信息
capt_cha = request.POST.get('captcha')
if UserProfile.objects.filter(email=user_name):
return render(request, 'register.html', {
'register_form': register_form,
'msg': '用户已存在'
})
print(3)
pass_word = request.POST.get('password')
# 实例化一个user_profile对象
user_profile = UserProfile()
user_profile.username = user_name
user_profile.email = user_name
user_profile.is_active = False
# 对保存到数据库的密码加密
user_profile.password = make_password(pass_word)
user_profile.save()
send_register_eamil(user_name, 'register')
return render(request, 'login.html')
else:
return render(request, 'register.html', {
'register_form': register_form,
'msg': '验证码错误'
})
def post(self, request):
register_form = RegisterForm(request.POST)
if register_form.is_valid():
user_name = request.POST.get("email", "")
pass_word = request.POST.get("password", "")
exist_user = UserProfile.objects.filter(
Q(username=user_name) | Q(email=user_name))
if exist_user:
return render(request, "forgetpwd.html",
{'msg': "用户已经存在,若是本人忘记密码,请找回密码"})
# 实例化一个user_profile对象,将前台值存入
user_profile = UserProfile()
user_profile.username = user_name
user_profile.email = user_name
user_profile.is_active = False
# 加密password进行保存
user_profile.password = make_password(pass_word)
user_profile.save()
send_register_email(user_name, 'register')
# 给用户发送消息
user_msg = UserMessage(user=user_profile.id)
user_msg.message = '欢迎注册孟哥个网站'
user_msg.save()
return render(request, "login.html", {'msg': "激活连接已发送,注意查收"})
else:
return render(request, "register.html",
{"register_form": register_form})
def post(self, request, *args, **kwargs):
register_form = RegisterForm(request.POST)
# print(request.POST.get("username",""),'\n')
# print(request.POST.get("password",""),'\n')
if register_form.is_valid():
user_name = request.POST.get("username", "")
if UserProfile.objects.filter(email=user_name):
msg = "邮箱已被注册!"
register_form._errors["msg"] = register_form.error_class([msg])
return render(request, "register.html",
{"register_form": register_form})
password = request.POST.get("password", "")
user_profile = UserProfile()
user_profile.username = user_name
user_profile.email = user_name
user_profile.is_active = False
user_profile.password = make_password(password)
user_profile.save()
if send_email(user_name, "register"):
return render(request, "send_success.html")
else:
return render(request, "send_fail.html")
else:
messages.info(request, "邮箱地址非法!")
print(2333)
return render(request, "register.html",
{"register_form": register_form})
def post(self, request):
register_form = RegisterForm(request.POST)
if register_form.is_valid():
email = request.POST.get('email', '')
pass_word = request.POST.get('password', '')
if UserProfile.objects.filter(email=email):
return render(request, 'register.html', {
'msg': '用户已经存在',
'register_form': register_form
})
user_profile = UserProfile()
user_profile.username = email
user_profile.email = email
user_profile.password = make_password(pass_word)
user_profile.is_active = False
user_profile.save()
# 写入欢迎注册消息
user_message = UserMessage()
user_message.user = user_profile.id
user_message.message = '欢迎注册慕学在线网'
user_message.save()
send_register_email(email, 'register')
return render(request, 'login.html')
else:
return render(request, 'register.html',
{'register_form': register_form})
def post(self, request):
register_post_form = RegisterPostForm(request.POST)
if register_post_form.is_valid():
user_name = request.POST.get('mobile', '')
password = request.POST.get('password', '')
user = UserProfile()
user.username = user_name
user.mobile = user_name
user.set_password(password)
user.save()
# 写入欢迎注册消息
user_message = UserMessage()
user_message.user = user
user_message.message = '欢迎注册!!!!!'
user_message.save()
# send_register_email(user_name, 'register')
login(request, user)
return HttpResponseRedirect(reverse('index'))
else:
register_get_form = RegisterGetForm()
return render(
request, 'register.html', {
'register_get_form': register_get_form,
'register_post_form': register_post_form
})
def post(self, request):
"""注册提交"""
# 校验数据
register_captcha = RegisterForm(request.POST)
register_post = RegisterPostForm(request.POST)
# 取出一个错误
error_val = ''
error_key = ''
for key, val in register_post.errors.items():
error_val = val[0]
error_key = key
break
if not register_post.is_valid():
return render(request, 'register.html', {
'register_captcha': register_captcha,
'register_post': register_post,
'error_val': error_val,
'error_key': error_key,
})
# 业务逻辑处理:注册用户
mobile = register_post.cleaned_data['mobile']
password = register_post.cleaned_data['password']
# 注册用户
user = UserProfile()
user.username = mobile
user.mobile = mobile
user.set_password(password)
user.save()
# 验证通过,返回到登录页面
return redirect(reverse('users:login'))
def test_add_user_to_group(self):
self.add_user_to_group(self.usertwo)
self.assertEqual(self.usertwo.groups.filter(name=self.post_data['name']).count(), 1)
#user who created a group has ownership over it
self.assertEqual(self.user.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
self.assertEqual(self.usertwo.has_perm(UserProfile.get_permission_name('edit'), self.group), False)
self.assertEqual(self.user.has_perm(UserProfile.get_permission_name('view'), self.group), True)
self.assertEqual(self.usertwo.has_perm(UserProfile.get_permission_name('view'), self.group), True)
#user two didn't create the group but is part of it, usertwo shouldn't be able to add userthree to the group in this case
self.get_credentials_other(self.usertwo.username)
users = self.get_user_json(self.userthree)
groupjson = self.groupJSON.copy()
groupjson['users'].append(users)
update_resp = self.api_client.put(groupjson['resource_uri'], format='json', data=groupjson, authentication=self.get_credentials_other(self.usertwo.username))
self.assertEqual(self.userthree.groups.filter(name=self.post_data['name']).count(), 0)
#remove a user from the group
groupjson['users'] = [self.get_user_json(self.user)]
