def admin_permission_rolegroup_edit(request, group, rolegroup_id):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
rolegroup = RoleGroup.objects.get(pk=rolegroup_id,
group=group, )
if request.method == 'POST':
username = request.POST['username']
if username:
user = User.objects.get(username=username)
RoleGroupMember(user=user,
rolegroup=rolegroup).save()
return HttpResponseRedirect(rolegroup.get_absolute_editurl())
if 'cmd' in request.GET and 'id' in request.GET:
if request.GET['cmd'] == 'remove':
member = rolegroup.rolegroupmember_set.get(pk=request.GET['id'])
messages.success(request,
message=ugettext(u'Removed user %(username)s from rolegroup.') % \
{'username': member.user.username})
member.delete()
return HttpResponseRedirect(rolegroup.get_absolute_editurl())
return render(
request,
'sphene/community/admin/permission/rolegroup_edit.html',
{'rolegroup': rolegroup}
)
def admin_permission_role_member_add(request, group, role_id, addgroup = False):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
role = get_object_or_404(Role, pk = role_id)
if addgroup:
EditForm = EditRoleGroupMemberForm
else:
EditForm = EditRoleMemberForm
if request.method == 'POST':
form = EditForm(group = group, data = request.POST)
if form.is_valid():
data = form.cleaned_data
role_member = RoleMember( role = role,
user = data.get('user', None),
rolegroup = data.get('rolegroup', None),
has_limitations = data['has_limitations'], )
role_member.save()
if data['has_limitations']:
limitation = RoleMemberLimitation( role_member = role_member,
object_type = data['object_type'],
object_id = data['object'], )
limitation.save()
messages.success(request, message = ugettext(u'Successfully added member.') )
return HttpResponseRedirect( role.get_absolute_memberlisturl() )
else:
form = EditForm(group = group)
return render_to_response( 'sphene/community/admin/permission/role_member_add.html',
{ 'form': form,
'role': role,
},
context_instance = RequestContext(request) )
def admin_user_switch_active(request, user_id, group):
if not has_permission_flag(request.user, 'community_manage_users'):
raise PermissionDenied()
usr = get_object_or_404(User, pk=user_id, is_superuser=False)
usr.is_active = not usr.is_active
usr.save()
user_status = _('no')
button_label = _('Enable')
if usr.is_active:
user_status = _('yes')
button_label = _('Disable')
else:
# clear user sessions - only works if sessions are stored in django db
if settings.SESSION_ENGINE == 'django.contrib.sessions.backends.db':
from django.contrib.sessions.models import Session
[
s.delete() for s in Session.objects.all()
if s.get_decoded().get('_auth_user_id') == usr.id
]
if not request.is_ajax():
messages.success(
request, message=ugettext(u'Successfully changed user status.'))
req = request.GET if request.method == 'GET' else request.POST
url = req.get('next', reverse('sph_admin_users'))
return HttpResponseRedirect(url)
else:
return HttpResponse(json.dumps({
"user_status": user_status,
"button_label": button_label
}),
mimetype='application/json')
def admin_user_switch_active(request, user_id, group):
if not has_permission_flag(request.user, 'community_manage_users'):
raise PermissionDenied()
usr = get_object_or_404(User, pk=user_id, is_superuser=False)
usr.is_active = not usr.is_active
usr.save()
user_status = _('no')
button_label = _('Enable')
if usr.is_active:
user_status = _('yes')
button_label = _('Disable')
else:
# clear user sessions - only works if sessions are stored in django db
if settings.SESSION_ENGINE == 'django.contrib.sessions.backends.db':
from django.contrib.sessions.models import Session
[s.delete() for s in Session.objects.all() if s.get_decoded().get('_auth_user_id') == usr.id]
if not request.is_ajax():
messages.success(request, message=ugettext(u'Successfully changed user status.'))
