Exemplo n.º 1
0
def view_profile(request):
    user = get_object_or_404(Dojo_User, pk=request.user.id)
    form = DojoUserForm(instance=user)
    group_members = get_authorized_group_members_for_user(user)

    user_contact = user.usercontactinfo if hasattr(user,
                                                   'usercontactinfo') else None
    if user_contact is None:
        contact_form = UserContactInfoForm()
    else:
        contact_form = UserContactInfoForm(instance=user_contact)

    global_role = user.global_role if hasattr(user, 'global_role') else None
    if global_role is None:
        previous_global_role = None
        global_role_form = GlobalRoleForm()
    else:
        previous_global_role = global_role.role
        global_role_form = GlobalRoleForm(instance=global_role)

    if request.method == 'POST':
        form = DojoUserForm(request.POST, instance=user)
        contact_form = UserContactInfoForm(request.POST, instance=user_contact)
        global_role_form = GlobalRoleForm(request.POST, instance=global_role)
        if form.is_valid() and contact_form.is_valid(
        ) and global_role_form.is_valid():
            form.save()
            contact = contact_form.save(commit=False)
            contact.user = user
            contact.save()
            request_user = get_current_user()
            global_role = global_role_form.save(commit=False)
            if global_role.role != previous_global_role and not request_user.is_superuser:
                global_role.role = previous_global_role
                messages.add_message(
                    request,
                    messages.WARNING,
                    'Only superusers are allowed to change their global role.',
                    extra_tags='alert-warning')
            global_role.user = user
            global_role.save()

            messages.add_message(request,
                                 messages.SUCCESS,
                                 'Profile updated successfully.',
                                 extra_tags='alert-success')
    add_breadcrumb(title="User Profile - " + user.get_full_name(),
                   top_level=True,
                   request=request)
    return render(
        request, 'dojo/profile.html', {
            'name': 'Engineer Profile',
            'metric': False,
            'user': user,
            'form': form,
            'contact_form': contact_form,
            'global_role_form': global_role_form,
            'group_members': group_members
        })
Exemplo n.º 2
0
def edit_group(request, gid):
    group = get_object_or_404(Dojo_Group, id=gid)
    form = DojoGroupForm(instance=group)

    global_role = group.global_role if hasattr(group, 'global_role') else None
    if global_role is None:
        previous_global_role = None
        global_role_form = GlobalRoleForm()
    else:
        previous_global_role = global_role.role
        global_role_form = GlobalRoleForm(instance=global_role)

    if request.method == 'POST':
        form = DojoGroupForm(request.POST, instance=group)

        if global_role is None:
            global_role_form = GlobalRoleForm(request.POST)
        else:
            global_role_form = GlobalRoleForm(request.POST,
                                              instance=global_role)

        if form.is_valid() and global_role_form.is_valid():
            if global_role_form.cleaned_data[
                    'role'] != previous_global_role and not request.user.is_superuser:
                messages.add_message(
                    request,
                    messages.WARNING,
                    'Only superusers are allowed to change the global role.',
                    extra_tags='alert-warning')
            else:
                form.save()
                global_role = global_role_form.save(commit=False)
                global_role.group = group
                global_role.save()
                messages.add_message(request,
                                     messages.SUCCESS,
                                     'Group saved successfully.',
                                     extra_tags='alert-success')
        else:
            messages.add_message(request,
                                 messages.ERROR,
                                 'Group was not saved successfully.',
                                 extra_tags='alert_danger')

    add_breadcrumb(title="Edit Group", top_level=False, request=request)
    return render(request, "dojo/add_group.html", {
        'form': form,
        'global_role_form': global_role_form,
    })
Exemplo n.º 3
0
def add_user(request):
    form = AddDojoUserForm()
    if not request.user.is_superuser:
        form.fields['is_staff'].widget.attrs['disabled'] = True
        form.fields['is_superuser'].widget.attrs['disabled'] = True
        form.fields['is_active'].widget.attrs['disabled'] = True
    contact_form = UserContactInfoForm()
    global_role_form = GlobalRoleForm()
    user = None

    if request.method == 'POST':
        form = AddDojoUserForm(request.POST)
        contact_form = UserContactInfoForm(request.POST)
        global_role_form = GlobalRoleForm(request.POST)
        if form.is_valid() and contact_form.is_valid(
        ) and global_role_form.is_valid():
            user = form.save(commit=False)
            password = request.POST['password']
            if password:
                user.set_password(password)
            else:
                user.set_unusable_password()
            user.active = True
            user.save()
            contact = contact_form.save(commit=False)
            contact.user = user
            contact.save()
            global_role = global_role_form.save(commit=False)
            global_role.user = user
            global_role.save()
            messages.add_message(request,
                                 messages.SUCCESS,
                                 'User added successfully.',
                                 extra_tags='alert-success')
            return HttpResponseRedirect(reverse('view_user', args=(user.id, )))
        else:
            messages.add_message(request,
                                 messages.ERROR,
                                 'User was not added successfully.',
                                 extra_tags='alert-danger')
    add_breadcrumb(title="Add User", top_level=False, request=request)
    return render(
        request, "dojo/add_user.html", {
            'name': 'Add User',
            'form': form,
            'contact_form': contact_form,
            'global_role_form': global_role_form,
            'to_add': True
        })
Exemplo n.º 4
0
def add_group(request):
    form = DojoGroupForm
    global_role_form = GlobalRoleForm()
    group = None

