def post(self, request, *args, **kwargs):
user = request.user
target = self.get_obj()
target = user_permissions(request, target)
profile = target.profile
# The response after the action
response = HttpResponseRedirect(target.get_absolute_url())
if target.is_administrator:
messages.warning(request, "Cannot moderate an administrator")
return response
if user == target:
messages.warning(request, "Cannot moderate yourself")
return response
if not user.is_moderator:
messages.warning(request, "Only moderators have this permission")
return response
if not target.is_editable:
messages.warning(request, "Target not editable by this user")
return response
form = self.form_class(request.POST, pk=target.id)
if not form.is_valid():
messages.error(request, "Invalid user modification action")
return response
action = int(form.cleaned_data['action'])
if action == User.BANNED and not user.is_administrator:
messages.error(request, "Only administrators may ban users")
return response
if action == User.BANNED and user.is_administrator:
# Remove data by user
profile.clear_data()
# Remove badges that may have been earned by this user
Award.objects.filter(user=target).delete()
# Mass delete posts by this user
query = Post.objects.filter(author=target, type__in=Post.TOP_LEVEL).update(status=Post.DELETED)
# Delete posts with no votes.
query = Post.objects.filter(author=target, type__in=Post.TOP_LEVEL, vote_count=0, reply_count=0)
count = query.count()
query.delete()
messages.success(request, "User banned, %s posts removed" % count)
# Apply the new status
User.objects.filter(pk=target.id).update(status=action)
messages.success(request, 'Moderation completed')
return response
def get(self, request, *args, **kwargs):
target = self.get_obj()
target = user_permissions(request, target)
form = self.form_class(pk=target.id)
context = dict(form=form, target=target)
return render(request, self.template_name, context)
def post(self, request, *args, **kwargs):
target = User.objects.get(pk=self.kwargs['pk'])
target = auth.user_permissions(request=request, target=target)
profile = target.profile
# The essential authentication step.
if not target.has_ownership:
messages.error(request, "Only owners may edit their profiles")
return HttpResponseRedirect(reverse("home"))
form = self.form_class(profile, request.POST)
if form.is_valid():
f = form.cleaned_data
if User.objects.filter(email=f['email']).exclude(pk=request.user.id):
# Changing email to one that already belongs to someone else.
messages.error(request, "The email that you've entered is already registered to another user!")
return render(request, self.template_name, {'form': form})
# Valid data. Save model attributes and redirect.
for field in self.user_fields:
setattr(target, field, f[field])
for field in self.prof_fields:
setattr(profile, field, f[field])
target.save()
profile.add_tags(profile.watched_tags)
profile.save()
messages.success(request, "Profile updated")
return HttpResponseRedirect(self.get_success_url())
# There is an error in the form.
return render(request, self.template_name, {'form': form})
def post(self, request=None, *args, **kwargs):
target = User.objects.get(pk=self.kwargs['pk'])
target = auth.user_permissions(request=request, target=target)
# The essential authentication step.
if not target.has_ownership:
messages.error(request, "Only owners may edit their EnergyNote account")
return HttpResponseRedirect(reverse("home"))
form = self.form_class(request.POST)
if form.is_valid():
f = form.cleaned_data
# Valid data. Save model attributes and redirect.
setattr(target, 'energynote_email', f['energynote_email'])
setattr(target, 'is_energynote_verified', True)
target.save()
messages.success(request, "EnergyNote account connected")
return HttpResponseRedirect(self.get_success_url())