req = request.GET if request.method == 'GET' else request.POST
url = req.get('next', reverse('sph_admin_users'))
return HttpResponseRedirect(url)
else:
return HttpResponse(json.dumps({"user_status": user_status,
"button_label": button_label}),
mimetype='application/json')
def admin_permission_rolegroup_edit(request, group, rolegroup_id):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
rolegroup = RoleGroup.objects.get(
pk=rolegroup_id,
group=group,
)
if request.method == 'POST':
username = request.POST['username']
if username:
user = User.objects.get(username=username)
RoleGroupMember(user=user, rolegroup=rolegroup).save()
return HttpResponseRedirect(rolegroup.get_absolute_editurl())
if 'cmd' in request.GET and 'id' in request.GET:
if request.GET['cmd'] == 'remove':
member = rolegroup.rolegroupmember_set.get(pk=request.GET['id'])
messages.success(request,
message=ugettext(u'Removed user %(username)s from rolegroup.') % \
{'username': member.user.username})
member.delete()
return HttpResponseRedirect(rolegroup.get_absolute_editurl())
return render(request,
'sphene/community/admin/permission/rolegroup_edit.html',
{'rolegroup': rolegroup})
def admin_permission_role_list(request, group):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
roles = Role.objects.filter( group = group )
return render_to_response( 'sphene/community/admin/permission/role_list.html',
{ 'roles' : roles,
},
context_instance = RequestContext(request) )
def admin_permission_role_list(request, group):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
roles = Role.objects.filter(group=group)
return render(
request,
'sphene/community/admin/permission/role_list.html',
{'roles': roles}
)
def admin_permission_role_list(request, group):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
roles = Role.objects.filter(group=group)
return render_to_response(
'sphene/community/admin/permission/role_list.html', {
'roles': roles,
},
context_instance=RequestContext(request))
def admin_permission_rolegroup_list(request, group):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
if request.method == 'POST':
name = request.POST['name']
if name:
RoleGroup(group=group, name=name).save()
return HttpResponseRedirect(
sph_reverse('community_admin_permission_rolegroup_list'))
rolegroups = RoleGroup.objects.filter(group=group)
return render(request,
'sphene/community/admin/permission/rolegroup_list.html',
{'rolegroups': rolegroups})
def admin_permission_rolegroup_list(request, group):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
if request.method == 'POST':
name = request.POST['name']
if name:
RoleGroup(group = group,
name = name).save()
return HttpResponseRedirect(sph_reverse('community_admin_permission_rolegroup_list'))
rolegroups = RoleGroup.objects.filter( group = group )
return render_to_response( 'sphene/community/admin/permission/rolegroup_list.html',
{ 'rolegroups': rolegroups, },
context_instance = RequestContext(request) )
def show_active_monitors(context, profile_user):
user = context["user"]
request = context["request"]
if user == profile_user:
monitors = Monitor.objects.filter(
Q(thread=None) | Q(thread__is_hidden=0), user=profile_user, group=get_current_group()
)
else:
if not has_permission_flag(request.user, "community_manage_users"):
raise PermissionDenied()
monitors = Monitor.objects.filter(
Q(thread=None) | Q(thread__is_hidden=0), user=profile_user, group=get_current_group()
)
return {"monitors": monitors, "request": request, "is_current_user": user == profile_user}
def admin_permission_role_edit(request, group, role_id=None):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
role = None
if role_id:
role = get_object_or_404(Role, pk=role_id)
if request.method == 'POST':
form = EditRoleForm(request.POST)
if form.is_valid():
data = form.cleaned_data
r = role
if not r:
r = Role(group=group)
r.name = data['name']
r.save()
# Delete old flags
r.permission_flags.clear()
# Add all flags
for flag_name in data['permission_flags']:
r.permission_flags.add(
PermissionFlag.objects.get(name=flag_name))
r.save()
messages.success(request,
message=ugettext(u'Successfully saved role.'))
