2016-08-14 09:21:04 +00:00
|
|
|
# ~*~ coding: utf-8 ~*~
|
2016-08-08 16:43:11 +00:00
|
|
|
|
2016-08-23 04:18:19 +00:00
|
|
|
from __future__ import unicode_literals
|
|
|
|
|
|
2016-08-26 08:56:50 +00:00
|
|
|
import logging
|
|
|
|
|
|
2016-09-02 14:23:15 +00:00
|
|
|
from django.shortcuts import get_object_or_404, reverse, render, Http404, redirect
|
2016-08-15 13:10:30 +00:00
|
|
|
from django.urls import reverse_lazy
|
2016-09-03 11:02:18 +00:00
|
|
|
from django.utils.translation import ugettext as _
|
2016-08-15 13:10:30 +00:00
|
|
|
from django.db.models import Q
|
2016-09-01 15:09:58 +00:00
|
|
|
from django.views.generic.base import View, TemplateView
|
2016-08-14 09:21:04 +00:00
|
|
|
from django.views.generic.list import ListView
|
2016-08-25 11:29:59 +00:00
|
|
|
from django.views.generic.edit import CreateView, DeleteView, UpdateView, ProcessFormView, FormView
|
2016-08-16 14:13:06 +00:00
|
|
|
from django.views.generic.detail import DetailView
|
2016-08-23 04:18:19 +00:00
|
|
|
from django.contrib.messages.views import SuccessMessageMixin
|
2016-08-20 10:33:18 +00:00
|
|
|
from django.conf import settings
|
2016-09-01 15:09:58 +00:00
|
|
|
from django.http import HttpResponseRedirect
|
2016-09-02 16:39:06 +00:00
|
|
|
from django.contrib.auth import views as auth_view, authenticate, login, logout
|
2016-09-01 15:09:58 +00:00
|
|
|
|
|
|
|
|
from common.utils import get_object_or_none
|
2016-08-14 09:21:04 +00:00
|
|
|
|
2016-08-24 09:14:21 +00:00
|
|
|
from .models import User, UserGroup
|
2016-08-25 11:29:59 +00:00
|
|
|
from .forms import UserAddForm, UserUpdateForm, UserGroupForm, UserLoginForm
|
2016-09-01 15:09:58 +00:00
|
|
|
from .utils import AdminUserRequiredMixin, ssh_key_gen, user_add_success_next, send_reset_password_mail
|
2016-08-25 11:29:59 +00:00
|
|
|
|
|
|
|
|
|
2016-08-26 08:56:50 +00:00
|
|
|
logger = logging.getLogger('jumpserver.users.views')
|
|
|
|
|
|
|
|
|
|
|
2016-09-02 14:23:15 +00:00
|
|
|
class UserLoginView(FormView):
|
|
|
|
|
template_name = 'users/login.html'
|
|
|
|
|
form_class = UserLoginForm
|
|
|
|
|
redirect_field_name = 'next'
|
|
|
|
|
|
|
|
|
|
def get(self, request, *args, **kwargs):
|
|
|
|
|
if self.request.user.is_staff:
|
2016-09-02 16:39:06 +00:00
|
|
|
return redirect(request.POST.get(self.redirect_field_name, reverse('index')))
|
|
|
|
|
# Todo: Django have bug, lose context issue: https://github.com/django/django/pull/7202
|
|
|
|
|
# so we jump it and use origin method render_to_response
|
|
|
|
|
# return super(UserLoginView, self).get(request, *args, **kwargs)
|
|
|
|
|
return self.render_to_response(self.get_context_data(**kwargs))
|
2016-09-02 14:23:15 +00:00
|
|
|
|
|
|
|
|
def post(self, request, *args, **kwargs):
|
|
|
|
|
form = self.get_form()
|
2016-09-03 06:37:01 +00:00
|
|
|
if not form.is_valid():
|
|
|
|
|
return self.form_invalid(form)
|
|
|
|
|
|
2016-09-02 14:23:15 +00:00
|
|
|
username = form['username'].value()
|
|
|
|
|
password = form['password'].value()
|
|
|
|
|
|
|
|
