PYROS-IRAP / pyros

Blame view

src/core/pyros_django/user_manager/views.py 18.6 KB
Edit Raw Normal View History
1ba49504   Alexis Koralewski   fixing CSS and JS... 
1
 
from django.shortcuts import render, redirect
e419a2f6   Alexis Koralewski   Add new version f... 
2
3
 
from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.decorators import login_required
02d94ed3   Alexis Koralewski   Reworking UI of w... 
4
 
from django.contrib import messages
e419a2f6   Alexis Koralewski   Add new version f... 
5
6
7
 
from dashboard.decorator import level_required
from django.shortcuts import get_object_or_404
from dashboard.forms import UserForm
1ba49504   Alexis Koralewski   fixing CSS and JS... 
8
 
from .forms import PyrosUserCreationForm, UserPasswordResetForm
e419a2f6   Alexis Koralewski   Add new version f... 
9
 
from django.core.mail import send_mail
1ba49504   Alexis Koralewski   fixing CSS and JS... 
10
 
from common.models import ScientificProgram, PyrosUser, UserLevel, SP_Period, SP_Period_User
e419a2f6   Alexis Koralewski   Add new version f... 
11
 
from django.urls import reverse
1ba49504   Alexis Koralewski   fixing CSS and JS... 
12
13
 
from django.http import HttpResponseRedirect, HttpResponse
from django.conf import settings
ad3b297c   Alexis Koralewski   add pagination to... 
14
 
from django.core.paginator import Paginator, EmptyPage, PageNotAnInteger
1ba49504   Alexis Koralewski   fixing CSS and JS... 
15
16
 
import os
import sys
41bdf9a6   Alexis Koralewski   Adding SP on user... 
17
 
from src.pyros_logger import log
ad3b297c   Alexis Koralewski   add pagination to... 
18
 
from src.core.pyros_django.obsconfig.obsconfig_class import OBSConfig
e419a2f6   Alexis Koralewski   Add new version f... 
19
20
21
 

LOGGED_PAGE = "../../dashboard/templates/dashboard/index.html"
1ba49504   Alexis Koralewski   fixing CSS and JS... 
22
e419a2f6   Alexis Koralewski   Add new version f... 
23
24
25
26
27
 
def home(request):
    '''
        Initial login view when coming on the website
    '''
    if request.user.is_authenticated:
1ba49504   Alexis Koralewski   fixing CSS and JS... 
28
29
30
 
        return(render(request, LOGGED_PAGE, {'USER_LEVEL': request.user.get_priority(), 'base_template': "base.html", 'weather_img': "normal"}))
    return(render(request, LOGGED_PAGE, {"USER_LEVEL": "Visitor", 'base_template': 'base.html', 'weather_img': "red"}))
e419a2f6   Alexis Koralewski   Add new version f... 
31
32
 

def roles_description(request):
1ba49504   Alexis Koralewski   fixing CSS and JS... 
33
34
35
 
    return (render(request, "user_manager/roles_description.html"))
e419a2f6   Alexis Koralewski   Add new version f... 
36
37
38
39
40
41
42
43
44
45
46
 
def create_user(request):
    '''
        View called to open the user creation form
    '''
    """
    if request.user.is_authenticated:
        return(render(request, LOGGED_PAGE, {'USER_LEVEL': request.user.get_priority(), 'base_template' : "base.html", 'weather_img': "normal"}))
    """
    form = PyrosUserCreationForm()
    return (render(request, "user_manager/home_user_creation.html", locals()))
1ba49504   Alexis Koralewski   fixing CSS and JS... 
47
81d77f22   Alexis Koralewski   Adding 'forgotten... 
48
49
 
def forgotten_password(request):
    form = UserPasswordResetForm()
1ba49504   Alexis Koralewski   fixing CSS and JS... 
50
 
