def manage_experimenter(request, action, eid=None, conn=None, **kwargs): template = "webadmin/experimenter_form.html" groups = list(conn.getObjects("ExperimenterGroup")) groups.sort(key=lambda x: x.getName().lower()) if action == 'new': form = ExperimenterForm( initial={ 'with_password': True, 'active': True, 'groups': otherGroupsInitialList(groups) }) context = {'form': form} elif action == 'create': if request.method != 'POST': return HttpResponseRedirect( reverse(viewname="wamanageexperimenterid", args=["new"])) else: name_check = conn.checkOmeName(request.REQUEST.get('omename')) email_check = conn.checkEmail(request.REQUEST.get('email')) initial = { 'with_password': True, 'groups': otherGroupsInitialList(groups) } form = ExperimenterForm(initial=initial, data=request.REQUEST.copy(), name_check=name_check, email_check=email_check) if form.is_valid(): logger.debug("Create experimenter form:" + str(form.cleaned_data)) omename = form.cleaned_data['omename'] firstName = form.cleaned_data['first_name'] middleName = form.cleaned_data['middle_name'] lastName = form.cleaned_data['last_name'] email = form.cleaned_data['email'] institution = form.cleaned_data['institution'] admin = toBoolean(form.cleaned_data['administrator']) active = toBoolean(form.cleaned_data['active']) defaultGroup = form.cleaned_data['default_group'] otherGroups = form.cleaned_data['other_groups'] password = form.cleaned_data['password'] # default group # if default group was not selected take first from the list. if defaultGroup is None: defaultGroup = otherGroups[0] for g in groups: if long(defaultGroup) == g.id: dGroup = g break listOfOtherGroups = set() # rest of groups for g in groups: for og in otherGroups: # remove defaultGroup from otherGroups if contains if long(og) == long(dGroup.id): pass elif long(og) == g.id: listOfOtherGroups.add(g) conn.createExperimenter(omename, firstName, lastName, email, admin, active, dGroup, listOfOtherGroups, password, middleName, institution) return HttpResponseRedirect(reverse("waexperimenters")) context = {'form': form} elif action == 'edit': experimenter, defaultGroup, otherGroups, isLdapUser, hasAvatar = prepare_experimenter( conn, eid) try: defaultGroupId = defaultGroup.id except: defaultGroupId = None initial = { 'omename': experimenter.omeName, 'first_name': experimenter.firstName, 'middle_name': experimenter.middleName, 'last_name': experimenter.lastName, 'email': experimenter.email, 'institution': experimenter.institution, 'administrator': experimenter.isAdmin(), 'active': experimenter.isActive(), 'default_group': defaultGroupId, 'other_groups': [g.id for g in otherGroups], 'groups': otherGroupsInitialList(groups) } experimenter_is_me = (conn.getEventContext().userId == long(eid)) form = ExperimenterForm(experimenter_is_me=experimenter_is_me, initial=initial) password_form = ChangePassword() context = { 'form': form, 'eid': eid, 'ldapAuth': isLdapUser, 'password_form': password_form } elif action == 'save': experimenter, defaultGroup, otherGroups, isLdapUser, hasAvatar = prepare_experimenter( conn, eid) if request.method != 'POST': return HttpResponseRedirect( reverse(viewname="wamanageexperimenterid", args=["edit", experimenter.id])) else: name_check = conn.checkOmeName(request.REQUEST.get('omename'), experimenter.omeName) email_check = conn.checkEmail(request.REQUEST.get('email'), experimenter.email) initial = { 'active': True, 'groups': otherGroupsInitialList(groups) } form = ExperimenterForm(initial=initial, data=request.POST.copy(), name_check=name_check, email_check=email_check) if form.is_valid(): logger.debug("Update experimenter form:" + str(form.cleaned_data)) omename = form.cleaned_data['omename'] firstName = form.cleaned_data['first_name'] middleName = form.cleaned_data['middle_name'] lastName = form.cleaned_data['last_name'] email = form.cleaned_data['email'] institution = form.cleaned_data['institution'] admin = toBoolean(form.cleaned_data['administrator']) active = toBoolean(form.cleaned_data['active']) if experimenter.getId() == conn.getUserId(): active = True # don't allow user to disable themselves! defaultGroup = form.cleaned_data['default_group'] otherGroups = form.cleaned_data['other_groups'] # default group # if default group was not selected take first from the list. if defaultGroup is None: defaultGroup = otherGroups[0] for g in groups: if long(defaultGroup) == g.id: dGroup = g break listOfOtherGroups = set() # rest of groups for g in groups: for og in otherGroups: # remove defaultGroup from otherGroups if contains if long(og) == long(dGroup.id): pass elif long(og) == g.id: listOfOtherGroups.add(g) conn.updateExperimenter(experimenter, omename, firstName, lastName, email, admin, active, dGroup, listOfOtherGroups, middleName, institution) return HttpResponseRedirect(reverse("waexperimenters")) context = {'form': form, 'eid': eid, 'ldapAuth': isLdapUser} #elif action == "delete": # conn.deleteExperimenter() # return HttpResponseRedirect(reverse("waexperimenters")) else: return HttpResponseRedirect(reverse("waexperimenters")) context['template'] = template return context
def manage_experimenter(request, action, eid=None, conn=None, **kwargs): template = "webadmin/experimenter_form.html" groups = list(conn.getObjects("ExperimenterGroup")) groups.sort(key=lambda x: x.getName().lower()) user_privileges = conn.get_privileges_for_form( conn.getCurrentAdminPrivileges()) can_modify_user = '******' in user_privileges if action == 'new': form = ExperimenterForm(can_modify_user=can_modify_user, user_privileges=user_privileges, initial={ 'with_password': True, 'active': True, 'groups': otherGroupsInitialList(groups) }) admin_groups = [ conn.getAdminService().getSecurityRoles().systemGroupId ] context = { 'form': form, 'admin_groups': admin_groups, 'can_modify_user': can_modify_user } elif action == 'create': if request.method != 'POST': return HttpResponseRedirect( reverse(viewname="wamanageexperimenterid", args=["new"])) else: name_check = conn.checkOmeName(request.POST.get('omename')) email_check = conn.checkEmail(request.POST.get('email')) my_groups = getSelectedGroups(conn, request.POST.getlist('other_groups')) initial = { 'with_password': True, 'my_groups': my_groups, 'groups': otherGroupsInitialList(groups) } # This form may be returned to user if invalid # Needs user_privileges & can_modify_user for this form = ExperimenterForm(can_modify_user=can_modify_user, user_privileges=user_privileges, initial=initial, data=request.POST.copy(), name_check=name_check, email_check=email_check) if form.is_valid(): logger.debug("Create experimenter form:" + str(form.cleaned_data)) omename = form.cleaned_data['omename'] firstName = form.cleaned_data['first_name'] middleName = form.cleaned_data['middle_name'] lastName = form.cleaned_data['last_name'] email = form.cleaned_data['email'] institution = form.cleaned_data['institution'] role = form.cleaned_data['role'] admin = role in ('administrator', 'restricted_administrator') active = form.cleaned_data['active'] defaultGroup = form.cleaned_data['default_group'] otherGroups = form.cleaned_data['other_groups'] password = form.cleaned_data['password'] # default group # if default group was not selected take first from the list. if defaultGroup is None: defaultGroup = otherGroups[0] privileges = conn.get_privileges_from_form(form) if privileges is not None: # Only process privileges that we have permission to set privileges = [ p for p in privileges if p in conn.getCurrentAdminPrivileges() ] # Create a User, Restricted-Admin or Admin, based on privileges conn.createExperimenter(omename, firstName, lastName, email, admin, active, defaultGroup, otherGroups, password, privileges, middleName, institution) return HttpResponseRedirect(reverse("waexperimenters")) # Handle invalid form context = {'form': form, 'can_modify_user': can_modify_user} elif action == 'edit': experimenter, defaultGroup, otherGroups, isLdapUser, hasAvatar = \ prepare_experimenter(conn, eid) try: defaultGroupId = defaultGroup.id except: defaultGroupId = None initial = { 'omename': experimenter.omeName, 