added the templates. rest is Lukas job

does most of the work for #251

core/admin.py

@@ -611,6 +611,7 @@ class UserAdmin(DjangoUserAdmin):
         "is_teacher",
         "groups",
         "graduating_year",
+        "is_deleted",
     ]
     search_fields = [
         "username",

core/api/urls.py

@@ -55,11 +55,14 @@
     path("v3/staff", staff, name="api_staff3"),
     path("v3/feeds", feeds, name="api_feeds3"),
     path(
-        "v3/obj/user/<int:id>/delete", UserDeleteView.as_view(), name="api3_user_delete"
+        "v3/obj/user/me/delete", UserDeleteView.as_view(), name="api3_user_delete"
     ),
     path(
-        "v3/obj/user/<int:id>/restore", UserRestoreView.as_view(), name="api3_user_restore"
-    ),    path("v3/obj/<str:type>", ObjectList.as_view(), name="api_object_list3"),
+        "v3/obj/user/me/restore",
+        UserRestoreView.as_view(),
+        name="api3_user_restore",
+    ),
+    path("v3/obj/<str:type>", ObjectList.as_view(), name="api_object_list3"),
     path("v3/obj/<str:type>/new", ObjectNew.as_view(), name="api_object_new3"),
     path(
         "v3/obj/<str:type>/single/<path:lookup>",  # lookup is typically ID unless otherwise specified via the ?lookup= query parameter

core/api/v3/views/user.py

@@ -3,39 +3,45 @@
 from rest_framework.response import Response
 from rest_framework.views import APIView
 
-from core import models
 from core.models import User
 
 
 class UserDeleteView(APIView):
-	permission_classes = [permissions.IsAuthenticated]
-
-	def post(self, id):
-		user: User = User.objects.filter(id=id).first()
-		if user is None:
-			return Response(status=status.HTTP_410_GONE)
-		elif user.is_deleted:
-			return JsonResponse(
-				status=status.HTTP_406_NOT_ACCEPTABLE,
-				data={"error": "User is already deleted, Please use the restore endpoint."},
-			)
-		else:
-			user.mark_deleted()
-			return JsonResponse(status=status.HTTP_200_OK, data={"message": "User deleted."})
+    permission_classes = [permissions.IsAuthenticated]
+
+    def post(self, request):
+        user: User = request.user
+        if user is None:  # old code from id based delete
+            return Response(status=status.HTTP_410_GONE)
+        elif user.is_deleted:
+            return JsonResponse(
+                status=status.HTTP_406_NOT_ACCEPTABLE,
+                data={
+                    "error": "User is already deleted, Please use the restore endpoint."
+                },
+            )
+        else:
+            user.mark_deleted()
+            return JsonResponse(
+                status=status.HTTP_200_OK, data={"message": "User deleted."}
+            )
 
 
 class UserRestoreView(APIView):
-	permission_classes = [permissions.IsAuthenticated]
-
-	def post(self, id):
-		user: User = models.User.objects.filter(id=id).first()
-		if user is None:
-			return Response(status=status.HTTP_410_GONE)
-		elif not user.is_deleted:
-			return JsonResponse(
-				status=status.HTTP_406_NOT_ACCEPTABLE,
-				data={"error": "User is not marked for deletion, Please use the delete endpoint if you wish to delete your account."},
-			)
-		else:
-			user.mark_restored()
-			return Response(status=status.HTTP_200_OK)
+    permission_classes = [permissions.IsAuthenticated]
+
+    def post(self, request):
+        #user: User = models.User.objects.filter(id=id).first()
+        user: User = request.user
+        if user is None:  # old code from id based delete
+            return Response(status=status.HTTP_410_GONE)
+        elif not user.is_deleted:
+            return JsonResponse(
+                status=status.HTTP_406_NOT_ACCEPTABLE,
+                data={
+                    "error": "User is not marked for deletion, Please use the delete endpoint if you wish to delete your account."
+                },
+            )
+        else:
+            user.mark_restored()
+            return Response(status=status.HTTP_200_OK)

core/api/views/objects/user.py

@@ -63,7 +63,6 @@ def save(self, **kwargs):
         return obj
 
     class Meta:
-        model = User
         fields = [
             "id",
             "username",
@@ -83,7 +82,10 @@ class Meta:
             "saved_announcements",
             "is_teacher",
             "is_superuser",
+            "is_deleted",
+            "deleted_at"
         ]
+        model = User
 