    message = ""
dc5e48b6   Alexis Koralewski   Fixing who can ed... 
51
 
    user = None
81d77f22   Alexis Koralewski   Adding 'forgotten... 
52
53
 
    if request.POST:
        password = PyrosUser.objects.make_random_password()
dc5e48b6   Alexis Koralewski   Fixing who can ed... 
54
55
56
57
 
        try:
            user = PyrosUser.objects.get(email=request.POST["email"])
        except PyrosUser.DoesNotExist:
            message = "The email adress is invalid"
81d77f22   Alexis Koralewski   Adding 'forgotten... 
58
59
60
61
62
 
        if user != None:
            user.set_password(password)
            user.save()
            send_mail(
                '[PyROS CC] Registration',
dc5e48b6   Alexis Koralewski   Fixing who can ed... 
63
 
                f"Hello,\nYou recently took steps to reset the password for your PyROS account. A temporary password has been assigned, please log in with the following password: '{password}'. \n\nCordially,\n\nPyROS Control Center",
81d77f22   Alexis Koralewski   Adding 'forgotten... 
64
65
66
67
 
                '',
                [request.POST['email']],
                fail_silently=False,
            )
1ba49504   Alexis Koralewski   fixing CSS and JS... 
68
 
            message = "The email has been send !"
dc5e48b6   Alexis Koralewski   Fixing who can ed... 
69
 
        else:
1ba49504   Alexis Koralewski   fixing CSS and JS... 
70
71
72
 
            return render(request, 'user_manager/forgotten_password.html', {"form": form, "message": message})
    return render(request, 'user_manager/forgotten_password.html', {"form": form, "message": message})
81d77f22   Alexis Koralewski   Adding 'forgotten... 
73
e419a2f6   Alexis Koralewski   Add new version f... 
74
75
76
77
78
79
80
81
82
83
 
def user_signup_validation(request):
    '''
        View called to validate the user creation (form submitted)
    '''
    """
    if request.user.is_authenticated:
        return(render(request, LOGGED_PAGE, {'USER_LEVEL': request.user.get_priority(), 'base_template' : "base.html", 'weather_img': "normal"}))
    """
    form = PyrosUserCreationForm(request.POST)
    if request.POST:
35daee3f   Alexis Koralewski   Add bot security ... 
84
85
86
 
        if int(request.POST.get("timer")) < 10:
            error = True
            message = "(Bot prevention) You were too quick to fill the form, please take at least 10 seconds to send the form"
e419a2f6   Alexis Koralewski   Add new version f... 
87
 
        else:
35daee3f   Alexis Koralewski   Add bot security ... 
88
89
90
91
92
93
94
95
96
 
            if "six" != request.POST.get("question").strip():
                error = True
                message = "Wrong answer to the question (Write the answer in letter and lowercase"
            else:
                if form.is_valid() and len(request.POST.get("iambot")) <= 0:
                    form.save()
                    message = "Account creation successful ! Login to continue"
                    success = True
                    if request.user.is_authenticated:
1ba49504   Alexis Koralewski   fixing CSS and JS... 
97
35daee3f   Alexis Koralewski   Add bot security ... 
98
99
100
101
102
103
104
105
106
 
                        if request.POST.get("next"):
                            return redirect(request.POST.get('next'))
                        else:
                            return redirect(reverse("users"))
                    else:
                        return(render(request, "user_manager/home_login.html", locals()))
                else:
                    message = "One or more fields contain errors. Please try again"
                    form_errors = form.errors
e419a2f6   Alexis Koralewski   Add new version f... 
107
108
109
110
111
112
 
    else:
        message = "The system encountered an error. Please try again"

    error = True
    return (render(request, "user_manager/home_user_creation.html", locals()))
1ba49504   Alexis Koralewski   fixing CSS and JS... 
113
e419a2f6   Alexis Koralewski   Add new version f... 
114
115
116
117
 
def login_validation(request):
    '''
        View called when the user log in (form submitted)
    '''
1ba49504   Alexis Koralewski   fixing CSS and JS... 
118
119
 