update_resp = self.api_client.put(groupjson['resource_uri'], format='json', data=groupjson, authentication=self.get_credentials())
self.assertEqual(self.usertwo.groups.filter(name=self.post_data['name']).count(), 0)
self.assertEqual(self.user.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
self.assertEqual(self.user.has_perm(UserProfile.get_permission_name('view'), self.group), True)
self.assertEqual(self.usertwo.has_perm(UserProfile.get_permission_name('edit'), self.group), False)
self.assertEqual(self.usertwo.has_perm(UserProfile.get_permission_name('view'), self.group), False)
def post(self, request):
register_form = RegisterForms(request.POST)
if register_form.is_valid():
# 若果用户输入的创建的信息正确 那么就可以进行入库操作
email = request.POST.get('email', '')
# 注册的时候 用户名重复的现象
if UserProfile.objects.filter(username=email):
return render(request, "register.html", {
'register_form': register_form,
'msg': '用户名已存在'
})
pass_word = request.POST.get("password", '')
#在这里要进行邮箱激活验证操作
user = UserProfile() # 实例化一个user 对象
user.username = email
user.is_active = False # 这里还没有激活 所以还是0 状态
user.email = email # 在这里 昵称 和 邮箱是一样的 原因就是使用了邮箱来创建用户
user.password = make_password(pass_word) # 加密操作
user.save() # 保存进数据库
send_register_email(email, "register")
return render(request, "active_err.html")
# return render(request,"激活链接")
else:
register_form_odd = RegisterForms()
return render(request, "register.html", {
'register_err': register_form,
'register_form': register_form_odd
})
def post(self,request):
context = get_top_data(request)
register_form = RegisterForm(request.POST)
if register_form.is_valid():
username = request.POST.get('username','')
user = UserProfile.objects.filter(username=username).all()
if user:
return render(request, 'register.html', {'msg': '用户 {0} 已存在'.format(username),'register_form':register_form})
email = request.POST.get('email','')
password = request.POST.get('password','')
surepassword = request.POST.get('surepassword','')
if password != surepassword:
context.update({'msg': '两次密码输入不一致','register_form':register_form})
return render(request, 'register.html', context=context)
user_profile = UserProfile()
user_profile.username = username
user_profile.email = email
user_profile.password = make_password(password)
user_profile.is_active = False
user_profile.save()
send_register_email(email,username,'register')
context.update({'email_msg': '注册邮件已发送,请注意查收.', 'register_form': register_form})
return render(request, 'register.html', context=context)
context.update({'register_form':register_form})
return render(request, 'register.html',context=context)
def post(self, request):
forget_form = ForgetPwdForm()
banners = Banner.objects.filter(type=3).order_by("index")
modify_form = ModifyPwdForm(request.POST)
if modify_form.is_valid():
pwd1 = request.POST.get("password1", "")
pwd2 = request.POST.get("password2", "")
email = request.POST.get("email", "")
active_code = request.POST.get("active_code", "")
if pwd1 != pwd2:
return render(
request, "password_reset.html", {
"email": email,
"active_code": active_code,
"msg": "两次输入密码不一致!"
})
all_records = EmailVerifyRecord.objects.filter(
code=active_code).last()
if all_records.email != email:
all_records.delete()
return render(
request, 'forgetpwd.html', {
'forget_form': forget_form,
'msg': '发生未知错误,请再次发送邮件',
"banners": banners
})
user = UserProfile.objects.filter(email=email).first()
if user:
user.set_password(pwd2)
user.save()
else:
user_profile = UserProfile()
user_profile.username = email
user_profile.email = email
user_profile.is_active = True
user_profile.set_password(pwd2)
user_profile.save()
login_form = LoginForm()
banners = Banner.objects.filter(type=3).order_by("index")
all_records.delete()
return render(request, "login.html", {
'msg': '密码成功重置',
'login_form': login_form,
"banners": banners
})
else:
email = request.POST.get("email", "")
active_code = request.POST.get("active_code", "")
return render(
request, "password_reset.html", {
"email": email,
"active_code": active_code,
"modify_form": modify_form
})
def handle(self, *args, **options):
excluded = ['public', 'AnonymousUser']
for user in User.objects.all():
group = Group.objects.get(name=user.username)
assign_perm(UserProfile.get_permission_name('edit'), user, group)
print '1 set %s %s' % (group.name, user.username)
#retroactive support for editing permissions on groups
#make everyone an editor of the group because we can't track who created the group
for group in Group.objects.all().exclude(name__in=excluded):
for user in group.user_set.all():
assign_perm(UserProfile.get_permission_name('edit'), user,
group)
assign_perm(UserProfile.get_permission_name('view'), user,
group)
print '2 set %s %s' % (group.name, user.username)
def check_valid_user(request, user_id):
if request.user.is_anonymous():
return render_template(request, 'users/user_login.html', {'next':'%s' % request.path})
try:
person = User.objects.get(pk=int(user_id))
except User.DoesNotExist:
return render_template(request, 'error.html', {'message':_("User ID (%s) is not existed!") % user_id})
try:
profile = person.get_profile()
except:
#if there is no profile record existed, then create a new record first
profile = UserProfile(user=person)
profile.save()
if person.id != request.user.id:
return render_template(request, 'error.html', {'message':_('You have no right to view the page!')})
def test_removal_from_public_index(self):
"""Test that a user gets removed from public index if makes
profile mozillians only again.
"""
before = (S(UserProfile)
.indexes(UserProfile.get_index(public_index=True))
.count())
profile = self.mozillian2.userprofile
profile.privacy_full_name = MOZILLIANS
profile.save()
sleep(1)
after = (S(UserProfile)
.indexes(UserProfile.get_index(public_index=True))
.count())
eq_(after+1, before)
def test_removal_from_public_index(self):
"""Test that a user gets removed from public index if makes
profile mozillians only again.
