def create_user_from_legacy(self, legacy_user, original_password): """ Create a new django user from the information provided by the legacy database. Users passed to this method are already assumed: interactive = 1 status = 1 statusdetail = 'active' """ # create the user user = User() user.username = legacy_user.username user.set_password(original_password) user.first_name = legacy_user.firstname user.last_name = legacy_user.lastname user.email = legacy_user.email user.is_active = True user.is_staff = False user.is_superuser = False # test for legacy user rights and adjust accordingly if legacy_user_is_developer(legacy_user): user.is_staff = True user.is_superuser = True if legacy_user_is_admin(legacy_user): user.is_staff = True user.is_superuser = False try: user.save() except: # most likely a duplicate username, send back failure return None # if they are an administrator then add them to the auth group "Admin" user_add_remove_admin_auth_group(user) # create the profile, whole lotta fields profile_defaults = get_profile_defaults(legacy_user) profile_defaults.update({ 'allow_anonymous_view': False, 'allow_user_view': False, 'allow_member_view': False, 'allow_anonymous_edit': False, 'allow_user_edit': False, 'allow_member_edit': False, 'creator': user, 'creator_username': user.username, 'owner': user, 'owner_username': user.username, 'status': True, 'status_detail': 'active' }) try: user.profile.create(**profile_defaults) except: return user # send success so django can continue processing return user
def edit(request, id, form_class=ProfileForm, template_name="profiles/edit.html"): user_edit = get_object_or_404(User, pk=id) try: profile = Profile.objects.get(user=user_edit) except Profile.DoesNotExist: profile = Profile.objects.create_profile(user=user_edit) if not profile.allow_edit_by(request.user): raise Http403 required_fields = get_setting('module', 'users', 'usersrequiredfields') if required_fields: required_fields_list = required_fields.split(',') required_fields_list = [field.strip() for field in required_fields_list] else: required_fields_list = None if request.method == "POST": form = form_class(request.POST, user_current=request.user, user_this=user_edit, required_fields_list=required_fields_list, instance=profile) if form.is_valid(): # get the old profile, so we know what has been changed in admin notification old_user = User.objects.get(id=id) old_profile = Profile.objects.get(user=old_user) profile = form.save(request, user_edit) if is_admin(request.user): security_level = form.cleaned_data['security_level'] if security_level == 'developer': user_edit.is_superuser = 1 user_edit.is_staff = 1 # remove them from auth_group if any - they don't need it user_edit.groups = [] elif security_level == 'admin': user_edit.is_superuser = 0 user_edit.is_staff = 1 # add them to admin auth group user_add_remove_admin_auth_group(user_edit) else: user_edit.is_superuser = 0 user_edit.is_staff = 0 # remove them from auth_group if any user_edit.groups = [] # add them to admin auth group user_add_remove_admin_auth_group(user_edit) # set up user permission profile.allow_user_view, profile.allow_user_edit = False, False else: user_edit.is_superuser = 0 user_edit.is_staff = 0 # interactive interactive = form.cleaned_data['interactive'] try: interactive = int(interactive) except: interactive = 0 if interactive == 1: user_edit.is_active = 1 else: user_edit.is_active = 0 profile.save() user_edit.save() # notify ADMIN of update to a user's record if get_setting('module', 'users', 'userseditnotifyadmin'): # profile_edit_admin_notify(request, old_user, old_profile, profile) # send notification to administrators recipients = get_notice_recipients('module', 'users', 'userrecipients') if recipients: if notification: extra_context = { 'old_user': old_user, 'old_profile': old_profile, 'profile': profile, 'request': request, } notification.send_emails(recipients,'user_edited', extra_context) log_defaults = { 'event_id' : 122000, 'event_data': '%s (%d) edited by %s' % (user_edit._meta.object_name, user_edit.pk, request.user), 'description': '%s edited' % user_edit._meta.object_name, 'user': request.user, 'request': request, 'instance': user_edit, } EventLog.objects.log(**log_defaults) return HttpResponseRedirect(reverse('profile', args=[user_edit.username])) else: if profile: form = form_class(user_current=request.user, user_this=user_edit, required_fields_list=required_fields_list, instance=profile) else: form = form_class(user_current=request.user, user_this=user_edit, required_fields_list=required_fields_list) return render_to_response(template_name, {'user_this':user_edit, 'profile':profile, 'form':form, 'required_fields_list':required_fields_list}, context_instance=RequestContext(request))
def add(request, form_class=ProfileForm, template_name="profiles/add.html"): if not has_perm(request.user,'profiles.add_profile'):raise Http403 required_fields = get_setting('module', 'users', 'usersrequiredfields') if required_fields: required_fields_list = required_fields.split(',') required_fields_list = [field.strip() for field in required_fields_list] else: required_fields_list = None if request.method == "POST": form = form_class(request.POST, user_current=request.user, user_this=None, required_fields_list=required_fields_list) if form.is_valid(): profile = form.save(request, None) new_user = profile.user # security_level if is_admin(request.user): security_level = form.cleaned_data['security_level'] if security_level == 'developer': new_user.is_superuser = 1 new_user.is_staff = 1 elif security_level == 'admin': new_user.is_superuser = 0 new_user.is_staff = 1 # add them to admin auth group user_add_remove_admin_auth_group(new_user) else: new_user.is_superuser = 0 new_user.is_staff = 0 # set up user permission profile.allow_user_view, profile.allow_user_edit = False, False else: new_user.is_superuser = 0 new_user.is_staff = 0 # interactive interactive = form.cleaned_data['interactive'] try: interactive = int(interactive) except: interactive = 0 new_user.is_active = interactive profile.save() new_user.save() ObjectPermission.objects.assign(new_user, profile) log_defaults = { 'event_id' : 121000, 'event_data': '%s (%d) added by %s' % (new_user._meta.object_name, new_user.pk, request.user), 'description': '%s added' % new_user._meta.object_name, 'user': request.user, 'request': request, 'instance': new_user, } EventLog.objects.log(**log_defaults) # send notification to administrators recipients = get_notice_recipients('module', 'users', 'userrecipients') if recipients: if notification: extra_context = { 'object': profile, 'request': request, } notification.send_emails(recipients,'user_added', extra_context) return HttpResponseRedirect(reverse('profile', args=[new_user.username])) else: form = form_class(user_current=request.user, user_this=None, required_fields_list=required_fields_list) auto_pwd = request.POST.get('auto_pwd') return render_to_response(template_name, {'form':form, 'user_this':None, 'required_fields_list': required_fields_list, 'auto_pwd': auto_pwd }, context_instance=RequestContext(request))