Commit 81d77f223a756d885be5c9b5871f452b29be6c1f

Authored by Alexis Koralewski
1 parent e12f5b27
Exists in dev

Adding 'forgotten password' feature

src/core/pyros_django/user_manager/templates/user_manager/forgotten_password.html 0 → 100644
... ... @@ -0,0 +1,24 @@
  1 +{% extends "user_manager/base_home.html" %}
  2 +{% block content %}
  3 +
  4 +<div class="text-center" style="width: 80%; margin: 0 auto">
  5 + Forgot your password? Please enter the email address you used to register
  6 + with us and we will send you a temparorary password to log in. <br>
  7 + We recommend you to change it as soon as possible on your profile page.<br>
  8 + </h3>
  9 +</div>
  10 +<br/>
  11 +
  12 +<form action="" method="POST" class="text-center">
  13 + {% csrf_token %}
  14 + {{form}}
  15 + <input type="submit" value="Send email" /><br>
  16 +</form><br/>
  17 +{% if message %}
  18 + {{ message }}
  19 +{% endif %}
  20 +<div class="text-center">
  21 + <a href="{% url 'user_signin' %}">Return to sign in page</a>
  22 +</div>
  23 +
  24 +{% endblock%}
0 25 \ No newline at end of file
... ...
src/core/pyros_django/user_manager/templates/user_manager/home_login.html
... ... @@ -29,6 +29,7 @@
29 29 </div>
30 30 <div class="row">
31 31 <input class="btn btn-primary" type="submit" value="Log In" />
  32 + <a href="{% url "forgotten_password" %}" class="btn btn-primary">Forgot your password ?</a>
32 33 <a href="{% url "create_user" %}" class="btn btn-primary">Subscription form</a>
33 34 </div>
34 35 </div>
... ...
src/core/pyros_django/user_manager/urls.py
... ... @@ -7,6 +7,7 @@ from .forms import UserPasswordResetForm
7 7 urlpatterns = [
8 8 path('users', views.users, name="users"),
9 9 url(r'^create$', views.create_user, name="create_user"),
  10 + url(r'^forgotten_password$', views.forgotten_password, name="forgotten_password"),
10 11 url(r'^creation_validate$', views.user_signup_validation, name="user_signup_validation"),
11 12 url(r'^login$', views.login_validation, name="login_validation"),
12 13 url(r'^profile$', views.profile, name="profile"),
... ...
src/core/pyros_django/user_manager/views.py
... ... @@ -4,12 +4,13 @@ from django.contrib.auth.decorators import login_required
4 4 from dashboard.decorator import level_required
5 5 from django.shortcuts import get_object_or_404
6 6 from dashboard.forms import UserForm
7   -from .forms import PyrosUserCreationForm
  7 +from .forms import PyrosUserCreationForm,UserPasswordResetForm
8 8 from django.core.mail import send_mail
9 9 from common.models import ScientificProgram, PyrosUser,UserLevel, SP_Period, SP_Period_User
10 10 from django.urls import reverse
11 11 from django.http import HttpResponseRedirect,HttpResponse
12   -
  12 +from obsconfig.configpyros import ConfigPyros
  13 +from django.conf import settings as pyros_settings
13 14  
14 15 LOGGED_PAGE = "../../dashboard/templates/dashboard/index.html"
15 16  
... ... @@ -35,6 +36,25 @@ def create_user(request):
35 36 form = PyrosUserCreationForm()
36 37 return (render(request, "user_manager/home_user_creation.html", locals()))
37 38  
  39 +def forgotten_password(request):
  40 + form = UserPasswordResetForm()
  41 + message=""
  42 + if request.POST:
  43 + password = PyrosUser.objects.make_random_password()
  44 + user = PyrosUser.objects.get(email=request.POST["email"])
  45 + if user != None:
  46 + user.set_password(password)
  47 + user.save()
  48 + send_mail(
  49 + '[PyROS CC] Registration',
  50 + f"Hello,\nYou recently took steps to reset the password for your PyROS account. A temporary password has been assigned, please log in with the following password: '{password}'. \n\nCordially,\n\nPyROS Control Center'",
  51 + '',
  52 + [request.POST['email']],
  53 + fail_silently=False,
  54 + )
  55 + message="The email has been send !"
