welco/welco/contacts/views.py

# welco - multichannel request processing
# Copyright (C) 2015  Entr'ouvert
#
# This program is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published
# by the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import json
import logging
import random
import requests
import time

from django import template
from django.conf import settings
from django.contrib.contenttypes.models import ContentType
from django.core.exceptions import PermissionDenied
from django.http import HttpResponse
from django.template import RequestContext
from django.views.decorators.csrf import csrf_exempt
from django.views.generic import TemplateView, FormView

from welco.utils import get_wcs_data, sign_url

from .forms import ContactAddForm


class HomeZone(object):
    def __init__(self, request):
        self.request = request

    def render(self):
        tmpl = template.loader.get_template('contacts/zone.html')
        return tmpl.render(request=self.request)


class ContactsZone(TemplateView):
    template_name = 'contacts/zone.html'

    def get_context_data(self, **kwargs):
        context = super(ContactsZone, self).get_context_data(**kwargs)
        context['source_pk'] = self.request.GET.get('source_pk')
        if 'source_pk' in self.request.GET:
            source_class = ContentType.objects.get(id=self.request.GET['source_type']).model_class()
            source_object = source_class.objects.get(id=self.request.GET['source_pk'])
            context['contact_user_id'] = source_object.contact_id
        return context

    def post(self, request, *args, **kwargs):
        if 'user_id' in request.POST:
            source_class = ContentType.objects.get(id=self.request.POST['source_type']).model_class()
            source_object = source_class.objects.get(id=self.request.POST['source_pk'])
            source_object.contact_id = request.POST['user_id']
            source_object.save()
        return HttpResponse('ok')


zone = csrf_exempt(ContactsZone.as_view())


def search_json(request):
    user_groups = set([x.name for x in request.user.groups.all()])
    for channel in settings.CHANNEL_ROLES:
        channel_groups = set(settings.CHANNEL_ROLES[channel])
        if user_groups.intersection(channel_groups):
            break
    else:
        raise PermissionDenied()

    query = request.GET.get('q')
    if query:
        result = get_wcs_data('api/users/', {'q': query, 'limit': 10})
        if result.get('err') != 0:
            raise Exception('error %r' % result)
        for user in result.get('data'):
            user['title'] = user['user_display_name']
            more = [
                user.get('user_var_address'),
                user.get('user_var_phone'),
                user.get('user_var_mobile'),
                user.get('user_var_email'),
            ]
            user['more'] = ' / '.join([x for x in more if x])
            if user.get('user_roles'):
                user['roles'] = ' / '.join([r['text'] for r in user['user_roles']])
            user['slug'] = 'user-%s' % user['user_id']
    else:
        result = {'data': []}
    response = HttpResponse(content_type='application/json')
    json.dump(result, response, indent=2)
    return response


class ContactDetailFragmentView(TemplateView):
    template_name = 'contacts/contact_detail_fragment.html'

    def get_context_data(self, **kwargs):
        context = super(ContactDetailFragmentView, self).get_context_data(**kwargs)

        user_id = self.kwargs.get('slug').split('-')[-1]
        user_details = get_wcs_data('api/users/%s/' % user_id)
        context.update(user_details)
        context['forms'] = get_wcs_data('api/users/%s/forms' % user_id).get('data') or []
        context['user_id'] = user_id

        if 'source_pk' in self.request.GET:
            source_class = ContentType.objects.get(id=self.request.GET['source_type']).model_class()
            source_object = source_class.objects.get(id=self.request.GET['source_pk'])
            context['is_pinned_user'] = bool(source_object.contact_id == user_id)

        return context


contact_detail_fragment = ContactDetailFragmentView.as_view()


class ContactAdd(FormView):
    template_name = 'contacts/contact_add.html'
    form_class = ContactAddForm

    def post(self, request):
        form = self.get_form(self.get_form_class())
        msg = {}
        for field_key in form.fields:
            if form[field_key].value():
                msg[field_key] = form[field_key].value()

        msg['password'] = str(random.SystemRandom().random())
        msg['send_registration_email'] = getattr(settings, 'CONTACT_SEND_REGISTRATION_EMAIL', True)

        authentic_site = list(settings.KNOWN_SERVICES.get('authentic').values())[0]
        authentic_url = authentic_site.get('url')
        authentic_orig = authentic_site.get('orig')
        authentic_secret = authentic_site.get('secret')

        url = authentic_url + 'api/users/?orig=%s' % authentic_orig
        signed_url = sign_url(url, authentic_secret)

