def get(self, request, *args, **kwargs): cedula = self.kwargs['cedula'] datos_n = Datos.objects.get(cedula=cedula) nombre = datos_n.p_nombre.strip() apellido = datos_n.p_apellido usuario_clave = nombre[:1] + apellido usuario_clave = usuario_clave.lower() clave = handler.encrypt(usuario_clave) datos_u = User.objects.all().order_by('-id')[:1] datos_u_v = datos_u.values('id') ultimo_id_user = datos_u_v[0]['id'] + 1 useradd = User() useradd.id = ultimo_id_user useradd.username = cedula useradd.password = clave useradd.first_name = nombre useradd.last_name = apellido useradd.is_active = False useradd.save() ultimo = useradd.id datos_user = Datos.objects.all() datos_user_f = datos_user.filter(cedula=cedula) datos_user_f.update(usuario_id=ultimo, grupo_usuario=3) return HttpResponse('<div>Creando...</div>')
def users_reset_password(): """Reset user password using uuid sample request { "user_id":"18fcbb87-d56a-48ed-b589-47a26166eb8c34" } sample response: { "response_message": "Successfully Password Reset.", "response_status": "SUCCESS" } :return: Dict """ request_dict = request.get_json() if "user_id" in request_dict and User.query.filter_by( user_uuid=request_dict['user_id']).first(): # print(request_dict['user_id']) random_new_password = str(uuid.uuid1())[:10] password = django_pbkdf2_sha256.encrypt(random_new_password) user_details = User.query.filter_by( user_uuid=request_dict['user_id']).first() user_details.password = password db.session.commit() else: return (jsonify({ cts.RESPONSE_STATUS: cts.RESPONSE_ERROR, cts.RESPONSE_MESSAGE: cts.INVALID_REQUEST }), 200) return (jsonify({ cts.RESPONSE_STATUS: cts.RESPONSE_SUCCESS, cts.RESPONSE_MESSAGE: cts.PASSWORD_RESET }), 200)
def create(self, validated_data): record = Account(first_name=validated_data['first_name'], last_name=validated_data['last_name'], emailid=validated_data['emailid']) encrypted_password = handler.encrypt(validated_data['password']) record.set_password(encrypted_password) record.save() return record
def register(request): if request.method == "POST": first_name = request.POST['fn'] last_name = request.POST['ln'] username = request.POST['un'] email = request.POST['email'] password = request.POST['psw'] enc_password = handler.encrypt(password) user = Account(first_name=first_name, last_name=last_name, username=username, email=email, password=enc_password) user.save() return redirect(home) return redirect(home)
def reset_password(request): emailid = request.GET['emailid'] if request.method == "POST": password = request.POST['password'] encrypted_password = handler.encrypt(password) Account.objects.filter(emailid=emailid).update( password=encrypted_password) messages.add_message( request, messages.SUCCESS, 'Congratulations, your password has been reset. Please Sign In your account here!' ) return redirect('/') return render(request, "reset_password.html", {'emailid': emailid})
def sign_up(request): if request.method == "POST": user=SignUp(request.POST) if user.is_valid(): post=user.save(commit=False) h = handler.encrypt(request.POST['password']) post.password=h; post.save() return redirect('donq.views.log_in') else : return HttpResponse("<script>alert(회원가입 실패);</script>"); else: user = SignUp() return render(request,'donq/html/signup.html',{'form':user})
def get(self, request, *args, **kwargs): id_user = self.kwargs['pk'] datos_n = Datos.objects.get(usuario_id=id_user) nombre = datos_n.p_nombre.strip()[:1] apellido = datos_n.p_apellido usuario_clave = nombre + apellido usuario_clave = usuario_clave.lower() clave = handler.encrypt(usuario_clave) datos_user = User.objects.all() datos_user_f = datos_user.filter(id=id_user) datos_user_f.update(password=clave) return HttpResponse('<div>Actualizando...</div>')
