def Index(request):
args = {}
args["username"] = auth.get_user(request).username
if not args["username"]:
args["user_is_staff"] = False
return redirect("/auth/login/")
else:
args["user_is_staff"] = auth.get_user(request).is_staff
if auth.get_user(request).username == PROJECT_ADMIN_USER_LOGIN:
args["The_Creator_is_here"] = True
args["new_feedback_count"] = len(
FeedBackNote.objects.filter(has_been_read=False).exclude(
from_user=User.objects.get(username=PROJECT_ADMIN_USER_LOGIN)
)
)
else:
args["The_Creator_is_here"] = False
user_messages = FeedBackNote.objects.filter(
from_user=auth.get_user(request), to_user=User.objects.get(username=PROJECT_ADMIN_USER_LOGIN)
)
admin_messages = FeedBackNote.objects.filter(
from_user=User.objects.get(username="******"), to_user=auth.get_user(request)
)
all_messages = list(set(user_messages) | set(admin_messages))
all_messages.sort(key=lambda x: x.feedback_date, reverse=True)
args["feedback_notes"] = all_messages
response = render_to_response("mainpage_basic.html", args)
return response
def test_does_not_shadow_exception(self):
# Prepare a request object
request = HttpRequest()
request.session = self.client.session
with self.assertRaises(ImproperlyConfigured):
get_user(request)
def forgot_pass(request):
if auth.get_user(request).username:
return redirect('/user/{userlogin}/'.format(userlogin=auth.get_user(request).username))
if request.GET:
error = request.GET.get('error','')
return render(request, 'loginsys/forgot_pass.html', {'error':error})
return render(request, 'loginsys/forgot_pass.html')
def post_detail(request, pk):
args = {}
args['post'] = get_object_or_404(Post, pk=pk)
if auth.get_user(request).pk != None:
args['profile'] = UserProfile.objects.get(user = auth.get_user(request))
args['bets'] = RaceBet.objects.filter(race = args['post']).order_by('bet')
return render(request, 'horserace/post_detail.html', args)
def answers(request):
args = {}
user = auth.get_user(request)
args['comments'] = Comments.objects.filter(author=user).order_by('-id')
args['username'] = auth.get_user(request).username
return render_to_response('user/user_answers.html', args,
context_instance=RequestContext(request, processors=[include_user]))
def test_login_inactive_user_fails(client, regular_user, rf):
if "shuup.front.apps.auth" not in settings.INSTALLED_APPS:
pytest.skip("Need shuup.front.apps.auth in INSTALLED_APPS")
get_default_shop()
prepare_user(regular_user)
response = client.post(reverse("shuup:login"), data={
"username": regular_user.username,
"password": REGULAR_USER_PASSWORD,
})
request = rf.get("/")
request.session = client.session
assert get_user(request) == regular_user, "User is logged in"
request = rf.get("/")
request.session = client.session
logout(request)
user_contact = regular_user.contact
assert user_contact.is_active
user_contact.is_active = False
user_contact.save()
client.post(reverse("shuup:login"), data={
"username": regular_user.username,
"password": REGULAR_USER_PASSWORD,
})
request = rf.get("/")
request.session = client.session
assert get_user(request).is_anonymous(), "User is still anonymous"
def test_login(self):
def _get_current_user():
return users.User('*****@*****.**', _user_id='111111111100000000001')
request = HttpRequest()
SessionMiddleware().process_request(request) # Make the damn sessions work
request.session[BACKEND_SESSION_KEY] = 'djangae.contrib.gauth.datastore.backends.AppEngineUserAPIBackend'
middleware = AuthenticationMiddleware()
# Check that we're not logged in already
user = get_user(request)
self.assertFalse(user.is_authenticated())
# Check that running the middleware when the Google users API doesn't know the current
# user still leaves us as an anonymous users.
with sleuth.switch('djangae.contrib.gauth.middleware.users.get_current_user', lambda: None):
middleware.process_request(request)
# Check that the middleware successfully logged us in
user = get_user(request)
self.assertFalse(user.is_authenticated())
