def get_queryset(self):
query_params = {key: value or None for key, value in self.request.GET.items()}
user_group = self.request.user.group.name
if user_group in getattr(settings, 'DISTRICT_GROUPS', []):
target_locations = get_user_district_locations(self.request.user)
query_params.update({'location__in': target_locations})
if 'ordering' in query_params:
ordering_params = query_params['ordering']
del query_params['ordering']
query_set = UserProfile.objects(**query_params).order_by('%s' % ordering_params)
else:
query_set = UserProfile.objects(**query_params).order_by('-created_at')
return query_set
def validate_email(self, attrs, source):
email = attrs.get(source)
updated_value = email != getattr(self.object, 'email', '')
if not email:
return attrs
self.__check_uniqueness(attrs, 'email', UserProfile.objects(email=email), updated_value)
return attrs
def test_should_update_password_of_user(self):
profile = UserProfile(**self.mobile_user_attr).save()
response = self.client.post(self.API_ENDPOINT + str(profile.id) + '/password/', self.password_data)
profiles = UserProfile.objects()
users = User.objects(username=self.user.username)
self.assertEqual(200, response.status_code)
self.assertEqual({}, response.data)
self.assertEqual(1, profiles.count())
self.assertEqual(1, users.count())
self.assertTrue(users.first().check_password(self.password_data['new_password']))
response = self.client.login(username=self.user.username, password=self.password_data['new_password'])
self.assertTrue(response)
class PasswordChangeView(UpdateAPIView):
serializer_class = UserPasswordChangeSerializer
queryset = UserProfile.objects()
model = UserProfile
permission_classes = [And(LoggedIn, UrlMatchesCurrentUser)]
def get_object(self, queryset=None):
profile = super(PasswordChangeView, self).get_object()
return profile.user
def pre_save(self, obj):
profile = super(PasswordChangeView, self).get_object()
UserProfileService(profile).notify_password_change()
def post(self, request, *args, **kwargs):
return self.patch(request, *args, **kwargs)
class PasswordResetView(UpdateAPIView):
serializer_class = UserPasswordResetSerializer
queryset = UserProfile.objects()
model = UserProfile
permission_classes = (build_permission_class('dms.can_manage_users'), )
def get_object(self, queryset=None):
profile = super(PasswordResetView, self).get_object()
if not profile.user:
from django.http import Http404
raise Http404('%s is not a web user.' % profile.name)
return profile.user
def pre_save(self, obj):
profile = super(PasswordResetView, self).get_object()
UserProfileService(profile).reset_password()
def post(self, request, *args, **kwargs):
return self.patch(request, *args, **kwargs)
def test_should_update_password_of_user(self):
profile = UserProfile(**self.mobile_user_attr).save()
response = self.client.post(
self.API_ENDPOINT + str(profile.id) + '/password/',
self.password_data)
profiles = UserProfile.objects()
users = User.objects(username=self.user.username)
self.assertEqual(200, response.status_code)
self.assertEqual({}, response.data)
self.assertEqual(1, profiles.count())
self.assertEqual(1, users.count())
self.assertTrue(users.first().check_password(
self.password_data['new_password']))
response = self.client.login(
username=self.user.username,
password=self.password_data['new_password'])
self.assertTrue(response)
class UserProfileListCreateView(ListCreateAPIView):
serializer_class = UserProfileSerializer
queryset = UserProfile.objects()
model = UserProfile
permission_classes = (build_permission_class('dms.can_manage_users'),)
def get_queryset(self):
query_params = {key: value or None for key, value in self.request.GET.items()}
user_group = self.request.user.group.name
if user_group in getattr(settings, 'DISTRICT_GROUPS', []):
target_locations = get_user_district_locations(self.request.user)
query_params.update({'location__in': target_locations})
if 'ordering' in query_params:
ordering_params = query_params['ordering']
del query_params['ordering']
query_set = UserProfile.objects(**query_params).order_by('%s' % ordering_params)
else:
query_set = UserProfile.objects(**query_params).order_by('-created_at')
return query_set
def pre_save(self, obj):
username = self.request.DATA.get('username', None)
group_id = self.request.DATA.get('group', None)
if username:
user = UserProfileService(obj).setup_new_user(username, group_id)
obj.user = user
def save_new_image(self, obj):
try:
if self.request.FILES.get('file'):
image = image_resizer.ImageResizer(self.request.FILES.get('file')).generate().read()
content_type = self.request.FILES.get('file').content_type
obj.photo.put(image, content_type=content_type)
obj.save()
except:
obj.photo.delete()
obj.save()
def post_save(self, obj, created=False):
self.save_new_image(obj)
def validate_phone(self, attrs, source):
phone = attrs.get(source)
updated_value = phone != getattr(self.object, 'phone', '')
self.__check_uniqueness(attrs, 'phone', UserProfile.objects(phone=phone), updated_value)
return attrs
def list(self, request, *args, **kwargs):
user_profile = UserProfile.objects(id=kwargs['id']).first()
serializer = UserProfileSerializer(user_profile)
return Response(serializer.data)
def get_queryset(self):
return UserProfile.objects()
