18
18
# Author: Matt Giuca, Will Grant
21
import formencode.validators
22
from genshi.filters import HTMLFormFiller
24
from ivle.database import User
26
from ivle.pulldown_subj import enrol_user
27
from ivle.webapp import ApplicationRoot
28
from ivle.webapp.base.forms import BaseFormView, URLNameValidator
20
from ivle.webapp.base.rest import JSONRESTView, require_permission
29
21
from ivle.webapp.base.xhtml import XHTMLView
30
22
from ivle.webapp.base.plugins import ViewPlugin, MediaPlugin
31
from ivle.webapp.admin.publishing import root_to_user, user_url
34
class UsersView(XHTMLView):
35
"""A list of all IVLE users."""
36
template = 'templates/users.html'
38
breadcrumb_text = 'Users'
40
def authorize(self, req):
41
return req.user and req.user.admin
43
def populate(self, req, ctx):
45
ctx['users'] = req.store.find(User).order_by(User.login)
48
class UserEditSchema(formencode.Schema):
49
nick = formencode.validators.UnicodeString(not_empty=True)
50
email = formencode.validators.Email(not_empty=False,
53
class UserEditView(BaseFormView):
54
"""A form to change a user's details."""
55
template = 'templates/user-edit.html'
61
return UserEditSchema()
63
def get_default_data(self, req):
64
return {'nick': self.context.nick,
65
'email': self.context.email
68
def save_object(self, req, data):
69
self.context.nick = data['nick']
70
self.context.email = unicode(data['email']) if data['email'] \
74
def populate(self, req, ctx):
75
super(UserEditView, self).populate(req, ctx)
76
ctx['format_datetime'] = ivle.date.make_date_nice
77
ctx['format_datetime_short'] = ivle.date.format_datetime_for_paragraph
80
class UserAdminSchema(formencode.Schema):
81
admin = formencode.validators.StringBoolean(if_missing=False)
82
disabled = formencode.validators.StringBoolean(if_missing=False)
83
fullname = formencode.validators.UnicodeString(not_empty=True)
84
studentid = formencode.validators.UnicodeString(not_empty=False,
88
class UserAdminView(BaseFormView):
89
"""A form for admins to change more of a user's details."""
90
template = 'templates/user-admin.html'
93
def authorize(self, req):
94
"""Only allow access if the requesting user is an admin."""
95
return req.user and req.user.admin
99
return UserAdminSchema()
101
def get_default_data(self, req):
102
return {'admin': self.context.admin,
103
'disabled': self.context.state == u'disabled',
104
'fullname': self.context.fullname,
105
'studentid': self.context.studentid,
108
def save_object(self, req, data):
109
if self.context is req.user:
110
# Admin checkbox is disabled -- assume unchanged
111
data['admin'] = self.context.admin
112
data['disabled'] = self.context.state == u'disabled'
114
self.context.admin = data['admin']
115
if self.context.state in (u'enabled', u'disabled'):
116
self.context.state = (u'disabled' if data['disabled']
118
self.context.fullname = data['fullname'] \
119
if data['fullname'] else None
120
self.context.studentid = data['studentid'] \
121
if data['studentid'] else None
124
def populate(self, req, ctx):
125
super(UserAdminView, self).populate(req, ctx)
127
# Disable the admin checkbox if editing oneself
128
ctx['disable_admin'] = self.context is req.user
130
class PasswordChangeView(XHTMLView):
131
"""A form to change a user's password, with knowledge of the old one."""
132
template = 'templates/user-password-change.html'
136
def authorize(self, req):
137
"""Only allow access if the requesting user holds the permission,
138
and the target user has a password set. Otherwise we might be
139
clobbering external authn.
141
return super(PasswordChangeView, self).authorize(req) and \
142
self.context.passhash is not None
144
def populate(self, req, ctx):
146
if req.method == 'POST':
147
data = dict(req.get_fieldstorage())
148
if data.get('old_password') is None or \
149
not self.context.authenticate(data.get('old_password')):
150
error = 'Incorrect password.'
151
elif data.get('new_password') != data.get('new_password_again'):
152
error = 'New passwords do not match.'
153
elif not data.get('new_password'):
154
error = 'New password cannot be empty.'
