netbox-community-netbox/netbox/users/views.py

from django.contrib import messages
from django.contrib.auth import login as auth_login, logout as auth_logout, update_session_auth_hash
from django.contrib.auth.decorators import login_required
from django.contrib.auth.mixins import LoginRequiredMixin
from django.core.urlresolvers import reverse
from django.http import HttpResponseRedirect
from django.shortcuts import get_object_or_404, redirect, render
from django.utils.http import is_safe_url
from django.views.generic import View

from secrets.forms import UserKeyForm
from secrets.models import UserKey
from utilities.forms import ConfirmationForm
from .forms import LoginForm, PasswordChangeForm, TokenForm
from .models import Token


#
# Login/logout
#

def login(request):

    if request.method == 'POST':
        form = LoginForm(request, data=request.POST)
        if form.is_valid():

            # Determine where to direct user after successful login
            redirect_to = request.POST.get('next', '')
            if not is_safe_url(url=redirect_to, host=request.get_host()):
                redirect_to = reverse('home')

            # Authenticate user
            auth_login(request, form.get_user())
            messages.info(request, u"Logged in as {}.".format(request.user))

            return HttpResponseRedirect(redirect_to)

    else:
        form = LoginForm()

    return render(request, 'login.html', {
        'form': form,
    })


def logout(request):

    auth_logout(request)
    messages.info(request, u"You have logged out.")
    return HttpResponseRedirect(reverse('home'))


#
# User profiles
#

@login_required()
def profile(request):

    return render(request, 'users/profile.html', {
        'active_tab': 'profile',
    })


@login_required()
def change_password(request):

    if request.method == 'POST':
        form = PasswordChangeForm(user=request.user, data=request.POST)
        if form.is_valid():
            form.save()
            update_session_auth_hash(request, form.user)
            messages.success(request, u"Your password has been changed successfully.")
            return redirect('user:profile')

    else:
        form = PasswordChangeForm(user=request.user)

    return render(request, 'users/change_password.html', {
        'form': form,
        'active_tab': 'change_password',
    })


@login_required()
def userkey(request):

    try:
        userkey = UserKey.objects.get(user=request.user)
    except UserKey.DoesNotExist:
        userkey = None

    return render(request, 'users/userkey.html', {
        'userkey': userkey,
        'active_tab': 'userkey',
    })


@login_required()
def userkey_edit(request):

    try:
        userkey = UserKey.objects.get(user=request.user)
    except UserKey.DoesNotExist:
        userkey = UserKey(user=request.user)

    if request.method == 'POST':
        form = UserKeyForm(data=request.POST, instance=userkey)
        if form.is_valid():
            uk = form.save(commit=False)
            uk.user = request.user
            uk.save()
            messages.success(request, u"Your user key has been saved.")
            return redirect('user:userkey')

    else:
        form = UserKeyForm(instance=userkey)

    return render(request, 'users/userkey_edit.html', {
        'userkey': userkey,
        'form': form,
        'active_tab': 'userkey',
    })


@login_required()
def recent_activity(request):

    return render(request, 'users/recent_activity.html', {
        'recent_activity': request.user.actions.all()[:50],
        'active_tab': 'recent_activity',
    })


#
# API tokens
#

class TokenListView(LoginRequiredMixin, View):

    def get(self, request):

        tokens = Token.objects.filter(user=request.user)

        return render(request, 'users/api_tokens.html', {
            'tokens': tokens,
            'active_tab': 'api_tokens',
        })


class TokenEditView(LoginRequiredMixin, View):

    def get(self, request, pk=None):

        if pk is not None:
            token = get_object_or_404(Token.objects.filter(user=request.user), pk=pk)
        else:
            token = Token(user=request.user)

        form = TokenForm(instance=token)

        return render(request, 'utilities/obj_edit.html', {
            'obj': token,
            'obj_type': token._meta.verbose_name,
            'form': form,
            'return_url': reverse('users:token_list'),
        })

    def post(self, request, pk=None):

        if pk is not None:
            token = get_object_or_404(Token.objects.filter(user=request.user), pk=pk)
            form = TokenForm(request.POST, instance=token)
        else:
            form = TokenForm(request.POST)

        if form.is_valid():
            token = form.save(commit=False)
            token.user = request.user
            token.save()

            msg = "Token updated" if pk else "New token created"
            messages.success(request, msg)

            return redirect('users:token_list')


class TokenDeleteView(LoginRequiredMixin, View):

    def get(self, request, pk):

        token = get_object_or_404(Token.objects.filter(user=request.user), pk=pk)
        initial_data = {
            'return_url': reverse('users:token_list'),
        }
        form = ConfirmationForm(initial=initial_data)

