Convert user pages to Django forms

2026-05-20 10:34:30 +00:00 · 2014-05-11 18:03:33 +05:30 · 2014-05-11 18:03:33 +05:30 · e5d43a87a2
commit e5d43a87a2
parent 6ebfe23c4b
6 changed files with 238 additions and 142 deletions
--- a/modules/installed/system/templates/users_add.html
+++ b/modules/installed/system/templates/users_add.html
@ -0,0 +1,54 @@
 {% extends "login_nav.html" %}
 {% comment %}
 #
 # This file is part of Plinth.
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as
 # published by the Free Software Foundation, either version 3 of the
 # License, or (at your option) any later version.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU Affero General Public License for more details.
 #
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #
 {% endcomment %}
 {% load bootstrap %}
 {% block main_block %}
  {% for severity, message in messages %}
    <div class='alert alert-{{ severity }}'>{{ message }}</div>
  {% endfor %}
  <form class="form" method="post">
    {% csrf_token %}
    {{ form|bootstrap }}
    <input type="submit" class="btn-primary" value="Add User"/>
  </form>
 {% endblock %}
 {% block sidebar_right_block %}
  <div class="well sidebar-nav">
    <h3>Add User</h3>
    <p>Adding a user via this administrative
      interface <strong>might</strong> create a system user. For
      example, if you provide a user with ssh access, she will need a
      system account.  If you don't know what that means, don't worry
      about it.</p>
  </div>
 {% endblock %}
--- a/modules/installed/system/templates/users_add_sidebar.html
+++ b/modules/installed/system/templates/users_add_sidebar.html
@ -1,25 +0,0 @@
 {% comment %}
 #
 # This file is part of Plinth.
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as
 # published by the Free Software Foundation, either version 3 of the
 # License, or (at your option) any later version.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU Affero General Public License for more details.
 #
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #
 {% endcomment %}
 <h3>Add User</h3>
 <p>Adding a user via this administrative
 interface <strong>might</strong> create a system user. For example, if
 you provide a user with ssh access, she will need a system account.
 If you don't know what that means, don't worry about it.</p>
--- a/modules/installed/system/templates/users_edit.html
+++ b/modules/installed/system/templates/users_edit.html
@ -0,0 +1,59 @@
 {% extends "login_nav.html" %}
 {% comment %}
 #
 # This file is part of Plinth.
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as
 # published by the Free Software Foundation, either version 3 of the
 # License, or (at your option) any later version.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU Affero General Public License for more details.
 #
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #
 {% endcomment %}
 {% load bootstrap %}
 {% block main_block %}
  {% for severity, message in messages %}
    <div class='alert alert-{{ severity }}'>{{ message }}</div>
  {% endfor %}
  <form class="form" method="post">
    {% csrf_token %}
    {{ form|bootstrap }}
    <input type="submit" class="btn-primary" value="Delete User"/>
  </form>
 {% endblock %}
 {% block sidebar_right_block %}
  <div class="well sidebar-nav">
    <h3>Edit Users</h3>
    <p>Click on a user's name to go to a screen for editing that
      user's account.</p>
    <h3>Delete Users</h3>
    <p>Check the box next to a users' names and then click "Delete
      User" to remove users from {{ cfg.product_name }} and the
      {{ cfg.box_name }} system.</p>
    <p>Deleting users is permanent!</p>
  </div>
 {% endblock %}
--- a/modules/installed/system/templates/users_edit_sidebar.html
+++ b/modules/installed/system/templates/users_edit_sidebar.html
@ -1,31 +0,0 @@
 {% comment %}
 #
 # This file is part of Plinth.
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as
 # published by the Free Software Foundation, either version 3 of the
 # License, or (at your option) any later version.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU Affero General Public License for more details.