 
 class ListSerializer(serializers.ModelSerializer):

core/api/views/term.py

@@ -39,15 +39,17 @@ class TermDetail(generics.RetrieveAPIView):
 
 
 class TermSchedule(APIView):
-    def get(self, request, pk, format=None):
+    @staticmethod
+    def get(request, pk, fmt=None):
         term = get_object_or_404(models.Term, pk=pk)
         date = utils.parse_date_query_param(request)
 
         return Response(term.day_schedule(target_date=date))
 
 
 class TermScheduleWeek(APIView):
-    def get(self, request, pk, format=None):
+    @staticmethod
+    def get(request, pk, fmt=None):
         term = get_object_or_404(models.Term, pk=pk)
         date = utils.parse_date_query_param(request)
 
@@ -62,7 +64,8 @@ def get(self, request, pk, format=None):
 
 
 class TermCurrent(APIView):
-    def get(self, request, format=None):
+    @staticmethod
+    def get(request, fmt=None):
         term = models.Term.get_current()
 
         if term is None:
@@ -73,7 +76,8 @@ def get(self, request, format=None):
 
 
 class TermCurrentSchedule(APIView):
-    def get(self, request, format=None):
+    @staticmethod
+    def get(request, fmt=None):
         term = models.Term.get_current()
         date = utils.parse_date_query_param(request)
 

core/models/user.py

@@ -57,8 +57,18 @@ class User(AbstractUser):
         help_text="JSON object with keys as tokens and values as null.",
         # the length is not specified :( https://github.com/expo/expo/issues/1135#issuecomment-399622890
     )
-    is_deleted = models.BooleanField(default=False, help_text="If the user is deleted. Never change this in admin", null=False, blank=False)
-    deleted_at = models.DateTimeField(null=True, default=None, blank=True, help_text="When the user was deleted. Never change this in admin")
+    is_deleted = models.BooleanField(
+        default=False,
+        help_text="If the user is deleted. Never change this in admin",
+        null=False,
+        blank=False,
+    )
+    deleted_at = models.DateTimeField(
+        null=True,
+        default=None,
+        blank=True,
+        help_text="When the user was deleted. Never change this in admin",
+    )
 
     @property
     def qltrs2(self):
@@ -113,45 +123,47 @@ def mark_deleted(self):
         self.save()
         email_template_context = {
             "user": self,
-            "time_deleted": timezone.now(),
-            "restore_link": settings.SITE_URL + reverse("restore", args=(self.id,)),
+            "deleted_at": timezone.now() + timezone.timedelta(days=14),
+            "restore_link": settings.SITE_URL + reverse("api3_user_restore"),
         }
+        print("hiosas", email_template_context)
 
         send_mail(  # todo: frontend needs to make a page for this
             f"[ACTION REQUIRED] Your account has been marked for deletion.",
             render_to_string(
-                "core/email/restore_deleted_user.txt",
+                "core/email/user/deleted.txt",
                 email_template_context,
             ),
             None,
             [self.email],
             html_message=render_to_string(
-                "core/email/restore_deleted_user.html",
+                "core/email/user/deleted.html",
                 email_template_context,
             ),
         )
-        
+
     def mark_restored(self):
         self.is_deleted = False
         self.deleted_at = None
         self.save()
         email_template_context = {
             "user": self,
         }
-        
+
         send_mail(  # todo: frontend needs to make a page for this
             f"Your account has successfully been restored.",
             render_to_string(
-                "core/email/restored_user.txt",
+                "core/email/user/restored.txt",
                 email_template_context,
             ),
             None,
             [self.email],
             html_message=render_to_string(
-                "core/email/restored_user.html",
+                "core/email/user/restored.html",
                 email_template_context,
             ),
         )
+
     @classmethod
     def all(cls):
         return cls.objects.filter(is_active=True)
@@ -195,6 +207,7 @@ class StaffMember(models.Model):
     )  # if the user got kicked or smth
 
     def __str__(self):
+        self.user: User
         return f"{self.user.get_full_name()} ({self.user})"
 
