med/users/views.py

163 lines
5.3 KiB
Python

# -*- mode: python; coding: utf-8 -*-
# Copyright (C) 2017-2019 by BDE ENS Paris-Saclay
# SPDX-License-Identifier: GPL-3.0-or-later
from django.contrib import messages
from django.contrib.auth.decorators import login_required, permission_required
from django.core.mail import send_mail
from django.core.urlresolvers import reverse
from django.db import transaction
from django.shortcuts import get_object_or_404, redirect, render
from django.template import loader
from django.template.context_processors import csrf
from django.utils import timezone
from django.utils.translation import ugettext_lazy as _
from reversion import revisions as reversion
from med.settings import ASSO_EMAIL, ASSO_NAME, EMAIL_FROM, \
REQ_EXPIRE_STR, SITE_NAME
from users.forms import BaseInfoForm
from users.forms import PassForm
from users.models import Adhesion, Request, User
def form(ctx, template, request):
c = ctx
c.update(csrf(request))
return render(request, template, c)
def password_change_action(u_form, user, request, req=False):
""" Fonction qui effectue le changeemnt de mdp bdd"""
if u_form.cleaned_data['passwd1'] != u_form.cleaned_data['passwd2']:
messages.error(request, "Les 2 mots de passe différent")
return form({'userform': u_form}, 'users/user.html', request)
user.set_password(u_form.cleaned_data['passwd1'])
with transaction.atomic(), reversion.create_revision():
user.save()
reversion.set_comment("Réinitialisation du mot de passe")
messages.success(request, "Le mot de passe a changé")
if req:
req.delete()
return redirect("/")
return redirect("/")
def reset_passwd_mail(req, request):
"""
Envoie un mail de réinitialisation de mot de passe
"""
t = loader.get_template('users/email_passwd_request')
c = {
'name': str(req.user.first_name) + ' ' + str(req.user.last_name),
'asso': ASSO_NAME,
'asso_mail': ASSO_EMAIL,
'site_name': SITE_NAME,
'url': request.build_absolute_uri(
reverse('users:process', kwargs={'token': req.token})),
'expire_in': REQ_EXPIRE_STR,
}
send_mail('Votre compte %s' % SITE_NAME, t.render(c),
EMAIL_FROM, [req.user.email], fail_silently=False)
return
@login_required
@permission_required('users.add_user')
def new_user(request):
"""
Vue de création d'un nouvel utilisateur
"""
user = BaseInfoForm(request.POST or None)
if user.is_valid():
user = user.save(commit=False)
with transaction.atomic(), reversion.create_revision():
user.save()
reversion.set_comment("Création")
req = Request()
req.type = Request.PASSWD
req.user = user
req.save()
reset_passwd_mail(req, request)
messages.success(request,
"L'utilisateur %s a été crée, un mail pour "
"l'initialisation du mot de passe a été "
"envoyé" % user.username)
return redirect("/")
return form({
'form': user,
'title': _('New user'),
}, 'users/user.html', request)
@login_required
def edit_info(request):
"""
Edite son utilisateur
"""
user = BaseInfoForm(request.POST or None, instance=request.user)
if user.is_valid():
with transaction.atomic(), reversion.create_revision():
user.save()
reversion.set_user(request.user)
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(
field for field in user.changed_data))
messages.success(request, "L'user a bien été modifié")
return redirect("/")
return form({
'form': user,
'password_change': True,
'title': _('Edit user profile'),
}, 'users/user.html', request)
@login_required
def password(request):
"""
Reinitialisation d'un mot de passe
"""
u_form = PassForm(request.POST or None)
if u_form.is_valid():
return password_change_action(u_form, request.user, request)
return form({
'form': u_form,
'title': _('Change password'),
}, 'users/user.html', request)
@login_required
@permission_required('users.add_adhesion')
def adherer(request, userid):
try:
users = User.objects.get(pk=userid)
except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
return redirect("/")
adh_year = Adhesion.objects.all().order_by('annee_debut').reverse().first()
with transaction.atomic(), reversion.create_revision():
reversion.set_user(request.user)
adh_year.adherent.add(users)
adh_year.save()
reversion.set_comment("Adhesion de %s" % users)
messages.success(request, "Adhesion effectuee")
return redirect("/")
def process(request, token):
valid_reqs = Request.objects.filter(expires_at__gt=timezone.now())
req = get_object_or_404(valid_reqs, token=token)
if req.type == Request.PASSWD:
return process_passwd(request, req)
else:
messages.error(request, "Entrée incorrecte, contactez un admin")
redirect("/")
def process_passwd(request, req):
u_form = PassForm(request.POST or None)
user = req.user
if u_form.is_valid():
return password_change_action(u_form, user, request, req=req)
return form({'userform': u_form}, 'users/user.html', request)