return HttpResponseRedirect(r.get_absolute_memberlisturl())
else:
form = EditRoleForm()
if role:
form.fields['name'].initial = role.name
form.fields['permission_flags'].initial = [
flag.name for flag in role.permission_flags.all()
]
return render_to_response(
'sphene/community/admin/permission/role_edit.html', {
'form': form,
},
context_instance=RequestContext(request))
def admin_permission_role_member_list(request, group, role_id):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
role = get_object_or_404(Role, pk = role_id)
members = role.rolemember_set.all()
if 'cmd' in request.GET and request.GET['cmd'] == 'remove':
memberid = request.GET['id']
role_member = RoleMember.objects.get( pk = memberid )
role_member.delete()
messages.success(request, message = ugettext(u'Successfully deleted role member.') )
return HttpResponseRedirect( role.get_absolute_memberlisturl() )
return render_to_response( 'sphene/community/admin/permission/role_member_list.html',
{ 'members': members,
'role': role,
},
context_instance = RequestContext(request) )
def admin_permission_role_member_list(request, group, role_id):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
role = get_object_or_404(Role, pk=role_id)
members = role.rolemember_set.all()
if 'cmd' in request.GET and request.GET['cmd'] == 'remove':
memberid = request.GET['id']
role_member = RoleMember.objects.get(pk=memberid)
role_member.delete()
messages.success(
request, message=ugettext(u'Successfully deleted role member.'))
return HttpResponseRedirect(role.get_absolute_memberlisturl())
return render(request,
'sphene/community/admin/permission/role_member_list.html', {
'members': members,
'role': role
})
def show_active_monitors(context, profile_user):
user = context['user']
request = context['request']
if user==profile_user:
monitors = Monitor.objects.filter(Q(thread=None)|Q(thread__is_hidden=0),
user = profile_user,
group = get_current_group()
)
else:
if not has_permission_flag(request.user, 'community_manage_users'):
raise PermissionDenied()
monitors = Monitor.objects.filter(Q(thread=None)|Q(thread__is_hidden=0),
user = profile_user,
group = get_current_group()
)
return {'monitors':monitors,
'request':request,
'is_current_user':user==profile_user}
def show_active_monitors(context, profile_user):
user = context['user']
request = context['request']
if user==profile_user:
monitors = Monitor.objects.filter(Q(thread=None)|Q(thread__is_hidden=0),
user = profile_user,
group = get_current_group()
)
else:
if not has_permission_flag(request.user, 'community_manage_users'):
raise PermissionDenied()
monitors = Monitor.objects.filter(Q(thread=None)|Q(thread__is_hidden=0),
user = profile_user,
group = get_current_group()
)
return {'monitors':monitors,
'request':request,
'is_current_user':user==profile_user}
def admin_users(request, group):
if not has_permission_flag(request.user, 'community_manage_users'):
raise PermissionDenied()
orderby = request.GET.get('orderby', 'username')
users = User.objects.filter(is_superuser=False).order_by(orderby)
search_qs = {}
search_form = UsersSearchForm()
if request.GET.has_key('search'):
search_form = UsersSearchForm(request.GET)
if search_form.is_valid():
username = search_form.cleaned_data['username']
if username:
search_params = Q(username__istartswith=username) | Q(
first_name__istartswith=username) | Q(
last_name__istartswith=username) | Q(
email__istartswith=username)
users = users.filter(search_params)
search_qs = urlencode(search_form.cleaned_data)
template_name = 'sphene/community/admin/users_list.html'
context = {
'is_sphboard': 'sphene.sphboard' in settings.INSTALLED_APPS,
'search_qs': search_qs,
'search_form': search_form,
'orderby': orderby
}
res = object_list(
request=request,
queryset=users,
template_name=template_name,
template_object_name='sphuser',
allow_empty=True,
extra_context=context,
paginate_by=10,
)
return res
def admin_permission_role_member_add(request, group, role_id, addgroup=False):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
role = get_object_or_404(Role, pk=role_id)
if addgroup:
EditForm = EditRoleGroupMemberForm
else:
EditForm = EditRoleMemberForm
if request.method == 'POST':
form = EditForm(group=group, data=request.POST)
if form.is_valid():
data = form.cleaned_data
role_member = RoleMember(
role=role,
user=data.get('user', None),
rolegroup=data.get('rolegroup', None),
has_limitations=data['has_limitations'],
)
role_member.save()
if data['has_limitations']:
limitation = RoleMemberLimitation(
role_member=role_member,
object_type=data['object_type'],
object_id=data['object'],
)
limitation.save()
messages.success(request,
message=ugettext(u'Successfully added member.'))