# There is an error in the form.
return render(request, self.template_name, {'form': form})
def get(self, request, *args, **kwargs):
user = request.user
target = self.get_obj()
target = user_permissions(request, target)
form = self.form_class(pk=target.id)
context = dict(form=form, target=target)
return render(request, self.template_name, context)
def get(self, request, *args, **kwargs):
target = User.objects.get(pk=self.kwargs['pk'])
target = auth.user_permissions(request=request, target=target)
if not target.has_ownership:
messages.error(request, "Only owners may edit their EnergyNote account")
return HttpResponseRedirect(reverse("home"))
initial = {}
initial['energynote_email'] = getattr(target, 'energynote_email')
form = self.form_class(initial=initial)
return render(request, self.template_name, {'form': form})
def post(self, request, *args, **kwargs):
user = request.user
target = self.get_obj()
target = user_permissions(request, target)
# The response after the action
response = HttpResponseRedirect(target.get_absolute_url())
if not user.is_moderator or not target.is_editable:
messages.warning(
request,
"Current user does not have sufficient moderator privileges")
return response
if target.is_administrator:
messages.warning(request, "Cannot moderate an administrator")
return response
if user == target:
messages.warning(request, "Cannot moderate yourself")
return response
form = self.form_class(request.POST, pk=target.id)
if not form.is_valid():
messages.error(request, "Invalid user modification action")
return response
action = int(form.cleaned_data['action'])
if action == User.BANNED and not user.is_administrator:
messages.info(request, "Only administrators can ban users")
return response
if action == User.BANNED and user.is_administrator:
query = Post.objects.filter(author=target,
type__in=Post.TOP_LEVEL,
vote_count=0)
count = query.count()
query.delete()
messages.success(request, "User banned, %s posts removed" % count)
return response
# Apply the new status
User.objects.filter(pk=target.id).update(status=action)
messages.success(request, 'Moderation completed')
return response
def post(self, request, *args, **kwargs):
user = request.user
target = self.get_obj()
target = user_permissions(request, target)
# The response after the action
response = HttpResponseRedirect(target.get_absolute_url())
if not user.is_moderator or not target.is_editable:
messages.warning(request, "Current user does not have sufficient moderator privileges")
return response
if target.is_administrator:
messages.warning(request, "Cannot moderate an administrator")
return response
if user == target:
messages.warning(request, "Cannot moderate yourself")
return response
form = self.form_class(request.POST, pk=target.id)
if not form.is_valid():
messages.error(request, "Invalid user modification action")
return response
action = int(form.cleaned_data["action"])
if action == User.BANNED and not user.is_administrator:
messages.info(request, "Only administrators can ban users")
return response
if action == User.BANNED and user.is_administrator:
query = Post.objects.filter(author=target, type__in=Post.TOP_LEVEL, vote_count=0)
count = query.count()
query.delete()
messages.success(request, "User banned, %s posts removed" % count)
return response
# Apply the new status
User.objects.filter(pk=target.id).update(status=action)
messages.success(request, "Moderation completed")
return response
def get(self, request, *args, **kwargs):
target = User.objects.get(pk=self.kwargs['pk'])
target = auth.user_permissions(request=request, target=target)
profile = target.profile
if not target.has_ownership:
messages.error(request, "Only owners may edit their profiles")
return HttpResponseRedirect(reverse("home"))
initial = {}
for field in self.user_fields:
initial[field] = getattr(target, field)
for field in self.prof_fields:
initial[field] = getattr(target.profile, field)
form = self.form_class(profile, initial=initial)
return render(request, self.template_name, {'form': form})
def get_object(self):
obj = super(UserDetails, self).get_object()
obj = auth.user_permissions(request=self.request, target=obj)
return obj
def get_object(self):
obj = super(UserDetails, self).get_object()
obj = auth.user_permissions(request=self.request, target=obj)
return obj
def post(self, request, *args, **kwargs):
user = request.user
target = self.get_obj()
target = user_permissions(request, target)
profile = target.profile
# The response after the action
response = HttpResponseRedirect(target.get_absolute_url())
if target.is_administrator:
messages.warning(request, "Cannot moderate an administrator")
return response
if user == target:
messages.warning(request, "Cannot moderate yourself")
return response
if not user.is_moderator:
messages.warning(request, "Only moderators have this permission")
return response
if not target.is_editable:
messages.warning(request, "Target not editable by this user")
return response
form = self.form_class(request.POST, pk=target.id)
if not form.is_valid():
messages.error(request, "Invalid user modification action")
return response
action = int(form.cleaned_data['action'])
if action == User.BANNED and not user.is_administrator:
messages.error(request, "Only administrators may ban users")
return response
if action == User.BANNED and user.is_administrator:
# Remove data by user
profile.clear_data()
# Lets make sure we don't ban people that have been around a while
# These can still be removed but via the admin interface
# We do this to limit damage that a hacked admin account could do.
if target.score > 3:
messages.error(request, "Target user has a high score and can only be banned via the admin interface")