# Now check that when the Google users API *does* know who we are, that we are logged in.
with sleuth.switch('djangae.contrib.gauth.middleware.users.get_current_user', _get_current_user):
middleware.process_request(request)
# Check that the middleware successfully logged us in
user = get_user(request)
self.assertTrue(user.is_authenticated())
self.assertEqual(user.email, '*****@*****.**')
self.assertEqual(user.username, '111111111100000000001')
def photo_delete(request, slug, pk):
args = {}
args['page_number'] = pk
args['slug'] = slug
photos = get_object_or_404(Album, slug=slug).photo_set.all()
current_page = Paginator(photos, 3)
args['photos'] = current_page.page(pk)
args['username'] = auth.get_user(request).username
username = auth.get_user(request).username
if request.user.is_authenticated():
user = User.objects.get(username=username)
if user.has_module_perms('gallery'):
if request.method == 'POST':
form = PhotoDelete(request.POST)
if form.is_valid():
title = form.cleaned_data['title']
photo = Photo.objects.get(title=title)
photo.delete()
return render(request, 'photo_album.html', args)
else:
args['form'] = PhotoDelete
return render(request, 'photo_delete.html', args)
else:
return render(request, 'photo_add.html')
else:
return render(request, 'photo_add.html')
return render(request, 'photo_album.html', args)
def bookmarks_show(request):
args = {}
args.update(csrf(request))
args['bookmarks'] = Bookmark.objects.filter(user=auth.get_user(request).id)
args['form'] = BookmarkForm
args['username'] = auth.get_user(request).username
return render_to_response('bookmarks.html', args)
def upload(request):
args = {}
args.update(csrf(request))
username = auth.get_user(request).username
print auth.get_user(request).email
print auth.get_user(request).cangaroo
#qwerty = CustomizedUserModel()
#qwerty.email = "qwertyyu"
#print qwerty.email
#print qwerty.cangaroo
if request.POST:
pic_url = request.POST.get('pic_url', '')
print pic_url
cloudinary.uploader.upload(pic_url, tags = ["ItransitionCPUser_" + username])
#user = auth.authenticate(username = pic_url, password = password)
#if user is not None and user.is_active == True:
# print ("came here")
# auth.login(request, user)
# return redirect('/')
#else:
# print ("didnt came here")
# args['login_error'] = "User not found"
# return render_to_response('pics_uploader.html', args)
else:
args.update({'username': username})
return render_to_response('pics_uploader.html', args)
def execute_addition(request, site_url, page_url):
page = MarkdownPage.objects.get(url = page_url)
if page.rated_users.find(' '+ auth.get_user(request).username +' ') >= 0:
return redirect('/sites/'+site_url+'/'+page_url)
page.rated_users += (auth.get_user(request).username + ' ')
page.rating += 1
page.save()
def test_login(self):
user = auth.get_user(self.client)
self.assertFalse(user.is_authenticated())
response = self.login()
self.assertRedirects(response, reverse('intern'))
user = auth.get_user(self.client)
self.assertTrue(user.is_authenticated())
def post_detail(request, pk):
if request.user.is_authenticated():
if auth.get_user(request).username == str(Post.objects.get(pk=pk).author):
post = get_object_or_404(Post, pk=pk)
return render(request, 'post_detail.html', {'post': post, 'username': auth.get_user(request).username})
else:
comments_form = PostComments
args = {}
args.update(csrf(request))
args['post_views'] = Post.objects.get(pk=pk)
args['comments'] = Comments.objects.filter(comments_post_id=pk)
args['form'] = comments_form
args['username'] = auth.get_user(request).username
args['author'] = Post.objects.get(pk=pk).author
return render_to_response('post_views.html', args)
else:
comments_form = PostComments
args = {}
args.update(csrf(request))
args['post_views'] = Post.objects.get(pk=pk)
args['comments'] = Comments.objects.filter(comments_post_id=pk)
args['form'] = comments_form
args['username'] = auth.get_user(request).username
args['author'] = Post.objects.get(pk=pk).author
return render_to_response('post_views.html', args)
def save(request, story_id):
"""
View for saving story contents. Responds only to ajax POST requests.
"""
if request.is_ajax():
user = auth.get_user(request)
if story_id:
story = get_object_or_404(Story, pk=int(story_id))
if user != story.user:
return HttpResponse('Unauthorized', status=401)
else:
story = Story()
story.user = auth.get_user(request)
story.date_travel = datetime.datetime.now().date()
request_body = json.loads(request.body)
story.title = request_body['title']
story.text = json.dumps(request_body['blocks'], ensure_ascii=False)
story.date_publish = datetime.datetime.now()
story.save()
for block in request_body['blocks']:
if block["type"] == "img":
if block["marker"] != None:
picture = Picture.objects.get(id=block["id"])
picture.latitude = block["marker"]["lat"]
picture.longitude = block["marker"]["lng"]
picture.save()
return HttpResponse(story.id)
def add_note(request):
args = {}
args.update(csrf(request))
username = auth.get_user(request).username
args['username'] = username
# TODO добавить валидацию формы, сейчас можно отправить пустую форму, и возникнет ощибка,
# это никак не обрабатывается
if request.POST:
user = auth.get_user(request)
form = NoteAddForm(request.POST)
if form.is_valid():
note = form.save(commit=False)
note.pub_date = datetime.datetime.now()
note.author = user
form.save()
# request.session['pause'] = True
return redirect('/notes/note/%s/' % note.id)
else:
error = 'Не корректные данные, проверьте правильность заполнения формы <br> (все поля должны быть заполнены)'
new_note_form = NoteAddForm(request.POST)
args['error'] = error
args['form'] = new_note_form
return render_to_response("notes/add_note.html", args)
else:
note_form = NoteAddForm
args['form'] = note_form
return render_to_response('notes/add_note.html',args)
def show_questions_of_topic(request, topic_id):
# Повертає для вибраної теми СПИСОК ПИТАНЬ з варіантами відповідей --- ДЛЯ СТУДЕНТА
# або СПИСОК студентів та їх РЕЗУЛЬТАТІВ --- ДЛЯ ТЬЮТОРА
args = {}
args.update(csrf(request))
args['show_topic'] = Topic.objects.get(id = topic_id)
args['show_questions'] = Question.objects.filter(topic_id_id = topic_id)
args['show_answers'] = Answer.objects.all()
args['answers_list'] = show_answers_list(args['show_questions'], args['show_answers'])
args['username'] = auth.get_user(request).username
args['max_mark_of_topic']=(show_max_mark_of_topic(topic_id = topic_id))
if auth.get_user(request).is_staff:
# Якщо авторизований тьютор (з правами доступу до "admin site", is_staff = True)
# повертає СПИСОК студентів та їх РЕЗУЛЬТАТИ по вибраній темі
args['students_list'] = Student.objects.all()
args['marks_list'] = show_mark_for_student(args['students_list'], topic_id)
if args['marks_list'] == []:
args['error_msg'] = 'Thank You for visiting, but currently no one took the test of this topic.'