    config = OBSConfig(
        os.environ["PATH_TO_OBSCONF_FILE"], os.environ["unit_name"])
ad3b297c   Alexis Koralewski   add pagination to... 
120
121
122
123
 
    observatory_name = config.get_obs_name()
    first_unit_name = config.get_units_name()[0]
    request.session["obsname"] = observatory_name+" "+first_unit_name
    request.session["pyros_config"] = settings.CONFIG_PYROS
e419a2f6   Alexis Koralewski   Add new version f... 
124
 
    if request.user.is_authenticated:
e419a2f6   Alexis Koralewski   Add new version f... 
125
126
127
128
 
        if request.POST.get("next"):
            return redirect(request.POST.get('next'))
        # initiate variable session for telling which role the user is using if this user has multiple roles
        # default role is the role with maximum priority
1ba49504   Alexis Koralewski   fixing CSS and JS... 
129
130
 
        request.session["role"] = str(UserLevel.objects.get(
            priority=request.user.get_priority()))
02d94ed3   Alexis Koralewski   Reworking UI of w... 
131
 
        return redirect(reverse("index"))
e419a2f6   Alexis Koralewski   Add new version f... 
132
133
134
135
 
    username = password = ''
    if request.POST:
        email = request.POST.get('email')
        password = request.POST.get('password')
81d77f22   Alexis Koralewski   Adding 'forgotten... 
136
137
138
139
 
        try:
            is_user_active = PyrosUser.objects.get(username=email).is_active
        except:
            is_user_active = None
e419a2f6   Alexis Koralewski   Add new version f... 
140
141
142
143
144
145
146
147
148
149
 
        user = authenticate(username=email, password=password)
        if user is not None:
            success = False
            if user.is_active:
                login(request, user)
                request.session['user'] = email
                message = "Oui"
                success = True
                # initiate variable session for telling which role the user is using if this user has multiple roles
                # default role is the role with maximum priority
1ba49504   Alexis Koralewski   fixing CSS and JS... 
150
151
 
                request.session["role"] = str(UserLevel.objects.get(
                    priority=request.user.get_priority()))
41bdf9a6   Alexis Koralewski   Adding SP on user... 
152
 
                log.info(f"User {user} did action login")
e419a2f6   Alexis Koralewski   Add new version f... 
153
154
 
                if request.POST.get("next"):
                    return redirect(request.POST.get('next'))
02d94ed3   Alexis Koralewski   Reworking UI of w... 
155
 
                return redirect(reverse("index"))
e419a2f6   Alexis Koralewski   Add new version f... 
156
 
            else:
81d77f22   Alexis Koralewski   Adding 'forgotten... 
157
 
                message = "Your account is not active, please contact the Unit-PI."
e419a2f6   Alexis Koralewski   Add new version f... 
158
 
        else:
81d77f22   Alexis Koralewski   Adding 'forgotten... 
159
160
161
162
 
            if is_user_active != None and not is_user_active:
                message = "Your account is not active, please contact the Unit-PI."
            elif is_user_active or is_user_active == None:
                message = "Your email and/or password were incorrect."
1ba49504   Alexis Koralewski   fixing CSS and JS... 
163
e419a2f6   Alexis Koralewski   Add new version f... 
164
165
166
167
168
 
    else:
        message = "An unexpected error has occurred"
    error = True
    return(render(request, "user_manager/home_login.html", locals()))
e419a2f6   Alexis Koralewski   Add new version f... 
169
170
171
172
173
174
 

@login_required
def superoperator_return(request):
    current_user = request.user
    return(render(request, "user_manager/user_detail.html", {'user': current_user, 'admin': 0}))
1ba49504   Alexis Koralewski   fixing CSS and JS... 
175
e419a2f6   Alexis Koralewski   Add new version f... 
176
177
178
179
180
 
