def user_settings(request, company):
c = get_object_or_404(Company, url_name=company)
# permissions
if not has_permission(request.user, c, 'config', 'edit'):
return no_permission_view(request, c, _("You have no permission to edit system configuration."))
# get config: specify initial data manually (also for security reasons,
# to not accidentally include secret data in request.POST or whatever)
# this may be a little wasteful on resources, but config is only edited once in a lifetime or so
# get_value is needed because dict['key'] will fail if new keys are added but not yet saved
initial = {
'product_button_size': get_user_value(request.user, 'pos_product_button_size'),
'product_display': get_user_value(request.user, 'pos_product_display'),
'display_breadcrumbs': get_user_value(request.user, 'pos_display_breadcrumbs'),
}
if request.method == 'POST':
form = UserForm(request.POST)
new_config = {}
if form.is_valid():
for key in initial:
set_user_value(request.user, "pos_" + key, form.cleaned_data[key])
# TODO: user settings
# new_config['pos_' + key] = form.cleaned_data[key]
else:
form = UserForm(initial=initial) # An unbound form
context = {
'company': c,
'form': form,
'title': _("User settings"),
'site_title': g.MISC['site_title'],
}
return render(request, 'pos/manage/user.html', context)
def google_login_or_register(request, mobile=False):
""" log the user in;
if successful, redirect to the index page
if not successful, redirect back to the login page """
context = {}
d = JsonParse(request.POST.get('data'))
if "access_token" not in d:
return JsonError("no_access_token", _("No access_token provided."))
url = (GOOGLE_API['client_userinfo'] % d["access_token"])
r = requests.get(url)
if mobile:
if r is None:
return {'status': 'error', 'google_api_error': _("Something went wrong.")}
if r.status_code == 401:
return {'status': 'error', 'invalid_token': _("Token is invalid")}
elif r.status_code != 200:
return {'status': 'error', 'google_api_error': _("Something went wrong.")}
else:
if r is None:
return JsonError("google_api_error", _("Something went wrong."))
if r.status_code != 200:
return JsonError("google_api_error", _("Something went wrong."))
r = r.json()
if "error" in r:
return JsonError("google_api_error", _("Something went wrong."))
if not "email" in r and r['email'] != "":
if mobile:
return {'status': 'error', 'google_api_error': _("Something went wrong.")}
else:
return JsonError("google_api_error", _("Something went wrong."))
try:
bluser = BlocklogicUser.objects.get(email=r["email"])
if bluser.first_name != r["given_name"] or bluser.last_name != r["family_name"] or bluser.sex != r["gender"]:
bluser.first_name = r["given_name"]
bluser.last_name = r["family_name"]
bluser.sex = r["gender"]
bluser.save()
bluser.update_user_profile()
if bluser.type != GOOGLE and not mobile:
return JsonError("already_registered_via_normal", _("Already registered via normal"))
elif bluser.type != GOOGLE and mobile:
return {'status': 'error', 'already_registered_via_normal': _("Already registered via normal")}
except BlocklogicUser.DoesNotExist:
# we do not have user in our db, so we add register/new one
# print r
try:
gender = r["gender"]
except KeyError:
gender = g.MALE
bluser = BlocklogicUser(email=r["email"], first_name=r["given_name"], last_name=r["family_name"], sex=gender,
type="google")
bluser.save()
key = ""
while key == "":
key = get_random_string(15, string.lowercase + string.digits)
user = BlocklogicUser.objects.filter(password_reset_key=key)
if user:
key = ""
bluser.password_reset_key = key
bluser.save()
bluser.update_user_profile()
# group = bluser.homegroup
# add_free_subscription(bluser)
user = django_authenticate(username=r["email"], password='', type=GOOGLE)
if user is not None:
if not mobile:
django_login(request, user)
set_user_value(bluser, 'google_access_token_' + settings.SITE_URL, d["access_token"])
set_language(request)
if mobile:
data = {'status': 'ok', 'user_id': user.id}
else:
data = {'status': 'ok', 'redirect_url': reverse('web:select_company'), 'user_id': user.id}
if len(user.images.all()) == 0:
picture_url = r['picture']
r = requests.get(picture_url, stream=True)
if r.status_code == 200:
original_filename = picture_url.rsplit('/', 1)
user_image = UserImage(name=user.first_name + " " + user.last_name, original_filename=original_filename[1], created_by=user, updated_by=user)
user_image.image.save(original_filename[1], ContentFile(r.raw.read()))
user_image.save()
user.images.add(user_image)
user.save()
if mobile:
return data
return JsonResponse(data)
return JsonError("error", _("Something went wrong during login with google"))