args['add_question'] = "Please, fill in the following fields to add a new question to this topic."
return render_to_response('exam/show_all_results.html', args)
else:
# інакше (якщо авторизований студент)
# повертає СПИСОК ПИТАНЬ з варіантами відповідей для вибраної теми
return render_to_response('exam/show_questions_of_topic.html', args)
def discuss(request,o_id):
'''Discuss Function renders a discussion page for doubts/agendas.It takes input as the request, object id of the agenda
For GET request it renders the page discuss.html with existing agenda and comments with a form for new Comment.
For POST Request it checks for the validity of the comment, sets the no. of like to zero and adds to the database.'''
commentForm = CommentForm()
c = {}
c.update(csrf(request))
agenda = get_object_or_404(Agenda,id=o_id)
tempUser = Users.objects.filter(id=get_user(request).id)
candidateName = agenda.candidate.name
candidateObj = Candidates.objects.filter(username=agenda.candidate.username)[0]
candidatePost = candidateObj.postname
show = True #show variable is to ensure that only those people who have logged in can see the like button.
if len(tempUser) == 0:
show = False
if request.method=='POST':
commentForm =CommentForm(request.POST)
if commentForm.is_valid():
tempComment = Comments()
tempComment.content = commentForm.cleaned_data['content']
try:
tempComment.author = Users.objects.get(id=get_user(request).id)
except:
print("User not found.")
tempComment.likes = 0
tempComment.save()
agenda.comments.add(tempComment)
Anonymous = "Anonymous"
comments = agenda.comments.all().order_by('-likes')
c.update({'agenda':agenda,'comments':comments,'commentForm':commentForm,'Anonymous':Anonymous,'show':show, 'candidateName': candidateName, 'candidatePost': candidatePost, 'candidateUsername': agenda.candidate.username})
return render(request,'discuss.html',c)
def addcomment(request, course_id):
args = {}
args.update(csrf(request))
args['subjects'] = Subject.objects.all()
args['course_title'] = Courses.objects.get(id=course_id).course_title
args['course_id'] = course_id
args['comments'] = Comments.objects.filter(comment_course_id=course_id)
args['user'] = auth.get_user(request)
if auth.get_user(request).get_username():
if request.POST:
comment_text = request.POST.get('comment_text', '')
if comment_text:
comment = Comments()
comment.comment_text = comment_text
comment.comment_rate = 0
comment.comment_course_id = course_id
comment.comment_author_id = Students.objects.get(student_user_id=auth.get_user(request).id).id
comment.comment_date = datetime.datetime.now()
comment.save()
return redirect('/feedback/%s/' % course_id)
else:
args['comment_error'] = 'Введіть коментар'
return render_to_response('feedback.html', args)
else:
args['comment_error'] = "Коментарі можуть лишати лише авторизовані користувачі"
return render_to_response('feedback.html', args)
def result(request, topic_id):
# Обчислює та повертає РЕЗУЛЬТАТ ТЕСТУ для студента
def count_mark(answers_list, marks_value = 0):
# Повертає ОЦІНКУ за весь тест з обраної теми,
# перевіряючи по списку всіх відповідей теми чи було прийняте відповідне значення id
for answers in answers_list:
for answer in answers:
if str(answer.id) in request.POST.getlist('answer'):
marks_value += answer.is_correct
return marks_value
if not auth.get_user(request).is_staff:
# Якщо авторизований студент
answers_list = show_answers_list(Question.objects.filter(topic_id_id = topic_id), Answer.objects.all())
try:
final_result = Result.objects.get(student_id_id = auth.get_user(request).id, topic_id_id = topic_id)
except ObjectDoesNotExist:
final_result = Result.objects.create(student_id_id = auth.get_user(request).id, topic_id_id = topic_id)
# Викликає функцію обчислення загальної оцінки за весь тест
final_result.mark = count_mark(answers_list)
# та зберігає цю оцінку в базі даних
final_result.save()
return redirect("/exam/")
def zakaz(request):
args = {}
args.update(csrf(request))
user = auth.get_user(request)
args["username"] = auth.get_user(request).username
args["zakaz"] = Otlojit.objects.filter(user=user)
return render_to_response('cart/zakaz.html', args)
def index(request):
sel_t = tasks.objects.order_by('title')
sel_u = users_param.objects.order_by('user')
params = {}
params.update(csrf(request))
params['tasks'] = sel_t
params['users'] = sel_u
params['statuses'] = TASKS_STATUSES
params['user_fl'] = []
params['statuses_fl'] = []
params['username'] = auth.get_user(request).username
params['authinfo'] =''
if ("user_fl" in request.session):
params['user_fl'] = request.session['user_fl']
if ("statuses_fl" in request.session):
params["statuses_fl"] = request.session["statuses_fl"]
if ("authinfo" in request.session):
if request.session['authinfo']=='ok':
user = auth.get_user(request)
params['user_fl'].append(user.pk)
else:
params['authinfo'] = request.session['authinfo']
request.session['authinfo'] = ''
print params['user_fl']
return render(request, 'web/index.html', params)
def create_project(request):
user = request.user
if request.POST:
form = ProjectForm(request.POST, request.FILES)
if form.is_valid():
c = form.save(commit=False)
