def add_facility_user(request, facility, is_teacher):
"""Different codepaths for the following:
* Django admin/teacher creates user, teacher
* Student creates self
Each has its own message and redirect.
"""
# Data submitted to create the user.
if request.method == "POST": # now, teachers and students can belong to a group, so all use the same form.
form = FacilityUserForm(request,
data=request.POST,
initial={"facility": facility})
if form.is_valid():
form.instance.set_password(form.cleaned_data["password"])
form.instance.is_teacher = is_teacher
form.save()
# Admins create users while logged in.
if request.is_logged_in:
assert request.is_admin, "Regular users can't create users while logged in."
messages.success(request,
_("You successfully created the user."))
return HttpResponseRedirect(
request.META.get("PATH_INFO", reverse("homepage"))
) # allow them to add more of the same thing.
else:
messages.success(request, _("You successfully registered."))
return HttpResponseRedirect(
"%s?facility=%s" %
(reverse("login"), form.data["facility"]))
# For GET requests
else:
form = FacilityUserForm(request,
initial={
"facility": facility,
"group": request.GET.get("group", None)
})
# Across POST and GET requests
form.fields["group"].queryset = FacilityGroup.objects.filter(
facility=facility)
return {
"form": form,
"facility": facility,
"singlefacility": (Facility.objects.count() == 1),
"teacher": is_teacher,
"cur_url": request.path,
}
def add_facility_user(request, facility, is_teacher):
"""Different codepaths for the following:
* Django admin/teacher creates user, teacher
* Student creates self
Each has its own message and redirect.
"""
# Data submitted to create the user.
if request.method == "POST": # now, teachers and students can belong to a group, so all use the same form.
form = FacilityUserForm(request, data=request.POST, initial={"facility": facility})
if form.is_valid():
form.instance.set_password(form.cleaned_data["password"])
form.instance.is_teacher = is_teacher
form.save()
# Admins create users while logged in.
if request.is_logged_in:
assert request.is_admin, "Regular users can't create users while logged in."
messages.success(request, _("You successfully created the user."))
return HttpResponseRedirect(request.META.get("PATH_INFO", reverse("homepage"))) # allow them to add more of the same thing.
else:
messages.success(request, _("You successfully registered."))
return HttpResponseRedirect("%s?facility=%s" % (reverse("login"), form.data["facility"]))
# For GET requests
else:
form = FacilityUserForm(
request,
initial={
"facility": facility,
"group": request.GET.get("group", None)
}
)
# Across POST and GET requests
form.fields["group"].queryset = FacilityGroup.objects.filter(facility=facility)
return {
"form": form,
"facility": facility,
"singlefacility": (Facility.objects.count() == 1),
"teacher": is_teacher,
"cur_url": request.path,
}
def edit_facility_user(request, facility, is_teacher=None, id=None):
"""Different codepaths for the following:
* Django admin/teacher creates user, teacher
* Student creates self
Each has its own message and redirect.
"""
title = ""
user = get_object_or_404(FacilityUser, id=id) if id != "new" else None
# Check permissions
if user and not request.is_admin and user != request.session.get("facility_user"):
# Editing a user, user being edited is not self, and logged in user is not admin
raise PermissionDenied()
elif settings.package_selected("UserRestricted") and not request.is_admin:
# Users cannot create/edit their own data when UserRestricted
raise PermissionDenied(_("Please contact a teacher or administrator to receive login information to this installation."))
# Data submitted to create the user.
if request.method == "POST": # now, teachers and students can belong to a group, so all use the same form.
form = FacilityUserForm(facility, data=request.POST, instance=user)
if form.is_valid():
if form.cleaned_data["password_first"]:
form.instance.set_password(form.cleaned_data["password_first"])
form.save()
if getattr(request.session.get("facility_user"), "id", None) == form.instance.id:
# Edited: own account; refresh the facility_user setting
request.session["facility_user"] = form.instance
messages.success(request, _("You successfully updated your user settings."))
