Exemple #1
0
def add_facility_user(request, facility, is_teacher):
    """Different codepaths for the following:
    * Django admin/teacher creates user, teacher
    * Student creates self

    Each has its own message and redirect.
    """

    # Data submitted to create the user.
    if request.method == "POST":  # now, teachers and students can belong to a group, so all use the same form.
        form = FacilityUserForm(request,
                                data=request.POST,
                                initial={"facility": facility})
        if form.is_valid():
            form.instance.set_password(form.cleaned_data["password"])
            form.instance.is_teacher = is_teacher
            form.save()

            # Admins create users while logged in.
            if request.is_logged_in:
                assert request.is_admin, "Regular users can't create users while logged in."
                messages.success(request,
                                 _("You successfully created the user."))
                return HttpResponseRedirect(
                    request.META.get("PATH_INFO", reverse("homepage"))
                )  # allow them to add more of the same thing.
            else:
                messages.success(request, _("You successfully registered."))
                return HttpResponseRedirect(
                    "%s?facility=%s" %
                    (reverse("login"), form.data["facility"]))

    # For GET requests
    else:
        form = FacilityUserForm(request,
                                initial={
                                    "facility": facility,
                                    "group": request.GET.get("group", None)
                                })

    # Across POST and GET requests
    form.fields["group"].queryset = FacilityGroup.objects.filter(
        facility=facility)

    return {
        "form": form,
        "facility": facility,
        "singlefacility": (Facility.objects.count() == 1),
        "teacher": is_teacher,
        "cur_url": request.path,
    }
Exemple #2
0
def add_facility_user(request, facility, is_teacher):
    """Different codepaths for the following:
    * Django admin/teacher creates user, teacher
    * Student creates self

    Each has its own message and redirect.
    """

    # Data submitted to create the user.
    if request.method == "POST":  # now, teachers and students can belong to a group, so all use the same form.
        form = FacilityUserForm(request, data=request.POST, initial={"facility": facility})
        if form.is_valid():
            form.instance.set_password(form.cleaned_data["password"])
            form.instance.is_teacher = is_teacher
            form.save()

            # Admins create users while logged in.
            if request.is_logged_in:
                assert request.is_admin, "Regular users can't create users while logged in."
                messages.success(request, _("You successfully created the user."))
                return HttpResponseRedirect(request.META.get("PATH_INFO", reverse("homepage")))  # allow them to add more of the same thing.
            else:
                messages.success(request, _("You successfully registered."))
                return HttpResponseRedirect("%s?facility=%s" % (reverse("login"), form.data["facility"]))

    # For GET requests
    else:
        form = FacilityUserForm(
            request,
            initial={
                "facility": facility,
                "group": request.GET.get("group", None)
            }
        )

    # Across POST and GET requests
    form.fields["group"].queryset = FacilityGroup.objects.filter(facility=facility)

    return {
        "form": form,
        "facility": facility,
        "singlefacility": (Facility.objects.count() == 1),
        "teacher": is_teacher,
        "cur_url": request.path,
    }
Exemple #3
0
def edit_facility_user(request, facility, is_teacher=None, id=None):
    """Different codepaths for the following:
    * Django admin/teacher creates user, teacher
    * Student creates self

    Each has its own message and redirect.
    """

    title = ""
    user = get_object_or_404(FacilityUser, id=id) if id != "new" else None

    # Check permissions
    if user and not request.is_admin and user != request.session.get("facility_user"):
        # Editing a user, user being edited is not self, and logged in user is not admin
        raise PermissionDenied()
    elif settings.package_selected("UserRestricted") and not request.is_admin:
        # Users cannot create/edit their own data when UserRestricted
        raise PermissionDenied(_("Please contact a teacher or administrator to receive login information to this installation."))

    # Data submitted to create the user.
    if request.method == "POST":  # now, teachers and students can belong to a group, so all use the same form.

        form = FacilityUserForm(facility, data=request.POST, instance=user)
        if form.is_valid():
            if form.cleaned_data["password_first"]:
                form.instance.set_password(form.cleaned_data["password_first"])
            form.save()

            if getattr(request.session.get("facility_user"), "id", None) == form.instance.id:
                # Edited: own account; refresh the facility_user setting
                request.session["facility_user"] = form.instance
                messages.success(request, _("You successfully updated your user settings."))
                return HttpResponseRedirect(request.next or reverse("account_management"))

            elif id != "new":
                # Edited: by admin; someone else's ID
                messages.success(request, _("User changes saved for user '%s'") % form.instance.get_name())
                if request.next:
                    return HttpResponseRedirect(request.next)

            elif request.is_admin:
                # Created: by admin
                messages.success(request, _("You successfully created user '%s'") % form.instance.get_name())
                return HttpResponseRedirect(request.META.get("PATH_INFO", request.next or reverse("homepage")))  # allow them to add more of the same thing.

