authentik/passbook/admin/views/users.py

"""passbook User administration"""
from django.contrib import messages
from django.contrib.auth.mixins import LoginRequiredMixin
from django.contrib.auth.mixins import (
    PermissionRequiredMixin as DjangoPermissionRequiredMixin,
)
from django.contrib.messages.views import SuccessMessageMixin
from django.http import HttpRequest, HttpResponse
from django.shortcuts import redirect
from django.urls import reverse, reverse_lazy
from django.utils.http import urlencode
from django.utils.translation import gettext as _
from django.views.generic import DetailView, ListView, UpdateView
from guardian.mixins import (
    PermissionListMixin,
    PermissionRequiredMixin,
    get_anonymous_user,
)

from passbook.admin.forms.users import UserForm
from passbook.admin.views.utils import (
    BackSuccessUrlMixin,
    DeleteMessageView,
    UserPaginateListMixin,
)
from passbook.core.models import Token, User
from passbook.lib.views import CreateAssignPermView


class UserListView(
    LoginRequiredMixin, PermissionListMixin, UserPaginateListMixin, ListView
):
    """Show list of all users"""

    model = User
    permission_required = "passbook_core.view_user"
    ordering = "username"
    template_name = "administration/user/list.html"

    def get_queryset(self):
        return super().get_queryset().exclude(pk=get_anonymous_user().pk)


class UserCreateView(
    SuccessMessageMixin,
    BackSuccessUrlMixin,
    LoginRequiredMixin,
    DjangoPermissionRequiredMixin,
    CreateAssignPermView,
):
    """Create user"""

    model = User
    form_class = UserForm
    permission_required = "passbook_core.add_user"

    template_name = "generic/create.html"
    success_url = reverse_lazy("passbook_admin:users")
    success_message = _("Successfully created User")


class UserUpdateView(
    SuccessMessageMixin,
    BackSuccessUrlMixin,
    LoginRequiredMixin,
    PermissionRequiredMixin,
    UpdateView,
):
    """Update user"""

    model = User
    form_class = UserForm
    permission_required = "passbook_core.change_user"

    # By default the object's name is user which is used by other checks
    context_object_name = "object"
    template_name = "generic/update.html"
    success_url = reverse_lazy("passbook_admin:users")
    success_message = _("Successfully updated User")


class UserDeleteView(LoginRequiredMixin, PermissionRequiredMixin, DeleteMessageView):
    """Delete user"""

    model = User
    permission_required = "passbook_core.delete_user"

    # By default the object's name is user which is used by other checks
    context_object_name = "object"
    template_name = "generic/delete.html"
    success_url = reverse_lazy("passbook_admin:users")
    success_message = _("Successfully deleted User")


class UserPasswordResetView(LoginRequiredMixin, PermissionRequiredMixin, DetailView):
    """Get Password reset link for user"""

    model = User
    permission_required = "passbook_core.reset_user_password"

    def get(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
        """Create token for user and return link"""
        super().get(request, *args, **kwargs)
        token = Token.objects.create(user=self.object)
        querystring = urlencode({"token": token.token_uuid})
        link = request.build_absolute_uri(
            reverse("passbook_flows:default-recovery") + f"?{querystring}"
        )
        messages.success(
            request, _("Password reset link: <pre>%(link)s</pre>" % {"link": link})
        )
        return redirect("passbook_admin:users")
admin: add basic user admin 2018-12-14 13:24:04 +00:00			`"""passbook User administration"""`
add Nonce (one-time links), add password reset function (missing e-mail verification), closes #7 2019-02-25 19:46:23 +00:00			`from django.contrib import messages`
admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00			`from django.contrib.auth.mixins import LoginRequiredMixin`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`from django.contrib.auth.mixins import (`
			`PermissionRequiredMixin as DjangoPermissionRequiredMixin,`
			`)`
admin: add basic user admin 2018-12-14 13:24:04 +00:00			`from django.contrib.messages.views import SuccessMessageMixin`
admin: fix Password Recovery function not working 2020-07-01 10:10:12 +00:00			`from django.http import HttpRequest, HttpResponse`
admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00			`from django.shortcuts import redirect`
add Nonce (one-time links), add password reset function (missing e-mail verification), closes #7 2019-02-25 19:46:23 +00:00			`from django.urls import reverse, reverse_lazy`
admin: fix Password Recovery function not working 2020-07-01 10:10:12 +00:00			`from django.utils.http import urlencode`
pytest (#209) 2020-09-11 21:21:11 +00:00			`from django.utils.translation import gettext as _`
admin: remove duplicate code into new base classes 2020-07-01 22:13:33 +00:00			`from django.views.generic import DetailView, ListView, UpdateView`
admin: exclude anonymous user from listing 2020-02-23 14:27:28 +00:00			`from guardian.mixins import (`
			`PermissionListMixin,`
			`PermissionRequiredMixin,`
			`get_anonymous_user,`
			`)`
admin: add basic user admin 2018-12-14 13:24:04 +00:00
use separate Form for Admin user editing (allow is_staff and is_active) 2019-03-02 21:41:14 +00:00			`from passbook.admin.forms.users import UserForm`
admin: add BackSuccessUrlMixin to redirect to correct url after form edit 2020-09-25 23:56:28 +00:00			`from passbook.admin.views.utils import (`
			`BackSuccessUrlMixin,`
			`DeleteMessageView,`
			`UserPaginateListMixin,`
			`)`
core: rename nonce to token 2020-05-16 14:11:53 +00:00			`from passbook.core.models import Token, User`
admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00			`from passbook.lib.views import CreateAssignPermView`
admin: add basic user admin 2018-12-14 13:24:04 +00:00

admin: add BackSuccessUrlMixin to redirect to correct url after form edit 2020-09-25 23:56:28 +00:00			`class UserListView(`
			`LoginRequiredMixin, PermissionListMixin, UserPaginateListMixin, ListView`
			`):`
admin: add basic user admin 2018-12-14 13:24:04 +00:00			`"""Show list of all users"""`