@login_required
def user_logout(request):
    '''
        View called to log out. Redirects on login page.
    '''
190c6ece   Alexis Koralewski   Fixing test with ... 
181
 
    if request.method == "POST":
8077341c   Alexis Koralewski   Update logout for... 
182
183
184
185
186
187
188
189
190
 
        log.info(f"User {request.user} did action logout")
        logout(request)
        config = OBSConfig(
            os.environ["PATH_TO_OBSCONF_FILE"], os.environ["unit_name"])
        observatory_name = config.get_obs_name()
        first_unit_name = config.get_units_name()[0]
        request.session["obsname"] = observatory_name+" "+first_unit_name
        return redirect(reverse("index"))
        return(render(request, LOGGED_PAGE, {'USER_LEVEL':  "Visitor", 'base_template': 'base.html', 'weather_img': "red"}))
1ba49504   Alexis Koralewski   fixing CSS and JS... 
191
e419a2f6   Alexis Koralewski   Add new version f... 
192
193
 

def user_signin(request):
1ba49504   Alexis Koralewski   fixing CSS and JS... 
194
 
    return(render(request, "user_manager/home_login.html", {"next": request.GET.get("next")}))
e419a2f6   Alexis Koralewski   Add new version f... 
195
196
197
 


@login_required
1ba49504   Alexis Koralewski   fixing CSS and JS... 
198
199
200
 
@level_required("Admin", "Unit-PI")
def delete_user(request, pk):
    user_to_be_deleted = get_object_or_404(PyrosUser, pk=pk)
81d77f22   Alexis Koralewski   Adding 'forgotten... 
201
 
    if request.user != user_to_be_deleted and request.method == "POST":
e419a2f6   Alexis Koralewski   Add new version f... 
202
203
 
        user_to_be_deleted.delete()
        return HttpResponseRedirect(reverse('users'))
81d77f22   Alexis Koralewski   Adding 'forgotten... 
204
 
    else:
1ba49504   Alexis Koralewski   fixing CSS and JS... 
205
 
        return HttpResponseRedirect(reverse("user_detail", kwargs={"pk": pk}))
e419a2f6   Alexis Koralewski   Add new version f... 
206
207
208
 


@login_required
a61943b5   Alexis Koralewski   Reworking Unit-bo... 
209
 
@level_required("Admin", "Observer", "Management", "Operator", "Unit-PI", "TAC", "Unit-board")
e419a2f6   Alexis Koralewski   Add new version f... 
210
211
212
 
def users(request):
    current_user = request.user
    pyros_users_with_roles = []
dc5e48b6   Alexis Koralewski   Fixing who can ed... 
213
 
    admin_and_unit_users = []
02d94ed3   Alexis Koralewski   Reworking UI of w... 
214
 
    inactive_pyros_users = None
81d77f22   Alexis Koralewski   Adding 'forgotten... 
215
 
    common_scientific_programs = None
e419a2f6   Alexis Koralewski   Add new version f... 
216
217
218
219
 
    if request.session.get("role"):
        role = request.session.get("role")
    else:
        role = current_user.get_priority()
a61943b5   Alexis Koralewski   Reworking Unit-bo... 
220
 
    if role in "Admin,Unit-PI,Unit-board":
1ba49504   Alexis Koralewski   fixing CSS and JS... 
221
222
223
224
 
        pyros_users_with_roles = PyrosUser.objects.exclude(
            is_active=False).order_by("-id")
        inactive_pyros_users = PyrosUser.objects.filter(
            is_active=False).order_by("-id")
e419a2f6   Alexis Koralewski   Add new version f... 
225
 
    else:
1ba49504   Alexis Koralewski   fixing CSS and JS... 
226
227
228
 
        sp_of_current_user = current_user.get_scientific_program()
        sp_periods_of_current_user = SP_Period.objects.filter(
            scientific_program__in=sp_of_current_user)
81d77f22   Alexis Koralewski   Adding 'forgotten... 
229
 
        common_scientific_programs = sp_of_current_user
1ba49504   Alexis Koralewski   fixing CSS and JS... 
230
231
 
