OpenSlides/openslides/users/api.py

from random import choice

from django.contrib.auth.models import Permission, Group
from django.contrib.contenttypes.models import ContentType
from django.utils.translation import ugettext_noop

from .models import User


def gen_password():
    """
    Generates a random passwort.
    """
    chars = "abcdefghijkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789"
    size = 8

    return ''.join([choice(chars) for i in range(size)])


def gen_username(first_name, last_name):
    """
    Generates a username from a first- and lastname.
    """
    first_name = first_name.strip()
    last_name = last_name.strip()

    if first_name and last_name:
        base_name = " ".join((first_name, last_name))
    else:
        base_name = first_name or last_name
        if not base_name:
            raise ValueError('Either \'first_name\' or \'last_name\' can not be '
                             'empty')

    if not User.objects.filter(username=base_name).exists():
        return base_name

    counter = 0
    while True:
        counter += 1
        test_name = "%s %d" % (base_name, counter)
        if not User.objects.filter(username=test_name).exists():
            return test_name


def get_registered_group():
    """
    Returns the group 'Registered' (pk=2).
    """
    return Group.objects.get(pk=2)


def create_builtin_groups_and_admin():
    """
    Creates the builtin groups: Anonymous, Registered, Delegates and Staff.

    Creates the builtin user: admin.
    """
    # Check whether the group pks 1 to 4 are free
    if Group.objects.filter(pk__in=range(1, 5)).exists():
        # Do completely nothing if there are already some of our groups in the database.
        return

    # Anonymous (pk 1) and Registered (pk 2)
    ct_core = ContentType.objects.get(app_label='core', model='customslide')
    perm_11 = Permission.objects.get(content_type=ct_core, codename='can_see_projector')
    perm_12 = Permission.objects.get(content_type=ct_core, codename='can_see_dashboard')

    ct_agenda = ContentType.objects.get(app_label='agenda', model='item')
    ct_speaker = ContentType.objects.get(app_label='agenda', model='speaker')
    perm_13 = Permission.objects.get(content_type=ct_agenda, codename='can_see_agenda')
    perm_14 = Permission.objects.get(content_type=ct_agenda, codename='can_see_orga_items')
    can_speak = Permission.objects.get(content_type=ct_speaker, codename='can_be_speaker')

    ct_motion = ContentType.objects.get(app_label='motion', model='motion')
    perm_15 = Permission.objects.get(content_type=ct_motion, codename='can_see_motion')

    ct_assignment = ContentType.objects.get(app_label='assignment', model='assignment')
    perm_16 = Permission.objects.get(content_type=ct_assignment, codename='can_see_assignments')

    ct_users = ContentType.objects.get(app_label='users', model='user')
    perm_users_can_see_name = Permission.objects.get(content_type=ct_users, codename='can_see_name')
    perm_users_can_see_extra_data = Permission.objects.get(content_type=ct_users, codename='can_see_extra_data')

    ct_mediafile = ContentType.objects.get(app_label='mediafile', model='mediafile')
    perm_18 = Permission.objects.get(content_type=ct_mediafile, codename='can_see')

    base_permission_list = (
        perm_11,
        perm_12,
        perm_13,
        perm_14,
        perm_15,
        perm_16,
        perm_users_can_see_name,
        perm_users_can_see_extra_data,
        perm_18)

    group_anonymous = Group.objects.create(name=ugettext_noop('Anonymous'), pk=1)
    group_anonymous.permissions.add(*base_permission_list)
    group_registered = Group.objects.create(name=ugettext_noop('Registered'), pk=2)
    group_registered.permissions.add(can_speak, *base_permission_list)

    # Delegates (pk 3)
    perm_31 = Permission.objects.get(content_type=ct_motion, codename='can_create_motion')
    perm_32 = Permission.objects.get(content_type=ct_motion, codename='can_support_motion')
    perm_33 = Permission.objects.get(content_type=ct_assignment, codename='can_nominate_other')
    perm_34 = Permission.objects.get(content_type=ct_assignment, codename='can_nominate_self')
    perm_35 = Permission.objects.get(content_type=ct_mediafile, codename='can_upload')

    group_delegates = Group.objects.create(name=ugettext_noop('Delegates'), pk=3)
    group_delegates.permissions.add(perm_31, perm_32, perm_33, perm_34, perm_35)