"""
before = (S(UserProfile)
.indexes(UserProfile.get_index(public_index=True))
.count())
profile = self.mozillian2.userprofile
profile.privacy_full_name = MOZILLIANS
profile.save()
sleep(1)
after = (S(UserProfile)
.indexes(UserProfile.get_index(public_index=True))
.count())
eq_(after+1, before)
def apply_filters(self, request, applicable_filters):
filters = applicable_filters
if 'groups__name' in filters:
groups_name = filters.pop('groups__name')
else:
groups_name = None
if 'groups__id' in filters:
groups_id = filters.pop('groups__id')
else:
groups_id = None
filtered = super(RequestResource, self).apply_filters(request, applicable_filters)
group = None
if groups_id:
try:
group = Group.objects.get(id = groups_id)
except:
pass
if groups_name:
try:
group = Group.objects.get(name = groups_name)
except:
pass
if group and request.user.has_perm(UserProfile.get_permission_name('view'), group):
return get_objects_for_group(group, Request.get_permissions_path('view')).filter(~Q(status='X'))
return filtered
def apply_filters(self, request, applicable_filters):
filters = applicable_filters
if 'groups__name' in filters:
groups_name = filters.pop('groups__name')
else:
groups_name = None
if 'groups__id' in filters:
groups_id = filters.pop('groups__id')
else:
groups_id = None
filtered = super(RequestResource,
self).apply_filters(request, applicable_filters)
group = None
if groups_id:
try:
group = Group.objects.get(id=groups_id)
except:
pass
if groups_name:
try:
group = Group.objects.get(name=groups_name)
except:
pass
if group and request.user.has_perm(
UserProfile.get_permission_name('view'), group):
return get_objects_for_group(
group,
Request.get_permissions_path('view')).filter(~Q(status='X'))
return filtered
def post(self, request, *args, **kwargs):
login_form = DynamicLoginPostForm(request.POST)
#设置一个变量、登录报错以后、让页面还停留在动态短信登陆页面
dynamic_login = True
#如果短信验证码、验证成功
if login_form.is_valid():
# 没有账号可以登录 思路:先判断用户是否存在、如果存在 ...如果不存在先注册、给随机密码在登录、看以后代码
# 2、提取手机号
mobile = login_form.cleaned_data['mobile']
#提取手机号
existed_users = UserProfile.objects.filter(mobile=mobile)
#如果手机号存在(用户存在)
if existed_users:
#把手机号给 login记录一下
user = existed_users[0]
#如果手机号不存在 (用户不保存在)
else:
#添加用户
user = UserProfile(username=mobile)
#添加用户名字
user.password = user
#添加随机密码
# 3、生成随机数验证码、不怕爬虫去伪造
password = generate_random(10, 2)
user.set_password(password)
#保存新用户的手机号
user.mobile = mobile
#保存密码
user.save()
#保存用户的信息
login(request, user)
#获取next
next = request.GET.get('next', "")
if next:
# 直接跳转到http://127.0.0.1:8001/course/1/lesson/ 这个页面
return HttpResponseRedirect(next)
# 跳转到主页
return HttpResponseRedirect(reverse("index"))
else:
#传递这个图片验证码的、表单是因为:如果短信验证码登录报错、重新实例化 验证码对象、传递到前端登陆页面、就不用刷新登陆页面
d_form = DynamicLoginForm()
#如果短信验证码验证失败、会接受DynamicLoginPostForm 类的验证错误
return render(
request, "login.html", {
"login_form": login_form,
"dynamic_login": dynamic_login,
'd_form': d_form
})
def test_get_announcers_and_profile(self):
user = User(username='******', password='******')
user.save()
user_profile = UserProfile(user=user, bio='my bio')
user_profile.save()
programme = Programme.objects.create(name="Test programme",
synopsis="This is a description",
current_season=1,
_runtime=60,
start_date=datetime.date(
2014, 1, 31))
role = Role.objects.create(person=user, programme=programme)
self.assertEqual(programme, Programme.objects.get(id=programme.id))
self.assertEqual(user_profile,
UserProfile.objects.get(id=user_profile.id))
self.assertEqual(user, user_profile.user)
self.assertEqual(user, programme.announcers.all()[0])
def post(self, request, *args, **kwargs):
login_form = DynamicLoginPostForm(request.POST)
dynamic_login = True
if login_form.is_valid():
# 没有注册帐号依然可以登录
mobile = login_form.cleaned_data['mobile']
existed_user = UserProfile.objects.filter(mobile=mobile)
if existed_user:
user = existed_user[0]
else:
# 创建一个用户
user = UserProfile(username=mobile)
password = gencrate_random(10, 2)
user.set_password(password)
user.mobile = mobile
user.save()
login(request, user)
return HttpResponseRedirect(reverse('index'))
else:
d_form = DynamicLoginForm() # 生成图片验证码
return render(
request, 'login.html', {
'login_form': login_form,
'd_form': d_form,
'dynamic_login': dynamic_login
})
def post(self, request, *args, **kwargs):
banner = Banner.objects.all()[:3]
dynamic_login = True
login_form = DynamicLoginPostForm(request.POST)
if login_form.is_valid():
# 没有注册帐号也能登录
mobile = login_form.cleaned_data['mobile']
exist_users = UserProfile.objects.filter(mobile_phone=mobile)
if exist_users:
user = exist_users[0]
login(request, user)
else:
# 新建一个用户
user = UserProfile(username=mobile)
password = str(random.randint(100000, 999999))
user.set_password(password)
user.mobile_phone = mobile
user.save()
login(request, user)
next = request.GET.get('next', '')
if next:
return HttpResponseRedirect(next)
return HttpResponseRedirect(reverse('index'))
else:
captcha_form = DynamicLoginForm()
return render(
request, 'login.html', {
'login_form': login_form,
'captcha_form': captcha_form,
'dynamic_login': dynamic_login,
"banners": banner
})
def post(self, request, *args, **kwargs):
dynamic_login = True # 用于标识是否为动态登陆
login_form = DynamicLoginPostForm(request.POST)
if login_form.is_valid():
# 没有账号依然可以登录
mobile = login_form.cleaned_data["mobile"]
# 获取code进行redis认证,判断验证码是否一致.采用利用form进行验证redis,使得代码分离性更好-> form.py
# 验证用户是否存在
existed_users = UserProfile.objects.filter(mobile=mobile)
if existed_users:
user = existed_users[0]
login(request, user)
else:
# 新建一个用户
user = UserProfile(username=mobile)
password = generate_random(12) # 生成密码
user.set_password(password)
user.mobile = mobile
user.save()
login(request, user)
next = request.GET.get("next")
if next:
return redirect(next, request) # 需要通过reverse跳转到index
return redirect(reverse('index'), request)
else:
# 为了使得验证码得以显示,所以需要获取有验证码的form传递进来,验证码的form在普通的验证码字段
d_form = DynamicLoginForm()
return render(
request, "login.html", {
"login_form": login_form,
"dynamic_login": dynamic_login,
"d_form": d_form,
})
def post(self, request, *args, **kwargs):
login_form = DynamicLoginPostForm(request.POST)
dynamic_login = True
banners = Banner.objects.all()[:3]
if login_form.is_valid():#账号符合表单结构(forms中进行验证码匹配)
#没有注册账号依然可以登录
email = login_form.cleaned_data["email"]
existed_users = UserProfile.objects.filter(email=email)#寻找数据库中该邮箱用户
if existed_users:#如果账号存在
user = existed_users[0]
else:
#新建一个用户
user = UserProfile(username=email)
password = generate_random(10, 2)
user.set_password(password)