     @property

core/tasks.py

@@ -65,7 +65,9 @@ def delete_expired_users():
         is_deleted=True, last_login__lt=dt.datetime.now() - dt.timedelta(days=14)
     )
     comments = Comment.objects.filter(author__in=queryset)
-    comments.update(body=None, last_modified=timezone.now()) # if body is None "deleted on %last_modified% would be shown
+    comments.update(
+        body=None, last_modified=timezone.now()
+    )  # if body is None "deleted on %last_modified% would be shown
     queryset.update(  # We need to object to not break posts or comments
         first_name="Deleted",
         last_name="User",
@@ -81,9 +83,8 @@ def delete_expired_users():
         saved_announcements=[],
         expo_notif_tokens={},
     )
-    queryset.update(
-        email=Concat(F("random_username"), Value("@maclyonsden.com"))
-    )
+    queryset.update(email=Concat(F("random_username"), Value("@maclyonsden.com")))
+
 
 @app.task
 def run_group_migrations():

core/templates/core/email/user/deleted.html

@@ -0,0 +1,24 @@
+{% extends '../base.html' %}
+{% block recipient %}
+    {{ user.get_full_name }}, your account will be deleted on {{ deleted_at }}
+{% endblock %}
+{% block information %}
+    <tr>
+        <td style="padding-top:3%;padding-bottom:3%;">
+            <table role="presentation"
+                   style="width:100%;border-collapse:collapse;border:1px solid #ffffff;border-spacing:0;text-align:left;">
+                <tr>
+                    <td align="center"
+                        style="padding:2%;background-color:#f2f2f2;font-family:Roboto,Arial,sans-serif;font-size:1.2em;font-weight:500;line-height:1.5;letter-spacing:0.25px;color:#0b0b0b">
+                        If you wish to recover your account, please click the button below before the date mentioned above.
+                    </td>
+                </tr>
+            </table>
+        </td>
+    </tr>
+{% endblock %}
+{% block button %}
+    <a href="{{ restore_link }}"
+       style="display:block;width:100%;height:100%;padding:2% 0%;background:#b59659;color:#ffffff;font-family:Roboto,Arial,sans-serif;font-weight:500;text-decoration:none;font-size:1em;line-height:1.5;letter-spacing:0.25px"
+       target="_blank">Recover</a>
+{% endblock %}

core/templates/core/email/user/deleted.txt

@@ -0,0 +1,18 @@
+{% load settings_tags %}
+
+Hello {{ user.get_full_name }},
+
+Your account is subjected to be deleted on {{ deleted_at }}.
+
+This action is reversible up to the time above. If you want to keep your account, please click or copy paste the following link to recover your account.
+
+{{ recover_link }}
+
+Please click or copy paste the following link to review this announcement.
+
+{{ review_link }}
+
+Sincerely,
+Metropolis Team
+
+This email is automated. Please send us an email at {% settings_value 'DEFAULT_FROM_EMAIL' %} for any concerns.

core/templates/core/email/user/restored.html

@@ -0,0 +1,25 @@
+{% extends '../base.html' %}
+{% block recipient %}
+    {{ user.get_full_name }}, your account will be deleted on {{ deleted_at }}
+{% endblock %}
+{% block information %}
+    <tr>
+        <td style="padding-top:3%;padding-bottom:3%;">
+            <table role="presentation"
+                   style="width:100%;border-collapse:collapse;border:1px solid #ffffff;border-spacing:0;text-align:left;">
+                <tr>
+                    <td align="center"
+                        style="padding:2%;background-color:#f2f2f2;font-family:Roboto,Arial,sans-serif;font-size:1.2em;font-weight:500;line-height:1.5;letter-spacing:0.25px;color:#0b0b0b">
+                        If you wish to recover your account, please click the button below before the date mentioned
+                        above.
+                    </td>
+                </tr>
+            </table>
+        </td>
+    </tr>
+{% endblock %}
+{% block button %}
+    <a href="{{ restore_link }}"
+       style="display:block;width:100%;height:100%;padding:2% 0%;background:#b59659;color:#ffffff;font-family:Roboto,Arial,sans-serif;font-weight:500;text-decoration:none;font-size:1em;line-height:1.5;letter-spacing:0.25px"
+       target="_blank">Recover</a>
+{% endblock %}

core/templates/core/email/user/restored.txt

@@ -0,0 +1,18 @@
+{% load settings_tags %}
+
+Hello {{ user.get_full_name }},
+
+Your account is subjected to be deleted on {{ deleted_at }}.
+
+This action is reversible up to the time above. If you want to keep your account, please click or copy paste the following link to recover your account.
+
+{{ recover_link }}
+
+Please click or copy paste the following link to review this announcement.
+
+{{ review_link }}
+
+Sincerely,
+Metropolis Team
+
+This email is automated. Please send us an email at {% settings_value 'DEFAULT_FROM_EMAIL' %} for any concerns.