Пример #1
0
def add_relations_view(request):
    """Used to add a new relation.

    If submitting a request to add a relation, request.POST will contain the following keys:
        email = Email address of the reciever
        share_savemeplan = 1 if savemeplan should be shared, else 0
        share_check = 1 if check should be shared, else 0
        share_prepare = 1 if prepare should be shared, else 0
        share_media = 1 if media should be shared, else 0
    """
    if 'UserId' not in request.session.keys():  # Check if user is logged in
        return HttpResponseRedirect(reverse('login:Login'))
    elif request.session["Role"] != "User":
        return HttpResponseRedirect(reverse('userprofile:Profile'))

    delete_temp_files(request.session)

    profile_lang = get_lang(sections=["userprofile"])

    alerts = dict()
    if request.method == 'POST':
        if login.models.User.objects.filter(
                Email=request.POST['email'].lower()):
            recieverEmail = request.POST['email'].lower()
        else:
            alerts['email'] = 'email_does_not_exist'

        if not alerts:
            try:
                user = login.models.User.objects.filter(
                    UserId=request.session['UserId'])[0]
            except IndexError:
                return HttpResponseRedirect(reverse('login:Login'))
            permissions = '1'
            permissions += '1' if 'share_savemeplan' in request.POST else '0'
            permissions += '1' if 'share_check' in request.POST else '0'
            permissions += '1' if 'share_prepare' in request.POST else '0'
            permissions += '1' if 'share_media' in request.POST else '0'
            new_entry("r1",
                      user.getAnonId(request.session['PrivKey']),
                      "professional: " + permissions,
                      role=request.session['Role'])

            if not userprofile.tools.create_relation(
                    user.getUid(), request.session['PrivKey'], recieverEmail,
                    permissions):
                return HttpResponseRedirect(reverse('userprofile:Relations'))
            else:
                alerts['database'] = 'database_error'

    args = {
        'menu_titles': UNIVERSAL_LANG["universal"]["titles"],
        'back': UNIVERSAL_LANG["universal"]["back"],
        'relations': profile_lang["userprofile"]["relations"],
        'form': profile_lang["userprofile"]["relations"]["form"],
        'alerts': alerts,
        "alert": profile_lang["userprofile"]["long_texts"]["alerts"],
        "warning": UNIVERSAL_LANG["universal"]["warning"]
    }
    return render(request, 'userprofile/addrelations.html', args)
Пример #2
0
def relations_view(request):
    """Displays all of a users relations (who the user is sharing data with)
    """

    if not 'UserId' in request.session.keys():
        return HttpResponseRedirect(reverse('login:Login'))
    elif request.session["Role"] != "User":
        return HttpResponseRedirect(reverse('userprofile:Profile'))
    if request.session["Role"] != "User":
        return HttpResponseRedirect(reverse('userprofile:Profile'))

    delete_temp_files(request.session)
    users = userprofile.tools.show_all_relations_to(request.session['UserId'],
                                                    request.session['PrivKey'])
    profile_lang = get_lang(sections=["userprofile"])
    template = "base.html"
    args = {
        'menu_titles': UNIVERSAL_LANG["universal"]["titles"],
        'back': UNIVERSAL_LANG["universal"]["back"],
        'relations': profile_lang["userprofile"]["relations"],
        'template': template,
        'users': users
    }

    return render(request, 'userprofile/relations.html', args)
Пример #3
0
def profile_view(request):
    """Main profile view for a user. Used by users and professionals.
    """
    if 'UserId' not in request.session.keys():  # Check if user is logged in
        return HttpResponseRedirect(reverse('login:Login'))

    delete_temp_files(request.session)
    try:
        user = login.models.User.objects.filter(
            UserId=request.session['UserId'])[0]
    except IndexError:
        return HttpResponseRedirect(reverse('login:Login'))