user.email = email
user.save()
login(request, user)#登陆
next = request.GET.get("next", "")
if next:
return HttpResponseRedirect(next)
return HttpResponseRedirect(reverse("index"))
else:
d_form = DynamicLoginForm()
return render(request, "login.html", {"login_form": login_form,
"d_form": d_form,
"banners":banners,
"dynamic_login":dynamic_login})
def post(self, request, *args, **kwargs):
register_post_form = RegisterPostForm(request.POST)
# 校验手机号(是否已经注册),动态验证码,密码
banners = Banner.objects.all()[:3]
if register_post_form.is_valid():
# 获取手机号码和密码
mobile = register_post_form.cleaned_data['mobile']
password = register_post_form.cleaned_data['password']
# 新建一个用户
# 默认用户名=手机号
user = UserProfile(username=mobile)
user.set_password(password)
# 别忘记存手机号
user.mobile = mobile
# 最后对新建的对象进行保存,否则不会存进数据库
user.save()
# 注册成功后,跳转首页
login(request, user)
return HttpResponseRedirect(reverse('index'))
# 若验证失败
else:
register_get_form = RegisterForm()
return render(
request, 'register.html', {
'register_get_form': register_get_form,
'register_post_form': register_post_form,
'banners': banners,
})
def post(self, request, *args, **kwargs):
# 验证用户输入是否正确
login_form = DynamicLoginPostForm(request.POST)
dynamic_login = True
banners = Banner.objects.all()[:3]
if login_form.is_valid():
mobile = login_form.cleaned_data["mobile"]
# 查询用户是否存在
existed_users = UserProfile.objects.filter(mobile=mobile)
if existed_users:
# 存在——获取用户信息进行登录
user = existed_users[0]
else:
# 用户不存在,进行注册用户
user = UserProfile(username=mobile)
# 随机生成密码
password = generate_random(10, 2)
# 将随机密码进行加密
user.set_password(password)
user.mobile = mobile
user.save()
# 进行登录并跳转至首页
login(request, user)
return HttpResponseRedirect(reverse("index"))
else:
d_form = DynamicLoginForm
return render(request, "login.html",
{"login_form": login_form, 'd_form': d_form, "dynamic_login": dynamic_login,
"banners": banners})
def post(self, request):
d_captcha_form = DynamicLoginForm()
dynamic_active = False
dynamic_login_form = DynamicLoginPostForm(request.POST)
if dynamic_login_form.is_valid():
mobile = dynamic_login_form.cleaned_data.get('mobile')
existed_users = UserProfile.objects.filter(mobile=mobile)
if existed_users:
user = existed_users[0]
else:
#新建一个用户
user = UserProfile(username=mobile)
password = generate_random(10, 2)
user.set_password(password) #set_password函数给指定的参数加密
user.mobile = mobile
user.save()
login(request, user)
return redirect(reverse('front:index'))
else:
dynamic_active = True
# print(dynamic_login_form.errors.get_json_data())
# print(dynamic_login_form.errors)
content = {
'dynamic_login_form': dynamic_login_form,
'dynamic_active': dynamic_active,
'd_captcha_form': d_captcha_form,
'dynamic_login_form_errors': dynamic_login_form.errors
}
return render(request, 'login.html', context=content)
def post(self, request, *args, **kwargs):
login_form = DynamicLoginPostForm(request.POST)
dynamic_login = True
if login_form.is_valid():
# 没有账号依然可以继续登入
mobile = login_form.cleaned_data['mobile']
existed_user = UserProfile.objects.filter()
if existed_user:
user = existed_user[0]
else:
user = UserProfile(username=mobile)
password = generate_random(10, 2)
user.set_password(password)
user.mobile = mobile
user.save()
login(request, user)
# next = request.GET.get("next", "")
return HttpResponseRedirect(reverse('index'))
else:
d_form = DynamicLoginForm()
return render(request, "login.html", {
"login_form1": login_form,
"d_form": d_form,
"dynamic_login": dynamic_login
})
def post(self,request,*args,**kwargs):
dynamic_login=True
banners = Banner.objects.all()[:3]
#验证手机号及手机验证码
login_form=DynamicLoginPostForm(request.POST)
if login_form.is_valid():
#没有注册仍然可以使用
mobile=login_form.cleaned_data['mobile']
code=login_form.changed_data['code']
existed_user=UserProfile.objects.filter(mobile=mobile)
if existed_user:
user=existed_user[0]
else:
#新建用户
user=UserProfile(username=mobile)
password = generate_random(10, 2)
user.set_password(password)
user.mobile=mobile
user.save()
login(request, user)
next = request.GET.get("next", '')
if next:
return HttpResponseRedirect(next)
return HttpResponseRedirect(reverse('index'))
else:
# 验证码错误
d_form=DynamicLoginForm()
context = {'login_form': login_form,'dynamic_login':dynamic_login,'d_form':d_form,
'banners':banners}
return render(request, 'login.html', context=context)
def post(self, request, *args, **kwargs):
login_form = DynamicLoginPostForm(request.POST)
dynamic_login = True
banners = Banner.objects.all()[:3]
if login_form.is_valid():
mobile = login_form.cleaned_data['mobile']
existed_users = UserProfile.objects.filter(mobile=mobile)
if existed_users:
user = existed_users[0]
else:
user = UserProfile(username=mobile)
password = generate_random(10, 2)
user.set_password(password)
user.mobile = mobile
user.save()
login(request, user)
next = request.GET.get('next', '')
if next:
return HttpResponseRedirect(next)
return HttpResponseRedirect(reverse('index'))
else:
d_form = DynamicLoginForm()
return render(
request, 'login.html', {
'login_form': login_form,
'd_form': d_form,
'dynamic_login': dynamic_login,
'banners': banners
})
def post(self, request, *args, **kwargs):
login_form = DynamicLoginPostForm(request.POST)
dynamic_login = True
banners = Banner.objects.all()[:3]
if login_form.is_valid():
# 没有注册账号依然可以登录
mobile = login_form.cleaned_data['mobile']
# code = login_form.cleaned_data['code']
existed_users = UserProfile.objects.filter(mobile=mobile)
if existed_users:
user = existed_users[0]
else:
# 创建一个用户
user = UserProfile(username=mobile)
password = generate_random(10, 2)
user.set_password(password)
user.mobile = mobile
user.save()
login(request, user)
next = request.GET.get("next", "")
if next:
return HttpResponseRedirect(next)
return HttpResponseRedirect(reverse("index"))
else:
d_form = DynamicLoginForm()
return render(request, 'login.html', {"login_form": login_form,
"d_form": d_form,
"dynamic_login": dynamic_login,
"banners":banners})
def post(self, request, *args, **kwargs):
login_form = DynamicLoginPostForm(request.POST)
dynamic_login = True
if login_form.is_valid():
#没有注册账号依然可以登陆
mobile = login_form.cleaned_data["mobile"]
# code = login_form.cleaned_data["code"]
existed_users = UserProfile.objects.filter(mobile=mobile)
if existed_users:
user = existed_users[0]
else:
#新建用户
user = UserProfile(username=mobile)
password = generate_random(10, 2)
user.set_password(password)
user.mobile = mobile
user.save()
login(request, user)
return HttpResponseRedirect(reverse("index"))