return HttpResponseRedirect(role.get_absolute_memberlisturl())
else:
form = EditForm(group=group)
return render_to_response(
'sphene/community/admin/permission/role_member_add.html', {
'form': form,
'role': role,
},
context_instance=RequestContext(request))
def admin_permission_role_edit(request, group, role_id=None):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
role = None
if role_id:
role = get_object_or_404(Role, pk=role_id)
if request.method == 'POST':
form = EditRoleForm(request.POST)
if form.is_valid():
data = form.cleaned_data
r = role
if not r:
r = Role(group=group)
r.name = data['name']
r.save()
# Delete old flags
r.permission_flags.clear()
# Add all flags
for flag_name in data['permission_flags']:
r.permission_flags.add(PermissionFlag.objects.get(name=flag_name))
r.save()
messages.success(request, message=ugettext(u'Successfully saved role.'))
return HttpResponseRedirect(r.get_absolute_memberlisturl())
else:
form = EditRoleForm()
if role:
form.fields['name'].initial = role.name
form.fields['permission_flags'].initial = [flag.name for flag in role.permission_flags.all()]
return render(
request,
'sphene/community/admin/permission/role_edit.html',
{'form': form}
)
def admin_user_switch_active(request, user_id, group):
if not has_permission_flag(request.user, 'community_manage_users'):
raise PermissionDenied()
usr = get_object_or_404(User, pk=user_id, is_superuser=False)
usr.is_active = not usr.is_active
usr.save()
user_status = _('no')
button_label = _('Enable')
if usr.is_active:
user_status=_('yes')
button_label = _('Disable')
if not request.is_ajax():
messages.success(request, message = ugettext(u'Successfully changed user status.') )
url = request.REQUEST.get('next', reverse('sph_admin_users'))
return HttpResponseRedirect(url)
else:
return HttpResponse(simplejson.dumps({"user_status":user_status,
"button_label":button_label}),
mimetype='application/json')
def admin_user_posts(request, group, user_id):
if not has_permission_flag(request.user, 'community_manage_users'):
raise PermissionDenied()
user = get_object_or_404(User, pk=user_id)
orderby = request.GET.get('orderby', '-postdate')
post_list = Post.objects.filter( author = user ).order_by(orderby)
template_name = 'sphene/sphboard/admin_user_posts.html'
context = {'author':user,
'orderby':orderby}
res = object_list( request = request,
queryset = post_list,
template_name = template_name,
template_object_name = 'post',
extra_context = context,
allow_empty = True,
paginate_by = 10,
)
return res
def admin_user_posts(request, group, user_id):
if not has_permission_flag(request.user, 'community_manage_users'):
raise PermissionDenied()
user = get_object_or_404(User, pk=user_id)
orderby = request.GET.get('orderby', '-postdate')
post_list = Post.objects.filter(author=user).order_by(orderby)
template_name = 'sphene/sphboard/admin_user_posts.html'
context = {'author': user, 'orderby': orderby}
res = object_list(
request=request,
queryset=post_list,
template_name=template_name,
template_object_name='post',
extra_context=context,
allow_empty=True,
paginate_by=10,
)
return res
def admin_users(request, group):
if not has_permission_flag(request.user, 'community_manage_users'):
raise PermissionDenied()
orderby = request.GET.get('orderby', 'username')
users = User.objects.filter(is_superuser=False).order_by(orderby)
search_qs = {}
search_form = UsersSearchForm()
if request.GET.has_key('search'):
search_form = UsersSearchForm(request.GET)
if search_form.is_valid():
username = search_form.cleaned_data['username']
if username:
search_params = Q(username__istartswith=username) | Q(first_name__istartswith=username) | Q(
last_name__istartswith=username) | Q(email__istartswith=username)