  56 + return render(request, 'user_manager/forgotten_password.html',{"form":form,"message":message})
  57 +
38 58 def user_signup_validation(request):
39 59 '''
40 60 View called to validate the user creation (form submitted)
... ... @@ -50,6 +70,7 @@ def user_signup_validation(request):
50 70 message = "Account creation successful ! Login to continue"
51 71 success = True
52 72 if request.user.is_authenticated:
  73 +
53 74 if request.POST.get("next"):
54 75 return redirect(request.POST.get('next'))
55 76 else:
... ... @@ -70,6 +91,10 @@ def login_validation(request):
70 91 View called when the user log in (form submitted)
71 92 '''
72 93 if request.user.is_authenticated:
  94 + config = ConfigPyros(pyros_settings.PATH_TO_OBSCONF_FILE)
  95 + observatory_name = config.get_obs_name()
  96 + first_unit_name = config.get_units_name()[0]
  97 + request.session["obsname"] = observatory_name+" "+first_unit_name
73 98 if request.POST.get("next"):
74 99 return redirect(request.POST.get('next'))
75 100 # initiate variable session for telling which role the user is using if this user has multiple roles
... ... @@ -80,6 +105,10 @@ def login_validation(request):
80 105 if request.POST:
81 106 email = request.POST.get('email')
82 107 password = request.POST.get('password')
  108 + try:
  109 + is_user_active = PyrosUser.objects.get(username=email).is_active
  110 + except:
  111 + is_user_active = None
83 112 user = authenticate(username=email, password=password)
84 113 if user is not None:
85 114 success = False
... ... @@ -95,9 +124,13 @@ def login_validation(request):
95 124 return redirect(request.POST.get('next'))
96 125 return(render(request, LOGGED_PAGE, {'USER_LEVEL': request.user.get_priority(), 'base_template' : "base.html", 'weather_img': "normal", 'success' : success}))
97 126 else:
98   - message = "Your account is not active, please contact the site administrator."
  127 + message = "Your account is not active, please contact the Unit-PI."
99 128 else:
100   - message = "Your email and/or password were incorrect."
  129 + if is_user_active != None and not is_user_active:
  130 + message = "Your account is not active, please contact the Unit-PI."
  131 + elif is_user_active or is_user_active == None:
  132 + message = "Your email and/or password were incorrect."
  133 +
101 134 else:
102 135 message = "An unexpected error has occurred"
103 136 error = True
... ... @@ -126,6 +159,10 @@ def user_logout(request):
126 159 '''
127 160  
128 161 logout(request)
  162 + config = ConfigPyros(pyros_settings.PATH_TO_OBSCONF_FILE)
  163 + observatory_name = config.get_obs_name()
  164 + first_unit_name = config.get_units_name()[0]
  165 + request.session["obsname"] = observatory_name+" "+first_unit_name
129 166 return(render(request, LOGGED_PAGE, {'USER_LEVEL' : "Visitor", 'base_template' : 'base_unlogged.html', 'weather_img': "red"}))
130 167  
131 168 def user_signin(request):
... ... @@ -133,12 +170,14 @@ def user_signin(request):
133 170  
134 171  
135 172 @login_required
136   -@level_required("Admin")
  173 +@level_required("Admin","Unit-PI")
137 174 def delete_user(request,pk):
138 175 user_to_be_deleted = get_object_or_404(PyrosUser,pk=pk)
139   - if request.method == "POST":
  176 + if request.user != user_to_be_deleted and request.method == "POST":
140 177 user_to_be_deleted.delete()
141 178 return HttpResponseRedirect(reverse('users'))
  179 + else:
  180 + return HttpResponseRedirect(reverse("user_detail",kwargs={"pk":pk}))
142 181  
143 182  
144 183 @login_required
... ... @@ -147,54 +186,56 @@ def users(request):
147 186 current_user = request.user
148 187 pyros_users_with_roles = []
149 188 pyros_users_without_roles = None
  189 + common_scientific_programs = None
150 190 if request.session.get("role"):
151 191 role = request.session.get("role")
152 192 else:
153 193 role = current_user.get_priority()
154   -
155 194 if role in "Admin,Unit-PI,Unit board":
156 195 pyros_users_with_roles = PyrosUser.objects.exclude(user_level__name="Visitor").order_by("-id")
157 196 pyros_users_without_roles = PyrosUser.objects.filter(user_level__name="Visitor").order_by("-id")
158 197 else:
159 198 sp_of_current_user = SP_Period_User.objects.filter(user=current_user)
160   - pyros_user_with_roles = []
  199 + common_scientific_programs = sp_of_current_user
161 200 for sp in sp_of_current_user:
162 201 for user in SP_Period_User.objects.filter(SP_Period=sp.SP_Period).exclude(user=current_user).values_list("user",flat=True):
