mpeltriaux
8f40162974
* writes test for sharing using the API * fixes bug on frontend form where an exception occured on generating a new API token if no token existed, yet * adds permission constraint (default group) for using the api in general * fixes default-group-only behaviour for sharing-API, so users can only add new users and not removing them, as long as they do not have any other group membership like registration or conservation office * changes 'ksptoken' to 'Ksptoken' to match CGI standard for http header keys
163 lines
4.9 KiB
Python
163 lines
4.9 KiB
Python
"""
|
|
Author: Michel Peltriaux
|
|
Organization: Struktur- und Genehmigungsdirektion Nord, Rhineland-Palatinate, Germany
|
|
Contact: michel.peltriaux@sgdnord.rlp.de
|
|
Created on: 08.07.21
|
|
|
|
"""
|
|
from django import forms
|
|
from django.db import IntegrityError
|
|
from django.urls import reverse, reverse_lazy
|
|
from django.utils.translation import gettext_lazy as _
|
|
|
|
from api.models import APIUserToken
|
|
from intervention.inputs import GenerateInput
|
|
from user.models import User
|
|
|
|
from konova.forms import BaseForm, BaseModalForm
|
|
from user.models import UserNotification
|
|
|
|
|
|
class UserNotificationForm(BaseForm):
|
|
""" Form for changing the notification settings of a user
|
|
|
|
"""
|
|
notifications = forms.MultipleChoiceField(
|
|
label_suffix="",
|
|
label=_("Notifications"),
|
|
required=False, # allow total disabling of all notifications
|
|
help_text=_("Select the situations when you want to receive a notification"),
|
|
widget=forms.CheckboxSelectMultiple(
|
|
attrs={
|
|
"class": "list-unstyled",
|
|
}
|
|
),
|
|
choices=[]
|
|
)
|
|
|
|
def __init__(self, user: User, *args, **kwargs):
|
|
super().__init__(*args, **kwargs)
|
|
self.user = user
|
|
self.form_title = _("Edit notifications")
|
|
self.form_caption = _("")
|
|
self.action_url = reverse("user:notifications")
|
|
self.cancel_redirect = reverse("user:index")
|
|
|
|
# Insert all notifications into form field by creating choices as tuples
|
|
notifications = UserNotification.objects.filter(
|
|
is_active=True,
|
|
)
|
|
choices = []
|
|
for n in notifications:
|
|
choices.append(
|
|
(n.id, _(n.name))
|
|
)
|
|
self.fields["notifications"].choices = choices
|
|
|
|
users_current_notifications = self.user.notifications.all()
|
|
users_current_notifications = [str(n.id) for n in users_current_notifications]
|
|
self.fields["notifications"].initial = users_current_notifications
|
|
|
|
def save(self):
|
|
""" Stores the changes in the user konova_extension
|
|
|
|
Returns:
|
|
|
|
"""
|
|
selected_notification_ids = self.cleaned_data.get("notifications", [])
|
|
notifications = UserNotification.objects.filter(
|
|
id__in=selected_notification_ids,
|
|
)
|
|
self.user.notifications.set(notifications)
|
|
|
|
|
|
class UserContactForm(BaseModalForm):
|
|
name = forms.CharField(
|
|
label=_("Username"),
|
|
label_suffix="",
|
|
required=False,
|
|
widget=forms.TextInput(
|
|
attrs={
|
|
"readonly": True,
|
|
"class": "form-control",
|
|
}
|
|
),
|
|
)
|
|
person_name = forms.CharField(
|
|
label=_("Person name"),
|
|
label_suffix="",
|
|
required=False,
|
|
widget=forms.TextInput(
|
|
attrs={
|
|
"readonly": True,
|
|
"class": "form-control",
|
|
}
|
|
),
|
|
)
|
|
mail = forms.EmailField(
|
|
label=_("E-Mail"),
|
|
label_suffix="",
|
|
required=False,
|
|
widget=forms.TextInput(
|
|
attrs={
|
|
"readonly": True,
|
|
"class": "form-control",
|
|
}
|
|
),
|
|
)
|
|
|
|
def __init__(self, *args, **kwargs):
|
|
super().__init__(*args, **kwargs)
|
|
self.render_submit = False
|
|
self.form_title = _("User contact data")
|
|
self.form_caption = ""
|
|
|
|
self.initialize_form_field("name", self.instance.username)
|
|
self.initialize_form_field("person_name", "{} {}".format(self.instance.first_name, self.instance.last_name))
|
|
self.initialize_form_field("mail", self.instance.email)
|
|
|
|
|
|
class UserAPITokenForm(BaseForm):
|
|
token = forms.CharField(
|
|
label=_("Token"),
|
|
label_suffix="",
|
|
max_length=255,
|
|
required=True,
|
|
help_text=_("Generated automatically"),
|
|
widget=GenerateInput(
|
|
attrs={
|
|
"class": "form-control",
|
|
"url": reverse_lazy("api:generate-new-token"),
|
|
}
|
|
)
|
|
)
|
|
|
|
def __init__(self, *args, **kwargs):
|
|
super().__init__(*args, **kwargs)
|
|
self.form_title = _("Create new token")
|
|
self.form_caption = _("A new token needs to be validated by an administrator!")
|
|
|
|
self.action_url = reverse("user:api-token")
|
|
self.cancel_redirect = reverse("user:index")
|
|
|
|
# Make direct token editing by user impossible. Instead set the proper url for generating a new token
|
|
self.initialize_form_field("token", None)
|
|
self.fields["token"].widget.attrs["readonly"] = True
|
|
|
|
def save(self):
|
|
""" Saves the form data
|
|
|
|
Returns:
|
|
api_token (APIUserToken)
|
|
"""
|
|
user = self.instance
|
|
new_token = self.cleaned_data["token"]
|
|
if user.api_token is not None:
|
|
user.api_token.delete()
|
|
new_token = APIUserToken.objects.create(
|
|
token=new_token
|
|
)
|
|
user.api_token = new_token
|
|
user.save()
|
|
return new_token
|