def profile_edit(request, username):
# a bit of hackage so we can make the email field required w/o
# having to actually change the default user model :(
if request.user.username == username:
user = request.user
else:
if not request.user.has_perm('gallery.can_admin_users'):
raise PermissionDenied
user = get_object_or_404(authmodels.User, username=username)
profile = user.get_profile()
emailerror = ''
if request.method == 'POST':
if 'save' not in request.POST:
request.notifications.add(_('Edit canceled'))
return HttpResponseRedirect('/')
if not request.POST.get('email'):
# email is required, but not at the model level, so we fake it
emailerror = _(u'This field is required.')
userform = UserForm(request.POST, instance=user)
profileform = ProfileForm(request.POST, instance=profile)
try:
if emailerror:
# more fake-age
raise ValueError
userform.save()
profileform.save()
except ValueError:
request.notifications.add(_('Save failed.'))
# falls through to the template rendering
else:
request.notifications.add(_('Profile edited.'))
return HttpResponseRedirect('/')
else: # not a POST
userform = UserForm(instance=user)
profileform = ProfileForm(instance=profile)
template_map = dict(forms=(userform, profileform),
emailerror=emailerror,
password_link=True)
context = RequestContext(request, template_map)
return render_to_response('gallery/profile_edit.html',
context_instance=context)
def register(request):
if not request.user.is_anonymous():
return HttpResponseRedirect(reverse('bm.gallery.views.index'))
emailerror = ''
if request.method == 'POST':
if 'save' not in request.POST:
request.notifications.add(_('Registration canceled.'))
return HttpResponseRedirect(reverse('bm.gallery.views.index'))
if not request.POST.get('email'):
emailerror = _(u'This field is required.')
regform = RegForm(request.POST)
profileform = ProfileForm(request.POST)
if regform.is_valid() and profileform.is_valid() and not emailerror:
if settings.USE_LDAP:
# first create the LDAP entry
regdata = regform.cleaned_data
profiledata = profileform.cleaned_data
username = regdata['username']
password = regdata['password']
dn = get_user_dn(username)
modlist_map = {
'givenName': regdata['first_name'],
'sn': regdata['last_name'],
'mail': regdata['email'],
'objectclass': ['inetOrgPerson', 'shadowAccount'],
'uid': username,
'cn': ' '.join([regdata['first_name'], regdata['last_name']]),
'labeledURI': profiledata['url'],
'userPassword': password,
}
ldap_add(dn, modlist_map)
# now add user to the 'galleries' group
groupname = 'galleries'
ldapper = get_ldap_connection()
groupdn = 'cn=%s,ou=groups,dc=burningman,dc=com' % groupname
groupdict = ldapper.search_s(groupdn, ldap.SCOPE_BASE)[0][1]
contribs = set(groupdict['uniqueMember'])
if isinstance(dn, unicode):
dn = dn.encode('utf-8')
contribs.add(dn)
new_groupdict = groupdict.copy()
new_groupdict['uniqueMember'] = list(contribs)
modlist = ldap.modlist.modifyModlist(groupdict, new_groupdict)
ldapper.modify_s(groupdn, modlist)
# user now exists in LDAP, first authentication triggers
# creation of Django user and profile model objects
authed_user = authenticate(username=username,
password=password)
profile = authed_user.get_profile()
profile.url = profiledata['url']
profile.save()
login(request, authed_user)
request.notifications.add(_('Account created.'))
return HttpResponseRedirect('/')
else: # failed validation
request.notifications.add(_('Registration failed.'))
# falls through to template rendering
else: # not a POST
regform = RegForm()
profileform = ProfileForm()
template_map = dict(forms=(regform, profileform),
emailerror=emailerror,
register=True,)
context = RequestContext(request, template_map)
return render_to_response('gallery/profile_edit.html',
context_instance=context)
