Merge branch 'dev' of github.com:srct/go into dev

6ac548f3 · Jean Michel Rouly · aa3fd4df · 27088b47 · 6ac548f3 · 6ac548f3
Commit 6ac548f3 authored Aug 30, 2014 by Jean Michel Rouly
--- a/go/go/forms.py
+++ b/go/go/forms.py
 from django import forms
-from go.models import URL
+from go.models import URL, RegisteredUser
 from django.core.validators import MinLengthValidator, MinValueValidator, RegexValidator
 from django.core.exceptions import ValidationError
 from captcha.fields import CaptchaField
@@ -64,11 +64,20 @@ class URLForm( forms.ModelForm ):
        }


-class SignupForm( forms.Form ):
+class SignupForm( forms.ModelForm ):
+
+    def validate_username(username):
+        try:
+            registered = RegisteredUser.objects.get(username=username)
+            raise ValidationError('Username "%s" is already in use.' % username)
+        except RegisteredUser.DoesNotExist:
+            return
+
    username = forms.CharField(
        required = True,
-        label = 'Username',
+        label = 'Mason NetID',
        max_length = 30,
+        validators=[validate_username],
        widget = forms.TextInput(attrs={
        }),
    )
@@ -87,3 +96,6 @@ class SignupForm( forms.Form ):
        }),
    )
    captcha = CaptchaField()
+
+    class Meta:
+        model = RegisteredUser
--- a/go/go/migrations/0007_auto__add_field_registereduser_approved.py
+++ b/go/go/migrations/0007_auto__add_field_registereduser_approved.py
+# -*- coding: utf-8 -*-
+from south.utils import datetime_utils as datetime
+from south.db import db
+from south.v2 import SchemaMigration
+from django.db import models
+
+
+class Migration(SchemaMigration):
+
+    def forwards(self, orm):
+        # Adding field 'RegisteredUser.approved'
+        db.add_column(u'go_registereduser', 'approved',
+                      self.gf('django.db.models.fields.BooleanField')(default=True),
+                      keep_default=False)
+
+
+    def backwards(self, orm):
+        # Deleting field 'RegisteredUser.approved'
+        db.delete_column(u'go_registereduser', 'approved')
+
+
+    models = {
+        u'auth.group': {
+            'Meta': {'object_name': 'Group'},
+            u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+            'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '80'}),
+            'permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': u"orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'})
+        },
+        u'auth.permission': {
+            'Meta': {'ordering': "(u'content_type__app_label', u'content_type__model', u'codename')", 'unique_together': "((u'content_type', u'codename'),)", 'object_name': 'Permission'},
+            'codename': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
+            'content_type': ('django.db.models.fields.related.ForeignKey', [], {'to': u"orm['contenttypes.ContentType']"}),
+            u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+            'name': ('django.db.models.fields.CharField', [], {'max_length': '50'})
+        },
+        u'auth.user': {
+            'Meta': {'object_name': 'User'},
+            'date_joined': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),
+            'email': ('django.db.models.fields.EmailField', [], {'max_length': '75', 'blank': 'True'}),
+            'first_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),
+            'groups': ('django.db.models.fields.related.ManyToManyField', [], {'symmetrical': 'False', 'related_name': "u'user_set'", 'blank': 'True', 'to': u"orm['auth.Group']"}),
+            u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+            'is_active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}),
+            'is_staff': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
+            'is_superuser': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
+            'last_login': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),
+            'last_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),
+            'password': ('django.db.models.fields.CharField', [], {'max_length': '128'}),
+            'user_permissions': ('django.db.models.fields.related.ManyToManyField', [], {'symmetrical': 'False', 'related_name': "u'user_set'", 'blank': 'True', 'to': u"orm['auth.Permission']"}),
+            'username': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '30'})
+        },
+        u'contenttypes.contenttype': {
+            'Meta': {'ordering': "('name',)", 'unique_together': "(('app_label', 'model'),)", 'object_name': 'ContentType', 'db_table': "'django_content_type'"},
+            'app_label': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
+            u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+            'model': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
+            'name': ('django.db.models.fields.CharField', [], {'max_length': '100'})
+        },
+        u'go.registereduser': {
+            'Meta': {'object_name': 'RegisteredUser'},
+            'approved': ('django.db.models.fields.BooleanField', [], {}),
+            'description': ('django.db.models.fields.TextField', [], {'blank': 'True'}),
+            'full_name': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
+            'username': ('django.db.models.fields.CharField', [], {'max_length': '30', 'primary_key': 'True'})
+        },
+        u'go.url': {
+            'Meta': {'ordering': "['short']", 'object_name': 'URL'},
+            'clicks': ('django.db.models.fields.IntegerField', [], {'default': '0'}),
+            'date_created': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime(2014, 8, 28, 0, 0)'}),
+            'expires': ('django.db.models.fields.DateTimeField', [], {'null': 'True', 'blank': 'True'}),
+            'owner': ('django.db.models.fields.related.ForeignKey', [], {'to': u"orm['auth.User']"}),
+            'short': ('django.db.models.fields.CharField', [], {'max_length': '20', 'primary_key': 'True'}),
+            'target': ('django.db.models.fields.URLField', [], {'max_length': '1000'})
+        }
+    }
+
+    complete_apps = ['go']
\ No newline at end of file
--- a/go/go/models.py
+++ b/go/go/models.py
@@ -66,6 +66,8 @@ class RegisteredUser( models.Model ):