return HttpResponseRedirect(request.next or reverse("account_management"))
elif id != "new":
# Edited: by admin; someone else's ID
messages.success(request, _("User changes saved for user '%s'") % form.instance.get_name())
if request.next:
return HttpResponseRedirect(request.next)
elif request.is_admin:
# Created: by admin
messages.success(request, _("You successfully created user '%s'") % form.instance.get_name())
return HttpResponseRedirect(request.META.get("PATH_INFO", request.next or reverse("homepage"))) # allow them to add more of the same thing.
else:
# Created: by self
messages.success(request, _("You successfully registered."))
return HttpResponseRedirect(request.next or "%s?facility=%s" % (reverse("login"), form.data["facility"]))
# For GET requests
elif user:
form = FacilityUserForm(facility=facility, instance=user)
title = _("Edit user") + " " + user.username
else:
assert is_teacher is not None, "Must call this function with is_teacher set."
form = FacilityUserForm(facility, initial={
"group": request.GET.get("group", None),
"is_teacher": is_teacher,
})
if not title:
if not request.is_admin:
title = _("Sign up for an account")
elif is_teacher:
title = _("Add a new teacher")
else:
title = _("Add a new student")
return {
"title": title,
"user_id": id,
"form": form,
"facility": facility,
"singlefacility": request.session["facility_count"] == 1,
"num_groups": form.fields["group"].choices.queryset.count(),
"teacher": is_teacher,
"cur_url": request.path,
}
def edit_facility_user(request, facility, is_teacher=None, id=None):
"""Different codepaths for the following:
* Django admin/teacher creates user, teacher
* Student creates self
Each has its own message and redirect.
"""
title = ""
user = get_object_or_404(FacilityUser, id=id) if id != "new" else None
# Check permissions
if user and not request.is_admin and user != request.session.get(
"facility_user"):
# Editing a user, user being edited is not self, and logged in user is not admin
raise PermissionDenied()
elif settings.package_selected("UserRestricted") and not request.is_admin:
# Users cannot create/edit their own data when UserRestricted
raise PermissionDenied(
_("Please contact a teacher or administrator to receive login information to this installation."
))
# Data submitted to create the user.
if request.method == "POST": # now, teachers and students can belong to a group, so all use the same form.
form = FacilityUserForm(facility, data=request.POST, instance=user)
if form.is_valid():
if form.cleaned_data["password_first"]:
form.instance.set_password(form.cleaned_data["password_first"])
form.save()
if getattr(request.session.get("facility_user"), "id",
None) == form.instance.id:
# Edited: own account; refresh the facility_user setting
request.session["facility_user"] = form.instance
messages.success(
request, _("You successfully updated your user settings."))
return HttpResponseRedirect(request.next
or reverse("account_management"))
elif id != "new":
# Edited: by admin; someone else's ID
messages.success(
request,
_("User changes saved for user '%s'") %
form.instance.get_name())
if request.next:
return HttpResponseRedirect(request.next)
elif request.is_admin:
# Created: by admin
messages.success(
request,
_("You successfully created user '%s'") %
form.instance.get_name())
return HttpResponseRedirect(
request.META.get("PATH_INFO", request.next
or reverse("homepage"))
) # allow them to add more of the same thing.
else:
# Created: by self
messages.success(request, _("You successfully registered."))
return HttpResponseRedirect(
request.next or "%s?facility=%s" %
(reverse("login"), form.data["facility"]))
# For GET requests
elif user:
form = FacilityUserForm(facility=facility, instance=user)
title = _("Edit user") + " " + user.username
else:
assert is_teacher is not None, "Must call this function with is_teacher set."
form = FacilityUserForm(facility,
initial={
"group": request.GET.get("group", None),
"is_teacher": is_teacher,
})
if not title:
if not request.is_admin:
title = _("Sign up for an account")
elif is_teacher:
title = _("Add a new teacher")
else:
title = _("Add a new student")
return {
"title": title,
"user_id": id,
"form": form,
"facility": facility,
"singlefacility": request.session["facility_count"] == 1,
"num_groups": form.fields["group"].choices.queryset.count(),
"teacher": is_teacher,
"cur_url": request.path,
}