Merge pull request #86 in RMS/api-main-service from red-develop to RMSv2

* commit 'dab586ce': merge conflict migration fixing conflict pulled cms new rms

Merge pull request #86 in RMS/api-main-service from red-develop to RMSv2
* commit 'dab586ce': merge conflict migration fixing conflict pulled cms new rms
e3868ae8 · John Red Medrano · d48679c9 · dab586ce · e3868ae8 · e3868ae8
Commit e3868ae8 authored Sep 13, 2019 by John Red Medrano
59 changed files
--- a/app/accesslayer/urls.py
+++ b/app/accesslayer/urls.py
@@ -8,7 +8,11 @@ urlpatterns = (
    re_path(r'^refresh-token/(?P<token>\w+)/$', views.RefreshToken.as_view(), name="Refresh Token"),
    path(r'current-user/', views.CurrentUser.as_view(), name="Current User"),

-    re_path(r'^forgot-password/(?P<username>\w+)/$', views.ForgotPassword.as_view(), name="Forgot Password"),
-    re_path(r'^validate-forgot-password-reset-token/(?P<token>\w+)/$', views.ValidateForgotPasswordResetToken.as_view(), name="Validate Forgot Password Reset Token"),
-    re_path(r'^forgot-password-reset/(?P<token>\w+)/$', views.ForgotPasswordReset.as_view(), name="Forgot Password Reset"),
+    # re_path(r'^forgot-password/(?P<username>\w+)/$', views.ForgotPassword.as_view(), name="Forgot Password"),
+    # re_path(r'^validate-forgot-password-reset-token/(?P<token>\w+)/$', views.ValidateForgotPasswordResetToken.as_view(), name="Validate Forgot Password Reset Token"),
+    # re_path(r'^forgot-password-reset/(?P<token>\w+)/$', views.ForgotPasswordReset.as_view(), name="Forgot Password Reset"),
+
+    path('forgot-password/', views.ForgotPassword.as_view()),
+    path('reset-password-link/', views.ValidateForgotPasswordResetToken.as_view()),
+    path('forgot-password-reset/', views.ForgotPasswordReset.as_view()),
 )
--- a/app/accesslayer/views.py
+++ b/app/accesslayer/views.py
 import json
+import threading
 from rest_framework import status
 from rest_framework.views import APIView
 from rest_framework.authtoken.views import ObtainAuthToken
@@ -16,26 +17,33 @@ from datetime import datetime
 from random import randrange
 from django.conf import settings
 from app.helper.email_service import sender
+from app.applicationlayer.utils import main_threading
+from rest_framework.exceptions import ParseError


 class Login(ObtainAuthToken):
    @decorators.error_safe
    def post(self, request, *args, **kwargs):
-        serializer = self.serializer_class(data=request.data,
+        try:
+            serializer = self.serializer_class(data=request.data,
                                           context={'request': request})
-        serializer.is_valid(raise_exception=True)
-        user = serializer.validated_data['user']
-        token, created = Token.objects.get_or_create(user=user)
+            serializer.is_valid(raise_exception=True)
+            user = serializer.validated_data['user']
+            token, created = Token.objects.get_or_create(user=user)

-        if not created:
-            token.created = datetime.now()
-            token.save()
+            if not created:
+                token.created = datetime.now()
+                token.save()

-        return Response({
-            'token': token.key,
-            # 'user_id': user.pk,
-            # 'email': user.email
-        })
+            return Response({
+                'token': token.key,
+                # 'user_id': user.pk,
+                # 'email': user.email
+            })
+        except Exception as e:
+            return Response(
+                {"message": "Unable to log in with provided credentials."}
+            )


 class Logout(APIView):
@@ -99,11 +107,16 @@ class CurrentUser(APIView):
 class ForgotPassword(APIView):
    permission_classes = (AllowAny,)

-    @decorators.error_safe
+    # @decorators.error_safe
    @transaction.atomic
-    def post(self, request, username=None, *args, **kwargs):
+    def post(self, request, *args, **kwargs):
+        email = request.data['email']
+        try:
+            user = request.user.email
+        except Exception as e:
+            user = str(settings.CATCH_EMAIL)

-        existingUser = User.objects.filter(username=username).first()
+        existingUser = User.objects.filter(email=email).first()

        if existingUser:
            # Check if there's existing request
@@ -114,8 +127,7 @@ class ForgotPassword(APIView):
                          is_active=True)\
                      .first()
            if exToken:
-                raise Exception(
-                    'There is an existing password reset for this user.')
+                raise ParseError('There is an existing password reset for this user.')

            REF = 'AUTH'
            TOKEN = ''
@@ -145,10 +157,16 @@ class ForgotPassword(APIView):
            url = f"{settings.FRONT_END_URL}/account/forgot-password-reset"\
                  f"?token={TOKEN}"

-            sender.forgot_password(
-                str(PASSCODE),
-                str(url),
-                str(existingUser.email))
+            args = [str(PASSCODE), str(url), str(existingUser.email), user]
+            # t1 = threading.Thread(target=sender.forgot_password, args=(args,))
+            # t1.start()
+
+            main_threading(args, sender.forgot_password)
+
+            args = [str(PASSCODE), str(url), user, str(existingUser.email)]
+            # t2 = threading.Thread(target=sender.forgot_password, args=(args,))
+            # t2.start()
+            main_threading(args, sender.forgot_password)

            return Response(data={"detail": "Forgot Password Sent"},
                            status=status.HTTP_200_OK)
@@ -162,7 +180,8 @@ class ValidateForgotPasswordResetToken(APIView):

    @decorators.error_safe
    @transaction.atomic
-    def post(self, request, token=None, *args, **kwargs):
+    def post(self, request, *args, **kwargs):
+        token = request.data['token']

        existingToken = AuthToken.objects.filter(token=token).first()
        if existingToken:
@@ -183,7 +202,7 @@ class ForgotPasswordReset(APIView):

