diff --git a/src/account_manager/models.py b/src/account_manager/models.py index f4e0003..d1bf544 100644 --- a/src/account_manager/models.py +++ b/src/account_manager/models.py @@ -2,19 +2,15 @@ import re from django.contrib.auth.models import User -from django.contrib.auth.tokens import default_token_generator -from django.template.loader import render_to_string -from django.utils.encoding import force_bytes -from django.utils.http import urlsafe_base64_encode + from django.db.models import Q from ldapdb.models import fields as ldap_fields from ldapdb.models.base import Model -from core.settings import PASSWORD_RESET_TIMEOUT_DAYS -from account_manager.utils.mail_utils import realm_send_mail -from multiprocessing import Process from ldap import NO_SUCH_OBJECT, ALREADY_EXISTS from django.core.exceptions import ObjectDoesNotExist +from account_manager.utils.mail_utils import send_welcome_mail + import os @@ -51,19 +47,7 @@ class LdapUser(Model): LdapUser.base_dn = f'ou=people, {realm.ldap_base_dn}' ldap_user = LdapUser.objects.create(username=username, email=email, first_name=" ", last_name=" ") user, _ = User.objects.get_or_create(username=username, email=email) - mail_subject = 'Aktiviere deinen StuVe Account' - message = render_to_string('registration/welcome_email.jinja2', { - 'user': user, - 'domain': domain, - 'uid': urlsafe_base64_encode(force_bytes(user.pk)).decode(), - 'token': default_token_generator.make_token(user=user), - 'protocol': protocol, - 'email': email, - 'expiration_days': PASSWORD_RESET_TIMEOUT_DAYS - }) - # TODO failure handling - p1 = Process(target=realm_send_mail, args=(realm, user.email, mail_subject, message)) - p1.start() + send_welcome_mail(domain, email, protocol, realm, user) return ldap_user else: raise ALREADY_EXISTS('User already exists') @@ -78,7 +62,6 @@ class LdapUser(Model): @staticmethod def get_users_by_dn(realm, users): - print(users) LdapGroup.base_dn = f'ou=groups,{realm.ldap_base_dn}' users = [re.compile('uid=([a-zA-Z0-9_]*),(ou=[a-zA-Z_]*),(.*)').match(user).group(1) for user in users] diff --git a/src/account_manager/urls.py b/src/account_manager/urls.py index d06a6ef..4c77b9d 100644 --- a/src/account_manager/urls.py +++ b/src/account_manager/urls.py @@ -27,6 +27,10 @@ urlpatterns = [ name='realm-user-detail'), path('realm//user//update/', user_views.realm_user_update, name='realm-user-update'), + path('realm//user//mail/password/', user_views.realm_user_resend_welcome_mail, + name='realm-user-password-reset'), + path('realm//user//mail/welcome/', user_views.realm_user_resend_welcome_mail, + name='realm-user-resend-welcome-mail'), path('realm//user//group/update/', user_views.realm_user_group_update, name='realm-user-group-update'), diff --git a/src/account_manager/utils/mail_utils.py b/src/account_manager/utils/mail_utils.py index f165f40..c421000 100644 --- a/src/account_manager/utils/mail_utils.py +++ b/src/account_manager/utils/mail_utils.py @@ -2,6 +2,12 @@ import logging from django.core.mail import get_connection, send_mail from django.utils.html import strip_tags +from core.settings import PASSWORD_RESET_TIMEOUT_DAYS +from multiprocessing import Process +from django.contrib.auth.tokens import default_token_generator +from django.template.loader import render_to_string +from django.utils.encoding import force_bytes +from django.utils.http import urlsafe_base64_encode from core.settings import EMAIL_HOST, EMAIL_PORT, EMAIL_USE_SSL, EMAIL_USE_TLS @@ -22,3 +28,19 @@ def realm_send_mail(realm, to, subject, message): recipient_list=[to, ], connection=connection) logger.info('mail sent') + + +def send_welcome_mail(domain, email, protocol, realm, user): + mail_subject = 'Aktiviere deinen StuVe Account' + message = render_to_string('registration/welcome_email.jinja2', { + 'user': user, + 'domain': domain, + 'uid': urlsafe_base64_encode(force_bytes(user.pk)).decode(), + 'token': default_token_generator.make_token(user=user), + 'protocol': protocol, + 'email': email, + 'expiration_days': PASSWORD_RESET_TIMEOUT_DAYS + }) + # TODO failure handling + p1 = Process(target=realm_send_mail, args=(realm, user.email, mail_subject, message)) + p1.start() diff --git a/src/account_manager/views/user_views.py b/src/account_manager/views/user_views.py index 8e2a415..3de523a 100644 --- a/src/account_manager/views/user_views.py +++ b/src/account_manager/views/user_views.py @@ -12,7 +12,7 @@ from account_manager.forms import AddLDAPUserForm, UserDeleteListForm, UpdateLDA UserGroupListForm from account_manager.main_views import is_realm_admin from account_manager.models import LdapUser, LdapGroup - +from account_manager.utils.mail_utils import send_welcome_mail import logging logger = logging.getLogger(__name__) @@ -137,6 +137,54 @@ def realm_user_update(request, realm_id, user_dn): {'model_field': 'email', 'form_field': 'email'}, ]) +# +# @login_required +# @is_realm_admin +# @protect_cross_realm_user_access +# def realm_user_password_reset(request, realm_id, user_dn): +# realm_obj = Realm.objects.get(id=realm_id) +# LdapUser.base_dn = f'ou=people,{realm_obj.ldap_base_dn}' +# ldap_user = LdapUser.objects.get(dn=user_dn) +# +# password_reset_request = HttpRequest() +# password_reset_request.method = 'POST' +# password_reset_request.META['HTTP_HOST'] = request.META['HTTP_HOST'] +# password_reset_request.POST = {'email': ldap_user.email, 'csrfmiddlewaretoken': get_token(HttpRequest())} +# PasswordResetView.as_view()(password_reset_request) +# +# realm_obj = Realm.objects.get(id=realm_id) +# LdapUser.base_dn = f'ou=people,{realm_obj.ldap_base_dn}' +# ldap_user = LdapUser.objects.get(dn=user_dn) +# return user_update_controller(request=request, +# realm=realm_obj, +# ldap_user=ldap_user, +# redirect_name='realm-user-detail', +# update_view='user/realm_user_detail.jinja2', +# form_class=AdminUpdateLDAPUserForm, +# form_attrs=[ +# {'model_field': 'username', 'form_field': 'username'}, +# {'model_field': 'password', 'form_field': 'password'}, +# {'model_field': 'first_name', 'form_field': 'first_name'}, +# {'model_field': 'last_name', 'form_field': 'last_name'}, +# {'model_field': 'email', 'form_field': 'email'}, ]) + + +@login_required +@is_realm_admin +@protect_cross_realm_user_access +def realm_user_resend_welcome_mail(request, realm_id, user_dn): + realm = Realm.objects.get(id=realm_id) + LdapUser.base_dn = f'ou=people,{realm.ldap_base_dn}' + ldap_user = LdapUser.objects.get(dn=user_dn) + current_site = get_current_site(request) + protocol = 'http' + if request.is_secure(): + protocol = 'https' + send_welcome_mail(domain=current_site.domain, email=ldap_user.email, protocol=protocol, realm=realm, + user=User.objects.get(username=ldap_user.username)) + return redirect('realm-user-detail', realm_id, user_dn) + + @login_required @is_realm_admin @protect_cross_realm_user_access diff --git a/src/templates/user/realm_user_detail.jinja2 b/src/templates/user/realm_user_detail.jinja2 index 2b765d5..ce80d52 100644 --- a/src/templates/user/realm_user_detail.jinja2 +++ b/src/templates/user/realm_user_detail.jinja2 @@ -16,7 +16,7 @@
  • Vorname: {{ user.first_name }}
  • Nachname: {{ user.last_name }}
  • Email: {{ user.email }}
    • - {#
  • Passwort: {{ user.password }}
    • #} +
  • Passwort: Nutzerpasswort zurücksetzen
    • {#
  • Telefon: {{ user.phone }}
    • #} {#
  • Mobiltelefon: {{ user.mobile_phone }}
    • #}
  • Gruppen: @@ -36,6 +36,12 @@ Nutzer bearbeiten + {% if not user.last_login %} + + Wilkommensmail erneut senden + + {% endif %} Nutzer löschen