def form_valid(self, form): spam_id = self.kwargs.get('spam_id') item = Comment.load(spam_id) try: if int(form.cleaned_data.get('confirm')) == Comment.SPAM: item.confirm_spam() item.is_deleted = True log_message = 'Confirmed SPAM: {}'.format(spam_id) log_action = CONFIRM_SPAM else: item.confirm_ham() item.is_deleted = False log_message = 'Confirmed HAM: {}'.format(spam_id) log_action = CONFIRM_HAM item.save() except AttributeError: raise Http404('Spam with id "{}" not found.'.format(spam_id)) update_admin_log( user_id=self.request.user.id, object_id=spam_id, object_repr='Comment', message=log_message, action_flag=log_action ) return super(SpamDetail, self).form_valid(form)
def form_valid(self, form): email = form.cleaned_data.get('emails') user = get_user(email) if user is None or user.pk != self.kwargs.get('guid'): return HttpResponse( '{} with id "{}" and email "{}" not found.'.format( self.context_object_name.title(), self.kwargs.get('guid'), email), status=409) reset_abs_url = furl(DOMAIN) user.verification_key = random_string(20) user.save() reset_abs_url.path.add( ('resetpassword/{}'.format(user.verification_key))) send_mail(subject='Reset OSF Password', message='Follow this link to reset your password: {}'.format( reset_abs_url.url), from_email=SUPPORT_EMAIL, recipient_list=[email]) update_admin_log(user_id=self.request.user.id, object_id=user.pk, object_repr='User', message='Emailed user {} a reset link.'.format( user.pk), action_flag=USER_EMAILED) return super(ResetPasswordView, self).form_valid(form)
def delete(self, request, *args, **kwargs): try: node, user = self.get_object() if node.remove_contributor(user, None, log=False): update_admin_log( user_id=self.request.user.id, object_id=node.pk, object_repr="Contributor", message="User {} removed from node {}.".format(user.pk, node.pk), action_flag=CONTRIBUTOR_REMOVED, ) # Log invisibly on the OSF. osf_log = NodeLog( action=NodeLog.CONTRIB_REMOVED, user=None, params={"project": node.parent_id, "node": node.pk, "contributors": user.pk}, date=datetime.utcnow(), should_hide=True, ) osf_log.save() except AttributeError: return page_not_found( request, AttributeError( '{} with id "{}" not found.'.format(self.context_object_name.title(), kwargs.get("node_id")) ), ) return redirect(reverse_node(self.kwargs.get("node_id")))
def form_valid(self, form): email = form.cleaned_data.get('emails') user = get_user(email) if user is None or user.pk != self.kwargs.get('guid'): raise AttributeError reset_abs_url = furl(DOMAIN) user.verification_key = random_string(20) user.save() reset_abs_url.path.add(('resetpassword/{}'.format(user.verification_key))) send_mail( subject='Reset OSF Password', message='Follow this link to reset your password: {}'.format( reset_abs_url.url ), from_email=SUPPORT_EMAIL, recipient_list=[email] ) update_admin_log( user_id=self.request.user.id, object_id=user.pk, object_repr='User', message='Emailed user {} a reset link.'.format(user.pk), action_flag=USER_EMAILED ) return super(ResetPasswordView, self).form_valid(form)
def post(self, request, *args, **kwargs): try: data = json.loads(request.body).get('schema_data', {}) draft = DraftRegistration.load(self.kwargs.get('draft_pk')) draft.update_metadata(data) draft.save() log_message = list() for key, value in data.iteritems(): comments = data.get(key, {}).get('comments', []) for comment in comments: log_message.append('{}: {}'.format(key, comment['value'])) update_admin_log( user_id=request.user.id, object_id=draft._id, object_repr='Draft Registration', message='Comments: <p>{}</p>'.format('</p><p>'.join(log_message)), action_flag=COMMENT_PREREG ) return JsonResponse(serializers.serialize_draft_registration(draft)) except AttributeError: raise Http404('{} with id "{}" not found.'.format( self.context_object_name.title(), self.kwargs.get('draft_pk') )) except NodeStateError as e: return bad_request(request, e)
