views.py 24.7 KB
Newer Older
1 2 3 4
"""
go/views.py
"""

5
# Future Imports
6 7
from __future__ import (absolute_import, division, print_function,
                        unicode_literals)
8

David Haynes's avatar
David Haynes committed
9 10 11
# Python stdlib imports
from datetime import timedelta

12
# Django Imports
13
from django.conf import settings
14 15 16 17
from django.contrib.auth import REDIRECT_FIELD_NAME
from django.contrib.auth.decorators import login_required, user_passes_test
from django.core.exceptions import PermissionDenied  # ValidationError
from django.core.mail import EmailMessage, send_mail
18
from django.http import HttpResponseServerError  # Http404
19
from django.http import HttpResponseRedirect
20
from django.shortcuts import get_object_or_404, redirect, render
21
from django.utils import timezone
David Haynes's avatar
David Haynes committed
22 23

# Other imports
24
from ratelimit.decorators import ratelimit
25

26
# App Imports
27 28
from .forms import SignupForm, URLForm, EditForm
from .models import URL, RegisteredUser
29

30

David Haynes's avatar
David Haynes committed
31
def index(request):
32 33 34 35 36 37 38 39 40 41 42 43 44
    """
    If a user is logged in, this view displays all the information about all
    of their URLs. Otherwise, it will show the public landing page
    """

    # If the user is not authenticated, show them a public landing page.
    if not request.user.is_authenticated():
        return render(request, 'public_landing.html')
    # Do not display this page to unapproved users
    if not request.user.registereduser.approved:
        return render(request, 'not_registered.html')

    # Get the current domain info
45
    domain = "%ss://%s" % (request.scheme, request.META.get('HTTP_HOST')) + "/"
46 47 48 49

    # Grab a list of all the URL's that are currently owned by the user
    urls = URL.objects.filter(owner=request.user.registereduser)

50
    # Render my_links passing the list of URL's and Domain to the template
51 52 53 54
    return render(request, 'core/index.html', {
        'urls': urls,
        'domain': domain,
    })
55

56
@login_required
Zach Knox's avatar
Zach Knox committed
57
def new_link(request):
58
    """
David Haynes's avatar
David Haynes committed
59
    This view handles the homepage that the user is presented with when
60
    they request '/newLink'. If they're not logged in, they're redirected to
David Haynes's avatar
David Haynes committed
61 62 63
    login. If they're logged in but not registered, they're given the
    not_registered error page. If they are logged in AND registered, they
    get the URL registration form.
64 65
    """

David Haynes's avatar
David Haynes committed
66
    # If the user isn't approved, then display the you're not approved page.
67
    if not request.user.registereduser.approved:
68
        if request.user.registereduser.blocked:
Zach Osman's avatar
Zach Osman committed
69
            return render(request, 'banned.html')
70
        else:
Zach Osman's avatar
Zach Osman committed
71
            return render(request, 'not_registered.html')
72

73

David Haynes's avatar
David Haynes committed
74
    # Initialize a URL form
75
    url_form = URLForm(host=request.META.get('HTTP_HOST'))  # unbound form
76

David Haynes's avatar
David Haynes committed
77 78
    # If a POST request is received, then the user has submitted a form and it's
    # time to parse the form and create a new URL object
79
    if request.method == 'POST':
80 81
        # Now we initialize the form again but this time we have the POST
        # request
82
        url_form = URLForm(request.POST, host=request.META.get('HTTP_HOST'))
83 84 85

        # Django will check the form to make sure it's valid
        if url_form.is_valid():
86
            # Call our post method to assemble our new URL object
87
            res = post(request, url_form)
88

89 90
            # If there is a 500 error returned, handle it
            if res == 500:
91
                return HttpResponseServerError(render(request, '500.html'))
92

93
            # Redirect to the shiny new URL
94
            return redirect('view', res.short)
95