return response
# Remove badges that may have been earned by this user.
Award.objects.filter(user=target).delete()
# Delete all votes by this user.
Vote.objects.filter(author=target).delete()
# Mark all posts as deleted.
Post.objects.filter(author=target).update(status=Post.DELETED)
# Destroy posts with no votes.
query = Post.objects.filter(author=target, vote_count__lt=2)
count = query.count()
query.delete()
messages.success(request, "User banned, %s posts removed" % count)
# Apply the new status
User.objects.filter(pk=target.id).update(status=action)
messages.success(request, 'Moderation completed')
return response
def post(self, request, *args, **kwargs):
target = self.get_obj()
target = user_permissions(request, target)
profile = target.profile
# The response after the action
response = HttpResponseRedirect(target.get_absolute_url())
if target.is_administrator:
logger.warning("Cannot moderate an administrator (Request: %s)",
request)
return response
# if user == target:
# logger.warning("Cannot moderate yourself (Request: %s)", request)
# return response
# if not user.is_moderator:
# logger.warning("Only moderators have this permission (Request: %s)", request)
# return response
if not target.is_editable:
logger.warning("Target not editable by this user (Request: %s)",
request)
return response
form = self.form_class(request.POST, pk=target.id)
if not form.is_valid():
logger.error("Invalid user modification action (Request: %s)",
request)
return response
action = int(form.cleaned_data['action'])
# if action == User.BANNED and not user.is_administrator:
# logger.error("Only administrators may ban users (Request: %s)", request)
# return response
# if action == User.BANNED and user.is_administrator:
# # Remove data by user
# profile.clear_data()
# # Lets make sure we don't ban people that have been around a while
# # These can still be removed but via the admin interface
# # We do this to limit damage that a hacked admin account could do.
# if target.score > 3:
# logger.error("Target user has a high score and can only be banned via the admin interface (Request: %s)", request)
# return response
# # Remove badges that may have been earned by this user.
# Award.objects.filter(user=target).delete()
# # Delete all votes by this user.
# Vote.objects.filter(author=target).delete()
# # Mark all posts as deleted.
# Post.objects.filter(author=target).update(status=Post.DELETED)
# # Destroy posts with no votes.
# query = Post.objects.filter(author=target, vote_count__lt=2)
# count = query.count()
# query.delete()
# logger.info("User banned, %s posts removed (Request: %s)", count, request)
# Apply the new status
User.objects.filter(pk=target.id).update(status=action)
logger.info('Moderation completed (Request: %s)', request)
return response
def post(self, request, *args, **kwargs):
user = request.user
target = self.get_obj()
target = user_permissions(request, target)
profile = target.profile
# The response after the action
response = HttpResponseRedirect(target.get_absolute_url())
if target.is_administrator:
messages.warning(request, "No puedes moderar a un administrador")
return response
if user == target:
messages.warning(request, "No puedes moderarte a ti mismo")
return response
if not user.is_moderator:
messages.warning(request, "Sólo los moderadores tienen este permiso")
return response
if not target.is_editable:
messages.warning(request, "No es editable por este usuario")
return response
form = self.form_class(request.POST, pk=target.id)
if not form.is_valid():
messages.error(request, "Acción inválida")
return response
action = int(form.cleaned_data['action'])
if action == User.BANNED and not user.is_administrator:
messages.error(request, "Sólo administradores pueden banear usuarios")
return response
if action == User.BANNED and user.is_administrator:
# Remove data by user
profile.clear_data()
# Lets make sure we don't ban people that have been around a while
# These can still be removed but via the admin interface
# We do this to limit damage that a hacked admin account could do.
if target.score > 3:
messages.error(request, "El usuario tienen un score alto y sólo puede ser baneado mediante la interface de administrador")
return response
# Remove badges that may have been earned by this user.
Award.objects.filter(user=target).delete()
# Delete all votes by this user.
Vote.objects.filter(author=target).delete()
# Mark all posts as deleted.
Post.objects.filter(author=target).update(status=Post.DELETED)
# Destroy posts with no votes.
query = Post.objects.filter(author=target, vote_count__lt=2)
count = query.count()
query.delete()
messages.success(request, "Usuario baneado, %s post removidos" % count)
# Apply the new status
User.objects.filter(pk=target.id).update(status=action)
messages.success(request, 'Moderación completa')
return response