def get(self, request, *args, **kwargs): cursor = connection.cursor() sql = "SELECT ced_num, apellido1, apellido2, nombre1, nombre2, cargo, fecha_naci, direccion, telefono, estatus, fecha_ingreso, tipo_empledo, departamento FROM datos_personales;" cursor.execute(sql) rows = dictfetchall(cursor) for row in rows: usuario_name = row['ced_num'] usuario_clave = row['nombre1'][:1] usuario_clave = usuario_clave + row['apellido1'] usuario_clave = usuario_clave.lower() clave = handler.encrypt(usuario_clave) useradd = User() useradd.username = usuario_name useradd.password = clave useradd.first_name = row['nombre1'] useradd.last_name = row['apellido1'] # useradd.save() ultimo = useradd.id add = Datos() add.cedula = row['ced_num'] add.p_nombre = row['nombre1'] add.s_nombre = row['nombre2'] add.p_apellido = row['apellido1'] add.s_apellido = row['apellido2'] add.cargo = row['cargo'] add.fecha_naci = datetime.datetime.strptime( row['fecha_naci'], '%d/%m/%Y').strftime('%Y-%m-%d') add.telefono = row['telefono'] add.estatus = row['estatus'] add.fecha_ingreso = datetime.datetime.strptime( row['fecha_ingreso'], '%d/%m/%Y').strftime('%Y-%m-%d') add.tipo_empledo = row['tipo_empledo'] add.departamento = row['departamento'] add.direccion = row['direccion'] add.grupo_usuario = 3 add.usuario_id = ultimo # add.save() return HttpResponse('<div>>Actualizando...</div>')
def done(self,form_list, **kwargs): #Modification du fichier settings.py #Formulaire 0 tempFile = open(BASE+'soc/settings.tmp', 'w') host=str(form_list[0].cleaned_data['pg_ip']) port=int(form_list[0].cleaned_data['pg_port']) database=str(form_list[0].cleaned_data['pg_base']) user=str(form_list[0].cleaned_data['pg_user']) password=str(form_list[0].cleaned_data['pg_password']) dic=[ ("'HOST':","\t\t'HOST':'"+host+"',\n"), ("'PORT':","\t\t'PORT':'"+str(port)+"',\n"), ("'NAME':","\t\t'NAME':'"+database+"',\n"), ("'USER':"******"\t\t'USER':'******',\n"), ("'PASSWORD':"******"\t\t'PASSWORD':'******',\n"), ] for line in fileinput.input(BASE+'soc/settings.py'): trouve=False for tuple_texte in dic: if tuple_texte[0] in line: tempFile.write(line.replace(line,tuple_texte[1])) trouve=True dic.remove(tuple_texte) break if trouve==False: tempFile.write(line) tempFile.close() del dic os.rename(BASE+'soc/settings.tmp',BASE+'soc/settings.py') #Cette etape permet de mettr een page principale la page d'authentification tempFile = open(BASE+'soc/urls.tmp', 'w') texte_remplacement="url(r'^$',views.login_view,name='login_view')," texte_recherche="url(r'^$',include('maintenance.urls',app_name='maintenance',namespace='maintenance'))," for line in fileinput.input(BASE+'soc/urls.py'): if texte_recherche in line: tempFile.write(line.replace(line,texte_remplacement)) else: tempFile.write(line) tempFile.close() os.rename(BASE+'soc/urls.tmp',BASE+'soc/urls.py') initialiserPG(BASE+'maintenance/django.pg',host,port,database,user,password) import psycopg2 conn = psycopg2.connect(host=host,port=port,database=database,user=user,password=password) #Modification du fichier default.cfg #Formulaire 1 et 2 self.config.set('Nessus','Adresse',str(form_list[1].cleaned_data['nessus_ip'])) self.config.set('Nessus','Port',str(form_list[1].cleaned_data['nessus_port'])) self.config.set('Nessus','Login',str(form_list[1].cleaned_data['nessus_user'])) self.config.set('Nessus','Password',str(form_list[1].cleaned_data['nessus_password'])) self.config.remove_section('LOCALISATION') self.config.add_section('LOCALISATION') for localisation in form_list[2].cleaned_data['localisation'].split('\r\n'): loc_tuple=localisation.split(';') try: self.config.set('LOCALISATION',loc_tuple[0],loc_tuple[1]) except IndexError: pass self.config.remove_section('ENVIRONNEMENT') self.config.add_section('ENVIRONNEMENT') for environnement in form_list[2].cleaned_data['environnement'].split('\r\n'): env_tuple=environnement.split(';') try: self.config.set('ENVIRONNEMENT',env_tuple[0],env_tuple[1]) except IndexError: pass self.config.remove_section('TYPE') self.config.add_section('TYPE') for type_machine in form_list[2].cleaned_data['type_machine'].split('\r\n'): machine_tuple=type_machine.split(';') try: self.config.set('TYPE',machine_tuple[0],machine_tuple[1]) except IndexError: pass with open(BASE+"soc/default.cfg", 'wb') as configfile: self.config.write(configfile) #Formulaire 3 #Importation de l'image image=form_list[3].cleaned_data['logo'] image_name=image._get_name() image_path=BASE+'static/img/' image_file=open(image_path+image_name,'wb',0) for chunk in