users = users.filter(search_params)
search_qs = urlencode(search_form.cleaned_data)
template_name = 'sphene/community/admin/users_list.html'
context = {'is_sphboard': 'sphene.sphboard' in settings.INSTALLED_APPS,
'search_qs': search_qs,
'search_form': search_form,
'orderby': orderby}
res = object_list(request=request,
queryset=users,
template_name=template_name,
template_object_name='sphuser',
allow_empty=True,
extra_context=context,
paginate_by=10,
)
return res
def admin_user_switch_active(request, user_id, group):
if not has_permission_flag(request.user, 'community_manage_users'):
raise PermissionDenied()
usr = get_object_or_404(User, pk=user_id, is_superuser=False)
usr.is_active = not usr.is_active
usr.save()
user_status = _('no')
button_label = _('Enable')
if usr.is_active:
user_status = _('yes')
button_label = _('Disable')
if not request.is_ajax():
messages.success(
request, message=ugettext(u'Successfully changed user status.'))
url = request.REQUEST.get('next', reverse('sph_admin_users'))
return HttpResponseRedirect(url)
else:
return HttpResponse(simplejson.dumps({
"user_status": user_status,
"button_label": button_label
}),
mimetype='application/json')
def profile_edit(request, group, user_id):
requester = request.user
if user_id:
user = get_object_or_404(User, pk = user_id)
else:
user = requester
if user is None or user != requester or not requester.is_authenticated():
if not (requester and requester.is_authenticated() and (requester.is_superuser or has_permission_flag(requester, 'community_manage_users'))):
raise PermissionDenied()
if request.method == 'POST':
reqdata = request.POST.copy()
reqdata.update(request.FILES)
form = EditProfileForm(user, request.POST, request.FILES)
else:
form = EditProfileForm(user)
profile_edit_init_form.send(sender = EditProfileForm,
instance = form,
request = request,
)
if request.method == 'POST':
if form.is_valid():
data = form.cleaned_data
user.first_name = data['first_name']
user.last_name = data['last_name']
if user.email != data['email_address']:
# Require email validation ...
pass
if data['new_password']:
# Check was already made in form, we only need to change the password.
user.set_password( data['new_password'] )
profile_edit_save_form.send(sender = EditProfileForm,
instance = form,
request = request,
)
user.save()
messages.success(request, message = ugettext(u'Successfully changed user profile.') )
return HttpResponseRedirect( sph_user_profile_link( user ) )
else:
form.fields['first_name'].initial = user.first_name
form.fields['last_name'].initial = user.last_name
form.fields['email_address'].initial = user.email
"""
form = EditProfileForm( { 'first_name': user.first_name,
'last_name': user.last_name,
'email_address': user.email,
} )
"""
return render_to_response( 'sphene/community/profile_edit.html',
{ 'profile_user': user,
'form': form,
'is_sphboard':'sphene.sphboard' in settings.INSTALLED_APPS
},
context_instance = RequestContext(request) )
def admin_permission_role_groupmember_add(request, group, role_id):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
return admin_permission_role_member_add(request, group, role_id, True)
def profile_edit(request, group, user_id):
requester = request.user
if user_id:
user = get_object_or_404(User, pk=user_id)
else:
user = requester
if user is None or user != requester or not requester.is_authenticated:
if not (requester and requester.is_authenticated and
(requester.is_superuser
or has_permission_flag(requester, 'community_manage_users'))):
raise PermissionDenied()
if request.method == 'POST':
reqdata = request.POST.copy()
reqdata.update(request.FILES)
form = EditProfileForm(user, request.POST, request.FILES)
