Implement multiple user deletion, Fix password reset mail link

account_manager/forms.py

@@ -7,6 +7,10 @@ class AddLDAPUserForm(forms.Form):
     email = forms.EmailField(label='E-Mail', required=False)
 
 
+class UserDeleteListForm(forms.Form):
+    ldap_users = forms.ModelMultipleChoiceField(widget=forms.CheckboxSelectMultiple, queryset=LdapUser.objects.all())
+
+
 class AddLDAPGroupForm(forms.Form):
     name = forms.CharField(label='name', max_length=400)
     # TODO show only allowed user

account_manager/urls.py

@@ -18,8 +18,10 @@ urlpatterns = [
          name='realm-user-detail'),
     path('realm/<int:realm_id>/user/<str:user_dn>/update/', account_manager.views.user_views.realm_user_update,
          name='realm-user-update'),
-    path('realm/<int:realm_id>/user/<str:user_dn>/delete/', account_manager.views.user_views.realm_user_delete,
+    path('realm/<int:realm_id>/user/delete/s/<str:user_dn>/', account_manager.views.user_views.realm_user_delete,
          name='realm-user-delete'),
+    path('realm/<int:realm_id>/user/delete/multiple', account_manager.views.user_views.realm_multiple_user_delete,
+         name='realm-multiple-user-delete'),
 
     # Realm Group
     path('realm/<int:realm_id>/groups/', account_manager.views.group_views.realm_groups, name='realm-group-list'),

account_manager/views/user_views.py

@@ -2,7 +2,7 @@ from django.contrib.auth.decorators import login_required
 from django.shortcuts import render, redirect
 
 from account_helper.models import Realm
-from account_manager.forms import AddLDAPUserForm
+from account_manager.forms import AddLDAPUserForm, UserDeleteListForm
 from account_manager.models import LdapUser, LdapGroup
 from django.contrib.auth.models import User
 from account_manager.main_views import is_realm_admin
@@ -79,7 +79,23 @@ def realm_user_delete(request, realm_id, user_dn):
     LdapUser.base_dn = f'ou=people,{realm_obj.ldap_base_dn}'
     LdapGroup.base_dn = f'ou=groups,{realm_obj.ldap_base_dn}'
     ldap_user = LdapUser.objects.get(dn=user_dn)
-    return user_delete_controller(request, ldap_user, realm_id, 'realm-user-list')
+    user_delete_controller(ldap_user)
+    return redirect('realm-user-list', realm_id)
+
+
+def realm_multiple_user_delete(request, realm_id):
+    realm = Realm.objects.get(id=realm_id)
+    if request.method == 'POST':
+        form = UserDeleteListForm(request.POST)
+        if form.is_valid():
+            ldap_users = form.cleaned_data['ldap_users']
+            for ldap_user in ldap_users:
+                # TODO: Failure catchup
+                user_delete_controller(ldap_user)
+            return redirect('realm-user-list', realm_id)
+    # TODO: Form not valid
+    form = UserDeleteListForm()
+    return render(request, 'realm/realm_user_multiple_delete.jinja2', {'form': form, 'realm': realm})
 
 
 @login_required
@@ -101,7 +117,8 @@ def user_delete(request, realm_id, user_dn):
     LdapGroup.base_dn = f'ou=groups,{realm_obj.ldap_base_dn}'
     ldap_user = LdapUser.objects.get(dn=user_dn)
     if request.user.username == ldap_user.username:
-        return user_delete_controller(request, ldap_user, realm_id, 'account-deleted')
+        user_delete_controller(ldap_user)
+        return redirect('account-deleted', realm_id)
     else:
         return redirect('permission-denied')
 
@@ -131,7 +148,7 @@ def user_update_controller(ldap_user, realm_id, realm_obj, request, user_dn, red
     return render(request, detail_page, {'form': form, 'realm': realm_obj})
 
 
-def user_delete_controller(request, ldap_user, realm_id, redirect_name):
+def user_delete_controller(ldap_user):
     user_groups = LdapGroup.objects.filter(members__contains=ldap_user.dn)
 
     for group in user_groups:
@@ -143,14 +160,12 @@ def user_delete_controller(request, ldap_user, realm_id, redirect_name):
         django_user.delete()
     except ObjectDoesNotExist:
         pass
-    return redirect(redirect_name, realm_id)
+    return
 
 
 class LdapPasswordResetConfirmView(PasswordResetConfirmView):
-
     def form_valid(self, form):
         user = form.save()
         password = form.cleaned_data['new_password1']
-        print(password)
         LdapUser.password_reset(user, password)
         return super().form_valid(form)

templates/realm/realm_user.jinja2

@@ -1,8 +1,10 @@
 {% extends 'realm/realm_detailed.jinja2' %}
 {% block user_content %}
     <h2>Nutzer</h2>
+    <a href="{{ url('realm-multiple-user-delete', args=[realm.id]) }}"> Mehrere Nutzer Löschen</a>
     {% for user in realm_user %}
-        <p>{{ user.username }} - <a href="{{ url('realm-user-detail', args=[realm.id, user.dn]) }}">{{ user.dn }}</a>
+        <p>
+            {{ user.username }} - <a href="{{ url('realm-user-detail', args=[realm.id, user.dn]) }}">{{ user.dn }}</a>
         </p>
     {% endfor %}
 {% endblock %}

templates/realm/realm_user_multiple_delete.jinja2

@@ -0,0 +1,10 @@
+{% extends 'realm/realm_detailed.jinja2' %}
+{% block user_content %}
+    <h2>Nutzer</h2>
+    <a href="{{ url('realm-user-list', args=[realm.id]) }}">Abrechen</a>
+    <form action="{{ url('realm-multiple-user-delete', args=[realm.id]) }}" method="post">
+        <input type="hidden" name="csrfmiddlewaretoken" value="{{ csrf_token }}">
+        <input type="submit" value="Ausführen">
+        {{ form.as_p() }}
+    </form>
+{% endblock %}

templates/registration/login.html

@@ -13,6 +13,7 @@
                     <button type="submit">Login</button>
                 </form>
             </div>
+            <a href="{{ url('password_reset') }}">Passwort vergessen?</a>
         </div>
     </div>
 {% endblock %}

templates/registration/password_reset_email.html

@@ -1,3 +1,3 @@
 Someone asked for password reset for email {{ email }}. Follow the link below:
-{{ protocol }}://{{ domain }}{{ url('password_reset_confirm', kwargs={'uidb64':uid, 'token':token})  }}
+{{ protocol }}://{{ domain }}{{ url('ldap_password_reset_confirm', kwargs={'uidb64':uid, 'token':token})  }}