    if request.method == 'GET':  # Used for logout. logout is in GET keys with a value of 1.
        if 'logout' in request.GET.keys():
            new_entry("u2",
                      user.getAnonId(request.session['PrivKey']),
                      "na",
                      role=request.session['Role'])
            request.session.flush()
            return HttpResponseRedirect(reverse('login:Login'))

    profile_lang = get_lang(sections=["userprofile"])
    login_lang = get_lang(sections=["login"])
    new_entry("g1",
              user.getAnonId(request.session['PrivKey']),
              "prof",
              role=request.session['Role'])
    first_name = user.getFirstName(request.session['PrivKey'])
    last_name = user.getLastName(request.session['PrivKey'])

    global_alerts = []  # The variable which is sent to template

    if "global_alerts" in request.session.keys(
    ):  # Check if global_elerts is in session allready.
        global_alerts = request.session[
            "global_alerts"]  # Retrive global alerts.
        request.session["global_alerts"] = []  # Reset

    template = "base_professionals.html" if request.session[
        "Role"] == "Professional" else "base.html"
    profView = True if request.session["Role"] == "Professional" else False

    args = {
        'menu_titles': UNIVERSAL_LANG["universal"]["titles"],
        'global_alerts': global_alerts,
        'form': login_lang["login"]["form"],
        'userprofile': profile_lang["userprofile"],
        'profile': profile_lang["userprofile"]["long_texts"],
        'first_name': first_name,
        'last_name': last_name,
        'template': template,
        'profView': profView
    }

    return render(request, 'userprofile/profile.html', args)
Пример #4
0
def research_data_view(request):
    """Used to display all research data that has been collected on a user.

    request.GET is used for deletion of a relation.
    """

    if 'UserId' not in request.session.keys():  # Check if user is logged in
        return HttpResponseRedirect(reverse('login:Login'))

    delete_temp_files(request.session)
    profile_lang = get_lang(sections=["userprofile"])

    template = "base_professionals.html" if request.session[
        "Role"] == "Professional" else "base.html"

    if request.GET:
        print(request.GET)
        if 'cleared' in request.GET.keys():
            print(request.GET['cleared'])
            if request.GET['cleared'] == 'true':
                try:
                    user = login.models.User.objects.filter(
                        UserId=request.session['UserId'])[0]
                except IndexError:
                    return HttpResponseRedirect(reverse('login:Login'))
                forget_me(user.getAnonId(request.session['PrivKey']))

    user = login.models.User.objects.filter(
        UserId=request.session["UserId"])[0]
    text = gdpr_csv(user.getAnonId(request.session['PrivKey']))

    args = {
        'menu_titles': UNIVERSAL_LANG["universal"]["titles"],
        'back': UNIVERSAL_LANG["universal"]["back"],
        'userprofile': profile_lang["userprofile"],
        'template': template,
        'text': text
    }

    return render(request, 'userprofile/researchdata.html', args)
Пример #5
0
def gdpr_view(request):
    """Used to display options regarding handling of user data and research data.
    """

    if 'UserId' not in request.session.keys():  # Check if user is logged in
        return HttpResponseRedirect(reverse('login:Login'))

    delete_temp_files(request.session)
    profile_lang = get_lang(sections=["userprofile"])
    login_lang = get_lang(sections=["login"])

    template = "base_professionals.html" if request.session[
        "Role"] == "Professional" else "base.html"

    args = {
        'menu_titles': UNIVERSAL_LANG["universal"]["titles"],
        'back': UNIVERSAL_LANG["universal"]["back"],
        'userprofile': profile_lang["userprofile"],
        'form': login_lang["login"]["form"],
        'template': template
    }

    return render(request, 'userprofile/gdpr.html', args)
Пример #6
0
def backup_key_view(request):
    """Used to display a users private key used to restore the account and reset the password in case the password is forgotten.
    Requires a correct password in request.POST
    """

    if not 'UserId' in request.session.keys():
        return HttpResponseRedirect(reverse('login:Login'))

    delete_temp_files(request.session)

    profile_lang = get_lang(sections=["userprofile"])
    template = "base_professionals.html" if request.session[
        "Role"] == "Professional" else "base.html"
    privkey = ''