            else:
                # Created: by self
                messages.success(request, _("You successfully registered."))
                return HttpResponseRedirect(request.next or "%s?facility=%s" % (reverse("login"), form.data["facility"]))

    # For GET requests
    elif user:
        form = FacilityUserForm(facility=facility, instance=user)
        title = _("Edit user") + " " + user.username

    else:
        assert is_teacher is not None, "Must call this function with is_teacher set."
        form = FacilityUserForm(facility, initial={
            "group": request.GET.get("group", None),
            "is_teacher": is_teacher,
        })

    if not title:
        if not request.is_admin:
            title = _("Sign up for an account")
        elif is_teacher:
            title = _("Add a new teacher")
        else:
            title = _("Add a new student")

    return {
        "title": title,
        "user_id": id,
        "form": form,
        "facility": facility,
        "singlefacility": request.session["facility_count"] == 1,
        "num_groups": form.fields["group"].choices.queryset.count(),
        "teacher": is_teacher,
        "cur_url": request.path,
    }
Exemple #4
0
def edit_facility_user(request, facility, is_teacher=None, id=None):
    """Different codepaths for the following:
    * Django admin/teacher creates user, teacher
    * Student creates self

    Each has its own message and redirect.
    """

    title = ""
    user = get_object_or_404(FacilityUser, id=id) if id != "new" else None

    # Check permissions
    if user and not request.is_admin and user != request.session.get(
            "facility_user"):
        # Editing a user, user being edited is not self, and logged in user is not admin
        raise PermissionDenied()
    elif settings.package_selected("UserRestricted") and not request.is_admin:
        # Users cannot create/edit their own data when UserRestricted
        raise PermissionDenied(
            _("Please contact a teacher or administrator to receive login information to this installation."
              ))

    # Data submitted to create the user.
    if request.method == "POST":  # now, teachers and students can belong to a group, so all use the same form.

        form = FacilityUserForm(facility, data=request.POST, instance=user)
        if form.is_valid():
            if form.cleaned_data["password_first"]:
                form.instance.set_password(form.cleaned_data["password_first"])
            form.save()

            if getattr(request.session.get("facility_user"), "id",
                       None) == form.instance.id:
                # Edited: own account; refresh the facility_user setting
                request.session["facility_user"] = form.instance
                messages.success(
                    request, _("You successfully updated your user settings."))
                return HttpResponseRedirect(request.next
                                            or reverse("account_management"))

            elif id != "new":
                # Edited: by admin; someone else's ID
                messages.success(
                    request,
                    _("User changes saved for user '%s'") %
                    form.instance.get_name())
                if request.next:
                    return HttpResponseRedirect(request.next)

            elif request.is_admin:
                # Created: by admin
                messages.success(
                    request,
                    _("You successfully created user '%s'") %
                    form.instance.get_name())
                return HttpResponseRedirect(
                    request.META.get("PATH_INFO", request.next
                                     or reverse("homepage"))
                )  # allow them to add more of the same thing.

            else:
                # Created: by self
                messages.success(request, _("You successfully registered."))
                return HttpResponseRedirect(
                    request.next or "%s?facility=%s" %
                    (reverse("login"), form.data["facility"]))

    # For GET requests
    elif user:
        form = FacilityUserForm(facility=facility, instance=user)
        title = _("Edit user") + " " + user.username

    else:
        assert is_teacher is not None, "Must call this function with is_teacher set."
        form = FacilityUserForm(facility,
                                initial={
                                    "group": request.GET.get("group", None),
                                    "is_teacher": is_teacher,
                                })

    if not title:
        if not request.is_admin:
            title = _("Sign up for an account")
        elif is_teacher:
            title = _("Add a new teacher")
        else:
            title = _("Add a new student")

    return {
        "title": title,
        "user_id": id,
        "form": form,
        "facility": facility,
        "singlefacility": request.session["facility_count"] == 1,
        "num_groups": form.fields["group"].choices.queryset.count(),
        "teacher": is_teacher,
        "cur_url": request.path,
    }