def post(self, request, username_or_email): """Allows support staff to disable a user's account.""" user = get_user_model().objects.get( Q(username=username_or_email) | Q(email=username_or_email)) comment = request.data.get("comment") if user.has_usable_password(): user.set_unusable_password() UserPasswordToggleHistory.objects.create(user=user, comment=comment, created_by=request.user, disabled=True) retire_dot_oauth2_models(request.user) else: user.set_password(generate_password(length=25)) UserPasswordToggleHistory.objects.create(user=user, comment=comment, created_by=request.user, disabled=False) user.save() if user.has_usable_password(): password_status = _('Usable') msg = _('User Enabled Successfully') else: password_status = _('Unusable') msg = _('User Disabled Successfully') return JsonResponse({'success_msg': msg, 'status': password_status})
def post(self, request): """ POST /api/user/v1/accounts/deactivate_logout/ Marks the user as having no password set for deactivation purposes, and logs the user out. """ user_model = get_user_model() try: # Get the username from the request and check that it exists verify_user_password_response = self._verify_user_password(request) if verify_user_password_response.status_code != status.HTTP_204_NO_CONTENT: return verify_user_password_response with transaction.atomic(): UserRetirementStatus.create_retirement(request.user) # Unlink LMS social auth accounts UserSocialAuth.objects.filter(user_id=request.user.id).delete() # Change LMS password & email user_email = request.user.email request.user.email = get_retired_email_by_email(request.user.email) request.user.save() _set_unusable_password(request.user) # TODO: Unlink social accounts & change password on each IDA. # Remove the activation keys sent by email to the user for account activation. Registration.objects.filter(user=request.user).delete() # Add user to retirement queue. # Delete OAuth tokens associated with the user. retire_dop_oauth2_models(request.user) retire_dot_oauth2_models(request.user) try: # Send notification email to user site = Site.objects.get_current() notification_context = get_base_template_context(site) notification_context.update({'full_name': request.user.profile.name}) notification = DeletionNotificationMessage().personalize( recipient=Recipient(username='', email_address=user_email), language=request.user.profile.language, user_context=notification_context, ) ace.send(notification) except Exception as exc: log.exception('Error sending out deletion notification email') raise # Log the user out. logout(request) return Response(status=status.HTTP_204_NO_CONTENT) except KeyError: return Response(u'Username not specified.', status=status.HTTP_404_NOT_FOUND) except user_model.DoesNotExist: return Response( u'The user "{}" does not exist.'.format(request.user.username), status=status.HTTP_404_NOT_FOUND ) except Exception as exc: # pylint: disable=broad-except return Response(text_type(exc), status=status.HTTP_500_INTERNAL_SERVER_ERROR)
def deactivate_user(user): """ Deactivate and retire the given user """ user_model = get_user_model() try: with transaction.atomic(): UserRetirementStatus.create_retirement(user) # Unlink LMS social auth accounts UserSocialAuth.objects.filter(user_id=user.id).delete() # Change LMS password & email user_email = user.email user.email = get_retired_email_by_email(user.email) user.save() _set_unusable_password(user) # TODO: Unlink social accounts & change password on each IDA. # Remove the activation keys sent by email to the user for account activation. Registration.objects.filter(user=user).delete() # Add user to retirement queue. # Delete OAuth tokens associated with the user. retire_dop_oauth2_models(user) retire_dot_oauth2_models(user) try: # Send notification email to user site = Site.objects.get_current() notification_context = get_base_template_context(site) notification_context.update({'full_name': user.profile.name}) notification_context.update({ 'reset_password_link': urlparse.urljoin( settings.PROGS_URLS.get("ROOT"), settings.PROGS_URLS.get("PROG_RESET_PASSWORD", "reset_password")) }) notification = DeletionNotificationMessage().personalize( recipient=Recipient(username='', email_address=user_email), language=user.profile.language, user_context=notification_context, ) ace.send(notification) except Exception as exc: log.exception('Error sending out deletion notification email') raise return Response(status=status.HTTP_204_NO_CONTENT) except KeyError: return Response(u'Username not specified.', status=status.HTTP_404_NOT_FOUND) except user_model.DoesNotExist: return Response(u'The user "{}" does not exist.'.format(user.username), status=status.HTTP_404_NOT_FOUND) except Exception as exc: # pylint: disable=broad-except return Response(text_type(exc), status=status.HTTP_500_INTERNAL_SERVER_ERROR)
def handle(self, *args, **options): """ Execute the command. """ username = options['username'] user_email = options['user_email'] try: user = User.objects.get(username=username, email=user_email) except: error_message = ( 'Could not find a user with specified username and email ' 'address. Make sure you have everything correct before ' 'trying again') logger.error(error_message) raise CommandError(error_message) # lint-amnesty, pylint: disable=raise-missing-from user_model = get_user_model() try: with transaction.atomic(): # Add user to retirement queue. UserRetirementStatus.create_retirement(user) # Unlink LMS social auth accounts UserSocialAuth.objects.filter(user_id=user.id).delete() # Change LMS password & email user.email = get_retired_email_by_email(user.email) user.set_unusable_password() user.save() # TODO: Unlink social accounts & change password on each IDA. # Remove the activation keys sent by email to the user for account activation. Registration.objects.filter(user=user).delete() # Delete OAuth tokens associated with the user. retire_dot_oauth2_models(user) AccountRecovery.retire_recovery_email(user.id) except KeyError: error_message = 'Username not specified {}'.format(user) logger.error(error_message) raise CommandError(error_message) # lint-amnesty, pylint: disable=raise-missing-from except user_model.DoesNotExist: error_message = 'The user "{}" does not exist.'.format( user.username) logger.error(error_message) raise CommandError(error_message) # lint-amnesty, pylint: disable=raise-missing-from except Exception as exc: # pylint: disable=broad-except error_message = '500 error deactivating account {}'.format(exc) logger.error(error_message) raise CommandError(error_message) # lint-amnesty, pylint: disable=raise-missing-from logger.info("User succesfully moved to the retirment pipeline")