else:
d_form = DynamicLoginForm()
return render(
request, "login.html", {
"login_form": login_form,
"d_form": d_form,
"dynamic_login": dynamic_login
})
def change_avatar(request):
# Handle file upload
if request.method == 'POST':
form = DocumentForm(request.POST, request.FILES)
if form.is_valid():
profile = UserProfile(user = request.user, avatar= request.FILES['avatar'])
profile.save()
# Redirect to the document list after POST
return HttpResponseRedirect(reverse('users:avatar'))
else:
form = DocumentForm() # a empty
user = get_object_or_404(User, pk = request.user.id)
# Render list page with the documents and the form
return render_to_response('users/setting.html', {'user': user, 'form': form}, context_instance = RequestContext(request))
def search(request):
num_pages = 0
limit = None
nonvouched_only = False
picture_only = False
people = []
show_pagination = False
form = forms.SearchForm(request.GET)
groups = None
curated_groups = None
if form.is_valid():
query = form.cleaned_data.get('q', u'')
limit = form.cleaned_data['limit']
vouched = False if form.cleaned_data['nonvouched_only'] else None
profilepic = True if form.cleaned_data['picture_only'] else None
page = request.GET.get('page', 1)
curated_groups = Group.get_curated()
# If nothing has been entered don't load any searches.
if not (not query and vouched is None and profilepic is None):
profiles = UserProfile.search(query,
vouched=vouched,
photo=profilepic)
groups = Group.search(query)
paginator = Paginator(profiles, limit)
try:
people = paginator.page(page)
except PageNotAnInteger:
people = paginator.page(1)
except EmptyPage:
people = paginator.page(paginator.num_pages)
if len(profiles) == 1 and not groups:
return redirect(reverse('profile',
args=[people[0].user.username]))
if paginator.count > forms.PAGINATION_LIMIT:
show_pagination = True
num_pages = len(people.paginator.page_range)
d = dict(people=people,
form=form,
limit=limit,
nonvouched_only=nonvouched_only,
picture_only=picture_only,
show_pagination=show_pagination,
num_pages=num_pages,
groups=groups,
curated_groups=curated_groups)
if request.is_ajax():
return render(request, 'search_ajax.html', d)
return render(request, 'phonebook/search.html', d)
def register(request):
if request.user.is_authenticated():
# They already have an account; don't let them register again
return render_to_response('user/register.html', {'has_account': True},
context_instance=RequestContext(request))
manipulator = RegistrationForm()
if request.POST:
new_data = request.POST.copy()
errors = manipulator.get_validation_errors(new_data)
if not errors:
# Save the user
manipulator.do_html2python(new_data)
new_user = manipulator.save(new_data)
# Build the activation key for their account
salt = sha.new(str(random.random())).hexdigest()[:5]
activation_key = sha.new(salt+new_user.username).hexdigest()
key_expires = datetime.datetime.today() + datetime.timedelta(2)
# Create and save their profile
new_profile = UserProfile(user=new_user,
activation_key=activation_key,
key_expires=key_expires)
new_profile.save()
# Send an email with the confirmation link
email_subject = 'Your new example.com account confirmation'
email_body = """Hello, %s, and thanks for signing up for an \
example.com account!\n\nTo activate your account, click this link within 48 \
hours:\n\nhttp://example.com/accounts/confirm/%s""" % (
new_user.username,
new_profile.activation_key)
send_mail(email_subject,
email_body,
'*****@*****.**',
[new_user.email])
return render_to_response('user/register.html', {'created': True},
context_instance=RequestContext(request))
else:
return render_to_response('user/register.html', {'errors': errors},
context_instance=RequestContext(request))
else:
errors = new_data = {}
form = manipulator
return render_to_response('user/register.html', {'form': form},
context_instance=RequestContext(request))
def search(request):
num_pages = 0
limit = None
people = []
show_pagination = False
form = forms.SearchForm(request.GET)
groups = None
curated_groups = None
if form.is_valid():
query = form.cleaned_data.get('q', u'')
limit = form.cleaned_data['limit']
include_non_vouched = form.cleaned_data['include_non_vouched']
page = request.GET.get('page', 1)
curated_groups = Group.get_curated()
public = not (request.user.is_authenticated()
and request.user.userprofile.is_vouched)
profiles = UserProfile.search(query, public=public,
include_non_vouched=include_non_vouched)
if not public:
groups = Group.search(query)
paginator = Paginator(profiles, limit)
try:
people = paginator.page(page)
except PageNotAnInteger:
people = paginator.page(1)
except EmptyPage:
people = paginator.page(paginator.num_pages)
if profiles.count() == 1 and not groups:
return redirect(reverse('profile', args=[people[0].user.username]))
if paginator.count > forms.PAGINATION_LIMIT:
show_pagination = True
num_pages = len(people.paginator.page_range)
d = dict(people=people,
form=form,
limit=limit,
show_pagination=show_pagination,
num_pages=num_pages,
groups=groups,
curated_groups=curated_groups)
if request.is_ajax():
return render(request, 'search_ajax.html', d)
return render(request, 'phonebook/search.html', d)
def search(request):
num_pages = 0
limit = None
people = []
show_pagination = False
form = forms.SearchForm(request.GET)
groups = None
curated_groups = None
if form.is_valid():
query = form.cleaned_data.get("q", u"")
limit = form.cleaned_data["limit"]
include_non_vouched = form.cleaned_data["include_non_vouched"]
page = request.GET.get("page", 1)
curated_groups = Group.get_curated()
profiles = UserProfile.search(query, include_non_vouched=include_non_vouched)
groups = Group.search(query)
paginator = Paginator(profiles, limit)
try:
people = paginator.page(page)
except PageNotAnInteger:
people = paginator.page(1)
except EmptyPage:
people = paginator.page(paginator.num_pages)
if profiles.count() == 1 and not groups:
return redirect(reverse("profile", args=[people[0].user.username]))
if paginator.count > forms.PAGINATION_LIMIT:
show_pagination = True
num_pages = len(people.paginator.page_range)
d = dict(
people=people,
form=form,
limit=limit,
show_pagination=show_pagination,
num_pages=num_pages,
groups=groups,
curated_groups=curated_groups,
)
if request.is_ajax():
return render(request, "search_ajax.html", d)
return render(request, "phonebook/search.html", d)
def test_empty_query_search(self):
"""Make sure the search method works with an empty query."""
