Files
edx-platform/lms/djangoapps/support/views/manage_user.py
Ahtisham Shahid b2466c8c2b Error incase of disabled user social login
Updated status code and manage user func

update auth verification

Fixed auth condition

fixed test failuers

fixed style issues

fixed style issues

Created test for auth disabled use

Code refactor

Fixed form ain auth exchange

Fixed oauth apps with disabled user fail

applied quality fixes

Refactored tests

fixed quality issues

removed extra files

Fixed linter issues

Fixed linter issues
2021-01-06 20:37:01 +05:00

93 lines
3.5 KiB
Python

"""
Support tool for disabling user accounts.
"""
from django.contrib.auth import get_user_model
from django.db.models import Q
from django.urls import reverse
from django.utils.decorators import method_decorator
from django.utils.translation import ugettext as _
from django.views.generic import View
from rest_framework.generics import GenericAPIView
from common.djangoapps.student.models import UserPasswordToggleHistory
from common.djangoapps.edxmako.shortcuts import render_to_response
from lms.djangoapps.support.decorators import require_support_permission
from openedx.core.djangoapps.user_api.accounts.serializers import AccountUserSerializer
from openedx.core.djangoapps.user_authn.utils import generate_password
from common.djangoapps.util.json_request import JsonResponse
from openedx.core.djangolib.oauth2_retirement_utils import retire_dot_oauth2_models
class ManageUserSupportView(View):
"""
View for viewing and managing user accounts, used by the
support team.
"""
@method_decorator(require_support_permission)
def get(self, request):
"""Render the manage user support tool view."""
return render_to_response('support/manage_user.html', {
_('username'): request.GET.get('user', ''),
_('user_support_url'): reverse('support:manage_user'),
_('user_detail_url'): reverse('support:manage_user_detail')
})
class ManageUserDetailView(GenericAPIView):
"""
Allows viewing and disabling learner accounts by support
staff.
"""
# TODO: ARCH-91
# This view is excluded from Swagger doc generation because it
# does not specify a serializer class.
exclude_from_schema = True
@method_decorator(require_support_permission)
def get(self, request, username_or_email):
"""
Returns details for the given user, along with
information about its username and joining date.
"""
try:
user = get_user_model().objects.get(
Q(username=username_or_email) | Q(email=username_or_email)
)
data = AccountUserSerializer(user, context={'request': request}).data
data['status'] = _('Usable') if user.has_usable_password() else _('Unusable')
return JsonResponse(data)
except get_user_model().DoesNotExist:
return JsonResponse([])
@method_decorator(require_support_permission)
def post(self, request, username_or_email):
"""Allows support staff to disable a user's account."""
user = get_user_model().objects.get(
Q(username=username_or_email) | Q(email=username_or_email)
)
comment = request.data.get("comment")
if user.has_usable_password():
user.set_unusable_password()
UserPasswordToggleHistory.objects.create(
user=user, comment=comment, created_by=request.user, disabled=True
)
retire_dot_oauth2_models(request.user)
else:
user.set_password(generate_password(length=25))
UserPasswordToggleHistory.objects.create(
user=user, comment=comment, created_by=request.user, disabled=False
)
user.save()
if user.has_usable_password():
password_status = _('Usable')
msg = _('User Enabled Successfully')
else:
password_status = _('Unusable')
msg = _('User Disabled Successfully')
return JsonResponse({'success_msg': msg, 'status': password_status})