def submit(request, *args):
'''This adds a new user into ldap with no groups
'''
detailsDict = getDetailsFromRequest(request)
email = detailsDict['email']
user_exists = User.objects.filter(email=email).exists()
if not user_exists:
#saveMadasUser will add the user if they do not exist already.
user_exists = saveMadasUser(AnonymousUser(), email,
detailsDict['details'],
detailsDict['status'],
detailsDict['password'])
if not user_exists:
logger.warning("Could not add new user %s" % email)
else:
logger.warning("User %s already existed, skipping registration" %
email)
if user_exists:
sendRegistrationToAdminEmail(request, email,
settings.REGISTRATION_TO_EMAIL)
return jsonResponse()
def populateResetPasswordForm(request, *args):
u = request.user
data = {}
urlstate = getCurrentURLState(request, andClear=True)
data['email'] = urlstate.resetPasswordEmail
data['validationKey'] = urlstate.resetPasswordValidationKey
return jsonResponse(items=[data])
def deleted_user_search(request, *args):
'''This corresponds to Madas Dashboard->Admin->Deleted User Search
Accessible by Administrators, Node Reps
'''
currentuser = getCurrentUser(request)
newlist = _filter_users([MADAS_DELETED_GROUP], currentuser)
return jsonResponse(items=newlist)
def admin_requests(request, *args):
'''This corresponds to Madas Dashboard->Admin->Active Requests
Accessible by Administrators, Node Reps
'''
currentuser = getCurrentUser(request)
newlist = _filter_users([MADAS_PENDING_GROUP], currentuser)
return jsonResponse(items=newlist)
def processForgotPassword(request, *args):
'''
handles the submission of the 'forgot password' form
regardless of success it should return success, to obfsucate user existence
sets a validaton key in the user's ldap entry which is used to validate the user when they click the link in email
'''
emailaddress = request.REQUEST['email'].strip()
user = User.objects.get(email=emailaddress)
u = user.to_dict()
m = md5.new()
m.update('madas' + str(time.time()) + 'resetPasswordToken123')
vk = m.hexdigest()
u['passwordResetKey'] = vk
#remove groups info
try:
del u['groups']
except:
pass
logger.debug( '\tUpdating user record with verification key')
user.update_user(None, None, u)
logger.debug('\tDone updating user with verification key')
#Email the user
sendForgotPasswordEmail(request, emailaddress, vk)
m = simplejson.JSONEncoder()
p = {}
p['message'] = "An email has been sent to %s. Please follow the instructions in that email to continue" % (emailaddress)
return jsonResponse(params=p, mainContentFunction='message')
def node_save(request, *args):
'''This is called when saving node details in the Node Management.
Madas Dashboard->Admin->Node Management
Accessible by Administrators, Node Reps
'''
logger.debug('*** node_save : enter ***')
oldname = str(request.REQUEST.get('originalName', ''))
newname = str(request.REQUEST.get('name', ''))
returnval = False
if oldname != newname and newname != '':
if oldname == '':
if not GroupManager.add_group(newname):
raise Exception("Couldn't add new node: " + newname)
else:
if not GroupManager.rename_group(oldname, newname):
raise Exception("Couldn't rename node %s to %s" %
(oldname, newname))
else:
#make no changes.
