Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • GREG-411-stop-email-to-unaffiliated-sponsors
  • identityconstraint
  • GREG-339
  • theming-uia
  • always-pull-base-image
  • se-her
  • duplicate-outidentifier
  • GREG-294
  • sentry-future-adblock-solution
  • set_nin_from_feide
  • GREG-213-doubled-notifications
  • GREG-SOMETHING-make-a-new-name
  • GREG-95-import-sponsors
  • allow-implicit-any
  • GREG-67-guests-no-feide
  • GREG-60_summary_page_updates
  • test_jest_fetch_mock
  • GREG-36-feide-auth
  • GREG-39-form-validation
20 results
Blame Permalink
  • Andreas Ellewsen's avatar
    a3a7410d
    Add identity verification to frontend · a3a7410d
    Andreas Ellewsen authored 
    The profile page of a guest now shows a verification button if the guest
has a passport or national identificaiton number that has not been
verified. Clicking the button shows a dialog, with a confirmation button
which triggers a PATCH request to the backend and reloads the page when
it returns.

Resolves: GREG-101
    Verified
    a3a7410d
    History
    Add identity verification to frontend
    Andreas Ellewsen authored 
    The profile page of a guest now shows a verification button if the guest
has a passport or national identificaiton number that has not been
verified. Clicking the button shows a dialog, with a confirmation button
which triggers a PATCH request to the backend and reloads the page when
it returns.

Resolves: GREG-101
views.py 5.09 KiB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144 






from django.contrib.auth import logout
from django.http import JsonResponse
from django.middleware.csrf import get_token
from django.shortcuts import redirect
from rest_framework.authentication import SessionAuthentication, BasicAuthentication
from rest_framework.permissions import IsAuthenticated
from rest_framework.views import APIView

from greg.models import Person, Sponsor
from greg.permissions import IsSponsor
from gregui import mailutils
from gregui.models import GregUserProfile


def get_csrf(request):
    response = JsonResponse({"detail": "CSRF cookie set"})
    response["X-CSRFToken"] = get_token(request)
    return response


def logout_view(request):
    if not request.user.is_authenticated:
        return JsonResponse({"detail": "You're not logged in."}, status=400)

    logout(request)
    return JsonResponse({"detail": "Successfully logged out."})


def login_view(request):
    """
    View for pointing login links to

    Sesame will take the query string automatically and use it to create a session for
    the user, so all this needs to do is redirect the user wherever they're supposed to
    go after successfully logging in.
    """
    # TODO: redirect to whatever path the frontend ends up living at (prob '/')
    return redirect("/api/ui/v1/whoami/")


def send_test_email(request):
    mailutils.send_registration_mail("test@example.no", "Foo Bar")
    return JsonResponse({"detail": "Created task to send test mail."})


class SessionView(APIView):
    authentication_classes = [SessionAuthentication, BasicAuthentication]
    permission_classes = [IsAuthenticated]

    @staticmethod
    # pylint: disable=W0622
    def get(request, format=None):
        return JsonResponse({"isAuthenticated": True})


class WhoAmIView(APIView):
    authentication_classes = [SessionAuthentication, BasicAuthentication]
    permission_classes = [IsAuthenticated]

    @staticmethod
    # pylint: disable=W0622
    def get(request, format=None):
        return JsonResponse({"username": request.user.username})


class OusView(APIView):
    """Fetch Ous related to the authenticated sponsor."""

    authentication_classes = [SessionAuthentication, BasicAuthentication]
    permission_classes = [IsAuthenticated, IsSponsor]

    @staticmethod
    # pylint: disable=W0622
    def get(request, format=None):
        profile = GregUserProfile.objects.get(user=request.user)
        sponsor = Sponsor.objects.get(id=profile.sponsor.id)
        return JsonResponse(
            {
                "ous": [
                    {"id": i.id, "nb": i.name_nb, "en": i.name_en}
                    for i in sponsor.units.all()
                ]
            }
        )


class GuestInfoView(APIView):
    """Fetch all the sponsors guests"""

    authentication_classes = [SessionAuthentication, BasicAuthentication]
    permission_classes = [IsAuthenticated, IsSponsor]

    @staticmethod
    # pylint: disable=W0622
    def get(request, format=None):
        user = GregUserProfile.objects.get(user=request.user)

        return JsonResponse(
            {
                "persons": [
                    {
                        "pid": person.id,
                        "first": person.first_name,
                        "last": person.last_name,
                        "email": person.private_email and person.private_email.value,
                        "mobile": person.private_mobile and person.private_mobile.value,
                        "fnr": person.fnr
                        and {
                            "id": person.fnr.id,
                            "value": "".join((person.fnr.value[:-5], "*****")),
                            "type": person.fnr.type,
                            "verified_at": person.fnr.verified_at,
                        },
                        "passport": person.passport
                        and {
                            "id": person.passport.id,
                            "value": person.passport.value,
                            "type": person.passport.type,
                            "verified_at": person.passport.verified_at,
                        },
                        "active": person.is_registered and person.is_verified,
                        "registered": person.is_registered,
                        "verified": person.is_verified,
                        "roles": [
                            {
                                "id": role.id,
                                "name_nb": role.type.name_nb,
                                "name_en": role.type.name_en,
                                "ou_nb": role.orgunit.name_nb,
                                "ou_en": role.orgunit.name_en,
                                "start_date": role.start_date,
                                "end_date": role.end_date,
                                "max_days": role.type.max_days,
                            }
                            for role in person.roles.all()
                        ],
                    }
                    for person in Person.objects.filter(
                        roles__sponsor=user.sponsor
                    ).distinct()
                ]
            }
        )