You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
491 lines
21 KiB
491 lines
21 KiB
# coding=utf-8
|
|
import datetime
|
|
from django.contrib import auth
|
|
from django.http import Http404
|
|
from access.models import User, Subscription, sent_registration
|
|
from lms.decors import api_decor
|
|
from lms.regex import check_email
|
|
from lms.tools import condition_factory, check_set_password
|
|
from management.letters import sent_active_new_email, sent_good_activation, sent_accept_forgot
|
|
|
|
|
|
@api_decor(without_auth=True)
|
|
def search_user(request, context):
|
|
context['code'] = '0'
|
|
if request.user.is_authenticated():
|
|
if request.GET.get('user'):
|
|
context['code'] = '1' if User.objects.filter(email=request.GET.get('user')).exists() else '0'
|
|
|
|
return context
|
|
|
|
|
|
@api_decor(without_auth=False)
|
|
def find_user(request, context):
|
|
if request.user.is_authenticated() and request.user.in_role in ['T', 'S2', 'A']:
|
|
if request.GET.get('user'):
|
|
context['code'] = '1'
|
|
context['data'] = [{'str': str(user), 'ava': user.get_image_url(), 'email': user.email, 'id': user.id} for user in User.objects.filter(email__icontains=request.GET['user'])]
|
|
else:
|
|
context['response'] = u'Параметры не переданы'
|
|
context['code'] = '0'
|
|
return context
|
|
else:
|
|
raise Http404
|
|
|
|
|
|
@api_decor(without_auth=False)
|
|
def change_private(request, context):
|
|
if 'type' in request.POST:
|
|
request.user.private = request.POST['type']
|
|
request.user.save()
|
|
return context
|
|
|
|
|
|
@api_decor(without_auth=False)
|
|
def resent_active_email(request, context):
|
|
sent_registration(request.user, title=u'Повторное письмо активации')
|
|
context['code'] = '1'
|
|
return context
|
|
|
|
|
|
@api_decor(without_auth=True)
|
|
def check_auth(request, context):
|
|
if request.user.is_authenticated():
|
|
context['code'] = '0'
|
|
else:
|
|
context['code'] = '1'
|
|
|
|
return context
|
|
|
|
|
|
@api_decor(without_auth=True)
|
|
def logout(request, context):
|
|
if request.user.is_authenticated():
|
|
context['code'] = '0'
|
|
else:
|
|
context['code'] = '1'
|
|
|
|
return context
|
|
|
|
|
|
@api_decor(without_auth=False)
|
|
def send_settings_data(request, context):
|
|
# Изменение данных пользователя
|
|
context['code'] = '0'
|
|
request.user.oname = request.POST['user_settings_oname']
|
|
request.user.avatar = request.POST['avatar_code']
|
|
request.user.city = request.POST['user_settings_city']
|
|
if request.POST.get('user_settings_bday'):
|
|
try:
|
|
request.user.b_day = datetime.datetime.strptime(request.POST['user_settings_bday'], '%d.%m.%Y').date()
|
|
except ValueError:
|
|
context['response'] = u'Дата рождения указана в неверном формате. Пример: 18.11.1990'
|
|
return context
|
|
|
|
if request.POST.get('user_settings_fname'):
|
|
request.user.fname = request.POST['user_settings_fname']
|
|
else:
|
|
context['response'] = u'Укажите вашу фамилию'
|
|
return context
|
|
|
|
if request.POST.get('user_settings_name'):
|
|
request.user.name = request.POST['user_settings_name']
|
|
else:
|
|
context['response'] = u'Укажите ваше имя'
|
|
return context
|
|
|
|
if request.POST.get('user_settings_phone'):
|
|
if request.user.phone != request.POST['user_settings_phone']:
|
|
request.user.back_phone = request.user.phone
|
|
request.user.phone = request.POST['user_settings_phone']
|
|
else:
|
|
context['response'] = u'Укажите ваш телефон'
|
|
return context
|
|
|
|
if request.POST.get('user_settings_email') and check_email(request.POST['user_settings_email']):
|
|
if request.POST['user_settings_email'].lower() != request.user.email:
|
|
email = request.POST['user_settings_email'].lower()
|
|
if not User.objects.filter(email=email).exists():
|
|
request.user.changed_email = request.POST['user_settings_email'].lower()
|
|
request.user.change_token()
|
|
sent_active_new_email(request.user)
|
|
context['response'] = u'Данные изменены. Для изменения поля email, необходимо подтвердить владение ' \
|
|
u'им. На указанный почтовый ящик выслано письмо активации.'