logger.warning(
"Node save: oldname was newname, or newname was empty. Aborting")
logger.debug('*** node_save : exit ***')
return jsonResponse(mainContentFunction='admin:nodelist')
def processForgotPassword(request, *args):
'''
handles the submission of the 'forgot password' form
regardless of success it should return success, to obfsucate user existence
sets a validaton key in the user's ldap entry which is used to validate the user when they click the link in email
'''
emailaddress = request.REQUEST['email'].strip()
user = User.objects.get(email=emailaddress)
u = user.to_dict()
m = md5.new()
m.update('madas' + str(time.time()) + 'resetPasswordToken123')
vk = m.hexdigest()
u['passwordResetKey'] = vk
#remove groups info
try:
del u['groups']
except:
pass
logger.debug('\tUpdating user record with verification key')
user.update_user(None, None, u)
logger.debug('\tDone updating user with verification key')
#Email the user
sendForgotPasswordEmail(request, emailaddress, vk)
m = json.JSONEncoder()
p = {}
p['message'] = "An email has been sent to %s. Please follow the instructions in that email to continue" % (
emailaddress)
return jsonResponse(params=p, mainContentFunction='message')
def deleted_user_search(request, *args):
'''This corresponds to Madas Dashboard->Admin->Deleted User Search
Accessible by Administrators, Node Reps
'''
currentuser = getCurrentUser(request)
newlist = _filter_users([MADAS_DELETED_GROUP], currentuser)
return jsonResponse(items=newlist)
def listFormal(request, *args, **kwargs):
'''This corresponds to Madas Dashboard->Quotes->My Formal Quotes
Accessible by Everyone
'''
logger.debug('*** listFormal : enter ***')
uname = request.user.email
nodelist = request.user.Nodes
qid = kwargs.get('qid', request.REQUEST.get('qid', ''))
if qid:
# if qid specified, then list just that quote
logger.debug('filtering fquotes where qid is %s' % (qid))
qq = Q(quoterequestid=qid)
else:
# show all quotes to me or from me
qq = Q(fromemail__iexact=uname) | Q(toemail__iexact=uname)
#if a noderep or admin, and you have a node:
if (request.user.IsAdmin
or request.user.IsNodeRep) and len(nodelist) > 0:
# then also show quotes from this node.
qq = qq | Q(quoterequestid__tonode__in=nodelist)
quotes = Formalquote.objects.filter(qq)
fquoteslist = quotes.values('id', 'quoterequestid', 'details', 'created',
'fromemail', 'toemail', 'status')
logger.debug('*** listFormal : exit ***')
return jsonResponse(items=list(fquoteslist))
def load(request, *args):
'''load quote details'''
logger.debug('*** load : enter ***')
qid = request.REQUEST.get('qid', None)
if qid is None:
qid = request.REQUEST.get('quoterequestid', None)
suc = True
if qid is not None:
qr = _loadQuoteRequest(qid)
#mark as read
quote = Quoterequest.objects.get(id=qid)
quote.unread = False
quote.save()
suc = True
else:
suc = False
qr = []
logger.debug('*** load : exit ***')
if not suc:
return jsonErrorResponse("Couldn't load quote " + qid)
return jsonResponse(data=qr)
def load(request, *args):
'''load quote details'''
logger.debug('*** load : enter ***')
qid = request.REQUEST.get('qid', None)
if qid is None:
qid = request.REQUEST.get('quoterequestid', None)
suc = True
if qid is not None:
qr = _loadQuoteRequest(qid)
#mark as read
quote = Quoterequest.objects.get(id = qid)
quote.unread = False
quote.save()
suc = True
else:
suc = False
qr = []
logger.debug('*** load : exit ***')
if not suc:
return jsonErrorResponse("Couldn't load quote " + qid)
return jsonResponse(data=qr)
def listFormal(request, *args, **kwargs):
'''This corresponds to Madas Dashboard->Quotes->My Formal Quotes
Accessible by Everyone
'''
logger.debug('*** listFormal : enter ***')
uname = request.user.email
nodelist = request.user.Nodes
qid = kwargs.get('qid', request.REQUEST.get('qid', '') )
if qid:
# if qid specified, then list just that quote
logger.debug('filtering fquotes where qid is %s' % (qid) )
qq = Q(quoterequestid=qid)
else:
# show all quotes to me or from me
qq = Q(fromemail__iexact=uname)|Q(toemail__iexact=uname)
#if a noderep or admin, and you have a node:
if (request.user.IsAdmin or request.user.IsNodeRep) and len(nodelist) > 0:
