OpenSlides/openslides/users/models.py

360 lines
11 KiB
Python
Raw Normal View History

import smtplib
from django.conf import settings
from django.contrib.auth.hashers import make_password
2015-09-16 00:55:27 +02:00
from django.contrib.auth.models import (
AbstractBaseUser,
BaseUserManager,
Group as DjangoGroup,
GroupManager as _GroupManager,
2016-08-30 09:16:47 +02:00
Permission,
PermissionsMixin,
)
from django.core import mail
from django.core.exceptions import ObjectDoesNotExist, ValidationError
from django.db import models
2018-10-09 13:44:38 +02:00
from django.db.models import Prefetch
from django.utils import timezone
2017-05-23 14:07:06 +02:00
from jsonfield import JSONField
from ..core.config import config
from ..utils.auth import GROUP_ADMIN_PK
from ..utils.models import CASCADE_AND_AUTOUPDATE, RESTModelMixin
2017-05-23 14:07:06 +02:00
from .access_permissions import (
GroupAccessPermissions,
PersonalNoteAccessPermissions,
UserAccessPermissions,
)
class UserManager(BaseUserManager):
"""
2015-09-16 00:55:27 +02:00
Customized manager that creates new users only with a password and a
2016-09-30 20:42:58 +02:00
username. It also supports our get_full_queryset method.
"""
2019-01-06 16:22:33 +01:00
def get_full_queryset(self):
2016-09-30 20:42:58 +02:00
"""
Returns the normal queryset with all users. In the background all
groups are prefetched from the database together with all permissions
and content types.
2016-09-30 20:42:58 +02:00
"""
2019-01-06 16:22:33 +01:00
return self.get_queryset().prefetch_related(
Prefetch(
"groups",
queryset=Group.objects.select_related("group_ptr").prefetch_related(
Prefetch(
"permissions",
queryset=Permission.objects.select_related("content_type"),
)
),
)
)
2017-03-19 14:46:08 +01:00
def create_user(self, username, password, skip_autoupdate=False, **kwargs):
2015-09-16 00:55:27 +02:00
"""
Creates a new user only with a password and a username.
"""
user = self.model(username=username, **kwargs)
user.set_password(password)
2017-03-19 14:46:08 +01:00
user.save(skip_autoupdate=skip_autoupdate, using=self._db)
return user
2019-03-19 20:26:12 +01:00
def create_or_reset_admin_user(self, skip_autoupdate=False):
"""
2015-09-16 00:55:27 +02:00
Creates an user with the username 'admin'. If such a user already
exists, resets it. The password is (re)set to 'admin'. The user
2018-10-09 13:44:38 +02:00
becomes member of the group 'Admin'.
"""
created = False
try:
2019-01-06 16:22:33 +01:00
admin = self.get(username="admin")
except ObjectDoesNotExist:
2019-01-06 16:22:33 +01:00
admin = self.model(username="admin", last_name="Administrator")
created = True
2019-01-06 16:22:33 +01:00
admin.default_password = "admin"
admin.password = make_password(admin.default_password)
2019-03-19 20:26:12 +01:00
admin.save(skip_autoupdate=skip_autoupdate)
2018-10-09 13:44:38 +02:00
admin.groups.add(GROUP_ADMIN_PK)
return created
def generate_username(self, first_name, last_name):
"""
Generates a username from first name and last name.
"""
first_name = first_name.strip()
last_name = last_name.strip()
if first_name and last_name:
2019-01-06 16:22:33 +01:00
base_name = " ".join((first_name, last_name))
else:
base_name = first_name or last_name
if not base_name:
2019-01-06 16:22:33 +01:00
raise ValueError(
"Either 'first_name' or 'last_name' must not be " "empty."
)
if not self.filter(username=base_name).exists():
generated_username = base_name
else:
counter = 0
while True:
counter += 1
2019-01-12 23:01:42 +01:00
test_name = f"{base_name} {counter}"
if not self.filter(username=test_name).exists():
generated_username = test_name
break
return generated_username
2015-06-29 13:31:07 +02:00
class User(RESTModelMixin, PermissionsMixin, AbstractBaseUser):
"""
2015-09-16 00:55:27 +02:00
Model for users in OpenSlides. A client can login as an user with
credentials. An user can also just be used as representation for a person
in other OpenSlides apps like motion submitter or (assignment) election
candidates.
