2024-07-10 13:51:24 +02:00
|
|
|
from typing import TYPE_CHECKING
|
|
|
|
|
2020-12-21 00:07:07 +01:00
|
|
|
from django.contrib.auth import views as auth_views
|
2021-04-26 17:54:07 +02:00
|
|
|
from django.contrib.auth.hashers import make_password
|
2021-09-06 15:38:25 +02:00
|
|
|
from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
|
2021-07-13 02:41:32 +02:00
|
|
|
from django.contrib.auth.models import Permission
|
|
|
|
from django.contrib.messages.views import SuccessMessageMixin
|
2024-07-10 13:51:24 +02:00
|
|
|
from django.db.models import QuerySet
|
2021-07-13 02:41:32 +02:00
|
|
|
from django.urls import reverse, reverse_lazy
|
|
|
|
from django.utils.translation import gettext_lazy as _
|
|
|
|
from django.views.generic import CreateView, FormView, ListView, TemplateView
|
2020-12-21 00:07:07 +01:00
|
|
|
|
2024-07-10 13:51:24 +02:00
|
|
|
from elections.typing import AuthenticatedRequest
|
|
|
|
|
2021-07-13 02:41:32 +02:00
|
|
|
from .forms import ElectionAuthForm, PwdUserForm, UserAdminForm
|
2021-04-26 17:54:07 +02:00
|
|
|
from .utils import generate_password
|
|
|
|
|
2024-07-10 13:51:24 +02:00
|
|
|
if TYPE_CHECKING:
|
|
|
|
from elections.typing import User
|
|
|
|
else:
|
|
|
|
from django.contrib.auth import get_user_model
|
|
|
|
User = get_user_model()
|
2020-12-21 00:07:07 +01:00
|
|
|
|
2021-07-13 02:41:32 +02:00
|
|
|
|
|
|
|
# #############################################################################
|
|
|
|
# Mixin to restrict access to staff members
|
|
|
|
# #############################################################################
|
|
|
|
|
|
|
|
|
|
|
|
class StaffMemberMixin(UserPassesTestMixin):
|
|
|
|
"""
|
|
|
|
Mixin permettant de restreindre l'accès aux membres `staff`, si la personne
|
|
|
|
n'est pas connectée, renvoie sur la page d'authentification
|
|
|
|
"""
|
|
|
|
|
2024-07-10 13:51:24 +02:00
|
|
|
request: AuthenticatedRequest
|
|
|
|
|
2021-07-13 02:41:32 +02:00
|
|
|
def test_func(self):
|
|
|
|
return self.request.user.is_active and self.request.user.is_staff
|
|
|
|
|
|
|
|
|
2021-01-27 13:52:35 +01:00
|
|
|
# #############################################################################
|
|
|
|
# Election Specific Login
|
|
|
|
# #############################################################################
|
2020-12-21 00:07:07 +01:00
|
|
|
|
|
|
|
|
2021-01-27 13:52:35 +01:00
|
|
|
class ElectionLoginView(auth_views.LoginView):
|
|
|
|
template_name = "auth/election_login.html"
|
2020-12-21 00:07:07 +01:00
|
|
|
authentication_form = ElectionAuthForm
|
|
|
|
|
|
|
|
def get_initial(self):
|
2021-01-27 13:52:35 +01:00
|
|
|
return {"election_id": self.kwargs.get("election_id")}
|
2020-12-21 00:07:07 +01:00
|
|
|
|
2021-01-27 13:52:35 +01:00
|
|
|
def get_context_data(self, **kwargs):
|
|
|
|
kwargs.update({"election_id": self.kwargs.get("election_id")})
|
|
|
|
return super().get_context_data(**kwargs)
|
2021-04-26 17:54:07 +02:00
|
|
|
|
|
|
|
|
2021-07-13 02:41:32 +02:00
|
|
|
# #############################################################################
|
|
|
|
# Admin Panel
|
|
|
|
# #############################################################################
|
|
|
|
|
|
|
|
|
|
|
|
class AdminPanelView(StaffMemberMixin, TemplateView):
|
|
|
|
template_name = "auth/admin-panel.html"
|
|
|
|
|
|
|
|
|
2021-04-26 17:54:07 +02:00
|
|
|
# #############################################################################
|
|
|
|
# Creation of Password Accounts
|
|
|
|
# #############################################################################
|
|
|
|
|
|
|
|
|
2021-08-24 23:15:10 +02:00
|
|
|
class CreatePwdAccount(StaffMemberMixin, SuccessMessageMixin, CreateView):
|
2021-04-26 17:54:07 +02:00
|
|
|
model = User
|
|
|
|
form_class = PwdUserForm
|
|
|
|
template_name = "auth/create-user.html"
|
2021-08-24 23:15:10 +02:00
|
|
|
success_url = reverse_lazy("auth.admin")
|
|
|
|
success_message = _("Compte créé avec succès")
|
2021-04-26 17:54:07 +02:00
|
|
|
|
|
|
|
def form_valid(self, form):
|
|
|
|
# On enregistre un mot de passe aléatoire
|
|
|
|
form.instance.password = make_password(generate_password(32))
|
|
|
|
|
|
|
|
return super().form_valid(form)
|
2021-07-13 02:41:32 +02:00
|
|
|
|
|
|
|
|
|
|
|
# #############################################################################
|
|
|
|
# List of password and CAS users
|
|
|
|
# #############################################################################
|
|
|
|
|
|
|
|
|
|
|
|
class AccountListView(StaffMemberMixin, ListView):
|
|
|
|
model = User
|
|
|
|
template_name = "auth/account-list.html"
|
|
|
|
|
|
|
|
def get_context_data(self, **kwargs):
|
|
|
|
ctx = super().get_context_data(**kwargs)
|
2024-07-10 13:51:24 +02:00
|
|
|
qs: QuerySet = self.get_queryset() # pyright: ignore
|
2021-07-13 02:41:32 +02:00
|
|
|
|
|
|
|
ctx["cas_users"] = qs.filter(username__startswith="cas__")
|
|
|
|
ctx["pwd_users"] = qs.filter(username__startswith="pwd__")
|
2021-09-06 15:38:25 +02:00
|
|
|
ctx["e_manager"] = User.objects.with_perm(
|
2022-01-07 23:58:40 +01:00
|
|
|
Permission.objects.get(codename="election_admin"),
|
|
|
|
backend="shared.auth.backends.PwdBackend",
|
2021-09-06 15:38:25 +02:00
|
|
|
)
|
|
|
|
ctx["f_manager"] = User.objects.with_perm(
|
2022-01-07 23:58:40 +01:00
|
|
|
Permission.objects.get(codename="faq_admin"),
|
|
|
|
backend="shared.auth.backends.PwdBackend",
|
2021-09-06 15:38:25 +02:00
|
|
|
)
|
2021-07-13 02:41:32 +02:00
|
|
|
|
|
|
|
return ctx
|
|
|
|
|
|
|
|
|
|
|
|
# #############################################################################
|
|
|
|
# Permission management
|
|
|
|
# #############################################################################
|
|
|
|
|
|
|
|
|
|
|
|
class PermissionManagementView(StaffMemberMixin, SuccessMessageMixin, FormView):
|
|
|
|
form_class = UserAdminForm
|
|
|
|
template_name = "auth/permission-management.html"
|
|
|
|
success_message = _("Permissions modifiées avec succès !")