|
|
user = authenticate(username=username, password=password)
|
|
|
|
|
if user is None:
|
2016-09-03 11:02:18 +00:00
|
|
|
kwargs.update({'errors': _('Username or password invalid')})
|
2016-09-02 14:23:15 +00:00
|
|
|
return self.get(request, *args, **kwargs)
|
|
|
|
|
|
|
|
|
|
login(request, user)
|
|
|
|
|
return redirect(request.GET.get(self.redirect_field_name, reverse('index')))
|
|
|
|
|
|
|
|
|
|
|
2016-09-02 16:39:06 +00:00
|
|
|
class UserLogoutView(TemplateView):
|
|
|
|
|
template_name = 'common/flash_message_standalone.html'
|
|
|
|
|
|
|
|
|
|
def get(self, request, *args, **kwargs):
|
|
|
|
|
logout(request)
|
|
|
|
|
|
|
|
|
|
return super(UserLogoutView, self).get(request)
|
|
|
|
|
|
|
|
|
|
def get_context_data(self, **kwargs):
|
|
|
|
|
context = {
|
2016-09-03 16:51:36 +00:00
|
|
|
'title': _('Logout success'),
|
|
|
|
|
'messages': _('Logout success, return login page'),
|
2016-09-02 16:39:06 +00:00
|
|
|
'redirect_url': reverse('users:login'),
|
|
|
|
|
'auto_redirect': True,
|
|
|
|
|
}
|
|
|
|
|
kwargs.update(context)
|
|
|
|
|
return super(UserLogoutView, self).get_context_data(**kwargs)
|
|
|
|
|
|
|
|
|
|
|
2016-08-28 15:58:22 +00:00
|
|
|
class UserListView(AdminUserRequiredMixin, ListView):
|
2016-08-14 09:21:04 +00:00
|
|
|
model = User
|
2016-08-20 10:33:18 +00:00
|
|
|
paginate_by = settings.CONFIG.DISPLAY_PER_PAGE
|
2016-08-14 09:21:04 +00:00
|
|
|
context_object_name = 'user_list'
|
|
|
|
|
template_name = 'users/user_list.html'
|
2016-08-15 13:10:30 +00:00
|
|
|
ordering = '-date_joined'
|
|
|
|
|
|
|
|
|
|
def get_queryset(self):
|
|
|
|
|
self.queryset = super(UserListView, self).get_queryset()
|
|
|
|
|
self.keyword = keyword = self.request.GET.get('keyword', '')
|
2016-08-18 14:29:35 +00:00
|
|
|
self.sort = sort = self.request.GET.get('sort')
|
2016-08-15 13:10:30 +00:00
|
|
|
if keyword:
|
|
|
|
|
self.queryset = self.queryset.filter(Q(username__icontains=keyword) |
|
|
|
|
|
Q(name__icontains=keyword))
|
2016-08-18 14:29:35 +00:00
|
|
|
|
|
|
|
|
if sort:
|
|
|
|
|
self.queryset = self.queryset.order_by(sort)
|
2016-08-15 13:10:30 +00:00
|
|
|
return self.queryset
|
2016-08-14 09:21:04 +00:00
|
|
|
|
|
|
|
|
def get_context_data(self, **kwargs):
|
|
|
|
|
context = super(UserListView, self).get_context_data(**kwargs)
|
2016-09-03 16:51:36 +00:00
|
|
|
context.update({'app': _('Users'), 'action': _('User list'), 'keyword': self.keyword})
|
2016-08-14 09:21:04 +00:00
|
|
|
return context
|
2016-08-09 06:42:21 +00:00
|
|
|
|
2016-08-14 11:18:41 +00:00
|
|
|
|
2016-08-28 15:58:22 +00:00
|
|
|
class UserAddView(AdminUserRequiredMixin, SuccessMessageMixin, CreateView):
|
2016-08-14 11:18:41 +00:00
|
|
|
model = User
|
2016-08-17 14:17:16 +00:00
|
|
|
form_class = UserAddForm
|
2016-08-14 11:18:41 +00:00
|
|
|
template_name = 'users/user_add.html'
|
2016-08-15 13:10:30 +00:00
|
|
|
success_url = reverse_lazy('users:user-list')
|
2016-09-03 16:51:36 +00:00
|
|
|
success_message = _('Create user<a href="%s">%s</a> success.')