"""
2019-01-06 16:22:33 +01:00
access_permissions = UserAccessPermissions()
2019-01-06 16:22:33 +01:00
USERNAME_FIELD = "username"
2019-01-06 16:22:33 +01:00
username = models.CharField(max_length=255, unique=True, blank=True)
2019-01-06 16:22:33 +01:00
first_name = models.CharField(max_length=255, blank=True)
2019-01-06 16:22:33 +01:00
last_name = models.CharField(max_length=255, blank=True)
2015-09-16 00:55:27 +02:00
2019-01-18 17:58:45 +01:00
gender = models.CharField(max_length=255, blank=True)
email = models.EmailField(blank=True)
2019-01-06 16:22:33 +01:00
last_email_send = models.DateTimeField(blank=True, null=True)
2015-09-16 00:55:27 +02:00
# TODO: Try to remove the default argument in the following fields.
2019-01-06 16:22:33 +01:00
structure_level = models.CharField(max_length=255, blank=True, default="")
2019-01-06 16:22:33 +01:00
title = models.CharField(max_length=50, blank=True, default="")
2019-01-06 16:22:33 +01:00
number = models.CharField(max_length=50, blank=True, default="")
2019-01-06 16:22:33 +01:00
about_me = models.TextField(blank=True, default="")
2019-01-06 16:22:33 +01:00
comment = models.TextField(blank=True, default="")
2019-01-06 16:22:33 +01:00
default_password = models.CharField(max_length=100, blank=True, default="")
2019-01-06 16:22:33 +01:00
is_active = models.BooleanField(default=True)
2019-01-06 16:22:33 +01:00
is_present = models.BooleanField(default=False)
2019-01-06 16:22:33 +01:00
is_committee = models.BooleanField(default=False)
objects = UserManager()
class Meta:
2015-12-10 00:20:59 +01:00
default_permissions = ()
permissions = (
2019-01-06 16:22:33 +01:00
("can_see_name", "Can see names of users"),
(
"can_see_extra_data",
"Can see extra data of users (e.g. present and comment)",
),
2019-01-19 09:52:13 +01:00
("can_change_password", "Can change its own password"),
2019-01-06 16:22:33 +01:00
("can_manage", "Can manage users"),
)
2019-01-06 16:22:33 +01:00
ordering = ("last_name", "first_name", "username")
def __str__(self):
# Strip white spaces from the name parts
first_name = self.first_name.strip()
last_name = self.last_name.strip()
# The user has a last_name and a first_name
if first_name and last_name:
2019-01-06 16:22:33 +01:00
name = " ".join((self.first_name, self.last_name))
# The user has only a first_name or a last_name or no name
else:
name = first_name or last_name or self.username
2015-09-16 00:55:27 +02:00
# Return result
return name
def save(self, *args, **kwargs):
"""
Overridden method to skip autoupdate if only last_login field was
updated as it is done during login.
"""
2019-01-06 16:22:33 +01:00
if kwargs.get("update_fields") == ["last_login"]:
kwargs["skip_autoupdate"] = True
return super().save(*args, **kwargs)
2017-01-26 21:15:35 +01:00
def has_perm(self, perm):
"""
This method is closed. Do not use it but use openslides.utils.auth.has_perm.
"""
2019-01-06 16:22:33 +01:00
raise RuntimeError(
"Do not use user.has_perm() but use openslides.utils.auth.has_perm"
)
2017-01-26 21:15:35 +01:00
2019-01-06 16:22:33 +01:00
def send_invitation_email(
self, connection, subject, message, skip_autoupdate=False
):
"""
Sends an invitation email to the users. Returns True on success, False on failiure.
May raise an ValidationError, if something went wrong.