else:
form = EditProfileForm(user)
profile_edit_init_form.send(
sender=EditProfileForm,
instance=form,
request=request,
)
if request.method == 'POST':
if form.is_valid():
data = form.cleaned_data
user.first_name = data['first_name']
user.last_name = data['last_name']
if user.email != data['email_address']:
email_address = data['email_address']
mail_domain = email_address.split('@')[1]
logger.info('change e-mail request ip: %s, email: %s' %
(get_client_ip(request), email_address))
s = URLSafeTimedSerializer(
getattr(settings, 'EMAIL_CHANGE_SECRET',
'87fuhaidfhahfokhh3u'))
email_change_hash = s.dumps({
'email': email_address,
'user_id': user.pk
})
# do not tell spammers that we have not sent email :)
if mail_domain not in getattr(settings,
'BLACKLISTED_EMAIL_DOMAINS', []):
if not group:
subject = ugettext(u'Email verification required')
else:
subject = ugettext(
u'Email verification required for site %(site_name)s'
) % {
'site_name': group.get_name()
}
mail_context = RequestContext(
request, {
'email':
email_address,
'baseurl':
group.baseurl,
'path':
sph_reverse(
'sphene.community.views.email_change_hash',
(), {"email_change_hash": email_change_hash}),
'group':
group,
})
text_part = loader.get_template(
'sphene/community/accounts/account_email_change.txt') \
.render(mail_context)
html_part = loader.get_template(
'sphene/community/accounts/account_email_change.html') \
.render(mail_context)
msg = EmailMultiAlternatives(subject, text_part, None,
[email_address])
msg.attach_alternative(html_part, "text/html")
msg.send()
messages.info(
request,
message=ugettext(
u'E-mail with verification link has been sent to change your e-mail address.'
))
if data['new_password']:
# Check was already made in form, we only need to change the password.
user.set_password(data['new_password'])
profile_edit_save_form.send(
sender=EditProfileForm,
instance=form,
request=request,
)
user.save()
messages.success(
request,
message=ugettext(u'Successfully changed user profile.'))
return HttpResponseRedirect(sph_user_profile_link(user))
else:
form.fields['first_name'].initial = user.first_name
form.fields['last_name'].initial = user.last_name
form.fields['email_address'].initial = user.email
"""
form = EditProfileForm( { 'first_name': user.first_name,
'last_name': user.last_name,
'email_address': user.email,
} )
"""
return render(
request, 'sphene/community/profile_edit.html', {
'profile_user': user,
'form': form,
'is_sphboard': 'sphene.sphboard' in settings.INSTALLED_APPS
})
def profile_edit(request, group, user_id):
requester = request.user
if user_id:
user = get_object_or_404(User, pk=user_id)
else:
user = requester
if user is None or user != requester or not requester.is_authenticated():
if not (requester and requester.is_authenticated() and
(requester.is_superuser
or has_permission_flag(requester, 'community_manage_users'))):
raise PermissionDenied()
if request.method == 'POST':
reqdata = request.POST.copy()
reqdata.update(request.FILES)
form = EditProfileForm(user, request.POST, request.FILES)
else:
form = EditProfileForm(user)
profile_edit_init_form.send(
sender=EditProfileForm,
instance=form,
request=request,
)
if request.method == 'POST':
if form.is_valid():
data = form.cleaned_data
user.first_name = data['first_name']
user.last_name = data['last_name']
if user.email != data['email_address']:
# Require email validation ...
pass
if data['new_password']:
# Check was already made in form, we only need to change the password.
user.set_password(data['new_password'])
profile_edit_save_form.send(
sender=EditProfileForm,
instance=form,
request=request,
)
user.save()
messages.success(
request,
message=ugettext(u'Successfully changed user profile.'))
