def profile(request):
_ensure_own_team(request)
profile = request.profile
ctx = {
"page": "profile",
"profile": profile,
"show_api_key": False,
"api_status": "default",
"team_status": "default"
}
if request.method == "POST":
if "change_email" in request.POST:
profile.send_change_email_link()
return redirect("hc-link-sent")
elif "set_password" in request.POST:
profile.send_set_password_link()
return redirect("hc-link-sent")
elif "create_api_key" in request.POST:
profile.set_api_key()
ctx["show_api_key"] = True
ctx["api_key_created"] = True
ctx["api_status"] = "success"
elif "revoke_api_key" in request.POST:
profile.api_key = ""
profile.save()
ctx["api_key_revoked"] = True
ctx["api_status"] = "info"
elif "show_api_key" in request.POST:
ctx["show_api_key"] = True
elif "invite_team_member" in request.POST:
if not profile.can_invite():
return HttpResponseForbidden()
form = InviteTeamMemberForm(request.POST)
if form.is_valid():
email = form.cleaned_data["email"]
try:
user = User.objects.get(email=email)
except User.DoesNotExist:
user = _make_user(email)
profile.invite(user)
ctx["team_member_invited"] = email
ctx["team_status"] = "success"
elif "remove_team_member" in request.POST:
form = RemoveTeamMemberForm(request.POST)
if form.is_valid():
email = form.cleaned_data["email"]
farewell_user = User.objects.get(email=email)
farewell_user.profile.current_team = None
farewell_user.profile.save()
Member.objects.filter(team=profile,
user=farewell_user).delete()
ctx["team_member_removed"] = email
ctx["team_status"] = "info"
elif "set_team_name" in request.POST:
form = TeamNameForm(request.POST)
if form.is_valid():
profile.team_name = form.cleaned_data["team_name"]
profile.save()
ctx["team_name_updated"] = True
ctx["team_status"] = "success"
return render(request, "accounts/profile.html", ctx)
def project(request, code):
if request.user.is_superuser:
q = Project.objects
else:
q = request.profile.projects()
try:
project = q.get(code=code)
except Project.DoesNotExist:
return HttpResponseNotFound()
is_owner = project.owner_id == request.user.id
ctx = {
"page": "project",
"project": project,
"is_owner": is_owner,
"show_api_keys": "show_api_keys" in request.GET,
"project_name_status": "default",
"api_status": "default",
"team_status": "default",
}
if request.method == "POST":
if "create_api_keys" in request.POST:
project.set_api_keys()
project.save()
ctx["show_api_keys"] = True
ctx["api_keys_created"] = True
ctx["api_status"] = "success"
elif "revoke_api_keys" in request.POST:
project.api_key = ""
project.api_key_readonly = ""
project.save()
ctx["api_keys_revoked"] = True
ctx["api_status"] = "info"
elif "show_api_keys" in request.POST:
ctx["show_api_keys"] = True
elif "invite_team_member" in request.POST:
if not is_owner or not project.can_invite():
return HttpResponseForbidden()
form = InviteTeamMemberForm(request.POST)
if form.is_valid():
if not TokenBucket.authorize_invite(request.user):
return render(request, "try_later.html")
email = form.cleaned_data["email"]
try:
user = User.objects.get(email=email)
except User.DoesNotExist:
user = _make_user(email, with_project=False)
project.invite(user)
ctx["team_member_invited"] = email
ctx["team_status"] = "success"
elif "remove_team_member" in request.POST:
if not is_owner:
return HttpResponseForbidden()
form = RemoveTeamMemberForm(request.POST)
if form.is_valid():
q = User.objects
q = q.filter(email=form.cleaned_data["email"])
q = q.filter(memberships__project=project)
farewell_user = q.first()
if farewell_user is None:
return HttpResponseBadRequest()
farewell_user.profile.current_project = None
farewell_user.profile.save()
Member.objects.filter(project=project,
user=farewell_user).delete()
ctx["team_member_removed"] = form.cleaned_data["email"]
ctx["team_status"] = "info"
elif "set_project_name" in request.POST:
form = ProjectNameForm(request.POST)
if form.is_valid():
project.name = form.cleaned_data["name"]
project.save()
if request.profile.current_project == project:
request.profile.current_project.name = project.name
ctx["project_name_updated"] = True
ctx["project_name_status"] = "success"
# Count members right before rendering the template, in case
# we just invited or removed someone
ctx["num_members"] = project.member_set.count()
return render(request, "accounts/project.html", ctx)
def profile(request):
profile = request.user.profile
# Switch user back to its default team
if profile.current_team_id != profile.id:
request.team = profile
profile.current_team_id = profile.id
profile.save()
show_api_key = False
if request.method == "POST":
if "set_password" in request.POST:
profile.send_set_password_link()
return redirect("hc-set-password-link-sent")
elif "create_api_key" in request.POST:
profile.set_api_key()
show_api_key = True
messages.success(request, "The API key has been created!")
elif "revoke_api_key" in request.POST:
profile.api_key = ""
profile.save()
messages.info(request, "The API key has been revoked!")