        for sp in sp_periods_of_current_user:
            for user in SP_Period_User.objects.filter(SP_Period__in=sp_periods_of_current_user).exclude(user=current_user).values_list("user", flat=True):
e419a2f6   Alexis Koralewski   Add new version f... 
232
 
                pyros_users_with_roles.append(PyrosUser.objects.get(id=user))
1ba49504   Alexis Koralewski   fixing CSS and JS... 
233
234
235
236
 
            pyros_users_with_roles.append(
                sp.scientific_program.sp_pi)
        admin_and_unit_users = PyrosUser.objects.filter(
            user_level__name__in=("Unit-PI", "Unit-board", "Admin")).distinct()
e419a2f6   Alexis Koralewski   Add new version f... 
237
 
    nb_of_scientific_program = ScientificProgram.objects.count()
a61943b5   Alexis Koralewski   Reworking Unit-bo... 
238
 
    CAN_ADD_USER = request.session.get("role") in ("Admin,Unit-PI,Unit-board")
e419a2f6   Alexis Koralewski   Add new version f... 
239
240
 
    # need the negative to calculate in the template for adjusting correctly the information display
    negative_nb_scientific_program = -nb_of_scientific_program
ad3b297c   Alexis Koralewski   add pagination to... 
241
242
 

    page = request.GET.get('page', 1)
1ba49504   Alexis Koralewski   fixing CSS and JS... 
243
244
 
    pyros_users_paginator = Paginator(
        pyros_users_with_roles, settings.NB_ELEMENT_PER_PAGE)
ad3b297c   Alexis Koralewski   add pagination to... 
245
246
247
248
249
 
    try:
        pyros_users_with_roles = pyros_users_paginator.page(page)
    except PageNotAnInteger:
        pyros_users_with_roles = pyros_users_paginator.page(1)
    except EmptyPage:
1ba49504   Alexis Koralewski   fixing CSS and JS... 
250
251
 
        pyros_users_with_roles = pyros_users_paginator.page(
            pyros_users_paginator.num_pages)
cc15cb36   Alexis Koralewski   improving user ac... 
252
253
 
    return render(request, 'user_manager/users_management.html', {
        'pyros_users_with_roles': pyros_users_with_roles,
1ba49504   Alexis Koralewski   fixing CSS and JS... 
254
 
        "inactive_pyros_users": inactive_pyros_users,
cc15cb36   Alexis Koralewski   improving user ac... 
255
 
        "nb_of_scientific_program": nb_of_scientific_program,
1ba49504   Alexis Koralewski   fixing CSS and JS... 
256
257
 
        "negative_nb_scientific_program": negative_nb_scientific_program,
        "common_scientific_programs": common_scientific_programs,
dc5e48b6   Alexis Koralewski   Fixing who can ed... 
258
 
        "admin_and_unit_users": admin_and_unit_users,
cc15cb36   Alexis Koralewski   improving user ac... 
259
 
        "CAN_ADD_USER": CAN_ADD_USER
1ba49504   Alexis Koralewski   fixing CSS and JS... 
260
261
 
    })
e419a2f6   Alexis Koralewski   Add new version f... 
262
263
 

@login_required
a61943b5   Alexis Koralewski   Reworking Unit-bo... 
264
 
@level_required("Admin", "Unit-PI", "Unit-board")
e419a2f6   Alexis Koralewski   Add new version f... 
265
 
def change_activate(request, pk, current_user_id):
02d94ed3   Alexis Koralewski   Reworking UI of w... 
266
267
268
269
270
 
    role = None
    if request.session.get("role") != None:
        role = request.session.get("role")
    else:
        role = UserLevel.objects.get(priority=request.user.get_priority()).name
a61943b5   Alexis Koralewski   Reworking Unit-bo... 
271
 
    if role in ["Admin", "Unit-PI", "Unit-board"]:
1ba49504   Alexis Koralewski   fixing CSS and JS... 
272
 