def delete(self, request, *args, **kwargs): try: user = self.get_object() flag = None message = None if user.date_disabled is None: user.disable_account() flag = USER_REMOVED message = 'User account {} disabled'.format(user.pk) else: user.date_disabled = None subscribe_on_confirm(user) flag = USER_RESTORED message = 'User account {} reenabled'.format(user.pk) user.save() if flag is not None: update_admin_log( user_id=self.request.user.id, object_id=user.pk, object_repr='User', message=message, action_flag=flag ) except AttributeError: return page_not_found( request, AttributeError( '{} with id "{}" not found.'.format( self.context_object_name.title(), self.kwargs.get('guid') ) ) ) return redirect(reverse_user(self.kwargs.get('guid')))
def delete(self, request, *args, **kwargs): user = None try: user = self.get_object() except AttributeError: raise Http404( '{} with id "{}" not found.'.format( self.context_object_name.title(), self.kwargs.get('guid') )) if user: for node in user.contributor_to: if node.is_public and not node.is_registration: node.is_public = False node.save() update_admin_log( user_id=request.user.id, object_id=node._id, object_repr='Node', message='Node {} made private when user {} marked as spam.'.format(node._id, user._id), action_flag=NODE_MADE_PRIVATE ) # Log invisibly on the OSF. osf_log = NodeLog( action=NodeLog.MADE_PRIVATE, user=None, params={ 'node': node._id, }, date=datetime.utcnow(), should_hide=True, ) osf_log.save() return super(SpamUserDeleteView, self).delete(request, *args, **kwargs)
def delete(self, request, *args, **kwargs): try: node, user = self.get_object() if node.remove_contributor(user, None, log=False): update_admin_log( user_id=self.request.user.id, object_id=node.pk, object_repr='Contributor', message='User {} removed from node {}.'.format( user.pk, node.pk), action_flag=CONTRIBUTOR_REMOVED) # Log invisibly on the OSF. osf_log = NodeLog( action=NodeLog.CONTRIB_REMOVED, user=None, params={ 'project': node.parent_id, 'node': node.pk, 'contributors': user.pk }, date=datetime.utcnow(), should_hide=True, ) osf_log.save() except AttributeError: return page_not_found( request, AttributeError('{} with id "{}" not found.'.format( self.context_object_name.title(), kwargs.get('node_id')))) return redirect(reverse_node(self.kwargs.get('node_id')))
def delete(self, request, *args, **kwargs): node = self.get_object() node.confirm_ham(save=True) update_admin_log(user_id=self.request.user.id, object_id=node._id, object_repr='Node', message='Confirmed HAM: {}'.format(node._id), action_flag=CONFIRM_HAM) return redirect(reverse_node(self.kwargs.get('guid')))
def delete(self, request, *args, **kwargs): node = self.get_object() node.confirm_ham(save=True) update_admin_log( user_id=self.request.user.id, object_id=node._id, object_repr='Node', message='Confirmed HAM: {}'.format(node._id), action_flag=CONFIRM_HAM ) return redirect(reverse_node(self.kwargs.get('guid')))
def delete(self, request, *args, **kwargs): node_ids = [ nid for nid in request.POST.keys() if nid != 'csrfmiddlewaretoken' ] for nid in node_ids: node = Node.load(nid) node.confirm_spam(save=True) update_admin_log(user_id=self.request.user.id, object_id=nid, object_repr='Node', message='Confirmed SPAM: {}'.format(nid), action_flag=CONFIRM_SPAM) return redirect('nodes:flagged-spam')
def delete(self, request, *args, **kwargs): user = self.get_object() try: user.delete_addon('twofactor') except AttributeError: raise Http404('{} with id "{}" not found.'.format( self.context_object_name.title(), self.kwargs.get('guid'))) update_admin_log(user_id=self.request.user.id, object_id=user.pk, object_repr='User', message='Removed 2 factor auth for user {}'.format( user.pk), action_flag=USER_2_FACTOR) return redirect(reverse_user(self.kwargs.get('guid')))
