Show blacklist station on the user page, allow for 2 click blacklisting and banning

app/hr/forms.py

@@ -1,10 +1,14 @@
+from datetime import datetime
+
 from django import forms
 from django.conf import settings
+from django.forms.extras.widgets import SelectDateWidget
 
 from hr.app_defines import *
 from hr.models import Application, Audit
 from eve_api.models import EVEPlayerCharacter, EVEPlayerCorporation
 
+
 def CreateRecommendationForm(user):
     """ Generate a Recommendation form based on the user's permissions """
 
@@ -42,8 +46,17 @@ def CreateApplicationForm(user):
 
     return ApplicationForm
 
-class NoteForm(forms.ModelForm):
 
+class NoteForm(forms.ModelForm):
     class Meta:
         model = Audit
         exclude = ('application', 'user', 'event')
+
+
+class BlacklistUserForm(forms.Form):
+    """ A form to capture the reasons for blacklisting a user
+        and the related expiry date """
+
+    reason = forms.CharField(required=True, widget=forms.widgets.Textarea())
+    expiry_date = forms.DateTimeField(required=False, widget=SelectDateWidget())
+    disable = forms.BooleanField()

app/hr/templates/hr/blacklist/blacklist.html

@@ -0,0 +1,35 @@
+{% extends "base.html" %}
+
+{% block title %}Blacklist User{% endblock %}
+
+{% block content %}
+<script type="text/javascript">
+<!--
+function confirmPost()
+{
+var agree=confirm("Are you sure you want to blacklist {{ u.username }}?");
+if (agree)
+return true ;
+else
+return false ;
+}
+// -->
+</script>
+
+<p>This form will blacklist the listed user below. It'll process all entries for the user and blacklist the following:</p>
+<ul>
+<li>EVE API Keys</li>
+<li>Characters</li>
+<li>Email Addresses</li>
+<li>Reddit Accounts</li>
+</ul>
+
+<form action="" method="post">
+<table>
+<tr><th><label>User:</label></th><td>{{ u.username }}</td></tr> 
+{{ form.as_table }}
+</table>
+{% csrf_token %}
+<input type="submit" value="Blacklist" onClick="return confirmPost()" />
+</form>
+{% endblock %}

app/hr/urls.py

@@ -17,4 +17,6 @@ urlpatterns = patterns('',
     (r'^recommendation/add/$', views.add_recommendation),
 
     (r'^application/admin$', views.admin_applications),
+
+    (r'^blacklist/user/(?P<userid>\d+)/$', views.blacklist_user),
 )

app/hr/views.py

@@ -1,7 +1,7 @@
-import datetime
+from datetime import datetime, timedelta
 import simplejson
 from django.http import HttpResponseRedirect, HttpResponse
-from django.shortcuts import render_to_response, get_object_or_404
+from django.shortcuts import render_to_response, get_object_or_404, redirect
 from django.core.urlresolvers import reverse
 from django.contrib import messages
 from django.contrib.auth.models import User, Group
@@ -13,8 +13,8 @@ from django.conf import settings
 from utils import installed
 
 from eve_api.models import EVEAccount, EVEPlayerCorporation, EVEPlayerCharacter
-from hr.forms import CreateRecommendationForm, CreateApplicationForm, NoteForm
-from hr.models import Recommendation, Application, Audit
+from hr.forms import CreateRecommendationForm, CreateApplicationForm, NoteForm, BlacklistUserForm
+from hr.models import Recommendation, Application, Audit, Blacklist, BlacklistSource
 from app_defines import *
 