    @decorators.error_safe
    @transaction.atomic
-    def post(self, request, token=None, *args, **kwargs):
+    def post(self, request, *args, **kwargs):

        body_unicode = request.body.decode('utf-8')
        body_data = json.loads(body_unicode)
@@ -192,6 +211,7 @@ class ForgotPasswordReset(APIView):
        password = body_data['password']
        password_confirm = body_data['password_confirm']
        passcode = body_data['passcode']
+        token = body_data['token']

        if not username:
            raise Exception('Username is required')
@@ -223,10 +243,18 @@ class ForgotPasswordReset(APIView):
            existingToken.is_active = False
            existingToken.save()

-            sender.password_changed(
-                str(existingToken.user.username),
-                str(datetime.now()),
-                str(existingToken.user.email))
+            # sender.password_changed(
+            #     str(existingToken.user.username),
+            #     str(datetime.now()),
+            #     str(existingToken.user.email))
+
+            # args = [str(PASSCODE), str(url), str(existingUser.email), user]
+            # t1 = threading.Thread(target=sender.forgot_password, args=(args,))
+            # t1.start()
+
+            # args = [str(PASSCODE), str(url), user, str(existingUser.email)]
+            # t2 = threading.Thread(target=sender.forgot_password, args=(args,))
+            # t2.start()

            return Response(data={"detail": "Forgot Password Reset Success"},
                            status=status.HTTP_200_OK)

