def user_settings(request):
if request.method == "POST":
form = UserSettingsForm(request.POST, instance=request.user)
if form.is_valid():
form.save(request)
messages.success(request, 'Settings saved successfully.')
return HttpResponseRedirect(reverse('user_settings'))
else:
form = UserSettingsForm(instance=request.user)
return render_to_response('authenticated/user/user_settings.html', locals(), context_instance=RequestContext(request))
def editview(request, action):
if request.user.is_authenticated():
if request.method == 'POST':
context = {'action': 'User settings'}
orig_superuser = request.user.is_superuser
orig_staff = request.user.is_staff
if (action == 'password'):
form = PasswordChangeForm(data=request.POST, user=request.user)
elif (action == 'settings'):
if request.user.is_superuser:
form = UserSettingsForm(request.POST,
instance=request.user)
else:
form = NormalUserSettingsForm(request.POST,
instance=request.user)
if form.is_valid():
ruser = form.save(commit=False)
if not orig_superuser:
ruser.is_superuser = False
ruser.is_staff = orig_staff
ruser.save()
if action == 'settings':
try:
sciriususer = ruser.sciriususer
sciriususer.timezone = form.cleaned_data['timezone']
except:
sciriususer = SciriusUser.objects.create(
user=ruser, timezone=form.cleaned_data['timezone'])
sciriususer.save()
else:
context['error'] = 'Invalid form'
return scirius_render(request, 'accounts/edit.html', context)
else:
if (action == 'password'):
form = PasswordChangeForm(request.user)
context = {'form': form, 'action': 'Change password'}
elif (action == 'settings'):
if request.user.is_superuser:
form = UserSettingsForm(instance=request.user, )
else:
form = NormalUserSettingsForm(instance=request.user)
try:
form.initial[
'timezone'] = request.user.sciriususer.timezone
except:
pass
context = {
'form': form,
'action': 'Edit settings for ' + request.user.username
}
else:
context = {'action': 'User settings'}
return scirius_render(request, 'accounts/edit.html', context)
def edit_settings(request):
user_settings, created = UserSettings.objects.get_or_create(user=request.user)
if request.method == 'POST':
form = UserSettingsForm(request.POST, instance=user_settings)
if form.is_valid():
form.save()
if request.POST.get('welcome', False):
redir_url = "/welcome/3"
else:
redir_url = request.META["HTTP_REFERER"]
messages.success(request, 'Settings saved!')
return HttpResponseRedirect(redir_url)
def post(self):
#----------------------------------------------------------------------
'''
update user settings
'''
try:
# get the user from the database
userid = flask.session['user_id']
thisuser = racedb.User.query.filter_by(id=userid).first()
pagename = 'User Settings'
buttontext = 'Update'
successtext = '{} updated'.format(thisuser.name)
displayonly = False
# create the form
form = UserSettingsForm(email=thisuser.email, name=thisuser.name)
form.hidden_userid.data = userid
#
if form.validate_on_submit():
flask.get_flashed_messages() # clears flash queue
# action and commit requested
if flask.request.form['whichbutton'] == buttontext:
thisuser.email = form.email.data
thisuser.name = form.name.data
if form.password.data:
thisuser.set_password(form.password.data)
# commit database updates and close transaction
db.session.commit()
return flask.redirect(flask.request.args.get('next') or flask.url_for('index'))
# cancel requested - note changes may have been made in url_for('updatepermissions') which need to be rolled back
# TODO: get rid of this??? It should not work
elif flask.request.form['whichbutton'] == 'Cancel':
db.session.rollback() # throw out any changes which have been made
return flask.redirect(flask.request.args.get('next') or flask.url_for('index'))
# commit database updates and close transaction
db.session.commit()
return (flask.redirect(flask.request.args.get('next')) or flask.url_for('index'))
except Exception,e:
# roll back database updates and close transaction
db.session.rollback()
cause = 'Unexpected Error: {}\n{}'.format(e,traceback.format_exc())
flask.flash(cause)
app.logger.error(traceback.format_exc())
raise
def manageuseraction(request, user_id, action):
user = get_object_or_404(User, pk=user_id)
context = { 'action': 'User actions', 'user': user }
if request.method == 'POST':
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
if action == "edit":
form = UserSettingsForm(request.POST, instance = user)
if form.is_valid():
form.save()
else:
context['error'] = 'Invalid form'
return scirius_render(request, 'accounts/user.html', context)