        logger = logging.getLogger(__name__)
        logger.info('POST to authentic (%r)', json.dumps(msg))
        authentic_response = requests.post(
            signed_url, data=json.dumps(msg), headers={'Content-type': 'application/json'}
        )
        logger.info('Got authentic response (%r)', authentic_response.text)

        user_uuid = authentic_response.json().get('uuid')
        for i in range(100):
            try:
                user_details = get_wcs_data('api/users/%s/' % user_uuid)
                result = {'data': {'user_id': user_details.get('id')}}
                break
            except requests.HTTPError as e:
                if e.response.status_code != 404:
                    raise
            time.sleep(0.1)
        else:
            result = {'err': 1, 'data': 'timeout when calling wcs'}
        response = HttpResponse(content_type='application/json')
        json.dump(result, response, indent=2)
        return response


contact_add = csrf_exempt(ContactAdd.as_view())
general: add contacts app 2015-07-18 20:33:48 +02:00			`# welco - multichannel request processing`
			`# Copyright (C) 2015 Entr'ouvert`
			`#`
			`# This program is free software: you can redistribute it and/or modify it`
			`# under the terms of the GNU Affero General Public License as published`
			`# by the Free Software Foundation, either version 3 of the License, or`
			`# (at your option) any later version.`
			`#`
			`# This program is distributed in the hope that it will be useful,`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`# GNU Affero General Public License for more details.`
			`#`
			`# You should have received a copy of the GNU Affero General Public License`
			`# along with this program. If not, see <http://www.gnu.org/licenses/>.`

contacts: search and details (#8190) 2015-09-24 12:28:56 +02:00			`import json`
contacts: log user creation requests to authentic (#28828) 2018-12-10 19:18:02 +01:00			`import logging`
contacts: add to authentic then get id from wcs (#8190) This currently relies on HTTP Basic authentication, username/passwords should be set in the settings, as AUTHENTIC_AUTH_TUPLE. 2015-11-16 14:32:31 +01:00			`import random`
			`import requests`
			`import time`
contacts: search and details (#8190) 2015-09-24 12:28:56 +02:00
general: add contacts app 2015-07-18 20:33:48 +02:00			`from django import template`
contacts: add to authentic then get id from wcs (#8190) This currently relies on HTTP Basic authentication, username/passwords should be set in the settings, as AUTHENTIC_AUTH_TUPLE. 2015-11-16 14:32:31 +01:00			`from django.conf import settings`
general: make it possible to qualify with an user (#8173) 2015-09-29 18:05:27 +02:00			`from django.contrib.contenttypes.models import ContentType`
contacts: limit search view to appropriate users (#10469) 2016-03-29 14:54:28 +02:00			`from django.core.exceptions import PermissionDenied`
contacts: search and details (#8190) 2015-09-24 12:28:56 +02:00			`from django.http import HttpResponse`
general: add contacts app 2015-07-18 20:33:48 +02:00			`from django.template import RequestContext`
			`from django.views.decorators.csrf import csrf_exempt`
contacts: basic UI to add contacts 2015-11-16 10:19:44 +01:00			`from django.views.generic import TemplateView, FormView`
general: add contacts app 2015-07-18 20:33:48 +02:00
misc: use signed URL to call authentic (#12467) 2016-11-09 17:19:39 +01:00			`from welco.utils import get_wcs_data, sign_url`
contacts: search and details (#8190) 2015-09-24 12:28:56 +02:00
contacts: basic UI to add contacts 2015-11-16 10:19:44 +01:00			`from .forms import ContactAddForm`

trivial: apply black 2021-01-11 20:10:12 +01:00
general: add contacts app 2015-07-18 20:33:48 +02:00			`class HomeZone(object):`
			`def __init__(self, request):`
			`self.request = request`

			`def render(self):`
			`tmpl = template.loader.get_template('contacts/zone.html')`
general: misc update template API usage for django 1.11 (#20909) 2017-12-28 09:52:27 +01:00			`return tmpl.render(request=self.request)`
general: add contacts app 2015-07-18 20:33:48 +02:00