    description = models.TextField( blank=True )

+    approved = models.BooleanField()
+
    def __unicode__(self):
-        return '<Registered User: %s>' % self.username
+        return '<Registered User: %s - Approval Status: %s>' % (self.username, self.approved)

--- a/go/go/templates/about.html
+++ b/go/go/templates/about.html
@@ -17,8 +17,17 @@ ULife groups, and student organizations. Access is moderated by SRCT
 administrators.
 </p>

+{% if user.is_authenticated %}
 <p>
 You can <a href="{% url 'signup' %}">sign up</a> for use.
 <br/><br/>
 </p>
+{% else %}
+<p>
+Please <a href="{% url 'go_login' %}">log in</a> in order to submit an access
+request.
+<br/><br/>
+</p>
+{% endif %}
+
 {% endblock %}
--- a/go/go/templates/adminpanel.html
+++ b/go/go/templates/adminpanel.html
+{% extends 'base.html' %}
+
+
+{% block title %}
+Go - Administration Panel
+{% endblock %}
+
+
+{% block content %}
+</p>
+Users awaiting moderation:
+{% for unapproved in need_approval %}
+    <p>
+    Username: {{ unapproved.username }} 
+    <br />
+    Full name: {{ unapproved.full_name }}
+    <br />
+    Description: {{ unapproved.description|default_if_none:"No description provided" }}
+    </p>
+    <form method="post" action="adminpanel">{% csrf_token %}
+    	<input type="hidden" name="username" value={{ unapproved.username }}>
+        <input type="submit" name="_approve" value="Approve">
+        <input type="submit" name="_deny" value="Deny">
+    </form>
+{% empty %}
+    <p>
+    No users awaiting moderation.
+    </p>
+{% endfor %}
+
+{% endblock %}
--- a/go/go/templates/login.html
+++ b/go/go/templates/login.html
@@ -17,14 +17,14 @@ Go - Login
 action="{% url 'django.contrib.auth.views.login' %}">
 {% csrf_token %}

-  <label for="username">Username</label>
+  <label for="username">Mason NetID</label>
  <br/>
  {% for error in form.username.errors %}
  <p class="error">{{ error }}</p>
  {% empty %}
  <br/>
  {% endfor %}
-  <input type="text" id="username" name="username" placeholder="Username"
+  <input type="text" id="username" name="username" placeholder="Mason NetID"
  {% if form.username.errors %} class="error"{% endif %} />
  <br/><br/>

@@ -43,7 +43,7 @@ action="{% url 'django.contrib.auth.views.login' %}">

 </form>

-<p>You must be <a href="{% url 'signup' %}">registered</a> to use this
-service.</p>
+<p>You must be registered to use this service. Please log in in order to
+submit a registration request.</p>

 {% endblock %}
--- a/go/go/templates/navbar.html
+++ b/go/go/templates/navbar.html
@@ -2,6 +2,9 @@
  [ <a href="{% url 'about' %}">What is Go?</a>  ]
  {% if user.is_authenticated %}
  | [ <a href="{% url 'my_links' %}">My Links</a> ]
+  {% if user.is_staff %}
+  | [ <a href="{% url 'adminpanel' %}">Administration</a> ]
+  {% endif %}
  | [ <a href="{% url 'go_logout' %}">Log Out</a> ]
  {% else %}
  | [ <a href="{% url 'go_login' %}">Log In</a> ]

