-
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
10 changed files
with
328 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,136 @@ | ||
from django.shortcuts import render | ||
from ...utils.auth import method_user_passes_test | ||
from django.contrib.auth.models import User, Group | ||
from django.db.utils import IntegrityError | ||
|
||
from ...user import authorized_to_read, authorized_to_write | ||
from ..handlers import Pseudo404 | ||
from ...config import shared as config | ||
from ...utils.helper import develop_log | ||
|
||
|
||
TITLE = 'System users' | ||
|
||
|
||
class UserMgmt: | ||
GA_GROUPS = { | ||
# config.GA_ADMIN_GROUP: { | ||
# 'privs': 'ADMIN', | ||
# 'pretty': 'ALL', | ||
# }, | ||
config.GA_WRITE_GROUP: { | ||
'privs': 'WRITE', | ||
'pretty': 'READ+WRITE', | ||
}, | ||
config.GA_READ_GROUP: { | ||
'privs': 'READ', | ||
'pretty': 'READ', | ||
}, | ||
} | ||
|
||
def __init__(self, request): | ||
self.request = request | ||
|
||
@method_user_passes_test(authorized_to_read, login_url=config.DENIED_URL) | ||
def go(self): | ||
if self.request.method == 'GET': | ||
return self._list() | ||
|
||
else: | ||
action = self.request.POST['do'] | ||
|
||
if action == 'create': | ||
return self._create() | ||
|
||
elif action == 'delete': | ||
return self._delete() | ||
|
||
elif action == 'update': | ||
return self._update() | ||
|
||
else: | ||
raise Pseudo404(ga={'request': self.request, 'msg': f"Got unsupported user action: '{action}'"}) | ||
|
||
@method_user_passes_test(authorized_to_read, login_url=config.DENIED_URL) | ||
def _list(self, msg: str = None, msg_style: str = 'success'): | ||
users = User.objects.all().exclude(username=config.GA_ADMIN_USER) | ||
|
||
update_user = None | ||
|
||
for user in users: | ||
if 'do' in self.request.GET and self.request.GET['do'] == 'update' \ | ||
and 'name' in self.request.GET and self.request.GET['name'] == user.username: | ||
update_user = user.username | ||
break | ||
|
||
return render(self.request, 'system/users.html', context={ | ||
'request': self.request, 'title': TITLE, 'users': users, 'GA_GROUPS': self.GA_GROUPS, 'action_msg': msg, 'action_msg_style': msg_style, | ||
'update_user': update_user, | ||
}) | ||
|
||
@method_user_passes_test(authorized_to_write, login_url=config.DENIED_URL) | ||
def _create(self): | ||
try: | ||
user = User.objects.create_user( | ||
username=self.request.POST['name'], | ||
email=self.request.POST['email'], | ||
password=self.request.POST['password'], | ||
) | ||
|
||
privs = self.request.POST['privileges'] | ||
user.groups.add(Group.objects.get(name=config.GA_USER_GROUP)) | ||
|
||
for grp, value in self.GA_GROUPS.items(): | ||
if privs.find(value['pretty']) != -1: | ||
user.groups.add(Group.objects.get(name=grp)) | ||
|
||
return self._list(msg=f"User '{self.request.POST['name']}' successfully created!") | ||
|
||
except IntegrityError: | ||
return self._list(msg=f"User '{self.request.POST['name']}' already exists!", msg_style='danger') | ||
|
||
@method_user_passes_test(authorized_to_write, login_url=config.DENIED_URL) | ||
def _update(self): | ||
user = User.objects.get(username=self.request.POST['current_name']) | ||
user.username = self.request.POST['name'] | ||
user.email = self.request.POST['email'] | ||
privs = self.request.POST['privileges'] | ||
pwd = self.request.POST['password'] | ||
|
||
if pwd != ' ' and pwd != config.CENSOR_STRING: | ||
user.set_password(password=pwd) | ||
|
||
user.groups.add(Group.objects.get(name=config.GA_USER_GROUP)) | ||
|
||
try: | ||
for grp, value in self.GA_GROUPS.items(): | ||
grp_obj = Group.objects.get(name=grp) | ||
if privs.find(value['pretty']) != -1: | ||
user.groups.add(grp_obj) | ||
|
||
else: | ||
user.groups.remove(grp_obj) | ||
|
||
msg = f"User '{self.request.POST['name']}' successfully updated!" | ||
msg_style = 'success' | ||
|
||
except Exception as error: | ||
develop_log( | ||
request=self.request, | ||
output=f"User '{self.request.POST['name']}' could not be added to a group! It could be that the group does not exist! Error: {error}", | ||
level=3 | ||
) | ||
msg = f"User '{self.request.POST['name']}' could not be added to all groups!" | ||
msg_style = 'warning' | ||
|
||
user.save() | ||
return self._list(msg=msg, msg_style=msg_style) | ||
|
||
@method_user_passes_test(authorized_to_write, login_url=config.DENIED_URL) | ||
def _delete(self): | ||
if len(User.objects.all()) > 2: | ||
User.objects.get(username=self.request.POST['name']).delete() | ||
return self._list(msg=f"User '{self.request.POST['name']}' successfully deleted!") | ||
|
||
else: | ||
return self._list(msg=f"It seems only this user exists => you cannot delete this one!", msg_style='warning') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,152 @@ | ||
{% extends "../body.html" %} | ||
{% load util %} | ||
{% block content %} | ||
<br> | ||