|
|
|
|
|
|
|
|
def get_context_data(self, **kwargs):
|
|
|
|
kwargs.update({"username": self.request.GET.get("user", None)})
|
|
|
|
return super().get_context_data(**kwargs)
|
|
|
|
|
|
|
|
def get_initial(self):
|
|
|
|
username = self.request.GET.get("user", None)
|
|
|
|
if username is not None:
|
|
|
|
user = User.objects.filter(username=username).first()
|
|
|
|
|
|
|
|
if user is not None:
|
|
|
|
return {
|
|
|
|
"username": username,
|
|
|
|
"full_admin": user.is_staff,
|
|
|
|
"election_admin": user.has_perm("elections.election_admin"),
|
|
|
|
"faq_admin": user.has_perm("faqs.faq_admin"),
|
|
|
|
}
|
|
|
|
|
|
|
|
return {}
|
|
|
|
|
|
|
|
def get_success_url(self):
|
|
|
|
return reverse("auth.permissions") + f"?user={self.user}"
|
|
|
|
|
|
|
|
def form_valid(self, form):
|
|
|
|
user = User.objects.get(username=form.cleaned_data["username"])
|
|
|
|
self.user = user.username
|
|
|
|
|
|
|
|
# Kadenios admin
|
|
|
|
user.is_staff = form.cleaned_data["full_admin"]
|
|
|
|
|
|
|
|
# Election admin
|
2022-01-07 23:58:40 +01:00
|
|
|
election_perm = Permission.objects.get(codename="election_admin")
|
2021-07-13 02:41:32 +02:00
|
|
|
if form.cleaned_data["election_admin"]:
|
2024-07-10 13:51:24 +02:00
|
|
|
election_perm.user_set.add(user) # pyright: ignore
|
2021-07-13 02:41:32 +02:00
|
|
|
else:
|
2024-07-10 13:51:24 +02:00
|
|
|
election_perm.user_set.remove(user) # pyright: ignore
|
2021-07-13 02:41:32 +02:00
|
|
|
|
|
|
|
# FAQ admin
|
2022-01-07 23:58:40 +01:00
|
|
|
faq_perm = Permission.objects.get(codename="faq_admin")
|
2021-07-13 02:41:32 +02:00
|
|
|
if form.cleaned_data["faq_admin"]:
|
2024-07-10 13:51:24 +02:00
|
|
|
faq_perm.user_set.add(user) # pyright: ignore
|
2021-07-13 02:41:32 +02:00
|
|
|
else:
|
2024-07-10 13:51:24 +02:00
|
|
|
faq_perm.user_set.remove(user) # pyright: ignore
|
2021-07-13 02:41:32 +02:00
|
|
|
|
|
|
|
user.save()
|
|
|
|
return super().form_valid(form)
|
2021-09-06 15:38:25 +02:00
|
|
|
|
|
|
|
|
|
|
|
# #############################################################################
|
|
|
|
# List of special accounts
|
|
|
|
# #############################################################################
|
|
|
|
|
|
|
|
|
|
|
|
class AdminAccountsView(LoginRequiredMixin, TemplateView):
|
|
|
|
template_name = "auth/admin-accounts.html"
|
|
|
|
|
|
|
|
def get_context_data(self, **kwargs):
|
|
|
|
ctx = super().get_context_data(**kwargs)
|
|
|
|
|
|
|
|
ctx["admin"] = User.objects.filter(is_staff=True)
|
|
|
|
ctx["e_manager"] = User.objects.with_perm(
|
2022-01-07 23:58:40 +01:00
|
|
|
Permission.objects.get(codename="election_admin"),
|
|
|
|
backend="shared.auth.backends.PwdBackend",
|
2021-09-06 15:38:25 +02:00
|
|
|
)
|
|
|
|
ctx["f_manager"] = User.objects.with_perm(
|
2022-01-07 23:58:40 +01:00
|
|
|
Permission.objects.get(codename="faq_admin"),
|
|
|
|
backend="shared.auth.backends.PwdBackend",
|
2021-09-06 15:38:25 +02:00
|
|
|
)
|
|
|
|
return ctx
|