def user_settings(request): if request.method == "POST": form = UserSettingsForm(request.POST, instance=request.user) if form.is_valid(): form.save(request) messages.success(request, 'Settings saved successfully.') return HttpResponseRedirect(reverse('user_settings')) else: form = UserSettingsForm(instance=request.user) return render_to_response('authenticated/user/user_settings.html', locals(), context_instance=RequestContext(request))
def editview(request, action): if request.user.is_authenticated(): if request.method == 'POST': context = {'action': 'User settings'} orig_superuser = request.user.is_superuser orig_staff = request.user.is_staff if (action == 'password'): form = PasswordChangeForm(data=request.POST, user=request.user) elif (action == 'settings'): if request.user.is_superuser: form = UserSettingsForm(request.POST, instance=request.user) else: form = NormalUserSettingsForm(request.POST, instance=request.user) if form.is_valid(): ruser = form.save(commit=False) if not orig_superuser: ruser.is_superuser = False ruser.is_staff = orig_staff ruser.save() if action == 'settings': try: sciriususer = ruser.sciriususer sciriususer.timezone = form.cleaned_data['timezone'] except: sciriususer = SciriusUser.objects.create( user=ruser, timezone=form.cleaned_data['timezone']) sciriususer.save() else: context['error'] = 'Invalid form' return scirius_render(request, 'accounts/edit.html', context) else: if (action == 'password'): form = PasswordChangeForm(request.user) context = {'form': form, 'action': 'Change password'} elif (action == 'settings'): if request.user.is_superuser: form = UserSettingsForm(instance=request.user, ) else: form = NormalUserSettingsForm(instance=request.user) try: form.initial[ 'timezone'] = request.user.sciriususer.timezone except: pass context = { 'form': form, 'action': 'Edit settings for ' + request.user.username } else: context = {'action': 'User settings'} return scirius_render(request, 'accounts/edit.html', context)
def edit_settings(request): user_settings, created = UserSettings.objects.get_or_create(user=request.user) if request.method == 'POST': form = UserSettingsForm(request.POST, instance=user_settings) if form.is_valid(): form.save() if request.POST.get('welcome', False): redir_url = "/welcome/3" else: redir_url = request.META["HTTP_REFERER"] messages.success(request, 'Settings saved!') return HttpResponseRedirect(redir_url)
def post(self): #---------------------------------------------------------------------- ''' update user settings ''' try: # get the user from the database userid = flask.session['user_id'] thisuser = racedb.User.query.filter_by(id=userid).first() pagename = 'User Settings' buttontext = 'Update' successtext = '{} updated'.format(thisuser.name) displayonly = False # create the form form = UserSettingsForm(email=thisuser.email, name=thisuser.name) form.hidden_userid.data = userid # if form.validate_on_submit(): flask.get_flashed_messages() # clears flash queue # action and commit requested if flask.request.form['whichbutton'] == buttontext: thisuser.email = form.email.data thisuser.name = form.name.data if form.password.data: thisuser.set_password(form.password.data) # commit database updates and close transaction db.session.commit() return flask.redirect(flask.request.args.get('next') or flask.url_for('index')) # cancel requested - note changes may have been made in url_for('updatepermissions') which need to be rolled back # TODO: get rid of this??? It should not work elif flask.request.form['whichbutton'] == 'Cancel': db.session.rollback() # throw out any changes which have been made return flask.redirect(flask.request.args.get('next') or flask.url_for('index')) # commit database updates and close transaction db.session.commit() return (flask.redirect(flask.request.args.get('next')) or flask.url_for('index')) except Exception,e: # roll back database updates and close transaction db.session.rollback() cause = 'Unexpected Error: {}\n{}'.format(e,traceback.format_exc()) flask.flash(cause) app.logger.error(traceback.format_exc()) raise
def manageuseraction(request, user_id, action): user = get_object_or_404(User, pk=user_id) context = { 'action': 'User actions', 'user': user } if request.method == 'POST': if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) if action == "edit": form = UserSettingsForm(request.POST, instance = user) if form.is_valid(): form.save() else: context['error'] = 'Invalid form' return scirius_render(request, 'accounts/user.html', context) if action == "activate": if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) user.is_active = True user.save() elif action == "deactivate": if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) user.is_active = False user.save() elif action == "edit": if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) form = UserSettingsForm(instance = user) context = {'form': form } return scirius_render(request, 'accounts/user.html', context) elif action == "delete": if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) if request.GET.__contains__('confirm'): user.delete() return redirect('/accounts/manage/') else: context = { 'confirm_action': 'Delete user', 'user': user, 'action': 'delete'} return scirius_render(request, 'accounts/user.html', context) context = { 'action': 'User actions', 'user': user } return scirius_render(request, 'accounts/user.html', context)