    # Staff (pk 4)
    perm_41 = Permission.objects.get(content_type=ct_agenda, codename='can_manage_agenda')
    perm_42 = Permission.objects.get(content_type=ct_motion, codename='can_manage_motion')
    perm_43 = Permission.objects.get(content_type=ct_assignment, codename='can_manage_assignments')
    perm_44 = Permission.objects.get(content_type=ct_users, codename='can_manage')
    perm_45 = Permission.objects.get(content_type=ct_core, codename='can_manage_projector')
    perm_46 = Permission.objects.get(content_type=ct_core, codename='can_use_chat')
    perm_47 = Permission.objects.get(content_type=ct_mediafile, codename='can_manage')

    ct_config = ContentType.objects.get(app_label='config', model='configstore')
    perm_48 = Permission.objects.get(content_type=ct_config, codename='can_manage')

    ct_tag = ContentType.objects.get(app_label='core', model='tag')
    can_manage_tags = Permission.objects.get(content_type=ct_tag, codename='can_manage_tags')

    group_staff = Group.objects.create(name=ugettext_noop('Staff'), pk=4)
    # add delegate permissions (without can_support_motion)
    group_staff.permissions.add(perm_31, perm_33, perm_34, perm_35)
    # add staff permissions
    group_staff.permissions.add(perm_41, perm_42, perm_43, perm_44, perm_45, perm_46, perm_47, perm_48, can_manage_tags)
    # add can_see_name and can_see_extra_data permissions
    # TODO: Remove this redundancy after cleanup of the permission system.
    group_staff.permissions.add(perm_users_can_see_name, perm_users_can_see_extra_data)

    # Admin user
    create_or_reset_admin_user()


def create_or_reset_admin_user():
    group_staff = Group.objects.get(pk=4)
    try:
        admin = User.objects.get(username="admin")
    except User.DoesNotExist:
        admin = User()
        admin.username = 'admin'
        admin.last_name = 'Administrator'
        created = True
    else:
        created = False
    admin.default_password = 'admin'
    admin.set_password(admin.default_password)
    admin.save()
    admin.groups.add(group_staff)
    return created


def get_protected_perm():
    """
    Returns the permission to manage users. This function is a helper
    function used to protect manager users from locking out themselves.
    """
    return Permission.objects.get_by_natural_key(
        app_label='users', model='user', codename='can_manage')
Use flake8 instead of pep8. Orderd the imports with isort * changed the fab-command pep8 to check * checked and fixed any code with flake8. Also the urls.py * checkt the projector app with pylint 2013-09-25 10:01:01 +02:00			`from random import choice`
Add code 2011-07-31 10:46:29 +02:00
Refactory of the participant app * New user model (used Django's AbstractBaseUser) * Renamed the app to users * removed person api See #861 Fixed #576 #478 2014-10-11 14:34:49 +02:00			`from django.contrib.auth.models import Permission, Group`
			`from django.contrib.contenttypes.models import ContentType`
Rework of management command 2015-01-16 14:18:34 +01:00			`from django.utils.translation import ugettext_noop`
Refactory of the participant app * New user model (used Django's AbstractBaseUser) * Renamed the app to users * removed person api See #861 Fixed #576 #478 2014-10-11 14:34:49 +02:00
			`from .models import User`
default permissions for the registered group plus some cleanup for the registered and the anonymous group 2012-11-23 09:35:41 +01:00

default password and reset function 2011-09-03 17:17:29 +02:00			`def gen_password():`
cleaned up the participant app. Sort of... 2012-07-07 15:26:00 +02:00			`"""`
Fixes #765. Avoids the django AbstracUser username validator Also changed added a white-space in the default username again 2013-06-21 09:51:17 +02:00			`Generates a random passwort.`
cleaned up the participant app. Sort of... 2012-07-07 15:26:00 +02:00			`"""`
dont use simular passwords in gen_password (no Il10oO) 2012-09-13 11:50:06 +02:00			`chars = "abcdefghijkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789"`
			`size = 8`

			`return ''.join([choice(chars) for i in range(size)])`
default password and reset function 2011-09-03 17:17:29 +02:00

Add code 2011-07-31 10:46:29 +02:00			`def gen_username(first_name, last_name):`
cleaned up the participant app. Sort of... 2012-07-07 15:26:00 +02:00			`"""`
Fixes #765. Avoids the django AbstracUser username validator Also changed added a white-space in the default username again 2013-06-21 09:51:17 +02:00			`Generates a username from a first- and lastname.`
cleaned up the participant app. Sort of... 2012-07-07 15:26:00 +02:00			`"""`
Fixes #765. Avoids the django AbstracUser username validator Also changed added a white-space in the default username again 2013-06-21 09:51:17 +02:00			`first_name = first_name.strip()`
			`last_name = last_name.strip()`

