예제 #1
0
def edit_signature(request):
    if not request.user.acl['can_have_signature']:
        raise Http404()

    if request.method == "GET":
        read_user_notification(request.user,
                               'usercp_signature_%s' % request.user.pk)

    form = EditSignatureForm(instance=request.user)
    if not request.user.is_signature_locked and request.method == 'POST':
        form = EditSignatureForm(request.POST, instance=request.user)
        if form.is_valid():
            set_user_signature(
                request, request.user, form.cleaned_data['signature'])
            request.user.save(update_fields=[
                'signature', 'signature_parsed', 'signature_checksum'
            ])

            if form.cleaned_data['signature']:
                messages.success(request, _("Your signature has been edited."))
            else:
                message = _("Your signature has been cleared.")
                messages.success(request, message)
            return redirect('misago:usercp_edit_signature')

    acl = request.user.acl
    editor = Editor(form['signature'],
                    allow_blocks=acl['allow_signature_blocks'],
                    allow_links=acl['allow_signature_links'],
                    allow_images=acl['allow_signature_images'])
    return render(request, 'misago/usercp/edit_signature.html',
                  {'form': form, 'editor': editor})
예제 #2
0
def edit_signature(request, user):
    serializer = EditSignatureSerializer(user, data=request.data)
    if serializer.is_valid():
        set_user_signature(request, user, serializer.validated_data['signature'])
        user.save(update_fields=['signature', 'signature_parsed', 'signature_checksum'])
        return get_signature_options(user)
    else:
        return Response({
            'detail': serializer.errors['non_field_errors'][0]
        },
                        status=status.HTTP_400_BAD_REQUEST)
예제 #3
0
파일: signature.py 프로젝트: Didan/Misago
def edit_signature(request, user):
    form = EditSignatureForm(request.data, instance=user)
    if form.is_valid():
        set_user_signature(
                request, user, form.cleaned_data['signature'])
        user.save(update_fields=[
            'signature', 'signature_parsed', 'signature_checksum'
        ])
        return get_signature_options(user)
    else:
        return Response({'detail': form.non_field_errors()[0]},
                        status=status.HTTP_400_BAD_REQUEST)
    def test_signature_change(self):
        """signature module allows for signature change"""
        test_user = UserModel.objects.create_user('Bob', '*****@*****.**', 'pass123')

        signatures.set_user_signature(MockRequest(), test_user, '')

        self.assertEqual(test_user.signature, '')
        self.assertEqual(test_user.signature_parsed, '')
        self.assertEqual(test_user.signature_checksum, '')

        signatures.set_user_signature(MockRequest(), test_user, 'Hello, world!')

        self.assertEqual(test_user.signature, 'Hello, world!')
        self.assertEqual(test_user.signature_parsed, '<p>Hello, world!</p>')
        self.assertTrue(signatures.is_user_signature_valid(test_user))

        test_user.signature_parsed = '<p>Injected evil HTML!</p>'
        self.assertFalse(signatures.is_user_signature_valid(test_user))
예제 #5
0
def moderate_signature(request, user):
    return_path = moderation_return_path(request, user)

    form = ModerateSignatureForm(instance=user)

    if request.method == 'POST':
        form = ModerateSignatureForm(request.POST, instance=user)
        if form.is_valid():
            set_user_signature(request, user, form.cleaned_data['signature'])
            user.save(update_fields=(
                'signature',
                'signature_parsed',
                'signature_checksum',
                'is_signature_locked',
                'signature_lock_user_message',
                'signature_lock_staff_message'
            ))

            message = _("%(user)s's signature has been moderated.")
            message = message % {'user': user.username}
            messages.success(request, message)

            notify_user(user,
                _("%(user)s has moderated your signature."),
                reverse('misago:usercp_edit_signature'),
                "usercp_signature_%s" % user.pk,
                formats={'user': request.user.username},
                sender=request.user)

            if 'stay' not in request.POST:
                return redirect(return_path)

    acl = user.acl
    editor = Editor(form['signature'],
                    allow_blocks=acl['allow_signature_blocks'],
                    allow_links=acl['allow_signature_links'],
                    allow_images=acl['allow_signature_images'])

    return render(request, 'misago/modusers/signature.html', {
        'profile': user,
        'form': form,
        'editor': editor,
        'return_path': return_path
    })
예제 #6
0
def moderate_signature(request, user):
    return_path = moderation_return_path(request, user)

    form = ModerateSignatureForm(instance=user)

    if request.method == 'POST':
        form = ModerateSignatureForm(request.POST, instance=user)
        if form.is_valid():
            set_user_signature(request, user, form.cleaned_data['signature'])
            user.save(update_fields=(
                'signature',
                'signature_parsed',
                'signature_checksum',
                'is_signature_locked',
                'signature_lock_user_message',
                'signature_lock_staff_message'
            ))

            message = _("%(user)s's signature has been moderated.")
            message = message % {'user': user.username}
            messages.success(request, message)

            notify_user(user,
                _("%(user)s has moderated your signature."),
                reverse('misago:usercp_edit_signature'),
                "usercp_signature_%s" % user.pk,
                formats={'user': request.user.username},
                sender=request.user)

            if 'stay' not in request.POST:
                return redirect(return_path)

    acl = user.acl
    editor = Editor(form['signature'],
                    allow_blocks=acl['allow_signature_blocks'],
                    allow_links=acl['allow_signature_links'],
                    allow_images=acl['allow_signature_images'])

    return render(request, 'misago/modusers/signature.html', {
        'profile': user,
        'form': form,
        'editor': editor,
        'return_path': return_path
    })
예제 #7
0
    def test_signature_change(self):
        """signature module allows for signature change"""
        User = get_user_model()
        test_user = User.objects.create_user('Bob', '*****@*****.**', 'pass123')

        signatures.set_user_signature(test_user, '')

        self.assertEqual(test_user.signature, '')
        self.assertEqual(test_user.signature_parsed, '')
        self.assertEqual(test_user.signature_checksum, '')

        signatures.set_user_signature(test_user, 'Hello, world!')

