def signup(request):
if request.method == 'POST':
first_name = request.POST['suc-fullname']
last_name = request.POST['su-fullname']
email = request.POST['su-email']
password = request.POST['su-pass']
staff_user = User(username=email)
staff_user.set_password(password)
staff_user.first_name = first_name
staff_user.last_name = last_name
staff_user.email = email
staff_user.active = True
staff_user.save()
company = Company(name="NBA")
company.save()
employee = Employee(user=staff_user, company=company)
employee.save()
return HttpResponse("<h1> User created </h1>")
return render(request, 'sortall/signup.html')
def register(request):
if request.method == "GET":
if request.user.is_authenticated():
return HttpResponseRedirect("/")
else:
return render(request, "register.html", {})
else:
username = request.POST.get("username")
name = request.POST.get("name")
email = request.POST.get("email")
password = request.POST.get("password")
try:
user = User.objects.get(username = username)
except User.DoesNotExist:
pass
else:
return HttpResponse("Your username has already been used. Please choose another username.")
try:
user = User.objects.get(email = email)
except User.DoesNotExist:
pass
else:
return HttpResponse("Your email has already been used. Please choose another email.")
new_user = User(username = username, first_name = name, email = email)
new_user.set_password(password)
new_user.active = False
new_user.save()
donor = Donor(person = new_user, stored_cash = 0)
donor.save()
return HttpResponse("You have been registered. Please log in.")
def create_user(user_name, email_address, password='******', permission_prototype='public') :
"""create a User
"""
if User.objects.filter(username=user_name).count() < 0 :
user = User.objects.get(username=user_name)
else :
user = User(username=user_name, password=password, email=email_address)
user.email_address=email_address
user.user_name = user_name
user.active = 1 # need this to be set before the save, below
user.save()
user_post_create(user)
from apps.synced import post_user_create
post_user_create.send(sender=user,user=user)
return user
def create_user(user_name,
email_address,
password='******',
permission_prototype='public'):
"""create a User
"""
if User.objects.filter(username=user_name).count() < 0:
user = User.objects.get(username=user_name)
else:
user = User(username=user_name, password=password, email=email_address)
user.email_address = email_address
user.user_name = user_name
user.active = 1 # need this to be set before the save, below
user.save()
user_post_create(user)
from apps.synced import post_user_create
post_user_create.send(sender=user, user=user)
return user
def donor_reg(request):
xcheck = False
user_login = request.user
full_name = ''
username = ''
email = ''
user_id = ran_gen(6,'ABCDEFGHIJKLMPQRSTUVWXYZ123456789')
while xcheck:
check_id = AP.objects.filter(username=user_id)
if check_id.exists():
user_id = ran_gen(6,'ABCDEFGHIJKLMPQRSTUVWXYZ123456789')
xcheck = False
else:
xcheck = True
display = False
xList = []
if request.user.is_authenticated:
check_path = AP.objects.filter(username=user_login)
for x in check_path:
path = x.path
if path == 'admin':
pass
elif path == 'donor':
return HttpResponseRedirect(reverse('donor:home'))
else:
# return HttpResponseRedirect(reverse('reci:home'))
pass
else:
if request.method == 'POST':
f_name = request.POST.get('name')
full_name = f_name.lower().lstrip().rstrip()
