[#3] Auth: Admin Registration

a04fc62f · Arief Pratama · 71f8ce61 · a04fc62f · a04fc62f · a04fc62f
Commit a04fc62f authored Oct 30, 2020 by Arief Pratama
--- a/administration/forms.py
+++ b/administration/forms.py
@@ -146,3 +146,15 @@ class EditAdminStatusForm(forms.ModelForm):

    def __init__(self, *args, **kwargs):
        super(EditAdminStatusForm, self).__init__(*args, **kwargs)
+
+
+class EditKontributorStatusForm(forms.ModelForm):
+
+    is_active = forms.BooleanField(required=False)
+
+    class Meta:
+        model = User
+        fields = ["is_active"]
+
+    def __init__(self, *args, **kwargs):
+        super(EditKontributorStatusForm, self).__init__(*args, **kwargs)
--- a/administration/templates/edit_kontributor.html
+++ b/administration/templates/edit_kontributor.html
+{% extends 'administration/base_administrasi.html' %}
+{% load static %}
+
+{% block content %}
+<div class="card shadow mb-4">
+	<div class="card-header py-3">
+		<h6 class="m-0 font-weight-bold text-primary">
+			Edit {{ page_title }}
+		</h6>
+	</div>
+	<div class="card-body">
+		<form method="POST">
+			{% csrf_token %}
+			{{ item.name }}
+			<div class="status d-flex align-items-baseline">
+				{{ form.is_active }} <br> Active
+			</div>
+			<div class="">
+				<button class="btn-sm btn-primary rounded p-12" type="submit">
+					<i class="far fa-save" aria-hidden="true"></i>
+					Simpan
+				</button>
+			</div>
+		</form>
+	</div>
+</div>
+{% endblock %}
\ No newline at end of file
--- a/administration/templates/kelola_kontributor.html
+++ b/administration/templates/kelola_kontributor.html
@@ -23,6 +23,7 @@
            <th scope="col">Nama</th>
            <th scope="col">NIK</th>
            <th scope="col">Instansi</th>
+            <th scope="col">Status</th>
            <th scope="col">Detail</th>
          </tr>
        </thead>
@@ -31,6 +32,7 @@
            <th scope="col">Nama</th>
            <th scope="col">NIK</th>
            <th scope="col">Instansi</th>
+            <th scope="col">Status</th>
            <th scope="col">Detail</th>
          </tr>
          </tr>
@@ -41,8 +43,10 @@
            <td>{{ user.name }}</td>
            <td>{{ user.nik }}</td>
            <td>{{ user.instansi }}</td>
+            <td>{% if user.is_active %} Active {% else %} Inactive {% endif %}</td>
            <td class="verif-buttons">
              <span>
+                <a href="/administration/setting/kontributor/{{ user.id }}/edit" class="accept-button button-decoration" role="button">Edit</a>
                <a href="/administration/profil/{{ user.id }}/" class="accept-button button-decoration">Detail</a>
                <button type="button" class="reject-button button-decoration" data-toggle="modal" data-target="#confirmModal{{ user.id }}">Hapus</button>
                <div class="modal fade" id="confirmModal{{ user.id }}" tabindex="-1" role="dialog" aria-labelledby="exampleModalLabel" aria-hidden="true">

--- a/administration/tests.py
+++ b/administration/tests.py
@@ -5,7 +5,7 @@ from django.urls import resolve