c.author = user
c.save()
# import pdb; pdb.set_trace()
project = Project.objects.get(id=c.id)
## permissions
if not project.public:
group = '{}_pr_workers'.format(c.id)
group = Group.objects.create(name=group)
group.save()
else:
group = Group.objects.get(name='workers')
# import pdb; pdb.set_trace()
for i in worker_perms['project']:
assign_perm(i, group, project)
for i in prcreator_perms:
assign_perm(i, user, project)
user.groups.add(group)
loger(auth.get_user(request), 'created project',c.name, project=project)
return HttpResponseRedirect('/projector/all')
else:
form = ProjectForm()
# import pdb; pdb.set_trace()
#form['deadline'] = '111'
args = {}
args['username'] = auth.get_user(request).username
args.update(csrf(request))
args['form'] = form
return render_to_response('create_project.html',args)
def myProfile(request):
args = {}
args['username'] = auth.get_user(request).username
if not args['username']:
args['user_is_staff'] = False
return redirect("/auth/login/")
else:
args['user_is_staff'] = auth.get_user(request).is_staff
user = auth.get_user(request)
args['first_name'] = user.first_name
args['last_name'] = user.last_name
args['email'] = user.email
args['department'] = OperatorToDepartnemt.objects.get(operator=user).department
args['supervisor'] = None
args['success_change'] = request.GET.get('success', '')
response = render_to_response('userProfile_my_profile.html', args)
return response
def addpurchase(request):
args = {}
args.update(csrf(request))
if request.POST:
form = PurchaseForm(request.POST, request.FILES)
if form.is_valid():
#проверяем, состоит ли пользователь в указанной группе. Защищает от подмены value.
po = PO.objects.filter(user = request.user.pk, depart = request.POST['depart'])
if po:
purchase = form.save(commit=False)
purchase.user = CustomUser.objects.get(id=auth.get_user(request).pk)
purchase.date = datetime.datetime.now().date()
purchase.state = 0
form.save()
#Добавление записей в POP
lastPurchase = Purchase.objects.latest('id').pk #получаем id только что добавленной покупки
userpk = request.POST['userpk'].split(",") #получаем список пользователей
departpk = request.POST['departpk'].split(",") #получаем список отделов, в которых состоят пользователи
UserInDepart=dict(zip(userpk,departpk)) #выставляем соответствие: "пользователь" - "группа"
UserInDepart[str(auth.get_user(request).pk)] = request.POST['depart'] #добавляем самого пользователя в покупку
KeysUser = list(UserInDepart.keys()) #получаем список ключей - пользователей, участвующих в покупке
for key in KeysUser:
if key!='' and UserInDepart[key]!='': #Если ключ или значения не путые
if PO.objects.filter(user=key,depart=UserInDepart[key]): #Если такой пользователь есть в базе
party = POP(user=CustomUser.objects.get(id=key), purchase=Purchase.objects.get(id=lastPurchase), depart=Depart.objects.get(id=UserInDepart[key]))
party.save()
return redirect('/')
def edit(request):
args = {}
user = auth.get_user(request)
args.update(csrf(request))
user_change_form = UserChangeForm(instance=request.user)
user_change_form.avatar = user.avatar
args['form'] = user_change_form
args['userreg'] = user.region_id
args['header'] = 'Редактирование информации - %s' % user.username
args['regions_list'] = Regions.objects.all()
if request.method == 'POST':
form = UserChangeForm(request.POST, request.FILES, instance=request.user)
if form.is_valid():
form.save()
user = User.objects.get(id=auth.get_user(request).id)
user.region_id = request.POST.get('region_select')
f = open(create_image(user.username, user.username), 'rb')
username_image = File(f)
user.username_image.save(user.username + '.png', username_image)
user.avatar = form.cleaned_data['avatar']
user.save()
args = {}
args['user'] = auth.get_user(request)
f.close()
return redirect('/account/%s/' % auth.get_user(request).username, args)
else:
args['form'] = UserChangeForm(request.POST)
args['form'] = form
return render(request, 'edit.html', args)
def DriveHistory(request):
args = {}
args['username'] = auth.get_user(request).username
if not args['username']:
return redirect("/drive/")
args['user_is_staff'] = auth.get_user(request).is_staff
if not args['user_is_staff']:
return redirect("/drive/")
try:
args['search_date'] = request.GET.get('search_date', '')
print(args['search_date'])
args['search_date'] = datetime.strptime(args['search_date'], "%d.%m.%Y").date()
print(args['search_date'])
except:
args['search_date'] = None
args['registered_notes'] = DriveList.objects.filter(drive_date=args['search_date'])
drive_time_variants = set()
# Добавляем поле департамент в набор записей, чтобы нагляднее было и трахаться меньше надо было
for note in args['registered_notes']:
try:
note.department = OperatorToDepartnemt.objects.get(operator=note.address.operator).department
drive_time_variants.add(note.drive_time)
except:
args = {}
args['username'] = auth.get_user(request).username
args[
'error_description'] = "Каким-то образом в сегодняшней развозке оказался человек,в профиле которого не указан отдел, поправьте это делов базе, а то не заработает! (Если ты просто пиздюк работник - иди к старшему, он знает, что делать."
