rug-website/rugwebsite/views.py

from django.contrib.auth.decorators import login_required
from django.contrib.auth.models import User
from django.shortcuts import render

from rugwebsite.forms import RequestGDPRDelete
from rugwebsite.models import PendingGDPRAgree, GDPRAgreed, PendingGDPRDelete

from django.utils.crypto import get_random_string


def home(request):
    return render(request, 'rugwebsite/home.html', {'shownav': True})


def gdpr(request):
    return render(request, 'rugwebsite/gdpr.html', {'show_agree_button': False, 'shownav': True})


@login_required
def gdpr_ask_agreement(request):
    if not request.user.is_superuser:
        raise PermissionError()

    for user in User.objects.filter(username__in=('p207263', 'p233780', 'p253591', 'p269380'),
                                    is_active=True).all():
        token = get_random_string(length=32)
        pending = PendingGDPRAgree(user=user, token=token)
        pending.save()
        pending.email()
    return render(request, 'rugwebsite/gdpr.html', {'show_agree_button': False, 'shownav': True})


def gdpr_request_delete(request):
    if request.method == 'POST':
        form = RequestGDPRDelete(request.POST)
        if form.is_valid():
            users = list(User.objects.filter(email=form.cleaned_data['email']).all())
            for user in users:
                token = get_random_string(length=32)
                pending = PendingGDPRDelete(user=user, token=token)
                pending.save()
                pending.email()
            return render(request, 'rugwebsite/gdpr_request_delete_successful.html', {'shownav': True, 'found': len(users) > 0})
    else:
        form = RequestGDPRDelete()

    return render(request, 'rugwebsite/gdpr_request_delete.html', {'form': form, 'shownav': True})


def gdpr_delete(request, email, token):
    pending = list(PendingGDPRDelete.objects.filter(user__email=email, token=token).all())
    if len(pending) > 0:
        for pending in pending:
            pending.forget(request)
        return render(request, 'rugwebsite/gdpr_delete.html', {'deleted': True, 'shownav': True})
    return render(request, 'rugwebsite/gdpr_delete.html', {'deleted': False, 'shownav': True})


def gdpr_agree(request, email, token):
    if 'agree' not in request.GET:
        return render(request, 'rugwebsite/gdpr.html', {'show_agree_button': True, 'shownav': True, 'email': email,
                                                        'token': token})

    result = {
        'already_agreed': GDPRAgreed.objects.filter(user__email=email).exists(),
        'show_agree_buttom': False,
        'shownav': True
    }

    if not result['already_agreed']:
        pending = list(PendingGDPRAgree.objects.filter(token=token, user__email=email).all())
        if len(pending) == 1:
            pending[0].agree()
        else:
            if GDPRAgreed.objects.filter(user__email=email).exists():
                result['already_agreed'] = True
            else:
                result['token_not_found'] = True

    return render(request, 'rugwebsite/gdpr_agree_success.html', result, {'shownav': True})