def get(self, request, *args, **kwargs):
cedula = self.kwargs['cedula']
datos_n = Datos.objects.get(cedula=cedula)
nombre = datos_n.p_nombre.strip()
apellido = datos_n.p_apellido
usuario_clave = nombre[:1] + apellido
usuario_clave = usuario_clave.lower()
clave = handler.encrypt(usuario_clave)
datos_u = User.objects.all().order_by('-id')[:1]
datos_u_v = datos_u.values('id')
ultimo_id_user = datos_u_v[0]['id'] + 1
useradd = User()
useradd.id = ultimo_id_user
useradd.username = cedula
useradd.password = clave
useradd.first_name = nombre
useradd.last_name = apellido
useradd.is_active = False
useradd.save()
ultimo = useradd.id
datos_user = Datos.objects.all()
datos_user_f = datos_user.filter(cedula=cedula)
datos_user_f.update(usuario_id=ultimo, grupo_usuario=3)
return HttpResponse('<div>Creando...</div>')
def users_reset_password():
"""Reset user password using uuid
sample request
{
"user_id":"18fcbb87-d56a-48ed-b589-47a26166eb8c34"
}
sample response:
{
"response_message": "Successfully Password Reset.",
"response_status": "SUCCESS"
}
:return: Dict
"""
request_dict = request.get_json()
if "user_id" in request_dict and User.query.filter_by(
user_uuid=request_dict['user_id']).first():
# print(request_dict['user_id'])
random_new_password = str(uuid.uuid1())[:10]
password = django_pbkdf2_sha256.encrypt(random_new_password)
user_details = User.query.filter_by(
user_uuid=request_dict['user_id']).first()
user_details.password = password
db.session.commit()
else:
return (jsonify({
cts.RESPONSE_STATUS: cts.RESPONSE_ERROR,
cts.RESPONSE_MESSAGE: cts.INVALID_REQUEST
}), 200)
return (jsonify({
cts.RESPONSE_STATUS: cts.RESPONSE_SUCCESS,
cts.RESPONSE_MESSAGE: cts.PASSWORD_RESET
}), 200)
def create(self, validated_data):
record = Account(first_name=validated_data['first_name'],
last_name=validated_data['last_name'],
emailid=validated_data['emailid'])
encrypted_password = handler.encrypt(validated_data['password'])
record.set_password(encrypted_password)
record.save()
return record
def register(request):
if request.method == "POST":
first_name = request.POST['fn']
last_name = request.POST['ln']
username = request.POST['un']
email = request.POST['email']
password = request.POST['psw']
enc_password = handler.encrypt(password)
user = Account(first_name=first_name, last_name=last_name, username=username, email=email, password=enc_password)
user.save()
return redirect(home)
return redirect(home)
def reset_password(request):
emailid = request.GET['emailid']
if request.method == "POST":
password = request.POST['password']
encrypted_password = handler.encrypt(password)
Account.objects.filter(emailid=emailid).update(
password=encrypted_password)
messages.add_message(
request, messages.SUCCESS,
'Congratulations, your password has been reset. Please Sign In your account here!'
)
return redirect('/')
return render(request, "reset_password.html", {'emailid': emailid})
def sign_up(request):
if request.method == "POST":
user=SignUp(request.POST)
if user.is_valid():
post=user.save(commit=False)
h = handler.encrypt(request.POST['password'])
post.password=h;
post.save()
return redirect('donq.views.log_in')
else :
return HttpResponse("<script>alert(회원가입 실패);</script>");
else:
user = SignUp()
return render(request,'donq/html/signup.html',{'form':user})
def get(self, request, *args, **kwargs):
id_user = self.kwargs['pk']
datos_n = Datos.objects.get(usuario_id=id_user)
nombre = datos_n.p_nombre.strip()[:1]
apellido = datos_n.p_apellido
usuario_clave = nombre + apellido
usuario_clave = usuario_clave.lower()
clave = handler.encrypt(usuario_clave)
datos_user = User.objects.all()
datos_user_f = datos_user.filter(id=id_user)
datos_user_f.update(password=clave)
return HttpResponse('<div>Actualizando...</div>')
def get(self, request, *args, **kwargs):
cursor = connection.cursor()
