gdpr user delete and user deactivate functions

2018-03-06 20:20:42 +01:00
parent e353b1cf1f
commit d80e7d8f04
8 changed files with 130 additions and 61 deletions
--- a/rowers/views.py
+++ b/rowers/views.py
@@ -12,6 +12,7 @@ import yaml
 from PIL import Image
 from numbers import Number
 from django.views.generic.base import TemplateView
+from django.contrib.auth import views as auth_views
 from django.db.models import Q
 from django import template
 from django.db import IntegrityError, transaction
@@ -54,7 +55,7 @@ from rowers.forms import (
    )
 from rowers.models import (
    Workout, User, Rower, WorkoutForm,FavoriteChart,
-    PlannedSession
+    PlannedSession, DeactivateUserForm,DeleteUserForm
    )
 from rowers.models import (
    RowerPowerForm,RowerForm,GraphImage,AdvancedWorkoutForm,
@@ -573,6 +574,48 @@ def get_thumbnails(request,id):
        
    return JSONResponse(charts)

+@login_required()
+def deactivate_user(request):
+    pk = request.user.id
+    user = User.objects.get(pk=pk)
+    user_form = DeactivateUserForm(instance=user)
+    if request.user.is_authenticated() and request.user.id == user.id:
+        if request.method == "POST":
+            user_form = DeactivateUserForm(request.POST, instance=user)
+            if user_form.is_valid():
+                deactivate_user = user_form.save(commit=False)
+                user.is_active = False
+                deactivate_user.save()
+                url = reverse(auth_views.logout_then_login)
+                return HttpResponseRedirect(url)
+        return render(request, "userprofile_deactivate.html", {
+            "user_form": user_form,
+        })
+    else:
+        raise PermissionDenied    
+
+@login_required()
+def remove_user(request):
+    pk = request.user.id
+    user = User.objects.get(pk=pk)
+    user_form = DeleteUserForm(instance=user)
+    if request.user.is_authenticated() and request.user.id == user.id:
+        if request.method == "POST":
+            user_form = DeleteUserForm(request.POST,instance=user)
+            if user_form.is_valid():
+                cd = user_form.cleaned_data
+                print cd
+                if cd['delete_user']:
+                    user.delete()
+                    url = reverse(auth_views.logout_then_login)
+                    return HttpResponseRedirect(url)
+        return render(request, "userprofile_delete.html", {
+            "user_form": user_form,
+            })
+    else:
+        raise PermissionDenied
+    
+
@login_required()
 def get_testscript(request,id):
    row = get_workout_permitted(request.user,id)
@@ -1715,7 +1758,11 @@ def workouts_summaries_email_view(request):
        if form.is_valid():
            startdate = form.cleaned_data['startdate']
            enddate = form.cleaned_data['enddate']
-            filename = 'rowsandall_workouts_{first}_{last}.csv'
+            filename = 'rowsandall_workouts_{first}_{last}.csv'.format(
+                first=startdate,
+                last=enddate
+                )
+            print filename
            df = dataprep.workout_summary_to_df(r,startdate=startdate,enddate=enddate)
            df.to_csv(filename,encoding='utf-8')
            res = myqueue(queuehigh,handle_sendemailsummary,