88 lines
3.1 KiB
Python
Raw Normal View History

2016-09-25 14:07:45 +08:00
from django.db.models import Q
from submission.models import Submission
2016-11-19 12:32:23 +08:00
from utils.api import APIView, validate_serializer
from utils.shortcuts import rand_str
2016-09-25 14:07:45 +08:00
from ..decorators import super_admin_required
from ..models import AdminType, ProblemPermission, User
2017-01-23 16:48:04 +08:00
from ..serializers import EditUserSerializer, UserSerializer
2016-09-25 14:07:45 +08:00
2016-11-19 12:37:27 +08:00
class UserAdminAPI(APIView):
2016-11-19 12:32:23 +08:00
@validate_serializer(EditUserSerializer)
2016-09-25 14:07:45 +08:00
@super_admin_required
def put(self, request):
"""
Edit user api
"""
2016-11-19 12:32:23 +08:00
data = request.data
try:
user = User.objects.get(id=data["id"])
except User.DoesNotExist:
2017-04-19 02:03:48 +08:00
return self.error("User does not exist")
2017-11-06 21:45:52 +08:00
if User.objects.filter(username=data["username"]).exclude(id=user.id).exists():
return self.error("Username already exists")
if User.objects.filter(email=data["email"].lower()).exclude(id=user.id).exists():
2017-04-19 02:03:48 +08:00
return self.error("Email already exists")
2016-09-25 14:07:45 +08:00
pre_username = user.username
2016-11-19 12:32:23 +08:00
user.username = data["username"]
user.email = data["email"]
user.admin_type = data["admin_type"]
user.is_disabled = data["is_disabled"]
2016-09-25 14:07:45 +08:00
2017-02-10 10:38:32 +08:00
if data["admin_type"] == AdminType.ADMIN:
user.problem_permission = data["problem_permission"]
elif data["admin_type"] == AdminType.SUPER_ADMIN:
user.problem_permission = ProblemPermission.ALL
else:
user.problem_permission = ProblemPermission.NONE
2016-11-19 12:32:23 +08:00
if data["password"]:
user.set_password(data["password"])
2016-09-25 14:07:45 +08:00
2016-11-19 12:32:23 +08:00
if data["open_api"]:
# Avoid reset user appkey after saving changes
if not user.open_api:
user.open_api_appkey = rand_str()
else:
user.open_api_appkey = None
user.open_api = data["open_api"]
2016-09-25 14:07:45 +08:00
2016-11-19 12:32:23 +08:00
if data["two_factor_auth"]:
# Avoid reset user tfa_token after saving changes
if not user.two_factor_auth:
user.tfa_token = rand_str()
2016-09-25 14:07:45 +08:00
else:
2016-11-19 12:32:23 +08:00
user.tfa_token = None
2017-02-10 10:38:32 +08:00
2016-11-19 12:32:23 +08:00
user.two_factor_auth = data["two_factor_auth"]
user.save()
if pre_username != user.username:
Submission.objects.filter(username=pre_username).update(username=user.username)
2016-11-19 12:32:23 +08:00
return self.success(UserSerializer(user).data)
2016-09-25 14:07:45 +08:00
@super_admin_required
def get(self, request):
"""
User list api / Get user by id
"""
2017-01-24 23:56:18 +08:00
user_id = request.GET.get("id")
2016-09-25 14:07:45 +08:00
if user_id:
try:
user = User.objects.get(id=user_id)
except User.DoesNotExist:
2017-04-19 02:03:48 +08:00
return self.error("User does not exist")
2016-10-30 02:17:35 +08:00
return self.success(UserSerializer(user).data)
2016-09-25 14:07:45 +08:00
user = User.objects.all().order_by("-create_time")
keyword = request.GET.get("keyword", None)
if keyword:
user = user.filter(Q(username__contains=keyword) |
Q(real_name__contains=keyword) |
Q(email__contains=keyword))
2016-11-19 12:32:23 +08:00
return self.success(self.paginate_data(request, user, UserSerializer))