def delete(self, request, *args, **kwargs): try: node = self.get_object() flag = None osf_flag = None message = None if node.is_deleted: node.is_deleted = False node.deleted_date = None flag = NODE_RESTORED message = 'Node {} restored.'.format(node.pk) osf_flag = NodeLog.NODE_CREATED elif not node.is_registration: node.is_deleted = True node.deleted_date = datetime.utcnow() flag = NODE_REMOVED message = 'Node {} removed.'.format(node.pk) osf_flag = NodeLog.NODE_REMOVED node.save() if flag is not None: update_admin_log( user_id=self.request.user.id, object_id=node.pk, object_repr='Node', message=message, action_flag=flag ) if osf_flag is not None: # Log invisibly on the OSF. osf_log = NodeLog( action=osf_flag, user=None, params={ 'project': node.parent_id, }, date=datetime.utcnow(), should_hide=True, ) osf_log.save() except AttributeError: return page_not_found( request, AttributeError( '{} with id "{}" not found.'.format( self.context_object_name.title(), kwargs.get('guid') ) ) ) return redirect(reverse_node(self.kwargs.get('guid')))
def form_valid(self, form): message = form.cleaned_data.get('message') email = form.cleaned_data.get('email') send_mail(subject=form.cleaned_data.get('subject').strip(), message=message, from_email=SUPPORT_EMAIL, recipient_list=[email]) update_admin_log( user_id=self.request.user.id, object_id=self.kwargs.get('spam_id'), object_repr='Comment', message='User with email {} sent this message: {}'.format( email, message), action_flag=USER_EMAILED) return super(EmailFormView, self).form_valid(form)
def reject_draft(request, draft_pk): """Rejects current draft :param request: mostly for user :param draft_pk: Unique id for current draft :return: DraftRegistrationApproval obj """ draft = get_draft_or_error(draft_pk) user = request.user.osf_user draft.reject(user) update_admin_log( request.user.id, draft._id, 'Draft Registration', 'rejected', action_flag=REJECT_PREREG ) return redirect(reverse('pre_reg:prereg') + "?page={0}".format(request.POST.get('page', 1)), permanent=True)
def delete(self, request, *args, **kwargs): user_ids = [ uid for uid in request.POST.keys() if uid != 'csrfmiddlewaretoken' ] for uid in user_ids: user = User.load(uid) if 'spam_flagged' in user.system_tags: user.system_tags.remove('spam_flagged') user.system_tags.append('spam_confirmed') user.save() update_admin_log(user_id=self.request.user.id, object_id=uid, object_repr='User', message='Confirmed SPAM: {}'.format(uid), action_flag=CONFIRM_SPAM) return redirect('users:flagged-spam')
def delete(self, request, *args, **kwargs): node_ids = [ nid for nid in request.POST.keys() if nid != 'csrfmiddlewaretoken' ] for nid in node_ids: node = Node.load(nid) node.confirm_spam(save=True) update_admin_log( user_id=self.request.user.id, object_id=nid, object_repr='Node', message='Confirmed SPAM: {}'.format(nid), action_flag=CONFIRM_SPAM ) return redirect('nodes:flagged-spam')
def form_valid(self, form): spam_id = self.kwargs.get('spam_id') item = Comment.load(spam_id) if int(form.cleaned_data.get('confirm')) == Comment.SPAM: item.confirm_spam(save=True) log_message = 'Confirmed SPAM: {}'.format(spam_id) log_action = CONFIRM_SPAM else: item.confirm_ham(save=True) log_message = 'Confirmed HAM: {}'.format(spam_id) log_action = CONFIRM_HAM update_admin_log(user_id=self.request.user.id, object_id=spam_id, object_repr='Comment', message=log_message, action_flag=log_action) return super(SpamDetail, self).form_valid(form)
def form_valid(self, form): message = form.cleaned_data.get("message") email = form.cleaned_data.get("email") send_mail( subject=form.cleaned_data.get("subject").strip(), message=message, from_email=SUPPORT_EMAIL, recipient_list=[email], ) update_admin_log( user_id=self.request.user.id, object_id=self.kwargs.get("spam_id"), object_repr="Comment", message="User with email {} sent this message: {}".format(email, message), action_flag=USER_EMAILED, ) return super(EmailFormView, self).form_valid(form)
def reject_draft(request, draft_pk): """Rejects current draft :param request: mostly for user :param draft_pk: Unique id for current draft :return: DraftRegistrationApproval obj """ draft = get_draft_or_error(draft_pk) user = request.user.osf_user draft.reject(user) update_admin_log(request.user.id, draft._id, 'Draft Registration', 'rejected', action_flag=REJECT_PREREG) return redirect(reverse('pre_reg:prereg') + "?page={0}".format(request.POST.get('page', 1)), permanent=True)