sql = "SELECT ced_num, apellido1, apellido2, nombre1, nombre2, cargo, fecha_naci, direccion, telefono, estatus, fecha_ingreso, tipo_empledo, departamento FROM datos_personales;"
cursor.execute(sql)
rows = dictfetchall(cursor)
for row in rows:
usuario_name = row['ced_num']
usuario_clave = row['nombre1'][:1]
usuario_clave = usuario_clave + row['apellido1']
usuario_clave = usuario_clave.lower()
clave = handler.encrypt(usuario_clave)
useradd = User()
useradd.username = usuario_name
useradd.password = clave
useradd.first_name = row['nombre1']
useradd.last_name = row['apellido1']
# useradd.save()
ultimo = useradd.id
add = Datos()
add.cedula = row['ced_num']
add.p_nombre = row['nombre1']
add.s_nombre = row['nombre2']
add.p_apellido = row['apellido1']
add.s_apellido = row['apellido2']
add.cargo = row['cargo']
add.fecha_naci = datetime.datetime.strptime(
row['fecha_naci'], '%d/%m/%Y').strftime('%Y-%m-%d')
add.telefono = row['telefono']
add.estatus = row['estatus']
add.fecha_ingreso = datetime.datetime.strptime(
row['fecha_ingreso'], '%d/%m/%Y').strftime('%Y-%m-%d')
add.tipo_empledo = row['tipo_empledo']
add.departamento = row['departamento']
add.direccion = row['direccion']
add.grupo_usuario = 3
add.usuario_id = ultimo
# add.save()
return HttpResponse('<div>>Actualizando...</div>')
def done(self,form_list, **kwargs):
#Modification du fichier settings.py
#Formulaire 0
tempFile = open(BASE+'soc/settings.tmp', 'w')
host=str(form_list[0].cleaned_data['pg_ip'])
port=int(form_list[0].cleaned_data['pg_port'])
database=str(form_list[0].cleaned_data['pg_base'])
user=str(form_list[0].cleaned_data['pg_user'])
password=str(form_list[0].cleaned_data['pg_password'])
dic=[
("'HOST':","\t\t'HOST':'"+host+"',\n"),
("'PORT':","\t\t'PORT':'"+str(port)+"',\n"),
("'NAME':","\t\t'NAME':'"+database+"',\n"),
("'USER':"******"\t\t'USER':'******',\n"),
("'PASSWORD':"******"\t\t'PASSWORD':'******',\n"),
]
for line in fileinput.input(BASE+'soc/settings.py'):
trouve=False
for tuple_texte in dic:
if tuple_texte[0] in line:
tempFile.write(line.replace(line,tuple_texte[1]))
trouve=True
dic.remove(tuple_texte)
break
if trouve==False:
tempFile.write(line)
tempFile.close()
del dic
os.rename(BASE+'soc/settings.tmp',BASE+'soc/settings.py')
#Cette etape permet de mettr een page principale la page d'authentification
tempFile = open(BASE+'soc/urls.tmp', 'w')
texte_remplacement="url(r'^$',views.login_view,name='login_view'),"
texte_recherche="url(r'^$',include('maintenance.urls',app_name='maintenance',namespace='maintenance')),"
for line in fileinput.input(BASE+'soc/urls.py'):
if texte_recherche in line:
tempFile.write(line.replace(line,texte_remplacement))
else:
tempFile.write(line)
tempFile.close()
os.rename(BASE+'soc/urls.tmp',BASE+'soc/urls.py')
initialiserPG(BASE+'maintenance/django.pg',host,port,database,user,password)
import psycopg2
conn = psycopg2.connect(host=host,port=port,database=database,user=user,password=password)
#Modification du fichier default.cfg
#Formulaire 1 et 2
self.config.set('Nessus','Adresse',str(form_list[1].cleaned_data['nessus_ip']))
self.config.set('Nessus','Port',str(form_list[1].cleaned_data['nessus_port']))
self.config.set('Nessus','Login',str(form_list[1].cleaned_data['nessus_user']))
self.config.set('Nessus','Password',str(form_list[1].cleaned_data['nessus_password']))
self.config.remove_section('LOCALISATION')
self.config.add_section('LOCALISATION')
for localisation in form_list[2].cleaned_data['localisation'].split('\r\n'):
loc_tuple=localisation.split(';')
try:
self.config.set('LOCALISATION',loc_tuple[0],loc_tuple[1])
except IndexError:
pass
self.config.remove_section('ENVIRONNEMENT')
self.config.add_section('ENVIRONNEMENT')
for environnement in form_list[2].cleaned_data['environnement'].split('\r\n'):
env_tuple=environnement.split(';')
try:
self.config.set('ENVIRONNEMENT',env_tuple[0],env_tuple[1])
except IndexError:
pass
self.config.remove_section('TYPE')
self.config.add_section('TYPE')