# then also show quotes from this node.
qq = qq | Q(quoterequestid__tonode__in=nodelist)
quotes = Formalquote.objects.filter(qq)
fquoteslist = quotes.values('id', 'quoterequestid', 'details', 'created',
'fromemail', 'toemail', 'status')
logger.debug('*** listFormal : exit ***')
return jsonResponse( items=list(fquoteslist))
def userSave(request, *args):
'''This is called when saving user details - when the user
clicks on the User button in the dashboard and selects 'My Account',
changes some details, and hits 'save'
Accessible by any logged in user
'''
logger.debug('***users/userSave : enter ***')
success = False
currentuser = getCurrentUser(request)
parsedform = getDetailsFromRequest(request)
#With a usersave, you are always editing your own user
parsedform['email'] = currentuser.email
success = saveMadasUser(currentuser, parsedform['email'],
parsedform['details'], parsedform['status'],
parsedform['password'])
#refresh the user in case their details were just changed
currentuser = getCurrentUser(request, force_refresh=True)
if success:
sendAccountModificationEmail(request, parsedform['email'])
else:
logger.error('Error saving user: %s' % (parsedform['email']))
raise Exception('Error saving user.')
logger.debug('***users/userSave : exit ***')
return jsonResponse(mainContentFunction='user:myaccount')
def populateResetPasswordForm(request, *args):
u = request.user
data = {}
urlstate = getCurrentURLState(request, andClear=True)
data['email'] = urlstate.resetPasswordEmail
data['validationKey'] = urlstate.resetPasswordValidationKey
return jsonResponse(items=[data])
def admin_requests(request, *args):
'''This corresponds to Madas Dashboard->Admin->Active Requests
Accessible by Administrators, Node Reps
'''
currentuser = getCurrentUser(request)
newlist = _filter_users([MADAS_PENDING_GROUP], currentuser)
return jsonResponse(items=newlist)
def processResetPassword(request, *args):
email = request.REQUEST.get('email', '')
vk = request.REQUEST.get('validationKey', '')
passw = request.REQUEST.get('password', '')
success = True
if email and vk and passw:
#get existing details
user = User.objects.get(email=email)
userdetails = user_manager.to_dict()
if userdetails.has_key('groups'):
del userdetails['groups'] #remove 'groups' - they don't belong in an update.
if userdetails.has_key('passwordResetKey') and len(userdetails['passwordResetKey']) == 1 and userdetails['passwordResetKey'][0] == vk:
#clear out the pager vk
del userdetails['passwordResetKey']
#update the password
user.update_user(email, passw, userdetails)
sendPasswordChangedEmail(request, email)
else:
logger.warning('\tEither no vk stored in ldap, or key mismatch. uservk was %s, storedvk was %s' % (vk, userdetails.get('pager', None)) )
else:
logger.warning('Process reset password: argument error (all blank)')
success = False
request.session.flush() #if we don't flush here, we are leaving the redirect function the same.
if not success:
raise Exception("Couldn't reset password")
return jsonResponse(mainContentFunction='login')
def org_delete(request):
args = request.REQUEST
org_id = args['id']
rows = Organisation.objects.filter(id=org_id)
rows.delete()
return jsonResponse()
def user_load_profile(request, *args):
'''This is called when loading user details - when the user
clicks on the User button in the dashboard and selects 'My Account'
Accessible by any logged in user
'''
logger.debug('***userload : enter ***')
d = makeJsonFriendly([request.user.get_client_dict()])
logger.debug('***userload : exit ***')
return jsonResponse(data=d)
def org_delete(request):
args = request.REQUEST
org_id = args['id']
rows = Organisation.objects.filter(id=org_id)
rows.delete()
return jsonResponse()
def formalLoad(request, *args, **kwargs):
'''allow loading either by quote id, or formalquoteid'''
logger.debug('***formalLoad : enter ***')
#get qid from quargs, then request, then blank
qid = (kwargs.get('qid', request.REQUEST.get("qid", None)) or "").strip()
fqid = (request.REQUEST.get("fqid", None) or "").strip()
if qid or fqid:
#This part gets us the linked formal quote data
if fqid:
quotes = Formalquote.objects.filter(id=fqid)
else:
quotes = Formalquote.objects.filter(quoterequestid=qid)
retvals = quotes.values('id', 'quoterequestid', 'details', 'created',
'fromemail', 'toemail',
'purchase_order_number')
if len(retvals) > 0:
retvals = retvals[0]
rows = len(retvals)
#get the details of the auth user in the toemail
try:
user = User.objects.get(email=retvals['fromemail'])
except User.DoesNotExist:
pass
else:
retvals['fromname'] = user.get_full_name()
retvals['officePhone'] = user.telephoneNumber
qr = Quoterequest.objects.get(id=retvals['quoterequestid'])
retvals['tonode'] = qr.tonode
retvals['pdf'] = retvals['details']
else:
logger.debug('\tNo formal quotes.')