 from administration import models, views
 from administration.utils import id_generator
-from administration.forms import EditAdminStatusForm
+from administration.forms import EditAdminStatusForm, EditKontributorStatusForm
 from app.models import Category, Materi, LaporanMateri
 from authentication.models import User
 from bs4 import BeautifulSoup
@@ -1577,3 +1577,85 @@ class RejectReportTest(TestCase):
        response = self.client.get(self.url + '100/')
        self.assertEqual(response.status_code, 404)
        self.client.logout()
+
+
+class EditKontributorStatusFormTests(TestCase):
+    def test_set_active_admin(self):
+        form = EditKontributorStatusForm(data={"is_active": True})
+
+        self.assertEqual(form.is_valid(), True)
+
+    def test_set_inactive_admin(self):
+        form = EditKontributorStatusForm(data={"is_active": False})
+
+        self.assertEqual(form.is_valid(), True)
+
+class EditKontributorStatusTests(TestCase):
+
+    def setUp(self):
+        self.client = Client()
+        self.kontrib_credential = {
+            "email": "kontrib@gov.id",
+            "password": id_generator()
+        }
+        self.admin_credential = {
+            "email": "admin@gov.id",
+            "password": id_generator()
+        }
+        self.kontrib = get_user_model().objects.create_user(
+            **self.kontrib_credential, name="Kontributor", is_contributor=True)
+        self.admin = get_user_model().objects.create_user(
+            **self.admin_credential, name="Admin", is_admin=True)
+
+        self.dummy_kontributor = User(name='dummy_kontributor', is_contributor=True, email="dummy_kontributor@example.com")
+        self.dummy_kontributor.save()
+
+        self.dummy_admin = User(name='dummy_admin', is_admin=True, email="dummy_admin@example.com")
+        self.dummy_admin.save()
+
+        self.edit_url_dummy_admin = self.url_generator_edit_kontributor(self.dummy_admin.id)
+        self.edit_url_dummy_kontributor = self.url_generator_edit_kontributor(self.dummy_kontributor.id)
+
+    def url_generator_edit_kontributor(self, id):
+        return "/administration/setting/kontributor/" + str(id) + EDIT_ENDPOINT
+
+
+    def test_get_edit_kontributor_html_content(self):
+        self.client.login(**self.admin_credential)
+        response = self.client.get(self.edit_url_dummy_kontributor)
+        self.assertContains(response, self.dummy_kontributor.name)
+
+    def test_cannot_edit_set_active_admin_as_admin(self):
+        self.client.login(**self.admin_credential)
+        self.client.get(self.edit_url_dummy_admin)
+        response = self.client.post(self.edit_url_dummy_admin, {"is_active": "on"})
+        self.assertEqual(response.status_code, 403)
+
+    def test_edit_set_active_kontributor_as_admin(self):
+        self.dummy_kontributor.is_active = False
+        self.client.login(**self.admin_credential)
+        self.client.get(self.edit_url_dummy_kontributor)
+        response = self.client.post(self.edit_url_dummy_kontributor, {"is_active": "on"})
+        self.dummy_kontributor.refresh_from_db()
+
+        self.assertEqual(response.status_code, 302)
+        self.assertEqual(self.dummy_kontributor.is_active, True)
+
+
+    def test_edit_set_inactive_kontributor_as_admin(self):
+        self.dummy_kontributor.is_active = True
+        self.client.login(**self.admin_credential)
+        self.client.get(self.edit_url_dummy_kontributor)
+        response = self.client.post(self.edit_url_dummy_kontributor, {"is_active": "false"})
+        self.dummy_kontributor.refresh_from_db()
+
+        self.assertEqual(response.status_code, 302)
+        self.assertEqual(self.dummy_kontributor.is_active, False)
+
+    def test_cannot_access_edit_page_as_user(self):
+        self.client.login(**self.kontrib_credential)
+        response = self.client.get(self.edit_url_dummy_admin)
+
+        self.assertEqual(response.status_code, 403)
+
+
--- a/administration/urls.py
+++ b/administration/urls.py
@@ -9,6 +9,7 @@ from administration.views import VerificationView, DetailVerificationView, \
                                 delete_verification, StatisticsView, \
                                 StatisticApiView, EditCategoryView, \
                                 EditAdminStatusView, delete_category, \
+                                 EditKontributorStatusView, \
                                 generatedummy, KelolaMateriView, \
                                 LaporanMateriView, LaporanMateriDetailView, \
                                 tolak_laporan, blok_materi
@@ -35,6 +36,8 @@ urlpatterns = [
    path("kelola-admin/tambah/", RegistrasiAdminView.as_view()),
    path("setting/admin/<int:pk>/edit",
         EditAdminStatusView.as_view(), name="edit-admin-status"),
+    path("setting/kontributor/<int:pk>/edit",
+         EditKontributorStatusView.as_view(), name="edit-admin-status"),
    path("hapus-admin/<int:pk>/", delete_admin),
    path("hapus-kontributor/<int:pk>/", delete_contributor),
    path("kelola-materi/", KelolaMateriView.as_view()),

--- a/administration/views.py
+++ b/administration/views.py
@@ -7,7 +7,7 @@ from django.views.generic import TemplateView, View
 from django.contrib import messages
 from django.utils import timezone
 from administration.models import VerificationReport, VerificationSetting, DeletionHistory
-from administration.forms import CategoryForm, VerificationSettingForm, RegistrasiAdminForm, PeriodForm, EditAdminStatusForm
+from administration.forms import CategoryForm, VerificationSettingForm, RegistrasiAdminForm, PeriodForm, EditAdminStatusForm, EditKontributorStatusForm
 from administration.services import StatisticService, DetailVerificationService, LaporanMateriService
 from app.models import Category, Materi, ViewStatistics, DownloadStatistics, Comment, Like, LaporanMateri
 from authentication.models import User
@@ -417,6 +417,36 @@ class EditAdminStatusView(TemplateView):
        form.save()
        return HttpResponseRedirect(ADMINISTRATION_MANAGEMENT)

