Пример #1
0
def edit(request, id=None):
    # Security check
    if request.user.id != id:
        if request.user.is_superuser is False:
            return HttpResponseRedirect(reverse('main.views.forbidden'))
    # Load user
    if id is None:
        user = request.user
        title = 'Edit your profile (%s)' % user
    else:
        try:
            user = User.objects.get(pk=id)
            title = 'Edit user %s' % user
        except:
            raise Http404
    # Form
    if request.method == 'POST':
        form = UserChangeForm(request.POST, instance=user)
        if form.is_valid():
            user = form.save(commit=False)
            password = request.POST.get('password', '')
            user.set_password(password)
            user.save()
            return HttpResponseRedirect(reverse('components.accounts.views.list'))
    else:
        form = UserChangeForm(instance=user)
    return render(request, 'accounts/edit.html', {'form': form, 'user': user, 'title': title })
Пример #2
0
def edit(request, id=None):
    # Forbidden if user isn't an admin and is trying to edit another user
    if str(request.user.id) != str(id) and id is not None:
        if request.user.is_superuser is False:
            return redirect('main.views.forbidden')

    # Load user
    if id is None:
        user = request.user
        title = 'Edit your profile (%s)' % user
    else:
        user = get_object_or_404(User, pk=id)
        title = 'Edit user %s' % user

    # Form
    if request.method == 'POST':
        form = UserChangeForm(request.POST, instance=user)
        if form.is_valid():
            user = form.save(commit=False)

            # change password if requested
            password = request.POST.get('password', '')
            if password != '':
                user.set_password(password)

            # prevent non-admin from self-promotion
            if not request.user.is_superuser:
                user.is_superuser = False

            user.save()

            # regenerate API key if requested
            regenerate_api_key = request.POST.get('regenerate_api_key', '')
            if regenerate_api_key != '':
                generate_api_key(user)

            # determine where to redirect to
            if request.user.is_superuser:
                return_view = 'components.accounts.views.list'
            else:
                return_view = 'profile'

            messages.info(request, _('Saved.'))
            return redirect(return_view)
    else:
        suppress_administrator_toggle = True
        if request.user.is_superuser:
            suppress_administrator_toggle = False
        form = UserChangeForm(
            instance=user,
            suppress_administrator_toggle=suppress_administrator_toggle)

    return render(request, 'accounts/edit.html', {
        'form': form,
        'user': user,
        'title': title
    })
Пример #3
0
def edit(request, id=None):
    # Forbidden if user isn't an admin and is trying to edit another user
    if str(request.user.id) != str(id) and id is not None:
        if request.user.is_superuser is False:
            return redirect("main.views.forbidden")

    # Load user
    if id is None:
        user = request.user
        title = "Edit your profile (%s)" % user
    else:
        user = get_object_or_404(User, pk=id)
        title = "Edit user %s" % user

    # Form
    if request.method == "POST":
        form = UserChangeForm(request.POST, instance=user)
        if form.is_valid():
            user = form.save(commit=False)

            # change password if requested
            password = request.POST.get("password", "")
            if password != "":
                user.set_password(password)

            # prevent non-admin from self-promotion
            if not request.user.is_superuser:
                user.is_superuser = False

            user.save()

            # regenerate API key if requested
            regenerate_api_key = request.POST.get("regenerate_api_key", "")
            if regenerate_api_key != "":
                generate_api_key(user)

            # determine where to redirect to
            if request.user.is_superuser:
                return_view = "components.accounts.views.list"
            else:
                return_view = "profile"

            messages.info(request, _("Saved."))
            return redirect(return_view)
    else:
        suppress_administrator_toggle = True
        if request.user.is_superuser:
            suppress_administrator_toggle = False
        form = UserChangeForm(
            instance=user,
            suppress_administrator_toggle=suppress_administrator_toggle)

    return render(request, "accounts/edit.html", {
        "form": form,
        "user": user,
        "title": title
    })
Пример #4
0
def edit(request, id=None):
    # Forbidden if user isn't an admin and is trying to edit another user
    if str(request.user.id) != str(id) and id != None:
        if request.user.is_superuser is False:
            return HttpResponseRedirect(reverse('main.views.forbidden'))

    # Load user
    if id is None:
        user = request.user
        #id = request.user.id
        title = 'Edit your profile (%s)' % user
    else:
        try:
            user = User.objects.get(pk=id)
            title = 'Edit user %s' % user
        except:
            raise Http404

    # Form
    if request.method == 'POST':
        form = UserChangeForm(request.POST, instance=user)
        if form.is_valid():
            user = form.save(commit=False)

            # change password if requested
            password = request.POST.get('password', '')
            if password != '':
                user.set_password(password)
            user.save()

            # regenerate API key if requested
            regenerate_api_key = request.POST.get('regenerate_api_key', '')
            if regenerate_api_key != '':
                try:
                    api_key = ApiKey.objects.get(user_id=user.pk)
                except ApiKey.DoesNotExist:
                    api_key = ApiKey.objects.create(user=user)
                api_key.key = api_key.generate_key()
                api_key.save()

            # determine where to redirect to
            if request.user.is_superuser is False:
                return_view = 'components.accounts.views.edit'
            else:
                return_view = 'components.accounts.views.list'

            return HttpResponseRedirect(reverse(return_view))
    else:
        form = UserChangeForm(instance=user)

    # load API key for display
    try:
        api_key_data = ApiKey.objects.get(user_id=user.pk)
        api_key = api_key_data.key
    except:
        api_key = '<no API key generated>'

    return render(
        request, 'accounts/edit.html', {
            'hide_features': hidden_features(),
            'form': form,
            'user': user,
            'api_key': api_key,
            'title': title
        })
Пример #5
0
def edit(request, id=None):
    # Forbidden if user isn't an admin and is trying to edit another user
    if str(request.user.id) != str(id) and id != None:
        if request.user.is_superuser is False:
            return HttpResponseRedirect(reverse('main.views.forbidden'))

