# -*- coding: utf-8 -*- from django.contrib import auth from django.contrib.auth import logout from django.http import Http404 from django.shortcuts import redirect from access.models import User, ActionJ, Document from lms.tools import random_string, condition_factory, check_role from lms.decors import response_decor from courses.tools import get_user_achievements, get_user_diploms, get_user_completed_courses_count, \ get_user_skills_size_count, get_user_achievements_count from courses.tools import get_user_skills from journals.models import TeacherJ from management.letters import sent_forgot_password from finance.models import Bill from management.models import Comment from library.models import Article @response_decor(template='index.html', without_auth=True) def activate_email(request): # Активация пользователя через почту if request.GET.get('token') and request.GET.get('email'): try: email = request.GET['email'].lower() user = User.objects.get(email=email, token=request.GET['token']) except User.DoesNotExist: return {'redirect': '/404/?error=Ссылка устарела. Дождитесь письма с актуальной ссылкой'} else: user.email = user.changed_email user.save() user.change_token() return {'DIALOG': 'activate_email'} else: # TODO: Отправлять пользователя в тупиковую страницу, а не на 404 raise Http404 @response_decor(template='index.html', without_auth=True) def accept_forgot(request): # Подтверждение почты при восстановлении if request.GET.get('token') and request.GET.get('email'): try: email = request.GET['email'].lower() user = User.objects.get(email=email, token=request.GET['token']) except User.DoesNotExist: return {'redirect': '/404/?error=Ссылка устарела. Дождитесь письма с актуальной ссылкой'} else: pas = random_string(length=6).upper() user.set_password(pas) user.change_token() sent_forgot_password(user, pas) return {'DIALOG': 'accept_forgot'} else: # TODO: Отправлять пользователя в тупиковую страницу, а не на 404 raise Http404 @response_decor(template='activation.html', without_auth=True) def activate(request): # Страница активации пользователя condition = condition_factory([ {'condition': request.GET.get('email'), 'error': u'Поле пользователя передано не корректно'}, {'condition': request.GET.get('token'), 'error': u'Поле токена передано не корректно'}, {'condition': request.GET.get('step'), 'error': u'Не верно передан этап'} ]) if condition['code'] == '1': try: email = request.GET['email'].lower() user = User.objects.get(email=email, token=request.GET['token']) except User.DoesNotExist: return {'redirect': '/404/?error=Ссылка устарела. Дождитесь письма с актуальной ссылкой'} else: if not user.is_active or user.reg_status != '4': user.save() return {'step': user.reg_status, 'token': request.GET['token'], 'email': email, 'phone': user.phone if user.phone else None} else: raise Http404 else: raise Http404 @response_decor(template='profile.html', without_auth=True) def profile(request): if request.user.is_authenticated(): checker = check_role(request.user, 'U') if checker['result']: courses = [i.get_head_face() for i in TeacherJ.objects.filter(student=request.user, course__public=True).exclude(progress=0)] return {'in_user': None, 'courses': courses, 'achievements': get_user_achievements(request.user), 'skills': get_user_skills(request.user), 'diploms': get_user_diploms(request.user), 'completed_courses': get_user_completed_courses_count(request.user), 'got_achievements': get_user_achievements_count(request.user), 'skills_size': get_user_skills_size_count(request.user), 'documents': Document.objects.filter(user=request.user), 'b_bills': Bill.objects.filter(user=request.user), 'articles': [i.get_face(request.user) for i in Article.objects.filter(views__id=request.user.id)], 'forum_ask': Comment.objects.filter(owner=request.user, status='Q'), 'forum_ans': { 'all': Comment.objects.filter(owner=request.user, status='Q2'), 'best': Comment.objects.filter(owner=request.user, status='Q2', best=True).count() } } else: return checker else: return {'redirect': '/access/auth_error/'} @response_decor(template='profile.html', without_auth=True) def profile_view(request, view_id): if view_id: try: user = User.objects.get(interactive_key=view_id) except User.DoesNotExist: raise Http404 else: if request.user.is_authenticated() and request.user.is_admin: go = True else: go = False if user.private == 'A' or user.private == 'L': go = True elif user.private == 'U': if request.user.is_authenticated() and request.user.is_active: go = True elif user.private == 'B': if request.user == user: go = True if go: courses = [i.get_head_face() for i in TeacherJ.objects.filter(student=user, course__public=True).exclude(progress=0)] return {'in_user': user, 'courses': courses, 'achievements': get_user_achievements(user), 'skills': get_user_skills(user), 'diploms': get_user_diploms(user), 'articles': [i.get_face(user) for i in Article.objects.filter(views__id=user.id)], 'completed_courses': get_user_completed_courses_count(user), 'got_achievements': get_user_achievements_count(user), 'skills_size': get_user_skills_size_count(user), 'forum_ask': Comment.objects.filter(owner=user, status='Q'), 'forum_ans': { 'all': Comment.objects.filter(owner=user, status='Q2'), 'best': Comment.objects.filter(owner=user, status='Q2', best=True).count() }} else: raise Http404 def logout_in(request): logout(request) return redirect('/') @response_decor(template='index.html') def come_off(request): # Деактивация подписок context = {'code': 'error'} condition = condition_factory([ {'condition': request.GET.get('token'), 'error': u'В запросе не обнаружен токен'}, {'condition': request.GET.get('right'), 'error': u'В запросе не обнаружено изменяемое право'} ]) if condition['code'] == '1': try: user = User.objects.get(token=request.GET['token']) except User.DoesNotExist: context['response'] = u'Запрос не обработан' else: if user.rights.check_right(user, request.GET['right']): if request.GET['right'] == 'feedback_follow': user.rights.set_right('feedback_follow', False) context['response'] = u'Подписка деактивирована' context['code'] = u'info' elif request.GET['right'] == 'news_follow': user.rights.set_right('news_follow', False) context['response'] = u'Подписка деактивирована' context['code'] = u'info' else: context[ 'response'] = u'Вы указали право, на которое не распространяется функция быстрого отключения' else: context['response'] = u'Вы уже описаны от данной рассылки' else: context['response'] = condition['response'] context['code'] = '0' return {'response': context['response'], 'code': context['code']} @response_decor(template='auth_error.html', without_auth=True) def auth_error(request): # Запрешен доступ - кабинет менеджера, пепода и.т.д. return {} @response_decor(template='access_error.html', without_auth=True) def access_error(request): # Закрытая страница - не открытый урок, дз и.т.д. return {} @response_decor(template='by_error.html', without_auth=True) def by_error(request): # Запрещен доступ по подпискеs return {} @response_decor(template='all_actions.html', without_auth=False) def all_actions(request): # Страница событий return {'b_actions': ActionJ.objects.filter(student=request.user).order_by('-id')} @response_decor(template='index.html', without_auth=True) def fast_auth(request): # Авторизация по кнопке # FIXME: Усилить проверку if request.POST.get('email') and request.POST.get('password'): email = request.POST['email'].lower() user = auth.authenticate(email=email, password=request.POST['password']) if user is not None: auth.login(request, user) return {'redirect': '/'}