--- a/app/applicationlayer/cms/form/serializers.py
+++ b/app/applicationlayer/cms/form/serializers.py
-from app.entities import models
-from rest_framework import serializers
-from django.db.models import Q
-from app.applicationlayer.cms.utils_cr import logged_user
-from drf_writable_nested import WritableNestedModelSerializer
-
-
-class ChangeRequestFormApproversSerializer(
-    serializers.ModelSerializer
-):
-    # def to_representation(self, instance):
-    #     ret = super().to_representation(instance)
-    #     try:
-    #         user = instance.user
-            
-    #         user_details = get_account_details(user)
-    #         name = user_details['name']
-    #         group = user_details['groups'][0]['name']
-    #         company = user_details['groups'][0]['company__name']
-
-    #         ret['name'] = name
-    #         ret['department'] = group
-    #         ret['company'] = company
-    #         return ret
-
-    #     except Exception as e:
-    #         ret['name'] = "none"
-    #         ret['department'] = "none"
-    #         ret['company'] = "none"
-    #         return ret
-
-    class Meta:
-        model = models.ChangeRequestFormApprovers
-        fields = '__all__'
-        read_only_fields = ['created', 'archived_at', 'code']
-
-
-class ChangeRequestFormStakeHoldersSerializer(
-    serializers.ModelSerializer
-):
-    class Meta:
-        model = models.ChangeRequestFormStakeHolders
-        fields = '__all__'
-        read_only_fields = ['created', 'archived_at', 'code']
-
-
-class ChangeRequestFormAttachmentsSerializer(
-    serializers.ModelSerializer
-):
-    class Meta:
-        model = models.ChangeRequestFormAttachments
-        fields = '__all__'
-        read_only_fields = ['created', 'archived_at', 'code']
-
-
-class ChangeRequestFormDetailsSerializer(
-    serializers.ModelSerializer
-):
-    class Meta:
-        model = models.ChangeRequestFormDetails
-        fields = '__all__'
-        read_only_fields = ['created', 'archived_at', 'code']
-
-
-class ChangeRequestFormHeaderSerializer(
-    WritableNestedModelSerializer
-):
-    frm_approvers = ChangeRequestFormApproversSerializer(
-        many=True, required=False)
-    frm_stakes = ChangeRequestFormStakeHoldersSerializer(
-        many=True, required=False)
-    frm_attachments = ChangeRequestFormAttachmentsSerializer(
-        many=True, required=False)
-    frm_details = ChangeRequestFormDetailsSerializer(
-        many=True, required=False)
-    
-    def to_representation(self, instance):
-        ret = super().to_representation(instance)
-        try:
-            # id_number = self.context.get('request').META.get('user')
-            user = self.context['request'].user
-            print(user)
-
-            # id_number = "USER-20190909-0000005"
-            current_level = models.ChangeRequestFormApprovers.objects.filter(
-                Q(form_code=ret['form_code']) &
-                Q(archived_at=None) &
-                (Q(action='') | Q(action=None))
-            ).order_by('level')
-
-            if current_level.first()['user'] == id_number:
-                if instance.status.lower() == 'rejected':
-                    approver = 'No'
-                elif instance.status.lower() == 'cancelled':
-                    approver = 'No'
-                elif instance.status.lower() == 'closed':
-                    approver = 'No'
-                else:
-                    approver = 'Yes'
-            else:
-                approver = 'No'
-            ret['action'] = approver
-            return ret
-        except Exception as e:
-            ret['action'] = "No"
-            return ret
-
-    class Meta:
-        model = models.ChangeRequestFormHeader
-        # fields = '__all__'
-        fields = ('form_code', 'requested_to_template_name', 'requested_to_objective',
-                  'requested_to_target_date', 'requested_to_priority',
-                  'description', 'created', 'cancel_date', 'status',
-                  'company_desc', 'department_desc', 'requested_desc',
-                  'requested_to_template_id', 'requested_to_company',
-                  'requested_to_department', 'requested_to_user',
-                  'requested_by_user', 'requested_by_department',
-                  'template_no', 'frm_approvers', 'frm_stakes',
-                  'frm_attachments', 'frm_details')
-
-        read_only_fields = ['created', 'archived_at', 'form_code']
+from app.entities import models
+from rest_framework import serializers
+from django.db.models import Q
+from app.applicationlayer.cms.utils_cr import logged_user
+from drf_writable_nested import WritableNestedModelSerializer
+
+
+class ChangeRequestFormApproversSerializer(
+    serializers.ModelSerializer
+):
+    # def to_representation(self, instance):
+    #     ret = super().to_representation(instance)
+    #     try:
+    #         user = instance.user
+            
+    #         user_details = get_account_details(user)
+    #         name = user_details['name']
+    #         group = user_details['groups'][0]['name']
+    #         company = user_details['groups'][0]['company__name']
+
+    #         ret['name'] = name
+    #         ret['department'] = group
+    #         ret['company'] = company
+    #         return ret
+
+    #     except Exception as e:
+    #         ret['name'] = "none"
+    #         ret['department'] = "none"
+    #         ret['company'] = "none"
+    #         return ret
+
+    class Meta:
+        model = models.ChangeRequestFormApprovers
+        fields = '__all__'
+        read_only_fields = ['created', 'archived_at', 'code']
+
+
+class ChangeRequestFormStakeHoldersSerializer(
+    serializers.ModelSerializer
+):
+    class Meta:
+        model = models.ChangeRequestFormStakeHolders
+        fields = '__all__'
+        read_only_fields = ['created', 'archived_at', 'code']
+
+
+class ChangeRequestFormAttachmentsSerializer(
+    serializers.ModelSerializer
+):
+    class Meta:
+        model = models.ChangeRequestFormAttachments
+        fields = '__all__'
+        read_only_fields = ['created', 'archived_at', 'code']
+
+
+class ChangeRequestFormDetailsSerializer(
+    serializers.ModelSerializer
+):
+    class Meta:
+        model = models.ChangeRequestFormDetails
+        fields = '__all__'
+        read_only_fields = ['created', 'archived_at', 'code']
+
+
+class ChangeRequestFormHeaderSerializer(
+    WritableNestedModelSerializer
+):
+    frm_approvers = ChangeRequestFormApproversSerializer(
+        many=True, required=False)
+    frm_stakes = ChangeRequestFormStakeHoldersSerializer(
+        many=True, required=False)
+    frm_attachments = ChangeRequestFormAttachmentsSerializer(
+        many=True, required=False)
+    frm_details = ChangeRequestFormDetailsSerializer(
+        many=True, required=False)
+    
+    def to_representation(self, instance):
+        ret = super().to_representation(instance)
+        try:
+            # id_number = self.context.get('request').META.get('user')
+            user = self.context['request'].user
+            print(user)
+
+            # id_number = "USER-20190909-0000005"
+            current_level = models.ChangeRequestFormApprovers.objects.filter(
+                Q(form_code=ret['form_code']) &
+                Q(archived_at=None) &
+                (Q(action='') | Q(action=None))
+            ).order_by('level')
+
+            if current_level.first()['user'] == id_number:
+                if instance.status.lower() == 'rejected':
+                    approver = 'No'
+                elif instance.status.lower() == 'cancelled':
+                    approver = 'No'
+                elif instance.status.lower() == 'closed':
+                    approver = 'No'
+                else:
+                    approver = 'Yes'
+            else:
+                approver = 'No'
+            ret['action'] = approver
+            return ret
+        except Exception as e:
+            ret['action'] = "No"
+            return ret
+
+    class Meta:
+        model = models.ChangeRequestFormHeader
+        # fields = '__all__'
+        fields = ('form_code', 'requested_to_template_name', 'requested_to_objective',
+                  'requested_to_target_date', 'requested_to_priority',
+                  'description', 'created', 'cancel_date', 'status',
+                  'company_desc', 'department_desc', 'requested_desc',
+                  'requested_to_template_id', 'requested_to_company',
+                  'requested_to_department', 'requested_to_user',
+                  'requested_by_user', 'requested_by_department',
+                  'template_no', 'frm_approvers', 'frm_stakes',
+                  'frm_attachments', 'frm_details')
+
+        read_only_fields = ['created', 'archived_at', 'form_code']
--- a/app/applicationlayer/cms/form/views.py
+++ b/app/applicationlayer/cms/form/views.py
--- a/app/applicationlayer/cms/template/serializers.py
+++ b/app/applicationlayer/cms/template/serializers.py
-from app.entities import models
-from rest_framework import serializers
-from django.db.models import Q
-from drf_writable_nested import WritableNestedModelSerializer
-
-
-class ChangeRequestTemplateApproversSerializer(
-    serializers.ModelSerializer
-):
-    class Meta:
-        model = models.ChangeRequestTemplateApprovers
-        fields = '__all__'
-        read_only_fields = ['created', 'archived_at', 'code']
-
-
-class ChangeRequestTemplateStakeHoldersSerializer(
-    serializers.ModelSerializer
-):
-    class Meta:
-        model = models.ChangeRequestTemplateStakeHolders
-        fields = '__all__'
-        read_only_fields = ['created', 'archived_at', 'code']
-    
-
-class ChangeRequestTemplateAttachmentsSerializer(
-    serializers.ModelSerializer
-):
-    class Meta:
-        model = models.ChangeRequestTemplateAttachments
-        fields = '__all__'
-        read_only_fields = ['created', 'archived_at', 'code']
-
-
-class ChangeRequestTemplateDetailsSerializer(
-    serializers.ModelSerializer
-):
-    class Meta:
-        model = models.ChangeRequestTemplateDetails
-        fields = '__all__'
-        read_only_fields = ['created', 'archived_at', 'code']
-
-# comment
-class ChangeRequestTemplatesSerializer(
-    WritableNestedModelSerializer
-):
-    tmp_approvers = ChangeRequestTemplateApproversSerializer(
-        many=True, required=False)
-    tmp_stakes = ChangeRequestTemplateStakeHoldersSerializer(
-        many=True, required=False)
-    tmp_attachments = ChangeRequestTemplateAttachmentsSerializer(
-        many=True, required=False)
-    tmp_details = ChangeRequestTemplateDetailsSerializer(
-        many=True, required=False)
-
-    class Meta:
-        model = models.ChangeRequestTemplateHeader
-        # fields = '__all__'
-        fields = ('template_no', 'requested_to_template_name',
-                  'requested_to_objective', 'requested_to_target_date',
-                  'requested_to_priority', 'description', 'created',
-                  'requested_to_template_id', 'requested_to_company',
-                  'requested_to_department', 'requested_to_user',
-                  'created_by_user', 'created_by_department', 'tmp_approvers',
-                  'tmp_stakes', 'tmp_attachments', 'tmp_details')
-
+from app.entities import models
+from rest_framework import serializers
+from django.db.models import Q
+from drf_writable_nested import WritableNestedModelSerializer
+
+
+class ChangeRequestTemplateApproversSerializer(
+    serializers.ModelSerializer
+):
+    class Meta:
+        model = models.ChangeRequestTemplateApprovers
+        fields = '__all__'
+        read_only_fields = ['created', 'archived_at', 'code']
+
+
+class ChangeRequestTemplateStakeHoldersSerializer(
+    serializers.ModelSerializer
+):
+    class Meta:
+        model = models.ChangeRequestTemplateStakeHolders
+        fields = '__all__'
+        read_only_fields = ['created', 'archived_at', 'code']
+    
+
+class ChangeRequestTemplateAttachmentsSerializer(
+    serializers.ModelSerializer
+):
+    class Meta:
+        model = models.ChangeRequestTemplateAttachments
+        fields = '__all__'
+        read_only_fields = ['created', 'archived_at', 'code']
+
+
+class ChangeRequestTemplateDetailsSerializer(
+    serializers.ModelSerializer
+):
+    class Meta:
+        model = models.ChangeRequestTemplateDetails
+        fields = '__all__'
+        read_only_fields = ['created', 'archived_at', 'code']
+
+# comment
+class ChangeRequestTemplatesSerializer(
+    WritableNestedModelSerializer
+):
+    tmp_approvers = ChangeRequestTemplateApproversSerializer(
+        many=True, required=False)
+    tmp_stakes = ChangeRequestTemplateStakeHoldersSerializer(
+        many=True, required=False)
+    tmp_attachments = ChangeRequestTemplateAttachmentsSerializer(
+        many=True, required=False)
+    tmp_details = ChangeRequestTemplateDetailsSerializer(
+        many=True, required=False)
+
+    class Meta:
+        model = models.ChangeRequestTemplateHeader
+        # fields = '__all__'
+        fields = ('template_no', 'requested_to_template_name',
+                  'requested_to_objective', 'requested_to_target_date',
+                  'requested_to_priority', 'description', 'created',
+                  'requested_to_template_id', 'requested_to_company',
+                  'requested_to_department', 'requested_to_user',
+                  'created_by_user', 'created_by_department', 'tmp_approvers',
+                  'tmp_stakes', 'tmp_attachments', 'tmp_details')
+
        read_only_fields = ['created', 'archived_at', 'template_no']
\ No newline at end of file
--- a/app/applicationlayer/cms/template/views.py
+++ b/app/applicationlayer/cms/template/views.py
--- a/app/applicationlayer/cms/utils_cr.py
+++ b/app/applicationlayer/cms/utils_cr.py
--- a/app/applicationlayer/management/account/serializer.py
+++ b/app/applicationlayer/management/account/serializer.py
@@ -3,6 +3,7 @@ from app.entities.models import User
 import ast
 from django.contrib.auth.hashers import make_password, check_password
 import re
+from django.contrib.auth import authenticate