for type_machine in form_list[2].cleaned_data['type_machine'].split('\r\n'):
machine_tuple=type_machine.split(';')
try:
self.config.set('TYPE',machine_tuple[0],machine_tuple[1])
except IndexError:
pass
with open(BASE+"soc/default.cfg", 'wb') as configfile:
self.config.write(configfile)
#Formulaire 3
#Importation de l'image
image=form_list[3].cleaned_data['logo']
image_name=image._get_name()
image_path=BASE+'static/img/'
image_file=open(image_path+image_name,'wb',0)
for chunk in image.chunks():
image_file.write(chunk)
image_file.close()
self.config.remove_section('Rapports')
self.config.add_section('Rapports')
self.config.set('Rapports','Logo',str(image_name))
self.config.set('Rapports','Societe',str(form_list[3].cleaned_data['societe']))
self.config.set('Rapports','Auteur',str(form_list[3].cleaned_data['auteur']))
self.config.remove_section('MAIL')
self.config.add_section('MAIL')
self.config.set('MAIL','SMTP_Addr',str(form_list[4].cleaned_data['serveur']))
self.config.set('MAIL','SMTP_Port',str(form_list[4].cleaned_data['port']))
self.config.set('MAIL','Mail_Addr',str(form_list[4].cleaned_data['email']))
self.config.set('MAIL','Password',str(form_list[4].cleaned_data['password']))
tls=str(form_list[4].cleaned_data['tls'])
self.config.set('MAIL','TLS',"True" if (tls=="on" or tls=="True" or tls=='true' or tls==True) else "False")
with open(BASE+"soc/default.cfg", 'wb',0) as configfile:
self.config.write(configfile)
os.chdir(BASE)
subprocess.check_output("python "+BASE+"manage.py generate_secret_key", shell=True)
subprocess.check_output("python "+BASE+"manage.py migrate", shell=True)
os.popen("touch "+BASE+'soc/wsgi.py')
#Formulaire 5: utilisateur django
nom=form_list[5].cleaned_data['nom']
prenom=form_list[5].cleaned_data['prenom']
email=form_list[5].cleaned_data['email']
login=form_list[5].cleaned_data['login']
password=form_list[5].cleaned_data['password']
tz = pytz.timezone('Europe/Paris')
d=datetime.datetime.now()
date_creation=tz.localize(d)
password=django_password.encrypt(password,rounds=24000)
cursor= conn.cursor()
cursor.execute('''INSERT INTO auth_user (first_name,last_name,email,username,password,date_joined,is_superuser,is_staff,is_active)
VALUES(%s,%s,%s,%s,%s,%s,True,True,True)''',[nom,prenom,email,login,password,date_creation])
conn.commit()
conn.close()
password='******'*20
del password
self.config.set('PROJET','Initialiser','YES')
with open(BASE+"soc/default.cfg", 'wb') as configfile:
self.config.write(configfile)
#Ajout du script python dans la crontab de www-data
try:
subprocess.check_output(['crontab -l | { cat; echo "10 1 * * * '+BASE+'scan_crontab.py"; } | crontab -'],shell=True)
except Exception as e:
logger.error("Erreur de creation de la crontab: "+str(e))
pass
return render(self.request, 'maintenance/success.html')
password = d.get_password(
"Mayan EDMS Admin Password",
"Enter new password for the Mayan EDMS 'admin' account.")
if not email:
if 'd' not in locals():
d = Dialog('TurnKey Linux - First boot configuration')
email = d.get_email(
"Mayan EDMS Email",
"Please enter email address for the Mayan EDMS 'admin' account.",
"*****@*****.**")
inithooks_cache.write('APP_EMAIL', email)
hashpass = djpass.encrypt(password)
p = PostgreSQL(database='mayan')
p.execute(
'UPDATE autoadmin_autoadminsingleton SET password = NULL, password_hash = NULL, account_id = NULL WHERE (id = 1);'
)
p.execute(
'UPDATE auth_user SET email = \'%s\' WHERE username = \'admin\';' %
email)
p.execute(
'UPDATE auth_user SET password = \'%s\' WHERE username = \'admin\';' %
hashpass)
if __name__ == "__main__":
def done(self, form_list, **kwargs):
#Modification du fichier settings.py
#Formulaire 0
tempFile = open(BASE + 'soc/settings.tmp', 'w')
host = str(form_list[0].cleaned_data['pg_ip'])
port = int(form_list[0].cleaned_data['pg_port'])
database = str(form_list[0].cleaned_data['pg_base'])
user = str(form_list[0].cleaned_data['pg_user'])