return render_to_response('drive_error.html', args)
args['drive_time_variants'] = drive_time_variants
return render_to_response('history.html', args)
def others_profile(request, username):
if request.method == "GET":
params = dict()
other_user = User.objects.get(username=username)
user_posts = Post.objects.filter(author=other_user)
params["posts"] = user_posts
try:
user_follower = UserFollower.objects.get(user=other_user)
if user_follower.followers.filter(usrename=get_user(request)).exists():
params["following"] = True
else:
params["following"] = False
except:
user_follower = []
params["other_user"] = other_user
form = ProfileForm(initial={"Content": other_user.signature})
params["form"] = form
return render(request, "account/others_profile.html", params)
if request.method == "POST":
follow = request.POST["follow"]
user = User.objects.get(username=get_user(request))
user_profile = User.objects.get(username=username)
user_follower, status = UserFollower.objects.get_or_create(user=user_profile)
user_follower.count += 1
user_follower.save()
if follow == "true":
user_follower.followers.add(user)
else:
user_follower.followers.remove(user)
return HttpResponse(json.dumps(""), content_type="application/json")
def create_subtask(request, task_id):
parent = Task.objects.get(id=task_id)
pr = Project.objects.get(id=parent.project_id)
if request.method == 'POST':
form = TaskForm(request.POST, request.FILES)
if form.is_valid():
c = form.save(commit=False)
c.creator = auth.get_user(request)
c.project = pr
c.parent_task = parent
c.save()
form.save_m2m()
task = Task.objects.get(id=c.id)
assign_newtask_perm(task, pr, request.user)
loger(auth.get_user(request), 'task_created', c.name, c, pr)
return HttpResponseRedirect('/projector/project/{}'.format(parent.project_id))
else:
form = TaskForm()
args = {}
args.update(csrf(request))
args['project'] = pr
args['form'] = form
args['parent'] = parent
args['username'] = auth.get_user(request).username
# import pdb; pdb.set_trace()
return render_to_response('create_task.html',args)
def post_make_bet(request, pk):
args = {}
if auth.get_user(request).pk != None:
args['profile'] = UserProfile.objects.get(user=request.user)#UserProfile.objects.get(user = auth.get_user(request))
balance = args['profile'].balance
post = get_object_or_404(Post, pk=pk)
if request.POST:
args['bform'] = BetForm(request.POST,balance = balance)
# print(int(args['bform'].cleaned_data.get("bet")))
# print(int(balance))
if args['bform'].is_valid() and int(args['bform'].cleaned_data.get("bet")) <= int(balance):
bet = args['bform'].save(commit = False)
bet.bet = args['bform'].cleaned_bet()
bet.race = post
# bet.user = args['profile']
bet.user = auth.get_user(request)
args['profile'].balance -= args['bform'].cleaned_bet()
args['profile'].save()
bet.save()
# args['profile'].update()
return redirect('horserace.views.post_detail', pk=pk, )
else:
args['bform'] = BetForm(balance= balance)
return render(request, 'horserace/post_make_bet.html', args)
def addnote(request, pk):
form = dict()
form['form'] = AddNote()
form['icons'] = Icon.objects.all()
form['directory'] = Genre.objects.get(id=pk)
note_name = Note.objects.all()
form['notes'] = note_name
form['username'] = auth.get_user(request).username
form['parent'] = Genre.objects.get(id=pk)
form['tree'] = Genre.objects.filter(parent_id=pk, user_id=auth.get_user(request).id)
form['tree_files'] = Note.objects.filter(parent_id=pk, user_id=auth.get_user(request).id)
if request.POST:
new_add_note = Note()
new_add_note.note_name = request.POST['note_name']
new_add_note.note_text = request.POST['note_text']
new_add_note.user = User.objects.get(username=auth.get_user(request).username)
new_add_note.parent = Genre.objects.get(id=pk)
if new_add_note.valid():
new_add_note.save()
for icon in request.POST.getlist('checkbox'):
new_add_note.icon_name.add(Icon.objects.get(id=icon))
form['saved'] = 'Сохранено в базе данных'
else:
form['saved'] = 'Название заметки обязательное поле'
return render(request, 'app/boot_index.html', form)
return render(request, 'app/add.html', form)
def account_view(request):
"""Private Page Only an Authorized User Can View, allows user to update
their account information (i.e UserInfo fields), including changing
their password
Parameters
---------
request: (HttpRequest) should be either a GET or POST
Returns
--------
out: (HttpResponse)
GET - if user is authenticated, will render account.djhtml
POST - handle form submissions for changing password, or User Info
(if handled in this view)
"""
"""if request.user.is_authenticated:
form = None
# TODO Objective 3: Create Forms and Handle POST to Update UserInfo / Password
user_info = models.UserInfo.objects.get(user=request.user)
context = { 'user_info' : user_info,
'form' : form }
return render(request,'account.djhtml',context)
request.session['failed'] = True
return redirect('login:login_view')
"""
if request.user.is_authenticated:
form = None
# TODO Objective 3: Create Forms and Handle POST to Update UserInfo / Password
existingUserInfo = models.UserInfo.objects.get(user=request.user)
print("existingUserInfo:----------", existingUserInfo.location)
if request.method == 'POST':
formName = request.POST.get('name')
print("-------formName:" + formName)
