def get_queryset(self): query_params = {key: value or None for key, value in self.request.GET.items()} user_group = self.request.user.group.name if user_group in getattr(settings, 'DISTRICT_GROUPS', []): target_locations = get_user_district_locations(self.request.user) query_params.update({'location__in': target_locations}) if 'ordering' in query_params: ordering_params = query_params['ordering'] del query_params['ordering'] query_set = UserProfile.objects(**query_params).order_by('%s' % ordering_params) else: query_set = UserProfile.objects(**query_params).order_by('-created_at') return query_set
def validate_email(self, attrs, source): email = attrs.get(source) updated_value = email != getattr(self.object, 'email', '') if not email: return attrs self.__check_uniqueness(attrs, 'email', UserProfile.objects(email=email), updated_value) return attrs
def setUp(self): date_time = datetime.datetime(2014, 9, 17, 16, 0, 49, 807000) phone_number = "256775019449" self.district = Location( **dict(name='Kampala', parent=None, type='district')).save() self.village = Location(**dict( name='Bukoto', parent=self.district, type='village')).save() self.mobile_user = UserProfile(**dict(name='timothy', phone=phone_number, location=self.village, email=None)).save() self.poll_attr = dict(name="Disaster", question="How many disasters are in your area?", keyword="some_word", target_locations=[str(self.village.id)]) self.poll = Poll(**self.poll_attr).save() self.text_format = "NECOCPoll %s there are 4 or 5" text = self.text_format % self.poll_attr['keyword'] self.poll_response = dict(phone_no=phone_number, text=text, received_at=date_time, relayer_id=234, run_id=23243) self.serialized_data = dict(phone=phone_number, time=date_time, relayer=234, run=23243, text=text)
def test_reseting_password_sends_email(self, mock_send_email): profile = UserProfile(**self.mobile_user_attr).save() response = self.client.post(self.API_ENDPOINT + str(profile.id) + '/password_reset/') self.assertEqual(200, response.status_code) mock_send_email.assert_called_with('NECOC Password Reset', mock.ANY, settings.DEFAULT_FROM_EMAIL, [profile.email])
def test_reset_password_for_non_web_user_raises_404(self): attr = self.mobile_user_attr.copy() del attr['user'] profile = UserProfile(**attr).save() response = self.client.post(self.API_ENDPOINT + str(profile.id) + '/password_reset/') self.assertEqual(404, response.status_code) self.assertEqual({"detail": "Not found"}, response.data)
def test_cant_post_reset_password_without_manage_user_permission(self): profile = UserProfile(**self.mobile_user_attr).save() self.assert_permission_required_for_get(self.API_ENDPOINT + str(profile.id) + '/password_reset/') self.assert_permission_required_for_post(self.API_ENDPOINT + str(profile.id) + '/password_reset/')
def test_should_reset_password_of_user(self): profile = UserProfile(**self.mobile_user_attr).save() response = self.client.post(self.API_ENDPOINT + str(profile.id) + '/password_reset/') self.assertEqual(200, response.status_code) self.assertEqual({}, response.data) self.assertFalse( (User.objects(username=self.user.username)).first().check_password( self.initial_password))
def test_should_update_password_of_user(self): profile = UserProfile(**self.mobile_user_attr).save() response = self.client.post( self.API_ENDPOINT + str(profile.id) + '/password/', self.password_data) profiles = UserProfile.objects() users = User.objects(username=self.user.username) self.assertEqual(200, response.status_code) self.assertEqual({}, response.data) self.assertEqual(1, profiles.count()) self.assertEqual(1, users.count()) self.assertTrue(users.first().check_password( self.password_data['new_password'])) response = self.client.login( username=self.user.username, password=self.password_data['new_password']) self.assertTrue(response)
def test_user_can_only_change_their_password(self): attr = self.mobile_user_attr.copy() del attr['user'] profile = UserProfile(**attr).save() response = self.client.post( self.API_ENDPOINT + str(profile.id) + '/password/', self.password_data) users = User.objects(username=self.user.username) self.assertEqual(403, response.status_code) self.assertTrue(users.first().check_password( self.password_data['old_password']))
def test_user_must_be_logged_in_to_change_their_password(self): profile = UserProfile(**(self.mobile_user_attr.copy())).save() self.client.logout() response = self.client.post( self.API_ENDPOINT + str(profile.id) + '/password/', self.password_data) users = User.objects(username=self.user.username) self.assertEqual(403, response.status_code) self.assertTrue(users.first().check_password( self.password_data['old_password']))
