def delete(self):
user = self.user
# Predefined users can not be deleted
if user.id in (settings.ADMIN_USER, settings.SYSTEM_USER, self.request.user.id):
raise PermissionDenied
relations = user.get_relations()
if relations:
message = {
'detail': _('Cannot delete user, because he has relations to some objects.'),
'relations': relations
}
return FailureTaskResponse(self.request, message, obj=user, dc_bound=False)
dd = {'email': user.email, 'date_joined': user.date_joined}
was_staff = user.is_staff
old_roles = list(user.roles.all())
ser = self.serializer(self.request, user)
ser.object.delete()
res = SuccessTaskResponse(self.request, None, obj=user, msg=LOG_USER_DELETE, detail_dict=dd, dc_bound=False)
# User was removed, which may affect the cached list of DC admins for DCs which are attached to user's groups
# So we need to clear the list of admins cached for each affected DC
affected_dcs = Dc.objects.distinct().filter(roles__in=old_roles, roles__permissions__id=AdminPermission.id)
for dc in affected_dcs:
User.clear_dc_admin_ids(dc)
if was_staff:
User.clear_super_admin_ids()
return res
def user_modify(self, update=False, serializer=None):
affected_groups = ()
if not serializer:
serializer = self.serializer
user = self.user
ser = serializer(self.request, user, data=self.data, partial=update)
if not ser.is_valid():
return FailureTaskResponse(self.request,
ser.errors,
obj=user,
dc_bound=False)
ser.save()
if update:
msg = LOG_USER_UPDATE
status = HTTP_200_OK
else:
msg = LOG_USER_CREATE
status = HTTP_201_CREATED
res = SuccessTaskResponse(self.request,
ser.data,
status=status,
obj=user,
msg=msg,
owner=ser.object,
detail_dict=ser.detail_dict(),
dc_bound=False)
if serializer == UserSerializer:
# User's is_staff attribute was changed -> Clear the cached list of super admins
if ser.is_staff_changed:
User.clear_super_admin_ids()
# User's groups were changed, which may affect the cached list of DC admins for DCs which are attached
# to these groups. So we need to clear the list of admins cached for each affected DC
# noinspection PyProtectedMember
if user._roles_to_save is not None:
# noinspection PyProtectedMember
affected_groups = set(user._roles_to_save)
affected_groups.update(ser.old_roles)
affected_dcs = Dc.objects.distinct().filter(
roles__in=affected_groups,
roles__permissions__id=AdminPermission.id)
for dc in affected_dcs:
User.clear_dc_admin_ids(dc)
# User was removed from some groups and may loose access to DCs which are attached to this group
# So we better set his current_dc to default_dc
if ser.old_roles and not user.is_staff:
user.reset_current_dc()
connection.on_commit(lambda: user_relationship_changed.send(
user_name=ser.object.username,
affected_groups=tuple(group.id for group in affected_groups)))
return res