def user_account(request, param_username):
page_vars = { "page_title": "Account: " + request.user.username }
if current_user(request) and param_username == request.user.username:
try:
requested_user = User.objects.get(username=param_username)
except User.DoesNotExist:
raise Http404
if request.method == "GET":
user_profile = Profile.objects.get(user = request.user)
init_values = {'time_zone': user_profile.time_zone, 'email': request.user.email}
page_vars['form'] = UserProfileForm(initial=init_values)
csrfContext = RequestContext(request, page_vars)
return render(request, 'auth/user_account.html', csrfContext)
elif request.method == "POST":
if current_user(request):
completed_form = UserProfileForm(request.POST)
if completed_form.is_valid():
user_profile = Profile.objects.get(user=request.user)
user_obj = User.objects.get(username=request.user.username)
# Updating User and Profile Objects with form data
user_profile.time_zone = completed_form.cleaned_data['time_zone']
request.session['user_timezone'] = completed_form.cleaned_data['time_zone']
user_obj.email = completed_form.cleaned_data['email']
# Only update the user's password if it's not empty
if completed_form.cleaned_data['password'] != '':
user_obj.set_password(completed_form.cleaned_data['password'])
# Commiting the edited objects to the database
user_profile.save()
user_obj.save()
messages.add_message(request, messages.SUCCESS, 'Success: Your Account Has Been Updated')
return HttpResponseRedirect('/' + request.user.username + '/account')
else:
generate_form_errors(request, completed_form)
return HttpResponseRedirect('/' + request.user.username + '/account')
else:
raise Http404
else:
raise Http404
def edit_user(request, param_user_pk):
# If current user is authenticated and it staff.
if current_staff(request):
page_vars = {"page_title": 'Alter User'}
# Getting Requested User object from database.
try:
requested_user = User.objects.get(pk=param_user_pk)
except User.DoesNotExist:
raise Http404
# User is requesting the form, build it!
if request.method == "GET":
# Get profile object from database.
try:
user_profile = Profile.objects.get(user=requested_user)
except Profile.DoesNotExist:
raise Http404
# Build initial values for form.
init_values = {'time_zone': user_profile.time_zone, 'email': requested_user.email}
# Create Form object with initial values.
page_vars['form'] = UserProfileForm(initial=init_values)
# Getting requested_user so we can create the post link via pk.
page_vars['requested_user'] = requested_user
# Generating the CSRF context.
csrfContext = RequestContext(request, page_vars)
# Render page with form.
return render(request, 'administrative/edit_user.html', csrfContext)
# Okay so the user is submitting changes, apply them!
elif request.method == "POST":
# Build form obj from POST data.
completed_form = UserProfileForm(request.POST)
if completed_form.is_valid():
# We need to get the profile obj out of the db.
try:
user_profile = Profile.objects.get(user=requested_user)
except Profile.DoesNotExist:
raise Http404
# Update User and Profile objs in db with validated form-data.
user_profile.time_zone = completed_form.cleaned_data['time_zone']
requested_user.email = completed_form.cleaned_data['email']
# Only update the password if it's not empty.
if completed_form.cleaned_data['password'] != '':
requested_user.set_password(completed_form.cleaned_data['password'])
# Save the changes to the database.
user_profile.save()
requested_user.save()
# Generate message for the user
messages.add_message(request, messages.SUCCESS, 'Success: Changes Applied to User')
# Redirect back to user-edit page.
return HttpResponseRedirect('/admin/edit_user/{0}'.format(requested_user.pk))
# Form data is NOT valid. Generate messages.
else:
# Generate error messages from form
generate_form_errors(request, completed_form)
# Update page_vars
page_vars['form'] = completed_form
# Generate CSRF Context.
csrfContext = RequestContext(request, page_vars)
# Render page with errors, old form.
return render(request, 'administrative/edit_user.html', csrfContext)
else:
raise Http404