			`class ContactsZone(TemplateView):`
			`template_name = 'contacts/zone.html'`

			`def get_context_data(self, **kwargs):`
			`context = super(ContactsZone, self).get_context_data(**kwargs)`
misc: disable zones when there's no item to act on (#9048) 2015-12-03 17:49:30 +01:00			`context['source_pk'] = self.request.GET.get('source_pk')`
general: make it possible to qualify with an user (#8173) 2015-09-29 18:05:27 +02:00			`if 'source_pk' in self.request.GET:`
general: reorganize models in a simpler way A source object (e.g. Mail) may now be attached to several Association objects, each one has a formdef_reference attribute (at first), and a formdata_id attribute (once submitted to wcs). 2015-10-09 14:01:59 +02:00			`source_class = ContentType.objects.get(id=self.request.GET['source_type']).model_class()`
			`source_object = source_class.objects.get(id=self.request.GET['source_pk'])`
			`context['contact_user_id'] = source_object.contact_id`
general: add contacts app 2015-07-18 20:33:48 +02:00			`return context`

general: reorganize models in a simpler way A source object (e.g. Mail) may now be attached to several Association objects, each one has a formdef_reference attribute (at first), and a formdata_id attribute (once submitted to wcs). 2015-10-09 14:01:59 +02:00			`def post(self, request, args, *kwargs):`
			`if 'user_id' in request.POST:`
			`source_class = ContentType.objects.get(id=self.request.POST['source_type']).model_class()`
			`source_object = source_class.objects.get(id=self.request.POST['source_pk'])`
			`source_object.contact_id = request.POST['user_id']`
			`source_object.save()`
			`return HttpResponse('ok')`

trivial: apply black 2021-01-11 20:10:12 +01:00
general: add contacts app 2015-07-18 20:33:48 +02:00			`zone = csrf_exempt(ContactsZone.as_view())`


			`def search_json(request):`
contacts: limit search view to appropriate users (#10469) 2016-03-29 14:54:28 +02:00			`user_groups = set([x.name for x in request.user.groups.all()])`
			`for channel in settings.CHANNEL_ROLES:`
			`channel_groups = set(settings.CHANNEL_ROLES[channel])`
			`if user_groups.intersection(channel_groups):`
			`break`
			`else:`
			`raise PermissionDenied()`

general: add contacts app 2015-07-18 20:33:48 +02:00			`query = request.GET.get('q')`
contacts: search and details (#8190) 2015-09-24 12:28:56 +02:00			`if query:`
			`result = get_wcs_data('api/users/', {'q': query, 'limit': 10})`
			`if result.get('err') != 0:`
			`raise Exception('error %r' % result)`
			`for user in result.get('data'):`
			`user['title'] = user['user_display_name']`
contacts: add user details to search and info page 2015-09-25 10:28:14 +02:00			`more = [`
			`user.get('user_var_address'),`
			`user.get('user_var_phone'),`
contacts: display user roles in contact zone (#12630) 2016-09-27 16:26:40 +02:00			`user.get('user_var_mobile'),`
			`user.get('user_var_email'),`
			`]`
contacts: add user details to search and info page 2015-09-25 10:28:14 +02:00			`user['more'] = ' / '.join([x for x in more if x])`
contacts: display user roles in contact zone (#12630) 2016-09-27 16:26:40 +02:00			`if user.get('user_roles'):`
			`user['roles'] = ' / '.join([r['text'] for r in user['user_roles']])`
contacts: search and details (#8190) 2015-09-24 12:28:56 +02:00			`user['slug'] = 'user-%s' % user['user_id']`
			`else:`
			`result = {'data': []}`
general: add contacts app 2015-07-18 20:33:48 +02:00			`response = HttpResponse(content_type='application/json')`
contacts: search and details (#8190) 2015-09-24 12:28:56 +02:00			`json.dump(result, response, indent=2)`
general: add contacts app 2015-07-18 20:33:48 +02:00			`return response`
contacts: search and details (#8190) 2015-09-24 12:28:56 +02:00

			`class ContactDetailFragmentView(TemplateView):`
			`template_name = 'contacts/contact_detail_fragment.html'`

			`def get_context_data(self, **kwargs):`
			`context = super(ContactDetailFragmentView, self).get_context_data(**kwargs)`
contacts: improve contact selection UI (#8784) 2015-10-28 17:04:23 +01:00
contacts: search and details (#8190) 2015-09-24 12:28:56 +02:00			`user_id = self.kwargs.get('slug').split('-')[-1]`
			`user_details = get_wcs_data('api/users/%s/' % user_id)`
			`context.update(user_details)`
misc: adapt to w.c.s. API changes (#21367) 2018-01-23 14:22:58 +01:00			`context['forms'] = get_wcs_data('api/users/%s/forms' % user_id).get('data') or []`
contacts: search and details (#8190) 2015-09-24 12:28:56 +02:00			`context['user_id'] = user_id`
contacts: improve contact selection UI (#8784) 2015-10-28 17:04:23 +01:00
			`if 'source_pk' in self.request.GET:`
			`source_class = ContentType.objects.get(id=self.request.GET['source_type']).model_class()`
			`source_object = source_class.objects.get(id=self.request.GET['source_pk'])`
			`context['is_pinned_user'] = bool(source_object.contact_id == user_id)`

contacts: search and details (#8190) 2015-09-24 12:28:56 +02:00			`return context`

trivial: apply black 2021-01-11 20:10:12 +01:00
contacts: search and details (#8190) 2015-09-24 12:28:56 +02:00			`contact_detail_fragment = ContactDetailFragmentView.as_view()`
contacts: basic UI to add contacts 2015-11-16 10:19:44 +01:00