user_name = request.POST.get('username')
username = user_name.lower().lstrip().rstrip()
# gen_der = request.POST.get('gender')
# gender = gen_der.lower().lstrip().rstrip()
# blood_type = request.POST.get('bloodtype')
# bloodtype = blood_type.lower().lstrip().rstrip()
e_mail = request.POST.get('email')
email = e_mail.lower().lstrip().rstrip()
# tele_phone = request.POST.get('telephone')
# telephone = tele_phone.lower().lstrip().rstrip()
# sta_te = request.POST.get('state')
# state = sta_te.lower().lstrip().rstrip()
pass_ = request.POST.get('pass')
password = pass_.lower().lstrip().rstrip()
pass_2 = request.POST.get('pass2')
password2 = pass_2.lower().lstrip().rstrip()
checkemail = User.objects.filter(email=email)
checkuser = User.objects.filter(username=username)
if password != password2:
error = {'error':"Both passwords didn't match"}
display = True
xList.append(error)
if len(password) < 6 :
error = {'error':"Password should be at least 6 charaters long"}
display = True
xList.append(error)
if checkuser.exists():
error = {'error':str(username) + " is not available"}
display = True
xList.append(error)
if checkemail.exists():
error = {'error':str(email) + " has been used"}
display = True
xList.append(error)
email = ''
if ' ' not in full_name:
error = {'error':"Please provide full name with a space"}
display = True
xList.append(error)
if not display:
random_number = random.randint(0,16777215)
hex_number = format(random_number,'x')
hex_number = '#'+hex_number
# RefCode = ran_gen(8,'ABCDEFGHIJKLMPQRSTUVWXYZ123456789')
name = full_name.split(' ')
namex = full_name.replace(' ', '-')
detail = User()
detail.first_name = name[0]
detail.last_name = name[1]
detail.username = username
detail.email = email
detail.set_password(password)
detail.active = True
detail.staff_status = False
detail.superuser_status = False
detail.save()
a = AP()
a.username = username
a.color_code = hex_number
a.path = 'donor'
a.save()
a = DD()
a.full_name = full_name
a.username = username
a.gender = ''
a.bloodtype = ''
a.email = email
a.telephone = ''
a.state = ''
a.password = password
a.save()
a = ND()
a.user = username
a.expires = datetime.now() + timedelta(hours=24)
a.save()
user = authenticate(username=username, password=password)
if user:
if user.is_active:
try:
URL = 'https://safewayfx.com/api/v1/codeupblood/newUser/'+namex+'/'+email+'/'+username
print(URL)
ress = json.loads(requests.get(URL).json())
print(str(ress))
except Exception as e:
print('>>>'+str(e))
login(request, user)
return HttpResponseRedirect(reverse('accounts:donor_add'))
data = {
'user_id':'CB-'+user_id,
'display':display,
'xLists':xList,
'full_name':full_name,
'username':username,
'email':email,
}
return render(request, 'accounts/donor_reg.html', data)
def test_edit_flags(self):
content_type_p = ContentType(app_label='auth', model='Plot')
content_type_p.save()
content_type_t = ContentType(app_label='auth', model='Tree')
content_type_t.save()
p = P(codename="change_user",name="change_user",content_type=content_type_p)
p.save()
t = P(codename="change_user",name="change_user",content_type=content_type_t)
t.save()
ghost = AnonymousUser()
peon = User(username="******")
peon.save()
peon.reputation = Reputation(user=peon)
peon.reputation.save()
duke = User(username="******")
duke.save()
duke.reputation = Reputation(user=duke)
duke.reputation.save()
leroi = User(username="******")
leroi.active = True
leroi.save() # double save required for m2m...