if (formName == 'pwdForm'):
password = request.POST['password']
if password is not None and password != "":
user = get_user(request)
user.set_password(password)
user.save()
return redirect('login:login_view')
else:
request.user.employment = request.POST['employment']
request.user.location = request.POST['location']
request.user.birthday = request.POST['birthday']
request.user.interests = request.POST['interests']
inter = models.Interest(label=request.POST['interests'])
inter.save()
request.user.save()
if request.POST['employment'] != '':
existingUserInfo.employment = request.user.employment
if request.POST['location'] != '':
existingUserInfo.location = request.user.location
if request.POST['birthday'] != "":
existingUserInfo.birthday = request.user.birthday
elif existingUserInfo.birthday == None:
# existingUserInfo.birthday = datetime.strptime(str(existingUserInfo.birthday), '%Y-%m-%d')
existingUserInfo.birthday = None
if request.POST['interests'] != "" and request.POST[
'interests'] is not None:
inter = models.Interest(label=request.POST['interests'])
inter.save()
existingUserInfo.interests.add(inter)
existingUserInfo.save()
context = {'user_info': existingUserInfo, 'login_form': form}
return render(request, 'account.djhtml', context)
request.session['failed'] = True
return redirect('login:login_view')
def meal_type(space_1, u1_s1):
return MealType.objects.get_or_create(name='test',
space=space_1,
created_by=auth.get_user(u1_s1))[0]
def home(request):
print "at m_v"
return render_to_response('main.html',
{'username': auth.get_user(request).username})
def obj_2(space_1, u1_s1, recipe_1_s1):
b = RecipeBook.objects.create(name='test_1',
created_by=auth.get_user(u1_s1),
space=space_1)
return RecipeBookEntry.objects.create(book=b, recipe=recipe_1_s1)
def home(request):
username = auth.get_user(request)
return render(request, 'main/index.html')
def isRealUser(request):
current_user = get_user(request)
if (not (current_user is None)) and (current_user.first_name.strip()):
return True
else:
return False
def isValidUser(request):
current_user = get_user(request)
return (not (current_user is None)) and current_user.is_authenticated()
def setUp(self):
self.client = APIClient()
# create user for testing purpose
self.user1Info = {
"username": "******",
"password": "******",
"email": "*****@*****.**"
}
self.user2Info = {
"username": "******",
"password": "******",
"email": "*****@*****.**"
}
adminInfo = {
"username": "******",
"password": "******",
"email": "*****@*****.**"
}
activeItemInfo = {
"title":
"item1",
"description":
"something",
"minimum_price":
10,
"deadline_date":
(timezone.now() +
timezone.timedelta(days=5)).strftime("%d.%m.%Y %H:%M:%S")
}
bannedItemInfo = {
"title":
"item2",
"description":
"something",
"minimum_price":
15,
"deadline_date":
(timezone.now() +
timezone.timedelta(days=8)).strftime("%d.%m.%Y %H:%M:%S")
}
# common variables
self.active_item_id = 1
self.banned_item_id = 2
# create a user and an auction
self.client.post(reverse("signup"), self.user1Info)
self.client.post(reverse("signin"), self.user1Info)
self.client.post(reverse("auction:create"), activeItemInfo)
self.client.post(reverse("auction:create"), bannedItemInfo)
# create an admin user
self.client.post(reverse("signup"), adminInfo)
self.client.post(reverse("signin"), adminInfo)
adm = auth.get_user(self.client)
adm.is_superuser = True
adm.save()
# ban 1 item
self.client.post(reverse("auction:ban", args=(self.banned_item_id, )))
self.client.logout()
def test_logout_view_succeeds(self):
self.client = Client()
self.client.login(username=self.username)
r = self.client.get(reverse('account:logout'))
user = auth.get_user(self.client)
self.assertTrue(user.is_anonymous)
def index(request):
args = {'username': auth.get_user(request).username}
language = get_language()
args['language'] = language
return render_to_response('help-page.html', args)
def get_user(request):
if not hasattr(request, '_cached_user'):
request._cached_user = auth.get_user(request)
return request._cached_user
def test_ability_to_login(self):
self.client = Client()
self.client.login(username=self.username)
user = auth.get_user(self.client)
self.assertTrue(user.is_authenticated())
def test_recovery_codes_generated(self):
user_codes = UserRecoveryCodes.objects.filter(
user=UserOTP.objects.filter(
user=auth.get_user(self.client)).first()).first()
self.assertEqual(self.user_codes, user_codes)
def get_object(self, queryset=None):
current_user = get_user(self.request)
return current_user.profile
def test_userotp_data_saved_correctly(self):
user_otp = UserOTP.objects.filter(
user=auth.get_user(self.client)).first()
self.assertEqual(self.userotp.otp_type, user_otp.otp_type)
self.assertEqual(self.userotp.user, user_otp.user)
self.assertEqual(self.userotp.secret_key, user_otp.secret_key)
def index(request):
user = auth.get_user(request)
if user.is_anonymous:
return render(request, 'crmsite//index/index.html')
else:
return render(request, 'crmsite/index/index.html', {'username': auth.get_user(request)})
def test_u2f_enabled(self):
self.assertTrue(is_u2f_enabled(auth.get_user(self.client)))
def test_u2f_to_json_function(self):
user_u2f = U2FKey.objects.filter(
user=auth.get_user(self.client)).first()
self.assertEqual(self.u2f_keys.to_json(), user_u2f.to_json())
