def forgot_password(request): forgot_password_form = ForgotPasswordForm(request.POST, auto_id="id_%s") if request.method == 'POST': if forgot_password_form.is_valid(): data = forgot_password_form.cleaned_data try: user = User.objects.get(email = data['email']) except: forgot_password_form = ForgotPasswordForm(auto_id="id_%s") return render_to_response('users/forgot_password.html', { 'forgot_password_form': forgot_password_form }, context_instance = RequestContext(request)) random.seed() new_pass = ''.join([choice('qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM1234567890') for i in range(8)]) user.set_password(new_pass) user.save() mailmsg = ("Hello " + user.first_name + ",\n\nAs requested, here is a new password for you to use to login to Observatory: \n" + new_pass + "\n\n") send_mail('New Password for Observatory', mailmsg, MAIL_SENDER, [user.email], fail_silently=False) return HttpResponseRedirect(reverse(forgot_password_success)) else: return render_to_response('users/forgot_password.html', { 'forgot_password_form': forgot_password_form }, context_instance = RequestContext(request)) else: forgot_password_form = ForgotPasswordForm(auto_id="id_%s") return render_to_response('users/forgot_password.html', { 'forgot_password_form': forgot_password_form }, context_instance = RequestContext(request))
def external_add(request): """ Allow users who don't have access to the rest of the ticket system to file a ticket in a specific list. This is useful if, for example, a core web team are in a group that can file todos for each other, but you also want students to be able to post trouble tickets to a list just for the sysadmin. This way we don't have to put all students into a group that gives them access to the whole ticket system. """ if request.POST: form = AddExternalItemForm(request.POST) if form.is_valid(): # Don't commit the save until we've added in the fields we need to set item = form.save(commit=False) item.list_id = 20 # Hate hard-coding in IDs like this. item.created_by = request.user item.assigned_to = User.objects.get(username='******') item.save() # Send email email_subject = render_to_string("todo/email/assigned_subject.txt", { 'task': item.title }) email_body = render_to_string("todo/email/assigned_body.txt", { 'task': item, 'site': current_site, }) try: send_mail(email_subject, email_body, item.created_by.email, [item.assigned_to.email], fail_silently=False) except: messages.error(request, "Task saved but mail not sent. Contact your administrator." ) messages.success(request, "Your trouble ticket has been submitted. We'll get back to you soon." ) return HttpResponseRedirect(reverse('intranet_home')) else: form = AddExternalItemForm() return render_to_response('todo/add_external_task.html', locals(), context_instance=RequestContext(request))
def do_warnings(self): """ Send warning emails if either the blog or the repository haven't been updated in a week, send warning emails to the mentors if it hasn't been updated in two weeks. """ from dashboard.views.projects import show def days_ago(eventset): return (datetime.datetime.utcnow() - eventset.most_recent_date).days #If they haven't set up their blog yet, ping them and their mentor if self.blog.most_recent_date == datetime.datetime(1,1,1): blog_days_ago = 14 else: blog_days_ago = days_ago(self.blog) if self.repository.most_recent_date == datetime.datetime(1,1,1): repo_days_ago = 14 else: repo_days_ago = days_ago(self.repository) warning_msg = """You haven't updated <a href="%s"> your projects's </a> %s in the last %s days. If you're having problems please contact the mentors.""" warning_subj = "%s %s Stagnation" if (blog_days_ago >= 8 and self.blog_warn_level < 1) or (blog_days_ago >= 14 and self.blog_warn_level < 2): blog_msg = warning_msg % (SITE_ADDRESS + reverse(show, args=(self.url_path,)), "Blog", blog_days_ago) blog_subj = warning_subj % (self.title, "Blog") blog_to = [] for author in self.authors.filter(is_active = True): blog_to.extend([a.address for a in author.emails.all()]) if self.mentor and blog_days_ago >= 14 and self.blog_warn_level == 1: blog_to.extend([a.address for a in self.mentor.emails.all()]) for uber in User.objects.filter(info__ubermentor = True): blog_to.extend([a.address for a in uber.emails.all()]) try: send_mail(blog_subj, blog_msg, "*****@*****.**", blog_to) except: import traceback traceback.print_exc() self.blog_warn_level += 1 if blog_days_ago < 8: self.blog_warn_level = 0 if (repo_days_ago >= 8 and self.repo_warn_level < 1) or (repo_days_ago >= 14 and self.repo_warn_level < 2): repo_msg = warning_msg % (SITE_ADDRESS + reverse(show, args=(self.url_path,)), "Repository", repo_days_ago) repo_subj = warning_subj % (self.title, "Repository") repo_to = [] for author in self.authors.filter(is_active=True): repo_to.extend([a.address for a in author.emails.all()]) if self.mentor and repo_days_ago >= 14 and self.repo_warn_level == 1: repo_to.extend([a.address for a in self.mentor.emails.all()]) for uber in User.objects.filter(info__ubermentor = True): repo_to.extend([a.address for a in uber.emails.all()]) try: send_mail(repo_subj, repo_msg, "*****@*****.**", repo_to) except: import traceback traceback.print_exc() self.repo_warn_level += 1 if repo_days_ago < 8: self.repo_warn_level = 0 self.save()