retvals = {
'quoterequestid': qid,
'toemail': '',
'fromemail': '',
'details': '',
'pdf': '',
'fromname': '',
'officePhone': '',
'tonode': '',
'purchase_order_number': ''
}
rows = 0
else:
logger.warning('\tNo qid or fqid passed')
retvals = {}
logger.warning('***formalLoad : exit ***')
return jsonResponse(data=retvals)
def user_load(request, *args):
'''This is called when an admin user opens up an individual user record
from an admin view e.g. Active User Search
Accessible by Administrators, Node Reps
'''
logger.debug('***admin/user_load : enter ***' )
u = User.objects.get(email=request.REQUEST['email'])
d = u.get_client_dict()
logger.debug('***admin/user_load : exit ***' )
return jsonResponse(data=[d])
def user_load(request, *args):
'''This is called when an admin user opens up an individual user record
from an admin view e.g. Active User Search
Accessible by Administrators, Node Reps
'''
logger.debug('***admin/user_load : enter ***')
u = User.objects.get(email=request.REQUEST['email'])
d = u.get_client_dict()
logger.debug('***admin/user_load : exit ***')
return jsonResponse(data=[d])
def formalLoad(request, *args, **kwargs):
'''allow loading either by quote id, or formalquoteid'''
logger.debug('***formalLoad : enter ***')
#get qid from quargs, then request, then blank
qid = (kwargs.get('qid', request.REQUEST.get("qid", None)) or "").strip()
fqid = (request.REQUEST.get("fqid", None) or "").strip()
if qid or fqid:
#This part gets us the linked formal quote data
if fqid:
quotes = Formalquote.objects.filter(id=fqid)
else:
quotes = Formalquote.objects.filter(quoterequestid=qid)
retvals = quotes.values('id', 'quoterequestid', 'details', 'created',
'fromemail', 'toemail', 'purchase_order_number')
if len(retvals) > 0:
retvals = retvals[0]
rows = len(retvals)
#get the details of the auth user in the toemail
try:
user = User.objects.get(email=retvals['fromemail'])
except User.DoesNotExist:
pass
else:
retvals['fromname'] = user.get_full_name()
retvals['officePhone'] = user.telephoneNumber
qr = Quoterequest.objects.get(id=retvals['quoterequestid'])
retvals['tonode'] = qr.tonode
retvals['pdf'] = retvals['details']
else:
logger.debug('\tNo formal quotes.')
retvals = {
'quoterequestid' : qid,
'toemail' : '',
'fromemail' : '',
'details' : '',
'pdf' : '',
'fromname' : '',
'officePhone' : '',
'tonode' : '',
'purchase_order_number' : ''
}
rows = 0
else:
logger.warning('\tNo qid or fqid passed')
retvals = {}
logger.warning('***formalLoad : exit ***')
return jsonResponse(data=retvals)
def listQuotesRequiringAttention(request):
'''Used by dashboard to list the quotes that aren't Completed and don't have
a formal quote yet.'''