def delete(self, request, *args, **kwargs): user = self.get_object() try: user.delete_addon('twofactor') except AttributeError: raise Http404( '{} with id "{}" not found.'.format( self.context_object_name.title(), self.kwargs.get('guid') )) update_admin_log( user_id=self.request.user.id, object_id=user.pk, object_repr='User', message='Removed 2 factor auth for user {}'.format(user.pk), action_flag=USER_2_FACTOR ) return redirect(reverse_user(self.kwargs.get('guid')))
def form_valid(self, form): message = form.cleaned_data.get('message') email = form.cleaned_data.get('email') send_mail( subject=form.cleaned_data.get('subject').strip(), message=message, from_email=SUPPORT_EMAIL, recipient_list=[email] ) update_admin_log( user_id=self.request.user.id, object_id=self.kwargs.get('spam_id'), object_repr='Comment', message='User with email {} sent this message: {}'.format( email, message ), action_flag=USER_EMAILED ) return super(EmailFormView, self).form_valid(form)
def delete(self, request, *args, **kwargs): user_ids = [ uid for uid in request.POST.keys() if uid != 'csrfmiddlewaretoken' ] for uid in user_ids: user = User.load(uid) if 'spam_flagged' in user.system_tags: user.system_tags.remove('spam_flagged') user.system_tags.append('spam_confirmed') user.save() update_admin_log( user_id=self.request.user.id, object_id=uid, object_repr='User', message='Confirmed SPAM: {}'.format(uid), action_flag=CONFIRM_SPAM ) return redirect('users:flagged-spam')
def delete(self, request, *args, **kwargs): try: user = self.get_object() except AttributeError: raise Http404('{} with id "{}" not found.'.format( self.context_object_name.title(), self.kwargs.get('guid'))) if user: for node in user.contributor_to: if not node.is_registration and not node.is_spam: node.confirm_spam(save=True) update_admin_log( user_id=request.user.id, object_id=node._id, object_repr='Node', message='Confirmed SPAM: {} when user {} marked as spam' .format(node._id, user._id), action_flag=CONFIRM_SPAM) return super(SpamUserDeleteView, self).delete(request, *args, **kwargs)
def delete(self, request, *args, **kwargs): try: node = self.get_object() flag = None osf_flag = None message = None if node.is_deleted: node.is_deleted = False node.deleted_date = None flag = NODE_RESTORED message = 'Node {} restored.'.format(node.pk) osf_flag = NodeLog.NODE_CREATED elif not node.is_registration: node.is_deleted = True node.deleted_date = datetime.utcnow() flag = NODE_REMOVED message = 'Node {} removed.'.format(node.pk) osf_flag = NodeLog.NODE_REMOVED node.save() if flag is not None: update_admin_log(user_id=self.request.user.id, object_id=node.pk, object_repr='Node', message=message, action_flag=flag) if osf_flag is not None: # Log invisibly on the OSF. osf_log = NodeLog( action=osf_flag, user=None, params={ 'project': node.parent_id, }, date=datetime.utcnow(), should_hide=True, ) osf_log.save() except AttributeError: return page_not_found( request, AttributeError('{} with id "{}" not found.'.format( self.context_object_name.title(), kwargs.get('guid')))) return redirect(reverse_node(self.kwargs.get('guid')))
def delete(self, request, *args, **kwargs): try: user = self.get_object() if user.date_disabled is None or kwargs.get('is_spam'): user.disable_account() user.is_registered = False if 'spam_flagged' in user.system_tags or 'ham_confirmed' in user.system_tags: if 'spam_flagged' in user.system_tags: user.system_tags.remove('spam_flagged') if 'ham_confirmed' in user.system_tags: user.system_tags.remove('ham_confirmed') if 'spam_confirmed' not in user.system_tags: user.system_tags.append('spam_confirmed') flag = USER_REMOVED message = 'User account {} disabled'.format(user.pk) else: user.date_disabled = None subscribe_on_confirm(user) user.is_registered = True if 'spam_flagged' in user.system_tags or 'spam_confirmed' in user.system_tags: if 'spam_flagged' in user.system_tags: user.system_tags.remove('spam_flagged') if 'spam_confirmed' in user.system_tags: user.system_tags.remove('spam_confirmed') if 'ham_confirmed' not in user.system_tags: user.system_tags.append('ham_confirmed') flag = USER_RESTORED message = 'User account {} reenabled'.format(user.pk) user.save() except AttributeError: raise Http404( '{} with id "{}" not found.'