96 97 98
        # Else, there is an error, redisplay the form with the validation errors
        else:
            # Render index.html passing the form to the template
99
            return render(request, 'core/new_link.html', {
100
                'form': url_form,
101
            })
102

103

David Haynes's avatar
David Haynes committed
104
    # Render index.html passing the form to the template
Zach Knox's avatar
Zach Knox committed
105
    return render(request, 'core/new_link.html', {
106
        'form': url_form,
107
    })
Jean Michel Rouly's avatar
Jean Michel Rouly committed
108

109
@login_required
Zach Knox's avatar
Zach Knox committed
110
def my_links(request):
111 112 113 114 115 116 117 118 119 120
    """
    for compatibility, just in case
    shows the same thing as /, but requires login to be consistent with
    /newLink
    """
    if not request.user.registereduser.approved:
        if request.user.registereduser.blocked:
            return render(request, 'banned.html')
        else:
            return render(request, 'not_registered.html')
Zach Knox's avatar
Zach Knox committed
121 122
    return index(request)

David Haynes's avatar
David Haynes committed
123
# Rate limits are completely arbitrary
124 125
@ratelimit(key='user', rate='3/m', method='POST', block=True)
@ratelimit(key='user', rate='25/d', method='POST', block=True)
126
def post(request, url_form):
127
    """
128
    Helper function that handles POST requests for the URL creation
129 130
    """

131 132
    # We don't commit the url object yet because we need to add its
    # owner, and parse its date field.
133
    url = url_form.save(commit=False)
134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151
    url.owner = request.user.registereduser

    # If the user entered a short url, it's already been validated,
    # so accept it. If they did not, however, then generate a
    # random one and use that instead.
    short = url_form.cleaned_data.get('short').strip()

    # Check if a short URL was entered
    if len(short) > 0:
        url.short = short
    else:
        # If the user didn't enter a short url, generate a random
        # one. However, if a random one can't be generated, return
        # a 500 server error.
        random_short = URL.generate_valid_short()

        if random_short is None:
            return 500
152
        else:
153 154 155 156 157 158 159 160 161
            url.short = random_short

    # Grab the expiration field value. It's currently an unsable
    # string value, so we need to parse it into a datetime object
    # relative to right now.
    expires = url_form.cleaned_data.get('expires')

    # Determine what the expiration date is
    if expires == URLForm.DAY:
162
        url.expires = timezone.now() + timedelta(days=1)
163
    elif expires == URLForm.WEEK:
164
        url.expires = timezone.now() + timedelta(weeks=1)
165
    elif expires == URLForm.MONTH:
166
        url.expires = timezone.now() + timedelta(weeks=3)
167 168 169 170 171 172 173 174 175 176
    elif expires == URLForm.CUSTOM:
        url.expires = url_form.cleaned_data.get('expires_custom')
    else:
        pass  # leave the field NULL

    # Make sure that our new URL object is clean, then save it and
    # let's redirect to view this baby.
    url.full_clean()
    url.save()
    return url
177

David Haynes's avatar
David Haynes committed
178
def view(request, short):
179
    """
180 181
    This view allows the user to "view details" about a URL. Note that they
    do not need to be logged in to view this information.
182
    """
183

David Haynes's avatar
David Haynes committed
184
    # Get the current domain info
185
    domain = "%ss://%s" % (request.scheme, request.META.get('HTTP_HOST')) + "/"
186

David Haynes's avatar
David Haynes committed
187
    # Get the URL that is being requested
188
    url = get_object_or_404(URL, short__iexact=short)
189

David Haynes's avatar
David Haynes committed
190
    # Render view.html passing the specified URL and Domain to the template
191
    return render(request, 'view.html', {
192
        'url': url,
193
        'domain': domain,
194
    })
195

