From dee17a822316d93f97e2e2bfe75aa91f63d0543a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20G=C3=B6tz?=
 <michael-guenther.goetz@stud.uni-bamberg.de>
Date: Fri, 5 Apr 2019 19:02:02 +0200
Subject: [PATCH] Implement multiple user deletion, Fix password reset mail
 link

---
 account_manager/forms.py                      |  4 +++
 account_manager/urls.py                       |  4 ++-
 account_manager/views/user_views.py           | 29 ++++++++++++++-----
 templates/realm/realm_user.jinja2             |  4 ++-
 .../realm/realm_user_multiple_delete.jinja2   | 10 +++++++
 templates/registration/login.html             |  1 +
 .../registration/password_reset_email.html    |  2 +-
 7 files changed, 44 insertions(+), 10 deletions(-)
 create mode 100644 templates/realm/realm_user_multiple_delete.jinja2

diff --git a/account_manager/forms.py b/account_manager/forms.py
index 14454e0..8f41573 100644
--- a/account_manager/forms.py
+++ b/account_manager/forms.py
@@ -7,6 +7,10 @@ class AddLDAPUserForm(forms.Form):
     email = forms.EmailField(label='E-Mail', required=False)
 
 
+class UserDeleteListForm(forms.Form):
+    ldap_users = forms.ModelMultipleChoiceField(widget=forms.CheckboxSelectMultiple, queryset=LdapUser.objects.all())
+
+
 class AddLDAPGroupForm(forms.Form):
     name = forms.CharField(label='name', max_length=400)
     # TODO show only allowed user
diff --git a/account_manager/urls.py b/account_manager/urls.py
index 7a55b72..1a38b92 100644
--- a/account_manager/urls.py
+++ b/account_manager/urls.py
@@ -18,8 +18,10 @@ urlpatterns = [
          name='realm-user-detail'),
     path('realm/<int:realm_id>/user/<str:user_dn>/update/', account_manager.views.user_views.realm_user_update,
          name='realm-user-update'),
-    path('realm/<int:realm_id>/user/<str:user_dn>/delete/', account_manager.views.user_views.realm_user_delete,
+    path('realm/<int:realm_id>/user/delete/s/<str:user_dn>/', account_manager.views.user_views.realm_user_delete,
          name='realm-user-delete'),
+    path('realm/<int:realm_id>/user/delete/multiple', account_manager.views.user_views.realm_multiple_user_delete,
+         name='realm-multiple-user-delete'),
 
     # Realm Group
     path('realm/<int:realm_id>/groups/', account_manager.views.group_views.realm_groups, name='realm-group-list'),
diff --git a/account_manager/views/user_views.py b/account_manager/views/user_views.py
index 8ea192e..b55ef47 100644
--- a/account_manager/views/user_views.py
+++ b/account_manager/views/user_views.py
@@ -2,7 +2,7 @@ from django.contrib.auth.decorators import login_required
 from django.shortcuts import render, redirect
 
 from account_helper.models import Realm
-from account_manager.forms import AddLDAPUserForm
+from account_manager.forms import AddLDAPUserForm, UserDeleteListForm
 from account_manager.models import LdapUser, LdapGroup
 from django.contrib.auth.models import User
 from account_manager.main_views import is_realm_admin
@@ -79,7 +79,23 @@ def realm_user_delete(request, realm_id, user_dn):
     LdapUser.base_dn = f'ou=people,{realm_obj.ldap_base_dn}'
     LdapGroup.base_dn = f'ou=groups,{realm_obj.ldap_base_dn}'
     ldap_user = LdapUser.objects.get(dn=user_dn)
-    return user_delete_controller(request, ldap_user, realm_id, 'realm-user-list')
+    user_delete_controller(ldap_user)
+    return redirect('realm-user-list', realm_id)
+
+
+def realm_multiple_user_delete(request, realm_id):
+    realm = Realm.objects.get(id=realm_id)
+    if request.method == 'POST':
+        form = UserDeleteListForm(request.POST)
+        if form.is_valid():
+            ldap_users = form.cleaned_data['ldap_users']
+            for ldap_user in ldap_users:
+                # TODO: Failure catchup
+                user_delete_controller(ldap_user)
+            return redirect('realm-user-list', realm_id)
+    # TODO: Form not valid
+    form = UserDeleteListForm()
+    return render(request, 'realm/realm_user_multiple_delete.jinja2', {'form': form, 'realm': realm})
 
