ScilifelabDataCentre · anondo1969 · Oct 22, 2024 · Apr 19, 2024 · Apr 19, 2024 · May 23, 2024
diff --git a/common/forms.py b/common/forms.py
@@ -13,12 +13,11 @@
 from django.core.validators import EmailValidator
 from django.db import transaction
 from django.utils.safestring import mark_safe
+from django.utils.translation import gettext_lazy as _
 
 from common.models import EmailVerificationTable, UserProfile
 from studio.utils import get_logger
 
-from django.utils.translation import gettext_lazy as _
-
 logger = get_logger(__name__)
 
 
@@ -115,7 +114,7 @@ class UserForm(BootstrapErrorFormMixin, UserCreationForm):
             "Swedish university</a> email address. If you are not affiliated with a Swedish university, "
             "your account request will be reviewed manually."
         ),
-        #disabled = True,
+        # disabled = True,
     )
     password1 = forms.CharField(
         min_length=8,
@@ -326,13 +325,14 @@ class Meta:
         ]
 
 
+# creating a new form because UserForm is a UserCreationForm, which means 'exclude' in Meta or change in
+# initialization won't work
 class UserEditForm(BootstrapErrorFormMixin, forms.ModelForm):
     first_name = forms.CharField(
         min_length=1,
         max_length=30,
         label="First name",
         widget=forms.TextInput(attrs={"class": "form-control"}),
-
     )
     last_name = forms.CharField(
         min_length=1,
@@ -342,14 +342,11 @@ class UserEditForm(BootstrapErrorFormMixin, forms.ModelForm):
     )
     email = forms.EmailField(
         max_length=254,
-        label="Email",
+        label="Email address",
         widget=forms.TextInput(attrs={"class": "form-control"}),
-        help_text=mark_safe(
-            "Email address can not be changed. Please email [email protected] with any questions."
-        ),
-        disabled = True,
+        help_text=mark_safe("Email address can not be changed. Please email [email protected] with any questions."),
+        disabled=True,
     )
-
 
     required_css_class = "required"
 
@@ -371,78 +368,18 @@ class Meta:
 
     def __repr__(self) -> str:
         return f"{self.__class__.__name__}({self.data})"
-
-'''
-class ProfileEditForm(BootstrapErrorFormMixin, forms.ModelForm):
-    affiliation = forms.ChoiceField(
-        widget=forms.Select(attrs={"class": "form-control"}),
-        label="University",
-        choices=UNIVERSITIES,
-        help_text="Affiliation can not be changed. Please email [email protected] with any questions.",
-        disabled = True,
-    )
-    department = forms.CharField(
-        widget=ListTextWidget(data_list=DEPARTMENTS, name="department-list", attrs={"class": "form-control"}),
-        label="Department",
-        required=False,
-        help_text="Select closest department name or enter your own.",
-    )
-
-    required_css_class = "required"
 
-    class Meta:
-        model = UserProfile
-        fields = [
-            "affiliation",
-            "department",
-            "note",
-            "why_account_needed",
-        ]
+
+class ProfileEditForm(ProfileForm):
+    class Meta(ProfileForm.Meta):
         exclude = [
             "note",
             "why_account_needed",
         ]
 