    if request.method == 'POST':
        if userprofile.tools.check_password(request.session['UserId'],
                                            request.session['PrivKey'],
                                            request.POST['password']):
            privkey = request.session['PrivKey']
        else:
            privkey = profile_lang["userprofile"]["long_texts"]["wrongpass"]

    elif "seen_backup" in request.session:
        if not request.session["seen_backup"]:
            request.session["seen_backup"] = 1
            privkey = request.session['PrivKey']

    args = {
        'menu_titles': UNIVERSAL_LANG["universal"]["titles"],
        'back': UNIVERSAL_LANG["universal"]["back"],
        'backup': profile_lang["userprofile"]["long_texts"]["backupkey"],
        'template': template,
        'PrivKey': privkey
    }

    return render(request, 'userprofile/backupkey.html', args)
Пример #7
0
def edit_profile_view(request):
    """Used to edit user data.
    If submitting a change request.POST will contain the following keys:
        first_name - Users first name
        last_name - Users last name
        gender - Gender of the user. Is one of the following
            Male
            Female
            Other
        gender_other - If user choose gender=Other this will contain a text.
        email - Users email.
        password - Users entered non hashed password, will be checked and needs to be correct for change to be done.
    request.GET is used for deletion of the entire account.
    """
    if not 'UserId' in request.session.keys():
        return HttpResponseRedirect(reverse('login:Login'))

    delete_temp_files(request.session)

    profile_lang = get_lang(sections=["userprofile"])
    login_lang = get_lang(sections=["login"])

    wrong_pass = False
    account = {}
    try:
        user = login.models.User.objects.filter(
            UserId=request.session['UserId'])[0]
    except IndexError:
        return HttpResponseRedirect(reverse('login:Login'))
    account['firstName'] = user.getFirstName(request.session['PrivKey'])
    account['lastName'] = user.getLastName(request.session['PrivKey'])
    account['gender'] = user.getGender(request.session['PrivKey'])
    account['email'] = user.getEmail()

    if request.GET:
        if request.GET['delete']:
            if userprofile.tools.check_password(request.session['UserId'],
                                                request.session['PrivKey'],
                                                request.POST['password']):
                if request.POST['password']:
                    user = login.models.User.objects.filter(
                        UserId=request.session['UserId'])[0]
                    with transaction.atomic():
                        if not 'researchData' in request.POST.keys():
                            forget_me(
                                user.getAnonId(request.session['PrivKey']))
                        if request.session['Role'] == 'User':
                            userprofile.tools.remove_all_of_users_relations(
                                request.session['UserId'],
                                request.session['PrivKey'])
                        elif request.session['Role'] == 'Professional':
                            userprofile.tools.remove_all_of_professionals_relations(
                                request.session['UserId'],
                                request.session['PrivKey'])
                        tools.mediaman.delete_all_files(
                            user.getAnonId(request.session['PrivKey']))
                        login.models.User.objects.filter(
                            UserId=request.session['UserId']).delete()
                        request.session.flush()
                    return HttpResponseRedirect(reverse('login:Login'))
            else:
                return HttpResponseRedirect(
                    reverse('userprofile:Edit-profile'))
    if request.method == 'POST':
        if userprofile.tools.check_password(request.session['UserId'],
                                            request.session['PrivKey'],
                                            request.POST['password']):
            user = login.models.User.objects.filter(
                UserId=request.session['UserId'])[0]
            if request.POST['gender'] == 'Other':
                user.setGender(request.POST['gender_other'])
            else:
                user.setGender(request.POST['gender'])
            user.setFirstName(request.POST['first_name'])
            user.setLastName(request.POST['last_name'])
            user.setEmail(request.POST['email'])
            user.save()

