user profile: update ssh pk

2017-02-03 13:37:05 +08:00 · 2017-02-03 13:37:05 +08:00 · fe01f92545
parent 8a5d0b2d92
commit fe01f92545
5 changed files with 139 additions and 109 deletions
--- a/.gitignore
+++ b/.gitignore
@ -20,3 +20,4 @@ migrations/
 *.log
 host_rsa_key
 *.bat
+tags
--- a/apps/templates/base.html
+++ b/apps/templates/base.html
@ -24,9 +24,9 @@
        {% block first_login_message %}
            {% if user.is_authenticated and user.is_first_login %}
            <div class="alert alert-danger" style="margin: 20px auto 0px">
-                {% url 'users:user-first-login' as the_url %}
+                {% url 'users:user-first-login' as first_login_url %}
                {% blocktrans %}
-                Your information was incomplete. Please click <a href="{{ the_url }}"> this link </a>to complete your information.
+                Your information was incomplete. Please click <a href="{{ first_login_url }}"> this link </a>to complete your information.
                {% endblocktrans %}
            </div>
            {% endif %}
@ -34,8 +34,9 @@
        {% block update_public_key_message %}
            {% if user.is_authenticated and not user.is_public_key_valid %}
            <div class="alert alert-danger" style="margin: 20px auto 0px">
+                {% url 'users:user-profile' as profile_url %}
                {% blocktrans %}
-                Your ssh-public-key has been expired. Please click <a href="#"> this link </a>to  update your ssh-public-key.
+                Your ssh-public-key has been expired. Please click <a href="{{ profile_url }}"> this link </a>to update your ssh-public-key.
                {% endblocktrans %}
            </div>
            {% endif %}
--- a/apps/users/api.py
+++ b/apps/users/api.py
@ -1,21 +1,18 @@
 # ~*~ coding: utf-8 ~*~
-#

-from rest_framework import generics, viewsets
+from rest_framework import generics
+from rest_framework.permissions import AllowAny
 from rest_framework.response import Response
 from rest_framework.views import APIView
-from rest_framework.permissions import AllowAny
 from rest_framework_bulk import BulkModelViewSet
-# from django_filters.rest_framework import DjangoFilterBackend

+from . import serializers
+from .hands import write_login_log_async
+from .models import User, UserGroup
+from .permissions import IsSuperUser, IsValidUser, IsCurrentUserOrReadOnly
+from .utils import check_user_valid, generate_token
 from common.mixins import IDInFilterMixin
 from common.utils import get_logger
-from .utils import check_user_valid, generate_token
-from .models import User, UserGroup
-from .hands import write_login_log_async
-from .permissions import (
-    IsSuperUser, IsAppUser, IsValidUser)
-from . import serializers


 logger = get_logger(__name__)
@ -41,7 +38,7 @@ class UserResetPasswordApi(generics.UpdateAPIView):

    def perform_update(self, serializer):
        # Note: we are not updating the user object here.
-        # We just do the reset-password staff.
+        # We just do the reset-password stuff.
        import uuid
        from .utils import send_reset_password_mail
        user = self.get_object()
@ -65,6 +62,7 @@ class UserResetPKApi(generics.UpdateAPIView):
 class UserUpdatePKApi(generics.UpdateAPIView):
    queryset = User.objects.all()
    serializer_class = serializers.UserPKUpdateSerializer
+    permission_classes = (IsCurrentUserOrReadOnly,)

    def perform_update(self, serializer):
        user = self.get_object()
--- a/apps/users/permissions.py
+++ b/apps/users/permissions.py
@ -1,18 +1,7 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
-#

-import base64
-
-from django.core.cache import cache
-from django.conf import settings
-from django.utils.translation import ugettext as _
-from rest_framework import authentication, exceptions, permissions
-from rest_framework.compat import is_authenticated
-
-from common.utils import signer, get_object_or_none
-from .hands import Terminal
-from .models import User
+from rest_framework import permissions


 class IsValidUser(permissions.IsAuthenticated, permissions.BasePermission):
@ -47,5 +36,9 @@ class IsSuperUserOrAppUser(IsValidUser, permissions.BasePermission):
            and (request.user.is_superuser or request.user.is_app)


-if __name__ == '__main__':
-    pass
+class IsCurrentUserOrReadOnly(permissions.BasePermission):
+
+    def has_object_permission(self, request, view, obj):
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        return obj == request.user
--- a/apps/users/templates/users/user_profile.html
+++ b/apps/users/templates/users/user_profile.html
@ -17,22 +17,12 @@
                            <a class="collapse-link">
                                <i class="fa fa-chevron-up"></i>
                            </a>
-                            <a class="dropdown-toggle" data-toggle="dropdown" href="#">
-                                <i class="fa fa-wrench"></i>
-                            </a>
-                            <ul class="dropdown-menu dropdown-user">
-                                <li><a href="#"></a>
-                                </li>
-                                <li><a href="#"></a>
-                                </li>
-                            </ul>
                            <a class="close-link">
                                <i class="fa fa-times"></i>
                            </a>
                        </div>
                    </div>
                    <div class="ibox-content">
-                        <div>
                        <div class="text-left">
                            <table class="table">
                                <tr>
@ -102,10 +92,57 @@
                    </div>
                </div>
            </div>
+            <div class="col-sm-6">
+                <div class="ibox float-e-margins">
+                    <div class="ibox-title">
+                        <span class="label label-primary"><b>{% trans "Update Public Key" %}</b></span>
+                        <div class="ibox-tools">
+                            <a class="collapse-link">
+                                <i class="fa fa-chevron-up"></i>
+                            </a>
+                            <a class="close-link">
+                                <i class="fa fa-times"></i>
+                            </a>
+                        </div>
+                    </div>
+                    <div class="ibox-content">
+                        <p>{% trans "Paste your SSH Public Key here" %}</p>
+                        <textarea id="txt_pk" class="form-control" cols="30" rows="10" placeholder="ssh-rsa AAAAB3NzaC1yc2EAA....."></textarea>
+                        <button id="btn_update_pk" class="btn btn-primary m-t-15">{% trans 'Update' %}</button>
+                    </div>
+                </div>
            </div>
-            <div class="col-sm-6"></div>
        </div>
    </div>
 {% endblock %}
 {% block custom_foot_js %}
+<script>
+$(document).on('click', '#btn_update_pk', function() {
+    var $this = $(this);
+    var pk = $('#txt_pk').val();
+    var the_url = '{% url "api-users:user-public-key-update" pk=user.id %}';
+    var body = {'_public_key': pk};
+    var success = function() {
+        $('#txt_pk').val('');
+        var msg = "{% trans 'Successfully updated the SSH public key.' %}";
+        swal("{% trans 'User SSH Public Key Update' %}", msg, "success");
+    };
+    var fail = function() {
+        var msg = "{% trans 'Failed to update SSH public key.' %}";
+        swal({
+            title: "{% trans 'User SSH Public Key Update' %}",
+            text: msg,
+            type: "error",
+            showCancelButton: false,
+            confirmButtonColor: "#DD6B55",
+            confirmButtonText: "{% trans 'Confirm' %}",
+            closeOnConfirm: true
+            }, function () {
+              $('#txt_pk').focus();
+            }
+        );
+    }
+    APIUpdateAttr({ url: the_url, body: JSON.stringify(body), success: success, error: fail});
+})
+</script>
 {% endblock %}