 class UserSerializer(serializers.ModelSerializer):
@@ -19,6 +20,7 @@ class UserSerializer(serializers.ModelSerializer):
            # 'password',

        )
+
        read_only_fields = (
            'created', 'createdby', 'modified', 'modifiedby', 'code',
        )
@@ -27,34 +29,45 @@ class UserSerializer(serializers.ModelSerializer):
 class ChangePasswordSerializer(serializers.Serializer):
    old_password = serializers.CharField(required=True)
    new_password = serializers.CharField(required=True, min_length=6)
+    new_password_confirm = serializers.CharField(required=True, min_length=6)

    def validate(self, data):
-        instance = self.context.get("instance")
+
+        instance = self.context.get('view').kwargs['pk']
        old_password = data['old_password']
        new_password = data['new_password']
+
        instance_password = User.objects.filter(
            id=instance
        )
+
        validated_password = check_password(
            old_password,
            instance_password.values().first()['password']
        )

        if validated_password:
+
            password = re.match(
                '([A-Za-z]+[0-9]|[0-9]+[A-Za-z])[A-Za-z0-9]*',
                data['new_password']
            )
+
            if password:
+
                new_password = make_password(data['new_password'])
                instance_password.update(password=new_password)
                instance = User.objects.get(id=instance)
                return instance
+
            elif len(new_password) <= 5:
+
                raise serializers.ValidationError(
                    'Password must be minimum of 6 characters'
                )
+
            else:
+
                raise serializers.ValidationError(
                    'password must be alpha numeric format'
                )