def view_list(request,list_id=0,list_slug=None,view_completed=0): """ Display and manage items in a task list """ # Make sure the accessing user has permission to view this list. # Always authorize the "mine" view. Admins can view/edit all lists. if list_slug == "mine" or list_slug == "recent-add" or list_slug == "recent-complete" : auth_ok =1 else: list = get_object_or_404(List, slug=list_slug) listid = list.id # Check whether current user is a member of the group this list belongs to. if list.group in request.user.groups.all() or request.user.mentor or list_slug == "mine" : auth_ok = 1 # User is authorized for this view else: # User does not belong to the group this list is attached to messages.error(request, "You do not have permission to view/edit this list.") # First check for items in the mark_done POST array. If present, change # their status to complete. if request.POST.getlist('mark_done'): done_items = request.POST.getlist('mark_done') # Iterate through array of done items and update its representation in the model for thisitem in done_items: p = Item.objects.get(id=thisitem) p.completed = 1 p.completed_date = datetime.datetime.now() p.save() messages.success(request, "Item \"%s\" marked complete." % p.title) # Undo: Set completed items back to incomplete if request.POST.getlist('undo_completed_task'): undone_items = request.POST.getlist('undo_completed_task') for thisitem in undone_items: p = Item.objects.get(id=thisitem) p.completed = 0 p.save() messages.success(request, "Previously completed task \"%s\" marked incomplete." % p.title) # And delete any requested items if request.POST.getlist('del_task'): deleted_items = request.POST.getlist('del_task') for thisitem in deleted_items: p = Item.objects.get(id=thisitem) p.delete() messages.success(request, "Item \"%s\" deleted." % p.title) # And delete any *already completed* items if request.POST.getlist('del_completed_task'): deleted_items = request.POST.getlist('del_completed_task') for thisitem in deleted_items: p = Item.objects.get(id=thisitem) p.delete() messages.success(request, "Deleted previously completed item \"%s\"." % p.title) thedate = datetime.datetime.now() created_date = "%s-%s-%s" % (thedate.year, thedate.month, thedate.day) # Get list of items with this list ID, or filter on items assigned to me, or recently added/completed if list_slug == "mine": task_list = Item.objects.filter(assigned_to=request.user, completed=0) completed_list = Item.objects.filter(assigned_to=request.user, completed=1) elif list_slug == "recent-add": # We'll assume this only includes uncompleted items to avoid confusion. # Only show items in lists that are in groups that the current user is also in. task_list = Item.objects.filter(list__group__in=(request.user.groups.all()),completed=0).order_by('-created_date')[:50] # completed_list = Item.objects.filter(assigned_to=request.user, completed=1) elif list_slug == "recent-complete": # Only show items in lists that are in groups that the current user is also in. task_list = Item.objects.filter(list__group__in=request.user.groups.all(),completed=1).order_by('-completed_date')[:50] # completed_list = Item.objects.filter(assigned_to=request.user, completed=1) else: task_list = Item.objects.filter(list=list.id, completed=0) completed_list = Item.objects.filter(list=list.id, completed=1) if request.POST.getlist('add_task') : form = AddItemForm(list, request.POST,initial={ 'assigned_to':request.user.id, 'priority':999, }) if form.is_valid(): # Save task first so we have a db object to play with new_task = form.save() # Send email alert only if the Notify checkbox is checked AND the assignee is not the same as the submittor # Email subect and body format are handled by templates if "notify" in request.POST : if new_task.assigned_to != request.user : # Send email email_subject = render_to_string("todo/email/assigned_subject.txt", { 'task': new_task }) email_body = render_to_string("todo/email/assigned_body.txt", { 'task': new_task, 'site': current_site, }) try: send_mail(email_subject, email_body, new_task.created_by.email, [new_task.assigned_to.email], fail_silently=False) except: messages.error(request, "Task saved but mail not sent. Contact your administrator.") messages.success(request, "New task \"%s\" has been added." % new_task.title) return HttpResponseRedirect(request.path) else: if list_slug != "mine" and list_slug != "recent-add" and list_slug != "recent-complete" : # We don't allow adding a task on the "mine" view form = AddItemForm(list, initial={ 'assigned_to':request.user.id, 'priority':999, } ) if request.user.mentor : can_del = 1 return render_to_response('todo/view_list.html', locals(), context_instance=RequestContext(request))
def view_task(request,task_id): """ View task details. Allow task details to be edited. """ task = get_object_or_404(Item, pk=task_id) comment_list = Comment.objects.filter(task=task_id) # Before doing anything, make sure the accessing user has permission to view this item. # Determine the group this task belongs to, and check whether current user is a member of that group. # Admins can edit all tasks. if task.list.group in request.user.groups.all() or request.user.mentor: auth_ok = 1 if request.POST: form = EditItemForm(request.POST,instance=task) if form.is_valid(): form.save() # Also save submitted comment, if non-empty if request.POST['comment-body']: c = Comment( author=request.user, task=task, body=request.POST['comment-body'], ) c.save() # And email comment to all people who have participated in this thread. email_subject = render_to_string("todo/email/assigned_subject.txt", { 'task': task }) email_body = render_to_string("todo/email/newcomment_body.txt", { 'task': task, 'body':request.POST['comment-body'], 'site': current_site, 'user':request.user }) # Get list of all thread participants - task creator plus everyone who has commented on it. recip_list = [] recip_list.append(task.created_by.email) commenters = Comment.objects.filter(task=task) for c in commenters: recip_list.append(c.author.email) # Eliminate duplicate emails with the Python set() function recip_list = set(recip_list) # Send message try: send_mail(email_subject, email_body, task.created_by.email, recip_list, fail_silently=False) messages.success(request, "Comment sent to thread participants.") except: messages.error(request, "Comment saved but mail not sent. Contact your administrator.") messages.success(request, "The task has been edited.") return HttpResponseRedirect(reverse('todo-incomplete_tasks', args=[task.list.id, task.list.slug])) else: form = EditItemForm(instance=task) if task.due_date: thedate = task.due_date else: thedate = datetime.datetime.now() else: messages.info(request, "You do not have permission to view/edit this task.") return render_to_response('todo/view_task.html', locals(), context_instance=RequestContext(request))