# Python imports from datetime import datetime import re # Django imports from django.shortcuts import render_to_response, redirect from django.core.urlresolvers import reverse from django.http import HttpResponse,JsonResponse from django.contrib.auth import authenticate, login, logout from django.contrib.auth.models import User, Group from django.core.context_processors import csrf from django.template.loader import render_to_string from django.template import RequestContext # LeakLess Monitor imports from Applications.Users.models import UserActions, AuthUser from Applications.Users.forms import UserEditInformationForm def user_get_language(request): try: user_information=AuthUser.objects.get(id= request.user.id) session_language = user_information.lang if session_language is None: session_language='en-gb' #defaultni jezik je engleski except Exception as e: session_language='en-gb' #defaultni jezik je engleski return session_language def user_set_language(request): try: user_information=AuthUser.objects.get(id= request.user.id) user_information.lang=request.GET.get('lang') user_information.save() finally: return redirect(request.META.get('HTTP_REFERER')) def user_redirect_to_login(request): return redirect(reverse('login_page')) def user_view_login(request): c = {} c.update(csrf(request)) return render_to_response('login.html', c) def user_login(request): username = request.POST['username'] password = request.POST['password'] user = authenticate(username=username, password=password) if user is not None: if user.is_active: login(request, user) return redirect(reverse('maps_page')) else: return HttpResponse("Invalid username or password") else: return HttpResponse("Invalid username or password") def user_logout(request): logout(request) return redirect(reverse('login_page')) def user_add_new_action(username, action_type, action_text_long, action_text_short, device_id): user_action_data = UserActions( timestamp = datetime.now(), actiontype = action_type, useraction_short = action_text_short, useraction_long = action_text_long, username = username, lldevice_id = device_id) user_action_data.save() def user_get_parameter_action_list(request): action_list=UserActions.objects.filter(lldevice_id= request.GET.get( 'device_id'), actiontype="PARAM_SAVE").order_by('-timestamp') return render_to_string('userParameterActionList.html', {'action_list': action_list, 'lang': user_get_language(request)}) def user_get_device(request): ua = request.META.get('HTTP_USER_AGENT', '').lower() device="desktop" if ua.find("iphone") > 0: device = "mobile" if ua.find("ipad") > 0: device = "mobile" if ua.find("android") > 0: device = "mobile" if ua.find("blackberry") > 0: device = "mobile" if ua.find("windows phone os 7") > 0: device = "mobile" if ua.find("iemobile") > 0: device = "mobile" return device def user_get_information(request): user_info={'username':request.user.username, 'email':request.user.email, 'first_name':request.user.first_name, 'last_name':request.user.last_name, 'last_login':request.user.last_login, 'is_superuser':request.user.is_superuser, 'is_staff': request.user.is_staff, 'user_groups': request.user.groups.values_list('name',flat=True), 'id':request.user.id} try: user_information=AuthUser.objects.get(id= request.user.id) user_info['role']=user_information.role user_info['is_group_admin']=user_information.is_group_admin except Exception as e: return user_info return user_info def user_id_get_information(username): try: user_information=AuthUser.objects.get(username= username) user_info={'username':user_information.username, 'email':user_information.email, 'first_name':user_information.first_name, 'last_name':user_information.last_name, 'last_login':user_information.last_login, 'account_created':user_information.date_joined, 'is_superuser':user_information.is_superuser, 'is_staff': user_information.is_staff, 'password': '****', 'id':user_information.id, 'role':user_information.role} return user_info except Exception as e: return None def group_admin_add_user(request): if request.user.is_authenticated(): response ={ 'status': 'Ok', 'action': 'Unknown', 'response_string':'', } if request.method == 'POST': username = request.POST['username'] password = request.POST['password'] password_confirm = request.POST['password_confirm'] if password != password_confirm: response['status'] = 