def edit_user(request): # This stuff is on pretty much every page, should really put it in it's own function context = RequestContext(request) context_dict = { 'pagetitle': 'Threatened Species Portal', 'pagemsg': 'Add New Animal', } dataset_list = AnimalDataset.objects.order_by('name') # shows user details uo = request.user context_dict['user']= uo up = UserProfile.objects.get(user=uo) # Grabs current dataset (if not available set it) if (request.session.get('cur_ds') is None): if (up.default_dataset is None): request.session['cur_ds'] = 1 else: request.session['cur_ds'] = up.default_dataset.pk # Prepare the context cur_ds = AnimalDataset.objects.get(pk=request.session.get('cur_ds')) context_dict['cur_ds'] = cur_ds context_dict['datasets'] = dataset_list context_dict['defaultds'] = up.default_dataset # Determine if user is admin, if not redirect to no_perms page if request.user.is_superuser and request.method == 'POST': # FROM VALIDATION id = request.POST['id'] user_username = request.POST['username'] user_first_name = request.POST['first_name'] user_last_name = request.POST['last_name'] user_email = request.POST['email'] user_organisation = request.POST['organisation'] user_phone = request.POST['phone'] user_password = request.POST['password'] user_confirm_password = request.POST['confirm_password'] user_perm = json.loads(request.POST['perm-field']) if request.POST.get('active', 0): user_active = True else: user_active = False if request.POST.get('administrator', 0): user_administrator = True else: user_administrator = False user_default = request.POST.get('default', 0) print "default ds id: " + str(user_default) ## validation if user_password != user_confirm_password: return HttpResponse("Passwords don't match!") # get the object for the default dataset so we can save it to user profile if user_default != 0: default_ds = AnimalDataset.objects.get(pk=user_default) user_password = make_password(user_password) ##if statement here if request.POST.get("new"): if request.POST['password']=="": return HttpResponse("Can not create a user without a password") ## add user to database u = User(username=user_username, first_name=user_first_name, last_name=user_last_name, email=user_email, password=user_password, is_active=user_active, is_superuser=user_administrator, is_staff=user_administrator) u.save() if request.POST.get('default_dataset', False): user_default_dataset = AnimalDataset.objects.get(id=request.POST['default_dataset']) up = UserProfile(user=u, organisation=user_organisation, phone=user_phone, default_dataset=user_default_dataset) else: user_default_dataset = AnimalDataset.objects.get(id=1) #TO DO - the edit user will not render if a default dataset is not picked - however we need to decide what it should be set to if they do not pick one up = UserProfile(user=u, organisation=user_organisation, phone=user_phone,default_dataset=user_default_dataset) up.save() print "save!" user = User.objects.get(username=user_username) user.email="" #Add user to groups in perm-field for p in user_perm: g = Group.objects.get(name=p) user.groups.add(g) user.save() context_dict['info_msg'] = "Successfully created user" else: uo = User.objects.get(id=id) up = UserProfile.objects.get(user=uo) uo.username = user_username uo.first_name = user_first_name uo.last_name = user_last_name uo.email = user_email uo.is_active = user_active uo.is_superuser = user_administrator uo.is_staff = user_administrator if request.POST["password"]!="": uo.password = user_password up.organisation = user_organisation up.phone = user_phone if request.POST.get('default_dataset'): dds = AnimalDataset.objects.get(id=request.POST['default_dataset']) up.default_dataset = dds up.save() #Clear user's perm groups old_perm = uo.groups.all() for p in old_perm: p.user_set.remove(uo) #Add user to groups in perm-field for p in user_perm: g = Group.objects.get(name=p) uo.groups.add(g) uo.save() context_dict['info_msg'] = "Successfully updated user" #if ends here # Display User List users_list = User.objects.order_by('username') context_dict['users'] = users_list return render_to_response("user_list.html", context_dict, context) else: return HttpResponse("Not superuser or POST method")