--- a/app/applicationlayer/management/account/views.py
+++ b/app/applicationlayer/management/account/views.py
--- a/app/applicationlayer/utils.py
+++ b/app/applicationlayer/utils.py
+import threading
 from rest_framework.pagination import PageNumberPagination
 from rest_framework.response import Response
 from functools import wraps
@@ -108,4 +109,13 @@ class QuerySetHelper:
                    with_params.append(filtering_kwargs)
                    raw_query = {"$or": with_params}
                    context.queryset = context.queryset(__raw__=raw_query)
-        return context.queryset
\ No newline at end of file
+        return context.queryset
+
+
+def main_threading(args, func_name):
+    t1 = threading.Thread(
+        target=func_name, args=(args,),
+        daemon=False
+    )
+    t1.start()
+    return True
--- a/app/entities/migrations/0007_auto_20190911_1026.py
+++ b/app/entities/migrations/0007_auto_20190911_1026.py
+# Generated by Django 2.2 on 2019-09-11 10:26
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('entities', '0006_emaillogs_is_sent'),
+    ]
+
+    operations = [
+        migrations.AlterModelTable(
+            name='emaillogs',
+            table='email_logs',
+        ),
+    ]
--- a/app/entities/migrations/0007_auto_20190911_1102.py
+++ b/app/entities/migrations/0007_auto_20190911_1102.py
-# Generated by Django 2.2 on 2019-09-11 11:02
-
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('entities', '0006_emaillogs_is_sent'),
-    ]
-
-    operations = [
-        migrations.AlterField(
-            model_name='changerequestformheader',
-            name='requested_to_template_id',
-            field=models.CharField(max_length=255),
-        ),
-    ]
+# Generated by Django 2.2 on 2019-09-11 11:02
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('entities', '0006_emaillogs_is_sent'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='changerequestformheader',
+            name='requested_to_template_id',
+            field=models.CharField(max_length=255),
+        ),
+    ]
--- a/app/entities/migrations/0008_auto_20190911_1715.py
+++ b/app/entities/migrations/0008_auto_20190911_1715.py
-# Generated by Django 2.2 on 2019-09-11 17:15
-
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('entities', '0007_auto_20190911_1102'),
-    ]
-
-    operations = [
-        migrations.AlterField(
-            model_name='changerequesthistory',
-            name='form_code',
-            field=models.CharField(blank=True, max_length=255, null=True),
-        ),
-    ]
+# Generated by Django 2.2 on 2019-09-11 17:15
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('entities', '0007_auto_20190911_1102'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='changerequesthistory',
+            name='form_code',
+            field=models.CharField(blank=True, max_length=255, null=True),
+        ),
+    ]
--- a/app/entities/migrations/0008_passwordreset.py
+++ b/app/entities/migrations/0008_passwordreset.py
+# Generated by Django 2.2 on 2019-09-11 11:53
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('entities', '0007_auto_20190911_1026'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='PasswordReset',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('email', models.EmailField(max_length=255)),
+                ('token', models.CharField(max_length=255)),
+                ('created_at', models.DateTimeField()),
+                ('timeout_at', models.DateTimeField()),
+                ('is_active', models.BooleanField(default=True)),
+                ('code', models.CharField(max_length=50)),
+            ],
+            options={
+                'db_table': 'password_resets',
+            },
+        ),
+    ]
--- a/app/entities/migrations/0009_auto_20190911_1845.py
+++ b/app/entities/migrations/0009_auto_20190911_1845.py
-# Generated by Django 2.2 on 2019-09-11 18:45
-
-from django.db import migrations
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('entities', '0008_auto_20190911_1715'),
-    ]
-
-    operations = [
-        migrations.RenameField(
-            model_name='changerequestformapprovers',
-            old_name='deleted_at',
-            new_name='archived_at',
-        ),
-        migrations.RenameField(
-            model_name='changerequestformattachments',
-            old_name='deleted_at',
-            new_name='archived_at',
-        ),
-        migrations.RenameField(
-            model_name='changerequestformdetails',
-            old_name='deleted_at',
-            new_name='archived_at',
-        ),
-        migrations.RenameField(
-            model_name='changerequestformheader',
-            old_name='deleted_at',
-            new_name='archived_at',
-        ),
-        migrations.RenameField(
-            model_name='changerequestformstakeholders',
-            old_name='deleted_at',
-            new_name='archived_at',
-        ),
-        migrations.RenameField(
-            model_name='changerequesttemplateapprovers',
-            old_name='deleted_at',
-            new_name='archived_at',
-        ),
-        migrations.RenameField(
-            model_name='changerequesttemplateattachments',
-            old_name='deleted_at',
-            new_name='archived_at',
-        ),
-        migrations.RenameField(
-            model_name='changerequesttemplatedetails',
-            old_name='deleted_at',
-            new_name='archived_at',
-        ),
-        migrations.RenameField(
-            model_name='changerequesttemplateheader',
-            old_name='deleted_at',
-            new_name='archived_at',
-        ),
-        migrations.RenameField(
-            model_name='changerequesttemplatestakeholders',
-            old_name='deleted_at',
-            new_name='archived_at',
-        ),
-    ]
+# Generated by Django 2.2 on 2019-09-11 18:45
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('entities', '0008_auto_20190911_1715'),
+    ]
+
+    operations = [
+        migrations.RenameField(
+            model_name='changerequestformapprovers',
+            old_name='deleted_at',
+            new_name='archived_at',
+        ),
+        migrations.RenameField(
+            model_name='changerequestformattachments',
+            old_name='deleted_at',
+            new_name='archived_at',
+        ),
+        migrations.RenameField(
+            model_name='changerequestformdetails',
+            old_name='deleted_at',
+            new_name='archived_at',
+        ),
+        migrations.RenameField(
+            model_name='changerequestformheader',
+            old_name='deleted_at',
+            new_name='archived_at',
+        ),
+        migrations.RenameField(
+            model_name='changerequestformstakeholders',
+            old_name='deleted_at',
+            new_name='archived_at',
+        ),
+        migrations.RenameField(
+            model_name='changerequesttemplateapprovers',
+            old_name='deleted_at',
+            new_name='archived_at',
+        ),
+        migrations.RenameField(
+            model_name='changerequesttemplateattachments',
+            old_name='deleted_at',
+            new_name='archived_at',
+        ),
+        migrations.RenameField(
+            model_name='changerequesttemplatedetails',
+            old_name='deleted_at',
+            new_name='archived_at',
+        ),
+        migrations.RenameField(
+            model_name='changerequesttemplateheader',
+            old_name='deleted_at',
+            new_name='archived_at',
+        ),
+        migrations.RenameField(
+            model_name='changerequesttemplatestakeholders',
+            old_name='deleted_at',
+            new_name='archived_at',
+        ),
+    ]
--- a/app/entities/migrations/0010_auto_20190913_1143.py
+++ b/app/entities/migrations/0010_auto_20190913_1143.py
-# Generated by Django 2.2 on 2019-09-13 11:43
-
-from django.db import migrations
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('entities', '0009_auto_20190911_1845'),
-    ]
-
-    operations = [
-        migrations.RemoveField(
-            model_name='changerequestformapprovers',
-            name='archived_at',
-        ),
-        migrations.RemoveField(
-            model_name='changerequestformattachments',
-            name='archived_at',
-        ),
-        migrations.RemoveField(
-            model_name='changerequestformdetails',
-            name='archived_at',
-        ),
-        migrations.RemoveField(
-            model_name='changerequestformheader',
-            name='archived_at',
-        ),
-        migrations.RemoveField(
-            model_name='changerequestformstakeholders',
-            name='archived_at',
-        ),
-    ]
+# Generated by Django 2.2 on 2019-09-13 11:43
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('entities', '0009_auto_20190911_1845'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='changerequestformapprovers',
+            name='archived_at',
+        ),
+        migrations.RemoveField(
+            model_name='changerequestformattachments',
+            name='archived_at',
+        ),
+        migrations.RemoveField(
+            model_name='changerequestformdetails',
+            name='archived_at',
+        ),
+        migrations.RemoveField(
+            model_name='changerequestformheader',
+            name='archived_at',
+        ),
+        migrations.RemoveField(
+            model_name='changerequestformstakeholders',
+            name='archived_at',
+        ),
+    ]
--- a/app/entities/migrations/0011_merge_20190913_1545.py
+++ b/app/entities/migrations/0011_merge_20190913_1545.py
+# Generated by Django 2.2 on 2019-09-13 15:45
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('entities', '0008_passwordreset'),
+        ('entities', '0010_auto_20190913_1143'),
+    ]
+
+    operations = [
+    ]
--- a/app/entities/models.py
+++ b/app/entities/models.py
@@ -934,3 +934,28 @@ class EmailLogs(AuditClass):
    recipients = models.CharField(max_length=255)
    content = models.TextField()
    is_sent = models.BooleanField(default=True)
+
+    class Meta:
+        db_table = 'email_logs'
+
+
+class PasswordReset(models.Model):
+    email = models.EmailField(max_length=255)
+    token = models.CharField(max_length=255)
+    created_at = models.DateTimeField()
+    timeout_at = models.DateTimeField()
+    is_active = models.BooleanField(default=True)
+    code = models.CharField(max_length=50)
+
+    # def save(self, *args, **kwargs):
+    #     super(PasswordReset, self).save(*args, **kwargs)
+    #     timeout_at = created_at + datetime.timedelta(days=1)
+    #     if self.timeout_at == '':
+    #         self.timeout_at = timeout_at
+    #         self.save()
+
+    def __str__(self):
+        return self.email
+
+    class Meta:
+        db_table = 'password_resets'
--- a/app/helper/decorators.py
+++ b/app/helper/decorators.py
@@ -59,6 +59,15 @@ class rms:
    #         return function(self, request, *args, **kwargs)
    #     return wrapper