if action == "activate":
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
user.is_active = True
user.save()
elif action == "deactivate":
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
user.is_active = False
user.save()
elif action == "edit":
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
form = UserSettingsForm(instance = user)
context = {'form': form }
return scirius_render(request, 'accounts/user.html', context)
elif action == "delete":
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
if request.GET.__contains__('confirm'):
user.delete()
return redirect('/accounts/manage/')
else:
context = { 'confirm_action': 'Delete user', 'user': user, 'action': 'delete'}
return scirius_render(request, 'accounts/user.html', context)
context = { 'action': 'User actions', 'user': user }
return scirius_render(request, 'accounts/user.html', context)
def setting(request):
settings = UserSettings.getByCurrentUser()
im_protocol = settings.im.protocol if settings.im is not None else ''
im_address = settings.im.address if settings.im is not None else ''
if request.method == 'GET':
form = UserSettingsForm({'firstname':settings.firstname,
'lastname':settings.lastname,
'gender':settings.gender,
'profile': settings.profile,
'language': settings.language,
'birthdate':settings.birthdate,
'website': settings.website,
'home_phone': settings.home_phone,
'work_phone':settings.work_phone,
'mobile':settings.mobile,
'fax':settings.fax,
'address':settings.address
})
if request.method == 'POST':
form = UserSettingsForm(request.POST)
logging.getLogger().debug(form)
if form.is_valid():
modified_settings = form.save(commit=False)
settings.lastname = modified_settings.lastname
settings.firstname = modified_settings.firstname
settings.gender = modified_settings.gender
settings.profile = modified_settings.profile
settings.language = modified_settings.language
settings.birthdate = modified_settings.birthdate
settings.website = modified_settings.website
settings.home_phone = modified_settings.home_phone
settings.work_phone = modified_settings.work_phone
settings.mobile = modified_settings.mobile
settings.fax = modified_settings.fax
settings.address = modified_settings.address
if request.POST['im_address'] is not u'':
settings.im = db.IM(request.POST['im_protocol'], request.POST['im_address'])
settings.put()
return HttpResponseRedirect('/')
return render_to_response('setting.html', {'im_protocol':im_protocol,'im_address':im_address,'form': form}, context_instance=RequestContext(request))
def user_settings(request):
if request.method == "POST":
form = UserSettingsForm(request.POST, instance=request.user)
if form.is_valid():
form.save(request)
messages.success(request, 'Settings saved successfully.')
return HttpResponseRedirect(reverse('user_settings'))
else:
form = UserSettingsForm(instance=request.user)
return render_to_response('authenticated/user/user_settings.html',
locals(),
context_instance=RequestContext(request))
def editview(request, action):
if request.user.is_authenticated():
if request.method == 'POST':
context = {'action': 'User settings'}
orig_superuser = request.user.is_superuser
orig_staff = request.user.is_staff
if (action == 'password'):
form = PasswordChangeForm(data=request.POST, user=request.user)
elif (action == 'settings'):
form = UserSettingsForm(request.POST, instance=request.user)
if form.is_valid():
ruser = form.save(commit=False)
if not orig_superuser:
ruser.is_superuser = False
ruser.is_staff = orig_staff
ruser.save()
form.save_m2m()
else:
context['error'] = 'Invalid form'
return scirius_render(request, 'accounts/edit.html', context)
else:
if (action == 'password'):
form = PasswordChangeForm(request.user)
context = {'form': form, 'action': 'Change password'}
elif (action == 'settings'):
if request.user.is_superuser:
form = UserSettingsForm(instance=request.user)
else:
form = NormalUserSettingsForm(instance=request.user)
context = {
'form': form,
'action': 'Edit settings for ' + request.user.username
}
else:
context = {'action': 'User settings'}
return scirius_render(request, 'accounts/edit.html', context)
def manageuseraction(request, user_id, action):
user = get_object_or_404(User, pk=user_id)
context = {'action': 'User actions', 'user': user}
if request.method == 'POST':
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
if action == "edit":
form = UserSettingsForm(request.POST, instance=user)
if form.is_valid():
form.save()
else:
context['error'] = 'Invalid form'