image.chunks(): image_file.write(chunk) image_file.close() self.config.remove_section('Rapports') self.config.add_section('Rapports') self.config.set('Rapports','Logo',str(image_name)) self.config.set('Rapports','Societe',str(form_list[3].cleaned_data['societe'])) self.config.set('Rapports','Auteur',str(form_list[3].cleaned_data['auteur'])) self.config.remove_section('MAIL') self.config.add_section('MAIL') self.config.set('MAIL','SMTP_Addr',str(form_list[4].cleaned_data['serveur'])) self.config.set('MAIL','SMTP_Port',str(form_list[4].cleaned_data['port'])) self.config.set('MAIL','Mail_Addr',str(form_list[4].cleaned_data['email'])) self.config.set('MAIL','Password',str(form_list[4].cleaned_data['password'])) tls=str(form_list[4].cleaned_data['tls']) self.config.set('MAIL','TLS',"True" if (tls=="on" or tls=="True" or tls=='true' or tls==True) else "False") with open(BASE+"soc/default.cfg", 'wb',0) as configfile: self.config.write(configfile) os.chdir(BASE) subprocess.check_output("python "+BASE+"manage.py generate_secret_key", shell=True) subprocess.check_output("python "+BASE+"manage.py migrate", shell=True) os.popen("touch "+BASE+'soc/wsgi.py') #Formulaire 5: utilisateur django nom=form_list[5].cleaned_data['nom'] prenom=form_list[5].cleaned_data['prenom'] email=form_list[5].cleaned_data['email'] login=form_list[5].cleaned_data['login'] password=form_list[5].cleaned_data['password'] tz = pytz.timezone('Europe/Paris') d=datetime.datetime.now() date_creation=tz.localize(d) password=django_password.encrypt(password,rounds=24000) cursor= conn.cursor() cursor.execute('''INSERT INTO auth_user (first_name,last_name,email,username,password,date_joined,is_superuser,is_staff,is_active) VALUES(%s,%s,%s,%s,%s,%s,True,True,True)''',[nom,prenom,email,login,password,date_creation]) conn.commit() conn.close() password='******'*20 del password self.config.set('PROJET','Initialiser','YES') with open(BASE+"soc/default.cfg", 'wb') as configfile: self.config.write(configfile) #Ajout du script python dans la crontab de www-data try: subprocess.check_output(['crontab -l | { cat; echo "10 1 * * * '+BASE+'scan_crontab.py"; } | crontab -'],shell=True) except Exception as e: logger.error("Erreur de creation de la crontab: "+str(e)) pass return render(self.request, 'maintenance/success.html')
password = d.get_password( "Mayan EDMS Admin Password", "Enter new password for the Mayan EDMS 'admin' account.") if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "Mayan EDMS Email", "Please enter email address for the Mayan EDMS 'admin' account.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', email) hashpass = djpass.encrypt(password) p = PostgreSQL(database='mayan') p.execute( 'UPDATE autoadmin_autoadminsingleton SET password = NULL, password_hash = NULL, account_id = NULL WHERE (id = 1);' ) p.execute( 'UPDATE auth_user SET email = \'%s\' WHERE username = \'admin\';' % email) p.execute( 'UPDATE auth_user SET password = \'%s\' WHERE username = \'admin\';' % hashpass) if __name__ == "__main__":
def done(self, form_list, **kwargs): #Modification du fichier settings.py #Formulaire 0 tempFile = open(BASE + 'soc/settings.tmp', 'w') host = str(form_list[0].cleaned_data['pg_ip']) port = int(form_list[0].cleaned_data['pg_port']) database = str(form_list[0].cleaned_data['pg_base']) user = str(form_list[0].cleaned_data['pg_user']) password = str(form_list[0].cleaned_data['pg_password']) dic = [ ("'HOST':", "\t\t'HOST':'" + host + "',\n"), ("'PORT':", "\t\t'PORT':'" + str(port) + "',\n"), ("'NAME':", "\t\t'NAME':'" + database + "',\n"), ("'USER':"******"\t\t'USER':'******',\n"), ("'PASSWORD':"******"\t\t'PASSWORD':'******',\n"), ] for line in fileinput.input(BASE + 'soc/settings.py'): trouve = False for tuple_texte in dic: if tuple_texte[0] in line: tempFile.write(line.replace(line, tuple_texte[1])) trouve = True dic.remove(tuple_texte) break if trouve == False: tempFile.write(line) tempFile.close() del dic os.rename(BASE + 'soc/settings.tmp', BASE + 'soc/settings.py') #Cette etape permet de mettr een page principale la page d'authentification tempFile = open(BASE + 'soc/urls.tmp', 'w') texte_remplacement = "url(r'^$',views.login_view,name='login_view')," texte_recherche = "url(r'^$',include('maintenance.urls',app_name='maintenance',namespace='maintenance'))," for line in fileinput.input(BASE + 