'first_name': experimenter.firstName, 'middle_name': experimenter.middleName, 'last_name': experimenter.lastName, 'email': experimenter.email, 'institution': experimenter.institution, 'active': experimenter.isActive(), 'default_group': defaultGroupId, 'my_groups': otherGroups, 'other_groups': [g.id for g in otherGroups], 'groups': otherGroupsInitialList(groups) } # Load 'AdminPrivilege' roles for 'initial' privileges = conn.getAdminPrivileges(experimenter.id) for p in conn.get_privileges_for_form(privileges): initial[p] = True role = 'user' if experimenter.isAdmin(): if 'ReadSession' in privileges: role = 'administrator' else: role = 'restricted_administrator' initial['role'] = role root_id = [conn.getAdminService().getSecurityRoles().rootId] user_id = conn.getUserId() experimenter_root = long(eid) == root_id experimenter_me = long(eid) == user_id form = ExperimenterForm(can_modify_user=can_modify_user, user_privileges=user_privileges, experimenter_me=experimenter_me, experimenter_root=experimenter_root, initial=initial) password_form = ChangePassword() admin_groups = [ conn.getAdminService().getSecurityRoles().systemGroupId ] context = { 'form': form, 'eid': eid, 'ldapAuth': isLdapUser, 'can_modify_user': can_modify_user, 'password_form': password_form, 'admin_groups': admin_groups } elif action == 'save': experimenter, defaultGroup, otherGroups, isLdapUser, hasAvatar = \ prepare_experimenter(conn, eid) if request.method != 'POST': return HttpResponseRedirect( reverse(viewname="wamanageexperimenterid", args=["edit", experimenter.id])) else: name_check = conn.checkOmeName(request.POST.get('omename'), experimenter.omeName) email_check = conn.checkEmail(request.POST.get('email'), experimenter.email) my_groups = getSelectedGroups(conn, request.POST.getlist('other_groups')) initial = { 'my_groups': my_groups, 'groups': otherGroupsInitialList(groups) } form = ExperimenterForm(can_modify_user=can_modify_user, user_privileges=user_privileges, initial=initial, data=request.POST.copy(), name_check=name_check, email_check=email_check) if form.is_valid(): logger.debug("Update experimenter form:" + str(form.cleaned_data)) omename = form.cleaned_data['omename'] firstName = form.cleaned_data['first_name'] middleName = form.cleaned_data['middle_name'] lastName = form.cleaned_data['last_name'] email = form.cleaned_data['email'] institution = form.cleaned_data['institution'] role = form.cleaned_data['role'] admin = role in ('administrator', 'restricted_administrator') active = form.cleaned_data['active'] rootId = conn.getAdminService().getSecurityRoles().rootId # User can't disable themselves or 'root' if experimenter.getId() in [conn.getUserId(), rootId]: # disabled checkbox not in POST: do it manually active = True defaultGroup = form.cleaned_data['default_group'] otherGroups = form.cleaned_data['other_groups'] # default group # if default group was not selected take first from the list. if defaultGroup is None: defaultGroup = otherGroups[0] for g in groups: if long(defaultGroup) == g.id: dGroup = g break listOfOtherGroups = set() # rest of groups for g in groups: for og in otherGroups: # remove defaultGroup from otherGroups if contains if long(og) == long(dGroup.id): pass elif long(og) == g.id: listOfOtherGroups.add(g) # Update 'AdminPrivilege' config roles for user privileges = conn.get_privileges_from_form(form) if privileges is None: privileges = [] # Only process privileges that we have permission to set to_add = [] to_remove = [] for p in conn.getCurrentAdminPrivileges(): if p in privileges: to_add.append(p) else: to_remove.append(p) conn.updateAdminPrivileges(experimenter.id, to_add, to_remove) conn.updateExperimenter(experimenter, omename, firstName, lastName, email, admin, active, dGroup, listOfOtherGroups, middleName, institution) return HttpResponseRedirect(reverse("waexperimenters")) context = { 'form': form, 'eid': eid, 'ldapAuth': isLdapUser, 'can_modify_user': can_modify_user } else: return HttpResponseRedirect(reverse("waexperimenters")) context['template'] = template return context