return scirius_render(request, 'accounts/user.html', context)
if action == "activate":
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
user.is_active = True
user.save()
elif action == "deactivate":
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
user.is_active = False
user.save()
elif action == "edit":
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
form = UserSettingsForm(instance=user)
context = {'form': form}
return scirius_render(request, 'accounts/user.html', context)
elif action == "delete":
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
if request.GET.__contains__('confirm'):
user.delete()
return redirect('/accounts/manage/')
else:
context = {
'confirm_action': 'Delete user',
'user': user,
'action': 'delete'
}
return scirius_render(request, 'accounts/user.html', context)
context = {'action': 'User actions', 'user': user}
return scirius_render(request, 'accounts/user.html', context)
def setting(request):
settings = UserSettings.getByCurrentUser()
im_protocol = settings.im.protocol if settings.im is not None else ''
im_address = settings.im.address if settings.im is not None else ''
if request.method == 'GET':
form = UserSettingsForm({
'firstname': settings.firstname,
'lastname': settings.lastname,
'gender': settings.gender,
'profile': settings.profile,
'language': settings.language,
'birthdate': settings.birthdate,
'website': settings.website,
'home_phone': settings.home_phone,
'work_phone': settings.work_phone,
'mobile': settings.mobile,
'fax': settings.fax,
'address': settings.address
})
if request.method == 'POST':
form = UserSettingsForm(request.POST)
logging.getLogger().debug(form)
if form.is_valid():
modified_settings = form.save(commit=False)
settings.lastname = modified_settings.lastname
settings.firstname = modified_settings.firstname
settings.gender = modified_settings.gender
settings.profile = modified_settings.profile
settings.language = modified_settings.language
settings.birthdate = modified_settings.birthdate
settings.website = modified_settings.website
settings.home_phone = modified_settings.home_phone
settings.work_phone = modified_settings.work_phone
settings.mobile = modified_settings.mobile
settings.fax = modified_settings.fax
settings.address = modified_settings.address
if request.POST['im_address'] is not u'':
settings.im = db.IM(request.POST['im_protocol'],
request.POST['im_address'])
settings.put()
return HttpResponseRedirect('/')
return render_to_response('setting.html', {
'im_protocol': im_protocol,
'im_address': im_address,
'form': form
},
context_instance=RequestContext(request))
def manageuseraction(request, user_id, action):
user = get_object_or_404(User, pk=user_id)
context = {'action': 'User actions', 'user': user}
if request.method == 'POST':
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
if action == "edit":
form = UserSettingsForm(request.POST, instance = user)
if form.is_valid():
form.save()
try:
sciriususer = user.sciriususer
sciriususer.timezone = form.cleaned_data['timezone']
except:
sciriususer = SciriusUser.objects.create(user = user, timezone = form.cleaned_data['timezone'])
sciriususer.save()
else:
context['error'] = 'Edition form is not valid'
context['form'] = form
elif action == 'password':
form = PasswordForm(request.POST)
if form.is_valid():
user.set_password(form.cleaned_data['password'])
user.save()
if user == request.user:
# If the user change his own password prevent the session to be invalidated
update_session_auth_hash(request, user)
else:
context['error'] = 'Password form is not valid'
elif action == "delete":
form = DeleteForm(request.POST)
if form.is_valid():
if request.POST.__contains__('confirm'):
user.delete()
return redirect('/accounts/manage/')
else:
context['error'] = 'Delete form is not valid'
return scirius_render(request, 'accounts/user.html', context)
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
context['user'] = get_object_or_404(User, pk=request.user.pk)
return scirius_render(request, 'accounts/user.html', context)
if action == "activate":
user.is_active = True
user.save()
context['current_action'] = 'Activate user %s' % user.username
elif action == "deactivate":
user.is_active = False
user.save()
context['current_action'] = 'Deactivate user %s' % user.username
elif action == "edit":
form = UserSettingsForm(instance = user)
try:
form.initial['timezone'] = user.sciriususer.timezone
except:
pass
context['form'] = form
context['current_action'] = 'Edit user %s' % user.username
return scirius_render(request, 'accounts/user.html', context)