'Error' response['response_string'] = 'Paswords do not match' return JsonResponse(response) if not group_admin_check_username(username): response['status'] = 'Error' response['response_string'] = 'User already exists' return JsonResponse(response) if not group_admin_check_max_users(request): response['status'] = 'Error' response['response_string'] = 'Maximum number of users reached' return JsonResponse(response) user_data = AuthUser(username=username, first_name='', last_name='', is_staff=0, is_superuser=0, is_group_admin=0, is_active=1, last_login=datetime.now(), date_joined=datetime.now(), role='Viewer') user_data.save() try: user_data=User.objects.get(username=username) group_list = request.user.groups.values_list('name',flat=True) group_name= group_list.first() group_data = Group.objects.get(name=group_name) group_data.user_set.add(user_data) user_data.set_password(password) if group_name=='admin': user_data.is_superuser=1 user_data.save() response['status'] = 'Ok' response['response_string'] = 'New user added' return JsonResponse(response) except Exception as e: response['status'] = 'Error' response['response_string'] = 'Unknown group' return JsonResponse(response) else: response['status'] = 'Error' response['response_string'] = 'Unknown method' return JsonResponse(response) else: return redirect(reverse('login_page')) def group_admin_set_user_information(request): if request.user.is_authenticated(): response ={ 'status': 'Ok', 'action': 'Unknown', 'response_string':'', } if request.method == 'POST': action = request.POST.get('action') if action=='edit': response['action']='Edit' username=request.POST.get('Username') user_role = request.POST.get('Role') if not group_admin_check_user_role(user_role): response['status']='Error' response['response_string']='Unknown user role' return JsonResponse(response) first_name = request.POST.get('First name') last_name = request.POST.get('Last name') user_id = request.POST.get('ID') e_mail = request.POST.get('E-mail') password = request.POST.get('Password') password_confirm = request.POST.get('Password repeat') if password != password_confirm: response['status'] = 'Error' response['response_string'] = 'Passwords do not match' return JsonResponse(response) elif not group_admin_check_password(password): response['status'] = 'Error' response['response_string'] = 'Passwords need to contain at least 6 letters' return JsonResponse(response) try: user_object=AuthUser.objects.get(id=user_id) if user_object.username != username: if not group_admin_check_username(username): response['status']='Error' response['response_string']='Username taken' return JsonResponse(response) else: user_object.username=username user_object.first_name=first_name user_object.last_name=last_name user_object.role=user_role user_object.email=e_mail user_object.save() if not (password == '*******' and password_confirm == '*******'): user_data = User.objects.get(username=username) user_data.set_password(password) user_data.save() response['status']='Ok' response['response_string']='User edited' return JsonResponse(response) except Exception as e: response['status']='Error' response['response_string']='Unknown user' return JsonResponse(response) elif action=='delete': response['action']='Delete' user_id = request.POST.get('ID') try: if(user_id==request.user.id): response['status'] = 'Error' response['response_string'] = 'Cannot delete my own account' return JsonResponse(response) user_object=User.objects.get(id=user_id) user_object.groups.clear() user_object.delete() response['status']='Ok' response['response_string']='User deleted' return JsonResponse(response) except Exception as e: response['status'] = 'Error' response['response_string'] = 'Unknown user' return JsonResponse(response) elif action == 'restore': response['action']='Restore' response['status'] = 'Error' response['response_string'] = 'Restore not supported' return JsonResponse(response) else: response['status'] = 'Error' response['response_string'] = 'Unknown action' return JsonResponse(response) response['status'] = 'Error' response['response_string'] = 'Unknown method' return JsonResponse(response) else: return None def group_admin_check_user_role(role): return True def group_admin_check_username(username): try: user_object = AuthUser.objects.get(username=username) return False except Exception as e: return True def