        try:
81d77f22   Alexis Koralewski   Adding 'forgotten... 
273
274
275
276
277
278
279
280
 
            user = get_object_or_404(PyrosUser, pk=pk)
            user.is_active = not user.is_active
            text_mail = ""
            text_object = ""
            if (user.first_time == False and user.is_active == True):
                user.first_time = True
                text_mail = "Hi,\n\nCongratulations, your registration has been approved by the PI. Welcome to the PyROS Control Center.\nIn order to submit observation sequences, you need to be associated to a scientific program.\n\nCordially,\n\nPyROS Control Center"
                text_object = "[PyROS CC] Welcome"
1ba49504   Alexis Koralewski   fixing CSS and JS... 
281
282
283
284
 
                user.validator = get_object_or_404(
                    PyrosUser, pk=current_user_id)
                send_mail(text_object, text_mail, '', [
                          user.email], fail_silently=False,)
81d77f22   Alexis Koralewski   Adding 'forgotten... 
285
1ba49504   Alexis Koralewski   fixing CSS and JS... 
286
 
            # We're not sending an email if the account has been desactivated or re-activated
81d77f22   Alexis Koralewski   Adding 'forgotten... 
287
288
289
290
291
292
 
            # elif (user.is_active == True):
            #     text_mail = "Hi,\n\nYour account on the PyROS Control Center have been re-activated.\n\nCordially,\n\nPyROS Control Center"
            #     text_object = "[PyROS CC] Re-activation"
            # else :
            #     text_mail = "Hi,\n\nYour account on the PyROS Control Center have benn desactivated. Please contact the PI for futher information.\n\nCordially,\n\nPyROS Control Center"
            #     text_object = "[PyROS CC] Desactivation"
1ba49504   Alexis Koralewski   fixing CSS and JS... 
293
81d77f22   Alexis Koralewski   Adding 'forgotten... 
294
 
            user.save()
1ba49504   Alexis Koralewski   fixing CSS and JS... 
295
81d77f22   Alexis Koralewski   Adding 'forgotten... 
296
297
298
299
 
            return redirect('user_detail', pk=pk)
        except PyrosUser.DoesNotExist:
            return redirect('user_detail', pk=pk)
    else:
1ba49504   Alexis Koralewski   fixing CSS and JS... 
300
301
302
 
        return redirect("user_detail", pk=pk)
e419a2f6   Alexis Koralewski   Add new version f... 
303
 
@login_required
a61943b5   Alexis Koralewski   Reworking Unit-bo... 
304
 
# @level_required("Admin","Observer","Management","Operator","Unit-PI","TAC","Unit-board")
1ba49504   Alexis Koralewski   fixing CSS and JS... 
305
 
def user_detail_view(request, pk):
e419a2f6   Alexis Koralewski   Add new version f... 
306
307
 
    try:
        is_last_user = PyrosUser.objects.count() == 1
1ba49504   Alexis Koralewski   fixing CSS and JS... 
308
 
        user = PyrosUser.objects.get(pk=pk)
e419a2f6   Alexis Koralewski   Add new version f... 
309
310
 
        current_user = request.user
        roles = current_user.get_list_of_roles()
cc15cb36   Alexis Koralewski   improving user ac... 
311
 
        sp_periods = SP_Period_User.objects.filter(user=user)
1ba49504   Alexis Koralewski   fixing CSS and JS... 
312
313
314
315
316
317
318
319
320
321
 