{% if action_msg is not None %} | ||
<div class="alert alert-{{ action_msg_style }}"> | ||
<strong>{{ action_msg }}</strong> | ||
</div> | ||
<br> | ||
{% endif %} | ||
<div class="table-responsive"> | ||
<table class="table table-striped"> | ||
<tr> | ||
<th> | ||
Username | ||
</th> | ||
<th> | ||
</th> | ||
<th> | ||
Privileges | ||
</th> | ||
<th> | ||
Action | ||
</th> | ||
</tr> | ||
{% for user in users %} | ||
{% if user.username != update_user %} | ||
<tr> | ||
<td> | ||
{{ user.username }} | ||
</td> | ||
<td> | ||
{{ user.email }} | ||
</td> | ||
<td> | ||
{% if user.groups|all_groups|intersects:GA_GROUPS.keys %}{% for grp, config in GA_GROUPS.items %}{% if grp in user.groups|all_groups %}{{ config.privs }} {% endif %}{% endfor %}{% else %}NONE{% endif %} | ||
</td> | ||
<td> | ||
<form class="ga-form-inline" method="get" action="/system/user/"> | ||
<input type="hidden" name="do" value="update" /> | ||
<input type="hidden" name="name" value="{{ user.username }}" /> | ||
{% include "../btn/update.html" %} | ||
</form> | ||
<form class="ga-form-inline" method="post" action="/system/user/"> | ||
{% csrf_token %} | ||
<input type="hidden" name="do" value="delete" /> | ||
<input type="hidden" name="name" value="{{ user.username }}" /> | ||
{% include "../btn/delete.html" %} | ||
</form> | ||
</td> | ||
</tr> | ||
{% else %} | ||
<tr> | ||
<td colspan="100%"> | ||
<form class="ga-form-inline" method="post" action="/system/user/"> | ||
{% csrf_token %} | ||
<div class="row"> | ||
<div class="col"> | ||
<label>Username: | ||
<input class="form-control" type="text" name="name" autocapitalize="none" autocomplete="username" maxlength="150" required value="{{ user.username }}"> | ||
</label> | ||
</div> | ||
<div class="col"> | ||
<label>E-Mail: | ||
<input class="form-control" type="text" name="email" autocapitalize="none" autocomplete="username" maxlength="75" required value="{{ user.email }}"> | ||
</label> | ||
</div> | ||
<div class="col"> | ||
<label>Password: | ||
<input class="form-control" type="password" name="password" autocomplete="current-password" value='{% censored %}' maxlength="128"> | ||
</label> | ||
</div> | ||
<div class="col"> | ||
<label>Privileges: | ||
<select class="form-control" name="privileges" required> | ||
{% for grp, value in GA_GROUPS.items reversed %} | ||
{% if grp in user.groups|all_groups %} | ||
<option value="{{ value.pretty }}" selected>{{ value.pretty }}</option> | ||
{% else %} | ||
<option value="{{ value.pretty }}">{{ value.pretty }}</option> | ||
{% endif %} | ||
{% endfor %} | ||
{% if not user.groups|all_groups|intersects:GA_GROUPS.keys %} | ||
<option selected>{% get_empty %}</option> | ||
{% else %} | ||
<option>NONE</option> | ||
{% endif %} | ||
</select> | ||
</label> | ||
</div> | ||
<input type="hidden" name="do" value="update" /> | ||
<input type="hidden" name="current_name" value="{{ user.username }}" /> | ||
{% include "../btn/save.html" %} | ||
</div> | ||
</form> | ||
</td> | ||
</tr> | ||
{% endif %} | ||
{% if user_create %} | ||
<tr> | ||
<td colspan="100%"> | ||
<form class="ga-form-inline" method="post" action="/system/user/"> | ||
{% csrf_token %} | ||
<div class="row"> | ||
<div class="col"> | ||
<label>Username: | ||
<input class="form-control" type="text" name="name" autocapitalize="none" autocomplete="username" maxlength="150" required> | ||
</label> | ||
</div> | ||
<div class="col"> | ||
<label>E-Mail: | ||
<input class="form-control" type="text" name="email" autocapitalize="none" autocomplete="username" maxlength="75" required> | ||
</label> | ||
</div> | ||
<div class="col"> | ||
<label>Password: | ||
<input class="form-control" type="password" name="password" autocomplete="current-password" maxlength="128" required> | ||
</label> | ||
</div> | ||
<div class="col"> | ||
<label>Privileges: | ||
<select class="form-control" name="privileges" required> | ||
<option selected>{% get_empty %}</option> | ||
{% for group, value in GA_GROUPS.items %} | ||
<option value="{{ group }}">{{ value.pretty }}</option> | ||
{% endfor %} | ||
</select> | ||
</label> | ||
</div> | ||
<input type="hidden" name="do" value="update" /> | ||
<input type="hidden" name="current_name" value="{{ user.username }}" /> | ||
{% include "../btn/save.html" %} | ||
</div> | ||
</form> | ||
</td> | ||
</tr> | ||
<tr> | ||
<td> | ||
<form class="ga-form-inline" method="get" action="/system/user/"> | ||
<label>Create user: | ||
<input type="hidden" name="do" value="create" /> | ||
{% include "../btn/create.html" %} | ||
</label> | ||
</form> | ||
</td> | ||
</tr> | ||
{% endif %} | ||
{% endfor %} | ||
</table> | ||
</div> | ||
{% endblock %} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -35,3 +35,4 @@ ga_django_groups: | |
- 'ga_read' | ||
- 'ga_user' | ||
- 'ga_write' | ||
- 'ga_admin' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters