[accounts][migration/templates-email] migration to set all users properly and...

[accounts][migration/templates-email] migration to set all users properly and inform rejected users of the new supervision rule

beat/web/accounts/migrations/0010_check_all_accounts.py

+#!/usr/bin/env python
+# vim: set fileencoding=utf-8 :
+
+###############################################################################
+#                                                                             #
+# Copyright (c) 2017 Idiap Research Institute, http://www.idiap.ch/           #
+# Contact: beat.support@idiap.ch                                              #
+#                                                                             #
+# This file is part of the beat.web module of the BEAT platform.              #
+#                                                                             #
+# Commercial License Usage                                                    #
+# Licensees holding valid commercial BEAT licenses may use this file in       #
+# accordance with the terms contained in a written agreement between you      #
+# and Idiap. For further information contact tto@idiap.ch                     #
+#                                                                             #
+# Alternatively, this file may be used under the terms of the GNU Affero      #
+# Public License version 3 as published by the Free Software and appearing    #
+# in the file LICENSE.AGPL included in the packaging of this file.            #
+# The BEAT platform is distributed in the hope that it will be useful, but    #
+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY  #
+# or FITNESS FOR A PARTICULAR PURPOSE.                                        #
+#                                                                             #
+# You should have received a copy of the GNU Affero Public License along      #
+# with the BEAT platform. If not, see http://www.gnu.org/licenses/.           #
+#                                                                             #
+###############################################################################
+
+from __future__ import unicode_literals
+
+from django.db.models import Q
+from django.core.urlresolvers import reverse
+from django.template import loader
+from django.template import Context
+
+from django.conf import settings
+from django.db import migrations, models
+import django.db.models.deletion
+from django.contrib.auth.models import User
+from datetime import datetime, timedelta
+import datetime
+import re
+from urlparse import urlparse
+
+import simplejson as json
+
+def set_profile_state(apps, schema_editor):
+    '''Set profile status'''
+
+    profiles = apps.get_model("accounts", "Profile")
+    supervisiontracks = apps.get_model("accounts", "SupervisionTrack")
+
+    users = User.objects.all()
+    now = datetime.datetime.now()
+    expiration_date_delta = datetime.timedelta(days=settings.ACCOUNT_BLOCKAGE_AFTER_FIRST_REJECTION_DAYS)
+
+    specialusers = ["AnonymousUser", "plot", "system", "scheduler"]
+    for user in users:
+        user.save()
+        if user.is_staff or user.username in specialusers:
+            user.profile.status = 'A'
+            user.profile.rejection_date = None
+        else:
+            #reject this account and inform by email the user
+            user.profile.status = 'R'
+            user.profile.rejection_date = now + expiration_date_delta
+            from django.core.mail import send_mail
+
+            parsed_url = urlparse(settings.URL_PREFIX)
+            server_address = '%s://%s' % (parsed_url.scheme, parsed_url.hostname)
+
+            c = Context({ 'user': user,
+                          'prefix': server_address,
+                        })
+
+            try:
+                t = loader.get_template('registration/mail.migration_10_accounts.subject.txt')
+                subject = t.render(c)
+
+                # Note: e-mail subject *must not* contain newlines
+                subject = settings.EMAIL_SUBJECT_PREFIX + ''.join(subject.splitlines())
+
+                t = loader.get_template('registration/mail.migration_10_accounts.message.txt')
+                message = t.render(c)
+
+                send_mail(subject, message, settings.DEFAULT_FROM_EMAIL, [user.email])
+            except:
+                pass
+
+        user.profile.supervision_key = None
+
+        user.profile.save()
+        user.save()
+
+def backward_dummy(apps, schema_editor):
+    pass
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('accounts', '0009_auto_20170627_0956'),
+    ]
+
+    operations = [
+        migrations.RunPython(set_profile_state, backward_dummy)
+    ]

beat/web/ui/registration/templates/registration/mail.migration_10_accounts.message.txt

+Dear {{ user.first_name }},
+
+The admin of the BEAT platform would like to inform you of a security update
+to your account used under username {{ user.username}}
+
+From now on you will need to be supervised by a known supervisor.
+
+To comply with this new rule, please go to your account settings and under
+Account Management click on "Add a supervisor" and validate it with a known
+supervisor.
+
+Failing to do so, your account will be blocked after a few weeks! (you
+can however still re-activate it through an unblock account procedure)
+
+If you are having problems to revalidate your account, contact a member of our
+support staff at {{ prefix }}{% url 'contact' %}.
+
+BEAT Administrators at the Idiap Research Institute

beat/web/ui/registration/templates/registration/mail.migration_10_accounts.subject.txt

+Major Account Update - Supervision Required (BEAT platform)