David Haynes's avatar
David Haynes committed
196
@login_required
197
def edit(request, short):
198
    """
199 200 201
    This view allows a logged in user to edit the details of a Go link that they
    own. They can modify any value that they wish. If `short` is modified then
    we will need to create a new link and copy over stats from the previous.
202
    """
203

204
    # Do not allow unapproved users to edit links
205
    if not request.user.registereduser.approved:
206 207 208 209
        if request.user.registereduser.blocked:
            return render(request, 'banned.html')
        else:
            return render(request, 'not_registered.html')
210

211

212 213
    # Get the URL that is going to be edited
    url = get_object_or_404(URL, short__iexact=short)
David Haynes's avatar
David Haynes committed
214

215 216
    # If the RegisteredUser is the owner of the URL
    if url.owner == request.user.registereduser:
217

218 219 220 221 222
        # If a POST request is received, then the user has submitted a form and it's
        # time to parse the form and edit that URL object
        if request.method == 'POST':
            # Now we initialize the form again but this time we have the POST
            # request
223
            url_form = EditForm(request.POST, host=request.META.get('HTTP_HOST'))
224

225 226 227 228 229
            # Make a copy of the old URL
            copy = url
            # Remove the old one
            url.delete()

230 231
            # Django will check the form to make sure it's valid
            if url_form.is_valid():
David Haynes's avatar
David Haynes committed
232 233
                # If the short changed then we need to create a new object and
                # migrate some data over
234
                if url_form.cleaned_data.get('short').strip() != copy.short:
David Haynes's avatar
David Haynes committed
235 236 237 238 239 240 241 242 243 244
                    # Parse the form and create a new URL object
                    res = post(request, url_form)

                    # If there is a 500 error returned, handle it
                    if res == 500:
                        return HttpResponseServerError(render(request, '500.html'))

                    # We can procede with the editing process
                    else:
                        # Migrate clicks data
245
                        res.clicks = copy.clicks
David Haynes's avatar
David Haynes committed
246 247
                        res.qrclicks = copy.qrclicks
                        res.socialclicks = copy.socialclicks
David Haynes's avatar
David Haynes committed
248 249 250 251 252 253 254 255 256

                        # Save the new URL
                        res.save()

                        # Redirect to the shiny new *edited URL
                        return redirect('view', res.short)

                # The short was not edited and thus, we can directly edit the url
                else:
257 258 259
                    if url_form.cleaned_data.get('target').strip() != copy.target:
                        copy.target = url_form.cleaned_data.get('target').strip()
                        copy.save()
David Haynes's avatar
David Haynes committed
260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277

                    # Grab the expiration field value. It's currently an unsable
                    # string value, so we need to parse it into a datetime object
                    # relative to right now.
                    expires = url_form.cleaned_data.get('expires')

                    # Determine what the expiration date is
                    if expires == URLForm.DAY:
                        edited_expires = timezone.now() + timedelta(days=1)
                    elif expires == URLForm.WEEK:
                        edited_expires = timezone.now() + timedelta(weeks=1)
                    elif expires == URLForm.MONTH:
                        edited_expires = timezone.now() + timedelta(weeks=3)
                    elif expires == URLForm.CUSTOM:
                        edited_expires = url_form.cleaned_data.get('expires_custom')
                    else:
                        pass  # leave the field NULL

278 279 280
                    if edited_expires != copy.expires:
                        copy.expires = edited_expires
                        copy.save()
David Haynes's avatar
David Haynes committed
281 282

                    # Redirect to the shiny new *edited URL
283
                    return redirect('view', copy.short)
284 285 286 287 288 289 290 291

            # Else, there is an error, redisplay the form with the validation errors
            else:
                # Render index.html passing the form to the template
                return render(request, 'core/edit_link.html', {
                    'form': url_form
                })
        else:
292 293 294
            # Initial data set here
            if url.expires != None:
                # Initialize a URL form with an expire date
295
                url_form = EditForm(host=request.META.get('HTTP_HOST'), initial={
296 297 298 299 300 301 302
                    'target': url.target,
                    'short': url.short,
                    'expires': 'Custom Date',
                    'expires_custom': url.expires
                })  # unbound form
            else:
                # Initialize a URL form without an expire date
303
                url_form = EditForm(host=request.META.get('HTTP_HOST'), initial={
304 305 306 307 308
                    'target': url.target,
                    'short': url.short,
                    'expires': 'Never',
                })  # unbound form

309 310 311 312
            # Render index.html passing the form to the template
            return render(request, 'core/edit_link.html', {
                'form': url_form
            })
313 314 315
    else:
        # do not allow them to edit
        raise PermissionDenied()
316

David Haynes's avatar
David Haynes committed
317

David Haynes's avatar
David Haynes committed
318 319
@login_required
def delete(request, short):
320
    """
David Haynes's avatar
David Haynes committed
321 322
    This view deletes a URL if you have the permission to. User must be
    logged in and registered, and must also be the owner of the URL.
323
    """
David Haynes's avatar
David Haynes committed
324
    # Do not allow unapproved users to delete links
325
    if not request.user.registereduser.approved:
326
        return render(request, 'not_registered.html')
327

David Haynes's avatar
David Haynes committed
328
    # Get the URL that is going to be deleted
329
    url = get_object_or_404(URL, short__iexact=short)
David Haynes's avatar
David Haynes committed
330 331

    # If the RegisteredUser is the owner of the URL
David Haynes's avatar
David Haynes committed
332
    if url.owner == request.user.registereduser:
David Haynes's avatar
David Haynes committed
333 334 335 336
        # remove the URL
        url.delete()
        # redirect to my_links
        return redirect('my_links')
337
    else:
David Haynes's avatar
David Haynes committed
338
        # do not allow them to delete
339
        raise PermissionDenied()
340

341
@login_required
Jean Michel Rouly's avatar
Jean Michel Rouly committed
342
def signup(request):
343
    """
344 345
    This view presents the user with a registration form. You can register
    yourself.
346 347
    """

348
    # Do not display signup page to registered or approved users
349
    if request.user.registereduser.blocked:
350
        return render(request, 'banned.html')
351
    elif request.user.registereduser.approved:
David Haynes's avatar
David Haynes committed
352
        return redirect('/')
353
    elif request.user.registereduser.registered:
David Haynes's avatar
David Haynes committed
354
        return redirect('registered')
355

David Haynes's avatar
David Haynes committed
356
    # Initialize our signup form
357 358 359 360 361 362
    signup_form = SignupForm(
        request,
        initial={
            'full_name': request.user.first_name + " " + request.user.last_name
        }
    )
David Haynes's avatar
David Haynes committed
363 364

    # Set the full_name field to readonly since CAS will fill that in for them
365
    signup_form.fields['full_name'].widget.attrs['readonly'] = 'readonly'
366

David Haynes's avatar
David Haynes committed
367 368
    # If a POST request is received, then the user has submitted a form and it's
    # time to parse the form and create a new RegisteredUser
369
    if request.method == 'POST':
David Haynes's avatar
David Haynes committed
370 371
        # Now we initialize the form again but this time we have the POST
        # request
372 373 374 375 376 377
        signup_form = SignupForm(
            request, request.POST, instance=request.user.registereduser,
            initial={
                'full_name': request.user.first_name + " " + request.user.last_name
            }
        )
David Haynes's avatar
David Haynes committed
378 379

        # set the readonly flag again for good measure
380
        signup_form.fields['full_name'].widget.attrs['readonly'] = 'readonly'
381

David Haynes's avatar
David Haynes committed
382
        # Django will check the form to make sure it's valid
383
        if signup_form.is_valid():
David Haynes's avatar
David Haynes committed
384
            # Grab data from the form and store into variables
385
            description = signup_form.cleaned_data.get('description')
386
            full_name = signup_form.cleaned_data.get('full_name')
387
            organization = signup_form.cleaned_data.get('organization')
388

389 390
            # Only send mail if we've defined the mailserver
            if settings.EMAIL_HOST and settings.EMAIL_PORT:
391
                user_mail = request.user.username + settings.EMAIL_DOMAIN
392
                # Email sent to notify Admins
393
                to_admin = EmailMessage(
394
                    'Signup from %s' % (request.user.registereduser.user),
395 396 397 398 399
                    ######################
                    '%s signed up at %s\n\n'
                    'Username: %s\n'
                    'Organization: %s\n\n'
                    'Message: %s\n\n'
400 401
                    'You can contact the user directly by replying to this email or '
                    'reply all to contact the user and notfiy the mailing list.\n'
402 403
                    'Please head to go.gmu.edu/useradmin to approve or '
                    'deny this application.'
404 405 406 407 408
                    %(
                        str(full_name), str(timezone.now()).strip(),
                        str(request.user.registereduser.user), str(organization),
                        str(description)
                    ),
409 410
                    ######################
                    settings.EMAIL_FROM,
411
                    [settings.EMAIL_TO],
412 413 414
                    reply_to=[user_mail]
                )
                to_admin.send()
415
                # Confirmation email sent to Users
416
                send_mail(
417 418 419 420 421 422 423 424 425 426 427 428 429
                    'We have received your Go application!',
                    ######################
                    'Hey there %s,\n\n'
                    'The Go admins have received your application and are '
                    'currently in the process of reviewing it.\n\n'
                    'You will receive another email when you have been '
                    'approved.\n\n'
                    '- Go Admins'
                    % (str(full_name)),
                    ######################
                    settings.EMAIL_FROM,
                    [user_mail]
                )
430

David Haynes's avatar
David Haynes committed
431 432
            # Make sure that our new RegisteredUser object is clean, then save
            # it and let's redirect to tell the user they have registered.
433
            signup_form.save()
434
            return redirect('registered')
Jean Michel Rouly's avatar
Jean Michel Rouly committed
435

David Haynes's avatar
David Haynes committed
436 437
    # render signup.html passing along the form and the current registered
    # status
438
    return render(request, 'core/signup.html', {
439
        'form': signup_form,
440
        'registered': False,
441
    })
Jean Michel Rouly's avatar
Jean Michel Rouly committed
442

David Haynes's avatar
David Haynes committed
443
def redirection(request, short):
444
    """
David Haynes's avatar
David Haynes committed
445
    This view redirects a user based on the short URL they requested.
446
    """
Jean Michel Rouly's avatar
Jean Michel Rouly committed
447

David Haynes's avatar
David Haynes committed
448 449
    # Get the current domain info
    domain = "%s://%s" % (request.scheme, request.META.get('HTTP_HOST')) + "/"
Eyad Hasan's avatar
Eyad Hasan committed
450
    
David Haynes's avatar
David Haynes committed
451
    # Get the URL object that relates to the requested Go link
452
    url = get_object_or_404(URL, short__iexact=short)
David Haynes's avatar
David Haynes committed
453 454
    # Increment our clicks by one
    url.clicks += 1
Eyad Hasan's avatar
Eyad Hasan committed
455 456 457 458 459
    # Get the URL short link
    doesExist = URL.objects.get(short__iexact=short)
    # Checks to see if the link exists, if not we 404 the user.
    if doesExist.target is None:
        return redirect('go/404.html')
David Haynes's avatar
David Haynes committed
460
    # If the user is trying to make a Go link to itself, we 404 them
461
    if url.target == domain + short:
462
        return redirect('404.html')
463

David Haynes's avatar
David Haynes committed
464
    # If the user is coming from a QR request then increment qrclicks
465 466 467
    if 'qr' in request.GET:
        url.qrclicks += 1