    # Load user
    if id is None:
        user = request.user
        #id = request.user.id
        title = 'Edit your profile (%s)' % user
    else:
        try:
            user = User.objects.get(pk=id)
            title = 'Edit user %s' % user
        except:
            raise Http404

    # Form
    if request.method == 'POST':
        form = UserChangeForm(request.POST, instance=user)
        if form.is_valid():
            user = form.save(commit=False)

            # change password if requested
            password = request.POST.get('password', '')
            if password != '':
                user.set_password(password)
            user.save()

            # regenerate API key if requested
            regenerate_api_key = request.POST.get('regenerate_api_key', '')
            if regenerate_api_key != '':
                try:
                    api_key = ApiKey.objects.get(user_id=user.pk)
                except ApiKey.DoesNotExist:
                    api_key = ApiKey.objects.create(user=user)
                api_key.key = api_key.generate_key()
                api_key.save()

            # determine where to redirect to
            if request.user.is_superuser is False:
                return_view = 'components.accounts.views.edit'
            else:
                return_view = 'components.accounts.views.list'

            return HttpResponseRedirect(reverse(return_view))
    else:
        form = UserChangeForm(instance=user)

    # load API key for display
    try:
        api_key_data = ApiKey.objects.get(user_id=user.pk)
        api_key = api_key_data.key
    except:
        api_key = '<no API key generated>'

    return render(request, 'accounts/edit.html', {
      'form': form,
      'user': user,
      'api_key': api_key,
      'title': title
    })
Пример #6
0
def edit(request, id=None):
    # Forbidden if user isn't an admin and is trying to edit another user
    if str(request.user.id) != str(id) and id != None:
        if request.user.is_superuser is False:
            return HttpResponseRedirect(reverse("main.views.forbidden"))

    # Load user
    if id is None:
        user = request.user
        # id = request.user.id
        title = "Edit your profile (%s)" % user
    else:
        try:
            user = User.objects.get(pk=id)
            title = "Edit user %s" % user
        except:
            raise Http404

    # Form
    if request.method == "POST":
        form = UserChangeForm(request.POST, instance=user)
        if form.is_valid():
            user = form.save(commit=False)

            # change password if requested
            password = request.POST.get("password", "")
            if password != "":
                user.set_password(password)
            user.save()

            # regenerate API key if requested
            regenerate_api_key = request.POST.get("regenerate_api_key", "")
            if regenerate_api_key != "":
                try:
                    api_key = ApiKey.objects.get(user_id=user.pk)
                except ApiKey.DoesNotExist:
                    api_key = ApiKey.objects.create(user=user)
                api_key.key = api_key.generate_key()
                api_key.save()

            # determine where to redirect to
            if request.user.is_superuser is False:
                return_view = "components.accounts.views.edit"
            else:
                return_view = "components.accounts.views.list"

            return HttpResponseRedirect(reverse(return_view))
    else:
        form = UserChangeForm(instance=user)

    # load API key for display
    try:
        api_key_data = ApiKey.objects.get(user_id=user.pk)
        api_key = api_key_data.key
    except:
        api_key = "<no API key generated>"

    return render(
        request,
        "accounts/edit.html",
        {"hide_features": hidden_features(), "form": form, "user": user, "api_key": api_key, "title": title},
    )
Пример #7
0
def edit(request, id=None):
    if get_client_config_value('kioskMode') == 'True':
        return redirect('main.views.forbidden')

    # Forbidden if user isn't an admin and is trying to edit another user
    if str(request.user.id) != str(id) and id != None:
        if request.user.is_superuser is False:
            return redirect('main.views.forbidden')

    # Load user
    if id is None:
        user = request.user
        title = 'Edit your profile (%s)' % user
    else:
        try:
            user = User.objects.get(pk=id)
            title = 'Edit user %s' % user
        except:
            raise Http404

    # Form
    if request.method == 'POST':
        form = UserChangeForm(request.POST, instance=user)
        if form.is_valid():
            user = form.save(commit=False)

            # change password if requested
            password = request.POST.get('password', '')
            if password != '':
                user.set_password(password)

            # prevent non-admin from self-promotion
            if not request.user.is_superuser:
                user.is_superuser = False

            user.save()

            # regenerate API key if requested
            regenerate_api_key = request.POST.get('regenerate_api_key', '')
            if regenerate_api_key != '':
                try:
                    api_key = ApiKey.objects.get(user_id=user.pk)
                except ApiKey.DoesNotExist:
                    api_key = ApiKey.objects.create(user=user)
                api_key.key = api_key.generate_key()
                api_key.save()

            # determine where to redirect to
            if request.user.is_superuser is False:
                return_view = 'components.accounts.views.edit'
            else:
                return_view = 'components.accounts.views.list'

            messages.info(request, 'Saved.')
            return redirect(return_view)
    else:
        suppress_administrator_toggle = True
        if request.user.is_superuser:
            suppress_administrator_toggle = False
        form = UserChangeForm(
            instance=user,
            suppress_administrator_toggle=suppress_administrator_toggle)

    # load API key for display
    try:
        api_key_data = ApiKey.objects.get(user_id=user.pk)
        api_key = api_key_data.key
    except:
        api_key = '<no API key generated>'

    return render(
        request, 'accounts/edit.html', {
            'hide_features': hidden_features(),
            'form': form,
            'user': user,
            'api_key': api_key,
            'title': title
        })