|
|
else:
|
|
context['response'] = u'Пользователь с таким email уже существует'
|
|
return context
|
|
|
|
else:
|
|
context['response'] = u'Укажите ваш email'
|
|
return context
|
|
|
|
context['code'] = '1'
|
|
request.user.save()
|
|
return context
|
|
|
|
|
|
@api_decor(without_auth=False)
|
|
def get_settings_data(request, context):
|
|
# Отправка данных пользователя
|
|
context['code'] = '1'
|
|
context['data'] = {
|
|
'short_name': request.user.get_short_name(),
|
|
'avatar_code': request.user.avatar,
|
|
'avatar': request.user.get_image_url(type_in='big'),
|
|
'fname': request.user.fname,
|
|
'name': request.user.name,
|
|
'oname': request.user.oname,
|
|
'phone': request.user.get_phone(),
|
|
'email': request.user.email,
|
|
'city': request.user.city,
|
|
'bday': ''
|
|
}
|
|
if request.user.b_day:
|
|
context['data']['bday'] = '{0}.{1}.{2}'.format(request.user.b_day.day, request.user.b_day.month, request.user.b_day.year)
|
|
|
|
return context
|
|
|
|
|
|
@api_decor(without_auth=False)
|
|
def send_subscription_data(request, context):
|
|
# Сохранение выбора подписок
|
|
context['code'] = '1'
|
|
subscription = Subscription.objects.get(owner=request.user)
|
|
right_map = subscription.right_map(None)
|
|
context['data'] = []
|
|
for i, x in right_map.items():
|
|
if 'subscription_{0}'.format(i) in request.POST:
|
|
if not x:
|
|
subscription.set_right(i, True)
|
|
else:
|
|
if x:
|
|
subscription.set_right(i, False)
|
|
|
|
return context
|
|
|
|
|
|
@api_decor(without_auth=False)
|
|
def get_subscription_data(request, context):
|
|
# Получение подписок пользователя
|
|
context['code'] = '1'
|
|
context['data'] = {}
|
|
subscription, c = Subscription.objects.get_or_create(owner=request.user)
|
|
for i, n in subscription.right_map(None).items():
|
|
context['data'][i] = n
|
|
return context
|
|
|
|
|
|
@api_decor(without_auth=False)
|
|
def change_password(request, context):
|
|
# Изменение данных о профиле
|
|
context['data'] = []
|
|
if request.POST.get('old_password'):
|
|
old_password = request.POST['old_password']
|
|
if request.user.check_password(old_password):
|
|
if request.POST.get('password1'):
|
|
password1 = request.POST['password1']
|
|
ps, ms = check_set_password(request.POST['password1'])
|
|
if not ps:
|
|
context['response'] = ms
|
|
context['code'] = '0'
|
|
else:
|
|
if request.POST.get('password2'):
|
|
password2 = request.POST['password2']
|
|
if password1 == password2:
|
|
user = User.objects.get(id=request.user.id)
|
|
user.set_password(password1)
|
|
user.save()
|
|
user._set_to_sync()
|
|
context['response'] = u'Пароль изменен. Авторизуйтесь используя новый пароль.'
|
|
context['code'] = '1'
|
|
else:
|
|
context['response'] = u'Новые пароли не совпадают'
|
|
context['code'] = '0'
|
|
else:
|
|
context['response'] = u'Повторите введеный пароль'
|
|
context['code'] = '0'
|
|
else:
|
|
context['response'] = u'Поле нового пароля не заполнено'
|
|
context['code'] = '0'
|
|
else:
|
|
context['response'] = u'Старый пароль введен не верно'
|
|
context['code'] = '0'
|
|
else:
|
|
context['response'] = u'Поле старого пароля не заполнено'
|
|
context['code'] = '0'
|
|
return context
|
|
|
|
|
|
@api_decor(without_auth=False, need_keys=['id'], method='GET', check_request=True)
|
|
def get_user_role(request, context):
|
|
# Получение роли пользователя для руководителя в его профиле
|
|
# TODO: Убрать изменение ролей из профиля пользователя
|
|
if request.user.in_role == 'S' or request.user.in_role == 'A':
|
|
try:
|
|
user = User.objects.get(id=request.GET['id'])
|
|
except User.DoesNotExist:
|
|
context['code'] = '0'
|
|
else:
|
|
context['code'] = '1'
|
|
context['data'] = user.in_role
|
|
else:
|
|
raise Http404
|
|
return context
|
|
|
|
|
|
@api_decor(without_auth=False, need_keys=['new_role_user_id', 'new_role_name'], method='GET', check_request=True)
|
|
def new_role(request, context):
|
|
# Присвоение роли в профиле руководителя
|
|
# TODO: Убрать присвоение
|
|
if request.user.in_role == 'S' or request.user.in_role == 'A':
|
|
try:
|
|
user = User.objects.get(id=request.GET['new_role_user_id'])
|
|
except User.DoesNotExist:
|
|
raise Http404
|
|
else:
|
|
user.in_role = request.GET['new_role_name']
|
|
user.save()
|
|
context['code'] = '1'
|
|
else:
|
|
raise Http404
|
|
return context
|
|
|
|
|
|
@api_decor(without_auth=True)
|
|
def check_active(request, context):
|
|
# Проверка статуса активации пользователя
|
|
# Используется для доступов
|
|
if request.user.is_active and request.user.reg_status == '4':
|
|
context['code'] = '1'
