from django.shortcuts import render, get_object_or_404 from django.contrib.auth.decorators import permission_required from django.views.decorators.http import require_http_methods from django.views.decorators.csrf import ensure_csrf_cookie from django.http import HttpResponse, HttpResponseBadRequest from django.core.exceptions import ValidationError from members.models import Member, MemberRequest import json from django.core.mail import send_mail import requests from django.conf import settings #function to validate reCaptcha def validateReCaptcha(response): values = { 'secret': settings.GOOGLE_RECAPTCHA_SECRET_KEY, 'response': response, } url = "https://www.google.com/recaptcha/api/siteverify" headers = {'Content-type': 'application/x-www-form-urlencoded'} resp = requests.post(url, values, headers=headers) result = json.loads(resp.text) print(resp.text) if not result["success"]: return False return True #def sendmail(subject, message): #send_mail( # subject, # message, # 'no-reply@sahkoinsinoorikilta.fi', # ['viestintamestari@sahkoinsinoorikilta.fi'], # fail_silently=False #) @ensure_csrf_cookie @require_http_methods(["GET"]) @permission_required('members.change_member', login_url='/login') def index(request, *args, **kwargs): return render(request, 'members_index.html',{}) @ensure_csrf_cookie def applicationindex(request, *args, **kwargs): return render(request, 'application_index.html',{}) @ensure_csrf_cookie def applicationSuccessIndex(request, *args, **kwargs): return render(request, 'application_success.html',{}) @ensure_csrf_cookie @require_http_methods(["GET"]) @permission_required('members.change_member', login_url='/login') def members(request, *args, **kwargs): mems = list(map(lambda m: m.get_dict(),Member.objects.all())) return HttpResponse(json.dumps(mems)) @ensure_csrf_cookie @require_http_methods(["GET", "POST", "DELETE","PUT"]) @permission_required('members.change_member', login_url='/login') def member(request,*args, **kwargs): # get, put and delete together since all operate on existing objects if request.method in ['GET','PUT', 'DELETE']: # get object by id or give 404 idx = kwargs.pop("idx", None) try: mem = Member.objects.get(pk=idx) except Member.DoesNotExist: resp = HttpResponse('{"error":"object not found"}') resp.status_code = 404 return resp # delete object if requested if request.method == 'DELETE': try: mem.delete() return HttpResponse('{"status":"success"}') except: resp = HttpResponse('{"error" : "could not delete object"}') resp.status_code = 500 return resp # update model if request type was PUT if request.method == 'PUT': try: data = json.loads(request.body.decode("utf-8")) mem.update_from_dict(data) except ValueError: return HttpResponseBadRequest('{"error" : "Invalid parameters supplied"}') return HttpResponse(json.dumps(mem.get_dict())) if request.method == 'POST': try: data = json.loads(request.body.decode("utf-8")) mem = Member.create_from_dict(data) return HttpResponse(json.dumps(mem.get_dict())) except ValueError: return HttpResponseBadRequest('{"error" : "Invalid parameters supplied"}') @ensure_csrf_cookie @require_http_methods(["POST"]) @permission_required('members.change_member', login_url='/login') def csv_import(request, *args, **kwargs): data = request.body.decode("utf-8") resp_data = Member.import_csv(data) resp = HttpResponse(json.dumps(resp_data)) if resp_data['status'] == 'failure': resp.status_code = 400 return resp @ensure_csrf_cookie @require_http_methods(["GET"]) @permission_required('members.change_member', login_url='/login') def member_requests(request, *args, **kwargs): reqs = list(map(lambda r: r.get_dict(),MemberRequest.objects.all())) return HttpResponse(json.dumps(reqs)) @ensure_csrf_cookie def new_member_request(request, *args, **kwargs): try: data = json.loads(request.body.decode("utf-8")) print("jsondada:") print(data) #get captcha response from member captcha = data.pop("reCaptchaResponse", "") print("Captcha:") print(captcha) #send response to google and check it out captcha_ok = validateReCaptcha(captcha) #if not ok, inform user if not captcha_ok: return HttpResponseBadRequest('{"error" : "Captcha not ok. Please try again."}') #if ok continue mem = Member.create_from_dict(data) req = MemberRequest.objects.create(member=mem) subject = 'New application' message = 'You have new application\r\n' message += 'Member info:\r\n' message += 'First name: ' + mem.first_name + '\r\n' message += 'Last name: ' + mem.last_name + '\r\n' message += 'Email: ' + mem.email + '\r\n' message += 'Place of residence: ' + mem.POR + '\r\n' message += 'AYY-membership: ' + str(mem.AYY) + '\r\n' message += 'To mail list: ' + str(mem.jas) + '\r\n' message += 'Created: ' + mem.created.isoformat(' ') + '\r\n' message += 'Please go to the http://sika.sahkoinsinoorikilta.fi/members/ and do something about it!\r\n' #sendmail(subject, message) return HttpResponse(json.dumps(mem.get_dict())) except ValueError: return HttpResponseBadRequest('{"error" : "Invalid parameters supplied"}') except TimeoutError: return HttpResponseBadRequest('{"error" : "Much error, no connection"}') @ensure_csrf_cookie @require_http_methods(["GET", "POST", "DELETE"]) @permission_required('members.change_member', login_url='/login') def handle_mem_request(request, idx, *args, **kwargs): try: req = MemberRequest.objects.get(pk=idx) except MemberRequest.DoesNotExist: resp = HttpResponse('{"error":"object not found"}') resp.status_code = 404 return resp if request.method == 'GET': return HttpResponse(json.dumps(req.get_dict())) elif request.method == 'DELETE': req.member.delete() else: # method == POST because other aren't allowed here req.delete() return HttpResponse('{"status":"success"}')