leroi.reputation = Reputation(user=leroi)
leroi.user_permissions.add(p)
leroi.user_permissions.add(t)
leroi.save()
leroi.reputation.save()
p_peon_0 = mkPlot(peon)
p_peon_1 = mkPlot(peon)
p_duke_2 = mkPlot(duke)
t_duke_0 = mkTree(duke, plot=p_peon_0)
t_peon_1 = mkTree(peon, plot=p_peon_1)
t_duke_2 = mkTree(duke, plot=p_duke_2)
p_roi_3 = mkPlot(leroi)
t_roi_3 = mkTree(leroi, plot=p_roi_3)
plots = [p_peon_0, p_peon_1, p_duke_2, p_roi_3]
trees = [t_duke_0, t_peon_1, t_duke_2, t_roi_3]
users = [ghost, peon, duke, leroi]
def mkd(e, d):
return { "can_delete": d, "can_edit": e }
def mkdp(pe, pd, te=None, td=None):
d = { "plot": mkd(pe,pd) }
if td != None and te != None:
d["tree"] = mkd(te, td)
return d
#################################
# A None or Anonymous user can't
# do anything
for p in plots:
self.assertEqual(mkd(False,False), plot_or_tree_permissions(p, ghost))
self.assertEqual(mkdp(False,False,False,False), plot_permissions(p, ghost))
self.assertEqual(mkd(False,False), plot_or_tree_permissions(p, None))
self.assertEqual(mkdp(False,False,False,False), plot_permissions(p, None))
for t in trees:
self.assertEqual(mkd(False,False), plot_or_tree_permissions(t, ghost))
self.assertEqual(mkd(False,False), plot_or_tree_permissions(t, None))
#################################
# A user can always delete or edit their own trees and plots
#
self.assertEqual(mkd(True,True), plot_or_tree_permissions(p_peon_0, peon))
self.assertEqual(mkd(True,True), plot_or_tree_permissions(p_peon_1, peon))
self.assertEqual(mkd(True,True), plot_or_tree_permissions(p_duke_2, duke))
self.assertEqual(mkd(True,True), plot_or_tree_permissions(t_duke_0, duke))
self.assertEqual(mkd(True,True), plot_or_tree_permissions(t_peon_1, peon))
self.assertEqual(mkd(True,True), plot_or_tree_permissions(t_duke_2, duke))
self.assertEqual(mkd(True,True), plot_or_tree_permissions(p_roi_3, leroi))
self.assertEqual(mkd(True,True), plot_or_tree_permissions(t_roi_3, leroi))
#################################
# An admin user can always do anything
#
for p in plots:
self.assertEqual(mkd(True,True), plot_or_tree_permissions(p, leroi))
self.assertEqual(mkdp(True,True,True,True), plot_permissions(p, leroi))
for t in trees:
self.assertEqual(mkd(True,True), plot_or_tree_permissions(t, leroi))
#################################
# A user can edit other trees but can't delete
#
self.assertEqual(mkdp(True,False,True,False), plot_permissions(p_roi_3, duke))
#################################
# No one can edit readonly trees
#
for p in plots:
p.readonly = True
p.save()
for t in trees:
t.readonly = True
t.save()
for p in plots:
for u in users:
self.assertEqual(mkd(False,False), plot_or_tree_permissions(p, u))
self.assertEqual(mkdp(False,False,False,False), plot_permissions(p, u))
for t in trees:
for u in users:
self.assertEqual(mkd(False,False), plot_or_tree_permissions(t, u))
def intake(request,app_id):
"""
Convert an application into a set of records in the iTaco db
for new student, family and parents. Also sends welcome message.
"""
app = get_object_or_404(Application, pk=app_id)
# Get current school year and Membership chairs for use in welcome email
cur_year = SchoolYear.objects.get(current=True)
chairs = BoardPosition.objects.get(title='Membership').profile_set.all()
# Make sure we don't try to perform intake for a student/family/parents twice!
if app.intake_complete == '1' :
messages.error(request, "Intake has already occurred for this student. Did not re-intake.")
return HttpResponseRedirect(reverse('process_apps'))
if request.POST:
# Create related student, family, and parent records
# Applications may have been submitted by existing families or by new families
# so first get a family object depending on that.
if app.family:
family = app.family
else:
family = Family()
family.famname = "%s, %s & %s, %s" % (app.par1_lname,app.par1_fname,app.par2_lname,app.par2_fname,)
family.save()
messages.success(request, "New iTaco family created. Review generated family and check name, financial aid, or other details.")