+    @staticmethod
+    def admin_permission(function):
+        @wraps(function)
+        def wrapper(self, request, *args, **kwargs):
+            if rms.user_type(self) == rms.enums_user:
+                raise ParseError(access_error)
+            return function(self, request, *args, **kwargs)
+        return wrapper
+
    @staticmethod
    def user_create(function):
        @wraps(function)

--- a/app/helper/email_service/sender.py
+++ b/app/helper/email_service/sender.py
@@ -7,111 +7,139 @@ from django.conf import settings

 # def account_created(args, username, password, receiver) :
 def account_created(args):
+    name = args[0]
+    username = args[1]
+    password = args[2]
+    recipient = args[3]
+    admin = args[4]
+
+    F = open(os.path.join(settings.EMAIL_TEMPLATES_ROOT, 'RMS-NEWUSER.html'), 'r')
+
+    FC = F.read()
+
+    FC = FC.replace('{name}', name)
+    FC = FC.replace('{username}', username)
+    FC = FC.replace('{password}', password)
+    FC = FC.replace('[URL]', settings.FRONT_END_URL)
+    try:
+        send_mail(
+            subject='OB RMS: Welcome!',
+            message='',
+            from_email=settings.EMAIL_DEFAULT_SENDER,
+            recipient_list=(recipient,),
+            html_message=FC,
+            fail_silently=False
+        )
+        models.EmailLogs.objects.create(
+            template='RMS-NEWUSER.html',
+            recipients=recipient,
+            content=FC,
+            is_sent=True,
+            createdby=admin,
+            modifiedby=admin
+        )
+    except Exception as e:
+        models.EmailLogs.objects.create(
+            template='RMS-NEWUSER.html',
+            recipients=recipient,
+            content=FC,
+            is_sent=False,
+            createdby=admin,
+            modifiedby=admin
+        )
+    return True
+
+
+def forgot_password(args):
+    reset_code = args[0]
+    url = args[1]
+    recipient = args[2]
+    admin = args[3]
+
+    F = open(os.path.join(settings.EMAIL_TEMPLATES_ROOT, 'RMS-PASSWORD.html'), 'r')
+
+    FC = F.read()
+
+    FC = FC.replace('{code}', reset_code)
+    FC = FC.replace('{url}', url)
+
+    send_mail(
+        subject='OB RMS: Reset Password',
+        message='',
+        from_email=settings.EMAIL_DEFAULT_SENDER,
+        recipient_list=[recipient,],
+        html_message=FC
+    )
+
+    try:
+        send_mail(
+            subject='OB RMS: Welcome!',
+            message='',
+            from_email=settings.EMAIL_DEFAULT_SENDER,
+            recipient_list=recipient,
+            html_message=FC,
+            fail_silently=False
+        )
+        models.EmailLogs.objects.create(
+            template='RMS-PASSWORD.html',
+            recipients=recipient,
+            content=FC,
+            is_sent=True,
+            createdby=admin,
+            modifiedby=admin
+        )
+    except Exception as e:
+        models.EmailLogs.objects.create(
+            template='RMS-PASSWORD.html',
+            recipients=recipient,
+            content=FC,
+            is_sent=False,
+            createdby=admin,
+            modifiedby=admin
+        )