def get_filter_args(self, *args, **kwargs):
self.errors = {}
if not auth.get_user(self.request).is_authenticated():
self.errors = {'user': ['User is not authenticated']}
return {}
def test_user_data_saved_correctly(self):
user_details = auth.get_user(self.client)
self.assertEqual(self.user.username, user_details.username)
self.assertEqual(self.user.email, user_details.email)
self.assertEqual(self.user.password, user_details.password)
def index(request):
args = dict()
args['user'] = auth.get_user(request)
return render_to_response('timetable_template1.html', args)
def assertUserNotLoggedIn(self, response):
request = response.wsgi_request
self.assertIsInstance(get_user(request), AnonymousUser)
self.assertIsInstance(request.user, AnonymousUser)
self.assertContains(response, 'anonymous')
def post(request, article_id=1):
return render_to_response(
'html/postPage.html', {
'username': auth.get_user(request).username,
'article': models.Articles.objects.get(id=article_id)
})
def index(request):
if auth.get_user(request).is_superuser:
return render(request, 'monitoring/index.html')
return render(request, 'monitoring/non_superuser.html')
def user_profile_info(request, id_u):
user = auth.get_user(request)
args = {}
args.update(csrf(request))
args['user'] = user
list_perms = []
[list_perms.append(i) for i in user.get_all_permissions()]
args['user_perms'] = list_perms
if user.has_perm('staff.change_employee') or user.has_perm(
'staff.see_employee') or int(id_u) == user.id:
try:
user_profile = User.objects.get(id=id_u)
user_profile.profile
except ObjectDoesNotExist:
args['access_denied'] = True
return render_to_response('user_profile.html', args)
if user_profile.profile.hidden == False and user_profile.profile.company_id == user.profile.company_id:
args['empinf'] = user_profile
if user_profile.profile.position == 'Topmanager':
if user.has_perm('staff.delete_topmanager'):
args['delete_employee'] = True
if user.has_perm('staff.change_topmanager'):
args['change_employee'] = True
elif user_profile.profile.position == 'Manager':
if user.has_perm('staff.delete_manager'):
args['delete_employee'] = True
if user.has_perm('staff.change_manager'):
args['change_employee'] = True
elif user_profile.profile.position == 'Employee':
if user.has_perm('staff.delete_employee'):
args['delete_employee'] = True
if user.has_perm('staff.change_employee'):
args['change_employee'] = True
args['position'] = user.profile.position
args['user_id'] = user.id
stor_items = Storage.objects.filter()
inventory = Equipments.objects.filter(user_id=id_u)
args['inventory'] = inventory
initial = {
'first_name': user_profile.first_name,
'last_name': user_profile.last_name,
'email': user_profile.email,
'phone': user_profile.profile.phone,
'another_phone': user_profile.profile.another_phone,
'date_of_birth': user_profile.profile.date_of_birth
}
all_group = Group.objects.all().exclude(name='Companies')
user_inf = User.objects.get(id=id_u)
if user.profile.position == 'Manager':
all_group = all_group.exclude(name='Topmanagers')
elif user.profile.position == 'Employee':
all_group = all_group.exclude(name='Topmanagers').exclude(
name='Managers')
val_grp = all_group.exclude(
name=user_inf.groups.values_list()[0][1])
id_gr = user_inf.profile.user.groups.values_list()[0][0]
try:
gr = all_group.get(id=id_gr).permissions.all()
except ObjectDoesNotExist:
if user.profile.position == 'Director':
redirect_url = '/auth/changeinfo/' + id_u + '/'
return redirect(redirect_url)
else:
args['access_denied'] = True
return render_to_response('user_profile.html', args)
user_prem_obj = User.objects.get(id=id_u).user_permissions.all()
non_sort = []
all_perm = []
[
non_sort.append(j) for i in all_group
for j in i.permissions.all()
]
[all_perm.append(i) for i in non_sort if i not in all_perm]
[all_perm.remove(pr) for pr in gr if pr in all_perm]
[all_perm.remove(kr) for kr in user_prem_obj if kr in all_perm]
args['company'] = CompanyReg.objects.get(
user=user.profile.company_id)
args['storage'] = Storage.objects.filter(
company_id=user.profile.company_id)
args['val_grp'] = val_grp
args['all_group'] = all_group
args['user_inf'] = user_inf
args['user_perm'] = user_prem_obj
args['all_perm'] = all_perm
args['st_inv'] = Profile.objects.get(user_id=id_u)
form = EditManagerForm(initial)
args['form'] = form
args['workers'] = User.objects.filter(
profile__company_id=user.profile.company_id)
args['access_denied'] = False
return render_to_response('user_profile.html', args)
else:
args['access_denied'] = True
return render_to_response('user_profile.html', args)
else:
args['access_denied'] = True
return render_to_response('user_profile.html', args)
def aboutPage(request):
return render(
request, 'html/aboutPage.html', {
'username': auth.get_user(request).username,
'aboutPageContent': models.aboutPageContent.objects.all()
})
def setUp(self):
self.client.post(reverse("login"), self.credentials)
self.client_user = auth.get_user(self.client)
def posts(request):
return render_to_response(
'html/postsPage.html', {
'username': auth.get_user(request).username,
'articles': models.Articles.objects.all()
})
def render_to_fragment(self, request, course_id, user_access, **kwargs):
"""
Renders a course message fragment for the specified course.