			`if first_name and last_name:`
			`base_name = " ".join((first_name, last_name))`
			`else:`
			`base_name = first_name or last_name`
			`if not base_name:`
			`raise ValueError('Either \'first_name\' or \'last_name\' can not be '`
			`'empty')`

			`if not User.objects.filter(username=base_name).exists():`
			`return base_name`

			`counter = 0`
Add code 2011-07-31 10:46:29 +02:00			`while True:`
Fixes #765. Avoids the django AbstracUser username validator Also changed added a white-space in the default username again 2013-06-21 09:51:17 +02:00			`counter += 1`
			`test_name = "%s %d" % (base_name, counter)`
			`if not User.objects.filter(username=test_name).exists():`
			`return test_name`
rewrote user csv import The import does not delete the existing users anymore, but append the users as new users. 2012-08-10 19:49:46 +02:00
removed unused imports from participant and did some pep8 changes 2012-08-11 10:51:52 +02:00
Move builtin groups to a signal. 2013-03-12 20:58:22 +01:00			`def get_registered_group():`
			`"""`
Some last (template) improvements for next release - Added dataTable function for group overview table. - Added default form help text for groups and an explanation for group overview table. - Updated translation. - Translate group name in form. - Username: FirstName instead of First_Name - Hide group 'registered' from UserForm - Linked persons/candidates/submitter etc. to UserView - Fixed permissions in template Translation 2013-05-15 23:26:24 +02:00			`Returns the group 'Registered' (pk=2).`
Move builtin groups to a signal. 2013-03-12 20:58:22 +01:00			`"""`
Some last (template) improvements for next release - Added dataTable function for group overview table. - Added default form help text for groups and an explanation for group overview table. - Updated translation. - Translate group name in form. - Username: FirstName instead of First_Name - Hide group 'registered' from UserForm - Linked persons/candidates/submitter etc. to UserView - Fixed permissions in template Translation 2013-05-15 23:26:24 +02:00			`return Group.objects.get(pk=2)`
Create admin-user after syncdb 2013-06-16 12:00:57 +02:00

Rework of management command 2015-01-16 14:18:34 +01:00			`def create_builtin_groups_and_admin():`
			`"""`
			`Creates the builtin groups: Anonymous, Registered, Delegates and Staff.`

			`Creates the builtin user: admin.`
			`"""`
			`# Check whether the group pks 1 to 4 are free`
			`if Group.objects.filter(pk__in=range(1, 5)).exists():`
			`# Do completely nothing if there are already some of our groups in the database.`
			`return`

			`# Anonymous (pk 1) and Registered (pk 2)`
			`ct_core = ContentType.objects.get(app_label='core', model='customslide')`
			`perm_11 = Permission.objects.get(content_type=ct_core, codename='can_see_projector')`
			`perm_12 = Permission.objects.get(content_type=ct_core, codename='can_see_dashboard')`

			`ct_agenda = ContentType.objects.get(app_label='agenda', model='item')`
			`ct_speaker = ContentType.objects.get(app_label='agenda', model='speaker')`
			`perm_13 = Permission.objects.get(content_type=ct_agenda, codename='can_see_agenda')`
			`perm_14 = Permission.objects.get(content_type=ct_agenda, codename='can_see_orga_items')`
			`can_speak = Permission.objects.get(content_type=ct_speaker, codename='can_be_speaker')`

			`ct_motion = ContentType.objects.get(app_label='motion', model='motion')`
			`perm_15 = Permission.objects.get(content_type=ct_motion, codename='can_see_motion')`

			`ct_assignment = ContentType.objects.get(app_label='assignment', model='assignment')`
Rework of assignment fixes: #1429, #1345 A database recreation is needed 2015-01-25 15:10:34 +01:00			`perm_16 = Permission.objects.get(content_type=ct_assignment, codename='can_see_assignments')`
Rework of management command 2015-01-16 14:18:34 +01:00
			`ct_users = ContentType.objects.get(app_label='users', model='user')`
			`perm_users_can_see_name = Permission.objects.get(content_type=ct_users, codename='can_see_name')`
			`perm_users_can_see_extra_data = Permission.objects.get(content_type=ct_users, codename='can_see_extra_data')`

			`ct_mediafile = ContentType.objects.get(app_label='mediafile', model='mediafile')`
			`perm_18 = Permission.objects.get(content_type=ct_mediafile, codename='can_see')`

			`base_permission_list = (`
			`perm_11,`
			`perm_12,`
			`perm_13,`
			`perm_14,`
			`perm_15,`
			`perm_16,`
			`perm_users_can_see_name,`
			`perm_users_can_see_extra_data,`
			`perm_18)`