            #data collection
            for_science = {
                "firstname": (account['firstName'],
                              user.getFirstName(request.session['PrivKey'])),
                "lastname": (account['lastName'],
                             user.getLastName(request.session['PrivKey'])),
                "gender": (account['gender'],
                           user.getGender(request.session['PrivKey'])),
                "email": (account['email'], user.getEmail())
            }
            for science in for_science:
                if for_science[science][0] != for_science[science][0]:
                    new_entry("u3",
                              user.getAnonId(request.session['PrivKey']),
                              science,
                              role=request.session['Role'])
            del for_science, science

            alert = {
                "color":
                "success",
                "title":
                UNIVERSAL_LANG["universal"]
                ["success"],  # Should mostly be success, error or warning. This text is the bold text.
                "message":
                profile_lang["userprofile"]["long_texts"]["alerts"]
                ["changed_info_success"]
            }

            # Check if global_elerts is in session allready.
            if "global_alerts" not in request.session.keys():
                request.session["global_alerts"] = [alert]
            else:
                request.session["global_alerts"].append(alert)
            return HttpResponseRedirect(reverse('userprofile:Profile'))
        else:
            wrong_pass = True

    template = "base_professionals.html" if request.session[
        "Role"] == "Professional" else "base.html"

    args = {
        'menu_titles': UNIVERSAL_LANG["universal"]["titles"],
        'back': UNIVERSAL_LANG["universal"]["back"],
        'form': login_lang["login"]["form"],
        'userprofile': profile_lang["userprofile"],
        'profile': profile_lang["userprofile"]["long_texts"],
        'alerts': login_lang['login']['long_texts']['alerts'],
        "account": account,
        'wrong_pass': wrong_pass,
        'template': template,
        'profView': False
    }

    return render(request, 'userprofile/edit.html', args)
Пример #8
0
def manage_relations_view(request):
    """Used to change permissions in a relation
    If submitting a request to change a relation, request.POST will contain the following keys:
        share_savemeplan = 1 if savemeplan should be shared, else 0
        share_check = 1 if check should be shared, else 0
        share_prepare = 1 if prepare should be shared, else 0
        share_media = 1 if media should be shared, else 0

    request.GET is used to send RelationFromId
        """

    if 'UserId' not in request.session.keys():  # Check if user is logged in
        return HttpResponseRedirect(reverse('login:Login'))
    elif request.session["Role"] != "User":
        return HttpResponseRedirect(reverse('userprofile:Profile'))

    delete_temp_files(request.session)

    profile_lang = get_lang(sections=["userprofile"])
    relationData = dict()
    if request.GET:
        relationFrom = userprofile.models.RelationFrom.objects.filter(
            RelationFromId=request.GET['Id'])[0]
        permission = dict()
        user = relationFrom.getUserIdTo()
        email = user.getEmail()
        permission['Profile'] = int(relationFrom.getPermission()[0])
        permission['SaveMePlan'] = int(relationFrom.getPermission()[1])
        permission['Check'] = int(relationFrom.getPermission()[2])
        permission['Prepare'] = int(relationFrom.getPermission()[3])
        permission['Media'] = int(relationFrom.getPermission()[4])
        relationData = {
            'Email': email,
            'RelationFrom': request.GET['Id'],
            'Permission': permission
        }

        if request.method == 'POST':
            if 'delete' in request.POST:
                userprofile.tools.remove_relation(request.session['UserId'],
                                                  request.session['PrivKey'],
                                                  email)
                return HttpResponseRedirect(reverse('userprofile:Relations'))
            elif 'save' in request.POST:
                relationFrom = userprofile.models.RelationFrom.objects.filter(
                    RelationFromId=request.GET['Id'])[0]
                permission['Profile'] = 1
                permission[
                    'SaveMePlan'] = 1 if 'share_savemeplan' in request.POST else 0
                permission['Check'] = 1 if 'share_check' in request.POST else 0
                permission[
                    'Prepare'] = 1 if 'share_prepare' in request.POST else 0
                permission['Media'] = 1 if 'share_media' in request.POST else 0
                userprofile.tools.modify_relation(request.session['UserId'],
                                                  request.session['PrivKey'],
                                                  email, permission)
                relationData['Permission'] = permission

    print(relationData['Permission'])
    args = {
        'menu_titles': UNIVERSAL_LANG["universal"]["titles"],
        'back': UNIVERSAL_LANG["universal"]["back"],
        'relations': profile_lang["userprofile"]["relations"],
        'form': profile_lang["userprofile"]["relations"]["form"],
        'modal': profile_lang["userprofile"]["relations"]["modal"],
        'user': relationData
    }

    return render(request, 'userprofile/managerelations.html', args)
Пример #9
0
def change_pass_view(request):
    """
    A interface for changing password.