 
 @login_required
@@ -101,7 +117,8 @@ def user_delete(request, realm_id, user_dn):
     LdapGroup.base_dn = f'ou=groups,{realm_obj.ldap_base_dn}'
     ldap_user = LdapUser.objects.get(dn=user_dn)
     if request.user.username == ldap_user.username:
-        return user_delete_controller(request, ldap_user, realm_id, 'account-deleted')
+        user_delete_controller(ldap_user)
+        return redirect('account-deleted', realm_id)
     else:
         return redirect('permission-denied')
 
@@ -131,7 +148,7 @@ def user_update_controller(ldap_user, realm_id, realm_obj, request, user_dn, red
     return render(request, detail_page, {'form': form, 'realm': realm_obj})
 
 
-def user_delete_controller(request, ldap_user, realm_id, redirect_name):
+def user_delete_controller(ldap_user):
     user_groups = LdapGroup.objects.filter(members__contains=ldap_user.dn)
 
     for group in user_groups:
@@ -143,14 +160,12 @@ def user_delete_controller(request, ldap_user, realm_id, redirect_name):
         django_user.delete()
     except ObjectDoesNotExist:
         pass
-    return redirect(redirect_name, realm_id)
+    return
 
 
 class LdapPasswordResetConfirmView(PasswordResetConfirmView):
-
     def form_valid(self, form):
         user = form.save()
         password = form.cleaned_data['new_password1']
-        print(password)
         LdapUser.password_reset(user, password)
         return super().form_valid(form)
diff --git a/templates/realm/realm_user.jinja2 b/templates/realm/realm_user.jinja2
index 53ac85e..30ff06c 100644
--- a/templates/realm/realm_user.jinja2
+++ b/templates/realm/realm_user.jinja2
@@ -1,8 +1,10 @@
 {% extends 'realm/realm_detailed.jinja2' %}
 {% block user_content %}
     <h2>Nutzer</h2>
+    <a href="{{ url('realm-multiple-user-delete', args=[realm.id]) }}"> Mehrere Nutzer Löschen</a>
     {% for user in realm_user %}
-        <p>{{ user.username }} - <a href="{{ url('realm-user-detail', args=[realm.id, user.dn]) }}">{{ user.dn }}</a>
+        <p>
+            {{ user.username }} - <a href="{{ url('realm-user-detail', args=[realm.id, user.dn]) }}">{{ user.dn }}</a>
         </p>
     {% endfor %}
 {% endblock %}
\ No newline at end of file
diff --git a/templates/realm/realm_user_multiple_delete.jinja2 b/templates/realm/realm_user_multiple_delete.jinja2
new file mode 100644
index 0000000..93630f2
--- /dev/null
+++ b/templates/realm/realm_user_multiple_delete.jinja2
@@ -0,0 +1,10 @@
+{% extends 'realm/realm_detailed.jinja2' %}
+{% block user_content %}
+    <h2>Nutzer</h2>
+    <a href="{{ url('realm-user-list', args=[realm.id]) }}">Abrechen</a>
+    <form action="{{ url('realm-multiple-user-delete', args=[realm.id]) }}" method="post">
+        <input type="hidden" name="csrfmiddlewaretoken" value="{{ csrf_token }}">
+        <input type="submit" value="Ausführen">
+        {{ form.as_p() }}
+    </form>
+{% endblock %}
\ No newline at end of file
diff --git a/templates/registration/login.html b/templates/registration/login.html
index 70c40f0..eb4b6d6 100644
--- a/templates/registration/login.html
+++ b/templates/registration/login.html
@@ -13,6 +13,7 @@
                     <button type="submit">Login</button>
                 </form>
             </div>
+            <a href="{{ url('password_reset') }}">Passwort vergessen?</a>
         </div>
     </div>
 {% endblock %}
\ No newline at end of file
diff --git a/templates/registration/password_reset_email.html b/templates/registration/password_reset_email.html
index 3c7d99d..4aed85f 100644
--- a/templates/registration/password_reset_email.html
+++ b/templates/registration/password_reset_email.html
@@ -1,3 +1,3 @@
 Someone asked for password reset for email {{ email }}. Follow the link below:
-{{ protocol }}://{{ domain }}{{ url('password_reset_confirm', kwargs={'uidb64':uid, 'token':token})  }}
+{{ protocol }}://{{ domain }}{{ url('ldap_password_reset_confirm', kwargs={'uidb64':uid, 'token':token})  }}