|
|
else:
|
|
context['code'] = '0'
|
|
return context
|
|
|
|
|
|
@api_decor(without_auth=True)
|
|
def reg_step(request, context):
|
|
# Процедура активации пользователя
|
|
condition = condition_factory([
|
|
{'condition': request.POST.get('email'), 'error': u'Не верно передан email'},
|
|
{'condition': request.POST.get('token'), 'error': u'Не верно передан токен'},
|
|
{'condition': request.POST.get('step'), 'error': u'Не верно передн этап'}, ])
|
|
context['data'] = {}
|
|
if condition['code'] == '1':
|
|
try:
|
|
email = request.POST['email'].lower()
|
|
user = User.objects.get(email=email, token=request.POST['token'])
|
|
except User.DoesNotExist:
|
|
context['code'] = '0'
|
|
context['data']['message'] = u'Запрашиваемый пользователь не найден'
|
|
else:
|
|
context['code'] = '0'
|
|
if request.POST['step'] == '1':
|
|
# Проверка пароля
|
|
if request.POST.get('password1'):
|
|
if request.POST.get('password2'):
|
|
if request.POST['password1'] == request.POST['password2']:
|
|
ps, ms = check_set_password(request.POST['password1'])
|
|
if not ps:
|
|
context['data']['message'] = ms
|
|
context['data']['inputs'] = ['password1', 'password2']
|
|
context['code'] = '0'
|
|
else:
|
|
user.set_password(request.POST['password1'])
|
|
user.reg_status = '2'
|
|
user.save()
|
|
context['code'] = '1'
|
|
else:
|
|
context['data']['message'] = u'Введеные пароли не совпадают'
|
|
context['data']['inputs'] = ['password1', 'password2']
|
|
else:
|
|
context['data']['message'] = u'Повторите введеный пароль'
|
|
context['data']['inputs'] = ['password2']
|
|
else:
|
|
context['data']['message'] = u'Введите пароль'
|
|
context['data']['inputs'] = ['password1']
|
|
|
|
return context
|
|
|
|
elif request.POST['step'] == '2':
|
|
# Проверка Телефона
|
|
if request.POST.get('fname'):
|
|
if request.POST.get('name'):
|
|
if request.POST.get('phone'):
|
|
user.phone = request.POST['phone']
|
|
user.name = request.POST['name']
|
|
user.fname = request.POST['fname']
|
|
user.city = request.POST['city']
|
|
if request.POST.get('bday'):
|
|
try:
|
|
user.b_day = datetime.datetime.strptime(request.POST['bday'], '%d.%m.%Y').date()
|
|
except ValueError:
|
|
user.b_day = datetime.datetime.strptime(request.POST['bday'], '%d.%m.%y').date()
|
|
user.reg_status = '3'
|
|
user.save()
|
|
context['code'] = '1'
|
|
else:
|
|
context['data']['message'] = u'Введите Телефон'
|
|
context['data']['inputs'] = ['phone']
|
|
else:
|
|
context['data']['message'] = u'Введите Имя'
|
|
context['data']['inputs'] = ['name']
|
|
else:
|
|
context['data']['message'] = u'Введите Фамилию'
|
|
context['data']['inputs'] = ['fname']
|
|
|
|
elif request.POST['step'] == '3':
|
|
# Проверка фотографии
|
|
if request.POST.get('avatar_code'):
|
|
user.avatar = request.POST['avatar_code']
|
|
user.reg_status = '4'
|
|
user.is_active = True
|
|
user.save()
|
|
user._set_to_sync()
|
|
sent_good_activation(user)
|
|
context['code'] = '1'
|
|
|
|
else:
|
|
context['code'] = '0'
|
|
context['data']['message'] = u'Этап активации указан не верно'
|
|
else:
|
|
context['data']['message'] = condition['response']
|
|
context['code'] = '0'
|
|
return context
|
|
|
|
|
|
@api_decor(without_auth=True)
|
|
def registration(request, context):
|
|
# Форма стандартногоз аведения пользователя
|
|
condition = condition_factory([
|
|
{'condition': request.POST.get('email'), 'error': u'Вы не ввели email'}])
|
|
|
|
if condition['code'] == '1':
|
|
try:
|
|
email = request.POST['email'].lower()
|
|
user = User.objects.get(email=email)
|
|
except User.DoesNotExist:
|
|
if request.POST.get('password1'):
|
|
if request.POST.get('password2'):
|
|
if request.POST['password1'] == request.POST['password2']:
|
|
ps, ms = check_set_password(request.POST['password1'])
|
|
if not ps:
|
|
context['response'] = ms
|
|
context['code'] = '0'
|
|
else:
|
|
email = request.POST['email'].lower()
|
|
user = User.objects.create_user(email=email)
|
|
user.set_password(request.POST['password1'])
|
|
user.reg_status = '2'
|
|
user.save()
|
|
context['code'] = '1'
|
|
else:
|
|
context['response'] = u'Введеные пароли не совпадают'
|
|
context['code'] = '0'
|
|
else:
|
|
context['response'] = u'Повторите введеный пароль'
|
|
context['code'] = '0'
|
|
else:
|
|
context['response'] = u'Введите пароль'
|
|
context['code'] = '0'
|
|
else:
|
|
if user.is_active and user.reg_status == '4':
|
|
context['code'] = '0'
|
|
context[
|
|
'response'] = u'Пользователь с таким email уже существует и активен. ' \
|
|
u'Авторизуйтесь или попробуйте восстановить пароль.'