 ### Shared Functions
@@ -282,3 +282,55 @@ def accept_application(request, applicationid):
         return render_to_response('hr/applications/accept.html', locals(), context_instance=RequestContext(request))
 
     return render_to_response('hr/index.html', locals(), context_instance=RequestContext(request))
+
+
+def blacklist_user(request, userid):
+
+    if request.user.has_perm('hr.can_add_blacklist'):
+
+        u = get_object_or_404(User, id=userid)
+
+        if request.method == 'POST':
+            form = BlacklistUserForm(request.POST)
+            if form.is_valid():
+                source = BlacklistSource.objects.get(id=1)
+
+                if not form.cleaned_data.get('expiry_date', None):
+                    expiry = datetime.utcnow() + timedelta(days=50*365)
+                else:
+                    expiry = form.cleaned_data['expiry_date']
+
+                def blacklist_item(type, value):
+                    o = Blacklist(type=type, value=value, source=source, expiry_date=expiry, created_by=request.user, reason=form.cleaned_data['reason'])
+                    o.save()
+
+                for ea in u.eveaccount_set.all():
+                    blacklist_item(BLACKLIST_TYPE_APIUSERID, ea.api_user_id)
+
+                for ra in u.redditaccount_set.all():
+                    blacklist_item(BLACKLIST_TYPE_REDDIT, ra.username)
+
+                for char in EVEPlayerCharacter.objects.filter(eveaccount__user=u):
+                    blacklist_item(BLACKLIST_TYPE_CHARACTER, char.name)
+
+                blacklist_item(BLACKLIST_TYPE_EMAIL, u.email)
+
+                messages.add_message(request, messages.INFO, "User %s has been blacklisted" % u.username )
+
+                if form.cleaned_data.get('disable', None):
+                    # Disable the account
+                    u.active = False
+                    u.save()
+
+                    for acc in u.serviceaccount_set.all():
+                        acc.delete()
+
+                    messages.add_message(request, messages.INFO, "User %s disabled" % u.username )
+
+                return redirect('sso.views.user_view', username=u.username)
+
+        form = BlacklistUserForm()
+        return render_to_response('hr/blacklist/blacklist.html', locals(), context_instance=RequestContext(request))
+
+    return render_to_response('hr/index.html', locals(), context_instance=RequestContext(request))
+

app/sso/views.py

@@ -166,6 +166,9 @@ def user_view(request, username=None):
     profile = user.get_profile()
     is_admin = request.user.is_staff
     if is_admin:
+        if installed('hr'):
+            from hr.utils import blacklist_values
+            blacklisted = len(blacklist_values(user))
         services = ServiceAccount.objects.select_related('service').filter(user=user).only('service__name', 'service_uid', 'active')
         characters = EVEPlayerCharacter.objects.select_related('corporation').filter(eveaccount__user=user).only('id', 'name', 'corporation__name')
 

app/templates/sso/lookup/user.html

@@ -7,15 +7,31 @@
 
 <h1>{{user.username}}'s Profile</h1>
 
-<b>Username:</b> {{ user.username }}<br/>
-<b>Email:</b> {{ user.email }}<br/>
-<b>Groups:</b> {{ user.groups.all|join:", " }}<br/>
-<a href="{% url sso.views.refresh_access user.id %}">Update Access</a><br/>
+<p>
+<li><b>Username:</b> {{ user.username }}</li>
+<li><b>Active:</b> {{ user.is_active }}</li>
+<li><b>Email:</b> {{ user.email }}</li>
+<li><b>Groups:</b> {{ user.groups.all|join:", " }}</li>
+{% if "hr"|installed %}
+<li><b>Blacklist Status: {% if blacklisted %}<font color='red'>BLACKLISTED</font> ({{ blacklisted }} items){% else %}<font color='geen'>OK</font>{% endif %}</b></li>
+{% endif %}
+</p>
+
+<p>
+<div class="skill_controls">
+<a href="{% url sso.views.refresh_access user.id %}">Update Access</a>
+{% if "hr"|installed %}
+{% if perms.hr.can_add_blacklist %}
+<a href="{% url hr.views.blacklist_user user.id %}">Blacklist User</a>
+{% endif %}
+{% endif %}
+</div>
+</p>
 
 {% if is_admin %}
 <br/>
-<h2>Service Accounts</h2>
 {% if services %}
+<h2>Service Accounts</h2>
 <table>
 <tr><th>Service</th><th>Username</th><th>Active</th></tr>
 {% for acc in services %}