.format( self.context_object_name.title(), self.kwargs.get('guid') )) update_admin_log( user_id=self.request.user.id, object_id=user.pk, object_repr='User', message=message, action_flag=flag ) return redirect(reverse_user(self.kwargs.get('guid')))
def form_valid(self, form): spam_id = self.kwargs.get('spam_id') item = Comment.load(spam_id) if int(form.cleaned_data.get('confirm')) == Comment.SPAM: item.confirm_spam(save=True) log_message = 'Confirmed SPAM: {}'.format(spam_id) log_action = CONFIRM_SPAM else: item.confirm_ham(save=True) log_message = 'Confirmed HAM: {}'.format(spam_id) log_action = CONFIRM_HAM update_admin_log( user_id=self.request.user.id, object_id=spam_id, object_repr='Comment', message=log_message, action_flag=log_action ) return super(SpamDetail, self).form_valid(form)
def form_valid(self, form): spam_id = self.kwargs.get('spam_id') item = Comment.load(spam_id) try: if int(form.cleaned_data.get('confirm')) == Comment.SPAM: item.confirm_spam(save=True) log_message = 'Confirmed SPAM: {}'.format(spam_id) log_action = CONFIRM_SPAM else: item.confirm_ham(save=True) log_message = 'Confirmed HAM: {}'.format(spam_id) log_action = CONFIRM_HAM except AttributeError: raise Http404('Spam with id "{}" not found.'.format(spam_id)) update_admin_log(user_id=self.request.user.id, object_id=spam_id, object_repr='Comment', message=log_message, action_flag=log_action) return super(SpamDetail, self).form_valid(form)
def update_draft(request, draft_pk): """Updates current draft to save admin comments :param draft_pk: Unique id for current draft :return: DraftRegistration obj """ data = json.loads(request.body) draft = get_draft_or_error(draft_pk) if 'admin_settings' in data: form = DraftRegistrationForm(data=data['admin_settings']) if not form.is_valid(): return HttpResponseBadRequest("Invalid form data") admin_settings = form.cleaned_data draft.notes = admin_settings.get('notes', draft.notes) del admin_settings['notes'] draft.flags = admin_settings draft.save() else: schema_data = data.get('schema_data', {}) data = deepcopy(draft.registration_metadata) log_message = list() for key, value in data.items(): comments = schema_data.get(key, {}).get('comments', []) for comment in comments: log_message.append('{}: {}'.format(key, comment['value'])) try: draft.update_metadata(data) draft.save() update_admin_log( user_id=request.user.id, object_id=draft._id, object_repr='Draft Registration', message='Comments: <p>{}</p>'.format('</p><p>'.join(log_message)), action_flag=COMMENT_PREREG ) except (NodeStateError): raise HTTPError(http.BAD_REQUEST) return JsonResponse(serializers.serialize_draft_registration(draft))
def update_draft(request, draft_pk): """Updates current draft to save admin comments :param draft_pk: Unique id for current draft :return: DraftRegistration obj """ data = json.loads(request.body) draft = get_draft_or_error(draft_pk) if 'admin_settings' in data: form = DraftRegistrationForm(data=data['admin_settings']) if not form.is_valid(): return HttpResponseBadRequest("Invalid form data") admin_settings = form.cleaned_data draft.notes = admin_settings.get('notes', draft.notes) del admin_settings['notes'] draft.flags = admin_settings draft.save() else: schema_data = data.get('schema_data', {}) data = deepcopy(draft.registration_metadata) log_message = list() for key, value in data.items(): comments = schema_data.get(key, {}).get('comments', []) for comment in comments: log_message.append('{}: {}'.format(key, comment['value'])) try: draft.update_metadata(data) draft.save() update_admin_log(user_id=request.user.id, object_id=draft._id, object_repr='Draft Registration', message='Comments: <p>{}</p>'.format( '</p><p>'.join(log_message)), action_flag=COMMENT_PREREG) except (NodeStateError): raise HTTPError(http.BAD_REQUEST) return JsonResponse(serializers.serialize_draft_registration(draft))