password = str(form_list[0].cleaned_data['pg_password'])
dic = [
("'HOST':", "\t\t'HOST':'" + host + "',\n"),
("'PORT':", "\t\t'PORT':'" + str(port) + "',\n"),
("'NAME':", "\t\t'NAME':'" + database + "',\n"),
("'USER':"******"\t\t'USER':'******',\n"),
("'PASSWORD':"******"\t\t'PASSWORD':'******',\n"),
]
for line in fileinput.input(BASE + 'soc/settings.py'):
trouve = False
for tuple_texte in dic:
if tuple_texte[0] in line:
tempFile.write(line.replace(line, tuple_texte[1]))
trouve = True
dic.remove(tuple_texte)
break
if trouve == False:
tempFile.write(line)
tempFile.close()
del dic
os.rename(BASE + 'soc/settings.tmp', BASE + 'soc/settings.py')
#Cette etape permet de mettr een page principale la page d'authentification
tempFile = open(BASE + 'soc/urls.tmp', 'w')
texte_remplacement = "url(r'^$',views.login_view,name='login_view'),"
texte_recherche = "url(r'^$',include('maintenance.urls',app_name='maintenance',namespace='maintenance')),"
for line in fileinput.input(BASE + 'soc/urls.py'):
if texte_recherche in line:
tempFile.write(line.replace(line, texte_remplacement))
else:
tempFile.write(line)
tempFile.close()
os.rename(BASE + 'soc/urls.tmp', BASE + 'soc/urls.py')
initialiserPG(BASE + 'maintenance/django.pg', host, port, database,
user, password)
import psycopg2
conn = psycopg2.connect(host=host,
port=port,
database=database,
user=user,
password=password)
#Modification du fichier default.cfg
#Formulaire 1 et 2
self.config.set('Nessus', 'Adresse',
str(form_list[1].cleaned_data['nessus_ip']))
self.config.set('Nessus', 'Port',
str(form_list[1].cleaned_data['nessus_port']))
self.config.set('Nessus', 'Login',
str(form_list[1].cleaned_data['nessus_user']))
self.config.set('Nessus', 'Password',
str(form_list[1].cleaned_data['nessus_password']))
self.config.remove_section('LOCALISATION')
self.config.add_section('LOCALISATION')
for localisation in form_list[2].cleaned_data['localisation'].split(
'\r\n'):
loc_tuple = localisation.split(';')
try:
self.config.set('LOCALISATION', loc_tuple[0], loc_tuple[1])
except IndexError:
pass
self.config.remove_section('ENVIRONNEMENT')
self.config.add_section('ENVIRONNEMENT')
for environnement in form_list[2].cleaned_data['environnement'].split(
'\r\n'):
env_tuple = environnement.split(';')
try:
self.config.set('ENVIRONNEMENT', env_tuple[0], env_tuple[1])
except IndexError:
pass
self.config.remove_section('TYPE')
self.config.add_section('TYPE')
for type_machine in form_list[2].cleaned_data['type_machine'].split(
'\r\n'):
machine_tuple = type_machine.split(';')
try:
self.config.set('TYPE', machine_tuple[0], machine_tuple[1])
except IndexError:
pass
with open(BASE + "soc/default.cfg", 'wb') as configfile:
self.config.write(configfile)
#Formulaire 3
#Importation de l'image
image = form_list[3].cleaned_data['logo']
image_name = image._get_name()
image_path = BASE + 'static/img/'
image_file = open(image_path + image_name, 'wb', 0)
for chunk in image.chunks():
image_file.write(chunk)
image_file.close()
self.config.remove_section('Rapports')
self.config.add_section('Rapports')
self.config.set('Rapports', 'Logo', str(image_name))
self.config.set('Rapports', 'Societe',
str(form_list[3].cleaned_data['societe']))
self.config.set('Rapports', 'Auteur',
str(form_list[3].cleaned_data['auteur']))
self.config.remove_section('MAIL')
self.config.add_section('MAIL')
self.config.set('MAIL', 'SMTP_Addr',
str(form_list[4].cleaned_data['serveur']))
self.config.set('MAIL', 'SMTP_Port',
str(form_list[4].cleaned_data['port']))
self.config.set('MAIL', 'Mail_Addr',
str(form_list[4].cleaned_data['email']))
self.config.set('MAIL', 'Password',
str(form_list[4].cleaned_data['password']))
tls = str(form_list[4].cleaned_data['tls'])
self.config.set(
'MAIL', 'TLS', "True" if
(tls == "on" or tls == "True" or tls == 'true'
or tls == True) else "False")
with open(BASE + "soc/default.cfg", 'wb', 0) as configfile:
