webvirtcloud/accounts/views.py

from admin.decorators import superuser_only
from django.conf import settings
from django.contrib import messages
from django.contrib.auth import get_user_model, update_session_auth_hash
from django.contrib.auth.decorators import permission_required
from django.contrib.auth.forms import PasswordChangeForm
from django.shortcuts import get_object_or_404, redirect, render
from django.urls import reverse
from django.utils.translation import gettext_lazy as _
from instances.models import Instance

from accounts.forms import EmailOTPForm, ProfileForm, UserSSHKeyForm
from accounts.models import *

from . import forms
from .utils import get_user_totp_device, send_email_with_otp


def profile(request):
    publickeys = UserSSHKey.objects.filter(user_id=request.user.id)
    profile_form = ProfileForm(request.POST or None, instance=request.user)
    ssh_key_form = UserSSHKeyForm()

    if profile_form.is_valid():
        profile_form.save()
        messages.success(request, _("Profile updated"))
        return redirect("accounts:profile")

    return render(
        request,
        "profile.html",
        {
            "publickeys": publickeys,
            "profile_form": profile_form,
            "ssh_key_form": ssh_key_form,
        },
    )


def ssh_key_create(request):
    key_form = UserSSHKeyForm(request.POST or None, user=request.user)
    if key_form.is_valid():
        key_form.save()
        messages.success(request, _("SSH key added"))
        return redirect("accounts:profile")

    return render(
        request,
        "common/form.html",
        {
            "form": key_form,
            "title": _("Add SSH key"),
        },
    )


def ssh_key_delete(request, pk):
    ssh_key = get_object_or_404(UserSSHKey, pk=pk, user=request.user)
    if request.method == "POST":
        ssh_key.delete()
        messages.success(request, _("SSH key deleted"))
        return redirect("accounts:profile")

    return render(
        request,
        "common/confirm_delete.html",
        {
            "object": ssh_key,
            "title": _("Delete SSH key"),
        },
    )


@superuser_only
def account(request, user_id):
    user = User.objects.get(id=user_id)
    user_insts = UserInstance.objects.filter(user_id=user_id)
    instances = Instance.objects.all().order_by("name")
    publickeys = UserSSHKey.objects.filter(user_id=user_id)

    return render(
        request,
        "account.html",
        {
            "user": user,
            "user_insts": user_insts,
            "instances": instances,
            "publickeys": publickeys,
            "otp_enabled": settings.OTP_ENABLED,
        },
    )


@permission_required("accounts.change_password", raise_exception=True)
def change_password(request):
    form = PasswordChangeForm(request.user, request.POST or None)

    if form.is_valid():
        user = form.save()
        update_session_auth_hash(request, user)  # Important!
        messages.success(request, _("Password Changed"))
        return redirect("accounts:profile")

    return render(request, "accounts/change_password_form.html", {"form": form})


@superuser_only
def user_instance_create(request, user_id):
    user = get_object_or_404(User, pk=user_id)

    form = forms.UserInstanceForm(request.POST or None, initial={"user": user})
    if form.is_valid():
        form.save()
        return redirect(reverse("accounts:account", args=[user.id]))

    return render(
        request,
        "common/form.html",
        {
            "form": form,
            "title": _("Create User Instance"),
        },
    )


@superuser_only
def user_instance_update(request, pk):
    user_instance = get_object_or_404(UserInstance, pk=pk)
    form = forms.UserInstanceForm(request.POST or None, instance=user_instance)
    if form.is_valid():
        form.save()
        return redirect(reverse("accounts:account", args=[user_instance.user.id]))

    return render(
        request,
        "common/form.html",
        {
            "form": form,
            "title": _("Update User Instance"),
        },
    )


@superuser_only
def user_instance_delete(request, pk):
    user_instance = get_object_or_404(UserInstance, pk=pk)
    if request.method == "POST":
        user = user_instance.user
        user_instance.delete()
        next = request.GET.get("next", None)
        if next:
            return redirect(next)
        else:
            return redirect(reverse("accounts:account", args=[user.id]))

    return render(
        request,
        "common/confirm_delete.html",
        {"object": user_instance},
    )


def email_otp(request):
    form = EmailOTPForm(request.POST or None)
    if form.is_valid():
        UserModel = get_user_model()
        try:
            user = UserModel.objects.get(email=form.cleaned_data["email"])
        except UserModel.DoesNotExist:
            pass
        else:
            device = get_user_totp_device(user)
            send_email_with_otp(user, device)

        messages.success(
            request, _("OTP Sent to %(email)s") % {"email": form.cleaned_data["email"]}
        )
        return redirect("accounts:login")

    return render(
        request,
        "accounts/email_otp_form.html",
        {
            "form": form,
            "title": _("Email OTP"),
        },
    )