-  F = open(os.path.join(settings.EMAIL_TEMPLATES_ROOT, 'RMS-NEWUSER.html'), 'r')

-  FC = F.read()
-
-  FC = FC.replace('{name}', args[0])
-  FC = FC.replace('{username}', args[1])
-  FC = FC.replace('{password}', args[2])
-  FC = FC.replace('[URL]', settings.FRONT_END_URL)
-
-#   send_mail(
-#       subject='OB IMS: Welcome!',
-#       message='',
-#       from_email=settings.EMAIL_DEFAULT_SENDER,
-#       recipient_list=[args[3],],
-#       html_message=FC,
-#       fail_silently=True
-#   )
-  try:
-      send_mail(
-          subject='OB IMS: Welcome!',
-          message='',
-          from_email=settings.EMAIL_DEFAULT_SENDER,
-          recipient_list=[args[3],],
-          html_message=FC,
-          fail_silently=False
-      )
-      models.EmailLogs.objects.create(
-          template='RMS-NEWUSER.html',
-          recipients=args[3],
-          content=FC,
-          is_sent=True,
-          createdby=args[3],
-          modifiedby=args[3]
-      )
-  except Exception as e:
-      models.EmailLogs.objects.create(
-          template='RMS-NEWUSER.html',
-          recipients=args[3],
-          content=FC,
-          is_sent=False,
-          createdby=args[3],
-          modifiedby=args[3]
-      )
-
-
-# def account_created(name, username, password, receiver):
-
-#   F = open(os.path.join(
-#       settings.EMAIL_TEMPLATES_ROOT, 'RMS-NEWUSER.html'), 'r'
-#   )
-
-#   FC = F.read()
-
-#   FC = FC.replace('{name}', name)
-#   FC = FC.replace('{username}', username)
-#   FC = FC.replace('{password}', password)
-#   FC = FC.replace('[URL]', settings.FRONT_END_URL)
-
-#   send_mail(
-#     subject='RMS: Welcome!',
-#     message='',
-#     from_email=settings.EMAIL_DEFAULT_SENDER,
-#     recipient_list=[receiver,],
-#     html_message=FC
-#   )
-
-
-
-
-# def forgot_password(reset_code, url, receiver) :
-
-#   F = open(os.path.join(settings.EMAIL_TEMPLATES_ROOT, 'forgot-password.html'), 'r')
+# def password_changed(username, date, receiver) :
+#     F = open(os.path.join(settings.EMAIL_TEMPLATES_ROOT, 'password-changed.html'), 'r')

-#   FC = F.read()
+#     FC = F.read()

-#   FC = FC.replace('[reset_code]', reset_code)
-#   FC = FC.replace('[URL]', url)
+#     FC = FC.replace('[Username]', username)
+#     FC = FC.replace('[Datetime]', date)
+#     FC = FC.replace('[URL]', settings.FRONT_END_URL)

-#   send_mail(
-#     subject='OB IMS: Reset Password',
-#     message='',
-#     from_email=settings.EMAIL_DEFAULT_SENDER,
-#     recipient_list=[receiver,],
-#     html_message=FC
-#   )
+#     send_mail(
+#         subject='OB RMS: Password Changed!',
+#         message='',
+#         from_email=settings.EMAIL_DEFAULT_SENDER,
+#         recipient_list=[receiver,],
+#         html_message=FC
+#     )


-# def password_changed(username, date, receiver) :
+def admin_changepassword(args):
+    name = args[0]
+    username = args[1]
+    password = args[2]
+    recipient = args[3]
+    admin = args[4]

-#   F = open(os.path.join(settings.EMAIL_TEMPLATES_ROOT, 'password-changed.html'), 'r')
+    F = open(os.path.join(settings.EMAIL_TEMPLATES_ROOT, 'RMS-ADMINRESET.html'), 'r')

-#   FC = F.read()
+    FC = F.read()

-#   FC = FC.replace('[Username]', username)
-#   FC = FC.replace('[Datetime]', date)
-#   FC = FC.replace('[URL]', settings.FRONT_END_URL)
+    FC = FC.replace('{name}', name)
+    FC = FC.replace('{username}', username)
+    FC = FC.replace('{password}', password)
+    FC = FC.replace('[URL]', settings.FRONT_END_URL)

-#   send_mail(
-#     subject='OB IMS: Password Changed!',
-#     message='',
-#     from_email=settings.EMAIL_DEFAULT_SENDER,
-#     recipient_list=[receiver,],
-#     html_message=FC
-#   )
+    send_mail(
+        subject='OB RMS: Password Changed!',
+        message='',
+        from_email=settings.EMAIL_DEFAULT_SENDER,
+        recipient_list=[recipient,],
+        html_message=FC
+    )


 # def account_created(username, password, receiver) :

--- a/app/helper/email_service/templates/RMS-ACTIONREQUIRED-VENDOR.html
+++ b/app/helper/email_service/templates/RMS-ACTIONREQUIRED-VENDOR.html
--- a/app/helper/email_service/templates/RMS-ACTIONREQUIRED.html
+++ b/app/helper/email_service/templates/RMS-ACTIONREQUIRED.html
--- a/app/helper/email_service/templates/RMS-ADMINRESET.html
+++ b/app/helper/email_service/templates/RMS-ADMINRESET.html
--- a/app/helper/email_service/templates/RMS-CRACCEPTED.html
+++ b/app/helper/email_service/templates/RMS-CRACCEPTED.html
--- a/app/helper/email_service/templates/RMS-CRACKNOWLEDGE.html
+++ b/app/helper/email_service/templates/RMS-CRACKNOWLEDGE.html
--- a/app/helper/email_service/templates/RMS-CRAPPROVED.html
+++ b/app/helper/email_service/templates/RMS-CRAPPROVED.html
--- a/app/helper/email_service/templates/RMS-CRCANCELLED.html
+++ b/app/helper/email_service/templates/RMS-CRCANCELLED.html
--- a/app/helper/email_service/templates/RMS-CRCOMPLETED.html
+++ b/app/helper/email_service/templates/RMS-CRCOMPLETED.html
--- a/app/helper/email_service/templates/RMS-CROVERDUE.html
+++ b/app/helper/email_service/templates/RMS-CROVERDUE.html
--- a/app/helper/email_service/templates/RMS-CRREJECTED-VENDOR.html
+++ b/app/helper/email_service/templates/RMS-CRREJECTED-VENDOR.html
--- a/app/helper/email_service/templates/RMS-CRREJECTED.html
+++ b/app/helper/email_service/templates/RMS-CRREJECTED.html
--- a/app/helper/email_service/templates/RMS-NEWUSER.html
+++ b/app/helper/email_service/templates/RMS-NEWUSER.html
@@ -16,7 +16,7 @@
 <p>You have been created as a new user of RMS. Please see your default login details below.</p><br>
    