David Haynes's avatar
David Haynes committed
468
    # If the user is coming from a social media request then increment qrclicks
469 470 471
    if 'social' in request.GET:
        url.socialclicks += 1

David Haynes's avatar
David Haynes committed
472
    # Save our data and redirect the user towards thier destination
Jean Michel Rouly's avatar
Jean Michel Rouly committed
473
    url.save()
474
    return redirect(url.target)
475

476 477
def staff_member_required(view_func, redirect_field_name=REDIRECT_FIELD_NAME, login_url='/'):
    """
David Haynes's avatar
David Haynes committed
478 479
    Decorator function for views that checks that the user is logged in and is
    a staff member, displaying the login page if necessary.
480 481
    """

482 483
    return user_passes_test(
        lambda u: u.is_active and u.is_staff,
484 485
        login_url=login_url,
        redirect_field_name=redirect_field_name
486 487
    )(view_func)

David Haynes's avatar
David Haynes committed
488 489
@staff_member_required
def useradmin(request):
490
    """
David Haynes's avatar
David Haynes committed
491 492
    This view is a simplified admin panel, so that staff don't need to log in
    to approve links
493
    """
David Haynes's avatar
David Haynes committed
494 495

    # If we receive a POST request
496
    if request.POST:
David Haynes's avatar
David Haynes committed
497
        # Get a list of the potential victims (users)
498
        userlist = request.POST.getlist('username')
David Haynes's avatar
David Haynes committed
499
        # If we're approving users
500
        if '_approve' in request.POST:
501
            for name in userlist:
502 503 504
                to_approve = RegisteredUser.objects.get(user__username__exact=name)
                to_approve.approved = True
                to_approve.save()
David Haynes's avatar
David Haynes committed
505 506

                # Send an email letting them know they are approved
507
                if settings.EMAIL_HOST and settings.EMAIL_PORT:
508
                    user_mail = to_approve.user.username + settings.EMAIL_DOMAIN
509 510 511 512 513 514 515 516
                    send_mail(
                        'Your Account has been Approved!',
                        ######################
                        'Hey there %s,\n\n'
                        'The Go admins have reviewed your application and have '
                        'approved you to use Go!\n\n'
                        'Head over to go.gmu.edu to create your first address.\n\n'
                        '- Go Admins'
517
                        % (str(to_approve.full_name)),
518 519 520 521
                        ######################
                        settings.EMAIL_FROM,
                        [user_mail]
                    )
Zach Osman's avatar
Zach Osman committed
522

David Haynes's avatar
David Haynes committed
523
        # If we're denying users
524
        elif '_deny' in request.POST:
525
            for name in userlist:
526
                to_deny = RegisteredUser.objects.get(user__username__exact=name)
527
                if settings.EMAIL_HOST and settings.EMAIL_PORT:
528
                    user_mail = to_deny.user.username + settings.EMAIL_DOMAIN
David Haynes's avatar
David Haynes committed
529
                    # Send an email letting them know they are denied
530 531 532 533 534 535 536 537 538
                    send_mail(
                        'Your Account has been Denied!',
                        ######################
                        'Hey there %s,\n\n'
                        'The Go admins have reviewed your application and have '
                        'decided to not approve you to use Go.\n\n'
                        'Please reach out to srct@gmu.edu to appeal '
                        'this decision.\n\n'
                        '- Go Admins'
539
                        % (str(to_deny.full_name)),
540 541 542 543
                        ######################
                        settings.EMAIL_FROM,
                        [user_mail]
                    )
David Haynes's avatar
David Haynes committed
544
                # Delete their associated RegisteredUsers
545
                to_deny.user.delete()
546
                return HttpResponseRedirect('useradmin')
Zach Osman's avatar
Zach Osman committed
547