self.config.write(configfile)
os.chdir(BASE)
subprocess.check_output("python " + BASE +
"manage.py generate_secret_key",
shell=True)
subprocess.check_output("python " + BASE + "manage.py migrate",
shell=True)
os.popen("touch " + BASE + 'soc/wsgi.py')
#Formulaire 5: utilisateur django
nom = form_list[5].cleaned_data['nom']
prenom = form_list[5].cleaned_data['prenom']
email = form_list[5].cleaned_data['email']
login = form_list[5].cleaned_data['login']
password = form_list[5].cleaned_data['password']
tz = pytz.timezone('Europe/Paris')
d = datetime.datetime.now()
date_creation = tz.localize(d)
password = django_password.encrypt(password, rounds=24000)
cursor = conn.cursor()
cursor.execute(
'''INSERT INTO auth_user (first_name,last_name,email,username,password,date_joined,is_superuser,is_staff,is_active)
VALUES(%s,%s,%s,%s,%s,%s,True,True,True)''',
[nom, prenom, email, login, password, date_creation])
conn.commit()
conn.close()
password = '******' * 20
del password
self.config.set('PROJET', 'Initialiser', 'YES')
with open(BASE + "soc/default.cfg", 'wb') as configfile:
self.config.write(configfile)
#Ajout du script python dans la crontab de www-data
try:
subprocess.check_output([
'crontab -l | { cat; echo "10 1 * * * ' + BASE +
'scan_crontab.py"; } | crontab -'
],
shell=True)
except Exception as e:
logger.error("Erreur de creation de la crontab: " + str(e))
pass
return render(self.request, 'maintenance/success.html')
def register(request):
posted_data = {}
#get the current page url request.build_absolute_uri()
if request.method == "POST":
posted_data = request.POST
form = RegisterForm(request.POST, request=request)
if form.is_valid():
first_name = request.POST['first_name']
last_name = request.POST['last_name']
emailid = request.POST['emailid']
password = request.POST['password']
encrypted_password = handler.encrypt(password)
if 'vendor' in request.POST:
account_type = AccountType.objects.get(type="vendor")
else:
account_type = AccountType.objects.get(type="user")
detail = Account(first_name=first_name,
last_name=last_name,
emailid=emailid,
password=encrypted_password,
account_id=account_type.id)
detail.save()
if account_type.type == "vendor":
vendor_detail = Vendor(user_id=detail.id,
vendor=request.POST['vendor'])
vendor_detail.save()
# admin_detail = UserDetail(request).get_admin()
# admin_email = admin_detail.emailid
# recipients = [admin_email]
# too = ", ".join(recipients)
# link = "https://"+request.META['HTTP_HOST']
# subject, from_email, to = 'Request for Approval of Vendor Account', '*****@*****.**', too
# html_content =render_to_string('account_activation.html', {'link':link}) # ...
# text_content = strip_tags(html_content) # this strips the html, so people will have the text as well.
# create the email, and attach the HTML version as well.
# msg = EmailMultiAlternatives(subject, text_content, from_email, [to])
# msg.attach_alternative(html_content, "text/html")
#msg.send()
# fromaddr = "*****@*****.**"
# password = "******"
# link = "https://"+request.META['HTTP_HOST']
# admin_detail = UserDetail(request).get_admin()
# admin_email = admin_detail.emailid
# msg = MIMEMultipart()
# msg['From'] = fromaddr
# recipients = [admin_email]
# msg['To'] = ", ".join(recipients)
# msg['Subject'] = "Request for Approval of Label Account"
# content_html = render_to_string('account_activation.html', {'link':link})
# test = MIMEText(content_html, 'html')
# msg.attach(test)
# server = smtplib.SMTP('smtp.gmail.com', 465)
# server.starttls()
# server.login(fromaddr, password)
# text = msg.as_string()
# server.sendmail(fromaddr, recipients, text)
# server.quit()
messages.add_message(
request, messages.SUCCESS,
'Registered Successfully. Please check your mail for approval of your account from admin.'
)
return redirect("/")
#return HttpResponse("Registered Successfully. Please check your mail to activate your account.")