+
+class EditKontributorStatusView(TemplateView):
+    template_name = "edit_kontributor.html"
+
+    def dispatch(self, request, *args, **kwargs):
+        if not request.user.is_authenticated or not request.user.is_admin:
+            raise PermissionDenied(request)
+        return super(EditKontributorStatusView, self).dispatch(request, *args, **kwargs)
+
+    def get_context_data(self, **kwargs):
+        context = super(EditKontributorStatusView, self).get_context_data(**kwargs)
+        context["page_title"] = "Admin Status"
+        context["item"] = User.objects.get(id=kwargs["pk"])
+        context["form"] = EditKontributorStatusForm(instance=context["item"])
+        return context
+
+    def get(self, request, *args, **kwargs):
+        context = self.get_context_data(**kwargs)
+        return self.render_to_response(context=context)
+
+    def post(self, request, *args, **kwargs):
+        user_object = self.get_context_data(**kwargs)["item"]
+        if not user_object.is_contributor:
+            raise PermissionDenied(request)
+        form = EditKontributorStatusForm(
+            request.POST, instance=user_object)
+        form.save()
+        return HttpResponseRedirect('/administration/kelola-kontributor/')
+
+
 def delete_admin(request, *args, **kwargs):
    if not request.user.is_authenticated or not request.user.is_admin:
        raise PermissionDenied(request)
@@ -457,7 +487,7 @@ def delete_verification(request, *args, **kwargs):
                                    pk=kwargs["pk_verification"])
    queryObject.archived = True
    queryObject.description = "Telah dihapus pada " + \
-        str(datetime.now().strftime("%m/%d/%Y, %H:%M:%S")) + " WIB"
+        str(timezone.now().strftime("%m/%d/%Y, %H:%M:%S")) + " WIB"
    queryObject.archived_by = request.user
    queryObject.save()
    messages.success(request, "Point verifikasi berhasil dihapus")
@@ -473,7 +503,7 @@ def delete_category(request, *args, **kwargs):
                                    pk=kwargs["pk_category"])
    queryObject.archived = True
    queryObject.description = "Telah dihapus pada " + \
-        str(datetime.now().strftime("%m/%d/%Y, %H:%M:%S")) + " WIB"
+        str(timezone.now().strftime("%m/%d/%Y, %H:%M:%S")) + " WIB"
    queryObject.archived_by = request.user
    queryObject.save()
    messages.success(request, "Kategori " +

--- a/register/services.py
+++ b/register/services.py
@@ -16,6 +16,7 @@ class RegistrationService:

            new_user.password = make_password(data["password"])
            new_user.is_contributor = True
+            new_user.is_active = False
            new_user.save()
            create_result["user"] = new_user
        except ValidationError as e:

--- a/register/templates/index.html
+++ b/register/templates/index.html
@@ -110,6 +110,11 @@
                            </div>
                        
                        </div>
+                        
+                        {% if message %}
+                        <div class="text-success txt1" id="registrasi">{{ message }}</div>
+                        <div class="txt1">Kembali ke <a href="/" class="txt1">halaman utama</a></div>
+                        {% endif %}

                    </form>
                    <div class="login100-more" style="background-image: url('../static/images/bg-03.jpg'); z-index: 0;">

--- a/register/views.py
+++ b/register/views.py
@@ -19,13 +19,14 @@ class index(TemplateView):
        form = UserForm(request.POST)
        if form.is_valid():
            create_user_service = RegistrationService.create_new_contributor(data, form)
+            context = self.get_context_data(**kwargs)
+
            if not create_user_service["success"]:
-                context = self.get_context_data(**kwargs)
                context["form"] = create_user_service["form"]
                return self.render_to_response(context)

-            login(request, create_user_service["user"])
-            return HttpResponseRedirect("/sukses-kontributor/")
+            context["message"] = "Registrasi Berhasil. Mohon tunggu approval dari staf kami."
+            return self.render_to_response(context)
        else:
            context = self.get_context_data(**kwargs)
            context["form"] = form