@superuser_only
def admin_email_otp(request, user_id):
    user = get_object_or_404(get_user_model(), pk=user_id)
    device = get_user_totp_device(user)
    if user.email != "":
        send_email_with_otp(user, device)
        messages.success(
            request, _("OTP QR code was emailed to user %(user)s") % {"user": user}
        )
    else:
        messages.error(request, _("User email not set, failed to send QR code"))
    return redirect("accounts:account", user.id)
Implemented OTP #341 2020-10-08 11:57:51 +00:00			`from admin.decorators import superuser_only`
Accounts app improvements and tests 2020-10-14 08:37:46 +00:00			`from django.conf import settings`
Moved password changing to a separate view 2020-06-16 08:36:53 +00:00			`from django.contrib import messages`
OTP improvements 2020-10-19 08:26:08 +00:00			`from django.contrib.auth import get_user_model, update_session_auth_hash`
Moved password changing to a separate view 2020-06-16 08:36:53 +00:00			`from django.contrib.auth.decorators import permission_required`
			`from django.contrib.auth.forms import PasswordChangeForm`
Reworked some account views 2020-06-16 12:35:08 +00:00			`from django.shortcuts import get_object_or_404, redirect, render`
convert django.core.urlresolver to django.urls. fix i18n. fix identation 2020-01-24 07:09:46 +00:00			`from django.urls import reverse`
Accounts app improvements and tests 2020-10-14 08:37:46 +00:00			`from django.utils.translation import gettext_lazy as _`
Implemented OTP #341 2020-10-08 11:57:51 +00:00			`from instances.models import Instance`
Removed UserAddForm as it is not used 2020-06-16 05:09:55 +00:00
OTP improvements 2020-10-19 08:26:08 +00:00			`from accounts.forms import EmailOTPForm, ProfileForm, UserSSHKeyForm`
user can now clone instances, admin can specify user quotas (instances,cpus,memory) user can only select predefined instance names, mac and disk names are selected automatically 2016-03-23 08:00:42 +00:00			`from accounts.models import *`
Libxml2 converted to lxml, django framework upgrade to 1.11.x and some bug fixes 2018-06-27 07:20:51 +00:00
Reworked some account views 2020-06-16 12:35:08 +00:00			`from . import forms`
OTP improvements 2020-10-19 08:26:08 +00:00			`from .utils import get_user_totp_device, send_email_with_otp`
Added users page 2015-03-02 08:52:07 +00:00
Refactor users page 2015-03-18 15:13:44 +00:00
Reworked some account views 2020-06-16 12:35:08 +00:00			`def profile(request):`
Added models and telmplate for sshkeys 2015-05-27 11:10:57 +00:00			`publickeys = UserSSHKey.objects.filter(user_id=request.user.id)`
Accounts app improvements and tests 2020-10-14 08:37:46 +00:00			`profile_form = ProfileForm(request.POST or None, instance=request.user)`
			`ssh_key_form = UserSSHKeyForm()`
bootstrap 4.5 & Bootswatch Themes 2020-05-19 16:53:54 +00:00
Accounts app improvements and tests 2020-10-14 08:37:46 +00:00			`if profile_form.is_valid():`
			`profile_form.save()`
lint with black python. convert f style strings to old one. some small fixes 2020-11-05 09:34:31 +00:00			`messages.success(request, _("Profile updated"))`
			`return redirect("accounts:profile")`
Accounts app improvements and tests 2020-10-14 08:37:46 +00:00
lint with black python. convert f style strings to old one. some small fixes 2020-11-05 09:34:31 +00:00			`return render(`
			`request,`
			`"profile.html",`
			`{`
			`"publickeys": publickeys,`
			`"profile_form": profile_form,`
			`"ssh_key_form": ssh_key_form,`
			`},`
			`)`
Accounts app improvements and tests 2020-10-14 08:37:46 +00:00

			`def ssh_key_create(request):`
			`key_form = UserSSHKeyForm(request.POST or None, user=request.user)`
			`if key_form.is_valid():`
			`key_form.save()`
lint with black python. convert f style strings to old one. some small fixes 2020-11-05 09:34:31 +00:00			`messages.success(request, _("SSH key added"))`
			`return redirect("accounts:profile")`
Accounts app improvements and tests 2020-10-14 08:37:46 +00:00
lint with black python. convert f style strings to old one. some small fixes 2020-11-05 09:34:31 +00:00			`return render(`
			`request,`
			`"common/form.html",`
			`{`
			`"form": key_form,`
			`"title": _("Add SSH key"),`
			`},`
			`)`
Accounts app improvements and tests 2020-10-14 08:37:46 +00:00