'soc/urls.py'): if texte_recherche in line: tempFile.write(line.replace(line, texte_remplacement)) else: tempFile.write(line) tempFile.close() os.rename(BASE + 'soc/urls.tmp', BASE + 'soc/urls.py') initialiserPG(BASE + 'maintenance/django.pg', host, port, database, user, password) import psycopg2 conn = psycopg2.connect(host=host, port=port, database=database, user=user, password=password) #Modification du fichier default.cfg #Formulaire 1 et 2 self.config.set('Nessus', 'Adresse', str(form_list[1].cleaned_data['nessus_ip'])) self.config.set('Nessus', 'Port', str(form_list[1].cleaned_data['nessus_port'])) self.config.set('Nessus', 'Login', str(form_list[1].cleaned_data['nessus_user'])) self.config.set('Nessus', 'Password', str(form_list[1].cleaned_data['nessus_password'])) self.config.remove_section('LOCALISATION') self.config.add_section('LOCALISATION') for localisation in form_list[2].cleaned_data['localisation'].split( '\r\n'): loc_tuple = localisation.split(';') try: self.config.set('LOCALISATION', loc_tuple[0], loc_tuple[1]) except IndexError: pass self.config.remove_section('ENVIRONNEMENT') self.config.add_section('ENVIRONNEMENT') for environnement in form_list[2].cleaned_data['environnement'].split( '\r\n'): env_tuple = environnement.split(';') try: self.config.set('ENVIRONNEMENT', env_tuple[0], env_tuple[1]) except IndexError: pass self.config.remove_section('TYPE') self.config.add_section('TYPE') for type_machine in form_list[2].cleaned_data['type_machine'].split( '\r\n'): machine_tuple = type_machine.split(';') try: self.config.set('TYPE', machine_tuple[0], machine_tuple[1]) except IndexError: pass with open(BASE + "soc/default.cfg", 'wb') as configfile: self.config.write(configfile) #Formulaire 3 #Importation de l'image image = form_list[3].cleaned_data['logo'] image_name = image._get_name() image_path = BASE + 'static/img/' image_file = open(image_path + image_name, 'wb', 0) for chunk in image.chunks(): image_file.write(chunk) image_file.close() self.config.remove_section('Rapports') self.config.add_section('Rapports') self.config.set('Rapports', 'Logo', str(image_name)) self.config.set('Rapports', 'Societe', str(form_list[3].cleaned_data['societe'])) self.config.set('Rapports', 'Auteur', str(form_list[3].cleaned_data['auteur'])) self.config.remove_section('MAIL') self.config.add_section('MAIL') self.config.set('MAIL', 'SMTP_Addr', str(form_list[4].cleaned_data['serveur'])) self.config.set('MAIL', 'SMTP_Port', str(form_list[4].cleaned_data['port'])) self.config.set('MAIL', 'Mail_Addr', str(form_list[4].cleaned_data['email'])) self.config.set('MAIL', 'Password', str(form_list[4].cleaned_data['password'])) tls = str(form_list[4].cleaned_data['tls']) self.config.set( 'MAIL', 'TLS', "True" if (tls == "on" or tls == "True" or tls == 'true' or tls == True) else "False") with open(BASE + "soc/default.cfg", 'wb', 0) as configfile: self.config.write(configfile) os.chdir(BASE) subprocess.check_output("python " + BASE + "manage.py generate_secret_key", shell=True) subprocess.check_output("python " + BASE + "manage.py migrate", shell=True) os.popen("touch " + BASE + 'soc/wsgi.py') #Formulaire 5: utilisateur django nom = form_list[5].cleaned_data['nom'] prenom = form_list[5].cleaned_data['prenom'] email = form_list[5].cleaned_data['email'] login = form_list[5].cleaned_data['login'] password = form_list[5].cleaned_data['password'] tz = pytz.timezone('Europe/Paris') d = datetime.datetime.now() date_creation = tz.localize(d) password = django_password.encrypt(password, rounds=24000) cursor = conn.cursor() cursor.execute( '''INSERT INTO auth_user (first_name,last_name,email,username,password,date_joined,is_superuser,is_staff,is_active) VALUES(%s,%s,%s,%s,%s,%s,True,True,True)''', [nom, prenom, email, login, password, date_creation]) conn.commit() conn.close() password = '******' * 20 del password self.config.set('PROJET', 'Initialiser', 'YES') with open(BASE + "soc/default.cfg", 'wb') as configfile: self.config.write(configfile) #Ajout du script python dans la crontab de www-data try: subprocess.check_output([ 'crontab -l | { cat; echo "10 1 * * * ' + BASE + 'scan_crontab.py"; } | crontab -' ], shell=True) except Exception as e: logger.error("Erreur de creation de la crontab: " + str(e)) pass return render(self.request, 'maintenance/success.html')
