def has_permission(feedback_relation, user: User):
content_object = feedback_relation.content_object
if isinstance(content_object, Event):
event: Event = content_object
if not user.is_authenticated:
return False
if user.is_superuser:
return True
return user.has_perm('events.change_event', event)
# If the object is not an event return false by default
return False
def has_view_all_perms(user: User) -> bool:
has_global_perm = user.has_perm("posters.view_poster_order")
return has_global_perm
def has_edit_perms(user: User, poster: Poster):
has_global_perm = user.has_perm("posters.change_poster")
has_object_perm = user.has_perm("posters.change_poster", poster)
return has_global_perm or has_object_perm
def has_view_perms(user: User, poster: Poster) -> bool:
has_global_perm = user.has_perm("posters.view_poster_order")
has_object_perm = user.has_perm("posters.view_poster_order", poster)
return has_global_perm or has_object_perm
def register(request):
log = logging.getLogger(__name__)
if request.user.is_authenticated:
messages.error(
request, _('Registrering av ny konto krever at du er logget ut.'))
return HttpResponseRedirect('/')
else:
if request.method == 'POST':
form = RegisterForm(request.POST)
if form.is_valid():
cleaned = form.cleaned_data
# Create user
user = User(
username=cleaned['username'],
first_name=cleaned['first_name'].title(),
last_name=cleaned['last_name'].title(),
)
# Set remaining fields
user.phone_number = cleaned['phone']
user.address = cleaned['address'].title()
user.zip_code = cleaned['zip_code']
# Store password properly
user.set_password(cleaned['password'])
# Users need to be manually activated
user.is_active = False
user.save()
# Set email address
email = Email(
user=user,
email=cleaned['email'].lower(),
)
email.primary = True
email.save()
# Create the registration token
token = uuid.uuid4().hex
try:
rt = RegisterToken(user=user,
email=email.email,
token=token)
rt.save()
log.info('Successfully registered token for %s' %
request.user)
except IntegrityError as ie:
log.error('Failed to register token for "%s" due to "%s"' %
(request.user, ie))
email_context = {}
verify_url = reverse('auth_verify', args=(token, ))
email_context['verify_url'] = request.build_absolute_uri(
verify_url)
message = render_to_string('auth/email/welcome_tpl.txt',
email_context)
try:
send_mail(_('Verifiser din konto'), message,
settings.DEFAULT_FROM_EMAIL, [
email.email,
])
except SMTPException:
messages.error(
request,
'Det oppstod en kritisk feil, epostadressen er ugyldig!'
)
return redirect('home')
messages.success(
request,
_('Registreringen var vellykket. Se tilsendt epost for verifiseringsinstrukser.'
))
return HttpResponseRedirect('/')
else:
form = RegisterForm(request.POST, auto_id=True)
else:
form = RegisterForm()
return render(request, 'auth/register.html', {
'form': form,
})
def update(self, instance: User, validated_data: dict):
new_password = validated_data.get("new_password")
instance.set_password(new_password)
instance.save()
return instance
def update(self, instance: User, validated_data: dict):
salt = "".join(
random.choices(string.ascii_uppercase + string.digits, k=10))
username = hashlib.sha256(
str(instance.username + salt).encode("utf-8")).hexdigest()
password = hashlib.sha256(str(salt).encode("utf-8")).hexdigest()
# Related fields
if instance.member() is not None:
Membership.objects.get(
username=instance.member().username).delete()
instance.email_user.all().delete()
instance.positions.all().delete()
instance.special_positions.all().delete()
instance.group_memberships.all().delete()
# Django related fields
instance.first_name = ""
instance.last_name = ""
instance.email = ""
instance.passord = instance.set_password(password)
instance.username = username
instance.groups.clear()
instance.user_permissions.clear()
instance.is_staff = False
instance.is_active = False
instance.is_superuser = False
instance.last_login = datetime(2000, 1, 1)
instance.date_joined = datetime(2000, 1, 1)
# Online related fields
instance.field_of_study = 0
instance.started_date = datetime(2000, 1, 1)
instance.compiled = False
# Mail
instance.infomail = False
instance.jobmail = False
instance.online_mail = None
# Address
instance.phone_number = None
instance.address = None
instance.zip_code = None
# Other
instance.allergies = None
instance.rfid = None
instance.nickname = None
instance.website = None
instance.github = None
instance.linkedin = None
instance.gender = "male"
instance.bio = ""
# NTNU credentials
instance.ntnu_username = None
instance.save()
return instance
def register(request):
log = logging.getLogger(__name__)
if request.user.is_authenticated:
messages.error(
request, _("Registrering av ny konto krever at du er logget ut."))
return HttpResponseRedirect("/")
else:
if request.method == "POST":
form = RegisterForm(request.POST)
if form.is_valid():
cleaned = form.cleaned_data
# Create user
user = User(
username=cleaned["username"],
first_name=cleaned["first_name"].title(),
last_name=cleaned["last_name"].title(),
)
# Set remaining fields
user.phone_number = cleaned["phone"]
user.address = cleaned["address"].title()
user.zip_code = cleaned["zip_code"]
# Store password properly
user.set_password(cleaned["password"])
# Users need to be manually activated
user.is_active = False
user.save()
# Set email address
email = Email(user=user, email=cleaned["email"].lower())
email.primary = True
email.save()
# Create the registration token
token = uuid.uuid4().hex
try:
rt = RegisterToken(user=user,
email=email.email,
token=token)
rt.save()
log.info("Successfully registered token for %s" %
request.user)
except IntegrityError as ie:
log.error('Failed to register token for "%s" due to "%s"' %
(request.user, ie))
email_context = {}
verify_url = reverse("auth_verify", args=(token, ))
email_context["verify_url"] = request.build_absolute_uri(
verify_url)
message = render_to_string("auth/email/welcome_tpl.txt",
email_context)
try:
send_mail(
_("Verifiser din konto"),
message,
settings.DEFAULT_FROM_EMAIL,
[email.email],
)
except SMTPException:
messages.error(
request,
"Det oppstod en kritisk feil, epostadressen er ugyldig!",
)
return redirect("home")
messages.success(
request,
_("Registreringen var vellykket. Se tilsendt epost for verifiseringsinstrukser."
),
)
return HttpResponseRedirect("/")
else:
form = RegisterForm(request.POST, auto_id=True)
else:
form = RegisterForm()
return render(request, "auth/register.html", {"form": form})