|
2016-08-15 13:10:30 +00:00
|
|
|
|
|
|
|
|
def get_context_data(self, **kwargs):
|
|
|
|
|
context = super(UserAddView, self).get_context_data(**kwargs)
|
2016-09-03 16:51:36 +00:00
|
|
|
context.update({'app': _('Users'), 'action': _('Create user')})
|
2016-08-15 13:10:30 +00:00
|
|
|
return context
|
2016-08-14 11:18:41 +00:00
|
|
|
|
2016-08-15 16:09:48 +00:00
|
|
|
def form_valid(self, form):
|
2016-08-24 09:14:21 +00:00
|
|
|
user = form.save(commit=False)
|
|
|
|
|
user.created_by = self.request.user.username or 'System'
|
2016-08-16 14:13:06 +00:00
|
|
|
user.save()
|
2016-08-31 17:12:02 +00:00
|
|
|
user_add_success_next(user)
|
2016-08-15 16:09:48 +00:00
|
|
|
return super(UserAddView, self).form_valid(form)
|
|
|
|
|
|
2016-08-23 04:18:19 +00:00
|
|
|
def get_success_message(self, cleaned_data):
|
|
|
|
|
return self.success_message % (
|
|
|
|
|
reverse_lazy('users:user-detail', kwargs={'pk': self.object.pk}),
|
|
|
|
|
self.object.name,
|
|
|
|
|
)
|
|
|
|
|
|
2016-08-15 16:09:48 +00:00
|
|
|
|
2016-08-28 15:58:22 +00:00
|
|
|
class UserUpdateView(AdminUserRequiredMixin, UpdateView):
|
2016-08-15 16:09:48 +00:00
|
|
|
model = User
|
2016-08-17 14:17:16 +00:00
|
|
|
form_class = UserUpdateForm
|
2016-08-15 16:09:48 +00:00
|
|
|
template_name = 'users/user_edit.html'
|
2016-08-17 14:17:16 +00:00
|
|
|
context_object_name = 'user'
|
2016-08-15 16:09:48 +00:00
|
|
|
success_url = reverse_lazy('users:user-list')
|
|
|
|
|
|
|
|
|
|
def form_valid(self, form):
|
2016-08-17 14:17:16 +00:00
|
|
|
username = self.object.username
|
|
|
|
|
user = form.save(commit=False)
|
|
|
|
|
user.username = username
|
|
|
|
|
user.save()
|
2016-08-16 14:13:06 +00:00
|
|
|
password = self.request.POST.get('password', '')
|
2016-08-15 16:09:48 +00:00
|
|
|
if password:
|
|
|
|
|
user.set_password(password)
|
|
|
|
|
return super(UserUpdateView, self).form_valid(form)
|
2016-08-16 14:13:06 +00:00
|
|
|
|
2016-08-22 16:39:07 +00:00
|
|
|
def form_invalid(self, form):
|
|
|
|
|
print(form.errors)
|
|
|
|
|
return super(UserUpdateView, self).form_invalid(form)
|
|
|
|
|
|
2016-08-25 05:56:49 +00:00
|
|
|
def get_context_data(self, **kwargs):
|
|
|
|
|
context = super(UserUpdateView, self).get_context_data(**kwargs)
|
2016-09-03 16:51:36 +00:00
|
|
|
context.update({'app': _('Users'), 'action': _('Edit user')})
|
2016-08-25 05:56:49 +00:00
|
|
|
return context
|
|
|
|
|
|
2016-08-16 14:13:06 +00:00
|
|
|
|
2016-08-28 15:58:22 +00:00
|
|
|
class UserDeleteView(AdminUserRequiredMixin, DeleteView):
|
2016-08-16 14:13:06 +00:00
|
|
|
model = User
|
|
|
|
|
success_url = reverse_lazy('users:user-list')
|
|
|
|
|
template_name = 'users/user_delete_confirm.html'
|
|
|
|
|
|
|
|
|
|
|
2016-08-28 15:58:22 +00:00
|
|
|
class UserDetailView(AdminUserRequiredMixin, DetailView):
|
2016-08-16 14:13:06 +00:00
|
|
|
model = User
|
|
|
|
|
template_name = 'users/user_detail.html'
|
2016-08-16 16:14:56 +00:00
|
|
|
context_object_name = "user"
|
2016-08-16 16:23:52 +00:00
|
|
|
|
|
|
|
|
def get_context_data(self, **kwargs):
|
2016-08-17 16:47:34 +00:00
|
|
|
groups = [group for group in UserGroup.objects.iterator() if group not in self.object.groups.iterator()]