-    def __repr__(self):
-        return f"{self.__class__.__name__}({self.data})"
-''' 
-
-class ProfileEditForm(ProfileForm):
-
-
-    class Meta(ProfileForm.Meta):
-
-        exclude = ["note",
-            "why_account_needed",]
-
     def __init__(self, *args, **kwargs):
         super(ProfileEditForm, self).__init__(*args, **kwargs)
-        self.fields["affiliation"].disabled=True
-        #self.fields["affiliation"].required = False
-        self.fields["affiliation"].help_text="Affiliation can not be changed. Please email [email protected] with any questions."
-
-'''   
-class UserEditForm(UserForm):
-
-
-    class Meta(UserForm.Meta):
-
-        exclude = [
-            "username",
-            "password1",
-            "password2",
-        ]
-    def __init__(self, *args, **kwargs):
-        super(UserEditForm, self).__init__(*args, **kwargs)
-        self.fields["email"].disabled=True
-        self.fields["email"].help_text="Email address can not be changed. Please email [email protected] with any questions."
-        del self.fields["password1"]
-        del self.fields["password2"]
-        self.fields["email"].required = False
-'''      
-
-
-
-
-
-
+        self.fields["affiliation"].disabled = True
+        self.fields[
+            "affiliation"
+        ].help_text = "Affiliation can not be changed. Please email [email protected] with any questions."
diff --git a/common/views.py b/common/views.py
@@ -1,21 +1,29 @@
 from django.conf import settings
 from django.contrib import messages
 from django.contrib.auth import authenticate, login, logout
+from django.core.exceptions import ObjectDoesNotExist
 from django.core.mail import send_mail
 from django.db import transaction
 from django.http.response import HttpResponseRedirect
-from django.shortcuts import redirect, render, HttpResponse
+from django.shortcuts import HttpResponse, redirect, render
 from django.urls import reverse_lazy
 from django.views.generic import CreateView, TemplateView
-from django.views.generic.edit import UpdateView
-from django.core.exceptions import ObjectDoesNotExist
+
 from studio.utils import get_logger
 
-from .forms import ProfileForm, SignUpForm, TokenVerificationForm, UserForm, ProfileEditForm, UserEditForm
+from .forms import (
+    ProfileEditForm,
+    ProfileForm,
+    SignUpForm,
+    TokenVerificationForm,
+    UserEditForm,
+    UserForm,
+)
 from .models import EmailVerificationTable, UserProfile
 
 logger = get_logger(__name__)
 
+
 # Create your views here.
 class HomeView(TemplateView):
     template_name = "common/landing.html"
@@ -133,84 +141,95 @@ def post(self, request, *args, **kwargs):
                 messages.error(request, "Invalid token!")
                 return redirect("portal:home")
         return render(request, self.template_name, {"form": form})
-    
+
 