    If submitting a request to change password, request.POST will contain the following keys:
        current_password = Users current password. Used for verification.
        new_password = Users new password.
        new_repassword = Users new password reentered.
    """

    if 'UserId' not in request.session.keys():  # Check if user is logged in
        return HttpResponseRedirect(reverse('login:Login'))

    delete_temp_files(request.session)

    alerts = {
    }  # Dict containing input name as key and alert text key as value
    login_lang = get_lang(sections=["login"])
    profile_lang = get_lang(sections=["userprofile"])

    if request.method == "POST":
        if userprofile.tools.check_password(request.session['UserId'],
                                            request.session['PrivKey'],
                                            request.POST["current_password"]):
            if request.POST['new_password'] == request.POST['new_repassword']:
                if len(request.POST["new_password"]) > 5 and len(
                        request.POST["new_password"]) < 129:
                    PrivKey = userprofile.tools.change_pass(
                        request.session['UserId'], request.session['PrivKey'],
                        request.POST["new_password"],
                        request.session['Role']).decode('utf-8')

                    if PrivKey:  # Check if changing password succeded
                        request.session['PrivKey'] = PrivKey
                        alert = {
                            "color":
                            "success",
                            "title":
                            UNIVERSAL_LANG["universal"]["success"],
                            "message":
                            profile_lang["userprofile"]["long_texts"]["alerts"]
                            ["alert_changed_password"]
                        }

                        if "global_alerts" not in request.session.keys():
                            request.session["global_alerts"] = [alert]
                        else:
                            request.session["global_alerts"].append(alert)
                        return HttpResponseRedirect(
                            reverse('userprofile:Profile'))

                    else:  # Password change failed
                        alert = {
                            "color":
                            "danger",
                            "title":
                            UNIVERSAL_LANG["universal"]["error"],
                            "message":
                            profile_lang["userprofile"]["long_texts"]
                            ["alert_error"]
                        }

                        if "global_alerts" not in request.session.keys():
                            alert = {
                                "color":
                                "success",
                                "title":
                                UNIVERSAL_LANG["universal"]["success"],
                                "message":
                                profile_lang["userprofile"]["long_texts"]
                                ["alert_changed_password"]
                            }
                            request.session["global_alerts"] = [alert]
                        else:
                            request.session["global_alerts"].append(alert)
                else:
                    alerts["password"] = '******'
            else:  # new_password and new_repasswords are not the same
                alerts["repassword"] = "******"
        else:  # current_password is not the right one
            alerts["current_password"] = "******"

    global_alerts = []
    if "global_alerts" in request.session.keys(
    ):  # Check if there is global alerts
        global_alerts = request.session["global_alerts"]
        request.session["global_alerts"] = []

    template = "base_professionals.html" if request.session[
        "Role"] == "Professional" else "base.html"

    args = {
        'menu_titles':
        UNIVERSAL_LANG["universal"]["titles"],
        'global_alerts':
        global_alerts,
        'change_password_text':
        profile_lang["userprofile"]["long_texts"]["change_password_text"],
        'form':
        login_lang["login"]["form"],
        'back':
        UNIVERSAL_LANG["universal"]["back"],
        'alerts':
        login_lang['login']['long_texts']['alerts'],
        'alert':
        alerts,
        'important':
        UNIVERSAL_LANG["universal"]["important"],
        'template':
        template
    }

    return render(request, 'userprofile/changepassword.html', args)