コード例 #1
0
ファイル: userView.py プロジェクト: wang125309/base
def insert_user(request):
    user_id = get_params(request, "user_id")
    password = get_params(request, "password")
    m = hashlib.md5()
    m.update(password)
    password = str(m.hexdigest())
    email = get_params(request, "email")
    mobile = get_params(request, "mobile")
    name = get_params(request, "name")
    id_card = get_params(request, "id_card")
    age = get_params(request, "age")
    sex = get_params(request, "sex")
    exist_user = User.objects.filter(user_id=user_id)
    if len(exist_user):
        return JsonResponse({
            "error_no": REQUEST_ERROR,
            "message": USER_EXISTS
        })
    else:
        u = User(user_id=user_id, name=name, mobile=mobile, email=email, sex=sex, age=age, id_card=id_card)
        u.save()
        upf = UserProfile(user=u, password=password)
        upf.save()
    return JsonResponse({
        "error_no": REQUEST_SUCCESS
    })
コード例 #2
0
    def test_student_edit_info_leak(self):
        c = Client()
        t_email, t_pass = signup_teacher_directly()
        c.login(email=t_email, password=t_pass)
        profile = UserProfile(user=User.objects.create_user("test"))
        profile.save()
        stu = Student(user=profile)
        stu.save()

        self.assertEqual(
            c.get(reverse("teacher_edit_student", kwargs={"pk": "9999"})).status_code,
            c.get(reverse("teacher_edit_student", kwargs={"pk": stu.pk})).status_code,
        )
コード例 #3
0
	def signup(self, request, user):
		acct = Account.objects.filter(
			name = self.cleaned_data['account_name'],
			verification = self.cleaned_data['account_verifification_key'],
			)
		if len(acct) <> 0:		
			user.first_name = self.cleaned_data['first_name']
			user.last_name = self.cleaned_data['last_name']
			user.save()
			up = UserProfile(user=user)
			up.save()
			# Associate existing account with new user
			#acct[0].holder = up
			#acct[0].save()
		return user	
コード例 #4
0
ファイル: user.py プロジェクト: faulteh/albatross
def edit_user(request):
  # This stuff is on pretty much every page, should really put it in it's own function
  context = RequestContext(request)
  context_dict = { 'pagetitle': 'Threatened Species Portal',
        'pagemsg': 'Add New Animal',
        }
  dataset_list = AnimalDataset.objects.order_by('name')

  # shows user details
  uo = request.user
  context_dict['user']= uo
  up = UserProfile.objects.get(user=uo)

  # Grabs current dataset (if not available set it)
  if (request.session.get('cur_ds') is None):
    if (up.default_dataset is None):
      request.session['cur_ds'] = 1
    else:
      request.session['cur_ds'] = up.default_dataset.pk

  # Prepare the context
  cur_ds = AnimalDataset.objects.get(pk=request.session.get('cur_ds'))
  context_dict['cur_ds'] = cur_ds
  context_dict['datasets'] = dataset_list
  context_dict['defaultds'] = up.default_dataset

  # Determine if user is admin, if not redirect to no_perms page
  if request.user.is_superuser and request.method == 'POST':
   # FROM VALIDATION
   
   id = request.POST['id']
   
   user_username = request.POST['username']
   user_first_name = request.POST['first_name']
   user_last_name = request.POST['last_name']
   user_email = request.POST['email']
   user_organisation = request.POST['organisation']
   user_phone = request.POST['phone']
   user_password = request.POST['password']
   user_confirm_password = request.POST['confirm_password']
   user_perm = json.loads(request.POST['perm-field'])
 
   if request.POST.get('active', 0):
    user_active = True
   else:
    user_active = False   
   if request.POST.get('administrator', 0):
    user_administrator = True
   else:
    user_administrator = False
   user_default = request.POST.get('default', 0)
   print "default ds id: " + str(user_default)
      
   ## validation
 
   if user_password != user_confirm_password:
    return HttpResponse("Passwords don't match!") 
   # get the object for the default dataset so we can save it to user profile
   if user_default != 0:
    default_ds = AnimalDataset.objects.get(pk=user_default)

   user_password = make_password(user_password)
   ##if statement here
   if request.POST.get("new"):
     if request.POST['password']=="":
      return HttpResponse("Can not create a user without a password")

   ## add user to database
     u = User(username=user_username, first_name=user_first_name, last_name=user_last_name, email=user_email, password=user_password, is_active=user_active, is_superuser=user_administrator, is_staff=user_administrator)
     u.save()
     if request.POST.get('default_dataset', False):
       user_default_dataset = AnimalDataset.objects.get(id=request.POST['default_dataset'])
       up = UserProfile(user=u, organisation=user_organisation, phone=user_phone, default_dataset=user_default_dataset)
     else:
       user_default_dataset = AnimalDataset.objects.get(id=1)
       #TO DO - the edit user will not render if a default dataset is not picked - however we need to decide what it should be set to if they do not pick one
       up = UserProfile(user=u, organisation=user_organisation, phone=user_phone,default_dataset=user_default_dataset)
     up.save()
     print "save!"
     user = User.objects.get(username=user_username)
     user.email=""
     

     #Add user to groups in perm-field
     for p in user_perm:
       g = Group.objects.get(name=p)
       user.groups.add(g)
     user.save()
  

     context_dict['info_msg'] = "Successfully created user"
   else: 
  
     uo = User.objects.get(id=id)
     up = UserProfile.objects.get(user=uo)

     uo.username = user_username
     uo.first_name = user_first_name
     uo.last_name =  user_last_name
     uo.email = user_email
     uo.is_active = user_active
     uo.is_superuser = user_administrator
     uo.is_staff = user_administrator
     if request.POST["password"]!="":
      uo.password = user_password

     up.organisation = user_organisation
     up.phone = user_phone
     if request.POST.get('default_dataset'):
       dds = AnimalDataset.objects.get(id=request.POST['default_dataset'])
       up.default_dataset = dds

     up.save()

     #Clear user's perm groups
     old_perm = uo.groups.all()
     for p in old_perm:
       p.user_set.remove(uo)

     #Add user to groups in perm-field
     for p in user_perm:
       g = Group.objects.get(name=p)
       uo.groups.add(g)
     uo.save()

     context_dict['info_msg'] = "Successfully updated user"
#if ends here
   # Display User List
   users_list = User.objects.order_by('username')
   context_dict['users'] = users_list

   return render_to_response("user_list.html", context_dict, context)
  else:
    return HttpResponse("Not superuser or POST method")