			`group_anonymous = Group.objects.create(name=ugettext_noop('Anonymous'), pk=1)`
			`group_anonymous.permissions.add(*base_permission_list)`
			`group_registered = Group.objects.create(name=ugettext_noop('Registered'), pk=2)`
			`group_registered.permissions.add(can_speak, *base_permission_list)`

			`# Delegates (pk 3)`
			`perm_31 = Permission.objects.get(content_type=ct_motion, codename='can_create_motion')`
			`perm_32 = Permission.objects.get(content_type=ct_motion, codename='can_support_motion')`
			`perm_33 = Permission.objects.get(content_type=ct_assignment, codename='can_nominate_other')`
			`perm_34 = Permission.objects.get(content_type=ct_assignment, codename='can_nominate_self')`
			`perm_35 = Permission.objects.get(content_type=ct_mediafile, codename='can_upload')`

			`group_delegates = Group.objects.create(name=ugettext_noop('Delegates'), pk=3)`
			`group_delegates.permissions.add(perm_31, perm_32, perm_33, perm_34, perm_35)`

			`# Staff (pk 4)`
			`perm_41 = Permission.objects.get(content_type=ct_agenda, codename='can_manage_agenda')`
			`perm_42 = Permission.objects.get(content_type=ct_motion, codename='can_manage_motion')`
Rework of assignment fixes: #1429, #1345 A database recreation is needed 2015-01-25 15:10:34 +01:00			`perm_43 = Permission.objects.get(content_type=ct_assignment, codename='can_manage_assignments')`
Rework of management command 2015-01-16 14:18:34 +01:00			`perm_44 = Permission.objects.get(content_type=ct_users, codename='can_manage')`
			`perm_45 = Permission.objects.get(content_type=ct_core, codename='can_manage_projector')`
			`perm_46 = Permission.objects.get(content_type=ct_core, codename='can_use_chat')`
			`perm_47 = Permission.objects.get(content_type=ct_mediafile, codename='can_manage')`

			`ct_config = ContentType.objects.get(app_label='config', model='configstore')`
			`perm_48 = Permission.objects.get(content_type=ct_config, codename='can_manage')`

			`ct_tag = ContentType.objects.get(app_label='core', model='tag')`
			`can_manage_tags = Permission.objects.get(content_type=ct_tag, codename='can_manage_tags')`

			`group_staff = Group.objects.create(name=ugettext_noop('Staff'), pk=4)`
			`# add delegate permissions (without can_support_motion)`
			`group_staff.permissions.add(perm_31, perm_33, perm_34, perm_35)`
			`# add staff permissions`
			`group_staff.permissions.add(perm_41, perm_42, perm_43, perm_44, perm_45, perm_46, perm_47, perm_48, can_manage_tags)`
			`# add can_see_name and can_see_extra_data permissions`
			`# TODO: Remove this redundancy after cleanup of the permission system.`
			`group_staff.permissions.add(perm_users_can_see_name, perm_users_can_see_extra_data)`

			`# Admin user`
			`create_or_reset_admin_user()`


Create admin-user after syncdb 2013-06-16 12:00:57 +02:00			`def create_or_reset_admin_user():`
			`group_staff = Group.objects.get(pk=4)`
			`try:`
			`admin = User.objects.get(username="admin")`
			`except User.DoesNotExist:`
			`admin = User()`
			`admin.username = 'admin'`
			`admin.last_name = 'Administrator'`
Clean up main.py and move code to __main__.py and utils/main.py. 2013-09-08 14:30:26 +02:00			`created = True`
			`else:`
			`created = False`
Create admin-user after syncdb 2013-06-16 12:00:57 +02:00			`admin.default_password = 'admin'`
			`admin.set_password(admin.default_password)`
			`admin.save()`
			`admin.groups.add(group_staff)`
Clean up main.py and move code to __main__.py and utils/main.py. 2013-09-08 14:30:26 +02:00			`return created`
Refactory of the participant app * New user model (used Django's AbstractBaseUser) * Renamed the app to users * removed person api See #861 Fixed #576 #478 2014-10-11 14:34:49 +02:00

			`def get_protected_perm():`
			`"""`
			`Returns the permission to manage users. This function is a helper`
			`function used to protect manager users from locking out themselves.`
			`"""`
New Test order. * seperate unittests and integration tests * moved old tests in seperat folder 'old' * created a testrunner that does not create a testdatabase, if only unittests are run * wrote some unit- and integration tests as examples * fixed user.get_short_name() to use the sort order from config * fixed wrong url_pattern in the user app 2015-01-22 18:29:12 +01:00			`return Permission.objects.get_by_natural_key(`
			`app_label='users', model='user', codename='can_manage')`