def user_remove(request):
is_confirmation = 'remove_confirm' in request.session
if is_confirmation:
if request.method == 'POST':
remove_user(request.user, request)
rotate_token(request)
logout(request)
messages.success(request, _('Your account has been removed.'))
return redirect('home')
confirm_form = EmptyConfirmForm(request)
elif request.method == 'POST':
confirm_form = PasswordConfirmForm(request, request.POST)
if confirm_form.is_valid():
reset_rate_limit('remove', request)
store_userid(request, remove=True)
request.GET = {'email': request.user.email}
return social_complete(request, 'email')
else:
confirm_form = PasswordConfirmForm(request)
return render(
request,
'accounts/removal.html',
{
'confirm_form': confirm_form,
'is_confirmation': is_confirmation
},
)
def user_remove(request):
is_confirmation = 'remove_confirm' in request.session
if is_confirmation:
if request.method == 'POST':
remove_user(request.user, request)
rotate_token(request)
logout(request)
messages.success(
request,
_('Your account has been removed.')
)
return redirect('home')
confirm_form = EmptyConfirmForm(request)
elif request.method == 'POST':
confirm_form = PasswordConfirmForm(request, request.POST)
if confirm_form.is_valid():
store_userid(request, remove=True)
request.GET = {'email': request.user.email}
return social_complete(request, 'email')
else:
confirm_form = PasswordConfirmForm(request)
return render(
request,
'accounts/removal.html',
{
'confirm_form': confirm_form,
'is_confirmation': is_confirmation,
}
)
def user_remove(request):
is_confirmation = "remove_confirm" in request.session
if is_confirmation:
if request.method == "POST":
remove_user(request.user, request)
rotate_token(request)
logout(request)
messages.success(request, _("Your account has been removed."))
return redirect("home")
confirm_form = EmptyConfirmForm(request)
elif request.method == "POST":
confirm_form = PasswordConfirmForm(request, request.POST)
if confirm_form.is_valid():
reset_rate_limit("remove", request)
store_userid(request, remove=True)
request.GET = {"email": request.user.email}
return social_complete(request, "email")
else:
confirm_form = PasswordConfirmForm(request)
return render(
request,
"accounts/removal.html",
{
"confirm_form": confirm_form,
"is_confirmation": is_confirmation
},
)
def delete_user(request, project):
"""Remove user from a project."""
obj, form = check_user_form(
request,
project,
)
redirect_url = ""
if form is not None:
user = form.cleaned_data["user"]
if request.user == user:
messages.error(request, _("You can not remove yourself!"))
else:
if user.is_bot:
redirect_url = "#api"
remove_user(user, request)
else:
obj.remove_user(user)
Change.objects.create(
project=obj,
action=Change.ACTION_REMOVE_USER,
user=request.user,
details={"username": user.username},
)
if user.is_bot:
messages.success(
request, _("Token has been removed from this project."))
else:
messages.success(request,
_("User has been removed from this project."))
return redirect_param("manage-access", redirect_url, project=obj.slug)
def post(self, request, **kwargs):
if not request.user.has_perm("user.edit"):
raise PermissionDenied()
user = self.object = self.get_object()
if "add_group" in request.POST:
self.group_form = GroupAddForm(request.POST)
if self.group_form.is_valid():
user.groups.add(self.group_form.cleaned_data["add_group"])
return HttpResponseRedirect(self.get_success_url() + "#groups")
if "remove_group" in request.POST:
form = GroupRemoveForm(request.POST)
if form.is_valid():
user.groups.remove(form.cleaned_data["remove_group"])
return HttpResponseRedirect(self.get_success_url() + "#groups")
if "remove_user" in request.POST:
remove_user(user, request)
return HttpResponseRedirect(self.get_success_url() + "#groups")
return super().post(request, **kwargs)
def destroy(self, request, *args, **kwargs):
self.perm_check(request)
instance = self.get_object()
remove_user(instance, request)
return Response(status=HTTP_204_NO_CONTENT)
def delete_model(self, request, obj):
"""
Given a model instance delete it from the database.
"""
remove_user(obj, request)