"""
if not self.email:
return False
# Custom dict class that for formatstrings with entries like {not_existent}
# no error is raised and this is replaced with ''.
class format_dict(dict):
def __missing__(self, key):
2019-01-06 16:22:33 +01:00
return ""
message_format = format_dict(
{
"name": str(self),
"event_name": config["general_event_name"],
"url": config["users_pdf_url"],
"username": self.username,
"password": self.default_password,
}
)
try:
message = message.format(**message_format)
except KeyError as err:
raise ValidationError({"detail": "Invalid property {0}", "args": [err]})
subject_format = format_dict(
{"event_name": config["general_event_name"], "username": self.username}
)
try:
subject = subject.format(**subject_format)
except KeyError as err:
raise ValidationError({"detail": "Invalid property {0}", "args": [err]})
# Create an email and send it.
2019-01-06 16:22:33 +01:00
email = mail.EmailMessage(
subject,
message,
config["users_email_sender"] + " <" + settings.DEFAULT_FROM_EMAIL + ">",
[self.email],
reply_to=[config["users_email_replyto"]],
2019-01-06 16:22:33 +01:00
)
try:
count = connection.send_messages([email])
except smtplib.SMTPDataError as e:
error = e.smtp_code
2019-01-06 16:22:33 +01:00
helptext = ""
2019-04-02 16:08:52 +02:00
if error == 554: # The server does not accept our connection. The code is
# something like "transaction failed" or "No SMTP service here"
2019-01-06 16:22:33 +01:00
helptext = " Is the email sender correct?"
connection.close()
2019-01-06 16:22:33 +01:00
raise ValidationError(
{
"detail": "Error {0}. Cannot send email.{1}",
"args": [error, helptext],
}
2019-01-06 16:22:33 +01:00
)
except smtplib.SMTPRecipientsRefused:
pass # Run into returning false later
2019-04-02 16:08:52 +02:00
except smtplib.SMTPAuthenticationError as e:
# Nice error message on auth failure
raise ValidationError(
{
"detail": "Error {0}: Authentication failure. Please contact your local administrator.",
"args": [e.smtp_code],
2019-04-02 16:08:52 +02:00
}
)
else:
if count == 1:
self.email_send = True
self.last_email_send = timezone.now()
self.save(skip_autoupdate=skip_autoupdate)
return True
return False
@property
def session_auth_hash(self):
"""
Returns the session auth hash of a user as attribute.
Needed for the django rest framework.
"""
return self.get_session_auth_hash()
2017-08-23 20:51:06 +02:00
class GroupManager(_GroupManager):
"""
Customized manager that supports our get_full_queryset method.
"""
2019-01-06 16:22:33 +01:00
def get_full_queryset(self):
"""
Returns the normal queryset with all groups. In the background all
permissions with the content types are prefetched from the database.
"""
2019-01-06 16:22:33 +01:00
return (
self.get_queryset()
.select_related("group_ptr")
.prefetch_related(
Prefetch(
"permissions",
queryset=Permission.objects.select_related("content_type"),
)
)
)
class Group(RESTModelMixin, DjangoGroup):
"""
Extend the django group with support of our REST and caching system.
"""
2019-01-06 16:22:33 +01:00
access_permissions = GroupAccessPermissions()
objects = GroupManager()
class Meta:
default_permissions = ()
2017-05-23 14:07:06 +02:00
class PersonalNoteManager(models.Manager):
"""
Customized model manager to support our get_full_queryset method.
"""
2019-01-06 16:22:33 +01:00
2017-05-23 14:07:06 +02:00
def get_full_queryset(self):
"""
Returns the normal queryset with all personal notes. In the background all
users are prefetched from the database.
"""
2019-01-06 16:22:33 +01:00
return self.get_queryset().select_related("user")
2017-05-23 14:07:06 +02:00
class PersonalNote(RESTModelMixin, models.Model):
"""
Model for personal notes (e. g. likes/stars) of a user concerning different
openslides objects like motions.
"""
2019-01-06 16:22:33 +01:00
2017-05-23 14:07:06 +02:00
access_permissions = PersonalNoteAccessPermissions()
personalized_model = True
"""
Each model belongs to one user. This relation is set during creation and
will not be changed.
"""
2017-05-23 14:07:06 +02:00
objects = PersonalNoteManager()
user = models.OneToOneField(User, on_delete=CASCADE_AND_AUTOUPDATE)
2017-05-23 14:07:06 +02:00
notes = JSONField()
class Meta:
default_permissions = ()