elif "show_api_key" in request.POST:
show_api_key = True
elif "update_reports_allowed" in request.POST:
form = ReportSettingsForm(request.POST)
if form.is_valid():
profile.reports_allowed = form.cleaned_data["reports_allowed"]
profile.save()
messages.success(request, "Your settings have been updated!")
elif "invite_team_member" in request.POST:
if not profile.team_access_allowed:
return HttpResponseForbidden()
form = InviteTeamMemberForm(request.POST)
if form.is_valid():
email = form.cleaned_data["email"]
try:
user = User.objects.get(email=email)
except User.DoesNotExist:
user = _make_user(email)
profile.invite(user)
messages.success(request, "Invitation to %s sent!" % email)
elif "remove_team_member" in request.POST:
form = RemoveTeamMemberForm(request.POST)
if form.is_valid():
email = form.cleaned_data["email"]
farewell_user = User.objects.get(email=email)
farewell_user.profile.current_team = None
farewell_user.profile.save()
Member.objects.filter(team=profile,
user=farewell_user).delete()
messages.info(request, "%s removed from team!" % email)
elif "set_team_name" in request.POST:
if not profile.team_access_allowed:
return HttpResponseForbidden()
form = TeamNameForm(request.POST)
if form.is_valid():
profile.team_name = form.cleaned_data["team_name"]
profile.save()
messages.success(request, "Team Name updated!")
tags = set()
for check in Check.objects.filter(user=request.team.user):
tags.update(check.tags_list())
username = request.team.user.username
badge_urls = []
for tag in sorted(tags, key=lambda s: s.lower()):
if not re.match("^[\w-]+$", tag):
continue
badge_urls.append(get_badge_url(username, tag))
ctx = {
"page": "profile",
"badge_urls": badge_urls,
"profile": profile,
"show_api_key": show_api_key
}
return render(request, "accounts/profile.html", ctx)
def project(request, code):
project = Project.objects.get(code=code, owner_id=request.user.id)
ctx = {
"page": "profile",
"project": project,
"show_api_keys": False,
"project_name_status": "default",
"api_status": "default",
"team_status": "default"
}
if request.method == "POST":
if "create_api_keys" in request.POST:
project.set_api_keys()
project.save()
ctx["show_api_keys"] = True
ctx["api_keys_created"] = True
ctx["api_status"] = "success"
elif "revoke_api_keys" in request.POST:
project.api_key = ""
project.api_key_readonly = ""
project.save()
ctx["api_keys_revoked"] = True
ctx["api_status"] = "info"
elif "show_api_keys" in request.POST:
ctx["show_api_keys"] = True
elif "invite_team_member" in request.POST:
if not project.can_invite():
return HttpResponseForbidden()
form = InviteTeamMemberForm(request.POST)
if form.is_valid():
email = form.cleaned_data["email"]
try:
user = User.objects.get(email=email)
except User.DoesNotExist:
user = _make_user(email)
project.invite(user)
ctx["team_member_invited"] = email
ctx["team_status"] = "success"
elif "remove_team_member" in request.POST:
form = RemoveTeamMemberForm(request.POST)
if form.is_valid():
email = form.cleaned_data["email"]
farewell_user = User.objects.get(email=email)
farewell_user.profile.current_project = None
farewell_user.profile.save()
Member.objects.filter(project=project,
user=farewell_user).delete()
ctx["team_member_removed"] = email
ctx["team_status"] = "info"
elif "set_project_name" in request.POST:
form = ProjectNameForm(request.POST)
if form.is_valid():
project.name = form.cleaned_data["name"]
project.save()
if request.project.id == project.id:
request.project = project
ctx["project_name_updated"] = True
ctx["project_name_status"] = "success"
# Count members right before rendering the template, in case
# we just invited or removed someone
ctx["num_members"] = project.member_set.count()
return render(request, "accounts/project.html", ctx)
def project(request, code):
if request.user.is_superuser:
q = Project.objects
else:
q = request.profile.projects()
try:
project = q.get(code=code)
except Project.DoesNotExist:
return HttpResponseNotFound()
is_owner = project.owner_id == request.user.id
invite_suggestions = project.invite_suggestions()
ctx = {
"page": "project",
"project": project,
"is_owner": is_owner,
"show_api_keys": "show_api_keys" in request.GET,
"project_name_status": "default",
"api_status": "default",
"team_status": "default",
"invite_suggestions": invite_suggestions,
}
if request.method == "POST":
if "create_api_keys" in request.POST:
project.set_api_keys()
project.save()
ctx["show_api_keys"] = True
ctx["api_keys_created"] = True
ctx["api_status"] = "success"
elif "revoke_api_keys" in request.POST:
project.api_key = ""
project.api_key_readonly = ""
project.save()
ctx["api_keys_revoked"] = True
ctx["api_status"] = "info"
elif "show_api_keys" in request.POST:
ctx["show_api_keys"] = True
elif "invite_team_member" in request.POST:
if not is_owner:
return HttpResponseForbidden()
form = InviteTeamMemberForm(request.POST)
if form.is_valid():
email = form.cleaned_data["email"]
if not invite_suggestions.filter(email=email).exists():