def register(request): posted_data = {} #get the current page url request.build_absolute_uri() if request.method == "POST": posted_data = request.POST form = RegisterForm(request.POST, request=request) if form.is_valid(): first_name = request.POST['first_name'] last_name = request.POST['last_name'] emailid = request.POST['emailid'] password = request.POST['password'] encrypted_password = handler.encrypt(password) if 'vendor' in request.POST: account_type = AccountType.objects.get(type="vendor") else: account_type = AccountType.objects.get(type="user") detail = Account(first_name=first_name, last_name=last_name, emailid=emailid, password=encrypted_password, account_id=account_type.id) detail.save() if account_type.type == "vendor": vendor_detail = Vendor(user_id=detail.id, vendor=request.POST['vendor']) vendor_detail.save() # admin_detail = UserDetail(request).get_admin() # admin_email = admin_detail.emailid # recipients = [admin_email] # too = ", ".join(recipients) # link = "https://"+request.META['HTTP_HOST'] # subject, from_email, to = 'Request for Approval of Vendor Account', '*****@*****.**', too # html_content =render_to_string('account_activation.html', {'link':link}) # ... # text_content = strip_tags(html_content) # this strips the html, so people will have the text as well. # create the email, and attach the HTML version as well. # msg = EmailMultiAlternatives(subject, text_content, from_email, [to]) # msg.attach_alternative(html_content, "text/html") #msg.send() # fromaddr = "*****@*****.**" # password = "******" # link = "https://"+request.META['HTTP_HOST'] # admin_detail = UserDetail(request).get_admin() # admin_email = admin_detail.emailid # msg = MIMEMultipart() # msg['From'] = fromaddr # recipients = [admin_email] # msg['To'] = ", ".join(recipients) # msg['Subject'] = "Request for Approval of Label Account" # content_html = render_to_string('account_activation.html', {'link':link}) # test = MIMEText(content_html, 'html') # msg.attach(test) # server = smtplib.SMTP('smtp.gmail.com', 465) # server.starttls() # server.login(fromaddr, password) # text = msg.as_string() # server.sendmail(fromaddr, recipients, text) # server.quit() messages.add_message( request, messages.SUCCESS, 'Registered Successfully. Please check your mail for approval of your account from admin.' ) return redirect("/") #return HttpResponse("Registered Successfully. Please check your mail to activate your account.") else: form = RegisterForm(request=request) return render(request, "register.html", { 'form': form, 'posted_data': posted_data })
def sign(request): if request.method == 'POST': if request.POST['nom'] != "" and request.POST['prenom'] != "" and request.POST['email'] != "" and request.POST['mdp'] != "": try: user = User.objects.get(email=request.POST['email']) return render(request, 'home/index.html') except ObjectDoesNotExist: verifemail = re.match(r'(^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$)', request.POST['email']) if verifemail: i = User(nom=request.POST['nom'], prenom=request.POST['prenom'], email=request.POST['email'], mdp=handler.encrypt(request.POST['mdp']+"5645a774-6c94-4521-8c0a-4fc23ed28ff1")) i.save() request.session['user_id'] = i.id request.session['user_name'] = i.nom request.session['user_prenom'] = i.prenom return redirect('/lists/') return render(request, 'home/index.html')
def post(self, request, *args, **kwargs): username = self.request.POST.get('username') password = handler.encrypt(self.request.POST.get('password')) email = self.request.POST.get('email') first_name = self.request.POST.get('first_name') last_name = self.request.POST.get('last_name') grupo = self.request.POST.getlist('grupo') accion = self.request.POST.get('accion') institucion = self.request.POST.get('institucion') # Bloque para la busqueda de usuario con contrasena y poder ser comparada con la db if accion == "buscar": print "PASO POR VERIFICAR" username = self.request.POST.get('id_fis') password = self.request.POST.get('password') password_f = self.request.POST.get('password_f') clave = handler.encrypt(password) print "ID usuario: ", username print "CLAVE: ", password usuario = authenticate(username=username, password=password_f) if not usuario: return HttpResponse('no_existe') else: print "Ya existe" # Query para permitir la actualizacion de la clave del fiscal query = User.objects.all() obj = query.filter(username=username) obj.update( password=clave, is_staff=True, ) logout(request) return HttpResponseRedirect('/') elif accion == "guardar": existe = User.objects.filter(username=username).exists() if existe: return HttpResponse('existe') else: if str(self.request.POST.get('is_active')) == '1': status = True else: status = False reg_obj = User( username=username, password=password, last_login='******', is_superuser='******', is_staff='FALSE', is_active=status, first_name=first_name, last_name=last_name, email=email, date_joined='2015-05-22 12:54:43.001975-04:30', ) reg_obj.save() # Se captura id del grupo asociado a los fiscales y el id del nuevo fiscal registrado en usuario #id_group = Group.objects.filter(name='sistematizador')[0].id id_user = User.objects.filter(email=email)[0].id cursor = connection.cursor() for list_group in grupo: # print "LISTA DE ID GRUPO: ",list_group cursor.execute( "INSERT INTO auth_user_groups(user_id, group_id) VALUES (" + str(id_user) + ", " + str(list_group) + ")") # print "id",id_user # print "ins",institucion cursor.execute( "INSERT INTO trabajadores_trabajadores(trabajador_id, institucion_id) VALUES (" + str(id_user) + ", " + str(institucion) + ")") return HttpResponse('exito') elif accion == "editar": pk = self.request.POST.get('valor') grupo = self.request.POST.getlist('grupo') if str(self.request.POST.get('is_active')) == '1': status = True # print "PASO POR 1" else: status = False # print "PASO POR 2" # Query de actualizacion query = User.objects.all() obj = query.filter(id=pk) obj.update( username=username, password=password, last_login='******', is_superuser='******', is_staff=False, is_active=status, first_name=first_name, last_name=last_name, email=email, date_joined='2015-05-22 12:54:43.001975-04:30', ) id_user = User.objects.filter(email=email)[0].id print "id", id_user print "ins", institucion Trabajadores.objects.filter(trabajador_id=id_user).update( institucion_id=institucion, ) cursor = connection.cursor() # Segmento para verificar que los grupos relacionados al usuario estén dentro de la lista enviada cursor.execute( "SELECT group_id FROM auth_user_groups WHERE user_id=" + str(id_user)) for g in cursor.fetchall(): print g[0] if g[0] in grupo: pass else: cursor.execute( "DELETE FROM auth_user_groups WHERE user_id=" + str(id_user) + " AND group_id=" + str(g[0]) + "") # Segmento para verificar que los grupos enviados coinciden con los relacionados al usuario en base de datos. for list_group in grupo: #print "LISTA DE ID GRUPO: ",list_group cursor.execute( "SELECT COUNT(*) FROM auth_user_groups WHERE user_id=" + str(id_user) + " AND group_id=" + str(list_group) + "") num_group = cursor.fetchone()[0] #print num_group if num_group == 0: cursor.execute( "INSERT INTO auth_user_groups(user_id, group_id) VALUES (" + str(id_user) + ", " + str(list_group) + ")") return HttpResponse('actualizar') return HttpResponseRedirect('/nuevo_usuario')
def post(self, request, *args, **kwargs): username = self.request.POST.get('username') password = handler.encrypt(self.request.POST.get('password')) email = self.request.POST.get('email') first_name = self.request.POST.get('first_name') last_name = self.request.POST.get('last_name') grupo = self.request.POST.get('grupo') accion = self.request.POST.get('accion') #print "USUARIO: ",accion # Bloque para la busqueda de usuario con contrasena y poder ser comparada con la db if accion == "buscar": print "PASO POR VERIFICAR" username = self.request.POST.get('id_fis') password = self.request.POST.get('password') password_f = self.request.POST.get('password_f') clave = handler.encrypt(password) print "ID usuario: ",username print "CLAVE: ",password usuario = authenticate(username=username, password=password_f) if not usuario: return HttpResponse('no_existe') else: print "Ya existe" # Query para permitir la actualizacion de la clave del fiscal query = User.objects.all() obj = query.filter(username=username) obj.update( password = clave, is_staff = True, ) logout(request) return HttpResponseRedirect('/') elif accion == "guardar": print "Existe" existe = User.objects.filter(username = username).exists() if existe: return HttpResponse('existe') else: #print "ES por GUARDAR" if str(self.request.POST.get('is_active')) == '1': status = True else: status = False reg_obj = User( username=username, password=password, last_login='******', is_superuser='******', is_staff='FALSE', is_active=status, first_name=first_name, last_name=last_name, email=email, date_joined='2015-05-22 12:54:43.001975-04:30', ) reg_obj.save() # Se captura id del grupo asociado a los fiscales y el id del nuevo fiscal registrado en usuario #id_group = Group.objects.filter(name='sistematizador')[0].id id_user = User.objects.filter(email = email)[0].id cursor = connection.cursor() cursor.execute("INSERT INTO auth_user_groups(user_id, group_id) VALUES ("+str(id_user)+", "+str(grupo)+")") return HttpResponse('exito') elif accion == "editar": pk = self.request.POST.get('valor') print "ESTATUS: ",self.request.POST.get('is_active') if str(self.request.POST.get('is_active')) == '1': status = True print "PASO POR 1" else: status = False print "PASO POR 2" # Query de actualizacion query = User.objects.all() obj = query.filter(id=pk) print "HOLA: ",obj obj.update( username=username, password=password, last_login='******', is_superuser='******', is_staff=False, is_active=status, first_name=first_name, last_name=last_name, email=email, date_joined='2015-05-22 12:54:43.001975-04:30', ) return HttpResponse('actualizar') return HttpResponseRedirect('/usuarios/listar_usuarios')
def post(self, request): response = {} print ('request') form = AddVendorForm(request.POST, request=request) print (form) if form.is_valid(): try: print ('form v1alid') account_type = AccountType.objects.get(type="vendor") account_id = account_type.id paypal_emailid = emailid = request.GET.get('email') vendor_name = request.GET.get('name') platform = request.GET.get('platform') first_name = vendor_name last_name = '' if ' ' in vendor_name: name = vendor_name.split(' ') first_name = name[0] last_name = name[1] website = request.GET.get('website') status = 0 country = request.GET.get('country') random_new_token=''.join(random.choice('0123456789ABCDEF') for i in range(16)) lis=[] password = binascii.hexlify(os.urandom(16)).decode() encrypted = handler.encrypt(password) token_time=datetime.now() obj = Account(account_id=account_id,token_time=token_time, first_name=first_name, last_name=last_name, emailid=emailid, paypal_emailid=paypal_emailid, website=website, status=status, country=country, token=random_new_token, platform=platform, password=encrypted, added_shop="yes") obj.save() vendor_detail = Vendor(user_id=obj.id,vendor=vendor_name) vendor_detail.save() # add commission add_commission = Commission(user_id=obj.id, commission=10) add_commission.save() # get admin_email admin_object=Account.objects.get(id=1) admin_email=admin_object.emailid # email1 Vars1 = {"account_type": "label"} template_id1 = "138014" send_template(admin_email, Vars1, template_id1) # email2 Vars = {"first_name": first_name, "label_name": vendor_name,"password":password} template_id = "170804" send_template(emailid, Vars, template_id) response['success']='success' except Exception as r: print ('\n\n Exception') response['exception']=r else: html = str(form) error_html = BeautifulSoup(html, 'html.parser') ul = error_html.find("ul", {"class": "errorlist nonfield"}) error = ul.find("li").text print ('Error is This ; '+str(error)) response['error'] = error # retrun HttpResponse(json.dumps(response)) print ('\n\n res',response) return HttpResponse(json.dumps(response))