elif action == "password":
form = PasswordForm()
context['form'] = form
context['current_action'] = 'Edit password for user %s' % user.username
return scirius_render(request, 'accounts/user.html', context)
elif action == "delete":
context = { 'confirm_action': 'Delete user', 'user': user, 'action': 'delete'}
return scirius_render(request, 'accounts/user.html', context)
context['current_action'] = 'User %s' % user.username
return scirius_render(request, 'accounts/user.html', context)
def editview(request, action):
if request.user.is_authenticated():
request_data = None
context = {}
if request.method == 'POST':
request_data = request.POST
if action == 'password':
form = PasswordChangeForm(user=request.user, data=request_data)
context = {
'form': form,
'action': 'Change password',
'edition': True
}
elif action == 'settings':
tz = 'UTC'
if hasattr(request.user, 'sciriususer'):
tz = request.user.sciriususer.timezone
initial = {'timezone': tz}
if request.user.is_superuser:
form = UserSettingsForm(request_data,
instance=request.user,
initial=initial)
else:
form = NormalUserSettingsForm(request_data,
instance=request.user,
initial=initial)
context = {
'form': form,
'action': 'Edit settings for ' + request.user.username,
'edition': True
}
elif action == 'token':
initial = {}
token = Token.objects.filter(user=request.user)
if len(token):
initial['token'] = token[0]
form = TokenForm(request_data, initial=initial)
context = {'form': form, 'action': 'User token', 'edition': True}
else:
context = {'action': 'User settings', 'edition': False}
if request.method == 'POST':
if action == 'token':
current_tokens = Token.objects.filter(user=request.user)
for token in current_tokens:
token.delete()
Token.objects.create(user=request.user)
return redirect('accounts_edit', action='token')
orig_superuser = request.user.is_superuser
orig_staff = request.user.is_staff
if form.is_valid():
context['edition'] = False
context['action'] = 'User settings'
ruser = form.save(commit=False)
if not orig_superuser:
ruser.is_superuser = False
ruser.is_staff = orig_staff
ruser.save()
if action == 'password':
update_session_auth_hash(request, ruser)
if action == 'settings':
try:
sciriususer = ruser.sciriususer
sciriususer.timezone = form.cleaned_data['timezone']
except:
sciriususer = SciriusUser.objects.create(
user=ruser, timezone=form.cleaned_data['timezone'])
sciriususer.save()
return scirius_render(request, 'accounts/edit.html', context)
def manageuseraction(request, user_id, action):
user = get_object_or_404(User, pk=user_id)
context = {'action': 'User actions', 'user': user}
if request.method == 'POST':
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
if action == "edit":
form = UserSettingsForm(request.POST, instance=user)
if form.is_valid():
form.save()
try:
sciriususer = user.sciriususer
sciriususer.timezone = form.cleaned_data['timezone']
except:
sciriususer = SciriusUser.objects.create(
user=user, timezone=form.cleaned_data['timezone'])
sciriususer.save()
else:
context['error'] = 'Edition form is not valid'
context['form'] = form
elif action == 'password':
form = PasswordForm(request.POST)
if form.is_valid():
user.set_password(form.cleaned_data['password'])
user.save()
if user == request.user:
# If the user change his own password prevent the session to be invalidated
update_session_auth_hash(request, user)
else:
context['error'] = 'Password form is not valid'
elif action == "delete":
form = DeleteForm(request.POST)
if form.is_valid():
if request.POST.__contains__('confirm'):
user.delete()
return redirect('/accounts/manage/')
else:
context['error'] = 'Delete form is not valid'
return scirius_render(request, 'accounts/user.html', context)
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
context['user'] = get_object_or_404(User, pk=request.user.pk)
return scirius_render(request, 'accounts/user.html', context)
if action == "activate":
user.is_active = True
user.save()
context['current_action'] = 'Activate user %s' % user.username
elif action == "deactivate":
user.is_active = False
user.save()
context['current_action'] = 'Deactivate user %s' % user.username
elif action == "edit":
form = UserSettingsForm(instance=user)
try:
form.initial['timezone'] = user.sciriususer.timezone
except:
pass
context['form'] = form
context['current_action'] = 'Edit user %s' % user.username
return scirius_render(request, 'accounts/user.html', context)
elif action == "password":
form = PasswordForm()
context['form'] = form
