med/users/views.py

171 lines
5.6 KiB
Python
Raw Normal View History

2019-08-02 12:57:53 +00:00
# -*- mode: python; coding: utf-8 -*-
# Copyright (C) 2017-2019 by BDE ENS Paris-Saclay
# SPDX-License-Identifier: GPL-3.0-or-later
from django.contrib import messages
from django.contrib.auth.decorators import login_required, permission_required
from django.core.mail import send_mail
from django.core.urlresolvers import reverse
from django.db import transaction
2019-08-08 13:35:25 +00:00
from django.shortcuts import get_object_or_404, redirect, render
2019-08-02 12:57:53 +00:00
from django.template import loader
from django.template.context_processors import csrf
from django.utils import timezone
from reversion import revisions as reversion
2019-08-08 13:35:25 +00:00
from med.settings import ASSO_EMAIL, ASSO_NAME, EMAIL_FROM, \
2019-08-08 14:18:15 +00:00
REQ_EXPIRE_STR, SITE_NAME
2019-08-02 12:57:53 +00:00
from media.models import Emprunt
2019-08-08 14:18:15 +00:00
from users.forms import BaseInfoForm
2019-08-02 16:41:19 +00:00
from users.forms import PassForm
2019-08-08 14:18:15 +00:00
from users.models import Adhesion, Request, Right, User
def form(ctx, template, request):
c = ctx
c.update(csrf(request))
return render(request, template, c)
2019-08-02 12:57:53 +00:00
def password_change_action(u_form, user, request, req=False):
""" Fonction qui effectue le changeemnt de mdp bdd"""
if u_form.cleaned_data['passwd1'] != u_form.cleaned_data['passwd2']:
messages.error(request, "Les 2 mots de passe différent")
return form({'userform': u_form}, 'users/user.html', request)
user.set_password(u_form.cleaned_data['passwd1'])
with transaction.atomic(), reversion.create_revision():
user.save()
reversion.set_comment("Réinitialisation du mot de passe")
messages.success(request, "Le mot de passe a changé")
if req:
req.delete()
return redirect("/")
return redirect("/users/profil/" + str(user.id))
2019-08-02 12:57:53 +00:00
def reset_passwd_mail(req, request):
2019-08-08 13:35:25 +00:00
"""
Envoie un mail de réinitialisation de mot de passe
"""
t = loader.get_template('users/email_passwd_request')
c = {
2019-08-08 10:16:40 +00:00
'name': str(req.user.first_name) + ' ' + str(req.user.last_name),
2019-08-02 12:57:53 +00:00
'asso': ASSO_NAME,
'asso_mail': ASSO_EMAIL,
'site_name': SITE_NAME,
'url': request.build_absolute_uri(
reverse('users:process', kwargs={'token': req.token})),
'expire_in': REQ_EXPIRE_STR,
}
2017-06-23 18:10:14 +00:00
send_mail('Votre compte %s' % SITE_NAME, t.render(c),
2019-08-02 12:57:53 +00:00
EMAIL_FROM, [req.user.email], fail_silently=False)
return
2017-06-30 01:25:07 +00:00
@login_required
2019-08-08 14:18:15 +00:00
@permission_required('users.add_user')
def new_user(request):
2019-08-08 13:35:25 +00:00
"""
Vue de création d'un nouvel utilisateur
"""
user = BaseInfoForm(request.POST or None)
if user.is_valid():
user = user.save(commit=False)
with transaction.atomic(), reversion.create_revision():
user.save()
reversion.set_comment("Création")
req = Request()
req.type = Request.PASSWD
req.user = user
req.save()
reset_passwd_mail(req, request)
2019-08-02 12:57:53 +00:00
messages.success(request,
2019-08-08 13:35:25 +00:00
"L'utilisateur %s a été crée, un mail pour "
"l'initialisation du mot de passe a été "
"envoyé" % user.username)
return redirect("/users/profil/" + str(user.id))
return form({'userform': user}, 'users/user.html', request)
2019-08-02 12:57:53 +00:00
@login_required
2019-08-08 14:18:15 +00:00
def edit_info(request):
2019-08-08 13:35:25 +00:00
"""
2019-08-08 14:18:15 +00:00
Edite son utilisateur
2019-08-08 13:35:25 +00:00
"""
2019-08-08 14:18:15 +00:00
user = BaseInfoForm(request.POST or None, instance=request.user)
if user.is_valid():
with transaction.atomic(), reversion.create_revision():
user.save()
reversion.set_user(request.user)
2019-08-08 13:35:25 +00:00
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(
field for field in user.changed_data))
messages.success(request, "L'user a bien été modifié")
2019-08-08 14:18:15 +00:00
return redirect("/users/profil/")
return form({'userform': user}, 'users/user.html', request)
2019-08-02 12:57:53 +00:00
@login_required
2019-08-08 14:18:15 +00:00
def password(request):
"""
Reinitialisation d'un mot de passe
"""
u_form = PassForm(request.POST or None)
if u_form.is_valid():
2019-08-08 14:18:15 +00:00
return password_change_action(u_form, request.user, request)
return form({'userform': u_form}, 'users/user.html', request)
2019-08-02 12:57:53 +00:00
2019-08-08 13:35:25 +00:00
@login_required
2019-08-08 14:18:15 +00:00
def profil(request):
"""
Voir son profil
"""
emprunts_list = Emprunt.objects.filter(user=request.user)
list_droits = Right.objects.filter(user=request.user)
return render(
request,
'users/profil.html',
{
2019-08-08 14:18:15 +00:00
'user': request.user,
2017-06-30 01:25:07 +00:00
'emprunts_list': emprunts_list,
2019-08-02 12:57:53 +00:00
'list_droits': list_droits,
}
)
2019-08-02 12:57:53 +00:00
@login_required
2019-08-08 14:18:15 +00:00
@permission_required('users.add_adhesion')
def adherer(request, userid):
try:
users = User.objects.get(pk=userid)
except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
return redirect("/users/")
2019-08-08 13:35:25 +00:00
adh_year = Adhesion.objects.all().order_by('annee_debut').reverse().first()
with transaction.atomic(), reversion.create_revision():
reversion.set_user(request.user)
2019-08-08 13:35:25 +00:00
adh_year.adherent.add(users)
adh_year.save()
reversion.set_comment("Adhesion de %s" % users)
messages.success(request, "Adhesion effectuee")
return redirect("/users/profil/" + userid)
2019-08-02 12:57:53 +00:00
def process(request, token):
valid_reqs = Request.objects.filter(expires_at__gt=timezone.now())
req = get_object_or_404(valid_reqs, token=token)
if req.type == Request.PASSWD:
return process_passwd(request, req)
else:
messages.error(request, "Entrée incorrecte, contactez un admin")
redirect("/")
2019-08-02 12:57:53 +00:00
def process_passwd(request, req):
u_form = PassForm(request.POST or None)
user = req.user
if u_form.is_valid():
return password_change_action(u_form, user, request, req=req)
return form({'userform': u_form}, 'users/user.html', request)