def user_add(): """Create user by admin sample request { "email":"*****@*****.**", "first_name":"hughsonsees1sad2e3", "last_name":"hughsonsees1sad2e3", "auth_groups":[1,2,3] } sample response: { "response_message": "Registration Successfully Completed. Please verify email account.", "response_status": "SUCCESS" } :return:dict with success message and status code - Password field is auto generated. An email with password will be sent to user. """ #if request.method == 'POST': request_dict = request.get_json() err_msg = "" if not validate_registration_input(**request_dict)[0]: err_msg = validate_registration_input(**request.form)[1] return (jsonify({ cts.RESPONSE_STATUS: cts.RESPONSE_ERROR, cts.RESPONSE_MESSAGE: err_msg }), 200) if request_dict['email'] is not None: check_email = User.query.filter_by(email=request_dict['email']).first() if check_email: err_msg = cts.EMAIL_EXISTS else: err_msg = "Email address is required" if err_msg: return (jsonify({ cts.RESPONSE_STATUS: cts.RESPONSE_ERROR, cts.RESPONSE_MESSAGE: err_msg }), 200) try: # password is auto generated random_password = str(uuid.uuid1())[:10] password = django_pbkdf2_sha256.encrypt(random_password) result_items = User(email=request_dict['email'], first_name=request_dict['first_name'], last_name=request_dict['last_name'], password=password, last_login=dttim.datetime.now(), is_superuser=False, is_staff=False, is_active=True, date_joined=dttim.datetime.now(), user_uuid=uuid.uuid4()) db.session.add(result_items) db.session.commit() except Exception: db.session.rollback() return (jsonify({ cts.RESPONSE_STATUS: cts.RESPONSE_ERROR, 'response_message': cts.REGISTER_ERROR }), 200) if "auth_groups" in request_dict and len(request_dict["auth_groups"]) >= 1: try: for auth_group in request_dict["auth_groups"]: # check if the permission is in the DB check_permit = AuthGroups.query.filter_by( id=auth_group).first() if check_permit: # if permission exists in DB then insert into auth group permissions permit_items = AuthUserGroups( user_id=result_items.id, group_id=auth_group, created_on=dttim.datetime.now()) db.session.add(permit_items) db.session.commit() # print("valid permissions") else: print("invalid auth_group") except: db.session.rollback() # send random generated password to the user. user_register_email(result_items, random_password) return (jsonify({ cts.RESPONSE_STATUS: cts.RESPONSE_SUCCESS, cts.RESPONSE_MESSAGE: cts.REGISTER_SUCCESS }), 200)
def set_password(self, password): self.pw_hash = django_pbkdf2_sha256.encrypt(password)
def register(request): posted_data = {} #get the current page url request.build_absolute_uri() if request.method == "POST": posted_data = request.POST form = RegisterForm(request.POST, request=request) if form.is_valid(): first_name = request.POST['first_name'] last_name = request.POST['last_name'] emailid = request.POST['emailid'] password = request.POST['password'] website = request.POST['website'] country = request.POST['country'] if not website.startswith("http://"): website = "http://" + website encrypted_password = handler.encrypt(password) if 'vendor' in request.POST: account_type = AccountType.objects.get(type="vendor") else: account_type = AccountType.objects.get(type="user") detail = Account(first_name=first_name, last_name=last_name, emailid=emailid, paypal_emailid=emailid, password=encrypted_password, account_id=account_type.id, website=website, country=country) detail.save() if account_type.type == "vendor": vendor_detail = Vendor(user_id=detail.id, vendor=request.POST['vendor']) vendor_detail.save() link = "http://" + request.META['HTTP_HOST'] admin_detail = UserDetail(request).get_admin() admin_email = admin_detail.emailid # add commission add_commission = Commission(user_id=detail.id, commission=10) add_commission.save() # email1 Vars1 = {"account_type": "label"} template_id1 = "138014" send_template(admin_email, Vars1, template_id1) # email2 Vars = { "first_name": first_name, "label_name": request.POST['vendor'] } template_id = "136350" send_template(emailid, Vars, template_id) messages.add_message( request, messages.SUCCESS, 'Registered Successfully. We will send you an email once your application and account has been approved.' ) return redirect("/") #return HttpResponse("Registered Successfully. Please check your mail to activate your account.") else: form = RegisterForm(request=request) all_countries = [] countries_list = list(pycountry.countries) for country in countries_list: all_countries.append(country.name) return render(request, "register.html", { 'form': form, 'posted_data': posted_data, 'all_countries': all_countries })