 <b>Username</b><br>{username}<br><br>
-<b>Password</b><br>{password}<br><br>
+<b>Password</b><br>password123<br><br>

 <p>You may change your password through the <u><a href="http://staging.rms.oneberrysystem.com/cms/profile/" style="text-decoration:underline;color:#007bff;" target="_blank">my profile</a></u> section of RMS any time.</p><br>
    

--- a/app/helper/email_service/templates/RMS-PASSWORD.html
+++ b/app/helper/email_service/templates/RMS-PASSWORD.html
--- a/app/helper/email_service/templates/RMS-REMINDER-APPROVER.html
+++ b/app/helper/email_service/templates/RMS-REMINDER-APPROVER.html
--- a/app/helper/email_service/templates/RMS-REMINDER-REQUESTOR.html
+++ b/app/helper/email_service/templates/RMS-REMINDER-REQUESTOR.html
--- a/app/helper/email_service/templates/account-created.html
+++ b/app/helper/email_service/templates/account-created.html
--- a/app/helper/email_service/templates/authorised-po-email-to-supplier.html
+++ b/app/helper/email_service/templates/authorised-po-email-to-supplier.html
--- a/app/helper/email_service/templates/collection-email-to-requestor.html
+++ b/app/helper/email_service/templates/collection-email-to-requestor.html
--- a/app/helper/email_service/templates/draft-po-email-to-supplier.html
+++ b/app/helper/email_service/templates/draft-po-email-to-supplier.html
--- a/app/helper/email_service/templates/forgot-password.html
+++ b/app/helper/email_service/templates/forgot-password.html
--- a/app/helper/email_service/templates/items-delivered-email-to-purchasing.html
+++ b/app/helper/email_service/templates/items-delivered-email-to-purchasing.html
--- a/app/helper/email_service/templates/items-delivered-email-to-requestor.html
+++ b/app/helper/email_service/templates/items-delivered-email-to-requestor.html
--- a/app/helper/email_service/templates/new-line-item-added-email-to-requestor.html
+++ b/app/helper/email_service/templates/new-line-item-added-email-to-requestor.html
--- a/app/helper/email_service/templates/new-project-number.html
+++ b/app/helper/email_service/templates/new-project-number.html
--- a/app/helper/email_service/templates/new-user-account.html
+++ b/app/helper/email_service/templates/new-user-account.html
--- a/app/helper/email_service/templates/password-changed.html
+++ b/app/helper/email_service/templates/password-changed.html
--- a/app/helper/email_service/templates/po-and-grninvoice-mismatch-email-to-purchasing.html
+++ b/app/helper/email_service/templates/po-and-grninvoice-mismatch-email-to-purchasing.html
--- a/app/helper/email_service/templates/po-authorisation-email-to-authoriser.html
+++ b/app/helper/email_service/templates/po-authorisation-email-to-authoriser.html
--- a/app/helper/email_service/templates/po-rejected-email-to-requestor.html
+++ b/app/helper/email_service/templates/po-rejected-email-to-requestor.html
--- a/app/helper/email_service/templates/reset-password.html
+++ b/app/helper/email_service/templates/reset-password.html
--- a/app/helper/email_service/templates/stock-requisition-approved-advance.html
+++ b/app/helper/email_service/templates/stock-requisition-approved-advance.html
--- a/app/helper/email_service/templates/stock-requisition-approved.html
+++ b/app/helper/email_service/templates/stock-requisition-approved.html
--- a/app/helper/email_service/templates/stock-requisition-for-new-line-items.html
+++ b/app/helper/email_service/templates/stock-requisition-for-new-line-items.html
--- a/app/helper/email_service/templates/stock-requisition-rejected.html
+++ b/app/helper/email_service/templates/stock-requisition-rejected.html
--- a/app/helper/email_service/templates/stock-requisition.html
+++ b/app/helper/email_service/templates/stock-requisition.html
--- a/config/settings/dev.py
+++ b/config/settings/dev.py
--- a/config/settings/local.py
+++ b/config/settings/local.py
@@ -36,3 +36,6 @@ REQUESTOR_ACKNOWLEDGE_MESSAGE = config['NOTIFICATION_EMAIL']['REQUESTOR_ACKNOWLE
 REQUESTOR_COMPLETION_MESSAGE = config['NOTIFICATION_EMAIL']['REQUESTOR_COMPLETION_MESSAGE']
 VENDOR_ACCEPTANCE_MESSAGE = config['NOTIFICATION_EMAIL']['VENDOR_ACCEPTANCE_MESSAGE']
 VENDOR_REJECT_MESSAGE = config['NOTIFICATION_EMAIL']['VENDOR_REJECT_MESSAGE']
+
+#ADMIN PROFILE
+CATCH_EMAIL = config['ADMIN']['CATCH_EMAIL']
--- a/env.template.ini
+++ b/env.template.ini
--- a/requirements/RMSv2.postman_collection.json
+++ b/requirements/RMSv2.postman_collection.json