|
2016-09-04 11:05:47 +00:00
|
|
|
context = {'app': _('Users'), 'action': _('User detail'), 'groups': groups}
|
|
|
|
|
kwargs.update(context)
|
|
|
|
|
return super(UserDetailView, self).get_context_data(**kwargs)
|
2016-08-18 17:39:08 +00:00
|
|
|
|
|
|
|
|
|
2016-08-28 15:58:22 +00:00
|
|
|
class UserGroupListView(AdminUserRequiredMixin, ListView):
|
2016-08-18 17:39:08 +00:00
|
|
|
model = UserGroup
|
2016-08-23 09:14:08 +00:00
|
|
|
paginate_by = settings.CONFIG.DISPLAY_PER_PAGE
|
2016-08-18 17:39:08 +00:00
|
|
|
context_object_name = 'usergroup_list'
|
|
|
|
|
template_name = 'users/usergroup_list.html'
|
|
|
|
|
ordering = '-date_added'
|
|
|
|
|
|
|
|
|
|
def get_queryset(self):
|
|
|
|
|
self.queryset = super(UserGroupListView, self).get_queryset()
|
|
|
|
|
self.keyword = keyword = self.request.GET.get('keyword', '')
|
|
|
|
|
self.sort = sort = self.request.GET.get('sort')
|
|
|
|
|
if keyword:
|
|
|
|
|
self.queryset = self.queryset.filter(name__icontains=keyword)
|
|
|
|
|
|
|
|
|
|
if sort:
|
|
|
|
|
self.queryset = self.queryset.order_by(sort)
|
|
|
|
|
return self.queryset
|
|
|
|
|
|
|
|
|
|
def get_context_data(self, **kwargs):
|
|
|
|
|
context = super(UserGroupListView, self).get_context_data(**kwargs)
|
2016-09-03 16:51:36 +00:00
|
|
|
context.update({'app': _('Users'), 'action': _('Usergroup list'), 'keyword': self.keyword})
|
2016-08-18 17:39:08 +00:00
|
|
|
return context
|
|
|
|
|
|
|
|
|
|
|
2016-08-28 15:58:22 +00:00
|
|
|
class UserGroupAddView(AdminUserRequiredMixin, CreateView):
|
2016-08-18 17:39:08 +00:00
|
|
|
model = UserGroup
|
|
|
|
|
form_class = UserGroupForm
|
|
|
|
|
template_name = 'users/usergroup_add.html'
|
|
|
|
|
success_url = reverse_lazy('users:usergroup-list')
|
|
|
|
|
|
|
|
|
|
def get_context_data(self, **kwargs):
|
|
|
|
|
context = super(UserGroupAddView, self).get_context_data(**kwargs)
|
|
|
|
|
users = User.objects.all()
|
2016-09-03 16:51:36 +00:00
|
|
|
context.update({'app': _('Users'), 'action': _('Create usergroup'), 'users': users})
|
2016-08-18 17:39:08 +00:00
|
|
|
return context
|
|
|
|
|
|
|
|
|
|
def form_valid(self, form):
|
|
|
|
|
usergroup = form.save()
|
|
|
|
|
users_id_list = self.request.POST.getlist('users', [])
|
|
|
|
|
users = [get_object_or_404(User, id=user_id) for user_id in users_id_list]
|
|
|
|
|
usergroup.created_by = self.request.user.username or 'Admin'
|
2016-08-25 05:28:02 +00:00
|
|
|
usergroup.users.add(*tuple(users))
|
2016-08-18 17:39:08 +00:00
|
|
|
usergroup.save()
|
|
|
|
|
return super(UserGroupAddView, self).form_valid(form)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class UserGroupUpdateView(UpdateView):
|
|
|
|
|
pass
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class UserGroupDetailView(DetailView):
|
|
|
|
|
pass
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class UserGroupDeleteView(DeleteView):
|
|
|
|
|
pass
|
2016-08-31 12:39:25 +00:00
|
|
|
|
|
|
|
|
|
2016-09-01 15:09:58 +00:00
|
|
|
class UserForgetPasswordView(TemplateView):
|
|
|
|
|
template_name = 'users/forget_password.html'
|
2016-08-31 12:39:25 +00:00
|
|
|
|
2016-09-01 15:09:58 +00:00
|
|
|