assert UserProfile.search('').count()
def handle(self, *args, **options):
users = [
User.objects.get(username='******'),
#User.objects.get(username='******'),
#User.objects.get(username='******'),
#User.objects.get(username='******')
]
up = UserProfile.objects.get(user=users[0])
up.tags.add(ncaa_tag_name)
up.tags.add(coach_tag_name)
for user in users:
assign_perm(UserProfile.get_permission_name('edit'), user, ncaa_group)
assign_perm(UserProfile.get_permission_name('view'), user, ncaa_group)
assign_perm(UserProfile.get_permission_name('edit'), user, coach_group)
assign_perm(UserProfile.get_permission_name('view'), user, coach_group)
#Request.objects.all().delete()
ncaa_text_to_use = """
Pursuant to the %s, I am requesting the following documents:<br/><br/>\
The equity/revenue-and-expenses report completed by the athletic department for the \
National Collegiate Athletic Association for the 2014 fiscal year. This report is a \
multi-page document that had to be submitted to the NCAA by Jan. 15, 2015. \
It contains 38 revenue and expense categories, followed by specific breakdowns of \
each of those categories, by sport and gender. I am requesting the full report, \
including the detail tables and the Statement of Revenues and Expenses that appear at the end of the report. <br/><br/>\
PLEASE NOTE: The NCAA report is different than the equity report that is sent to the\
U.S. Department of Education for Title IX compliance. <br/><br/>\
%s
"""
coach_text_to_use = """
Pursuant to %s, I am requesting the following documents:<br/><br/>\
The current contracts for %s. If a contract is under negotiation, \
please forward the current contract but let me know that a new contract may be forthcoming. \
If there is no contact for one or both, please forward the letter(s) of intent or other \
document(s) outlining each employee's conditions of employment \
-- including bonus structure -- and/or a current statement of salary. <br/><br/>\
%s
"""
fname = settings.SITE_ROOT + "/apps/requests/data/NCAA-pio.csv"
#with codecs.open(fname, 'w', encoding="utf-8") as f:
# resp = requests.get("https://docs.google.com/spreadsheets/d/1kccaiCCYIHOTEvpUWQiKs51v6K2TNRX7-NN6l1WtzyM/pub?output=csv")
# f.write(resp.text)
reader = list(UnicodeReader(open(fname, 'rb')))
#create contacts
header = reader[0]
for idx, row in enumerate(reader[1:]):
user = users[0]
up = UserProfile.objects.get(user=user)
state = row[header.index('STATE')]
agency_name = row[header.index("UNIVERSITY")]
pio = row[header.index("PIO OFFICER")]
email = row[header.index("PIO Email")]
phone = row[header.index("PIO Phone")]
sid_pio = row[header.index("SID ")]
sid_email = row[header.index("SID Email")]
sid_phone = row[header.index("SID Phone")]
is_power = (row[header.index("Power Conference")] == 'TRUE')
is_private = (row[header.index("Is Private")] == 'TRUE')
if not is_private and state != '' and email != 'N/A' and pio != 'N/A' and agency_name != '':
govt = get_or_create_us_govt(state, 'state')
fname = pio.split(" ")[0]
lname = pio.split(" ")[-1]
middle = ''
#alter table `contacts_contact` convert to character set utf8 collate utf8_general_ci;
#alter table `agency_agency` convert to character set utf8 collate utf8_general_ci;
#alter table `requests_request` convert to character set utf8 collate utf8_general_ci;
try:
agency, acreated = Agency.objects.get_or_create(name=agency_name, government=govt)
except Exception as e:
print e
print "If more than one agency was returned, pick one!"
import pdb;pdb.set_trace()
try:
contact, ccreated = agency.contacts.get_or_create(first_name=fname, middle_name=middle, last_name=lname)
except Exception as e:
print e
print "If more than one contact was returned, pick one!"
import pdb;pdb.set_trace()
sid_contact = None
if phone != 'N/A':
contact.add_phone(phone)
contact.add_email(email)
#agency.contacts.add(contact)
if sid_pio != 'N/A' and sid_email != 'N/A':
fname = sid_pio.split(" ")[0]
lname = sid_pio.split(" ")[-1]
sid_contact, ccreated = Contact.objects.get_or_create(first_name=fname, middle_name='', last_name=lname)
sid_contact.add_title("SID")
sid_contact.add_email(sid_email)
if sid_phone != 'N/A':
sid_contact.add_phone(sid_phone)
agency.contacts.add(sid_contact)
contacts = [contact]
if sid_contact is not None:
contacts = [contact, sid_contact]
agency.save()
#logger.info('agency %s %s contact %s %s %s %s' % (agency_name, acreated, fname, middle, lname, ccreated))
law_texts = []
for l in govt.statutes.all():
law_texts.append('%s' % (l.short_title,))
misc_graf = """
Please advise me in advance of the estimated charges associated with fulfilling \
this request.</br></br>In the interest of expediency, and to minimize the research\
and/or duplication burden on your staff, please send records electronically if possible.\
If this is not possible, please notify me by phone at %s before sending to the address listed below.