156
self.context.password = data['new_password']
158
req.throw_redirect(req.uri)
161
ctx['user'] = self.context
164
class PasswordResetView(XHTMLView):
165
"""A form to reset a user's password, without knowledge of the old one."""
166
template = 'templates/user-password-reset.html'
169
def authorize(self, req):
170
"""Only allow access if the requesting user is an admin."""
171
return req.user and req.user.admin
173
def populate(self, req, ctx):
175
if req.method == 'POST':
176
data = dict(req.get_fieldstorage())
177
if data.get('new_password') != data.get('new_password_again'):
178
error = 'New passwords do not match.'
179
elif not data.get('new_password'):
180
error = 'New password cannot be empty.'
182
self.context.password = data['new_password']
184
req.throw_redirect(req.uri)
186
ctx['user'] = self.context
190
class UserNewSchema(formencode.Schema):
191
login = URLNameValidator() # XXX: Validate uniqueness.
192
admin = formencode.validators.StringBoolean(if_missing=False)
193
fullname = formencode.validators.UnicodeString(not_empty=True)
194
studentid = formencode.validators.UnicodeString(not_empty=False,
197
email = formencode.validators.Email(not_empty=False,
201
class UserNewView(BaseFormView):
202
"""A form for admins to create new users."""
203
template = 'templates/user-new.html'
206
def authorize(self, req):
207
"""Only allow access if the requesting user is an admin."""
208
return req.user and req.user.admin
212
return UserNewSchema()
214
def get_default_data(self, req):
217
def save_object(self, req, data):
218
data['nick'] = data['fullname']
219
data['email'] = unicode(data['email']) if data['email'] else None
220
userobj = User(**data)
221
req.store.add(userobj)
222
enrol_user(req.config, req.store, userobj)
23
from ivle.webapp.errors import NotFound, Unauthorized
27
# List of fields returned as part of the user JSON dictionary
28
# (as returned by the get_user action)
30
"login", "state", "unixid", "email", "nick", "fullname",
31
"admin", "studentid", "acct_exp", "pass_exp", "last_login",
35
class UserRESTView(JSONRESTView):
37
A REST interface to the user object.
39
def __init__(self, req, login):
40
super(UserRESTView, self).__init__(self, req, login)
41
self.context = ivle.database.User.get_by_login(req.store, login)
42
if self.context is None:
45
@require_permission('view')
48
user = ivle.util.object_to_dict(user_fields_list, self.context)
49
# Convert time stamps to nice strings
50
for k in 'pass_exp', 'acct_exp', 'last_login':
51
if user[k] is not None:
52
user[k] = unicode(user[k])
54
user['local_password'] = self.context.passhash is not None
57
class UserSettingsView(XHTMLView):
58
template = 'templates/user-settings.html'
62
def __init__(self, req, login):
63
self.context = ivle.database.User.get_by_login(req.store, login)
64
if self.context is None:
67
def populate(self, req, ctx):
68
self.plugin_scripts[Plugin] = ['settings.js']
69
req.scripts_init = ['revert_settings']
71
ctx['login'] = self.context.login
227
73
class Plugin(ViewPlugin, MediaPlugin):
229
75
The Plugin class for the user plugin.
232
forward_routes = (root_to_user,)
233
reverse_routes = (user_url,)
234
views = [(ApplicationRoot, ('users', '+index'), UsersView),
235
(ApplicationRoot, ('users', '+new'), UserNewView),
236
(User, '+index', UserEditView),
237
(User, '+admin', UserAdminView),
238
(User, '+changepassword', PasswordChangeView),
239
(User, '+resetpassword', PasswordResetView),
243
('users', 'Users', 'Display and edit all users',
244
'users.png', 'users', 90, True)
77
# Magic attribute: urls
78
# Sequence of pairs/triples of
79
# (regex str, handler class, kwargs dict)
80
# The kwargs dict is passed to the __init__ of the view object
82
('~:login/+settings', UserSettingsView),
83
('api/~:login', UserRESTView),
247
public_forward_routes = forward_routes
248
public_reverse_routes = reverse_routes
250
86
media = 'user-media'
added
removed
ivle/webapp/admin/user.py