qs = Quoterequest.objects.filter(completed=False, formalquote__isnull=True)
#If they are a noderep (only), we filter the qs by node
if request.user.IsNodeRep and not request.user.IsAdmin:
qs = qs.filter(tonode__in=request.user.Nodes)
return jsonResponse(items=_make_quote_list(qs))
def listQuotesRequiringAttention(request):
'''Used by dashboard to list the quotes that aren't Completed and don't have
a formal quote yet.'''
qs = Quoterequest.objects.filter(completed=False, formalquote__isnull=True)
#If they are a noderep (only), we filter the qs by node
if request.user.IsNodeRep and not request.user.IsAdmin:
qs = qs.filter(tonode__in=request.user.Nodes)
return jsonResponse(items=_make_quote_list(qs))
def user_search(request, *args):
'''This corresponds to Madas Dashboard->Admin->Active User Search
Accessible by Administrators, Node Reps
'''
currentuser = getCurrentUser(request)
newlist = _filter_users([MADAS_USER_GROUP], currentuser)
#for each user in newlist, set the client flag if applicable.
#This is potentially pretty inefficient, because we are loading every user.
for user_n in newlist:
u = getMadasUser(user_n['email'])
user_n['isClient'] = u.IsClient
return jsonResponse(items=newlist)
def user_search(request, *args):
'''This corresponds to Madas Dashboard->Admin->Active User Search
Accessible by Administrators, Node Reps
'''
currentuser = getCurrentUser(request)
newlist = _filter_users([MADAS_USER_GROUP], currentuser)
#for each user in newlist, set the client flag if applicable.
#This is potentially pretty inefficient, because we are loading every user.
for user_n in newlist:
u = getMadasUser(user_n['email'])
user_n['isClient'] = u.IsClient
return jsonResponse(items=newlist)
def listAll(request, *args):
'''This corresponds to Madas Dashboard->Quotes->Overview List
Accessible by Administrators, Node Reps
'''
logger.debug('*** quote/listAll - enter ***')
resultsset = _make_quote_list(Quoterequest.objects.all())
logger.debug('\tfinished generating quoteslist')
logger.debug('*** quote/listAll - exit ***')
return jsonResponse(items=resultsset)
def listAll(request, *args):
'''This corresponds to Madas Dashboard->Quotes->Overview List
Accessible by Administrators, Node Reps
'''
logger.debug( '*** quote/listAll - enter ***' )
resultsset = _make_quote_list(Quoterequest.objects.all())
logger.debug('\tfinished generating quoteslist')
logger.debug('*** quote/listAll - exit ***')
return jsonResponse( items=resultsset)
def org_save(request):
org_id = request.REQUEST.get('id', None)
if org_id is not None and org_id != '':
if org_id == '0':
org = Organisation()
else:
org = Organisation.objects.get(id=org_id)
org.name = request.REQUEST.get('name', 'No Name')
org.abn = request.REQUEST.get('abn', 'No ABN')
org.save()
return jsonResponse()
def history(request, *args):
logger.debug('***quote/history : enter***')
qid = request.REQUEST.get('qid', None)
logger.debug('\tHistory: qid was %s' % (str(qid)))
if qid is not None:
qh = Quotehistory.objects.filter(quoteid=qid).values()
else:
qh = []
qh = list(qh)
#ensure we have a sorted list by date. Most likely this wont change the list order
#anyway, because they were probably retrieved in order.
qh.sort(lambda x, y: cmp(x['changetimestamp'], y['changetimestamp']))
qh.reverse()
logger.debug('***quote/history : exit***')
return jsonResponse(data=qh)
def org_save(request):
org_id = request.REQUEST.get('id', None)
if org_id is not None and org_id != '':
if org_id == '0':
org = Organisation()
else:
org = Organisation.objects.get(id=org_id)
org.name = request.REQUEST.get('name', 'No Name')
org.abn = request.REQUEST.get('abn', 'No ABN')
org.save()
return jsonResponse()
def history(request, *args):
logger.debug('***quote/history : enter***')
qid = request.REQUEST.get('qid', None)
logger.debug('\tHistory: qid was %s' % (str(qid)))
if qid is not None:
qh = Quotehistory.objects.filter(quoteid = qid).values()
else:
qh = []
qh = list(qh)
#ensure we have a sorted list by date. Most likely this wont change the list order
#anyway, because they were probably retrieved in order.