|
|
else:
|
|
context['code'] = '0'
|
|
sent_registration(user, title=u'Повторное письмо активации')
|
|
context[
|
|
'response'] = u'Пользователь с таким email уже существует, но не был активирован. ' \
|
|
u'Вам было выслано повторное письмо активации.'
|
|
else:
|
|
context['response'] = condition['response']
|
|
context['code'] = '0'
|
|
return context
|
|
|
|
|
|
@api_decor(without_auth=True)
|
|
def auth_in(request, context):
|
|
# Авторизация
|
|
condition = condition_factory([
|
|
{'condition': request.POST.get('email'), 'error': u'Вы не ввели email'},
|
|
{'condition': request.POST.get('password'), 'error': u'Вы не ввели пароль'}
|
|
])
|
|
if condition['code'] == '1':
|
|
email = request.POST['email'].lower()
|
|
user = auth.authenticate(email=email, password=request.POST.get('password'))
|
|
|
|
if user is not None:
|
|
context['code'] = '1'
|
|
auth.login(request, user)
|
|
user.set_request_data(request)
|
|
|
|
elif user is None:
|
|
context['response'] = u'По введенным данным пользователь не найден'
|
|
context['code'] = '0'
|
|
|
|
else:
|
|
context['response'] = u"Не верные данные. Повторите попытку"
|
|
context['code'] = '0'
|
|
else:
|
|
context['response'] = condition['response']
|
|
context['code'] = '0'
|
|
return context
|
|
|
|
|
|
@api_decor(without_auth=True)
|
|
def auth_from_admin(request, context):
|
|
# Авторизация
|
|
condition = condition_factory([
|
|
{'condition': request.POST.get('email'), 'error': u'Вы не ввели email'},
|
|
{'condition': request.POST.get('password'), 'error': u'Вы не ввели пароль'},
|
|
{'condition': request.POST.get('token'), 'error': u'Вы не ввели свой токен'},
|
|
{'condition': request.user.is_staff and request.user.is_admin, 'error': u'У вас нет прав'}
|
|
])
|
|
if condition['code'] == '1':
|
|
email = request.POST['email'].lower()
|
|
user = auth.authenticate(email=email,
|
|
password=request.POST.get('password'),
|
|
token=request.POST.get('token'))
|
|
|
|
if user is not None:
|
|
context['code'] = '1'
|
|
auth.login(request, user)
|
|
request.user.change_token()
|
|
|
|
elif user is None:
|
|
context['response'] = u'По введенным данным пользователь не найден'
|
|
context['code'] = '0'
|
|
|
|
else:
|
|
context['response'] = u"Не верные данные. Повторите попытку"
|
|
context['code'] = '0'
|
|
else:
|
|
context['response'] = condition['response']
|
|
context['code'] = '0'
|
|
return context
|
|
|
|
|
|
@api_decor(without_auth=True)
|
|
def forgot(request, context):
|
|
# Форма восстановления пароля
|
|
condition = condition_factory([
|
|
{'condition': request.GET.get('email'), 'error': u'Email не указан'},
|
|
{'condition': check_email(request.GET['email']), 'error': u'Email введен не верно'}
|
|
])
|
|
if condition['code'] == '1':
|
|
try:
|
|
email = request.GET['email'].lower()
|
|
user = User.objects.get(email=email)
|
|
except User.DoesNotExist:
|
|
context['response'] = u'Пользователя с таким email не существует.'
|
|
context['code'] = '0'
|
|
else:
|
|
user.change_token()
|
|
sent_accept_forgot(user)
|
|
context['code'] = '1'
|
|
else:
|
|
context['response'] = condition['response']
|
|
context['code'] = '0'
|
|
return context
|
|
|