| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200 |
- from django.contrib import messages
- from django.contrib.auth import update_session_auth_hash
- from django.db import IntegrityError, transaction
- from django.http import Http404
- from django.shortcuts import redirect, render as django_render
- from django.utils.translation import ugettext as _
- from django.views.decorators.debug import sensitive_post_parameters
- from misago.conf import settings
- from misago.core.mail import mail_user
- from misago.markup import Editor
- from misago.users import avatars
- from misago.users.decorators import deny_guests
- from misago.users.forms.usercp import (ChangeForumOptionsForm,
- EditSignatureForm,
- ChangeUsernameForm,
- ChangeEmailPasswordForm)
- from misago.users.signatures import set_user_signature
- from misago.users.sites import usercp
- from misago.users.changedcredentials import (cache_new_credentials,
- get_new_credentials)
- from misago.users.namechanges import UsernameChanges
- def render(request, template, context=None):
- context = context or {}
- context['pages'] = usercp.get_pages(request)
- for page in context['pages']:
- if page['is_active']:
- context['active_page'] = page
- break
- return django_render(request, template, context)
- @deny_guests
- def change_forum_options(request):
- form = ChangeForumOptionsForm(instance=request.user)
- if request.method == 'POST':
- form = ChangeForumOptionsForm(request.POST, instance=request.user)
- if form.is_valid():
- form.save()
- message = _("Your forum options have been changed.")
- messages.success(request, message)
- return redirect('misago:usercp_change_forum_options')
- return render(request, 'misago/usercp/change_forum_options.html',
- {'form': form})
- @deny_guests
- def change_avatar(request):
- avatar_size = max(settings.MISAGO_AVATARS_SIZES)
- if request.method == 'POST':
- if 'download-gravatar' in request.POST:
- avatars.gravatar.set_avatar(request.user)
- message = _("Gravatar was downloaded and set as new avatar.")
- messages.success(request, message)
- elif 'set-dynamic' in request.POST:
- avatars.dynamic.set_avatar(request.user)
- message = _("New avatar based on your account was set.")
- messages.success(request, message)
- return redirect('misago:usercp_change_avatar')
- return render(request, 'misago/usercp/change_avatar.html', {
- 'avatar_size': avatar_size
- })
- @deny_guests
- def edit_signature(request):
- if not request.user.acl['can_have_signature']:
- raise Http404()
- form = EditSignatureForm(instance=request.user)
- if not request.user.is_signature_banned and request.method == 'POST':
- form = EditSignatureForm(request.POST, instance=request.user)
- if form.is_valid():
- set_user_signature(request.user, form.cleaned_data['signature'])
- request.user.save(update_fields=['signature', 'signature_parsed',
- 'signature_checksum'])
- if form.cleaned_data['signature']:
- messages.success(request, _("Your signature has been edited."))
- else:
- message = _("Your signature has been cleared.")
- messages.success(request, message)
- return redirect('misago:usercp_edit_signature')
- acl = request.user.acl
- editor = Editor(form['signature'],
- allow_blocks=acl['allow_signature_blocks'],
- allow_links=acl['allow_signature_links'],
- allow_images=acl['allow_signature_images'])
- return render(request, 'misago/usercp/edit_signature.html',
- {'form': form, 'editor': editor})
- @deny_guests
- @transaction.atomic()
- def change_username(request):
- namechanges = UsernameChanges(request.user)
- form = ChangeUsernameForm()
- if request.method == 'POST' and namechanges.left:
- form = ChangeUsernameForm(request.POST, user=request.user)
- if form.is_valid():
- request.user.set_username(form.cleaned_data['new_username'])
- request.user.save(update_fields=['username', 'username_slug'])
- message = _("Your username has been changed.")
- messages.success(request, message)
- return redirect('misago:usercp_change_username')
- return render(request, 'misago/usercp/change_username.html', {
- 'form': form,
- 'changes_left': namechanges.left,
- 'next_change_on': namechanges.next_on
- })
- @sensitive_post_parameters()
- @deny_guests
- def change_email_password(request):
- form = ChangeEmailPasswordForm()
- if request.method == 'POST':
- form = ChangeEmailPasswordForm(request.POST, user=request.user)
- if form.is_valid():
- new_email = ''
- new_password = ''
- # Store original data
- old_email = request.user.email
- old_password = request.user.password
- # Assign new creds to user temporarily
- if form.cleaned_data['new_email']:
- request.user.set_email(form.cleaned_data['new_email'])
- new_email = request.user.email
- if form.cleaned_data['new_password']:
- request.user.set_password(form.cleaned_data['new_password'])
- new_password = request.user.password
- request.user.email = old_email
- request.user.password = old_password
- credentials_token = cache_new_credentials(
- request.user, new_email, new_password)
- mail_subject = _("Confirm changes to %(username)s account "
- "on %(forum_title)s forums")
- subject_formats = {'username': request.user.username,
- 'forum_title': settings.forum_name}
- mail_subject = mail_subject % subject_formats
- if new_email:
- # finally override email before sending message
- request.user.email = new_email
- mail_user(request, request.user, mail_subject,
- 'misago/emails/change_email_password',
- {'credentials_token': credentials_token})
- message = _("E-mail was sent to %(email)s with a link that "
- "you have to click to confirm changes.")
- messages.info(request, message % {'email': request.user.email})
- return redirect('misago:usercp_change_email_password')
- return render(request, 'misago/usercp/change_email_password.html',
- {'form': form})
- @deny_guests
- def confirm_email_password_change(request, token):
- new_credentials = get_new_credentials(request.user, token)
- if not new_credentials:
- messages.error(request, _("Confirmation link is invalid."))
- else:
- changes_made = []
- if new_credentials['email']:
- request.user.set_email(new_credentials['email'])
- changes_made.extend(['email', 'email_hash'])
- if new_credentials['password']:
- request.user.password = new_credentials['password']
- update_session_auth_hash(request, request.user)
- changes_made.append('password')
- try:
- request.user.save(update_fields=changes_made)
- message = _("Changes in e-mail and password have been saved.")
- messages.success(request, message)
- except IntegrityError:
- messages.error(request, _("Confirmation link is invalid."))
- return redirect('misago:usercp_change_email_password')
|