qh.sort(lambda x,y: cmp(x['changetimestamp'],y['changetimestamp']))
qh.reverse()
logger.debug('***quote/history : exit***')
return jsonResponse( data = qh )
def node_delete(request, *args):
'''This is called when saving node details in the Node Management.
Madas Dashboard->Admin->Node Management
Accessible by Administrators, Node Reps
'''
logger.debug('*** node_delete : enter ***')
#We must make sure 'Administrator' and 'User' groups cannot be deleted.
delname = str(request.REQUEST.get('name', ''))
ldelname = delname.lower()
if ldelname == 'administrators' or ldelname == 'users':
#Don't delete these sorts of groups.
pass
else:
ret = GroupManager.delete_group(delname)
logger.debug('*** node_delete : enter ***')
return jsonResponse(mainContentFunction='admin:nodelist')
def node_delete(request, *args):
'''This is called when saving node details in the Node Management.
Madas Dashboard->Admin->Node Management
Accessible by Administrators, Node Reps
'''
logger.debug('*** node_delete : enter ***')
#We must make sure 'Administrator' and 'User' groups cannot be deleted.
delname = str(request.REQUEST.get('name', ''))
ldelname = delname.lower()
if ldelname == 'administrators' or ldelname == 'users':
#Don't delete these sorts of groups.
pass
else:
ret = GroupManager.delete_group(delname)
logger.debug( '*** node_delete : enter ***' )
return jsonResponse(mainContentFunction='admin:nodelist')
def listQuotes(request, *args):
'''This corresponds to Madas Dashboard->Quotes->View Quote Requests
Accessible by Administrators, Node Reps and Clients but it filters down to just Client's quote requests if it is a Client
'''
# Show own quotes
qq = Q(emailaddressid__emailaddress=request.user.email)
if request.user.IsNodeRep:
#retrieve quotes for the first node in the list (there shouldnt be more than 1)
qq = qq | Q(tonode__in=request.user.Nodes)
#If they are an admin, ALSO show quotes which don't yet have a node
if request.user.IsAdmin:
qq = qq | Q(tonode='')
# do query and convert to a normal list
quotes = Quoterequest.objects.filter(qq)
resultsset = _make_quote_list(quotes)
return jsonResponse(items=resultsset)
def listQuotes(request, *args):
'''This corresponds to Madas Dashboard->Quotes->View Quote Requests
Accessible by Administrators, Node Reps and Clients but it filters down to just Client's quote requests if it is a Client
'''
# Show own quotes
qq = Q(emailaddressid__emailaddress=request.user.email)
if request.user.IsNodeRep:
#retrieve quotes for the first node in the list (there shouldnt be more than 1)
qq = qq | Q(tonode__in=request.user.Nodes)
#If they are an admin, ALSO show quotes which don't yet have a node
if request.user.IsAdmin:
qq = qq | Q(tonode='')
# do query and convert to a normal list
quotes = Quoterequest.objects.filter(qq)
resultsset = _make_quote_list(quotes)
return jsonResponse(items=resultsset)
def submit(request, *args):
'''This adds a new user into ldap with no groups
'''
detailsDict = getDetailsFromRequest(request)
email = detailsDict['email']
user_exists = User.objects.filter(email=email).exists()
if not user_exists:
#saveMadasUser will add the user if they do not exist already.
user_exists = saveMadasUser(AnonymousUser(), email, detailsDict['details'],
detailsDict['status'], detailsDict['password'])
if not user_exists:
logger.warning("Could not add new user %s" % email)
else:
logger.warning("User %s already existed, skipping registration" % email)
if user_exists:
sendRegistrationToAdminEmail(request, email, settings.REGISTRATION_TO_EMAIL)
return jsonResponse()
def node_save(request, *args):
'''This is called when saving node details in the Node Management.