			`class ContactAdd(FormView):`
			`template_name = 'contacts/contact_add.html'`
			`form_class = ContactAddForm`

			`def post(self, request):`
			`form = self.get_form(self.get_form_class())`
			`msg = {}`
			`for field_key in form.fields:`
contacts: add to authentic then get id from wcs (#8190) This currently relies on HTTP Basic authentication, username/passwords should be set in the settings, as AUTHENTIC_AUTH_TUPLE. 2015-11-16 14:32:31 +01:00			`if form[field_key].value():`
			`msg[field_key] = form[field_key].value()`

			`msg['password'] = str(random.SystemRandom().random())`
contacts: add a settings for send_registration_mail (#20665) 2017-12-13 17:15:49 +01:00			`msg['send_registration_email'] = getattr(settings, 'CONTACT_SEND_REGISTRATION_EMAIL', True)`
contacts: add to authentic then get id from wcs (#8190) This currently relies on HTTP Basic authentication, username/passwords should be set in the settings, as AUTHENTIC_AUTH_TUPLE. 2015-11-16 14:32:31 +01:00
python3: convert .values to list before accessing (#40830) 2020-03-19 12:03:37 +01:00			`authentic_site = list(settings.KNOWN_SERVICES.get('authentic').values())[0]`
misc: use signed URL to call authentic (#12467) 2016-11-09 17:19:39 +01:00			`authentic_url = authentic_site.get('url')`
			`authentic_orig = authentic_site.get('orig')`
			`authentic_secret = authentic_site.get('secret')`

			`url = authentic_url + 'api/users/?orig=%s' % authentic_orig`
			`signed_url = sign_url(url, authentic_secret)`

contacts: log user creation requests to authentic (#28828) 2018-12-10 19:18:02 +01:00			`logger = logging.getLogger(__name__)`
			`logger.info('POST to authentic (%r)', json.dumps(msg))`
contacts: add to authentic then get id from wcs (#8190) This currently relies on HTTP Basic authentication, username/passwords should be set in the settings, as AUTHENTIC_AUTH_TUPLE. 2015-11-16 14:32:31 +01:00			`authentic_response = requests.post(`
misc: use signed URL to call authentic (#12467) 2016-11-09 17:19:39 +01:00			`signed_url, data=json.dumps(msg), headers={'Content-type': 'application/json'}`
			`)`
contacts: log user creation requests to authentic (#28828) 2018-12-10 19:18:02 +01:00			`logger.info('Got authentic response (%r)', authentic_response.text)`
contacts: add to authentic then get id from wcs (#8190) This currently relies on HTTP Basic authentication, username/passwords should be set in the settings, as AUTHENTIC_AUTH_TUPLE. 2015-11-16 14:32:31 +01:00
			`user_uuid = authentic_response.json().get('uuid')`
double waiting time for provisionning system to create user (#27040) 2018-10-05 15:35:37 +02:00			`for i in range(100):`
contacts: add to authentic then get id from wcs (#8190) This currently relies on HTTP Basic authentication, username/passwords should be set in the settings, as AUTHENTIC_AUTH_TUPLE. 2015-11-16 14:32:31 +01:00			`try:`
			`user_details = get_wcs_data('api/users/%s/' % user_uuid)`
			`result = {'data': {'user_id': user_details.get('id')}}`
			`break`
			`except requests.HTTPError as e:`
			`if e.response.status_code != 404:`
			`raise`
			`time.sleep(0.1)`
			`else:`
			`result = {'err': 1, 'data': 'timeout when calling wcs'}`
contacts: basic UI to add contacts 2015-11-16 10:19:44 +01:00			`response = HttpResponse(content_type='application/json')`
			`json.dump(result, response, indent=2)`
			`return response`

trivial: apply black 2021-01-11 20:10:12 +01:00
contacts: basic UI to add contacts 2015-11-16 10:19:44 +01:00			`contact_add = csrf_exempt(ContactAdd.as_view())`