def signup(request): if request.method == 'POST': first_name = request.POST['suc-fullname'] last_name = request.POST['su-fullname'] email = request.POST['su-email'] password = request.POST['su-pass'] staff_user = User(username=email) staff_user.set_password(password) staff_user.first_name = first_name staff_user.last_name = last_name staff_user.email = email staff_user.active = True staff_user.save() company = Company(name="NBA") company.save() employee = Employee(user=staff_user, company=company) employee.save() return HttpResponse("<h1> User created </h1>") return render(request, 'sortall/signup.html')
def register(request): if request.method == "GET": if request.user.is_authenticated(): return HttpResponseRedirect("/") else: return render(request, "register.html", {}) else: username = request.POST.get("username") name = request.POST.get("name") email = request.POST.get("email") password = request.POST.get("password") try: user = User.objects.get(username = username) except User.DoesNotExist: pass else: return HttpResponse("Your username has already been used. Please choose another username.") try: user = User.objects.get(email = email) except User.DoesNotExist: pass else: return HttpResponse("Your email has already been used. Please choose another email.") new_user = User(username = username, first_name = name, email = email) new_user.set_password(password) new_user.active = False new_user.save() donor = Donor(person = new_user, stored_cash = 0) donor.save() return HttpResponse("You have been registered. Please log in.")
def create_user(user_name, email_address, password='******', permission_prototype='public') : """create a User """ if User.objects.filter(username=user_name).count() < 0 : user = User.objects.get(username=user_name) else : user = User(username=user_name, password=password, email=email_address) user.email_address=email_address user.user_name = user_name user.active = 1 # need this to be set before the save, below user.save() user_post_create(user) from apps.synced import post_user_create post_user_create.send(sender=user,user=user) return user
def create_user(user_name, email_address, password='******', permission_prototype='public'): """create a User """ if User.objects.filter(username=user_name).count() < 0: user = User.objects.get(username=user_name) else: user = User(username=user_name, password=password, email=email_address) user.email_address = email_address user.user_name = user_name user.active = 1 # need this to be set before the save, below user.save() user_post_create(user) from apps.synced import post_user_create post_user_create.send(sender=user, user=user) return user
def donor_reg(request): xcheck = False user_login = request.user full_name = '' username = '' email = '' user_id = ran_gen(6,'ABCDEFGHIJKLMPQRSTUVWXYZ123456789') while xcheck: check_id = AP.objects.filter(username=user_id) if check_id.exists(): user_id = ran_gen(6,'ABCDEFGHIJKLMPQRSTUVWXYZ123456789') xcheck = False else: xcheck = True display = False xList = [] if request.user.is_authenticated: check_path = AP.objects.filter(username=user_login) for x in check_path: path = x.path if path == 'admin': pass elif path == 'donor': return HttpResponseRedirect(reverse('donor:home')) else: # return HttpResponseRedirect(reverse('reci:home')) pass else: if request.method == 'POST': f_name = request.POST.get('name') full_name = f_name.lower().lstrip().rstrip() user_name = request.POST.get('username') username = user_name.lower().lstrip().rstrip() # gen_der = request.POST.get('gender') # gender = gen_der.lower().lstrip().rstrip() # blood_type = request.POST.get('bloodtype') # bloodtype = blood_type.lower().lstrip().rstrip() e_mail = request.POST.get('email') email = e_mail.lower().lstrip().rstrip() # tele_phone = request.POST.get('telephone') # telephone = tele_phone.lower().lstrip().rstrip() # sta_te = request.POST.get('state') # state = sta_te.lower().lstrip().rstrip() pass_ = request.POST.get('pass') password = pass_.lower().lstrip().rstrip() pass_2 = request.POST.get('pass2') password2 = pass_2.lower().lstrip().rstrip() checkemail = User.objects.filter(email=email) checkuser = User.objects.filter(username=username) if password != password2: error = {'error':"Both passwords didn't match"} display = True xList.append(error) if len(password) < 6 : error = {'error':"Password should be at least 6 charaters long"} display = True xList.append(error) if checkuser.exists(): error = {'error':str(username) + " is not available"} display = True xList.append(error) if checkemail.exists(): error = {'error':str(email) + " has been used"} display = True xList.append(error) email = '' if ' ' not in full_name: error = {'error':"Please provide full name with a space"} display = True xList.append(error) if not display: random_number = random.randint(0,16777215) hex_number = format(random_number,'x') hex_number = '#'+hex_number # RefCode = ran_gen(8,'ABCDEFGHIJKLMPQRSTUVWXYZ123456789') name = full_name.split(' ') namex = full_name.replace(' ', '-') detail = User() detail.first_name = name[0] detail.last_name = name[1] detail.username = username detail.email = email detail.set_password(password) detail.active = True detail.staff_status = False