UserViewSet.update() - Code Metrics - Inspection of "Gestion des mots de passe" - ProjetSigma/backend - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#12)

by Camille

created 2015-12-28 17:07 UTC

UserViewSet.update() B

↳ Parent: Project

Complexity

Conditions

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Metric	Value
cc	6
dl	0
loc	11
rs	8

import random
import string

from django.core.mail import send_mail
from django.http import Http404

from rest_framework import viewsets, decorators, status
from rest_framework.response import Response
from dry_rest_permissions.generics import DRYPermissions

from sigma_core.models.user import User
from sigma_core.serializers.user import UserSerializer


reset_mail = {
    'from_email': '[email protected]',
    'subject': 'Mot de passe Sigma',
    'message': u"""
Bonjour,
Ton mot de passe Sigma a été réinitialisé.
C'est maintenant "{password}".
Cordialement,
L'équipe Sigma.
"""
}


class UserViewSet(viewsets.ModelViewSet):
    permission_classes = (DRYPermissions, )
    queryset = User.objects.all()
    serializer_class = UserSerializer

    def update(self, request, pk=None):
        try:
            user = User.objects.get(pk=pk)
        except User.DoesNotExist:
            return Http404()

        if ((request.data['lastname'] != user.lastname or request.data['firstname'] != user.firstname)) and not (request.user.is_staff or request.user.is_superuser):
            return Response('You cannot change your lastname or firstname', status=status.HTTP_400_BAD_REQUEST)

        return super(UserViewSet, self).update(request, pk)

    @decorators.list_route(methods=['get'])
    def me(self, request):
        """
        Give the data of the current user.
        """
        if request.user.__class__.__name__ == 'AnonymousUser':
            return Response(status=status.HTTP_401_UNAUTHORIZED)
        else:
            serializer = self.get_serializer_class()(request.user, context={'request': request})
            return Response(serializer.data)

    @decorators.list_route(methods=['put'])
    def change_password(self, request):
        """
        Allow current user to change his password.
        ---
        omit_serializer: true
        parameters_strategy:
            form: replace
        parameters:
            - name: old_password
              type: string
            - name: password
              type: string
        """
        if request.user.__class__.__name__ == 'AnonymousUser':
            return Response(status=status.HTTP_401_UNAUTHORIZED)

        user = request.user
        data = request.data
        if not user.check_password(data['old_password']):
            return Response("Wrong password", status=status.HTTP_403_FORBIDDEN)
        if data['password'] == "":
            return Response("'password' field cannot be empty", status=status.HTTP_400_BAD_REQUEST)

        user.set_password(data['password'])
        user.save()
        return Response('Password successfully changed', status=status.HTTP_200_OK)

    @decorators.list_route(methods=['post'])
    def reset_password(self, request):
        """
        Reset current user's password and send him an email with the new one.
        ---
        omit_serializer: true
        parameters_strategy:
            form: replace
        parameters:
            - name: email
              type: string
        """
        email = request.data.get('email')
        if email == '':
            return Response("'email' field cannot be empty", status=status.HTTP_400_BAD_REQUEST)

        try:
            user = User.objects.get(email=email)
        except User.DoesNotExist:
            return Response('No user found with this email', status=status.HTTP_404_NOT_FOUND)

        password = ''.join(random.choice(string.ascii_lowercase + string.ascii_uppercase + string.digits) for _ in range(10))

        mail = reset_mail.copy()
        mail['recipient_list'] = [user.email]
        mail['message'] = mail['message'].format(email=user.email, password=password, name=user.get_full_name())
        send_mail(**mail)

        user.set_password(password)
        user.save()

        return Response('Password reset', status=status.HTTP_200_OK)


1			import random
2			import string
3
4			from django.core.mail import send_mail
5			from django.http import Http404
6
7			from rest_framework import viewsets, decorators, status
8			from rest_framework.response import Response
9			from dry_rest_permissions.generics import DRYPermissions
10
11			from sigma_core.models.user import User
12			from sigma_core.serializers.user import UserSerializer
13
14
15			reset_mail = {
16			'from_email': '[email protected]',
17			'subject': 'Mot de passe Sigma',
18			'message': u"""
19			Bonjour,
20			Ton mot de passe Sigma a été réinitialisé.
21			C'est maintenant "{password}".
22			Cordialement,
23			L'équipe Sigma.
24			"""
25			}
26
27
28			class UserViewSet(viewsets.ModelViewSet):
29			permission_classes = (DRYPermissions, )
30			queryset = User.objects.all()
31			serializer_class = UserSerializer
32
33			def update(self, request, pk=None):
34			try:
35			user = User.objects.get(pk=pk)
36			except User.DoesNotExist:
37			return Http404()
38
39			if ((request.data['lastname'] != user.lastname or request.data['firstname'] != user.firstname)) and not (request.user.is_staff or request.user.is_superuser):
40			return Response('You cannot change your lastname or firstname', status=status.HTTP_400_BAD_REQUEST)
41
42			return super(UserViewSet, self).update(request, pk)
43
44			@decorators.list_route(methods=['get'])
45			def me(self, request):
46			"""
47			Give the data of the current user.
48			"""
49			if request.user.__class__.__name__ == 'AnonymousUser':
50			return Response(status=status.HTTP_401_UNAUTHORIZED)
51			else:
52			serializer = self.get_serializer_class()(request.user, context={'request': request})
53			return Response(serializer.data)
54
55			@decorators.list_route(methods=['put'])
56			def change_password(self, request):
57			"""
58			Allow current user to change his password.
59			---
60			omit_serializer: true
61			parameters_strategy:
62			form: replace
63			parameters:
64			- name: old_password
65			type: string
66			- name: password
67			type: string
68			"""
69			if request.user.__class__.__name__ == 'AnonymousUser':
70			return Response(status=status.HTTP_401_UNAUTHORIZED)
71
72			user = request.user
73			data = request.data
74			if not user.check_password(data['old_password']):
75			return Response("Wrong password", status=status.HTTP_403_FORBIDDEN)
76			if data['password'] == "":
77			return Response("'password' field cannot be empty", status=status.HTTP_400_BAD_REQUEST)
78
79			user.set_password(data['password'])
80			user.save()
81			return Response('Password successfully changed', status=status.HTTP_200_OK)
82
83			@decorators.list_route(methods=['post'])
84			def reset_password(self, request):
85			"""
86			Reset current user's password and send him an email with the new one.
87			---
88			omit_serializer: true
89			parameters_strategy:
90			form: replace
91			parameters:
92			- name: email
93			type: string
94			"""
95			email = request.data.get('email')
96			if email == '':
97			return Response("'email' field cannot be empty", status=status.HTTP_400_BAD_REQUEST)
98
99			try:
100			user = User.objects.get(email=email)
101			except User.DoesNotExist:
102			return Response('No user found with this email', status=status.HTTP_404_NOT_FOUND)
103
104			password = ''.join(random.choice(string.ascii_lowercase + string.ascii_uppercase + string.digits) for _ in range(10))
105
106			mail = reset_mail.copy()
107			mail['recipient_list'] = [user.email]
108			mail['message'] = mail['message'].format(email=user.email, password=password, name=user.get_full_name())
109			send_mail(**mail)
110
111			user.set_password(password)
112			user.save()
113
114			return Response('Password reset', status=status.HTTP_200_OK)
115

ProjetSigma / backend

Pull Request — master (#12)

UserViewSet.update() B

Complexity

Size

Duplication

Duplication Side-by-Side

Filter issues like