			`model = User`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`permission_required = "passbook_core.view_user"`
			`ordering = "username"`
			`template_name = "administration/user/list.html"`
admin: add basic user admin 2018-12-14 13:24:04 +00:00
admin: exclude anonymous user from listing 2020-02-23 14:27:28 +00:00			`def get_queryset(self):`
			`return super().get_queryset().exclude(pk=get_anonymous_user().pk)`

admin: add basic user admin 2018-12-14 13:24:04 +00:00
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`class UserCreateView(`
			`SuccessMessageMixin,`
admin: add BackSuccessUrlMixin to redirect to correct url after form edit 2020-09-25 23:56:28 +00:00			`BackSuccessUrlMixin,`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`LoginRequiredMixin,`
			`DjangoPermissionRequiredMixin,`
			`CreateAssignPermView,`
			`):`
admin(minor): add view to create user 2019-10-08 09:27:19 +00:00			`"""Create user"""`

			`model = User`
			`form_class = UserForm`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`permission_required = "passbook_core.add_user"`
admin(minor): add view to create user 2019-10-08 09:27:19 +00:00
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`template_name = "generic/create.html"`
			`success_url = reverse_lazy("passbook_admin:users")`
			`success_message = _("Successfully created User")`
admin(minor): add view to create user 2019-10-08 09:27:19 +00:00

all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`class UserUpdateView(`
admin: add BackSuccessUrlMixin to redirect to correct url after form edit 2020-09-25 23:56:28 +00:00			`SuccessMessageMixin,`
			`BackSuccessUrlMixin,`
			`LoginRequiredMixin,`
			`PermissionRequiredMixin,`
			`UpdateView,`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`):`
admin: add basic user admin 2018-12-14 13:24:04 +00:00			`"""Update user"""`

			`model = User`
use separate Form for Admin user editing (allow is_staff and is_active) 2019-03-02 21:41:14 +00:00			`form_class = UserForm`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`permission_required = "passbook_core.change_user"`
admin: add basic user admin 2018-12-14 13:24:04 +00:00
ci(minor): reenable prospector 2019-12-05 13:31:44 +00:00			`# By default the object's name is user which is used by other checks`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`context_object_name = "object"`
			`template_name = "generic/update.html"`
			`success_url = reverse_lazy("passbook_admin:users")`
			`success_message = _("Successfully updated User")`
admin: add basic user admin 2018-12-14 13:24:04 +00:00

admin: remove duplicate code into new base classes 2020-07-01 22:13:33 +00:00			`class UserDeleteView(LoginRequiredMixin, PermissionRequiredMixin, DeleteMessageView):`
admin: add basic user admin 2018-12-14 13:24:04 +00:00			`"""Delete user"""`

			`model = User`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`permission_required = "passbook_core.delete_user"`
admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00
admin: fix user object being overwritten when deleting a user 2020-02-18 20:35:06 +00:00			`# By default the object's name is user which is used by other checks`
			`context_object_name = "object"`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`template_name = "generic/delete.html"`
			`success_url = reverse_lazy("passbook_admin:users")`
			`success_message = _("Successfully deleted User")`
Improve partially broken Delete Views, show success message on deletion 2019-02-26 08:46:44 +00:00
add Nonce (one-time links), add password reset function (missing e-mail verification), closes #7 2019-02-25 19:46:23 +00:00
admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00			`class UserPasswordResetView(LoginRequiredMixin, PermissionRequiredMixin, DetailView):`
add Nonce (one-time links), add password reset function (missing e-mail verification), closes #7 2019-02-25 19:46:23 +00:00			`"""Get Password reset link for user"""`

admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00			`model = User`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`permission_required = "passbook_core.reset_user_password"`
admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00
admin: fix Password Recovery function not working 2020-07-01 10:10:12 +00:00			`def get(self, request: HttpRequest, args, *kwargs) -> HttpResponse:`
core: rename nonce to token 2020-05-16 14:11:53 +00:00			`"""Create token for user and return link"""`
admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00			`super().get(request, args, *kwargs)`
core: rename nonce to token 2020-05-16 14:11:53 +00:00			`token = Token.objects.create(user=self.object)`
admin: fix Password Recovery function not working 2020-07-01 10:10:12 +00:00			`querystring = urlencode({"token": token.token_uuid})`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`link = request.build_absolute_uri(`
admin: fix Password Recovery function not working 2020-07-01 10:10:12 +00:00			`reverse("passbook_flows:default-recovery") + f"?{querystring}"`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`)`
			`messages.success(`
			`request, _("Password reset link: <pre>%(link)s</pre>" % {"link": link})`
			`)`
			`return redirect("passbook_admin:users")`