def test_should_update_password_of_user(self): profile = UserProfile(**self.mobile_user_attr).save() response = self.client.post(self.API_ENDPOINT + str(profile.id) + '/password/', self.password_data) profiles = UserProfile.objects() users = User.objects(username=self.user.username) self.assertEqual(200, response.status_code) self.assertEqual({}, response.data) self.assertEqual(1, profiles.count()) self.assertEqual(1, users.count()) self.assertTrue(users.first().check_password(self.password_data['new_password'])) response = self.client.login(username=self.user.username, password=self.password_data['new_password']) self.assertTrue(response)
class PasswordChangeView(UpdateAPIView): serializer_class = UserPasswordChangeSerializer queryset = UserProfile.objects() model = UserProfile permission_classes = [And(LoggedIn, UrlMatchesCurrentUser)] def get_object(self, queryset=None): profile = super(PasswordChangeView, self).get_object() return profile.user def pre_save(self, obj): profile = super(PasswordChangeView, self).get_object() UserProfileService(profile).notify_password_change() def post(self, request, *args, **kwargs): return self.patch(request, *args, **kwargs)
def setUp(self): date_time = datetime.datetime(2014, 9, 17, 16, 0, 49, 807000) phone_number = "256775019449" self.district = Location( **dict(name='Kampala', parent=None, type='district')).save() self.village = Location(**dict( name='Bukoto', parent=self.district, type='village')).save() self.mobile_user = UserProfile(**dict(name='timothy', phone=phone_number, location=self.village, email=None)).save() self.message = dict(phone_no=phone_number, text="NECOC There is a fire", received_at=date_time, relayer_id=234, run_id=23243)
class PasswordResetView(UpdateAPIView): serializer_class = UserPasswordResetSerializer queryset = UserProfile.objects() model = UserProfile permission_classes = (build_permission_class('dms.can_manage_users'), ) def get_object(self, queryset=None): profile = super(PasswordResetView, self).get_object() if not profile.user: from django.http import Http404 raise Http404('%s is not a web user.' % profile.name) return profile.user def pre_save(self, obj): profile = super(PasswordResetView, self).get_object() UserProfileService(profile).reset_password() def post(self, request, *args, **kwargs): return self.patch(request, *args, **kwargs)
class UserProfileListCreateView(ListCreateAPIView): serializer_class = UserProfileSerializer queryset = UserProfile.objects() model = UserProfile permission_classes = (build_permission_class('dms.can_manage_users'),) def get_queryset(self): query_params = {key: value or None for key, value in self.request.GET.items()} user_group = self.request.user.group.name if user_group in getattr(settings, 'DISTRICT_GROUPS', []): target_locations = get_user_district_locations(self.request.user) query_params.update({'location__in': target_locations}) if 'ordering' in query_params: ordering_params = query_params['ordering'] del query_params['ordering'] query_set = UserProfile.objects(**query_params).order_by('%s' % ordering_params) else: query_set = UserProfile.objects(**query_params).order_by('-created_at') return query_set def pre_save(self, obj): username = self.request.DATA.get('username', None) group_id = self.request.DATA.get('group', None) if username: user = UserProfileService(obj).setup_new_user(username, group_id) obj.user = user def save_new_image(self, obj): try: if self.request.FILES.get('file'): image = image_resizer.ImageResizer(self.request.FILES.get('file')).generate().read() content_type = self.request.FILES.get('file').content_type obj.photo.put(image, content_type=content_type) obj.save() except: obj.photo.delete() obj.save() def post_save(self, obj, created=False): self.save_new_image(obj)
def setUp(self): self.date_time = datetime.datetime(2014, 9, 17, 16, 0, 49, 807000) phone_number = "+256775019449" self.district = Location( **dict(name='Kampala', parent=None, type='district')).save() self.village = Location(**dict( name='Bukoto', parent=self.district, type='village')).save() self.mobile_user = UserProfile(**dict(name='timothy', phone=phone_number, location=self.village, email=None)).save() text = "NECOC.%s. There is a fire" % self.village.name self.message = dict(phone_no=phone_number, text=text, received_at=self.date_time, relayer_id=234, run_id=23243) self.serialized_data = dict(phone=phone_number, time=self.date_time, relayer=234, run=23243, text=text) AdminSetting(**dict(name='enable_volunteer_profiles')).save()
def list(self, request, *args, **kwargs): user_profile = UserProfile.objects(id=kwargs['id']).first() serializer = UserProfileSerializer(user_profile) return Response(serializer.data)
def validate_phone(self, attrs, source): phone = attrs.get(source) updated_value = phone != getattr(self.object, 'phone', '') self.__check_uniqueness(attrs, 'phone', UserProfile.objects(phone=phone), updated_value) return attrs
def get_queryset(self): return UserProfile.objects()