def create_user_from_legacy(self, legacy_user, original_password):
"""
Create a new django user from the information
provided by the legacy database.
Users passed to this method are already assumed:
interactive = 1
status = 1
statusdetail = 'active'
"""
# create the user
user = User()
user.username = legacy_user.username
user.set_password(original_password)
user.first_name = legacy_user.firstname
user.last_name = legacy_user.lastname
user.email = legacy_user.email
user.is_active = True
user.is_staff = False
user.is_superuser = False
# test for legacy user rights and adjust accordingly
if legacy_user_is_developer(legacy_user):
user.is_staff = True
user.is_superuser = True
if legacy_user_is_admin(legacy_user):
user.is_staff = True
user.is_superuser = False
try:
user.save()
except: # most likely a duplicate username, send back failure
return None
# if they are an administrator then add them to the auth group "Admin"
user_add_remove_admin_auth_group(user)
# create the profile, whole lotta fields
profile_defaults = get_profile_defaults(legacy_user)
profile_defaults.update({
'allow_anonymous_view': False,
'allow_user_view': False,
'allow_member_view': False,
'allow_anonymous_edit': False,
'allow_user_edit': False,
'allow_member_edit': False,
'creator': user,
'creator_username': user.username,
'owner': user,
'owner_username': user.username,
'status': True,
'status_detail': 'active'
})
try:
user.profile.create(**profile_defaults)
except:
return user # send success so django can continue processing
return user
def edit(request, id, form_class=ProfileForm, template_name="profiles/edit.html"):
user_edit = get_object_or_404(User, pk=id)
try:
profile = Profile.objects.get(user=user_edit)
except Profile.DoesNotExist:
profile = Profile.objects.create_profile(user=user_edit)
if not profile.allow_edit_by(request.user): raise Http403
required_fields = get_setting('module', 'users', 'usersrequiredfields')
if required_fields:
required_fields_list = required_fields.split(',')
required_fields_list = [field.strip() for field in required_fields_list]
else:
required_fields_list = None
if request.method == "POST":
form = form_class(request.POST,
user_current=request.user,
user_this=user_edit,
required_fields_list=required_fields_list,
instance=profile)
if form.is_valid():
# get the old profile, so we know what has been changed in admin notification
old_user = User.objects.get(id=id)
old_profile = Profile.objects.get(user=old_user)
profile = form.save(request, user_edit)
if is_admin(request.user):
security_level = form.cleaned_data['security_level']
if security_level == 'developer':
user_edit.is_superuser = 1
user_edit.is_staff = 1
# remove them from auth_group if any - they don't need it
user_edit.groups = []
elif security_level == 'admin':
user_edit.is_superuser = 0
user_edit.is_staff = 1
# add them to admin auth group
user_add_remove_admin_auth_group(user_edit)
else:
user_edit.is_superuser = 0
user_edit.is_staff = 0
# remove them from auth_group if any
user_edit.groups = []
# add them to admin auth group
user_add_remove_admin_auth_group(user_edit)
# set up user permission
profile.allow_user_view, profile.allow_user_edit = False, False
else:
user_edit.is_superuser = 0
user_edit.is_staff = 0
# interactive
interactive = form.cleaned_data['interactive']
try:
interactive = int(interactive)
except:
interactive = 0
if interactive == 1:
user_edit.is_active = 1
else:
user_edit.is_active = 0
profile.save()
user_edit.save()
# notify ADMIN of update to a user's record
if get_setting('module', 'users', 'userseditnotifyadmin'):
# profile_edit_admin_notify(request, old_user, old_profile, profile)
# send notification to administrators
recipients = get_notice_recipients('module', 'users', 'userrecipients')
if recipients:
if notification:
extra_context = {
'old_user': old_user,
'old_profile': old_profile,
'profile': profile,
'request': request,
}
notification.send_emails(recipients,'user_edited', extra_context)
log_defaults = {
'event_id' : 122000,
'event_data': '%s (%d) edited by %s' % (user_edit._meta.object_name, user_edit.pk, request.user),
'description': '%s edited' % user_edit._meta.object_name,
'user': request.user,
'request': request,
'instance': user_edit,
}
EventLog.objects.log(**log_defaults)
return HttpResponseRedirect(reverse('profile', args=[user_edit.username]))
else:
if profile:
form = form_class(user_current=request.user,
user_this=user_edit,
required_fields_list=required_fields_list,
instance=profile)
else:
form = form_class(user_current=request.user,
user_this=user_edit,
required_fields_list=required_fields_list)
return render_to_response(template_name, {'user_this':user_edit, 'profile':profile, 'form':form,
'required_fields_list':required_fields_list},
context_instance=RequestContext(request))
def add(request, form_class=ProfileForm, template_name="profiles/add.html"):
if not has_perm(request.user,'profiles.add_profile'):raise Http403
required_fields = get_setting('module', 'users', 'usersrequiredfields')
if required_fields:
required_fields_list = required_fields.split(',')
required_fields_list = [field.strip() for field in required_fields_list]
else:
required_fields_list = None
if request.method == "POST":
form = form_class(request.POST,
user_current=request.user,
user_this=None,
required_fields_list=required_fields_list)
if form.is_valid():
profile = form.save(request, None)
new_user = profile.user
# security_level
if is_admin(request.user):
security_level = form.cleaned_data['security_level']
if security_level == 'developer':
new_user.is_superuser = 1
new_user.is_staff = 1
elif security_level == 'admin':
new_user.is_superuser = 0
new_user.is_staff = 1
# add them to admin auth group
user_add_remove_admin_auth_group(new_user)
else:
new_user.is_superuser = 0
new_user.is_staff = 0
# set up user permission
profile.allow_user_view, profile.allow_user_edit = False, False
else:
new_user.is_superuser = 0
new_user.is_staff = 0
# interactive
interactive = form.cleaned_data['interactive']
try:
interactive = int(interactive)
except:
interactive = 0
new_user.is_active = interactive
profile.save()
new_user.save()
ObjectPermission.objects.assign(new_user, profile)
log_defaults = {
'event_id' : 121000,
'event_data': '%s (%d) added by %s' % (new_user._meta.object_name, new_user.pk, request.user),
'description': '%s added' % new_user._meta.object_name,
'user': request.user,
'request': request,
'instance': new_user,
}
EventLog.objects.log(**log_defaults)
# send notification to administrators
recipients = get_notice_recipients('module', 'users', 'userrecipients')
if recipients:
if notification:
extra_context = {
'object': profile,
'request': request,
}
notification.send_emails(recipients,'user_added', extra_context)
return HttpResponseRedirect(reverse('profile', args=[new_user.username]))
else:
form = form_class(user_current=request.user,
user_this=None,
required_fields_list=required_fields_list)
auto_pwd = request.POST.get('auto_pwd')
return render_to_response(template_name, {'form':form, 'user_this':None,
'required_fields_list': required_fields_list,
'auto_pwd': auto_pwd
},
context_instance=RequestContext(request))