def delete(self, request, *args, **kwargs): try: user = self.get_object() if user.date_disabled is None or kwargs.get('is_spam'): user.disable_account() user.is_registered = False if 'spam_flagged' in user.system_tags or 'ham_confirmed' in user.system_tags: if 'spam_flagged' in user.system_tags: user.system_tags.remove('spam_flagged') if 'ham_confirmed' in user.system_tags: user.system_tags.remove('ham_confirmed') if 'spam_confirmed' not in user.system_tags: user.system_tags.append('spam_confirmed') flag = USER_REMOVED message = 'User account {} disabled'.format(user.pk) else: user.date_disabled = None subscribe_on_confirm(user) user.is_registered = True if 'spam_flagged' in user.system_tags or 'spam_confirmed' in user.system_tags: if 'spam_flagged' in user.system_tags: user.system_tags.remove('spam_flagged') if 'spam_confirmed' in user.system_tags: user.system_tags.remove('spam_confirmed') if 'ham_confirmed' not in user.system_tags: user.system_tags.append('ham_confirmed') flag = USER_RESTORED message = 'User account {} reenabled'.format(user.pk) user.save() except AttributeError: raise Http404('{} with id "{}" not found.'.format( self.context_object_name.title(), self.kwargs.get('guid'))) update_admin_log(user_id=self.request.user.id, object_id=user.pk, object_repr='User', message=message, action_flag=flag) return redirect(reverse_user(self.kwargs.get('guid')))
def form_valid(self, form): if 'approve_reject' in form.changed_data: osf_user = self.request.user.osf_user try: if form.cleaned_data.get('approve_reject') == 'approve': flag = ACCEPT_PREREG message = 'Approved' self.draft.approve(osf_user) else: flag = REJECT_PREREG message = 'Rejected' self.draft.reject(osf_user) except PermissionsError as e: return permission_denied(self.request, e) update_admin_log(self.request.user.id, self.kwargs.get('draft_pk'), 'Draft Registration', message, flag) admin_settings = form.cleaned_data self.draft.notes = admin_settings.get('notes', self.draft.notes) del admin_settings['approve_reject'] del admin_settings['notes'] self.draft.flags = admin_settings self.draft.save() return super(DraftFormView, self).form_valid(form)
def delete(self, request, *args, **kwargs): try: user = self.get_object() except AttributeError: raise Http404( '{} with id "{}" not found.'.format( self.context_object_name.title(), self.kwargs.get('guid') )) if user: for node in user.contributor_to: if node.is_spam: node.confirm_ham(save=True) update_admin_log( user_id=request.user.id, object_id=node._id, object_repr='Node', message='Confirmed HAM: {} when user {} marked as ham'.format(node._id, user._id), action_flag=CONFIRM_SPAM ) kwargs.update({'is_spam': False}) return super(HamUserRestoreView, self).delete(request, *args, **kwargs)
def post(self, request, *args, **kwargs): try: data = json.loads(request.body).get('schema_data', {}) draft = DraftRegistration.load(self.kwargs.get('draft_pk')) draft.update_metadata(data) draft.save() log_message = list() for key, value in data.iteritems(): comments = data.get(key, {}).get('comments', []) for comment in comments: log_message.append('{}: {}'.format(key, comment['value'])) update_admin_log(user_id=request.user.id, object_id=draft._id, object_repr='Draft Registration', message='Comments: <p>{}</p>'.format( '</p><p>'.join(log_message)), action_flag=COMMENT_PREREG) return JsonResponse( serializers.serialize_draft_registration(draft)) except AttributeError: raise Http404('{} with id "{}" not found.'.format( self.context_object_name.title(), self.kwargs.get('draft_pk'))) except NodeStateError as e: return bad_request(request, e)
def test_add_log(self): update_admin_log('123', 'dfqc2', 'This', 'log_added') nt.assert_equal(OSFLogEntry.objects.count(), 1) log = OSFLogEntry.objects.latest('action_time') nt.assert_equal(log.user_id, 123)