detail.superuser_status = False detail.save() a = AP() a.username = username a.color_code = hex_number a.path = 'donor' a.save() a = DD() a.full_name = full_name a.username = username a.gender = '' a.bloodtype = '' a.email = email a.telephone = '' a.state = '' a.password = password a.save() a = ND() a.user = username a.expires = datetime.now() + timedelta(hours=24) a.save() user = authenticate(username=username, password=password) if user: if user.is_active: try: URL = 'https://safewayfx.com/api/v1/codeupblood/newUser/'+namex+'/'+email+'/'+username print(URL) ress = json.loads(requests.get(URL).json()) print(str(ress)) except Exception as e: print('>>>'+str(e)) login(request, user) return HttpResponseRedirect(reverse('accounts:donor_add')) data = { 'user_id':'CB-'+user_id, 'display':display, 'xLists':xList, 'full_name':full_name, 'username':username, 'email':email, } return render(request, 'accounts/donor_reg.html', data)
def test_edit_flags(self): content_type_p = ContentType(app_label='auth', model='Plot') content_type_p.save() content_type_t = ContentType(app_label='auth', model='Tree') content_type_t.save() p = P(codename="change_user",name="change_user",content_type=content_type_p) p.save() t = P(codename="change_user",name="change_user",content_type=content_type_t) t.save() ghost = AnonymousUser() peon = User(username="******") peon.save() peon.reputation = Reputation(user=peon) peon.reputation.save() duke = User(username="******") duke.save() duke.reputation = Reputation(user=duke) duke.reputation.save() leroi = User(username="******") leroi.active = True leroi.save() # double save required for m2m... leroi.reputation = Reputation(user=leroi) leroi.user_permissions.add(p) leroi.user_permissions.add(t) leroi.save() leroi.reputation.save() p_peon_0 = mkPlot(peon) p_peon_1 = mkPlot(peon) p_duke_2 = mkPlot(duke) t_duke_0 = mkTree(duke, plot=p_peon_0) t_peon_1 = mkTree(peon, plot=p_peon_1) t_duke_2 = mkTree(duke, plot=p_duke_2) p_roi_3 = mkPlot(leroi) t_roi_3 = mkTree(leroi, plot=p_roi_3) plots = [p_peon_0, p_peon_1, p_duke_2, p_roi_3] trees = [t_duke_0, t_peon_1, t_duke_2, t_roi_3] users = [ghost, peon, duke, leroi] def mkd(e, d): return { "can_delete": d, "can_edit": e } def mkdp(pe, pd, te=None, td=None): d = { "plot": mkd(pe,pd) } if td != None and te != None: d["tree"] = mkd(te, td) return d ################################# # A None or Anonymous user can't # do anything for p in plots: self.assertEqual(mkd(False,False), plot_or_tree_permissions(p, ghost)) self.assertEqual(mkdp(False,False,False,False), plot_permissions(p, ghost)) self.assertEqual(mkd(False,False), plot_or_tree_permissions(p, None)) self.assertEqual(mkdp(False,False,False,False), plot_permissions(p, None)) for t in trees: self.assertEqual(mkd(False,False), plot_or_tree_permissions(t, ghost)) self.assertEqual(mkd(False,False), plot_or_tree_permissions(t, None)) ################################# # A user can always delete or edit their own trees and plots # self.assertEqual(mkd(True,True), plot_or_tree_permissions(p_peon_0, peon)) self.assertEqual(mkd(True,True), plot_or_tree_permissions(p_peon_1, peon)) self.assertEqual(mkd(True,True), plot_or_tree_permissions(p_duke_2, duke)) self.assertEqual(mkd(True,True), plot_or_tree_permissions(t_duke_0, duke)) self.assertEqual(mkd(True,True), plot_or_tree_permissions(t_peon_1, peon)) self.assertEqual(mkd(True,True), plot_or_tree_permissions(t_duke_2, duke)) self.assertEqual(mkd(True,True), plot_or_tree_permissions(p_roi_3, leroi)) self.assertEqual(mkd(True,True), plot_or_tree_permissions(t_roi_3, leroi)) ################################# # An admin user can always do anything # for p in plots: self.assertEqual(mkd(True,True), plot_or_tree_permissions(p, leroi)) self.assertEqual(mkdp(True,True,True,True), plot_permissions(p, leroi)) for t in trees: self.assertEqual(mkd(True,True), plot_or_tree_permissions(t, leroi)) ################################# # A user can edit other trees but can't delete # self.assertEqual(mkdp(True,False,True,False), plot_permissions(p_roi_3, duke)) ################################# # No one can edit readonly trees # for p in plots: p.readonly = True p.save() for t in trees: t.readonly = True t.save() for p in plots: for u in users: self.assertEqual(mkd(False,False), plot_or_tree_permissions(p, u)) self.assertEqual(mkdp(False,False,False,False), plot_permissions(p, u)) for t in trees: for u in users: self.assertEqual(mkd(False,False), plot_or_tree_permissions(t, u))