# We're inviting a new user. Are we within team size limit?
if not project.can_invite_new_users():
return HttpResponseForbidden()
# And are we not hitting a rate limit?
if not TokenBucket.authorize_invite(request.user):
return render(request, "try_later.html")
try:
user = User.objects.get(email=email)
except User.DoesNotExist:
user = _make_user(email, with_project=False)
project.invite(user)
ctx["team_member_invited"] = email
ctx["team_status"] = "success"
elif "remove_team_member" in request.POST:
if not is_owner:
return HttpResponseForbidden()
form = RemoveTeamMemberForm(request.POST)
if form.is_valid():
q = User.objects
q = q.filter(email=form.cleaned_data["email"])
q = q.filter(memberships__project=project)
farewell_user = q.first()
if farewell_user is None:
return HttpResponseBadRequest()
Member.objects.filter(project=project, user=farewell_user).delete()
ctx["team_member_removed"] = form.cleaned_data["email"]
ctx["team_status"] = "info"
elif "set_project_name" in request.POST:
form = ProjectNameForm(request.POST)
if form.is_valid():
project.name = form.cleaned_data["name"]
project.save()
ctx["project_name_updated"] = True
ctx["project_name_status"] = "success"
return render(request, "accounts/project.html", ctx)
def profile(request):
_ensure_own_team(request)
profile = request.profile
ctx = {
"page": "profile",
"profile": profile,
"show_api_key": False,
"api_status": "default",
"team_status": "default"
}
if request.method == "POST":
if "change_email" in request.POST:
profile.send_change_email_link()
return redirect("hc-link-sent")
elif "set_password" in request.POST:
profile.send_set_password_link()
return redirect("hc-link-sent")
elif "create_api_key" in request.POST:
profile.set_api_key()
ctx["show_api_key"] = True
ctx["api_key_created"] = True
ctx["api_status"] = "success"
elif "revoke_api_key" in request.POST:
profile.api_key = ""
profile.save()
ctx["api_key_revoked"] = True
ctx["api_status"] = "info"
elif "show_api_key" in request.POST:
ctx["show_api_key"] = True
elif "invite_team_member" in request.POST:
if not profile.can_invite():
return HttpResponseForbidden()
form = InviteTeamMemberForm(request.POST)
if form.is_valid():
email = form.cleaned_data["email"]
try:
user = User.objects.get(email=email)
except User.DoesNotExist:
user = _make_user(email)
profile.invite(user)
ctx["team_member_invited"] = email
ctx["team_status"] = "success"
elif "remove_team_member" in request.POST:
form = RemoveTeamMemberForm(request.POST)
if form.is_valid():
email = form.cleaned_data["email"]
farewell_user = User.objects.get(email=email)
farewell_user.profile.current_team = None
farewell_user.profile.save()
Member.objects.filter(team=profile,
user=farewell_user).delete()
ctx["team_member_removed"] = email
ctx["team_status"] = "info"
elif "set_team_name" in request.POST:
form = TeamNameForm(request.POST)
if form.is_valid():
profile.team_name = form.cleaned_data["team_name"]
profile.save()
ctx["team_name_updated"] = True
ctx["team_status"] = "success"
return render(request, "accounts/profile.html", ctx)
def profile(request):
profile = request.user.profile
# Switch user back to its default team
if profile.current_team_id != profile.id:
request.team = profile
profile.current_team_id = profile.id
profile.save()
show_api_key = False
if request.method == "POST":
if "set_password" in request.POST:
profile.send_set_password_link()
return redirect("hc-set-password-link-sent")
elif "create_api_key" in request.POST:
profile.set_api_key()
show_api_key = True
messages.success(request, "The API key has been created!")
elif "revoke_api_key" in request.POST:
profile.api_key = ""
profile.save()
messages.info(request, "The API key has been revoked!")
elif "show_api_key" in request.POST:
show_api_key = True
elif "invite_team_member" in request.POST:
if not profile.team_access_allowed:
return HttpResponseForbidden()
form = InviteTeamMemberForm(request.POST)
if form.is_valid():
email = form.cleaned_data["email"]
try:
user = User.objects.get(email=email)
except User.DoesNotExist:
user = _make_user(email)
profile.invite(user)
messages.success(request, "Invitation to %s sent!" % email)
elif "remove_team_member" in request.POST:
form = RemoveTeamMemberForm(request.POST)
if form.is_valid():
email = form.cleaned_data["email"]
farewell_user = User.objects.get(email=email)
farewell_user.profile.current_team = None
farewell_user.profile.save()
Member.objects.filter(team=profile,
user=farewell_user).delete()
messages.info(request, "%s removed from team!" % email)
elif "set_team_name" in request.POST:
if not profile.team_access_allowed:
return HttpResponseForbidden()
form = TeamNameForm(request.POST)
if form.is_valid():
profile.team_name = form.cleaned_data["team_name"]
profile.save()
messages.success(request, "Team Name updated!")
ctx = {
"page": "profile",
"profile": profile,
"show_api_key": show_api_key
}
return render(request, "accounts/profile.html", ctx)