			`def ssh_key_delete(request, pk):`
			`ssh_key = get_object_or_404(UserSSHKey, pk=pk, user=request.user)`
lint with black python. convert f style strings to old one. some small fixes 2020-11-05 09:34:31 +00:00			`if request.method == "POST":`
Accounts app improvements and tests 2020-10-14 08:37:46 +00:00			`ssh_key.delete()`
lint with black python. convert f style strings to old one. some small fixes 2020-11-05 09:34:31 +00:00			`messages.success(request, _("SSH key deleted"))`
			`return redirect("accounts:profile")`
Accounts app improvements and tests 2020-10-14 08:37:46 +00:00
lint with black python. convert f style strings to old one. some small fixes 2020-11-05 09:34:31 +00:00			`return render(`
			`request,`
			`"common/confirm_delete.html",`
			`{`
			`"object": ssh_key,`
			`"title": _("Delete SSH key"),`
			`},`
			`)`
Refactor users page 2015-03-18 15:13:44 +00:00
pep8 style code corrections 2019-09-10 06:48:31 +00:00
Added admin application - Manage users - Manage groups - Manage logs 2020-05-27 12:24:06 +00:00			`@superuser_only`
Refactor users page 2015-03-18 15:13:44 +00:00			`def account(request, user_id):`
Added users page 2015-03-02 08:52:07 +00:00			`user = User.objects.get(id=user_id)`
Add new forms and templates 2015-03-10 14:24:10 +00:00			`user_insts = UserInstance.objects.filter(user_id=user_id)`
fix some linter warnings 2020-09-25 12:57:17 +00:00			`instances = Instance.objects.all().order_by("name")`
account view now displays user public keys 2017-11-15 11:55:05 +00:00			`publickeys = UserSSHKey.objects.filter(user_id=user_id)`
Add new forms and templates 2015-03-10 14:24:10 +00:00
OTP improvements 2020-10-19 08:26:08 +00:00			`return render(`
lint with black python. convert f style strings to old one. some small fixes 2020-11-05 09:34:31 +00:00			`request,`
			`"account.html",`
			`{`
			`"user": user,`
			`"user_insts": user_insts,`
			`"instances": instances,`
			`"publickeys": publickeys,`
			`"otp_enabled": settings.OTP_ENABLED,`
			`},`
			`)`
Moved password changing to a separate view 2020-06-16 08:36:53 +00:00

fix some linter warnings 2020-09-25 12:57:17 +00:00			`@permission_required("accounts.change_password", raise_exception=True)`
Moved password changing to a separate view 2020-06-16 08:36:53 +00:00			`def change_password(request):`
Accounts app improvements and tests 2020-10-14 08:37:46 +00:00			`form = PasswordChangeForm(request.user, request.POST or None)`

			`if form.is_valid():`
			`user = form.save()`
			`update_session_auth_hash(request, user) # Important!`
			`messages.success(request, _("Password Changed"))`
			`return redirect("accounts:profile")`

Implemented OTP #341 2020-10-08 11:57:51 +00:00			`return render(request, "accounts/change_password_form.html", {"form": form})`
Reworked some account views 2020-06-16 12:35:08 +00:00

			`@superuser_only`
			`def user_instance_create(request, user_id):`
			`user = get_object_or_404(User, pk=user_id)`

fix some linter warnings 2020-09-25 12:57:17 +00:00			`form = forms.UserInstanceForm(request.POST or None, initial={"user": user})`
Reworked some account views 2020-06-16 12:35:08 +00:00			`if form.is_valid():`
			`form.save()`
Accounts app improvements and tests 2020-10-14 08:37:46 +00:00			`return redirect(reverse("accounts:account", args=[user.id]))`
Reworked some account views 2020-06-16 12:35:08 +00:00
			`return render(`
			`request,`
fix some linter warnings 2020-09-25 12:57:17 +00:00			`"common/form.html",`
Reworked some account views 2020-06-16 12:35:08 +00:00			`{`
fix some linter warnings 2020-09-25 12:57:17 +00:00			`"form": form,`
			`"title": _("Create User Instance"),`
Reworked some account views 2020-06-16 12:35:08 +00:00			`},`
			`)`