    if request.method == 'POST':
        form = DojoGroupForm(request.POST)
        global_role_form = GlobalRoleForm(request.POST)
        if form.is_valid() and global_role_form.is_valid():
            if global_role_form.cleaned_data[
                    'role'] is not None and not request.user.is_superuser:
                messages.add_message(
                    request,
                    messages.ERROR,
                    'Only superusers are allowed to set global role.',
                    extra_tags='alert-warning')
            else:
                group = form.save(commit=False)
                group.save()
                global_role = global_role_form.save(commit=False)
                global_role.group = group
                global_role.save()
                member = Dojo_Group_Member()
                member.user = request.user
                member.group = group
                member.role = Role.objects.get(is_owner=True)
                member.save()
                messages.add_message(request,
                                     messages.SUCCESS,
                                     'Group was added successfully.',
                                     extra_tags='alert-success')
                return HttpResponseRedirect(
                    reverse('view_group', args=(group.id, )))
        else:
            messages.add_message(request,
                                 messages.ERROR,
                                 'Group was not added successfully.',
                                 extra_tags='alert-danger')

    add_breadcrumb(title="Add Group", top_level=False, request=request)
    return render(request, "dojo/add_group.html", {
        'form': form,
        'global_role_form': global_role_form,
    })
Exemplo n.º 5
0
def edit_user(request, uid):
    user = get_object_or_404(Dojo_User, id=uid)
    form = EditDojoUserForm(instance=user)
    if not request.user.is_superuser:
        form.fields['is_staff'].widget.attrs['disabled'] = True
        form.fields['is_superuser'].widget.attrs['disabled'] = True
        form.fields['is_active'].widget.attrs['disabled'] = True

    user_contact = user.usercontactinfo if hasattr(user,
                                                   'usercontactinfo') else None
    if user_contact is None:
        contact_form = UserContactInfoForm()
    else:
        contact_form = UserContactInfoForm(instance=user_contact)

    global_role = user.global_role if hasattr(user, 'global_role') else None
    if global_role is None:
        global_role_form = GlobalRoleForm()
    else:
        global_role_form = GlobalRoleForm(instance=global_role)

    if request.method == 'POST':
        form = EditDojoUserForm(request.POST, instance=user)
        if user_contact is None:
            contact_form = UserContactInfoForm(request.POST)
        else:
            contact_form = UserContactInfoForm(request.POST,
                                               instance=user_contact)

        if global_role is None:
            global_role_form = GlobalRoleForm(request.POST)
        else:
            global_role_form = GlobalRoleForm(request.POST,
                                              instance=global_role)

        if form.is_valid() and contact_form.is_valid(
        ) and global_role_form.is_valid():
            form.save()
            contact = contact_form.save(commit=False)
            contact.user = user
            contact.save()
            global_role = global_role_form.save(commit=False)
            global_role.user = user
            global_role.save()
            messages.add_message(request,
                                 messages.SUCCESS,
                                 'User saved successfully.',
                                 extra_tags='alert-success')
        else:
            messages.add_message(request,
                                 messages.ERROR,
                                 'User was not saved successfully.',
                                 extra_tags='alert-danger')
    add_breadcrumb(title="Edit User", top_level=False, request=request)
    return render(
        request, "dojo/add_user.html", {
            'name': 'Edit User',
            'form': form,
            'contact_form': contact_form,
            'global_role_form': global_role_form,
            'to_edit': user
        })
Exemplo n.º 6
0
def edit_user(request, uid):
    user = get_object_or_404(Dojo_User, id=uid)
    authed_products = Product.objects.filter(authorized_users__in=[user])
    authed_product_types = Product_Type.objects.filter(
        authorized_users__in=[user])
    form = EditDojoUserForm(instance=user,
                            initial={
                                'authorized_products': authed_products,
                                'authorized_product_types':
                                authed_product_types
                            })
    if not request.user.is_superuser:
        form.fields['is_staff'].widget.attrs['disabled'] = True
        form.fields['is_superuser'].widget.attrs['disabled'] = True
        form.fields['is_active'].widget.attrs['disabled'] = True

