Beispiel #1
0
def post_delete(request, post_id):
    
    # retrieve post
    post = get_object_or_404(Post, pk=post_id)
    project = post.project
            
    # check post is not one of the critical project pages
    if post.is_predefined():
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
    else:
        # check permission: only project members can delete non-predefined project pages
        if not userHasContributorPermission(request.user, project):
            return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
    
    if request.method == 'GET':
        return render(request,
                      'cog/post/post_delete.html', 
                      {'post': post, 'project': project,
                       'title': '%s Deletion Request' % post.type.capitalize()})
    else:
             
        # pass a temporary copy of the object to the view
        _post = copy.copy(post)  
                
        # send post update signal
        post.send_signal(SIGNAL_OBJECT_DELETED)
                
        # delete the post
        post.delete()
    
        return render(request,
                      'cog/post/post_delete.html', 
                      {'post': _post, 'project': project,
                       'title': '%s Deletion Confirmation' % _post.type.capitalize()})
Beispiel #2
0
def bookmark_add(request, project_short_name):

    # load user from session, project from HTTP request
    user = request.user

    project = get_object_or_404(Project, short_name__iexact=project_short_name)

    # security check
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    if request.method == 'GET':

        # create unbounded form object
        form = BookmarkForm(project)

        # return to view
        return render_bookmark_form(request, project, form)

    else:

        # create form object from form data
        form = BookmarkForm(project, request.POST)

        if form.is_valid():
            bookmark = form.save()

            # redirect to the project bookmarks
            return HttpResponseRedirect(
                reverse('bookmark_list', args=[project.short_name.lower()]))

        else:
            print 'Form is invalid: %s' % form.errors
            return render_bookmark_form(request, project, form)
Beispiel #3
0
def bookmark_add(request, project_short_name):
            
    # load user from session, project from HTTP request
    user = request.user
    
    project = get_object_or_404(Project, short_name__iexact=project_short_name)
    
    # security check
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    if request.method == 'GET':
        
        # create unbounded form object
        form = BookmarkForm(project)
        
        # return to view
        return render_bookmark_form(request, project, form) 
        
    else:
        
        # create form object from form data
        form = BookmarkForm(project, request.POST)
        
        if form.is_valid():
            bookmark = form.save()
            
            # redirect to the project bookmarks
            return HttpResponseRedirect(reverse('bookmark_list', args=[project.short_name.lower()]))
                          
        else:
            print 'Form is invalid: %s' % form.errors
            return render_bookmark_form(request, project, form) 
Beispiel #4
0
def folder_update(request, project_short_name, folder_id):

    # retrieve folder from request
    folder = get_object_or_404(Folder, pk=folder_id)

    # security check
    if not userHasContributorPermission(request.user, folder.project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    if request.method == 'GET':
        form = FolderForm(folder.project, instance=folder)
        return render_folder_form(request, folder.project, form)

    else:
        # create form object from form data
        form = FolderForm(folder.project, request.POST, instance=folder)

        if form.is_valid():

            folder = form.save()
            # always set active=True upon updating
            folder.active = True
            folder.save()

            # redirect to bookmarks listing
            return HttpResponseRedirect(
                reverse('bookmark_list',
                        args=[folder.project.short_name.lower()]))

        else:
            # return to view
            print "Form is invalid: %s" % form.errors
            return render_folder_form(request, folder.project, form)
Beispiel #5
0
def folder_update(request, project_short_name, folder_id):
    
    # retrieve folder from request
    folder = get_object_or_404(Folder, pk=folder_id)
    
    # security check
    if not userHasContributorPermission(request.user, folder.project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    if request.method == 'GET':
        form = FolderForm(folder.project, instance=folder)
        return render_folder_form(request, folder.project, form)
    
    else:
        # create form object from form data
        form = FolderForm(folder.project, request.POST, instance=folder)
        
        if form.is_valid():
            
            folder = form.save()
            # always set active=True upon updating
            folder.active = True
            folder.save()
            
            # redirect to bookmarks listing
            return HttpResponseRedirect(reverse('bookmark_list', args=[folder.project.short_name.lower()]))
            
        else:
            # return to view
            print "Form is invalid: %s" % form.errors
            return render_folder_form(request, folder.project, form) 
Beispiel #6
0
 def _buildQuerySet(self, projects, user):
     qs = Q(
         pk=0)  # start with an empty query set - does not match any project
     for p in projects:
         if userHasContributorPermission(user, p):
             qs = qs | Q(pk=p.id)
     return qs
Beispiel #7
0
def doc_add(request, project_short_name):
    project = get_object_or_404(Project, short_name__iexact=project_short_name)
     
    # check permission
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
    
    if request.method == 'GET':
         