def intake(request,app_id): """ Convert an application into a set of records in the iTaco db for new student, family and parents. Also sends welcome message. """ app = get_object_or_404(Application, pk=app_id) # Get current school year and Membership chairs for use in welcome email cur_year = SchoolYear.objects.get(current=True) chairs = BoardPosition.objects.get(title='Membership').profile_set.all() # Make sure we don't try to perform intake for a student/family/parents twice! if app.intake_complete == '1' : messages.error(request, "Intake has already occurred for this student. Did not re-intake.") return HttpResponseRedirect(reverse('process_apps')) if request.POST: # Create related student, family, and parent records # Applications may have been submitted by existing families or by new families # so first get a family object depending on that. if app.family: family = app.family else: family = Family() family.famname = "%s, %s & %s, %s" % (app.par1_lname,app.par1_fname,app.par2_lname,app.par2_fname,) family.save() messages.success(request, "New iTaco family created. Review generated family and check name, financial aid, or other details.") # Since this is a new family, create User objects and related profile records # The duplication of code here is stupid - we repeat the next 20 lines to handle both parents. # Is there a better way? Not a huge deal, just not very DRY. # First run-through for Parent 1. If you modify any of this, do the same for the Parent 2 block below. user = User() user.first_name = app.par1_fname user.last_name = app.par1_lname user.username = "******" % (slugify(app.par1_fname),slugify(app.par1_lname)) user.email = app.par1_email user.set_password(User.objects.make_random_password(length=8)) user.active = True try: user.save() messages.success(request, "New iTaco user created and set to active: %s" % user.username) # We now have a new User object. Attach a new Profile to them. profile = Profile.objects.create(user=user) profile.family = family profile.address1 = app.par1_address1 profile.address2 = app.par1_address2 profile.city = app.par1_city profile.state = app.par1_state profile.zip = app.par1_zip profile.phone_home = app.par1_phone_home profile.phone_work = app.par1_phone_work profile.phone_mobile = app.par1_phone_mobile profile.save() except: # User creation could fail in the unlikely event that another user sam_jones already exists in the system messages.error(request, "Failed creating iTaco user %s. Please contact the webmaster." % user.username) # Second run-through for parent 2. Only do this if a 2nd parent exists to avoid creating empty parent objects # We'll assume that the existence of a first name for parent2 means we have that parent object if app.par2_fname: user = User() user.first_name = app.par2_fname user.last_name = app.par2_lname user.username = "******" % (slugify(app.par2_fname),slugify(app.par2_lname)) user.email = app.par2_email user.set_password(User.objects.make_random_password(length=8)) user.active = True try: user.save() messages.success(request, "New iTaco user created and set to active: %s" % user.username) # We now have a new User object. Attach a new Profile to them. profile = Profile.objects.create(user=user) profile.family = family profile.address1 = app.par2_address1 profile.address2 = app.par2_address2 profile.city = app.par2_city profile.state = app.par2_state profile.zip = app.par2_zip profile.phone_home = app.par2_phone_home profile.phone_work = app.par2_phone_work profile.phone_mobile = app.par2_phone_mobile profile.save() except: # User creation could fail in the unlikely event that another user sam_jones already exists in the system messages.error(request, "Failed creating iTaco user %s. Please contact the webmaster." % user.username) # Whether this is a new or old family, need to generate this Student object student = Student() student.first_name = app.child_first student.last_name = app.child_last student.family = family student.birthdate = app.birthdate student.enrolled = True student.expected_grad_yr = SchoolYear.objects.get(grad_class=app.grade) student.save() # Now that we have a student ID, we can create an upload folder for their avatar # based on it, and shunt their avatar into it. Need to both move the file on disk # AND update the student record field with a corrected upload path if app.avatar: oldpath = os.path.join(settings.MEDIA_ROOT,str(app.avatar)) newdir = os.path.join(settings.MEDIA_ROOT,'uploads','student_avatars',str(student.id)) # Don't crash if source media avatar is missing for some reason try: os.makedirs(newdir) shutil.copy(oldpath,newdir) except: pass # Now update the student record with new avatar filename = os.path.basename(oldpath) student.avatar = os.path.join('uploads', 'student_avatars', str(student.id), str(filename)) student.save() messages.success(request, "Profile image for student copied into student record.") # Send welcome message to parents. # We know we'll have an email for the first. # Also send to the second if we have it. recipients = [app.par1_email, ] if app.par2_email: recipients.append(app.par2_email) email_subject = 'Welcome to iTaco, the Crestmont intranet' email_body_txt = request.POST['letter_body'] msg = EmailMessage(email_subject, email_body_txt, "Crestmont Membership <*****@*****.**>", recipients) if msg.send(fail_silently=False): messages.success(request, "Welcome letter sent to %s" % recipients) app.sent_offer_letter = True app.save() else: messages.error(request, "Something went wrong. Offer letter NOT sent.") # Update the intake_complete field so we don't accidentally intake this app again app.intake_complete = 1 app.save() messages.success(request, "New student record created. Please review the student entry in admin.") return HttpResponseRedirect(reverse('process_apps')) else: # Display app intake warning page to admins return render_to_response('apply/intake.html', locals(), context_instance=RequestContext(request), )