return HttpResponseRedirect(sph_user_profile_link(user))
else:
form.fields['first_name'].initial = user.first_name
form.fields['last_name'].initial = user.last_name
form.fields['email_address'].initial = user.email
"""
form = EditProfileForm( { 'first_name': user.first_name,
'last_name': user.last_name,
'email_address': user.email,
} )
"""
return render_to_response(
'sphene/community/profile_edit.html', {
'profile_user': user,
'form': form,
'is_sphboard': 'sphene.sphboard' in settings.INSTALLED_APPS
},
context_instance=RequestContext(request))
def profile_edit(request, group, user_id):
requester = request.user
if user_id:
user = get_object_or_404(User, pk=user_id)
else:
user = requester
if user is None or user != requester or not requester.is_authenticated:
if not (requester and requester.is_authenticated and (
requester.is_superuser or has_permission_flag(requester, 'community_manage_users'))):
raise PermissionDenied()
if request.method == 'POST':
reqdata = request.POST.copy()
reqdata.update(request.FILES)
form = EditProfileForm(user, request.POST, request.FILES)
else:
form = EditProfileForm(user)
profile_edit_init_form.send(sender=EditProfileForm,
instance=form,
request=request,
)
if request.method == 'POST':
if form.is_valid():
data = form.cleaned_data
user.first_name = data['first_name']
user.last_name = data['last_name']
if user.email != data['email_address']:
email_address = data['email_address']
mail_domain = email_address.split('@')[1]
logger.info('change e-mail request ip: %s, email: %s' % (get_client_ip(request), email_address))
s = URLSafeTimedSerializer(getattr(settings, 'EMAIL_CHANGE_SECRET', '87fuhaidfhahfokhh3u'))
email_change_hash = s.dumps({'email': email_address,
'user_id': user.pk})
# do not tell spammers that we have not sent email :)
if mail_domain not in getattr(settings, 'BLACKLISTED_EMAIL_DOMAINS', []):
if not group:
subject = ugettext(u'Email verification required')
else:
subject = ugettext(u'Email verification required for site %(site_name)s') % {
'site_name': group.get_name()}
mail_context = RequestContext(request, {
'email': email_address,
'baseurl': group.baseurl,
'path': sph_reverse('sphene.community.views.email_change_hash', (),
{"email_change_hash": email_change_hash}),
'group': group,
})
text_part = loader.get_template(
'sphene/community/accounts/account_email_change.txt') \
.render(mail_context)
html_part = loader.get_template(
'sphene/community/accounts/account_email_change.html') \
.render(mail_context)
msg = EmailMultiAlternatives(subject, text_part, None, [email_address])
msg.attach_alternative(html_part, "text/html")
msg.send()
messages.info(request, message=ugettext(
u'E-mail with verification link has been sent to change your e-mail address.'))
if data['new_password']:
# Check was already made in form, we only need to change the password.
user.set_password(data['new_password'])
profile_edit_save_form.send(sender=EditProfileForm,
instance=form,
request=request,
)
user.save()
messages.success(request, message=ugettext(u'Successfully changed user profile.'))
return HttpResponseRedirect(sph_user_profile_link(user))
else:
form.fields['first_name'].initial = user.first_name
form.fields['last_name'].initial = user.last_name
form.fields['email_address'].initial = user.email
"""
form = EditProfileForm( { 'first_name': user.first_name,
'last_name': user.last_name,
'email_address': user.email,
} )
"""
return render(
request,
'sphene/community/profile_edit.html',
{'profile_user': user,
'form': form,
'is_sphboard': 'sphene.sphboard' in settings.INSTALLED_APPS
}
)
def __getitem__(self, flag_name):
return has_permission_flag(get_current_user(), flag_name)
def admin_permission_role_list(request, group):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
roles = Role.objects.filter(group=group)
return render(request, 'sphene/community/admin/permission/role_list.html',
{'roles': roles})
def admin_permission_role_groupmember_add(request, group, role_id):
if not has_permission_flag(request.user, 'community_manage_roles'):
raise PermissionDenied()
return admin_permission_role_member_add(request, group, role_id, True)