def post(self, request, *args, **kwargs):
|
|
|
|
|
email = request.POST.get('email')
|
|
|
|
|
user = get_object_or_none(User, email=email)
|
|
|
|
|
if not user:
|
2016-09-03 16:51:36 +00:00
|
|
|
return self.get(request, errors=_('Email address invalid, input again'))
|
2016-09-01 15:09:58 +00:00
|
|
|
else:
|
|
|
|
|
send_reset_password_mail(user)
|
|
|
|
|
return HttpResponseRedirect(reverse('users:forget-password-sendmail-success'))
|
2016-08-31 12:39:25 +00:00
|
|
|
|
2016-09-01 15:09:58 +00:00
|
|
|
|
|
|
|
|
class UserForgetPasswordSendmailSuccessView(TemplateView):
|
|
|
|
|
template_name = 'common/flash_message_standalone.html'
|
|
|
|
|
|
|
|
|
|
def get_context_data(self, **kwargs):
|
|
|
|
|
context = {
|
2016-09-03 16:51:36 +00:00
|
|
|
'title': _('Send reset password message'),
|
|
|
|
|
'messages': _('Send reset password mail success, login your mail box and follow it '),
|
2016-09-01 15:09:58 +00:00
|
|
|
'redirect_url': reverse('users:login'),
|
|
|
|
|
}
|
|
|
|
|
kwargs.update(context)
|
|
|
|
|
return super(UserForgetPasswordSendmailSuccessView, self).get_context_data(**kwargs)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class UserResetPasswordSuccessView(TemplateView):
|
|
|
|
|
template_name = 'common/flash_message_standalone.html'
|
|
|
|
|
|
|
|
|
|
def get_context_data(self, **kwargs):
|
|
|
|
|
context = {
|
2016-09-03 16:51:36 +00:00
|
|
|
'title': _('Reset password success'),
|
|
|
|
|
'messages': _('Reset password success, return to login page'),
|
2016-09-01 15:09:58 +00:00
|
|
|
'redirect_url': reverse('users:login'),
|
2016-09-02 16:39:06 +00:00
|
|
|
'auto_redirect': True,
|
2016-09-01 15:09:58 +00:00
|
|
|
}
|
|
|
|
|
kwargs.update(context)
|
|
|
|
|
return super(UserResetPasswordSuccessView, self).get_context_data(**kwargs)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class UserResetPasswordView(TemplateView):
|
|
|
|
|
template_name = 'users/reset_password.html'
|
|
|
|
|
|
2016-09-02 10:10:26 +00:00
|
|
|
def get(self, request, *args, **kwargs):
|
|
|
|
|
token = request.GET.get('token')
|
|
|
|
|
user = User.validate_reset_token(token)
|
|
|
|
|
|
|
|
|
|
if not user:
|
2016-09-03 16:51:36 +00:00
|
|
|
kwargs.update({'errors': _('Token invalid or expired')})
|
2016-09-02 10:10:26 +00:00
|
|
|
return super(UserResetPasswordView, self).get(request, *args, **kwargs)
|
|
|
|
|
|
2016-09-01 15:09:58 +00:00
|
|
|
def post(self, request, *args, **kwargs):
|
|
|
|
|
password = request.POST.get('password')
|
|
|
|
|
password_confirm = request.POST.get('password-confirm')
|
|
|
|
|
token = request.GET.get('token')
|
|
|
|
|
|
|
|
|
|
if password != password_confirm:
|
2016-09-03 16:51:36 +00:00
|
|
|
return self.get(request, errors=_('Password not same'))
|
2016-09-01 15:09:58 +00:00
|
|
|
|
2016-09-02 10:10:26 +00:00
|
|
|
user = User.validate_reset_token(token)
|
|
|
|
|
if not user:
|
2016-09-03 16:51:36 +00:00
|
|
|
return self.get(request, errors=_('Token invalid or expired'))
|
2016-09-01 15:09:58 +00:00
|
|
|
|
2016-09-02 10:10:26 +00:00
|
|
|
user.reset_password(password)
|
2016-09-01 15:09:58 +00:00
|
|
|
return HttpResponseRedirect(reverse('users:reset-password-success'))
|