 #
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #
 {% endcomment %}
 <h3>Edit Users</h3>
 <p>Click on a user's name to go to a screen for editing that user's
 account.</p>
 <h3>Delete Users</h3>
 <p>Check the box next to a users' names and then click "Delete User"
 to remove users from {{ cfg.product_name }} and the {{ cfg.box_name }}
 system.</p>
 <p>Deleting users is permanent!</p>
--- a/modules/installed/system/templates/wan.html
+++ b/modules/installed/system/templates/wan.html
@ -32,5 +32,4 @@
 {% endif %}
 {% endblock %}
--- a/modules/installed/system/users.py
+++ b/modules/installed/system/users.py
@ -1,20 +1,20 @@
 import cherrypy
 from django import forms
 from django.core import validators
 from gettext import gettext as _
-from auth import require, add_user
+import auth
-from plugin_mount import PagePlugin, FormPlugin
+from auth import require
 from plugin_mount import PagePlugin
 import cfg
 from forms import Form
 from model import User
 import util
-class users(PagePlugin):
+class Users(PagePlugin):
    order = 20 # order of running init in PagePlugins
    def __init__(self, *args, **kwargs):
        PagePlugin.__init__(self, *args, **kwargs)
        self.register_page("sys.users")
        self.register_page("sys.users.add")
        self.register_page("sys.users.edit")
    @staticmethod
    @cherrypy.expose
@ -32,101 +32,141 @@ class users(PagePlugin):
                                    sidebar_right=sidebar_right)
-class add(FormPlugin, PagePlugin):
+class UserAddForm(forms.Form):  # pylint: disable-msg=W0232
-    url = ["/sys/users/add"]
+    """Form to add a new user"""
    username = forms.CharField(
        label=_('Username'),
        help_text=_('Must be lower case alphanumeric and start with \
 and alphabet'),
        validators=[
            validators.RegexValidator(r'^[a-z][a-z0-9]*$',
                                      _('Invalid username'))])
    password = forms.CharField(label=_('Password'),
                               widget=forms.PasswordInput())
    full_name = forms.CharField(label=_('Full name'), required=False)
    email = forms.EmailField(label=_('Email'), required=False)
 class UserAdd(PagePlugin):
    """Add user page"""
    order = 30
-    @staticmethod
+    def __init__(self, *args, **kwargs):
-    def sidebar_right(**kwargs):
+        PagePlugin.__init__(self, *args, **kwargs)
        """Return rendered string for sidebar on the right"""
        del kwargs  # Unused
-        return util.render_template(template='users_add_sidebar')
+        self.register_page('sys.users.add')
-    def main(self, username='', name='', email='', message=None, *args, **kwargs):
+    @cherrypy.expose
-        form = Form(title="Add User",
+    @require()
-                    action=cfg.server_dir + "/sys/users/add/index",
+    def index(self, **kwargs):
-                    name="add_user_form",
+        """Serve the form"""
-                    message=message)
+        form = None
-        form.text_input(_("Username"), name="username", value=username)
+        messages = []
        form.text_input(_("Full name"), name="name", value=name)
        form.text_input(_("Email"), name="email", value=email)
        form.text_input(_("Password"), name="password", type="password")
        form.submit(label=_("Create User"), name="create")
        return form.render()
-    def process_form(self, username=None, name=None, email=None, password=None, **kwargs):
+        if kwargs:
-        msg = util.Message()
+            form = UserAddForm(kwargs, prefix='user')
-
+            # pylint: disable-msg=E1101
-        error = add_user(username, password, name, email, False)
+            if form.is_valid():
-        if error:
+                self._add_user(form.cleaned_data, messages)
-            msg.text = error
+                form = UserAddForm(prefix='user')
        else:
-            msg.add(_("User %s added" % username))
+            form = UserAddForm(prefix='user')
-        return msg.text
+        return util.render_template(template='users_add', title=_('Add User'),
-
+                                    form=form, messages=messages)
 class edit(FormPlugin, PagePlugin):
    url = ["/sys/users/edit"]
    order = 35
    @staticmethod
-    def sidebar_right(**kwargs):
+    def _add_user(data, messages):
-        """Return rendered string for sidebar on the right"""
+        """Add a user"""
-        del kwargs  # Unused
+        if cfg.users.exists(data['username']):
            messages.append(
                ('error', _('User "{username}" already exists').format(
                 username=data['username'])))
            return
-        return util.render_template(template='users_edit_sidebar')
+        auth.add_user(data['username'], data['password'], data['full_name'],
                      data['email'], False)
        messages.append(
            ('success', _('User "{username}" added').format(
             username=data['username'])))
 class UserEditForm(forms.Form):  # pylint: disable-msg=W0232
    """Form to edit/delete a user"""