        self.assertEqual(test_user.signature, 'Hello, world!')
        self.assertEqual(test_user.signature_parsed, '<p>Hello, world!</p>')
        self.assertTrue(signatures.is_user_signature_valid(test_user))

        test_user.signature_parsed = '<p>Injected evil HTML!</p>'
        self.assertFalse(signatures.is_user_signature_valid(test_user))
예제 #8
0
파일: users.py 프로젝트: vprime/Misago
    def handle_form(self, form, request, target):
        target.username = target.old_username
        if target.username != form.cleaned_data.get('username'):
            target.set_username(form.cleaned_data.get('username'),
                                changed_by=request.user)

        if form.cleaned_data.get('new_password'):
            target.set_password(form.cleaned_data['new_password'])

            if target.pk == request.user.pk:
                start_admin_session(request, target)
                update_session_auth_hash(request, target)

        if form.cleaned_data.get('email'):
            target.set_email(form.cleaned_data['email'])
            if target.pk == request.user.pk:
                start_admin_session(request, target)

        if form.cleaned_data.get('is_avatar_locked'):
            if not target.old_is_avatar_locked:
                set_dynamic_avatar(target)

        if 'is_staff' in form.fields and 'is_superuser' in form.fields:
            target.is_staff = form.cleaned_data.get('is_staff')
            target.is_superuser = form.cleaned_data.get('is_superuser')

        if 'is_active' in form.fields and 'is_active_staff_message' in form.fields:
            target.is_active = form.cleaned_data.get('is_active')
            target.is_active_staff_message = form.cleaned_data.get(
                'is_active_staff_message')

        target.rank = form.cleaned_data.get('rank')

        target.roles.clear()
        target.roles.add(*form.cleaned_data['roles'])

        set_user_signature(request, target, form.cleaned_data.get('signature'))

        target.update_acl_key()
        target.save()

        messages.success(request,
                         self.message_submit % {'user': target.username})
예제 #9
0
    def handle_form(self, form, request, target):
        target.username = target.old_username
        if target.username != form.cleaned_data.get('username'):
            target.set_username(form.cleaned_data.get('username'), changed_by=request.user)

        if form.cleaned_data.get('new_password'):
            target.set_password(form.cleaned_data['new_password'])

            if target.pk == request.user.pk:
                start_admin_session(request, target)
                update_session_auth_hash(request, target)

        if form.cleaned_data.get('email'):
            target.set_email(form.cleaned_data['email'])
            if target.pk == request.user.pk:
                start_admin_session(request, target)

        if form.cleaned_data.get('is_avatar_locked'):
            if not target.old_is_avatar_locked:
                set_dynamic_avatar(target)

        if 'is_staff' in form.fields and 'is_superuser' in form.fields:
            target.is_staff = form.cleaned_data.get('is_staff')
            target.is_superuser = form.cleaned_data.get('is_superuser')

        if 'is_active' in form.fields and 'is_active_staff_message' in form.fields:
            target.is_active = form.cleaned_data.get('is_active')
            target.is_active_staff_message = form.cleaned_data.get('is_active_staff_message')

        target.rank = form.cleaned_data.get('rank')

        target.roles.clear()
        target.roles.add(*form.cleaned_data['roles'])

        set_user_signature(request, target, form.cleaned_data.get('signature'))

        profilefields.update_user_profile_fields(request, target, form)

        target.update_acl_key()
        target.save()

        messages.success(request, self.message_submit % {'user': target.username})
예제 #10
0
파일: users.py 프로젝트: nikescar/Misago
    def handle_form(self, form, request, target):
        target.username = target.old_username

        if target.username != form.cleaned_data.get('username'):
            target.set_username(form.cleaned_data.get('username'),
                                changed_by=request.user)

        if form.cleaned_data.get('new_password'):
            target.set_password(form.cleaned_data['new_password'])

            if target.pk == request.user.pk:
                start_admin_session(request, target)
                update_session_auth_hash(request, target)

        if form.cleaned_data.get('email'):
            target.set_email(form.cleaned_data['email'])
            if target.pk == request.user.pk:
                start_admin_session(request, target)

        if form.cleaned_data.get('is_avatar_locked'):
            if not target.old_is_avatar_locked:
                set_dynamic_avatar(target)

        if 'staff_level' in form.cleaned_data:
            target.staff_level = form.cleaned_data['staff_level']

        target.rank = form.cleaned_data.get('rank')
        if form.cleaned_data.get('roles'):
            target.roles.add(*form.cleaned_data['roles'])

        set_user_signature(target, form.cleaned_data.get('signature'))

        target.update_acl_key()
        target.save()

        messages.success(
            request, self.message_submit % {'user': target.username})