""" % (up.phone)
misc_graf += '<br/></br>Sincerly,<br/><br/>%s<br/>%s<br/>%s<br/>%s' % (user.first_name + ' ' + user.last_name, up.mailing_address, up.mailing_city + ', ' + up.mailing_state + ' ' + up.mailing_zip, up.phone)
if not is_power:
fields_to_use = {
'author': user,
'title': 'NCAA Report - %s' % agency_name,
'free_edit_body': ncaa_text_to_use % (' and '.join(law_texts), misc_graf),
'private': True,
'text': ncaa_text_to_use
}
therequest = Request(**fields_to_use)
therequest.date_added = datetime.now()
therequest.save()
therequest.contacts = contacts
therequest.government = govt
therequest.agency = agency
therequest.tags.add(ncaa_tag_name)
therequest.save()
assign_perm(Request.get_permission_name('view'), ncaa_group, therequest)
#assign_perm(Request.get_permission_name('edit'), thegroup, therequest)
coaches = [
'Football Coach',
'Offensive Coord.',
'Defensive Coord.',
"Men's BB Coach",
"Women's BB Coach"
]
coaches_str = []
for coach in coaches:
val = row[header.index(coach)].strip()
if val != 'N/A' and val != '':
coaches_str.append("%s (%s)" % (val, coach))
print val
fields_to_use = {
'author': user,
'title': 'Coach Contracts - %s' % agency_name,
'free_edit_body': coach_text_to_use % (' and '.join(law_texts), ', '.join(coaches_str), misc_graf),
'private': True,
'text': coach_text_to_use
}
therequest = Request(**fields_to_use)
therequest.date_added = datetime.now()
therequest.save()
therequest.contacts = contacts
therequest.government = govt
therequest.agency = agency
therequest.tags.add(coach_tag_name)
therequest.save()
assign_perm(Request.get_permission_name('view'), coach_group, therequest)
def test_save(self):
user_profile = UserProfile(user=User.objects.create_user('john', '*****@*****.**', 'johnpassword'), bio='my bio')
user_profile.save()
self.assertEqual(user_profile, UserProfile.objects.get(id=user_profile.id))
def obj_update(self, bundle, **kwargs):
data = bundle.data
user = bundle.request.user
bundle.obj = Group.objects.get(id=data['id'])
if 'data' in data.keys():
#if 'action' in data['data'].keys() and data['data']['action'] == 'chown':
#we are associating, disassociating... assuming the USER is taking action here
if 'request_id' in data.keys() and data['request_id']:
req = Request.objects.get(id=data['request_id'])
if 'action' in data['data'].keys() and req.author == bundle.request.user:
if data['data']['action'] == 'associate':
assign_perm(Request.get_permission_name('view'), bundle.obj, req)
bundle.data['data']['result'] = 'associated'
elif data['data']['action'] == 'disassociate':
remove_perm(Request.get_permission_name('view'), bundle.obj, req)
remove_perm(Request.get_permission_name('edit'), bundle.obj, req)
bundle.data['data']['result'] = 'disassociated'
elif data['data']['action'] == 'change-access':
#right now we are toggling between view and edit
checker = ObjectPermissionChecker(bundle.obj)
if checker.has_perm(Request.get_permission_name('view'), req) and not checker.has_perm(Request.get_permission_name('edit'), req):
assign_perm(Request.get_permission_name('edit'), bundle.obj, req)
elif user.has_perm(Request.get_permission_name('edit'), req):
remove_perm(Request.get_permission_name('edit'), bundle.obj, req)
else:
raise ImmediateHttpResponse(HttpForbidden("We couldn't determine the appropriate permissions to assign. Sorry."))
else:
logger.info("%s tried to remove users from request %s owned by %s" % (bundle.request.user, req, req.author))
raise ImmediateHttpResponse(HttpBadRequest("It appears you don't have permission to change that user or group's permission."))
else:
can_edit = bundle.request.user.has_perm(UserProfile.get_permission_name('edit'), bundle.obj)
if not can_edit:
raise ImmediateHttpResponse(HttpForbidden("It doesn't appear you can edit this group."))
if 'action' in data['data'].keys() and data['data']['action'] == 'rename':
bundle.obj.name = data['name']
bundle.obj.save()
if 'action' in data['data'].keys() and data['data']['action'] == 'chown' and 'user_id' in data['data'].keys() and data['data']['user_id']:
#change user permission on a group object
other_user = User.objects.get(id=data['data']['user_id'])
o_can_edit = other_user.has_perm(UserProfile.get_permission_name('edit'), bundle.obj)
if o_can_edit:
#toggled to view
remove_perm(UserProfile.get_permission_name('edit'), other_user, bundle.obj)
else:
#toggled to edit
assign_perm(UserProfile.get_permission_name('edit'), other_user, bundle.obj)
else:
'''
NOTE about group permissions
The creator of the requst is the only one who can share a request with other users and groups
Otherwise the request could be shared with any number of people
'''
can_edit = bundle.request.user.has_perm(UserProfile.get_permission_name('edit'), bundle.obj)
if not can_edit:
raise ImmediateHttpResponse(HttpForbidden("It doesn't appear you can edit this group."))
