def form_valid(self, form): change_messages = {} if not self.user: return self.redirect_response(self.request) reset_password = form.cleaned_data['reset_password'] if reset_password: self.user.set_password(uuid.uuid4().hex) change_messages.update(UserChangeMessage.password_reset()) # toggle active state self.user.is_active = not self.user.is_active self.user.save() verb = 're-enabled' if self.user.is_active else 'disabled' reason = form.cleaned_data['reason'] change_messages.update( UserChangeMessage.status_update(self.user.is_active, reason)) couch_user = CouchUser.from_django_user(self.user) log_user_change(by_domain=None, for_domain=None, couch_user=couch_user, changed_by_user=self.request.couch_user, changed_via=USER_CHANGE_VIA_WEB, change_messages=change_messages, fields_changed={'is_active': self.user.is_active}, by_domain_required_for_log=False, for_domain_required_for_log=False) mail_admins( "User account {}".format(verb), "The following user account has been {verb}: \n" " Account: {username}\n" " Reset by: {reset_by}\n" " Password reset: {password_reset}\n" " Reason: {reason}".format( verb=verb, username=self.username, reset_by=self.request.user.username, password_reset=str(reset_password), reason=reason, )) send_HTML_email( "%sYour account has been %s" % (settings.EMAIL_SUBJECT_PREFIX, verb), self.user.get_email() if self.user else self.username, render_to_string('hqadmin/email/account_disabled_email.html', context={ 'support_email': settings.SUPPORT_EMAIL, 'password_reset': reset_password, 'user': self.user, 'verb': verb, 'reason': form.cleaned_data['reason'], }), ) messages.success(self.request, _('Account successfully %(verb)s.' % {'verb': verb})) return redirect(self.redirect_url)
def _update_password(user, password, user_change_logger): domain = Domain.get_by_name(user.domain) if domain.strong_mobile_passwords: clean_password(password) user.set_password(password) if user_change_logger: user_change_logger.add_change_message( UserChangeMessage.password_reset())
def update_password(self, password): self.user.set_password(password) self.logger.add_change_message(UserChangeMessage.password_reset())
def test_update(self): user = CommCareUser.create(domain=self.domain.name, username="******", password="******", created_by=None, created_via=None, phone_number="50253311398") group = Group({"name": "test"}) group.save() self.addCleanup(user.delete, self.domain.name, deleted_by=None) self.addCleanup(group.delete) user_json = { "first_name": "test", "last_name": "last", "email": "*****@*****.**", "language": "pol", "phone_numbers": ["+50253311399", "50253314588"], "groups": [group._id], "user_data": { PROFILE_SLUG: self.profile.id, "chw_id": "13/43/DFA" }, "password": "******" } backend_id = user._id response = self._assert_auth_post_resource( self.single_endpoint(backend_id), json.dumps(user_json), content_type='application/json', method='PUT') self.assertEqual(response.status_code, 200, response.content) self.assertEqual(1, len(CommCareUser.by_domain(self.domain.name))) modified = CommCareUser.get(backend_id) self.assertEqual(modified.username, "test") self.assertEqual(modified.first_name, "test") self.assertEqual(modified.last_name, "last") self.assertEqual(modified.email, "*****@*****.**") self.assertEqual(modified.language, "pol") self.assertEqual(modified.get_group_ids()[0], group._id) self.assertEqual(modified.metadata["chw_id"], "13/43/DFA") self.assertEqual(modified.metadata[PROFILE_SLUG], self.profile.id) self.assertEqual(modified.metadata["imaginary"], "yes") self.assertEqual(modified.default_phone_number, "50253311399") # test user history audit user_history = UserHistory.objects.get( action=UserModelAction.UPDATE.value, user_id=user._id) self.assertDictEqual( user_history.changes, { 'email': '*****@*****.**', 'language': 'pol', 'last_name': 'last', 'first_name': 'test', 'user_data': { 'chw_id': '13/43/DFA', 'commcare_profile': self.profile.id, 'commcare_project': 'qwerty' } }) self.assertTrue( "50253311398" in user_history.change_messages['phone_numbers'] ['remove_phone_numbers']['phone_numbers']) self.assertTrue( "50253311399" in user_history.change_messages['phone_numbers'] ['add_phone_numbers']['phone_numbers']) self.assertTrue( "50253314588" in user_history.change_messages['phone_numbers'] ['add_phone_numbers']['phone_numbers']) self.assertEqual(user_history.change_messages['groups'], UserChangeMessage.groups_info([group])['groups']) self.assertEqual(user_history.change_messages['password'], UserChangeMessage.password_reset()['password']) self.assertEqual(user_history.changed_via, USER_CHANGE_VIA_API)