 class EditProfileView(TemplateView):
-    """
-
-    """
-    template_name = "registration/edit_profile.html"
-
+    """ """
+
+    template_name = "user/profile_edit_form.html"
+
     profile_edit_form_class = ProfileEditForm
-    user_edit_form_class= UserEditForm
-    
+    user_edit_form_class = UserEditForm
+
     def get_user_profile_info(self, request):
-         # Get the user profile
+        # Get the user profile from database
         try:
-        # Note that not all users have a user profile object
-        # such as the admin superuser
-            user_profile_data = UserProfile.objects.get(user_id=request.user.id)
+            # Note that not all users have a user profile object
+            # such as the admin superuser
+            user_profile = UserProfile.objects.get(user_id=request.user.id)
         except ObjectDoesNotExist as e:
             logger.error(str(e), exc_info=True)
             user_profile = UserProfile()
         except Exception as e:
             logger.error(str(e), exc_info=True)
             user_profile = UserProfile()
-
-        return user_profile_data
-
-
+
+        return user_profile
+
     def get(self, request, *args, **kwargs):
-
         user_profile_data = self.get_user_profile_info(request)
-        
-        profile_edit_form = self.profile_edit_form_class(initial={
-                                                    "affiliation" : user_profile_data.affiliation,
-                                                    "department" : user_profile_data.department
-                                                 })
-
-
-        user_edit_form = self.user_edit_form_class(initial={
-                                                    "email" : user_profile_data.user.email,
-                                                    "first_name" : user_profile_data.user.first_name,
-                                                    "last_name" : user_profile_data.user.last_name
-                                                 }) 
-        
+
+        profile_edit_form = self.profile_edit_form_class(
+            initial={"affiliation": user_profile_data.affiliation, "department": user_profile_data.department}
+        )
+
+        user_edit_form = self.user_edit_form_class(
+            initial={
+                "email": user_profile_data.user.email,
+                "first_name": user_profile_data.user.first_name,
+                "last_name": user_profile_data.user.last_name,
+            }
+        )
+
         return render(request, self.template_name, {"form": user_edit_form, "profile_form": profile_edit_form})
-    
+
     def post(self, request, *args, **kwargs):
-
         user_profile_data = self.get_user_profile_info(request)
-
-        user_form_details = self.user_edit_form_class(request.POST, instance=request.user, initial={
-                                                    "email" : user_profile_data.user.email,})
-
-        profile_form_details = self.profile_edit_form_class(request.POST, instance=user_profile_data, initial={
-                                                   "affiliation" : user_profile_data.affiliation,})
-
+
+        user_form_details = self.user_edit_form_class(
+            request.POST,
+            instance=request.user,
+            initial={
+                "email": user_profile_data.user.email,
+            },
+        )
+
+        profile_form_details = self.profile_edit_form_class(
+            request.POST,
+            instance=user_profile_data,
+            initial={
+                "affiliation": user_profile_data.affiliation,
+            },
+        )
+
         if user_form_details.is_valid() and profile_form_details.is_valid():
-
-            user_form_details.save()
-            profile_form_details.save()
-
-
-            #logger.info(user_form_details.cleaned_data, exc_info=True)
-
-            logger.info("Updated First Name: "+str(self.get_user_profile_info(request).user.first_name), exc_info=True)
-            logger.info("Updated Last Name: "+str(self.get_user_profile_info(request).user.last_name), exc_info=True)
-            logger.info("Updated Department: "+str(self.get_user_profile_info(request).department), exc_info=True)
-
-            return render(request, "registration/edit_profile_done.html")
-
+            try:
+                with transaction.atomic():
+                    user_form_details.save()
+                    profile_form_details.save()
+
+                    logger.info(
+                        "Updated First Name: " + str(self.get_user_profile_info(request).user.first_name), exc_info=True
+                    )
+                    logger.info(
+                        "Updated Last Name: " + str(self.get_user_profile_info(request).user.last_name), exc_info=True
+                    )
+                    logger.info(
+                        "Updated Department: " + str(self.get_user_profile_info(request).department), exc_info=True
+                    )
+
+            except Exception as e:
+                return HttpResponse("Error updating records: " + str(e))
+
+            return render(request, "user/profile.html", {"user_profile": self.get_user_profile_info(request)})
+
         else:
-
-            # Redirect back to the same page if the data
-            # was invalid
-
-            #print (form.errors)
-            if user_form_details.is_valid()==False:
+            if not user_form_details.is_valid():
                 logger.error("Edit user error: " + str(user_form_details.errors), exc_info=True)
-            if  profile_form_details.is_valid()==False:
+
+            if not profile_form_details.is_valid():
                 logger.error("Edit profile error: " + str(profile_form_details.errors), exc_info=True)
-
-            return render(request, self.template_name, {"form": user_form_details, "profile_form": profile_form_details})
+
+            return render(
+                request, self.template_name, {"form": user_form_details, "profile_form": profile_form_details}
+            )
diff --git a/cypress/e2e/ui-tests/test-brute-force-login-attempts.cy.js b/cypress/e2e/ui-tests/test-brute-force-login-attempts.cy.js
@@ -45,7 +45,7 @@ describe("Test brute force login attempts are blocked", () => {
 
         // Sign out before logging in again
         cy.logf("Sign out before logging in again", Cypress.currentTest)
-        cy.get('button.btn-profile').click()
+        cy.get('button.btn-profile').contains("Profile").click()
         cy.get('li.btn-group').find('button').contains("Sign out").click()
         cy.get("title").should("have.text", "Logout | SciLifeLab Serve (beta)")
 

diff --git a/templates/common/navbar.html b/templates/common/navbar.html
@@ -40,7 +40,7 @@
                         </button>
                         <ul class="dropdown-menu">
                             <li><a class="dropdown-item" href="{% url 'user-profile' %}"><i class="bi bi-person me-1"></i>My profile</a></li>
-                            <li><a class="dropdown-item" href="{% url 'common:edit-profile' %}"><i class="bi bi-person me-1"></i>Edit profile</a></li>
+                            <li><a class="dropdown-item" href="{% url 'common:edit-profile' %}"><i class="bi bi-pencil-square me-1"></i>Edit profile</a></li>
                             <li><a class="dropdown-item" href="{% url 'password_change' %}"><i class="bi bi-key me-1"></i>Change password</a></li>
                             <form action="{% url 'logout' %}" method="post">
                                 {% csrf_token %}