"""user management system views """ from django.conf import settings from django.http import HttpResponseRedirect, Http404 from django.shortcuts import * from django.utils.translation import ugettext_lazy as _ from django import template from django.template import RequestContext from django.views.generic.list_detail import object_list, object_detail from django.views.generic.create_update import create_object, update_object from django.contrib.auth.decorators import user_passes_test from django.contrib.auth.models import User from django.contrib.auth import REDIRECT_FIELD_NAME from django.contrib.auth.forms import AuthenticationForm from django.contrib.auth.forms import PasswordChangeForm from django import forms from pycon.features.decorators import * from pycon.core import mail from models import UserProfile from forms import NewUserAndProfileForm, EditUserAndProfileForm, ResetPasswordsForm def logout(request, next_page=None, template_name='registration/logged_out.html'): "Logs out the user and displays 'You are logged out' message." from django.contrib.auth import logout logout(request) if next_page is None: next_page = request.REQUEST.get(REDIRECT_FIELD_NAME, None) if next_page is None: return render_to_response(template_name, {'title': _('Logged out')}, context_instance=RequestContext(request)) else: # Redirect to this page until the session has been cleared. return HttpResponseRedirect(next_page or request.path) def login(request, template_name='registration/login.html'): "Displays the login form and handles the login action." manipulator = AuthenticationForm(request) redirect_to = request.REQUEST.get(REDIRECT_FIELD_NAME, '') if request.POST: errors = manipulator.get_validation_errors(request.POST) if not errors: # Light security check -- make sure redirect_to isn't garbage. if not redirect_to or '://' in redirect_to or ' ' in redirect_to: redirect_to = settings.PROFILE_URL from django.contrib.auth import login login(request, manipulator.get_user()) request.session.delete_test_cookie() return HttpResponseRedirect(redirect_to) else: errors = {} request.session.set_test_cookie() return render_to_response(template_name, { 'form': forms.FormWrapper(manipulator, request.POST, errors), REDIRECT_FIELD_NAME: redirect_to, }, context_instance=RequestContext(request)) def catchall(request, url, redirect=""): redirect_to = request.path[:len(url)] if redirect: if redirect_to[-1] != "/": redirect_to += "/" redirect_to += redirect if redirect_to[-1] != "/": redirect_to += "/" return HttpResponseRedirect(redirect_to) def activate_account(request, code): extra_context = {'code': code} try: profile = UserProfile.objects.get(code=code) except UserProfile.DoesNotExist: profile = None if profile is not None: profile.activate(code) user = profile.user #from django.contrib.auth import login #login(request, user) ## crashes w/o passwd activation extra_context['user'] = user redirect_to = request.REQUEST.get(REDIRECT_FIELD_NAME, settings.PROFILE_URL) extra_context['redirect_to'] = redirect_to return render_to_response('usermgr/passed_activation.html', extra_context, context_instance=template.RequestContext(request)) return render_to_response('usermgr/failed_activation.html', extra_context, context_instance=template.RequestContext(request)) @feature_required('SendMail', auto_create_feat=True) def reset_password(request): extra_context = {} manipulator = ResetPasswordsForm(request) if request.POST: errors = manipulator.get_validation_errors(request.POST) if not errors: manipulator.save() # Light security check -- make sure redirect_to isn't garbage. return render_to_response("usermgr/password_reset.html", {'email': request.POST['email'] }, context_instance=RequestContext(request)) else: errors = {} return render_to_response("usermgr/reset_password.html", { 'form': forms.FormWrapper(manipulator, request.POST, errors) }, context_instance=RequestContext(request)) @login_required def view_profile(request, **extra_context): return render_to_response('usermgr/profile.html', extra_context, context_instance=template.RequestContext(request)) @login_required def edit_profile(request, **extra_context): manipulator = EditUserAndProfileForm(request) if request.method == 'POST': new_data = request.POST.copy() errors = manipulator.get_validation_errors(new_data) if not errors: new_profile = manipulator.save(new_data) redirect_to = request.REQUEST.get(REDIRECT_FIELD_NAME, '../') return HttpResponseRedirect(redirect_to) else: errors = {} new_data = manipulator.flatten_data() form = forms.FormWrapper(manipulator, new_data, errors) extra_context.update({'title': _('Edit user profile'), 'redirect_to': request.REQUEST.get(REDIRECT_FIELD_NAME, '../'), 'form': form,}) return render_to_response('usermgr/create_user.html', extra_context, context_instance=template.RequestContext(request)) @feature_required("CreateAccount", auto_create_feat=True) def new_user_and_profile(request, **extra_context): manipulator = NewUserAndProfileForm() if request.method == 'POST': new_data = request.POST.copy() errors = manipulator.get_validation_errors(new_data) if not errors: new_profile = manipulator.save(new_data) if not request.user.is_anonymous(): msg = _('The %(name)s "%(obj)s" was added successfully.') % { 'name': 'user', 'obj': new_profile} request.user.message_set.create(message=msg) #from django.contrib.auth import login #login(request, manipulator.get_user()) redirect_to = request.REQUEST.get(REDIRECT_FIELD_NAME, settings.PROFILE_URL) extra_context['REDIRECT_FIELD_NAME'] = REDIRECT_FIELD_NAME extra_context['redirect_to']=redirect_to extra_context['mailto']=new_profile.user extra_context['code']=new_profile.code from django.template import loader message = loader.render_to_string('email/new_account_activate.txt', extra_context, context_instance=template.RequestContext(request)) #print message sent = mail.send_mail(settings.CONFERENCE_NAME + ' Account Activation', message, settings.USERMGR_FROM_EMAIL, [new_profile.user.email], replyto_email=settings.USERMGR_REPLYTO_EMAIL) if not sent: ## e-mail sending failed!!! log them in. from django.contrib.auth import login new_profile.activate(new_profile.code) login(request, manipulator.get_user()) return HttpResponseRedirect(redirect_to) return render_to_response('usermgr/requires_activation.html', extra_context, context_instance=template.RequestContext(request)) else: errors = new_data = {} form = forms.FormWrapper(manipulator, new_data, errors) extra_context.update({'title': _('New user profile'), 'form': form,}) return render_to_response('usermgr/create_user.html', extra_context, context_instance=template.RequestContext(request)) @login_required def password_change(request, redirect_to="../", template_name='registration/password_change.html'): new_data, errors = {}, {} form = PasswordChangeForm(request.user) if request.POST: new_data = request.POST.copy() errors = form.get_validation_errors(new_data) if not errors: form.save(new_data) return HttpResponseRedirect(redirect_to) return render_to_response(template_name, {'form': forms.FormWrapper(form, new_data, errors), 'redirect_to': redirect_to}, context_instance=RequestContext(request)) def public_profile(request, pubid): user = User.objects.get_for_public_id(pubid, False) if user is None or not user.is_active: raise Http404, "Page not found." try: if not user.get_profile().bio: raise Http404, "Page not found." except: raise Http404, "Page not found." return render_to_response('usermgr/public_profile.html', {'requested_user': user, 'title': unicode(user)}, context_instance=template.RequestContext(request))