else:
form = RegisterForm(request=request)
return render(request, "register.html", {
'form': form,
'posted_data': posted_data
})
def sign(request):
if request.method == 'POST':
if request.POST['nom'] != "" and request.POST['prenom'] != "" and request.POST['email'] != "" and request.POST['mdp'] != "":
try:
user = User.objects.get(email=request.POST['email'])
return render(request, 'home/index.html')
except ObjectDoesNotExist:
verifemail = re.match(r'(^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$)', request.POST['email'])
if verifemail:
i = User(nom=request.POST['nom'], prenom=request.POST['prenom'], email=request.POST['email'], mdp=handler.encrypt(request.POST['mdp']+"5645a774-6c94-4521-8c0a-4fc23ed28ff1"))
i.save()
request.session['user_id'] = i.id
request.session['user_name'] = i.nom
request.session['user_prenom'] = i.prenom
return redirect('/lists/')
return render(request, 'home/index.html')
def post(self, request, *args, **kwargs):
username = self.request.POST.get('username')
password = handler.encrypt(self.request.POST.get('password'))
email = self.request.POST.get('email')
first_name = self.request.POST.get('first_name')
last_name = self.request.POST.get('last_name')
grupo = self.request.POST.getlist('grupo')
accion = self.request.POST.get('accion')
institucion = self.request.POST.get('institucion')
# Bloque para la busqueda de usuario con contrasena y poder ser comparada con la db
if accion == "buscar":
print "PASO POR VERIFICAR"
username = self.request.POST.get('id_fis')
password = self.request.POST.get('password')
password_f = self.request.POST.get('password_f')
clave = handler.encrypt(password)
print "ID usuario: ", username
print "CLAVE: ", password
usuario = authenticate(username=username, password=password_f)
if not usuario:
return HttpResponse('no_existe')
else:
print "Ya existe"
# Query para permitir la actualizacion de la clave del fiscal
query = User.objects.all()
obj = query.filter(username=username)
obj.update(
password=clave,
is_staff=True,
)
logout(request)
return HttpResponseRedirect('/')
elif accion == "guardar":
existe = User.objects.filter(username=username).exists()
if existe:
return HttpResponse('existe')
else:
if str(self.request.POST.get('is_active')) == '1':
status = True
else:
status = False
reg_obj = User(
username=username,
password=password,
last_login='******',
is_superuser='******',
is_staff='FALSE',
is_active=status,
first_name=first_name,
last_name=last_name,
email=email,
date_joined='2015-05-22 12:54:43.001975-04:30',
)
reg_obj.save()
# Se captura id del grupo asociado a los fiscales y el id del nuevo fiscal registrado en usuario
#id_group = Group.objects.filter(name='sistematizador')[0].id
id_user = User.objects.filter(email=email)[0].id
cursor = connection.cursor()
for list_group in grupo:
# print "LISTA DE ID GRUPO: ",list_group
cursor.execute(
"INSERT INTO auth_user_groups(user_id, group_id) VALUES ("
+ str(id_user) + ", " + str(list_group) + ")")
# print "id",id_user
# print "ins",institucion
cursor.execute(
"INSERT INTO trabajadores_trabajadores(trabajador_id, institucion_id) VALUES ("
+ str(id_user) + ", " + str(institucion) + ")")
return HttpResponse('exito')
elif accion == "editar":
pk = self.request.POST.get('valor')
grupo = self.request.POST.getlist('grupo')
if str(self.request.POST.get('is_active')) == '1':
status = True
# print "PASO POR 1"
else:
status = False
# print "PASO POR 2"
# Query de actualizacion
query = User.objects.all()
obj = query.filter(id=pk)
obj.update(
username=username,
password=password,
last_login='******',
is_superuser='******',
is_staff=False,
is_active=status,
first_name=first_name,
last_name=last_name,
email=email,
date_joined='2015-05-22 12:54:43.001975-04:30',
)
id_user = User.objects.filter(email=email)[0].id
print "id", id_user
print "ins", institucion
Trabajadores.objects.filter(trabajador_id=id_user).update(
institucion_id=institucion, )
cursor = connection.cursor()
# Segmento para verificar que los grupos relacionados al usuario estén dentro de la lista enviada
cursor.execute(
"SELECT group_id FROM auth_user_groups WHERE user_id=" +
str(id_user))
for g in cursor.fetchall():
print g[0]
if g[0] in grupo:
pass
else:
cursor.execute(
"DELETE FROM auth_user_groups WHERE user_id=" +
str(id_user) + " AND group_id=" + str(g[0]) + "")