548
        # If we're blocking users
Zach Osman's avatar
Zach Osman committed
549 550
        elif '_block' in request.POST:
            for name in userlist:
551
                to_block = RegisteredUser.objects.get(user__username__exact=name)
Zach Osman's avatar
Zach Osman committed
552
                if settings.EMAIL_HOST and settings.EMAIL_PORT:
553
                    user_mail = to_block.user.username + settings.EMAIL_DOMAIN
Zach Osman's avatar
Zach Osman committed
554 555 556 557 558 559 560 561 562
                    send_mail(
                        'Your Account has been Blocked!',
                        ######################
                        'Hey there %s,\n\n'
                        'The Go admins have reviewed your application and have '
                        'blocked you from using Go.\n\n'
                        'Please reach out to srct@gmu.edu to appeal '
                        'this decision.\n\n'
                        '- Go Admins'
563
                        % (str(to_block.full_name)),
Zach Osman's avatar
Zach Osman committed
564 565 566 567
                        ######################
                        settings.EMAIL_FROM,
                        [user_mail]
                    )
568 569 570 571
                to_block.blocked = True
                to_block.approved = False
                to_block.registered = False
                to_block.save()
Zach Osman's avatar
Zach Osman committed
572

573
        # If we're un-blocking users
574 575
        elif '_unblock' in request.POST:
            for name in userlist:
576
                to_un_block = RegisteredUser.objects.get(user__username__exact=name)
577
                if settings.EMAIL_HOST and settings.EMAIL_PORT:
578
                    user_mail = to_un_block.user.username + settings.EMAIL_DOMAIN
579
                    send_mail(
580
                        'Your Account has been Un-Blocked!',
581 582 583
                        ######################
                        'Hey there %s,\n\n'
                        'The Go admins have reviewed your application and have '
584
                        'Un-Blocked you from using Go.\n\n'
585
                        'If you wish to continue Go use please register again. \n\n'
586 587
                        'Congratulations! '
                        '- Go Admins'
588
                        % (str(to_un_block.full_name)),
589 590 591 592
                        ######################
                        settings.EMAIL_FROM,
                        [user_mail]
                    )
593 594
                to_un_block.blocked = False
                to_un_block.save()
595
                return HttpResponseRedirect('useradmin')
596

597
        # If we're removing existing users
598 599
        elif '_remove' in request.POST:
            for name in userlist:
600
                to_remove = RegisteredUser.objects.get(user__username__exact=name)
601
                if settings.EMAIL_HOST and settings.EMAIL_PORT:
602
                    user_mail = to_remove.user.username + settings.EMAIL_DOMAIN
603 604 605 606 607 608 609 610
                    send_mail(
                        'Your Account has been Deleted!',
                        ######################
                        'Hey there %s,\n\n'
                        'The Go admins have decided to remove you from Go. \n\n'
                        'Please reach out to srct@gmu.edu to appeal '
                        'this decision.\n\n'
                        '- Go Admins'
611
                        % (str(to_remove.full_name)),
612 613 614 615
                        ######################
                        settings.EMAIL_FROM,
                        [user_mail]
                    )
616
                to_remove.user.delete()
617
                return HttpResponseRedirect('useradmin')
618

619
    # Get a list of all RegisteredUsers that need to be approved
620 621
    need_approval = RegisteredUser.objects.filter(registered=True).filter(
        approved=False).filter(blocked=False)
Zach Osman's avatar
Zach Osman committed
622
    # Get a list of all RegisteredUsers that are currently users
623 624
    current_users = RegisteredUser.objects.filter(approved=True).filter(
        registered=True).filter(blocked=False)
Zach Osman's avatar
Zach Osman committed
625
    # Get a list of all RegisteredUsers that are blocked
626
    blocked_users = RegisteredUser.objects.filter(blocked=True)
627

David Haynes's avatar
David Haynes committed
628
    # Pass that list to the template
629
    return render(request, 'admin/useradmin.html', {
630 631 632
        'need_approval': need_approval,
        'current_users': current_users,
        'blocked_users': blocked_users
633
    })