def user_settings(request, company): c = get_object_or_404(Company, url_name=company) # permissions if not has_permission(request.user, c, 'config', 'edit'): return no_permission_view(request, c, _("You have no permission to edit system configuration.")) # get config: specify initial data manually (also for security reasons, # to not accidentally include secret data in request.POST or whatever) # this may be a little wasteful on resources, but config is only edited once in a lifetime or so # get_value is needed because dict['key'] will fail if new keys are added but not yet saved initial = { 'product_button_size': get_user_value(request.user, 'pos_product_button_size'), 'product_display': get_user_value(request.user, 'pos_product_display'), 'display_breadcrumbs': get_user_value(request.user, 'pos_display_breadcrumbs'), } if request.method == 'POST': form = UserForm(request.POST) new_config = {} if form.is_valid(): for key in initial: set_user_value(request.user, "pos_" + key, form.cleaned_data[key]) # TODO: user settings # new_config['pos_' + key] = form.cleaned_data[key] else: form = UserForm(initial=initial) # An unbound form context = { 'company': c, 'form': form, 'title': _("User settings"), 'site_title': g.MISC['site_title'], } return render(request, 'pos/manage/user.html', context)
def google_login_or_register(request, mobile=False): """ log the user in; if successful, redirect to the index page if not successful, redirect back to the login page """ context = {} d = JsonParse(request.POST.get('data')) if "access_token" not in d: return JsonError("no_access_token", _("No access_token provided.")) url = (GOOGLE_API['client_userinfo'] % d["access_token"]) r = requests.get(url) if mobile: if r is None: return {'status': 'error', 'google_api_error': _("Something went wrong.")} if r.status_code == 401: return {'status': 'error', 'invalid_token': _("Token is invalid")} elif r.status_code != 200: return {'status': 'error', 'google_api_error': _("Something went wrong.")} else: if r is None: return JsonError("google_api_error", _("Something went wrong.")) if r.status_code != 200: return JsonError("google_api_error", _("Something went wrong.")) r = r.json() if "error" in r: return JsonError("google_api_error", _("Something went wrong.")) if not "email" in r and r['email'] != "": if mobile: return {'status': 'error', 'google_api_error': _("Something went wrong.")} else: return JsonError("google_api_error", _("Something went wrong.")) try: bluser = BlocklogicUser.objects.get(email=r["email"]) if bluser.first_name != r["given_name"] or bluser.last_name != r["family_name"] or bluser.sex != r["gender"]: bluser.first_name = r["given_name"] bluser.last_name = r["family_name"] bluser.sex = r["gender"] bluser.save() bluser.update_user_profile() if bluser.type != GOOGLE and not mobile: return JsonError("already_registered_via_normal", _("Already registered via normal")) elif bluser.type != GOOGLE and mobile: return {'status': 'error', 'already_registered_via_normal': _("Already registered via normal")} except BlocklogicUser.DoesNotExist: # we do not have user in our db, so we add register/new one # print r try: gender = r["gender"] except KeyError: gender = g.MALE bluser = BlocklogicUser(email=r["email"], first_name=r["given_name"], last_name=r["family_name"], sex=gender, type="google") bluser.save() key = "" while key == "": key = get_random_string(15, string.lowercase + string.digits) user = BlocklogicUser.objects.filter(password_reset_key=key) if user: key = "" bluser.password_reset_key = key bluser.save() bluser.update_user_profile() # group = bluser.homegroup # add_free_subscription(bluser) user = django_authenticate(username=r["email"], password='', type=GOOGLE) if user is not None: if not mobile: django_login(request, user) set_user_value(bluser, 'google_access_token_' + settings.SITE_URL, d["access_token"]) set_language(request) if mobile: data = {'status': 'ok', 'user_id': user.id} else: data = {'status': 'ok', 'redirect_url': reverse('web:select_company'), 'user_id': user.id} if len(user.images.all()) == 0: picture_url = r['picture'] r = requests.get(picture_url, stream=True) if r.status_code == 200: original_filename = picture_url.rsplit('/', 1) user_image = UserImage(name=user.first_name + " " + user.last_name, original_filename=original_filename[1], created_by=user, updated_by=user) user_image.image.save(original_filename[1], ContentFile(r.raw.read())) user_image.save() user.images.add(user_image) user.save() if mobile: return data return JsonResponse(data) return JsonError("error", _("Something went wrong during login with google"))