Madas Dashboard->Admin->Node Management
Accessible by Administrators, Node Reps
'''
logger.debug('*** node_save : enter ***')
oldname = str(request.REQUEST.get('originalName', ''))
newname = str(request.REQUEST.get('name', ''))
returnval = False
if oldname!=newname and newname !='':
if oldname == '':
if not GroupManager.add_group(newname):
raise Exception("Couldn't add new node: " + newname)
else:
if not GroupManager.rename_group(oldname, newname):
raise Exception("Couldn't rename node %s to %s" % (oldname, newname))
else:
#make no changes.
logger.warning("Node save: oldname was newname, or newname was empty. Aborting")
logger.debug( '*** node_save : exit ***' )
return jsonResponse(mainContentFunction='admin:nodelist')
def listAllNodes(request, *args):
'''
This view lists all nodes in the system
These are the groups left over when the
status and administrative groups are removed
The format for the return is a list of dicts,
each entry having a 'name' and a 'submitvalue'
Note: this is for use in a dropdown which expects
an additional option "Don't Know" which has the value ''.
If request.REQUEST has 'ignoreNone', we do not do this.
""
'''
ldapgroups = GroupManager.list_groups()
groups = []
if not request.REQUEST.has_key('ignoreNone'):
groups.append({'name': 'Don\'t Know', 'submitValue': ''})
for groupname in ldapgroups:
#Cull out the admin groups and the status groups
if groupname not in MADAS_STATUS_GROUPS and groupname not in MADAS_ADMIN_GROUPS:
groups.append({'name': groupname, 'submitValue': groupname})
return jsonResponse(items=groups)
def processResetPassword(request, *args):
email = request.REQUEST.get('email', '')
vk = request.REQUEST.get('validationKey', '')
passw = request.REQUEST.get('password', '')
success = True
if email and vk and passw:
#get existing details
user = User.objects.get(email=email)
userdetails = user_manager.to_dict()
if userdetails.has_key('groups'):
del userdetails[
'groups'] #remove 'groups' - they don't belong in an update.
if userdetails.has_key('passwordResetKey') and len(
userdetails['passwordResetKey']
) == 1 and userdetails['passwordResetKey'][0] == vk:
#clear out the pager vk
del userdetails['passwordResetKey']
#update the password
user.update_user(email, passw, userdetails)
sendPasswordChangedEmail(request, email)
else:
logger.warning(
'\tEither no vk stored in ldap, or key mismatch. uservk was %s, storedvk was %s'
% (vk, userdetails.get('pager', None)))
else:
logger.warning('Process reset password: argument error (all blank)')
success = False
request.session.flush(
) #if we don't flush here, we are leaving the redirect function the same.
if not success:
raise Exception("Couldn't reset password")
return jsonResponse(mainContentFunction='login')
def unauthenticated(request, *args):
return jsonResponse()
def index(request, *args):
return jsonResponse()
logger.debug('Argument to _findAdminOrNodeRepEmailTarget is: %s' %
(str(toNode)))
if toNode == '': #if the node was 'Dont Know'
searchgroups = MADAS_ADMIN_GROUP
else:
searchgroups = toNode
targetUsers = _findAdminOrNodeRepEmailTarget(groupname=searchgroups)
for targetUser in targetUsers:
sendQuoteRequestToAdminEmail(
request, qr.id, firstname, lastname, targetUser['uid'][0]
) #toemail should be a string, but ldap returns are all lists
except Exception, e:
logger.exception('Error sending mail in SendRequest: %s' % (str(e)))
logger.debug('*** quote:sendRequest: exit ***')
return jsonResponse(mainContentFunction='quote:request')
@admins_or_nodereps
def listQuotesRequiringAttention(request):
'''Used by dashboard to list the quotes that aren't Completed and don't have
a formal quote yet.'''