    user_contact = user.usercontactinfo if hasattr(user,
                                                   'usercontactinfo') else None
    if user_contact is None:
        contact_form = UserContactInfoForm()
    else:
        contact_form = UserContactInfoForm(instance=user_contact)

    global_role = user.global_role if hasattr(user, 'global_role') else None
    if global_role is None:
        global_role_form = GlobalRoleForm()
    else:
        global_role_form = GlobalRoleForm(instance=global_role)

    if request.method == 'POST':
        form = EditDojoUserForm(request.POST, instance=user)
        if user_contact is None:
            contact_form = UserContactInfoForm(request.POST)
        else:
            contact_form = UserContactInfoForm(request.POST,
                                               instance=user_contact)

        if global_role is None:
            global_role_form = GlobalRoleForm(request.POST)
        else:
            global_role_form = GlobalRoleForm(request.POST,
                                              instance=global_role)

        if form.is_valid() and contact_form.is_valid(
        ) and global_role_form.is_valid():
            form.save()
            if not settings.FEATURE_AUTHORIZATION_V2:
                for init_auth_prods in authed_products:
                    init_auth_prods.authorized_users.remove(user)
                    init_auth_prods.save()
                for init_auth_prod_types in authed_product_types:
                    init_auth_prod_types.authorized_users.remove(user)
                    init_auth_prod_types.save()
                if 'authorized_products' in form.cleaned_data and len(
                        form.cleaned_data['authorized_products']) > 0:
                    for p in form.cleaned_data['authorized_products']:
                        p.authorized_users.add(user)
                        p.save()
                if 'authorized_product_types' in form.cleaned_data and len(
                        form.cleaned_data['authorized_product_types']) > 0:
                    for pt in form.cleaned_data['authorized_product_types']:
                        pt.authorized_users.add(user)
                        pt.save()
            contact = contact_form.save(commit=False)
            contact.user = user
            contact.save()
            global_role = global_role_form.save(commit=False)
            global_role.user = user
            global_role.save()
            messages.add_message(request,
                                 messages.SUCCESS,
                                 'User saved successfully.',
                                 extra_tags='alert-success')
        else:
            messages.add_message(request,
                                 messages.ERROR,
                                 'User was not saved successfully.',
                                 extra_tags='alert-danger')
    add_breadcrumb(title="Edit User", top_level=False, request=request)
    return render(
        request, "dojo/add_user.html", {
            'name': 'Edit User',
            'form': form,
            'contact_form': contact_form,
            'global_role_form': global_role_form,
            'to_edit': user
        })
Exemplo n.º 7
0
def add_user(request):
    form = AddDojoUserForm()
    if not request.user.is_superuser:
        form.fields['is_staff'].widget.attrs['disabled'] = True
        form.fields['is_superuser'].widget.attrs['disabled'] = True
        form.fields['is_active'].widget.attrs['disabled'] = True
    contact_form = UserContactInfoForm()
    global_role_form = GlobalRoleForm()
    user = None

    if request.method == 'POST':
        form = AddDojoUserForm(request.POST)
        contact_form = UserContactInfoForm(request.POST)
        global_role_form = GlobalRoleForm(request.POST)
        if form.is_valid() and contact_form.is_valid(
        ) and global_role_form.is_valid():
            user = form.save(commit=False)
            password = request.POST['password']
            if password:
                user.set_password(password)
            else:
                user.set_unusable_password()
            user.active = True
            user.save()
            contact = contact_form.save(commit=False)
            contact.user = user
            contact.save()
            global_role = global_role_form.save(commit=False)
            global_role.user = user
            global_role.save()
            if not settings.FEATURE_AUTHORIZATION_V2:
                if 'authorized_products' in form.cleaned_data and len(
                        form.cleaned_data['authorized_products']) > 0:
                    for p in form.cleaned_data['authorized_products']:
                        p.authorized_users.add(user)
                        p.save()
                if 'authorized_product_types' in form.cleaned_data and len(
                        form.cleaned_data['authorized_product_types']) > 0:
                    for pt in form.cleaned_data['authorized_product_types']:
                        pt.authorized_users.add(user)
                        pt.save()
            messages.add_message(
                request,
                messages.SUCCESS,
                'User added successfully, you may edit if necessary.',
                extra_tags='alert-success')
            return HttpResponseRedirect(reverse('edit_user', args=(user.id, )))
        else:
            messages.add_message(request,
                                 messages.ERROR,
                                 'User was not added successfully.',
                                 extra_tags='alert-danger')
    add_breadcrumb(title="Add User", top_level=False, request=request)
    return render(
        request, "dojo/add_user.html", {
            'name': 'Add User',
            'form': form,
            'contact_form': contact_form,
            'global_role_form': global_role_form,
            'to_add': True
        })