"""
course_key = CourseKey.from_string(course_id)
course = get_course_with_access(request.user, 'load', course_key)
# Get time until the start date, if already started, or no start date, value will be zero or negative
now = datetime.now(UTC)
already_started = course.start and now > course.start
days_until_start_string = "started" if already_started else format_timedelta(
course.start - now, locale=to_locale(get_language()))
course_start_data = {
'course_start_date':
format_date(course.start, locale=to_locale(get_language())),
'already_started':
already_started,
'days_until_start_string':
days_until_start_string
}
# Register the course home messages to be loaded on the page
_register_course_home_messages(request, course, user_access,
course_start_data)
# Register course date alerts
for course_date_block in get_course_date_blocks(course, request.user):
course_date_block.register_alerts(request, course)
# Register a course goal message, if appropriate
# Only show the set course goal message for enrolled, unverified
# users that have not yet set a goal in a course that allows for
# verified statuses.
user_goal = get_course_goal(auth.get_user(request), course_key)
is_already_verified = CourseEnrollment.is_enrolled_as_verified(
request.user, course_key)
if has_course_goal_permission(
request, course_id,
user_access) and not is_already_verified and not user_goal:
_register_course_goal_message(request, course)
# Grab the relevant messages
course_home_messages = list(CourseHomeMessages.user_messages(request))
# Pass in the url used to set a course goal
goal_api_url = get_goal_api_url(request)
# Grab the logo
image_src = 'course_experience/images/home_message_author.png'
context = {
'course_home_messages': course_home_messages,
'goal_api_url': goal_api_url,
'image_src': image_src,
'course_id': course_id,
'username': request.user.username,
}
html = render_to_string(
'course_experience/course-messages-fragment.html', context)
return Fragment(html)
def new_employee(request):
perm_str = 'staff.add_'
if request.POST:
user_plan = UserPlan.objects.get(user=request.user.profile.company_id)
code_name = CodeName.objects.get(name='employees')
try:
employees_count = user_plan.plan.options.get(
code_name=code_name.id).amount
except ObjectDoesNotExist:
return JsonResponse(
{
'error': True,
'message': 'Sorry. In you plan don\'t have this option.'
},
safe=False)
else:
user_count = auth.get_user(request)
count_emp = User.objects.all().filter(
profile__company_id=user_count.profile.company_id).filter(
profile__hidden=False).count()
if count_emp <= employees_count or employees_count == -1:
perm_str += request.POST.get('class')
if request.user.has_perm(perm_str):
group_name = request.POST.get('position') + 's'
username = request.POST.get('email')
first_name = request.POST.get('first_name')
last_name = request.POST.get('last_name')
email = request.POST.get('email')
phone = request.POST.get('phone')
another_phone = request.POST.get('another_phone')
date_of_birth = request.POST.get('date_of_birth')
password = request.POST.get('password')
group = Group.objects.get(name=group_name)
user = User.objects.create(username=username, email=email)
user.set_password(password)
user.first_name = first_name
user.last_name = last_name
user.is_active = True
user.groups.add(group)
user.save()
profile = Profile.objects.create(user=user, phone=phone)
profile.another_phone = another_phone
if date_of_birth == '':
date_of_birth = None
profile.date_of_birth = date_of_birth
profile.position = request.POST.get('position')
profile.company_id = auth.get_user(
request).profile.company_id
profile.save()
uid = user.id
list_perms = []
list_perms.append(uid)
#[list_perms.append(i) for i in request.user.get_all_permissions()]
name_user = request.user.first_name + ' ' + request.user.last_name
if len(name_user) < 3:
name_user = request.user.profile.position
permissions = tuple([
'add_staf', 'add_manager', 'add_topmanager',
'add_employee'
])
chat_message = '<b>' + name_user + '</b> create ' + profile.position + ': ' + first_name + ' ' + last_name
new_system_message(request, chat_message, permissions)
return JsonResponse({
'error': False,
'id': uid
},
safe=False)
else:
return JsonResponse(
{
'error':
True,
'message':
'Sorry. You don\'t have permission for this action.'
},
status=403,
safe=False)
else:
return JsonResponse(
{
'error': True,
'message':
'Sorry. You don\'t have longer create staff.'
},
safe=False)
else:
return JsonResponse(
{
'error': True,
'message': 'Sorry. You try do unknown action.'
},
status=404,
safe=False)