# Segmento para verificar que los grupos enviados coinciden con los relacionados al usuario en base de datos.
for list_group in grupo:
#print "LISTA DE ID GRUPO: ",list_group
cursor.execute(
"SELECT COUNT(*) FROM auth_user_groups WHERE user_id=" +
str(id_user) + " AND group_id=" + str(list_group) + "")
num_group = cursor.fetchone()[0]
#print num_group
if num_group == 0:
cursor.execute(
"INSERT INTO auth_user_groups(user_id, group_id) VALUES ("
+ str(id_user) + ", " + str(list_group) + ")")
return HttpResponse('actualizar')
return HttpResponseRedirect('/nuevo_usuario')
def post(self, request, *args, **kwargs):
username = self.request.POST.get('username')
password = handler.encrypt(self.request.POST.get('password'))
email = self.request.POST.get('email')
first_name = self.request.POST.get('first_name')
last_name = self.request.POST.get('last_name')
grupo = self.request.POST.get('grupo')
accion = self.request.POST.get('accion')
#print "USUARIO: ",accion
# Bloque para la busqueda de usuario con contrasena y poder ser comparada con la db
if accion == "buscar":
print "PASO POR VERIFICAR"
username = self.request.POST.get('id_fis')
password = self.request.POST.get('password')
password_f = self.request.POST.get('password_f')
clave = handler.encrypt(password)
print "ID usuario: ",username
print "CLAVE: ",password
usuario = authenticate(username=username, password=password_f)
if not usuario:
return HttpResponse('no_existe')
else:
print "Ya existe"
# Query para permitir la actualizacion de la clave del fiscal
query = User.objects.all()
obj = query.filter(username=username)
obj.update(
password = clave,
is_staff = True,
)
logout(request)
return HttpResponseRedirect('/')
elif accion == "guardar":
print "Existe"
existe = User.objects.filter(username = username).exists()
if existe:
return HttpResponse('existe')
else:
#print "ES por GUARDAR"
if str(self.request.POST.get('is_active')) == '1':
status = True
else:
status = False
reg_obj = User(
username=username,
password=password,
last_login='******',
is_superuser='******',
is_staff='FALSE',
is_active=status,
first_name=first_name,
last_name=last_name,
email=email,
date_joined='2015-05-22 12:54:43.001975-04:30',
)
reg_obj.save()
# Se captura id del grupo asociado a los fiscales y el id del nuevo fiscal registrado en usuario
#id_group = Group.objects.filter(name='sistematizador')[0].id
id_user = User.objects.filter(email = email)[0].id
cursor = connection.cursor()
cursor.execute("INSERT INTO auth_user_groups(user_id, group_id) VALUES ("+str(id_user)+", "+str(grupo)+")")
return HttpResponse('exito')
elif accion == "editar":
pk = self.request.POST.get('valor')
print "ESTATUS: ",self.request.POST.get('is_active')
if str(self.request.POST.get('is_active')) == '1':
status = True
print "PASO POR 1"
else:
status = False
print "PASO POR 2"
# Query de actualizacion
query = User.objects.all()
obj = query.filter(id=pk)
print "HOLA: ",obj
obj.update(
username=username,
password=password,
last_login='******',
is_superuser='******',
is_staff=False,
is_active=status,
first_name=first_name,
last_name=last_name,
email=email,
date_joined='2015-05-22 12:54:43.001975-04:30',
)
return HttpResponse('actualizar')
return HttpResponseRedirect('/usuarios/listar_usuarios')
def post(self, request):
response = {}
print ('request')
form = AddVendorForm(request.POST, request=request)
print (form)
if form.is_valid():
try:
print ('form v1alid')
account_type = AccountType.objects.get(type="vendor")
account_id = account_type.id
paypal_emailid = emailid = request.GET.get('email')
vendor_name = request.GET.get('name')
platform = request.GET.get('platform')
first_name = vendor_name
last_name = ''
if ' ' in vendor_name:
name = vendor_name.split(' ')
first_name = name[0]
last_name = name[1]
website = request.GET.get('website')
status = 0
country = request.GET.get('country')
random_new_token=''.join(random.choice('0123456789ABCDEF') for i in range(16))
lis=[]
password = binascii.hexlify(os.urandom(16)).decode()
encrypted = handler.encrypt(password)
token_time=datetime.now()
obj = Account(account_id=account_id,token_time=token_time, first_name=first_name, last_name=last_name, emailid=emailid, paypal_emailid=paypal_emailid, website=website, status=status, country=country, token=random_new_token, platform=platform, password=encrypted, added_shop="yes")
obj.save()
vendor_detail = Vendor(user_id=obj.id,vendor=vendor_name)
vendor_detail.save()
# add commission
add_commission = Commission(user_id=obj.id, commission=10)
add_commission.save()
# get admin_email
admin_object=Account.objects.get(id=1)
admin_email=admin_object.emailid
# email1
Vars1 = {"account_type": "label"}
template_id1 = "138014"
send_template(admin_email, Vars1, template_id1)
# email2
Vars = {"first_name": first_name, "label_name": vendor_name,"password":password}
template_id = "170804"
send_template(emailid, Vars, template_id)
response['success']='success'
except Exception as r:
print ('\n\n Exception')
response['exception']=r
else:
html = str(form)
error_html = BeautifulSoup(html, 'html.parser')
ul = error_html.find("ul", {"class": "errorlist nonfield"})
error = ul.find("li").text
print ('Error is This ; '+str(error))
response['error'] = error
# retrun HttpResponse(json.dumps(response))
print ('\n\n res',response)
return HttpResponse(json.dumps(response))
def user_add():
"""Create user by admin
sample request
{
"email":"*****@*****.**",
"first_name":"hughsonsees1sad2e3",
"last_name":"hughsonsees1sad2e3",
"auth_groups":[1,2,3]
}
sample response:
{
"response_message": "Registration Successfully Completed. Please verify email account.",
"response_status": "SUCCESS"
}
:return:dict with success message and status code
- Password field is auto generated. An email with password will be sent to user.