--- a/go/go/views.py
+++ b/go/go/views.py
@@ -5,9 +5,10 @@ from django.conf import settings
 from django.http import Http404, HttpResponseServerError
 from django.utils import timezone
 from django.contrib.auth.models import User
-from django.core.exceptions import PermissionDenied
+from django.core.exceptions import PermissionDenied, ValidationError
 from django.core.mail import send_mail
-from django.contrib.auth.decorators import login_required
+from django.contrib.auth import REDIRECT_FIELD_NAME
+from django.contrib.auth.decorators import user_passes_test, login_required
 from django.shortcuts import render, get_object_or_404, redirect
 import os

@@ -26,7 +27,7 @@ def is_registered( user ):

    try:
        registered = RegisteredUser.objects.get( username=user.username )
-        return True
+        return registered.approved
    except RegisteredUser.DoesNotExist:
        return False

@@ -179,6 +180,7 @@ def delete(request, short):
        raise PermissionDenied()


+@login_required
 def signup(request):
    """
    This view presents the user with a registration form. You can register
@@ -186,14 +188,14 @@ def signup(request):

    """

-    form = SignupForm()
+    signup_form = SignupForm()

    if request.method == 'POST':
-        form = SignupForm( request.POST )
-        if form.is_valid():
-            username = form.cleaned_data.get('username')
-            full_name = form.cleaned_data.get('full_name')
-            description = form.cleaned_data.get('description')
+        signup_form = SignupForm(request.POST, initial={'approved': False})
+        if signup_form.is_valid():
+            username = signup_form.cleaned_data.get('username')
+            full_name = signup_form.cleaned_data.get('full_name')
+            description = signup_form.cleaned_data.get('description')

            send_mail('Signup from %s' % (username), '%s signed up at %s\n'
                'Username: %s\nMessage: %s\nPlease attend to this request at '
@@ -201,10 +203,12 @@ def signup(request):
                str(timezone.now()).strip(), str(username), str(description)),
                settings.EMAIL_FROM, [settings.EMAIL_TO])

+            signup_form.save()
+
            return redirect('registered')

    return render(request, 'signup.html', {
-        'form': form,
+        'form': signup_form,
    },
    )

@@ -225,13 +229,52 @@ def redirection(request, short):

    from piwikapi.tracking import PiwikTracker
    from django.conf import settings
-    piwiktracker = PiwikTracker(settings.PIWIK_SITE_ID, request)
-    piwiktracker.set_api_url(settings.PIWIK_URL)
-    piwiktracker.do_track_page_view('Redirect to %s' % url.target)
+    # First, if PIWIK variables are undefined, don't try to push
+    if settings.PIWIK_SITE_ID is not "" and settings.PIWIK_URL is not "":
+        try:
+            piwiktracker = PiwikTracker(settings.PIWIK_SITE_ID, request)
+            piwiktracker.set_api_url(settings.PIWIK_URL)
+            piwiktracker.do_track_page_view('Redirect to %s' % url.target)
+        # Second, if we do get an error, don't let that keep us from redirecting
+        except:
+            pass

    return redirect( url.target )


+def staff_member_required(view_func, redirect_field_name=REDIRECT_FIELD_NAME, login_url='about'):
+    """
+    Decorator for views that checks that the user is logged in and is a staff
+    member, displaying the login page if necessary.
+    """
+    return user_passes_test(
+        lambda u: u.is_active and u.is_staff,
+        login_url=login_url,
+        redirect_field_name=redirect_field_name
+    )(view_func)
+
+
+@staff_member_required
+def adminpanel(request):
+    """
+    This view is a simplified admin panel, so that staff don't need to log in
+    to approve links
+    """
+    if request.POST:
+        if '_approve' in request.POST:
+            toapprove = RegisteredUser.objects.get(username=request.POST['username'])
+            toapprove.approved = True
+            toapprove.save()
+        elif '_deny' in request.POST:
+            todeny = RegisteredUser.objects.get(username=request.POST['username'])
+            todeny.delete()
+    need_approval = RegisteredUser.objects.filter(approved=False)
+    return render(request, 'adminpanel.html',{
+        'need_approval': need_approval
+    },
+    )
+
+
 ##############################################################################
 """
 Define static user views here.

--- a/go/settings/urls.py
+++ b/go/settings/urls.py
@@ -31,6 +31,9 @@ urlpatterns = patterns('go.views',

    # /admin - Administrator interface.
    url(r'^admin/?', include(admin.site.urls)),
+
+    # /adminpanel - light admin interface
+    url(r'^adminpanel/?$', 'adminpanel', name='adminpanel'),
 )

 urlpatterns += patterns('django.contrib.auth.views',