163 202 pyros_users_with_roles.append(PyrosUser.objects.get(id=user))
164 203 nb_of_scientific_program = ScientificProgram.objects.count()
165 204 # need the negative to calculate in the template for adjusting correctly the information display
166 205 negative_nb_scientific_program = -nb_of_scientific_program
167   - return render(request, 'user_manager/users_management.html', {'pyros_users_with_roles': pyros_users_with_roles,"pyros_users_without_roles":pyros_users_without_roles,"nb_of_scientific_program": nb_of_scientific_program,"negative_nb_scientific_program":negative_nb_scientific_program}) # return the initial view (the users management's one)
  206 + return render(request, 'user_manager/users_management.html', {'pyros_users_with_roles': pyros_users_with_roles,"pyros_users_without_roles":pyros_users_without_roles,"nb_of_scientific_program": nb_of_scientific_program,"negative_nb_scientific_program":negative_nb_scientific_program,"common_scientific_programs":common_scientific_programs})
168 207  
169 208 @login_required
170 209 @level_required("Admin","Unit-PI","Unit board")
171 210 def change_activate(request, pk, current_user_id):
172   - try :
173   - user = get_object_or_404(PyrosUser, pk=pk)
174   - user.is_active = not user.is_active
175   - text_mail = ""
176   - text_object = ""
177   - if (user.first_time == False and user.is_active == True):
178   - user.first_time = True
179   - text_mail = "Hi,\n\nCongratulations, your registration has been approved by the PI. Welcome to the PyROS Control Center.\nIn order to submit observation sequences, you need to be associated to a scientific program.\n\nCordially,\n\nPyROS Control Center"
180   - text_object = "[PyROS CC] Welcome"
181   - user.validator = get_object_or_404(PyrosUser,pk=current_user_id)
182   - send_mail(text_object, text_mail, '', [user.email], fail_silently=False,)
183   -
184   - # We're not sending an email if the account has been desactivated or re-activated
185   - # elif (user.is_active == True):
186   - # text_mail = "Hi,\n\nYour account on the PyROS Control Center have been re-activated.\n\nCordially,\n\nPyROS Control Center"
187   - # text_object = "[PyROS CC] Re-activation"
188   - # else :
189   - # text_mail = "Hi,\n\nYour account on the PyROS Control Center have benn desactivated. Please contact the PI for futher information.\n\nCordially,\n\nPyROS Control Center"
190   - # text_object = "[PyROS CC] Desactivation"
191   -
192   - user.save()
193   -
194   - return redirect('user_detail', pk=pk)
195   - except PyrosUser.DoesNotExist:
196   - return redirect('user_detail', pk=pk)
  211 + if PyrosUser.objects.get(id=current_user_id).get_roles_str() in ["Admin","Unit-PI","Unit board"]:
  212 + try :
  213 + user = get_object_or_404(PyrosUser, pk=pk)
  214 + user.is_active = not user.is_active
  215 + text_mail = ""
  216 + text_object = ""
  217 + if (user.first_time == False and user.is_active == True):
  218 + user.first_time = True
  219 + text_mail = "Hi,\n\nCongratulations, your registration has been approved by the PI. Welcome to the PyROS Control Center.\nIn order to submit observation sequences, you need to be associated to a scientific program.\n\nCordially,\n\nPyROS Control Center"
  220 + text_object = "[PyROS CC] Welcome"
  221 + user.validator = get_object_or_404(PyrosUser,pk=current_user_id)
  222 + send_mail(text_object, text_mail, '', [user.email], fail_silently=False,)
197 223  
  224 + # We're not sending an email if the account has been desactivated or re-activated
  225 + # elif (user.is_active == True):
  226 + # text_mail = "Hi,\n\nYour account on the PyROS Control Center have been re-activated.\n\nCordially,\n\nPyROS Control Center"
  227 + # text_object = "[PyROS CC] Re-activation"
  228 + # else :
  229 + # text_mail = "Hi,\n\nYour account on the PyROS Control Center have benn desactivated. Please contact the PI for futher information.\n\nCordially,\n\nPyROS Control Center"
  230 + # text_object = "[PyROS CC] Desactivation"
  231 +
  232 + user.save()
  233 +
  234 + return redirect('user_detail', pk=pk)
  235 + except PyrosUser.DoesNotExist:
  236 + return redirect('user_detail', pk=pk)
  237 + else:
  238 + return redirect("user_detail",pk=pk)
198 239 @login_required
199 240 @level_required("Admin","Observer","Management","Operator","Unit-PI","TAC","Unit board")
200 241 def user_detail_view(request,pk):
... ...