        return render(request, 'utilities/obj_delete.html', {
            'obj': token,
            'obj_type': token._meta.verbose_name,
            'form': form,
            'return_url': reverse('users:token_list'),
        })

    def post(self, request, pk):

        token = get_object_or_404(Token.objects.filter(user=request.user), pk=pk)
        form = ConfirmationForm(request.POST)
        if form.is_valid():
            token.delete()
            messages.success(request, "Token deleted")
            return redirect('users:token_list')

        return render(request, 'utilities/obj_delete.html', {
            'obj': token,
            'obj_type': token._meta.verbose_name,
            'form': form,
            'return_url': reverse('users:token_list'),
        })
Initial push to public repo 2016-03-01 11:23:03 -05:00			`from django.contrib import messages`
			`from django.contrib.auth import login as auth_login, logout as auth_logout, update_session_auth_hash`
			`from django.contrib.auth.decorators import login_required`
Initial work on user control panel for tokens 2017-03-07 23:30:53 -05:00			`from django.contrib.auth.mixins import LoginRequiredMixin`
Initial push to public repo 2016-03-01 11:23:03 -05:00			`from django.core.urlresolvers import reverse`
			`from django.http import HttpResponseRedirect`
Finished user control panel for tokens 2017-03-08 11:34:47 -05:00			`from django.shortcuts import get_object_or_404, redirect, render`
Initial push to public repo 2016-03-01 11:23:03 -05:00			`from django.utils.http import is_safe_url`
Initial work on user control panel for tokens 2017-03-07 23:30:53 -05:00			`from django.views.generic import View`
Initial push to public repo 2016-03-01 11:23:03 -05:00
			`from secrets.forms import UserKeyForm`
			`from secrets.models import UserKey`
Finished user control panel for tokens 2017-03-08 11:34:47 -05:00			`from utilities.forms import ConfirmationForm`
			`from .forms import LoginForm, PasswordChangeForm, TokenForm`
Initial work on user control panel for tokens 2017-03-07 23:30:53 -05:00			`from .models import Token`
Initial push to public repo 2016-03-01 11:23:03 -05:00

			`#`
			`# Login/logout`
			`#`

			`def login(request):`

			`if request.method == 'POST':`
			`form = LoginForm(request, data=request.POST)`
			`if form.is_valid():`

			`# Determine where to direct user after successful login`
			`redirect_to = request.POST.get('next', '')`
			`if not is_safe_url(url=redirect_to, host=request.get_host()):`
Fixes #615: Account for BASE_PATH in static URLs and during login 2016-10-13 16:27:09 -04:00			`redirect_to = reverse('home')`
Initial push to public repo 2016-03-01 11:23:03 -05:00
			`# Authenticate user`
			`auth_login(request, form.get_user())`
Cleaned up message strings 2016-10-31 11:16:30 -04:00			`messages.info(request, u"Logged in as {}.".format(request.user))`
Initial push to public repo 2016-03-01 11:23:03 -05:00
			`return HttpResponseRedirect(redirect_to)`

			`else:`
			`form = LoginForm()`

			`return render(request, 'login.html', {`
			`'form': form,`
			`})`


			`def logout(request):`

			`auth_logout(request)`
Cleaned up message strings 2016-10-31 11:16:30 -04:00			`messages.info(request, u"You have logged out.")`
Initial push to public repo 2016-03-01 11:23:03 -05:00			`return HttpResponseRedirect(reverse('home'))`


			`#`
			`# User profiles`
			`#`

			`@login_required()`
			`def profile(request):`

			`return render(request, 'users/profile.html', {`
Widened page layout; improved mobile rendering 2016-12-09 16:23:11 -05:00			`'active_tab': 'profile',`
Initial push to public repo 2016-03-01 11:23:03 -05:00			`})`


			`@login_required()`
			`def change_password(request):`

			`if request.method == 'POST':`
			`form = PasswordChangeForm(user=request.user, data=request.POST)`
			`if form.is_valid():`
			`form.save()`
			`update_session_auth_hash(request, form.user)`
Cleaned up message strings 2016-10-31 11:16:30 -04:00			`messages.success(request, u"Your password has been changed successfully.")`
Renamed user URL namespace 2017-03-14 12:36:44 -04:00			`return redirect('user:profile')`
Initial push to public repo 2016-03-01 11:23:03 -05:00
			`else:`
			`form = PasswordChangeForm(user=request.user)`

			`return render(request, 'users/change_password.html', {`
			`'form': form,`
Widened page layout; improved mobile rendering 2016-12-09 16:23:11 -05:00			`'active_tab': 'change_password',`
Initial push to public repo 2016-03-01 11:23:03 -05:00			`})`


			`@login_required()`
			`def userkey(request):`

			`try:`
			`userkey = UserKey.objects.get(user=request.user)`
			`except UserKey.DoesNotExist:`
			`userkey = None`