def setting(request): settings = UserSettings.getByCurrentUser() im_protocol = settings.im.protocol if settings.im is not None else '' im_address = settings.im.address if settings.im is not None else '' if request.method == 'GET': form = UserSettingsForm({'firstname':settings.firstname, 'lastname':settings.lastname, 'gender':settings.gender, 'profile': settings.profile, 'language': settings.language, 'birthdate':settings.birthdate, 'website': settings.website, 'home_phone': settings.home_phone, 'work_phone':settings.work_phone, 'mobile':settings.mobile, 'fax':settings.fax, 'address':settings.address }) if request.method == 'POST': form = UserSettingsForm(request.POST) logging.getLogger().debug(form) if form.is_valid(): modified_settings = form.save(commit=False) settings.lastname = modified_settings.lastname settings.firstname = modified_settings.firstname settings.gender = modified_settings.gender settings.profile = modified_settings.profile settings.language = modified_settings.language settings.birthdate = modified_settings.birthdate settings.website = modified_settings.website settings.home_phone = modified_settings.home_phone settings.work_phone = modified_settings.work_phone settings.mobile = modified_settings.mobile settings.fax = modified_settings.fax settings.address = modified_settings.address if request.POST['im_address'] is not u'': settings.im = db.IM(request.POST['im_protocol'], request.POST['im_address']) settings.put() return HttpResponseRedirect('/') return render_to_response('setting.html', {'im_protocol':im_protocol,'im_address':im_address,'form': form}, context_instance=RequestContext(request))
def editview(request, action): if request.user.is_authenticated(): if request.method == 'POST': context = {'action': 'User settings'} orig_superuser = request.user.is_superuser orig_staff = request.user.is_staff if (action == 'password'): form = PasswordChangeForm(data=request.POST, user=request.user) elif (action == 'settings'): form = UserSettingsForm(request.POST, instance=request.user) if form.is_valid(): ruser = form.save(commit=False) if not orig_superuser: ruser.is_superuser = False ruser.is_staff = orig_staff ruser.save() form.save_m2m() else: context['error'] = 'Invalid form' return scirius_render(request, 'accounts/edit.html', context) else: if (action == 'password'): form = PasswordChangeForm(request.user) context = {'form': form, 'action': 'Change password'} elif (action == 'settings'): if request.user.is_superuser: form = UserSettingsForm(instance=request.user) else: form = NormalUserSettingsForm(instance=request.user) context = { 'form': form, 'action': 'Edit settings for ' + request.user.username } else: context = {'action': 'User settings'} return scirius_render(request, 'accounts/edit.html', context)
def manageuseraction(request, user_id, action): user = get_object_or_404(User, pk=user_id) context = {'action': 'User actions', 'user': user} if request.method == 'POST': if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) if action == "edit": form = UserSettingsForm(request.POST, instance=user) if form.is_valid(): form.save() else: context['error'] = 'Invalid form' return scirius_render(request, 'accounts/user.html', context) if action == "activate": if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) user.is_active = True user.save() elif action == "deactivate": if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) user.is_active = False user.save() elif action == "edit": if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) form = UserSettingsForm(instance=user) context = {'form': form} return scirius_render(request, 'accounts/user.html', context) elif action == "delete": if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) if request.GET.__contains__('confirm'): user.delete() return redirect('/accounts/manage/') else: context = { 'confirm_action': 'Delete user', 'user': user, 'action': 'delete' } return scirius_render(request, 'accounts/user.html', context) context = {'action': 'User actions', 'user': user} return scirius_render(request, 'accounts/user.html', context)
def setting(request): settings = UserSettings.getByCurrentUser() im_protocol = settings.im.protocol if settings.im is not None else '' im_address = settings.im.address if settings.im is not None else '' if request.method == 'GET': form = UserSettingsForm({ 'firstname': settings.firstname, 'lastname': settings.lastname, 'gender': settings.gender, 'profile': settings.profile, 'language': settings.language, 'birthdate': settings.birthdate, 'website': settings.website, 'home_phone': settings.home_phone, 'work_phone': settings.work_phone, 'mobile': settings.mobile, 'fax': settings.fax, 'address': settings.address }) if request.method == 'POST': form = UserSettingsForm(request.POST) logging.getLogger().debug(form) if form.is_valid(): modified_settings = form.save(commit=False) settings.lastname = modified_settings.lastname settings.firstname = modified_settings.firstname settings.gender = modified_settings.gender settings.profile = modified_settings.profile settings.language = modified_settings.language settings.birthdate = modified_settings.birthdate settings.website = modified_settings.website settings.home_phone = modified_settings.home_phone settings.work_phone = modified_settings.work_phone settings.mobile = modified_settings.mobile settings.fax = modified_settings.fax settings.address = modified_settings.address if request.POST['im_address'] is not u'': settings.im = db.IM(request.POST['im_protocol'], request.POST['im_address']) settings.put() return HttpResponseRedirect('/') return render_to_response('setting.html', { 'im_protocol': im_protocol, 'im_address': im_address, 'form': form }, context_instance=RequestContext(request))
def manageuseraction(request, user_id, action): user = get_object_or_404(User, pk=user_id) context = {'action': 'User actions', 'user': user} if request.method == 'POST': if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) if action == "edit": form = UserSettingsForm(request.POST, instance = user) if form.is_valid(): form.save() try: sciriususer = user.sciriususer sciriususer.timezone = form.cleaned_data['timezone'] except: sciriususer = SciriusUser.objects.create(user = user, timezone = form.cleaned_data['timezone']) sciriususer.save() else: context['error'] = 'Edition form is not valid' context['form'] = form elif action == 'password': form = PasswordForm(request.POST) if form.is_valid(): user.set_password(form.cleaned_data['password']) user.save() if user == request.user: # If the user change his own password prevent the session to be invalidated update_session_auth_hash(request, user) else: context['error'] = 'Password form is not valid' elif action == "delete": form = DeleteForm(request.POST) if form.is_valid(): if request.POST.__contains__('confirm'): user.delete() return redirect('/accounts/manage/') else: context['error'] = 'Delete form is not valid' return scirius_render(request, 'accounts/user.html', context) if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' context['user'] = get_object_or_404(User, pk=request.user.pk) return scirius_render(request, 'accounts/user.html', context) if action == "activate": user.is_active = True user.save() context['current_action'] = 'Activate user %s' % user.username elif action == "deactivate": user.is_active = False user.save() context['current_action'] = 'Deactivate user %s' % user.username elif action == "edit": form = UserSettingsForm(instance = user) try: form.initial['timezone'] = user.sciriususer.timezone except: pass context['form'] = form context['current_action'] = 'Edit user %s' % user.username return scirius_render(request, 'accounts/user.html', context) elif action == "password": form = PasswordForm() context['form'] = form context['current_action'] = 'Edit password for user %s' % user.username return scirius_render(request, 'accounts/user.html', context) elif action == "delete": context = { 'confirm_action': 'Delete user', 'user': user, 'action': 'delete'} return scirius_render(request, 'accounts/user.html', context) context['current_action'] = 'User %s' % user.username return scirius_render(request, 'accounts/user.html', context)
def editview(request, action): if request.user.is_authenticated(): request_data = None context = {} if request.method == 'POST': request_data = request.POST if action == 'password': form = PasswordChangeForm(user=request.user, data=request_data) context = { 'form': form, 'action': 'Change password', 'edition': True } elif action == 'settings': tz = 'UTC' if hasattr(request.user, 'sciriususer'): tz = request.user.sciriususer.timezone initial = {'timezone': tz} if request.user.is_superuser: form = UserSettingsForm(request_data, instance=request.user, initial=initial) else: form = NormalUserSettingsForm(request_data, instance=request.user, initial=initial) context = { 'form': form, 'action': 'Edit settings for ' + request.user.username, 'edition': True } elif action == 'token': initial = {} token = Token.objects.filter(user=request.user) if len(token): initial['token'] = token[0] form = TokenForm(request_data, initial=initial) context = {'form': form, 'action': 'User token', 'edition': True} else: context = {'action': 'User settings', 'edition': False} if request.method == 'POST': if action == 'token': current_tokens = Token.objects.filter(user=request.user) for token in current_tokens: token.delete() Token.objects.create(user=request.user) return redirect('accounts_edit', action='token') orig_superuser = request.user.is_superuser orig_staff = request.user.is_staff if form.is_valid(): context['edition'] = False context['action'] = 'User settings' ruser = form.save(commit=False) if not orig_superuser: ruser.is_superuser = False ruser.is_staff = orig_staff ruser.save() if action == 'password': update_session_auth_hash(request, ruser) if action == 'settings': try: sciriususer = ruser.sciriususer sciriususer.timezone = form.cleaned_data['timezone'] except: sciriususer = SciriusUser.objects.create( user=ruser, timezone=form.cleaned_data['timezone']) sciriususer.save() return scirius_render(request, 'accounts/edit.html', context)
def manageuseraction(request, user_id, action): user = get_object_or_404(User, pk=user_id) context = {'action': 'User actions', 'user': user} if request.method == 'POST': if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) if action == "edit": form = UserSettingsForm(request.POST, instance=user) if form.is_valid(): form.save() try: sciriususer = user.sciriususer sciriususer.timezone = form.cleaned_data['timezone'] except: sciriususer = SciriusUser.objects.create( user=user, timezone=form.cleaned_data['timezone']) sciriususer.save() else: context['error'] = 'Edition form is not valid' context['form'] = form elif action == 'password': form = PasswordForm(request.POST) if form.is_valid(): user.set_password(form.cleaned_data['password']) user.save() if user == request.user: # If the user change his own password prevent the session to be invalidated update_session_auth_hash(request, user) else: context['error'] = 'Password form is not valid' elif action == "delete": form = DeleteForm(request.POST) if form.is_valid(): if request.POST.__contains__('confirm'): user.delete() return redirect('/accounts/manage/') else: context['error'] = 'Delete form is not valid' return scirius_render(request, 'accounts/user.html', context) if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' context['user'] = get_object_or_404(User, pk=request.user.pk) return scirius_render(request, 'accounts/user.html', context) if action == "activate": user.is_active = True user.save() context['current_action'] = 'Activate user %s' % user.username elif action == "deactivate": user.is_active = False user.save() context['current_action'] = 'Deactivate user %s' % user.username elif action == "edit": form = UserSettingsForm(instance=user) try: form.initial['timezone'] = user.sciriususer.timezone except: pass context['form'] = form context['current_action'] = 'Edit user %s' % user.username return scirius_render(request, 'accounts/user.html', context) elif action == "password": form = PasswordForm() context['form'] = form context['current_action'] = 'Edit password for user %s' % user.username return scirius_render(request, 'accounts/user.html', context) elif action == "delete": context = { 'confirm_action': 'Delete user', 'user': user, 'action': 'delete' } return scirius_render(request, 'accounts/user.html', context) context['current_action'] = 'User %s' % user.username return scirius_render(request, 'accounts/user.html', context)
def manageuseraction(request, user_id, action): user = get_object_or_404(User, pk=user_id) context = {'action': 'User actions', 'user': user} if request.method == 'POST': if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) if action == "edit": form = UserSettingsForm(request.POST, instance=user) if form.is_valid(): form.save() try: sciriususer = user.sciriususer sciriususer.timezone = form.cleaned_data['timezone'] except: sciriususer = SciriusUser.objects.create( user=user, timezone=form.cleaned_data['timezone']) sciriususer.save() else: context['error'] = 'Invalid form' elif action == 'password': form = PasswordForm(request.POST) if form.is_valid(): user.set_password(form.cleaned_data['password']) user.save() else: context['error'] = 'Invalid form' elif action == "delete": form = DeleteForm(request.POST) if form.is_valid(): if request.POST.__contains__('confirm'): user.delete() return redirect('/accounts/manage/') else: context['error'] = 'Invalid form' return scirius_render(request, 'accounts/user.html', context) if action == "activate": if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) user.is_active = True user.save() elif action == "deactivate": if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) user.is_active = False user.save() elif action == "edit": if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) form = UserSettingsForm(instance=user) try: form.initial['timezone'] = user.sciriususer.timezone except: pass context['form'] = form return scirius_render(request, 'accounts/user.html', context) elif action == "password": if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) form = PasswordForm() context['form'] = form return scirius_render(request, 'accounts/user.html', context) elif action == "delete": if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) context = { 'confirm_action': 'Delete user', 'user': user, 'action': 'delete' } return scirius_render(request, 'accounts/user.html', context) context = {'action': 'User actions', 'user': user} return scirius_render(request, 'accounts/user.html', context)
def manageuseraction(request, user_id, action): user = get_object_or_404(User, pk=user_id) context = { 'action': 'User actions', 'user': user } if request.method == 'POST': if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) if action == "edit": form = UserSettingsForm(request.POST, instance = user) if form.is_valid(): form.save() try: sciriususer = user.sciriususer sciriususer.timezone = form.cleaned_data['timezone'] except: sciriususer = SciriusUser.objects.create(user = user, timezone = form.cleaned_data['timezone']) sciriususer.save() else: context['error'] = 'Invalid form' elif action == 'password': form = PasswordForm(request.POST) if form.is_valid(): user.set_password(form.cleaned_data['password']) user.save() else: context['error'] = 'Invalid form' return scirius_render(request, 'accounts/user.html', context) if action == "activate": if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) user.is_active = True user.save() elif action == "deactivate": if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) user.is_active = False user.save() elif action == "edit": if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) form = UserSettingsForm(instance = user) try: form.initial['timezone'] = user.sciriususer.timezone except: pass context['form'] = form return scirius_render(request, 'accounts/user.html', context) elif action == "password": if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) form = PasswordForm() context['form'] = form return scirius_render(request, 'accounts/user.html', context) elif action == "delete": if not request.user.is_superuser: context['error'] = 'Unsufficient permissions' return scirius_render(request, 'accounts/user.html', context) if request.GET.__contains__('confirm'): user.delete() return redirect('/accounts/manage/') else: context = { 'confirm_action': 'Delete user', 'user': user, 'action': 'delete'} return scirius_render(request, 'accounts/user.html', context) context = { 'action': 'User actions', 'user': user } return scirius_render(request, 'accounts/user.html', context)