        CAN_VIEW_VALIDATOR = request.user.id == pk or request.session.get(
            "role") in ("Admin", "Unit-PI", "Unit-board")
        CAN_DELETE_USER = not is_last_user and request.session.get("role") in (
            "Admin", "Unit-PI", "Unit-board") and not user.is_superuser and request.user != user
        CAN_ACTIVATE_USER = not is_last_user and request.session.get("role") in (
            "Admin", "Unit-PI", "Unit-board") and not user.is_superuser and request.user != user
        CAN_EDIT_USER = request.user.id == pk or request.session.get(
            "role") in ("Admin", "Unit-PI", "Unit-board")
        CAN_VIEW_MOTIVE_OF_REGISTRATION = request.session.get("role") in (
            "Admin", "Unit-PI", "Unit-board") and len(user.motive_of_registration) > 0
41bdf9a6   Alexis Koralewski   Adding SP on user... 
322
 
        scientific_programs = user.get_scientific_program()
e419a2f6   Alexis Koralewski   Add new version f... 
323
324
 
    except PyrosUser.DoesNotExist:
        raise Http404("User does not exist")
cc15cb36   Alexis Koralewski   improving user ac... 
325
 
    return render(request, 'user_manager/user_detail.html', context={
1ba49504   Alexis Koralewski   fixing CSS and JS... 
326
327
328
329
330
 
        'user': user,
        'current_user': current_user,
        'is_last_user': is_last_user,
        "roles": roles,
        "scientific_programs": scientific_programs,
cc15cb36   Alexis Koralewski   improving user ac... 
331
332
333
 
        "CAN_VIEW_VALIDATOR": CAN_VIEW_VALIDATOR,
        "CAN_DELETE_USER": CAN_DELETE_USER,
        "CAN_ACTIVATE_USER": CAN_ACTIVATE_USER,
67a50452   Alexis Koralewski   Add variable to c... 
334
 
        "CAN_EDIT_USER": CAN_EDIT_USER,
1ba49504   Alexis Koralewski   fixing CSS and JS... 
335
 
        "CAN_VIEW_MOTIVE_OF_REGISTRATION": CAN_VIEW_MOTIVE_OF_REGISTRATION
cc15cb36   Alexis Koralewski   improving user ac... 
336
 
    })
e419a2f6   Alexis Koralewski   Add new version f... 
337
1ba49504   Alexis Koralewski   fixing CSS and JS... 
338
e419a2f6   Alexis Koralewski   Add new version f... 
339
340
 
@login_required
@level_required()
1ba49504   Alexis Koralewski   fixing CSS and JS... 
341
 
def user_detail_edit(request, pk):
e419a2f6   Alexis Koralewski   Add new version f... 
342
343
344
345
 
    if request.session.get("role"):
        role = request.session.get("role")
    else:
        role = request.user.get_priority()
a61943b5   Alexis Koralewski   Reworking Unit-bo... 
346
347
 
    # If its not his user profile or user isn't Unit-PI, Unit-board, Admin or SP-PI, He can't edit this user profile and he is redirected to home page
    if (request.user.id != pk and role not in ("Admin", "Unit-PI", "Unit-board")):
e419a2f6   Alexis Koralewski   Add new version f... 
348
349
 
        return HttpResponseRedirect(reverse('index'))
    edit = get_object_or_404(PyrosUser, pk=pk)
02d94ed3   Alexis Koralewski   Reworking UI of w... 
350
 
    is_sp_pi = ScientificProgram.objects.filter(sp_pi=edit).count() > 0
e419a2f6   Alexis Koralewski   Add new version f... 
351
 
    form = UserForm(request.POST or None, instance=edit)
1ba49504   Alexis Koralewski   fixing CSS and JS... 
352
353
354
355
 
    CAN_EDIT_ROLE = request.session.get("role") in (
        "Admin", "Unit-PI", "Unit-board")
    CAN_EDIT_INSTITUTE = request.session.get(
        "role") in ("Admin", "Unit-PI", "Unit-board")
077d5a23   Alexis Koralewski   adding science th... 
356
 
    CAN_EDIT_REFEREE_THEME = request.session.get("role") != "Visitor"
e419a2f6   Alexis Koralewski   Add new version f... 
357
358
 