			`return render(request, 'users/userkey.html', {`
			`'userkey': userkey,`
Widened page layout; improved mobile rendering 2016-12-09 16:23:11 -05:00			`'active_tab': 'userkey',`
Initial push to public repo 2016-03-01 11:23:03 -05:00			`})`


			`@login_required()`
			`def userkey_edit(request):`

			`try:`
			`userkey = UserKey.objects.get(user=request.user)`
			`except UserKey.DoesNotExist:`
			`userkey = UserKey(user=request.user)`

			`if request.method == 'POST':`
			`form = UserKeyForm(data=request.POST, instance=userkey)`
			`if form.is_valid():`
			`uk = form.save(commit=False)`
			`uk.user = request.user`
			`uk.save()`
Cleaned up message strings 2016-10-31 11:16:30 -04:00			`messages.success(request, u"Your user key has been saved.")`
Renamed user URL namespace 2017-03-14 12:36:44 -04:00			`return redirect('user:userkey')`
Initial push to public repo 2016-03-01 11:23:03 -05:00
			`else:`
			`form = UserKeyForm(instance=userkey)`

			`return render(request, 'users/userkey_edit.html', {`
			`'userkey': userkey,`
			`'form': form,`
Widened page layout; improved mobile rendering 2016-12-09 16:23:11 -05:00			`'active_tab': 'userkey',`
Initial push to public repo 2016-03-01 11:23:03 -05:00			`})`
Improved UserAction display 2016-05-24 09:45:40 -04:00

			`@login_required()`
			`def recent_activity(request):`

			`return render(request, 'users/recent_activity.html', {`
Widened page layout; improved mobile rendering 2016-12-09 16:23:11 -05:00			`'recent_activity': request.user.actions.all()[:50],`
			`'active_tab': 'recent_activity',`
Improved UserAction display 2016-05-24 09:45:40 -04:00			`})`
Initial work on user control panel for tokens 2017-03-07 23:30:53 -05:00

			`#`
			`# API tokens`
			`#`

Finished user control panel for tokens 2017-03-08 11:34:47 -05:00			`class TokenListView(LoginRequiredMixin, View):`
Initial work on user control panel for tokens 2017-03-07 23:30:53 -05:00
			`def get(self, request):`

			`tokens = Token.objects.filter(user=request.user)`

			`return render(request, 'users/api_tokens.html', {`
			`'tokens': tokens,`
			`'active_tab': 'api_tokens',`
			`})`
Finished user control panel for tokens 2017-03-08 11:34:47 -05:00

			`class TokenEditView(LoginRequiredMixin, View):`

			`def get(self, request, pk=None):`

			`if pk is not None:`
			`token = get_object_or_404(Token.objects.filter(user=request.user), pk=pk)`
			`else:`
			`token = Token(user=request.user)`

			`form = TokenForm(instance=token)`

			`return render(request, 'utilities/obj_edit.html', {`
			`'obj': token,`
			`'obj_type': token._meta.verbose_name,`
			`'form': form,`
			`'return_url': reverse('users:token_list'),`
			`})`

			`def post(self, request, pk=None):`

			`if pk is not None:`
			`token = get_object_or_404(Token.objects.filter(user=request.user), pk=pk)`
			`form = TokenForm(request.POST, instance=token)`
			`else:`
			`form = TokenForm(request.POST)`

			`if form.is_valid():`
			`token = form.save(commit=False)`
			`token.user = request.user`
			`token.save()`

			`msg = "Token updated" if pk else "New token created"`
			`messages.success(request, msg)`

			`return redirect('users:token_list')`


			`class TokenDeleteView(LoginRequiredMixin, View):`

			`def get(self, request, pk):`

			`token = get_object_or_404(Token.objects.filter(user=request.user), pk=pk)`
			`initial_data = {`
			`'return_url': reverse('users:token_list'),`
			`}`
			`form = ConfirmationForm(initial=initial_data)`

			`return render(request, 'utilities/obj_delete.html', {`
			`'obj': token,`
			`'obj_type': token._meta.verbose_name,`
			`'form': form,`
			`'return_url': reverse('users:token_list'),`
			`})`

			`def post(self, request, pk):`

			`token = get_object_or_404(Token.objects.filter(user=request.user), pk=pk)`
			`form = ConfirmationForm(request.POST)`
			`if form.is_valid():`
			`token.delete()`
			`messages.success(request, "Token deleted")`
			`return redirect('users:token_list')`

			`return render(request, 'utilities/obj_delete.html', {`
			`'obj': token,`
			`'obj_type': token._meta.verbose_name,`
			`'form': form,`
			`'return_url': reverse('users:token_list'),`
			`})`