def usergroup_edit(name, group):
space = ProposalSpace.query.filter_by(name=name).first_or_404()
form = UserGroupForm()
if group is not None:
usergroup = UserGroup.query.filter_by(name=group, proposal_space=space).first_or_404()
if request.method == 'GET':
form.name.data = usergroup.name
form.title.data = usergroup.title
form.users.data = '\r\n'.join([u.email or u.username or '' for u in usergroup.users])
if form.validate_on_submit():
if group is None:
usergroup = UserGroup(proposal_space=space)
usergroup.name = form.name.data
usergroup.title = form.title.data
formdata = [line.strip() for line in
form.users.data.replace('\r', '\n').replace(',', '\n').split('\n') if line]
usersdata = lastuser.getusers(names=formdata)
users = []
for userdata in usersdata:
user = User.query.filter_by(userid=userdata['userid']).first()
if user is None:
user = User(userid=userdata['userid'], username=userdata['name'], fullname=userdata['title'])
db.session.add(user)
users.append(user)
usergroup.users = users
db.session.commit()
return redirect(url_for('usergroup_view', name=space.name, group=usergroup.name), code=303)
if group is None:
return render_template('autoform.html', form=form, title="New user group", submit="Create")
else:
return render_template('autoform.html', form=form, title="Edit user group", submit="Save")
def group_add(request):
if request.method == 'POST':
form = UserGroupForm(request.POST)
message = None
if form.is_valid():
try:
if form.data['name'] == 'admin':
message = _("Admin is a reserved group")
raise Exception
if _valid_name_regex.search(form.data['name']) == None:
message = _("Invalid user group name: '{value}'. Identifiers must begin with a letter or an underscore (_). Subsequent characters can be letters, underscores or numbers").format(value=form.data['name'])
raise Exception
group = UserGroup(
name = form.data['name'],
description = form.data['description']
)
group.save()
core_services.ldap_add_group(group)
core_services.add_data_directory(group)
return redirect('group_list')
except Exception as e:
print str(e)
return render_to_response('group_add.html', {'form': form, 'message': message}, context_instance=RequestContext(request))
else:
return render_to_response('group_add.html', {'form': form}, context_instance=RequestContext(request))
else:
form = UserGroupForm()
return render_to_response('group_add.html', {'form': form}, context_instance=RequestContext(request))
def post(self):
form = UserGroupForm(data=request.get_json())
if not form.validate():
abort(400)
group = UserGroup(**form.data)
db.session.add(group)
db.session.commit()
response = jsonify(**group.to_dict())
response.status_code = 201
response.headers.add("Location", f"groups/{group.id}")
return response
def put(self, group_id):
group = UserGroup.query.filter_by(id=int(group_id)).first()
if not group:
abort(404)
form = UserGroupForm(data=request.get_json())
if not form.validate():
abort(400)
columns_keys = UserGroup.__table__.columns.keys()
for field in columns_keys:
if field in form.data:
setattr(group, field, form.data[field])
db.session.commit()
response = jsonify(group.to_dict())
response.status_code = 200
return response
def usergroup_edit(name, group):
space = ProposalSpace.query.filter_by(name=name).first_or_404()
form = UserGroupForm()
if group is not None:
usergroup = UserGroup.query.filter_by(
name=group, proposal_space=space).first_or_404()
if request.method == 'GET':
form.name.data = usergroup.name
form.title.data = usergroup.title
form.users.data = '\r\n'.join(
[u.email or u.username or '' for u in usergroup.users])
if form.validate_on_submit():
if group is None:
usergroup = UserGroup(proposal_space=space)
usergroup.name = form.name.data
usergroup.title = form.title.data
formdata = [
line.strip() for line in form.users.data.replace(
'\r', '\n').replace(',', '\n').split('\n') if line
]
usersdata = lastuser.getusers(names=formdata)
users = []
for userdata in usersdata:
user = User.query.filter_by(userid=userdata['userid']).first()
if user is None:
user = User(userid=userdata['userid'],
username=userdata['name'],
fullname=userdata['title'])
db.session.add(user)
users.append(user)
usergroup.users = users
db.session.commit()
return redirect(url_for('usergroup_view',
name=space.name,
group=usergroup.name),
code=303)
if group is None:
return render_template('autoform.html',
form=form,
title="New user group",
submit="Create")
else:
return render_template('autoform.html',
form=form,
title="Edit user group",
submit="Save")
def vet_user(request, user_id):
user = User.objects.get(pk=user_id)
try:
rating = OrganisationalRating.objects.get(user=user)
except OrganisationalRating.DoesNotExist:
rating = None
msg = ''
if request.method == 'POST':
form = VettingForm(request.POST, instance=rating)
group_form = UserGroupForm(request.POST, instance=user)
msg = None
if form.is_valid() and group_form.is_valid():
if not rating:
rating = form.save(commit=False)
rating.user_id = user.id
rating.save()
else:
form.save()
group_form.save()
user.save()
typeuser = ContentType.objects.filter(name='user').all()[0]
log = LogEntry(user_id=request.user.id,
content_type=typeuser,
object_id=user.id,
object_repr=user.username,
action_flag=2,
change_message="vetted")
log.save()
msg = 'User updated'
else:
form = VettingForm(instance=rating)
group_form = UserGroupForm(instance=user)
email_verified = EmailAddress.objects.filter(user=user, verified=True).exists()
ctx = {
'email_verified': email_verified,
'original': user,
'user': user,
'form': form,
'group_form': group_form,
'msg': msg,
'vetted': user.is_active
}
return render_to_response('admin/auth/user/vet_user.html', ctx, context_instance=RequestContext(request))
def usergroup_add(request):
"""View for adding new user group"""
if request.method == 'POST':
form = UserGroupForm(request.POST)
if form.is_valid():
username = request.user.username
groupname = form.cleaned_data['groupname']
group = LdapUserGroup(name=groupname, owner=username, members=[])
try:
group.save()
except ldap.ALREADY_EXISTS:
return usergroups(request, err={'err': 'usergroup_exist'})
return usergroups(request, usergroup_modification={'groupname': groupname, 'modification': 'add'})
else:
form = UserGroupForm()
return render_to_response('group_add.html', {'form': form,}, context_instance=RequestContext(request))
def vet_user(request, user_id):
user = User.objects.get(pk=user_id)
try:
rating = OrganisationalRating.objects.get(user=user)
except OrganisationalRating.DoesNotExist:
rating = None
msg = ''
if request.method == 'POST':
form = VettingForm(request.POST, instance=rating)
group_form = UserGroupForm(request.POST, instance=user)
msg = None
if form.is_valid() and group_form.is_valid():
if not rating:
rating = form.save(commit=False)
rating.user_id = user.id
rating.save()
else:
form.save()
group_form.save()
user.save()
typeuser = ContentType.objects.filter(name='user').all()[0]
log = LogEntry(user_id=request.user.id,
content_type=typeuser,
object_id=user.id,
object_repr=user.username,
action_flag=2,
change_message="vetted")
log.save()
msg = 'User updated'
else:
form = VettingForm(instance=rating)
group_form = UserGroupForm(instance=user)
email_verified = EmailAddress.objects.filter(user=user,
verified=True).exists()
ctx = {
'email_verified': email_verified,
'original': user,
'user': user,
'form': form,
'group_form': group_form,
'msg': msg,
'vetted': user.is_active
}
return render_to_response('admin/auth/user/vet_user.html',
ctx,
context_instance=RequestContext(request))