			`@superuser_only`
			`def user_instance_update(request, pk):`
			`user_instance = get_object_or_404(UserInstance, pk=pk)`
			`form = forms.UserInstanceForm(request.POST or None, instance=user_instance)`
			`if form.is_valid():`
			`form.save()`
Accounts app improvements and tests 2020-10-14 08:37:46 +00:00			`return redirect(reverse("accounts:account", args=[user_instance.user.id]))`
Reworked some account views 2020-06-16 12:35:08 +00:00
			`return render(`
			`request,`
lint with black python. convert f style strings to old one. some small fixes 2020-11-05 09:34:31 +00:00			`"common/form.html",`
Reworked some account views 2020-06-16 12:35:08 +00:00			`{`
fix some linter warnings 2020-09-25 12:57:17 +00:00			`"form": form,`
			`"title": _("Update User Instance"),`
Reworked some account views 2020-06-16 12:35:08 +00:00			`},`
			`)`


			`@superuser_only`
			`def user_instance_delete(request, pk):`
			`user_instance = get_object_or_404(UserInstance, pk=pk)`
fix some linter warnings 2020-09-25 12:57:17 +00:00			`if request.method == "POST":`
Reworked some account views 2020-06-16 12:35:08 +00:00			`user = user_instance.user`
			`user_instance.delete()`
fix some linter warnings 2020-09-25 12:57:17 +00:00			`next = request.GET.get("next", None)`
Instances overhaul 2020-07-13 09:33:09 +00:00			`if next:`
			`return redirect(next)`
			`else:`
Accounts app improvements and tests 2020-10-14 08:37:46 +00:00			`return redirect(reverse("accounts:account", args=[user.id]))`
Reworked some account views 2020-06-16 12:35:08 +00:00
			`return render(`
			`request,`
fix some linter warnings 2020-09-25 12:57:17 +00:00			`"common/confirm_delete.html",`
			`{"object": user_instance},`
Reworked some account views 2020-06-16 12:35:08 +00:00			`)`
OTP improvements 2020-10-19 08:26:08 +00:00

			`def email_otp(request):`
			`form = EmailOTPForm(request.POST or None)`
			`if form.is_valid():`
			`UserModel = get_user_model()`
			`try:`
lint with black python. convert f style strings to old one. some small fixes 2020-11-05 09:34:31 +00:00			`user = UserModel.objects.get(email=form.cleaned_data["email"])`
OTP improvements 2020-10-19 08:26:08 +00:00			`except UserModel.DoesNotExist:`
			`pass`
			`else:`
			`device = get_user_totp_device(user)`
			`send_email_with_otp(user, device)`

format python code with black 2022-11-02 05:54:35 +00:00			`messages.success(`
reorg imports and black format 2022-11-02 13:05:41 +00:00			`request, _("OTP Sent to %(email)s") % {"email": form.cleaned_data["email"]}`
format python code with black 2022-11-02 05:54:35 +00:00			`)`
lint with black python. convert f style strings to old one. some small fixes 2020-11-05 09:34:31 +00:00			`return redirect("accounts:login")`
OTP improvements 2020-10-19 08:26:08 +00:00
lint with black python. convert f style strings to old one. some small fixes 2020-11-05 09:34:31 +00:00			`return render(`
			`request,`
			`"accounts/email_otp_form.html",`
			`{`
			`"form": form,`
			`"title": _("Email OTP"),`
			`},`
			`)`
OTP improvements 2020-10-19 08:26:08 +00:00

			`@superuser_only`
			`def admin_email_otp(request, user_id):`
			`user = get_object_or_404(get_user_model(), pk=user_id)`
			`device = get_user_totp_device(user)`
lint with black python. convert f style strings to old one. some small fixes 2020-11-05 09:34:31 +00:00			`if user.email != "":`
Do not send email if user email is not set 2020-10-19 11:11:28 +00:00			`send_email_with_otp(user, device)`
format python code with black 2022-11-02 05:54:35 +00:00			`messages.success(`
reorg imports and black format 2022-11-02 13:05:41 +00:00			`request, _("OTP QR code was emailed to user %(user)s") % {"user": user}`
format python code with black 2022-11-02 05:54:35 +00:00			`)`
Do not send email if user email is not set 2020-10-19 11:11:28 +00:00			`else:`
reorg imports and black format 2022-11-02 13:05:41 +00:00			`messages.error(request, _("User email not set, failed to send QR code"))`
lint with black python. convert f style strings to old one. some small fixes 2020-11-05 09:34:31 +00:00			`return redirect("accounts:account", user.id)`