group_admin_check_password(password): if len(password)<6: return False else: return True def group_admin_check_max_users(request): try: group_list = request.user.groups.values_list('name',flat=True) group_name= group_list.first() group = Group.objects.get(name=group_name) users = group.user_set.all() if users.all().count()<6: return True else: return False except Exception as e: return False def group_admin_get_user_information_list(request): if request.user.is_authenticated(): user_information_list=[] user_login_list=[] try: user_information=AuthUser.objects.get(username= request.user.username) except Exception as e: return "Error: User error" l = request.user.groups.values_list('name', flat=True) for group in l: if user_information.is_group_admin==1: user_list=User.objects.filter(groups__name=group) for user in user_list: if user.username == request.user.username: continue user_info=user_id_get_information(user.username) user_information_list.append(user_info) csrf_token_value = request.COOKIES['csrftoken'] if request.user.is_superuser: user_list=User.objects.all() for user in user_list: user_info=user_id_get_information(user.username) time_difference = datetime.now() - user_info['last_login'] hours, remainder = divmod(time_difference.seconds, 3600) minutes, seconds = divmod(remainder, 60) if (time_difference.days == 0): user_info['last_login_delta'] = ' %02d:%02d:%02d' % (hours, minutes, seconds) elif (time_difference.days == 1): user_info['last_login_delta'] = ('%d Day' % time_difference.days) elif (time_difference.days < 0): user_info['last_login_delta'] = '00:00:00' else: user_info['last_login_delta'] = ('%d Days' % time_difference.days) ms = (time_difference.days * 24 * 60 * 60 + time_difference.seconds) * 1000 + time_difference.microseconds / 1000.0 user_info['last_login_epoch']=ms user_login_list.append(user_info) page_render = render_to_string( 'groupAdminEditUsersForm.html',{'user_info_list' : user_information_list, 'user_login_list' : user_login_list, 'user' : request.user, 'csrf_token_value': csrf_token_value, 'lang' : user_get_language(request)}, context_instance=RequestContext(request) ) return_data={'page_render':page_render } return JsonResponse(return_data) else: return None def user_edit_information_return_form(request): if request.method == 'POST': # Ovdje je upis u bazu try: UserInfo=User.objects.get(username=request.user) except Exception as e: return HttpResponse('Error') form = UserEditInformationForm(request.POST) passwordChange=False if form.is_valid(): if (len(form.cleaned_data['password_first'])>0 or len(form.cleaned_data['password_second'])>0): if (form.cleaned_data['password_first']!=form.cleaned_data['password_second']): return HttpResponse('No match') UserInfo.set_password(form.cleaned_data['password_first']) passwordChange=True UserInfo.first_name=form.cleaned_data['first_name'] UserInfo.last_name=form.cleaned_data['last_name'] UserInfo.email=form.cleaned_data['email'] UserInfo.save() if (passwordChange): return HttpResponse('Password change') else: return HttpResponse('Ok') else: return HttpResponse('Error') else: # Ovdje je dohvat iz baze try: UserInfo=AuthUser.objects.get(username=request.user) except Exception as e: return HttpResponse('Error') user_role=UserInfo.role form = UserEditInformationForm( initial={'first_name' : request.user.first_name, 'last_name' : request.user.last_name, 'email' : request.user.email } ) if request.session.get('lang', 'en-gb') == 'hr': form.fields['first_name'].label = "Ime" form.fields['last_name'].label = "Prezime" form.fields['email'].label = "Email" form.fields['password_first'].label = "Unesite novu lozinku" form.fields['password_second'].label = "Ponovite lozinku" else: form.fields['first_name'].label = "First name" form.fields['last_name'].label = "Last name" form.fields['email'].label = "Email" form.fields['password_first'].label = "Enter new password" form.fields['password_second'].label = "Repeat password" fields = list(form) fields_user_info = fields[0:3] fields_passwords = fields[3:5] # Render list page with the documents and the form return render_to_response( 'userEditInformationForm.html',{'fields_user_info' : fields_user_info, 'fields_passwords' : fields_passwords, 'groups' : request.user.groups.values_list('name',flat=True), 'role' : user_role, 'lang' : user_get_language(request)}, context_instance=RequestContext(request) )