qs = Quoterequest.objects.filter(completed=False, formalquote__isnull=True)
#If they are a noderep (only), we filter the qs by node
if request.user.IsNodeRep and not request.user.IsAdmin:
qs = qs.filter(tonode__in=request.user.Nodes)
return jsonResponse(items=_make_quote_list(qs))
try:
sendQuoteRequestConfirmationEmail(request, qr.id, email)
#email the administrator(s) for the node
logger.debug('Argument to _findAdminOrNodeRepEmailTarget is: %s' % (str(toNode)) )
if toNode == '': #if the node was 'Dont Know'
searchgroups = MADAS_ADMIN_GROUP
else:
searchgroups = toNode
targetUsers = _findAdminOrNodeRepEmailTarget(groupname = searchgroups)
for targetUser in targetUsers:
sendQuoteRequestToAdminEmail(request, qr.id, firstname, lastname, targetUser['uid'][0]) #toemail should be a string, but ldap returns are all lists
except Exception, e:
logger.exception('Error sending mail in SendRequest: %s' % ( str(e) ) )
logger.debug( '*** quote:sendRequest: exit ***' )
return jsonResponse( mainContentFunction='quote:request')
@admins_or_nodereps
def listQuotesRequiringAttention(request):
'''Used by dashboard to list the quotes that aren't Completed and don't have
a formal quote yet.'''
qs = Quoterequest.objects.filter(completed=False, formalquote__isnull=True)
#If they are a noderep (only), we filter the qs by node
if request.user.IsNodeRep and not request.user.IsAdmin:
qs = qs.filter(tonode__in=request.user.Nodes)
return jsonResponse(items=_make_quote_list(qs))
def unauthorized(request, *args):
authorized = False
mainContentFunction = 'notauthorized'
#TODO now go to 'pager' with action 'index'
return jsonResponse(mainContentFunction=mainContentFunction)
org = Organisation.objects.get(id=orgid)
except ValueError:
org = None
except Organisation.DoesNotExist:
org = None
if org:
uo = UserOrganisation(user=targetUser, organisation=org)
uo.save()
logger.debug('added user to org')
except Exception, e:
logger.warning('FATAL error adding or removing user from organisation: %s' % (str(e)))
logger.debug('***admin/user_save : exit ***' )
return jsonResponse(mainContentFunction=nextview)
@admins_or_nodereps
def node_save(request, *args):
'''This is called when saving node details in the Node Management.
Madas Dashboard->Admin->Node Management
Accessible by Administrators, Node Reps
'''
logger.debug('*** node_save : enter ***')
oldname = str(request.REQUEST.get('originalName', ''))
newname = str(request.REQUEST.get('name', ''))
returnval = False
if oldname!=newname and newname !='':
if oldname == '':
if not GroupManager.add_group(newname):
def unauthenticated(request, *args):
return jsonResponse()
def unauthorized(request, *args):
authorized = False
mainContentFunction = 'notauthorized'
#TODO now go to 'pager' with action 'index'
return jsonResponse(mainContentFunction=mainContentFunction)
def index(request, *args):
return jsonResponse()
org = None
except Organisation.DoesNotExist:
org = None
if org:
uo = UserOrganisation(user=targetUser, organisation=org)
uo.save()
logger.debug('added user to org')
except Exception, e:
logger.warning(
'FATAL error adding or removing user from organisation: %s' %
(str(e)))
logger.debug('***admin/user_save : exit ***')
return jsonResponse(mainContentFunction=nextview)
@admins_or_nodereps
def node_save(request, *args):
'''This is called when saving node details in the Node Management.
Madas Dashboard->Admin->Node Management
Accessible by Administrators, Node Reps
'''
logger.debug('*** node_save : enter ***')
oldname = str(request.REQUEST.get('originalName', ''))
newname = str(request.REQUEST.get('name', ''))
returnval = False
if oldname != newname and newname != '':
if oldname == '':