    def __init__(self, *args, **kwargs):
        # pylint: disable-msg=E1002
        super(forms.Form, self).__init__(*args, **kwargs)
    def main(self, message=None, **kwargs):
        users = cfg.users.get_all()
        add_form = Form(title=_("Edit or Delete User"),
                        action=cfg.server_dir + "/sys/users/edit",
                        message=message)
        add_form.html('<span class="indent"><strong>Delete</strong><br /></span>')
        for uname in users:
            user = User(uname[1])
            add_form.html('<span class="indent">&nbsp;&nbsp;%s&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;' %
                          add_form.get_checkbox(name=user['username']) +
                          '<a href="'+cfg.server_dir+'/sys/users/edit?username=%s">%s (%s)</a><br /></span>' %
                          (user['username'], user['name'], user['username']))
        add_form.submit(label=_("Delete User"), name="delete")
        return add_form.render()
-    def process_form(self, **kwargs):
+            label = '%s (%s)' % (user['name'], user['username'])
-        if 'delete' in kwargs:
+            field = forms.BooleanField(label=label, required=False)
-            msg = util.Message()
+            # pylint: disable-msg=E1101
-            usernames = util.find_keys(kwargs, 'on')
+            self.fields['delete_user_' + user['username']] = field
            cfg.log.info("%s asked to delete %s" % (cherrypy.session.get(cfg.session_key), usernames))
            if usernames:
                for username in usernames:
                    if cfg.users.exists(username):
                        try:
                            cfg.users.remove(username)
                            msg.add(_("Deleted user %s." % username))
                        except IOError, e:
                            if cfg.users.exists(username):
                                m = _("Error on deletion, user %s not fully deleted: %s" % (username, e))
                                cfg.log.error(m)
                                msg.add(m)
                            else:
                                m = _('Deletion failed on %s: %s' % (username, e))
                                cfg.log.error(m)
                                msg.add(m)
                    else:
                        cfg.log.warning(_("Can't delete %s.  User does not exist." % username))
                        msg.add(_("User %s does not exist." % username))
            else:
                msg.add = _("Must specify at least one valid, existing user.")
            return msg.txt
-        if 'username' not in kwargs:
+class UserEdit(PagePlugin):
-            return _('Invalid paramerters')
+    """User edit page"""
    order = 35
-        if kwargs['username'] not in cfg.users:
+    def __init__(self, *args, **kwargs):
-            return _("<p>Could not find a user with username of %s!</p>") % \
+        PagePlugin.__init__(self, *args, **kwargs)
                kwargs['username']
-        user = cfg.users[kwargs['username']]
+        self.register_page('sys.users.edit')
-        return _("<strong>Edit User '%s'</strong>") % user['username']
+
    @cherrypy.expose
    @require()
    def index(self, **kwargs):
        """Serve the form"""
        form = None
        messages = []
        if kwargs:
            form = UserEditForm(kwargs, prefix='user')
            # pylint: disable-msg=E1101
            if form.is_valid():
                self._apply_changes(form.cleaned_data, messages)
                form = UserEditForm(prefix='user')
        else:
            form = UserEditForm(prefix='user')
        return util.render_template(template='users_edit',
                                    title=_('Edit or Delete User'),
                                    form=form, messages=messages)
    @staticmethod
    def _apply_changes(data, messages):
        """Apply form changes"""
        for field, value in data.items():
            if not value:
                continue
            if not field.startswith('delete_user_'):
                continue
            username = field.split('delete_user_')[1]
            cfg.log.info('%s asked to delete %s' %
                         (cherrypy.session.get(cfg.session_key), username))
            if username == cfg.users.current(name=True):
                messages.append(
                    ('error',
                     _('Can not delete current account - "%s"') % username))
                continue
            if not cfg.users.exists(username):
                messages.append(('error',
                                 _('User "%s" does not exist') % username))
                continue
            try:
                cfg.users.remove(username)
                messages.append(('success', _('User "%s" deleted') % username))
            except IOError as exception:
                messages.append(('error', _('Error deleting "%s" - %s') %
                                 (username, exception)))
`@ -32,5 +32,4 @@`

	`{% endif %}`	`{% endif %}`


	`{% endblock %}`	`{% endblock %}`