From dd5723d11f9284227db5df033b13bd4646f78e70 Mon Sep 17 00:00:00 2001 From: Torsten Rehn Date: Mon, 6 Apr 2015 20:11:51 +0200 Subject: [PATCH] send mails to notify about access requests closes #19 --- src/teamvault/apps/secrets/models.py | 53 +++++++++++++++++++ .../secrets/mail_access_request_approved.txt | 12 +++++ .../secrets/mail_access_request_denied.txt | 17 ++++++ .../secrets/mail_access_request_review.txt | 12 +++++ src/teamvault/utils.py | 32 +++++++++++ 5 files changed, 126 insertions(+) create mode 100644 src/teamvault/apps/secrets/templates/secrets/mail_access_request_approved.txt create mode 100644 src/teamvault/apps/secrets/templates/secrets/mail_access_request_denied.txt create mode 100644 src/teamvault/apps/secrets/templates/secrets/mail_access_request_review.txt create mode 100644 src/teamvault/utils.py diff --git a/src/teamvault/apps/secrets/models.py b/src/teamvault/apps/secrets/models.py index ebb6a1e..bb4673b 100644 --- a/src/teamvault/apps/secrets/models.py +++ b/src/teamvault/apps/secrets/models.py @@ -14,6 +14,7 @@ from djorm_pgfulltext.fields import VectorField from hashids import Hashids +from ...utils import send_mail from ..audit.auditlog import log from .exceptions import PermissionError @@ -150,6 +151,23 @@ def approve(self, reviewer): self.secret.allowed_users.add(self.requester) + other_reviewers = list(self.reviewers.all()) + other_reviewers.remove(reviewer) + + send_mail( + other_reviewers + [self.requester], + _("[TeamVault] Access request for '{}' approved").format(self.secret.name), + "secrets/mail_access_request_approved", + context={ + 'approved_by': reviewer.username, + 'base_url': settings.BASE_URL, + 'secret_name': self.secret.name, + 'secret_url': self.secret.get_absolute_url(), + 'username': self.requester.username, + }, + user_from=reviewer, + ) + def assign_reviewers(self): candidates = list(self.secret.allowed_users.order_by('-last_login')[:10]) for group in self.secret.allowed_groups.all(): @@ -162,6 +180,23 @@ def assign_reviewers(self): raise RuntimeError(_("unable to find reviewers for {}").format(self)) self.reviewers = selected + send_mail( + self.reviewers.all(), + _("[TeamVault] Review access request for '{}'").format(self.secret.name), + "secrets/mail_access_request_review", + context={ + 'access_request_url': reverse( + 'secrets.access_request-detail', + kwargs={'hashid': self.hashid}, + ), + 'base_url': settings.BASE_URL, + 'secret_name': self.secret.name, + 'secret_url': self.secret.get_absolute_url(), + 'username': self.requester.username, + }, + user_from=self.requester, + ) + def reject(self, reviewer, reason=None): if self.status != self.STATUS_PENDING: raise PermissionDenied(_("Can't reject closed access request")) @@ -189,6 +224,24 @@ def reject(self, reviewer, reason=None): self.status = self.STATUS_REJECTED self.save() + other_reviewers = list(self.reviewers.all()) + other_reviewers.remove(reviewer) + + send_mail( + other_reviewers + [self.requester], + _("[TeamVault] Access request for '{}' denied").format(self.secret.name), + "secrets/mail_access_request_denied", + context={ + 'base_url': settings.BASE_URL, + 'denied_by': reviewer.username, + 'reason': reason, + 'secret_name': self.secret.name, + 'secret_url': self.secret.get_absolute_url(), + 'username': self.requester.username, + }, + user_from=reviewer, + ) + def get_absolute_url(self): return reverse('secrets.access_request-detail', args=[str(self.hashid)]) diff --git a/src/teamvault/apps/secrets/templates/secrets/mail_access_request_approved.txt b/src/teamvault/apps/secrets/templates/secrets/mail_access_request_approved.txt new file mode 100644 index 0000000..22c6005 --- /dev/null +++ b/src/teamvault/apps/secrets/templates/secrets/mail_access_request_approved.txt @@ -0,0 +1,12 @@ +The request from + + {{ username }} + +to access + + {{ secret_name }} + {{ base_url }}{{ secret_url }} + +has been approved by + + {{ approved_by }} diff --git a/src/teamvault/apps/secrets/templates/secrets/mail_access_request_denied.txt b/src/teamvault/apps/secrets/templates/secrets/mail_access_request_denied.txt new file mode 100644 index 0000000..b170100 --- /dev/null +++ b/src/teamvault/apps/secrets/templates/secrets/mail_access_request_denied.txt @@ -0,0 +1,17 @@ +The request from + + {{ username }} + +to access + + {{ secret_name }} + {{ base_url }}{{ secret_url }} + +has been denied by + + {{ denied_by }} +{% if reason %} +with reason + + {{ reason }} +{% endif %} diff --git a/src/teamvault/apps/secrets/templates/secrets/mail_access_request_review.txt b/src/teamvault/apps/secrets/templates/secrets/mail_access_request_review.txt new file mode 100644 index 0000000..fc47d8f --- /dev/null +++ b/src/teamvault/apps/secrets/templates/secrets/mail_access_request_review.txt @@ -0,0 +1,12 @@ +Please review this access request: + + {{ username }} + +has requested access to + + {{ secret_name }} + {{ base_url }}{{ secret_url }} + +You can approve or deny this request here: + + {{ base_url }}{{ access_request_url }} diff --git a/src/teamvault/utils.py b/src/teamvault/utils.py new file mode 100644 index 0000000..c6e3b4f --- /dev/null +++ b/src/teamvault/utils.py @@ -0,0 +1,32 @@ +from django.core.mail import EmailMultiAlternatives +from django.template import Context +from django.template.loader import get_template, TemplateDoesNotExist +from django.utils import translation + + +def send_mail(users_to, subject, template, + user_from=None, context={}, lang="en", + attachments=None): + if attachments is None: + attachments = [] + c = Context(context) + translation.activate(lang) + text_mail = get_template(template + ".txt").render(c) + + msg = EmailMultiAlternatives( + subject, + text_mail, + user_from.email, + [user.email for user in users_to], + ) + + try: + html_mail = get_template(template + ".html").render(c) + msg.attach_alternative(html_mail, "text/html") + except TemplateDoesNotExist: + pass + + for filename, data, content_type in attachments: + msg.attach(filename, data, content_type) + + msg.send()