def post(self, request): """ POST /api/user/v1/accounts/deactivate_logout/ Marks the user as having no password set for deactivation purposes, and logs the user out. """ user_model = get_user_model() try: # Get the username from the request and check that it exists verify_user_password_response = self._verify_user_password(request) if verify_user_password_response.status_code != status.HTTP_204_NO_CONTENT: return verify_user_password_response with transaction.atomic(): UserRetirementStatus.create_retirement(request.user) # Unlink LMS social auth accounts UserSocialAuth.objects.filter(user_id=request.user.id).delete() # Change LMS password & email request.user.email = get_retired_email_by_email( request.user.email) request.user.save() _set_unusable_password(request.user) # TODO: Unlink social accounts & change password on each IDA. # Remove the activation keys sent by email to the user for account activation. Registration.objects.filter(user=request.user).delete() # Add user to retirement queue. # Delete OAuth tokens associated with the user. retire_dop_oauth2_models(request.user) retire_dot_oauth2_models(request.user) # Log the user out. logout(request) return Response(status=status.HTTP_204_NO_CONTENT) except KeyError: return Response(u'Username not specified.', status=status.HTTP_404_NOT_FOUND) except user_model.DoesNotExist: return Response(u'The user "{}" does not exist.'.format( request.user.username), status=status.HTTP_404_NOT_FOUND) except Exception as exc: # pylint: disable=broad-except return Response(text_type(exc), status=status.HTTP_500_INTERNAL_SERVER_ERROR)
def post(self, request): """ POST /api/user/v1/accounts/deactivate_logout/ Marks the user as having no password set for deactivation purposes, and logs the user out. """ user_model = get_user_model() try: # Get the username from the request and check that it exists verify_user_password_response = self._verify_user_password(request) if verify_user_password_response.status_code != status.HTTP_204_NO_CONTENT: return verify_user_password_response with transaction.atomic(): UserRetirementStatus.create_retirement(request.user) # Unlink LMS social auth accounts UserSocialAuth.objects.filter(user_id=request.user.id).delete() # Change LMS password & email request.user.email = get_retired_email_by_email(request.user.email) request.user.save() _set_unusable_password(request.user) # TODO: Unlink social accounts & change password on each IDA. # Remove the activation keys sent by email to the user for account activation. Registration.objects.filter(user=request.user).delete() # Add user to retirement queue. # Delete OAuth tokens associated with the user. retire_dop_oauth2_models(request.user) retire_dot_oauth2_models(request.user) # Log the user out. logout(request) return Response(status=status.HTTP_204_NO_CONTENT) except KeyError: return Response(u'Username not specified.', status=status.HTTP_404_NOT_FOUND) except user_model.DoesNotExist: return Response( u'The user "{}" does not exist.'.format(request.user.username), status=status.HTTP_404_NOT_FOUND ) except Exception as exc: # pylint: disable=broad-except return Response(text_type(exc), status=status.HTTP_500_INTERNAL_SERVER_ERROR)
def create_retirement_request_and_deactivate_account(user): """ Adds user to retirement queue, unlinks social auth accounts, changes user passwords and delete tokens and activation keys """ # Add user to retirement queue. UserRetirementStatus.create_retirement(user) # Unlink LMS social auth accounts UserSocialAuth.objects.filter(user_id=user.id).delete() # Change LMS password & email user.email = get_retired_email_by_email(user.email) user.set_unusable_password() user.save() # TODO: Unlink social accounts & change password on each IDA. # Remove the activation keys sent by email to the user for account activation. Registration.objects.filter(user=user).delete() # Delete OAuth tokens associated with the user. retire_dot_oauth2_models(user) AccountRecovery.retire_recovery_email(user.id)
def delete_edxapp_user(*args, **kwargs): """ Deletes a user from the platform. """ msg = None user = kwargs.get("user") case_id = kwargs.get("case_id") site = kwargs.get("site") is_support_user = kwargs.get("is_support_user") user_response = "The user {username} <{email}> ".format( username=user.username, email=user.email) signup_sources = user.usersignupsource_set.all() sources = [signup_source.site for signup_source in signup_sources] if site and site.name.upper() in (source.upper() for source in sources): if len(sources) == 1: with transaction.atomic(): support_label = "_support" if is_support_user else "" user.email = "{email}{case}.ednx{support}_retired".format( email=user.email, case=case_id, support=support_label, ) user.save() # Add user to retirement queue. UserRetirementStatus.create_retirement(user) # Unlink LMS social auth accounts UserSocialAuth.objects.filter(user_id=user.id).delete() # Change LMS password & email user.email = get_retired_email_by_email(user.email) user.save() _set_unusable_password(user) # Remove the activation keys sent by email to the user for account activation. Registration.objects.filter(user=user).delete() # Delete OAuth tokens associated with the user. retire_dot_oauth2_models(user) # Delete user signup source object signup_sources[0].delete() msg = "{user} has been removed".format(user=user_response) else: for signup_source in signup_sources: if signup_source.site.upper() == site.name.upper(): signup_source.delete() msg = "{user} has more than one signup source. The signup source from the site {site} has been deleted".format( user=user_response, site=site, ) return msg, status.HTTP_200_OK raise NotFound( "{user} does not have a signup source on the site {site}".format( user=user_response, site=site))