"""
#if request.method == 'POST':
request_dict = request.get_json()
err_msg = ""
if not validate_registration_input(**request_dict)[0]:
err_msg = validate_registration_input(**request.form)[1]
return (jsonify({
cts.RESPONSE_STATUS: cts.RESPONSE_ERROR,
cts.RESPONSE_MESSAGE: err_msg
}), 200)
if request_dict['email'] is not None:
check_email = User.query.filter_by(email=request_dict['email']).first()
if check_email:
err_msg = cts.EMAIL_EXISTS
else:
err_msg = "Email address is required"
if err_msg:
return (jsonify({
cts.RESPONSE_STATUS: cts.RESPONSE_ERROR,
cts.RESPONSE_MESSAGE: err_msg
}), 200)
try:
# password is auto generated
random_password = str(uuid.uuid1())[:10]
password = django_pbkdf2_sha256.encrypt(random_password)
result_items = User(email=request_dict['email'],
first_name=request_dict['first_name'],
last_name=request_dict['last_name'],
password=password,
last_login=dttim.datetime.now(),
is_superuser=False,
is_staff=False,
is_active=True,
date_joined=dttim.datetime.now(),
user_uuid=uuid.uuid4())
db.session.add(result_items)
db.session.commit()
except Exception:
db.session.rollback()
return (jsonify({
cts.RESPONSE_STATUS: cts.RESPONSE_ERROR,
'response_message': cts.REGISTER_ERROR
}), 200)
if "auth_groups" in request_dict and len(request_dict["auth_groups"]) >= 1:
try:
for auth_group in request_dict["auth_groups"]:
# check if the permission is in the DB
check_permit = AuthGroups.query.filter_by(
id=auth_group).first()
if check_permit:
# if permission exists in DB then insert into auth group permissions
permit_items = AuthUserGroups(
user_id=result_items.id,
group_id=auth_group,
created_on=dttim.datetime.now())
db.session.add(permit_items)
db.session.commit()
# print("valid permissions")
else:
print("invalid auth_group")
except:
db.session.rollback()
# send random generated password to the user.
user_register_email(result_items, random_password)
return (jsonify({
cts.RESPONSE_STATUS: cts.RESPONSE_SUCCESS,
cts.RESPONSE_MESSAGE: cts.REGISTER_SUCCESS
}), 200)
def set_password(self, password):
self.pw_hash = django_pbkdf2_sha256.encrypt(password)
def register(request):
posted_data = {}
#get the current page url request.build_absolute_uri()
if request.method == "POST":
posted_data = request.POST
form = RegisterForm(request.POST, request=request)
if form.is_valid():
first_name = request.POST['first_name']
last_name = request.POST['last_name']
emailid = request.POST['emailid']
password = request.POST['password']
website = request.POST['website']
country = request.POST['country']
if not website.startswith("http://"):
website = "http://" + website
encrypted_password = handler.encrypt(password)
if 'vendor' in request.POST:
account_type = AccountType.objects.get(type="vendor")
else:
account_type = AccountType.objects.get(type="user")
detail = Account(first_name=first_name,
last_name=last_name,
emailid=emailid,
paypal_emailid=emailid,
password=encrypted_password,
account_id=account_type.id,
website=website,
country=country)
detail.save()
if account_type.type == "vendor":
vendor_detail = Vendor(user_id=detail.id,
vendor=request.POST['vendor'])
vendor_detail.save()
link = "http://" + request.META['HTTP_HOST']
admin_detail = UserDetail(request).get_admin()
admin_email = admin_detail.emailid
# add commission
add_commission = Commission(user_id=detail.id, commission=10)
add_commission.save()
# email1
Vars1 = {"account_type": "label"}
template_id1 = "138014"
send_template(admin_email, Vars1, template_id1)
# email2
Vars = {
"first_name": first_name,
"label_name": request.POST['vendor']
}
template_id = "136350"
send_template(emailid, Vars, template_id)
messages.add_message(
request, messages.SUCCESS,
'Registered Successfully. We will send you an email once your application and account has been approved.'
)
return redirect("/")
#return HttpResponse("Registered Successfully. Please check your mail to activate your account.")
else:
form = RegisterForm(request=request)
all_countries = []
countries_list = list(pycountry.countries)
for country in countries_list:
all_countries.append(country.name)
return render(request, "register.html", {
'form': form,
'posted_data': posted_data,
'all_countries': all_countries
})
