finished up the views

2018-10-10 14:13:49 +02:00 · 2018-10-10 14:13:49 +02:00 · a92054bc0a
commit a92054bc0a
parent b82ed72185
3 changed files with 35 additions and 14 deletions
--- a/dal/dal/templates/deleteaccount.html
+++ b/dal/dal/templates/deleteaccount.html
--- a/dal/dal/templates/deleteduser.html
+++ b/dal/dal/templates/deleteduser.html
--- a/dal/dal/views.py
+++ b/dal/dal/views.py
@ -56,13 +56,6 @@ class Register(View):
        service = 'Registering an user'
        # urlname for 'go back' on the errorpage
        urlname = 'register'
-        # some basic check against DoS, since a hidden reference=ungleich will be given on the registeruser page
-        # real defense against DoS will not be on django, but this protects a bit against filling up our ldap with a
-        # basic curl script
-        # TODO: Think about some better protection
-        reference = request.POST.get('reference')
-        if reference != 'ungleich':
-            return HttpResponseRedirect(reverse_lazy('index'))
        username = request.POST.get('username')
        # Check to see if username is already taken
        if self.check_user_exists(username):
@ -85,8 +78,10 @@ class Register(View):
        lastname = request.POST.get('lastname')
        if firstname == "" or not firstname or lastname == "" or not lastname
            return render(request, 'registererror.html', { 'urlname': urlname, 'service': service, 'error': 'Please enter your firstname and lastname.' } )
-        # TODO: throw it to nameko to create the user
-        return render(request, 'usercreated.html', { 'user': username } )
+        # throw it to nameko to create the user
+        if self.create_user(username, password1, firstname, lastname, email):
+            return render(request, 'usercreated.html', { 'user': username } )
+        return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Unknown error while creating the user.' } )

    

@ -100,7 +95,7 @@ class ChangeData(View):
        if not request.user.is_authenticated:
            return render(request, 'mustbeloggedin.html')
        user = request.user
-        #TODO: nameko get basic data (firstname, lastname, email)
+        # get basic data (firstname, lastname, email)
        (firstname, lastname, email) = self.get_data(user)
        # The template puts the old data as standard in the fields
        return render(request, 'changeuserdata.html', { 'user': user, 'firstname': firstname, 'lastname': lastname, 'email': email } )
@ -128,7 +123,7 @@ class ChangeData(View):
            return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Please enter an email.' } )
        elif not email_re.match(email):
            return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'The supplied email address is invalid.' } )
-        #TODO: nameko change data (firstname, lastname, email)
+        # Trying to change the data
        if self.change_data(firstname, lastname, email):
            return render(request, 'changeddata.html', { 'user': user, 'firstname': firstname, 'lastname': lastname, 'email': email } )
        return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'An unknown error occurred.' } )
@ -157,7 +152,8 @@ class ResetPassword(View):
    def post(self, request):
        user = request.POST.get('user')
        if check_user_exists(user):
-            #TODO: call nameko for sending a reset request
+            # TODO: Get a good backend for reset requests
+            # Sending the reset request
            self.send_resetrequest(user)
            return render(request, 'send_resetrequest.html', { 'user': user } )
        return render(request, 'must_confirm_reset.html')
@ -200,7 +196,7 @@ class ChangePassword(View):
            return render(request, 'error.html', { 'urlname': urlname, 'service': service, 
                'error': 'Please check if you typed the same password both times for the new password' } )

-        # TODO: nameko change password
+        # Trying to change the password
        if self.change_password(user, oldpassword, password1):
            return render(request, 'changedpassword.html', { 'user': user } )
        else:
@ -215,7 +211,32 @@ class ChangePassword(View):


 class DeleteAccount(View):
+
    def get(self, request):
-        return HttpResponse("Work in progress")
+        return render(request, 'deleteaccount.html')

+    def post(self, request):
+        # Variables for error page
+        urlname = 'account_delete'
+        service = 'delete an account'

+        # Does the user exist?
+        username = request.POST.username
+        if not check_user_exists(username):
+            return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Unknown user.' } )
+
+        # Do user and password match?
+        password = request.POST.username
+        check = authenticate(request, username=username, password=password)
+        if check is None:
+            return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Wrong password for user.' } )
+    
+        # Try to delete the user
+        if self.delete_user(username):
+            return render(request, 'deleteduser.html', { 'user': username } )
+        return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Unknown error while trying to delete the user.' } )
+
+    
+    def delete_user(self, username):
+        #TODO: nameko call to delete the user
+        return True