# Since this is a new family, create User objects and related profile records
# The duplication of code here is stupid - we repeat the next 20 lines to handle both parents.
# Is there a better way? Not a huge deal, just not very DRY.
# First run-through for Parent 1. If you modify any of this, do the same for the Parent 2 block below.
user = User()
user.first_name = app.par1_fname
user.last_name = app.par1_lname
user.username = "******" % (slugify(app.par1_fname),slugify(app.par1_lname))
user.email = app.par1_email
user.set_password(User.objects.make_random_password(length=8))
user.active = True
try:
user.save()
messages.success(request, "New iTaco user created and set to active: %s" % user.username)
# We now have a new User object. Attach a new Profile to them.
profile = Profile.objects.create(user=user)
profile.family = family
profile.address1 = app.par1_address1
profile.address2 = app.par1_address2
profile.city = app.par1_city
profile.state = app.par1_state
profile.zip = app.par1_zip
profile.phone_home = app.par1_phone_home
profile.phone_work = app.par1_phone_work
profile.phone_mobile = app.par1_phone_mobile
profile.save()
except:
# User creation could fail in the unlikely event that another user sam_jones already exists in the system
messages.error(request, "Failed creating iTaco user %s. Please contact the webmaster." % user.username)
# Second run-through for parent 2. Only do this if a 2nd parent exists to avoid creating empty parent objects
# We'll assume that the existence of a first name for parent2 means we have that parent object
if app.par2_fname:
user = User()
user.first_name = app.par2_fname
user.last_name = app.par2_lname
user.username = "******" % (slugify(app.par2_fname),slugify(app.par2_lname))
user.email = app.par2_email
user.set_password(User.objects.make_random_password(length=8))
user.active = True
try:
user.save()
messages.success(request, "New iTaco user created and set to active: %s" % user.username)
# We now have a new User object. Attach a new Profile to them.
profile = Profile.objects.create(user=user)
profile.family = family
profile.address1 = app.par2_address1
profile.address2 = app.par2_address2
profile.city = app.par2_city
profile.state = app.par2_state
profile.zip = app.par2_zip
profile.phone_home = app.par2_phone_home
profile.phone_work = app.par2_phone_work
profile.phone_mobile = app.par2_phone_mobile
profile.save()
except:
# User creation could fail in the unlikely event that another user sam_jones already exists in the system
messages.error(request, "Failed creating iTaco user %s. Please contact the webmaster." % user.username)
# Whether this is a new or old family, need to generate this Student object
student = Student()
student.first_name = app.child_first
student.last_name = app.child_last
student.family = family
student.birthdate = app.birthdate
student.enrolled = True
student.expected_grad_yr = SchoolYear.objects.get(grad_class=app.grade)
student.save()
# Now that we have a student ID, we can create an upload folder for their avatar
# based on it, and shunt their avatar into it. Need to both move the file on disk
# AND update the student record field with a corrected upload path
if app.avatar:
oldpath = os.path.join(settings.MEDIA_ROOT,str(app.avatar))
newdir = os.path.join(settings.MEDIA_ROOT,'uploads','student_avatars',str(student.id))
# Don't crash if source media avatar is missing for some reason
try:
os.makedirs(newdir)
shutil.copy(oldpath,newdir)
except:
pass
# Now update the student record with new avatar
filename = os.path.basename(oldpath)
student.avatar = os.path.join('uploads', 'student_avatars', str(student.id), str(filename))
student.save()
messages.success(request, "Profile image for student copied into student record.")
# Send welcome message to parents.
# We know we'll have an email for the first.
# Also send to the second if we have it.
recipients = [app.par1_email, ]
if app.par2_email:
recipients.append(app.par2_email)
email_subject = 'Welcome to iTaco, the Crestmont intranet'
email_body_txt = request.POST['letter_body']
msg = EmailMessage(email_subject, email_body_txt, "Crestmont Membership <*****@*****.**>", recipients)
if msg.send(fail_silently=False):
messages.success(request, "Welcome letter sent to %s" % recipients)
app.sent_offer_letter = True
app.save()
else:
messages.error(request, "Something went wrong. Offer letter NOT sent.")
# Update the intake_complete field so we don't accidentally intake this app again
app.intake_complete = 1
app.save()
messages.success(request, "New student record created. Please review the student entry in admin.")
return HttpResponseRedirect(reverse('process_apps'))
else:
# Display app intake warning page to admins
return render_to_response('apply/intake.html',
locals(),
context_instance=RequestContext(request),
)