#we are adding or removing users to the group on the group page
users = set([User.objects.get(pk=user['id']) for user in data['users']])
existing_users = set([usr for usr in bundle.obj.user_set.all()])
to_remove = existing_users - users
#need to remove and set permissions here
for usr in to_remove:
remove_perm(UserProfile.get_permission_name('edit'), usr, bundle.obj)
remove_perm(UserProfile.get_permission_name('view'), usr, bundle.obj)
for usr in users:
#users can view but not edit by default
assign_perm(UserProfile.get_permission_name('view'), usr, bundle.obj)
bundle.obj.user_set = users
bundle.obj.save()
data.pop('data', None)
data.pop('request_id', None)
return bundle
def participant_profile(request,username,user_profile_form):
message = "Your form has the following errors <br />\n"
alert_message = "The form has errors. Error details are at the top of the registration form"
login_success = "no"
user_profile_form = UserProfileForm(deserialize_form(user_profile_form))
forms_successfully_validated = 0
# validating user_profile_form
if user_profile_form.is_valid():
forms_successfully_validated = 1
else:
for field in user_profile_form:
for error in field.errors:
message=message+field.html_name+" : "+error+"<br />\n"
new_user.first_name=user_form.cleaned_data['first_name']
new_user.last_name=user_form.cleaned_data['last_name']
new_user.email=user_form.cleaned_data['email']
new_user.save()
new_user_profile=UserProfile()
new_user_profile.gender= user_profile_form.cleaned_data['gender']
new_user_profile.dob= user_profile_form.cleaned_data['dob']
new_user_profile.mobile_number= user_profile_form.cleaned_data['mobile_number']
new_user_profile.branch= user_profile_form.cleaned_data['branch']
new_user_profile.college= user_profile_form.cleaned_data['college']
new_user_profile.college_roll= user_profile_form.cleaned_data['college_roll']
new_user_profile.school_student= user_profile_form.cleaned_data['school_student']
new_user_profile.want_accomodation= user_profile_form.cleaned_data['want_accomodation']
new_user_profile.user=new_user
new_user_profile.save()
#the next 3 lines creates a blank erp_profile for this user since other pages and features cannot be accessed without an erp_profile. but not needed actually
# erp_prof=ERPProfile()
# erp_prof.user=new_user
# erp_prof.save()
if forms_successfully_validated == 1:
alert_message="Registered successfully. Now please login"
else:
alert_message="The form has errors. Error details are at the top of the registration form"
return simplejson.dumps({'message': message,'alert_message':alert_message})
strat = load_strategy(backend=backend)
backend = strat.backend
#try:
# user = backend.do_auth(access_token=access_token)
#except:
# return HttpResponse('Unauthorized', status=401)
user = backend.do_auth(access_token=access_token)
print user
try:
userprofile = user.profile
upid=userprofile.id
except Exception, e:
# Create and save a userprofile
userprofile = UserProfile(user=user)
userprofile.save()
try:
token=Token.objects.create(user=user)
except Exception, e:
pass
token=Token.objects.get(user=user).key
data = {
'username' : user.username,
'userid' : user.id,
'token' : token,
'userprofileid' : userprofile.id,
'email' : user.email,
}
data = json.dumps(data)
return HttpResponse(data, mimetype="application/json")
def handle(self, *args, **options):
letter_responses = {}
if len(args) < 1:
print "Please provide ID of Google Spreadsheet"
return -1
idd = args[0]
resp = requests.get("https://docs.google.com/spreadsheets/d/%s/pub?output=csv" % idd)
reader = list(csv.reader(resp.content.split('\n'), delimiter=','))
header = reader[0]
for row in reader[1:-1]:
#get user, contact and agency
user = User.objects.get(username=row[header.index('username')])
user_profile = UserProfile.objects.get(user=user)
govt = get_or_create_us_govt(row[header.index("state")], 'state')
agency, acreated = Agency.objects.get_or_create(name=row[header.index("agency")], government=govt)
contact, ccreated = agency.contacts.get_or_create(
first_name=row[header.index("contact.first.name")],
middle_name=row[header.index("contact.middle.name")],
last_name=row[header.index("contact.last.name")])
if row[header.index("contact.email")] != "":
contact.add_email(row[header.index("contact.email")])
if row[header.index("contact.phone")] != "":
contact.add_phone(row[header.index("contact.phone")])
#set up group and tags
group, created = Group.objects.get_or_create(name=row[header.index("group")])
assign_perm(UserProfile.get_permission_name('edit'), user, group)
assign_perm(UserProfile.get_permission_name('view'), user, group)
user.groups.add(group)
user_profile.tags.add(row[header.index("tag")])
#assemble law text
law_texts = []
for l in govt.statutes.all():
law_texts.append('%s' % (l.short_title,))
law_text = ' and '.join(law_texts)
#get the letter template
letter_url = row[header.index("letter.url")]
letter_template = ''
if letter_url in letter_responses.keys():
letter_template = letter_responses[letter_url]
else:
letter_resp = requests.get(letter_url)
letter_template = letter_resp.content
letter_responses[letter_url] = letter_template
#render the template
context = Context({
'contact': contact,
'user_profile': user_profile,
'user': user,
'law_text': law_text
})
template = Template(letter_template)
letter = template.render(context)
#create the request
fields_to_use = {
'author': user,
'title': row[header.index("request.title")],
'free_edit_body': letter,
'private': True if row[header.index("request.private")] == "TRUE" else False,
'text': letter#silly distinction leftover from old days but fill it in
}
#delete all requests that look like the one i'm about to make so we don't have duplicates floating around
Request.objects.filter(author=user, title=row[header.index("request.title")]).delete()
#create the request
therequest = Request(**fields_to_use)
therequest.date_added = datetime.now()
therequest.save()
therequest.contacts = [contact]
therequest.government = govt
therequest.agency = agency
therequest.tags.add(row[header.index("tag")])
therequest.save()
#assing permissions to the request
assign_perm(Request.get_permission_name('view'), group, therequest)
assign_perm(Request.get_permission_name('edit'), group, therequest)
if row[header.index("request.send")] == "TRUE":
therequest.send()
print "SENT request %s" % row[header.index("request.title")]
else:
print "STAGED request %s" % row[header.index("request.title")]
def test_change_user_group_perms(self):
self.add_user_to_group(self.usertwo)
self.assertEqual(self.usertwo.groups.filter(name=self.post_data['name']).count(), 1)
groupjson = self.groupJSON.copy()
groupjson['data'] = {'action': 'chown', 'user_id': self.usertwo.id}
update_resp = self.api_client.put(groupjson['resource_uri'], format='json', data=groupjson, authentication=self.get_credentials())
self.assertEqual(self.usertwo.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
self.assertEqual(self.userthree.has_perm(UserProfile.get_permission_name('edit'), self.group), False)
self.assertEqual(self.user.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
groupjson = self.groupJSON.copy()
groupjson['data'] = {'action': 'chown', 'user_id': self.userthree.id}
#attempt to grant permissions without using an editor user
update_resp = self.api_client.put(groupjson['resource_uri'], format='json', data=groupjson, authentication=self.get_credentials_other(self.userthree.username))
self.assertEqual(self.usertwo.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
self.assertEqual(self.userthree.has_perm(UserProfile.get_permission_name('edit'), self.group), False)
self.assertEqual(self.user.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
#grant permissions using an editor user
update_resp = self.api_client.put(groupjson['resource_uri'], format='json', data=groupjson, authentication=self.get_credentials_other(self.usertwo.username))
self.assertEqual(self.usertwo.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
self.assertEqual(self.userthree.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
self.assertEqual(self.user.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
#take away edit permissions
update_resp = self.api_client.put(groupjson['resource_uri'], format='json', data=groupjson, authentication=self.get_credentials_other(self.usertwo.username))
self.assertEqual(self.usertwo.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
self.assertEqual(self.userthree.has_perm(UserProfile.get_permission_name('edit'), self.group), False)
self.assertEqual(self.user.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