context['current_action'] = 'Edit password for user %s' % user.username
return scirius_render(request, 'accounts/user.html', context)
elif action == "delete":
context = {
'confirm_action': 'Delete user',
'user': user,
'action': 'delete'
}
return scirius_render(request, 'accounts/user.html', context)
context['current_action'] = 'User %s' % user.username
return scirius_render(request, 'accounts/user.html', context)
def manageuseraction(request, user_id, action):
user = get_object_or_404(User, pk=user_id)
context = {'action': 'User actions', 'user': user}
if request.method == 'POST':
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
if action == "edit":
form = UserSettingsForm(request.POST, instance=user)
if form.is_valid():
form.save()
try:
sciriususer = user.sciriususer
sciriususer.timezone = form.cleaned_data['timezone']
except:
sciriususer = SciriusUser.objects.create(
user=user, timezone=form.cleaned_data['timezone'])
sciriususer.save()
else:
context['error'] = 'Invalid form'
elif action == 'password':
form = PasswordForm(request.POST)
if form.is_valid():
user.set_password(form.cleaned_data['password'])
user.save()
else:
context['error'] = 'Invalid form'
elif action == "delete":
form = DeleteForm(request.POST)
if form.is_valid():
if request.POST.__contains__('confirm'):
user.delete()
return redirect('/accounts/manage/')
else:
context['error'] = 'Invalid form'
return scirius_render(request, 'accounts/user.html', context)
if action == "activate":
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
user.is_active = True
user.save()
elif action == "deactivate":
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
user.is_active = False
user.save()
elif action == "edit":
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
form = UserSettingsForm(instance=user)
try:
form.initial['timezone'] = user.sciriususer.timezone
except:
pass
context['form'] = form
return scirius_render(request, 'accounts/user.html', context)
elif action == "password":
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
form = PasswordForm()
context['form'] = form
return scirius_render(request, 'accounts/user.html', context)
elif action == "delete":
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
context = {
'confirm_action': 'Delete user',
'user': user,
'action': 'delete'
}
return scirius_render(request, 'accounts/user.html', context)
context = {'action': 'User actions', 'user': user}
return scirius_render(request, 'accounts/user.html', context)
def manageuseraction(request, user_id, action):
user = get_object_or_404(User, pk=user_id)
context = { 'action': 'User actions', 'user': user }
if request.method == 'POST':
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
if action == "edit":
form = UserSettingsForm(request.POST, instance = user)
if form.is_valid():
form.save()
try:
sciriususer = user.sciriususer
sciriususer.timezone = form.cleaned_data['timezone']
except:
sciriususer = SciriusUser.objects.create(user = user, timezone = form.cleaned_data['timezone'])
sciriususer.save()
else:
context['error'] = 'Invalid form'
elif action == 'password':
form = PasswordForm(request.POST)
if form.is_valid():
user.set_password(form.cleaned_data['password'])
user.save()
else:
context['error'] = 'Invalid form'
return scirius_render(request, 'accounts/user.html', context)
if action == "activate":
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
user.is_active = True
user.save()
elif action == "deactivate":
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
user.is_active = False
user.save()
elif action == "edit":
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
form = UserSettingsForm(instance = user)
try:
form.initial['timezone'] = user.sciriususer.timezone
except:
pass
context['form'] = form
return scirius_render(request, 'accounts/user.html', context)
elif action == "password":
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
form = PasswordForm()
context['form'] = form
return scirius_render(request, 'accounts/user.html', context)
elif action == "delete":
if not request.user.is_superuser:
context['error'] = 'Unsufficient permissions'
return scirius_render(request, 'accounts/user.html', context)
if request.GET.__contains__('confirm'):
user.delete()
return redirect('/accounts/manage/')
else:
context = { 'confirm_action': 'Delete user', 'user': user, 'action': 'delete'}
return scirius_render(request, 'accounts/user.html', context)
context = { 'action': 'User actions', 'user': user }
return scirius_render(request, 'accounts/user.html', context)