    # creating list of roles for the formular excluding visitor of the list
    roles = UserLevel.objects.exclude(name="Visitor")
077d5a23   Alexis Koralewski   adding science th... 
359
 
    if request.POST and form.is_valid():
e419a2f6   Alexis Koralewski   Add new version f... 
360
 
        obj = form.save(commit=False)
1ba49504   Alexis Koralewski   fixing CSS and JS... 
361
 
        if(len(request.POST.getlist("roles")) > 0):
e419a2f6   Alexis Koralewski   Add new version f... 
362
363
364
365
366
367
 
            if("Admin" in request.POST.getlist("roles")):
                # if Admin role has been assigned, add the authorisations to access to django admin pages
                obj.is_staff = True
                obj.is_admin = True
                obj.is_superuser = True
            else:
1ba49504   Alexis Koralewski   fixing CSS and JS... 
368
 
                # just in case (for example, if user was previously an admin and has been downgraded) we're removing those authorisations
e419a2f6   Alexis Koralewski   Add new version f... 
369
370
371
372
373
374
 
                obj.is_staff = False
                obj.is_admin = False
            obj.user_level.set(request.POST.getlist("roles"))
        else:
            # No role has been assigned, so the user has the Visitor role
            obj.user_level.set([UserLevel.objects.get(name="Visitor")])
1ba49504   Alexis Koralewski   fixing CSS and JS... 
375
 
        if(len(request.POST.getlist("referee_themes")) > 0):
077d5a23   Alexis Koralewski   adding science th... 
376
377
378
 
            obj.referee_themes.set(request.POST.getlist("referee_themes"))
        else:
            obj.referee_themes.set([])
e419a2f6   Alexis Koralewski   Add new version f... 
379
 
        obj.save()
dc5e48b6   Alexis Koralewski   Fixing who can ed... 
380
 
        if request.user == obj:
1ba49504   Alexis Koralewski   fixing CSS and JS... 
381
382
 
            request.session["role"] = UserLevel.objects.get(
                priority=request.user.get_priority()).name
077d5a23   Alexis Koralewski   adding science th... 
383
e419a2f6   Alexis Koralewski   Add new version f... 
384
 
        return redirect('user_detail', pk=pk)
cc15cb36   Alexis Koralewski   improving user ac... 
385
386
 
    return render(request, 'user_manager/user_detail_edit.html', {
        'form': form,
1ba49504   Alexis Koralewski   fixing CSS and JS... 
387
388
389
390
 
        "roles": roles,
        "pk": pk,
        "user_edit": edit,
        "is_sp_pi": is_sp_pi,
dc5e48b6   Alexis Koralewski   Fixing who can ed... 
391
 
        "CAN_EDIT_ROLE": CAN_EDIT_ROLE,
077d5a23   Alexis Koralewski   adding science th... 
392
393
 
        "CAN_EDIT_INSTITUTE": CAN_EDIT_INSTITUTE,
        "CAN_EDIT_REFEREE_THEME": CAN_EDIT_REFEREE_THEME
cc15cb36   Alexis Koralewski   improving user ac... 
394
 
    })
e419a2f6   Alexis Koralewski   Add new version f... 
395
396
397
398
399
400
 


def set_active_role(request):
    previous_active_role = request.session.get("role")
    if request.user.is_authenticated:
        if request.POST.get("role"):
1ba49504   Alexis Koralewski   fixing CSS and JS... 
401
402
 
            request.session["role"] = str(
                UserLevel.objects.get(name=request.POST.get("role")))
e419a2f6   Alexis Koralewski   Add new version f... 
403
 
            if(previous_active_role is not None and previous_active_role != request.session.get("role")):
1ba49504   Alexis Koralewski   fixing CSS and JS... 
404
405
 
                messages.success(
                    request, f"Role changed from {previous_active_role} to {request.session.get('role')}")
02d94ed3   Alexis Koralewski   Reworking UI of w... 
406
407
 
                text_reponse = f'<div class="alert alert-info alert-dismissable"><button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>\
                Role changed from {previous_active_role} to {request.session.get("role")}</div>'
1ba49504   Alexis Koralewski   fixing CSS and JS... 
408
 
                return HttpResponse(text_reponse)