        # create empty document
        doc = Doc()
        
        # assign project
        doc.project = project

        # change form such that if a project is private, the Private? checkbox is checked by default
        if doc.project.private:
            doc.is_private = True
        
        # create form from instance
        form = DocForm(project, instance=doc)
        
        return render_doc_form(request, form, project)
    
    else:
        form = DocForm(project, request.POST, request.FILES)

        if form.is_valid():
                        
            doc = form.save(commit=False)
            doc.author = request.user
            if doc.title is None or len(doc.title.strip()) == 0:
                doc.title = basename(doc.file.name)
            # save the document so to assign path in project directory: 'projects/<this project>/<filename>'
            doc.save()
            # store path explicitly in the database so it can be used for searching
            doc.path = doc.file.name
            # must save again
            doc.save()
            
            # optionally create Resource in selected Folder
            folder = form.cleaned_data['folder']
            if folder is not None:
                # must use full URL since Bookmark.url is of type URLField
                url = request.build_absolute_uri(doc.file.url)
                bookmark = Bookmark.objects.create(name=doc.title, url=url, folder=folder, 
                                                   description=doc.description, order=len(folder.bookmark_set.all()))

            # optional redirect
            redirect = form.cleaned_data['redirect']
            if redirect:
                # add newly created doc id to redirect URL (GET-POST-REDIRECT)
                return HttpResponseRedirect(redirect + "?doc_id=%i" % doc.id)
            else:
                # (GET-POST-REDIRECT)
                return HttpResponseRedirect(reverse('doc_detail', kwargs={'doc_id': doc.id}))
        else:
            #print form.errors
            return render_doc_form(request, form, project)
Beispiel #8
0
def userCanPost(user, post):
    
    # page editing is restricted to project administrators
    if post.is_restricted:
        return userHasAdminPermission(user, post.project)
    # page can be edited by all project members
    else:
        return userHasContributorPermission(user, post.project)
Beispiel #9
0
def userCanPost(user, post):

    # page editing is restricted to project administrators
    if post.is_restricted:
        return userHasAdminPermission(user, post.project)
    # page can be edited by all project members
    else:
        return userHasContributorPermission(user, post.project)
Beispiel #10
0
def impacts_update(request, project_short_name, tab):

    # load user from session, project from HTTP request
    user = request.user
    project = get_object_or_404(Project, short_name__iexact=project_short_name)

    # check permission
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    # number of empty instances to be displayed
    # exclude fields 'project', so it doesn't get validated
    # allow for instances to be deleted
    nextras = 2
    ProjectImpactFormSet = modelformset_factory(
        ProjectImpact,
        extra=nextras,
        exclude=('project', ),
        can_delete=True,
        formfield_callback=custom_field_callback)
    queryset = ProjectImpact.objects.filter(project=project)

    # GET
    if request.method == 'GET':

        # create formset instance backed by current saved instances
        # must provide the initial data to all the extra instances,
        # which come in the list after the database instances
        #queryset = ExternalUrl.objects.filter(project=project, type=type)
        #initial_data = [ {'project':project, 'type':type } for count in xrange(len(queryset)+nextras)]
        #formset = ExternalUrlFormSet(queryset=queryset,initial=initial_data)
        formset = ProjectImpactFormSet(queryset=queryset)

        return render_impacts_form(request, project, formset, tab)

    # POST
    else:

        formset = ProjectImpactFormSet(request.POST)

        if formset.is_valid():
            # select instances that have changed, don't save to database yet
            instances = formset.save(commit=False)
            for instance in instances:
                instance.project = project
                instance.order = 1
                instance.save()

            for obj in formset.deleted_objects:
                obj.delete()

            redirect = reverse('aboutus_display',
                               args=[project_short_name, tab])
            return HttpResponseRedirect(redirect)

        else:
            print formset.errors
            return render_impacts_form(request, project, formset, tab)
Beispiel #11
0
def news_add(request, project_short_name):

    project = get_object_or_404(Project, short_name__iexact=project_short_name)

    # check permission
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    # GET method pre-populates the form from the request parameters
    if request.method == 'GET':

        # create empty News object
        news = News()

        # set main project
        news.project = project

        # create form from (unsaved) instance
        form = NewsForm(project, request.user, instance=news)

        return render_news_form(request, request.GET, form, news.project)

    # POST method validates the form data and saves instance to database
    else:

        # create form object from form data
        form = NewsForm(project, request.user, request.POST)

        if form.is_valid():

            # save object to the database
            news = form.save()

            # assign related projects
            for proj in form.cleaned_data['parent_projects']:
                news.other_projects.add(proj)
            for proj in form.cleaned_data['peer_projects']:
                news.other_projects.add(proj)
            for proj in form.cleaned_data['child_projects']:
                news.other_projects.add(proj)

            # save m2m relationships
            news.save()

            # redirect to project home (GET-POST-REDIRECT)
            return HttpResponseRedirect(
                reverse('project_home',
                        args=[news.project.short_name.lower()]))

        # invalid data
        else:
            print "Form is invalid: %s" % form.errors
            news = form.instance
            return render_news_form(request, request.POST, form, news.project)
Beispiel #12
0
def impacts_update(request, project_short_name, tab):

    # load user from session, project from HTTP request
    user = request.user
    project = get_object_or_404(Project, short_name__iexact=project_short_name)

    # check permission
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    # number of empty instances to be displayed
    # exclude fields 'project', so it doesn't get validated
    # allow for instances to be deleted
    nextras = 2
    ProjectImpactFormSet = modelformset_factory(ProjectImpact, extra=nextras, exclude=('project',), can_delete=True,
                                                formfield_callback=custom_field_callback)
    queryset = ProjectImpact.objects.filter(project=project)

    # GET
    if request.method == 'GET':

        # create formset instance backed by current saved instances
        # must provide the initial data to all the extra instances,
        # which come in the list after the database instances
        #queryset = ExternalUrl.objects.filter(project=project, type=type)
        #initial_data = [ {'project':project, 'type':type } for count in xrange(len(queryset)+nextras)]
        #formset = ExternalUrlFormSet(queryset=queryset,initial=initial_data)
        formset = ProjectImpactFormSet(queryset=queryset)

        return render_impacts_form(request, project, formset, tab)

    # POST
    else:

        formset = ProjectImpactFormSet(request.POST)

        if formset.is_valid():
            # select instances that have changed, don't save to database yet
            instances = formset.save(commit=False)
            for instance in instances:
                instance.project = project
                instance.order = 1
                instance.save()

            for obj in formset.deleted_objects:
                obj.delete()

            redirect = reverse('aboutus_display', args=[project_short_name, tab])
            return HttpResponseRedirect(redirect)

        else:
            print formset.errors
            return render_impacts_form(request, project, formset, tab)
Beispiel #13
0
def folder_add(request, project_short_name):

    # retrieve project from request, user from session
    project = get_object_or_404(Project, short_name__iexact=project_short_name)
    # user = request.user

    # security check
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    if request.method == 'GET':

        # create empty Folder object, pre-populate project and user
        folder = Folder()
        folder.project = project

        # get or create top-level folder
        topfolder = getTopFolder(project)
        folder.parent = topfolder

        # create form from instance
        # project is used to sub-select the parent folder options
        form = FolderForm(project,
                          instance=folder,
                          initial={'redirect': request.GET.get('next', None)})
        return render_folder_form(request, project, form)

    else:

        # create form object from form data
        form = FolderForm(project, request.POST)

        if form.is_valid():

            folder = form.save(commit=False)
            # enable new folders by default
            folder.active = True
            folder.save()

            redirect = form.cleaned_data['redirect']
            if redirect is not None and redirect.lower() != 'none' and len(
                    redirect.strip()) > 0:
                return HttpResponseRedirect(redirect)
            else:
                # redirect to bookmark add page
                return HttpResponseRedirect(
                    reverse('bookmark_add', args=[project.short_name.lower()]))

        else:
            # return to view
            print "Form is invalid: %s" % form.errors
            return render_folder_form(request, project, form)
Beispiel #14
0
def news_add(request, project_short_name):

    project = get_object_or_404(Project, short_name__iexact=project_short_name)

    # check permission
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    # GET method pre-populates the form from the request parameters
    if request.method == "GET":

        # create empty News object
        news = News()

        # set main project
        news.project = project

        # create form from (unsaved) instance
        form = NewsForm(project, request.user, instance=news)

        return render_news_form(request, request.GET, form, news.project)

    # POST method validates the form data and saves instance to database
    else:

        # create form object from form data
        form = NewsForm(project, request.user, request.POST)

        if form.is_valid():

            # save object to the database
            news = form.save()

            # assign related projects
            for proj in form.cleaned_data["parent_projects"]:
                news.other_projects.add(proj)
            for proj in form.cleaned_data["peer_projects"]:
                news.other_projects.add(proj)
            for proj in form.cleaned_data["child_projects"]:
                news.other_projects.add(proj)

            # save m2m relationships
            news.save()

            # redirect to project home (GET-POST-REDIRECT)
            return HttpResponseRedirect(reverse("project_home", args=[news.project.short_name.lower()]))

        # invalid data
        else:
            print "Form is invalid: %s" % form.errors
            news = form.instance
            return render_news_form(request, request.POST, form, news.project)
Beispiel #15
0
def folder_add(request, project_short_name):
    
    # retrieve project from request, user from session
    project = get_object_or_404(Project, short_name__iexact=project_short_name)
    # user = request.user
    
    # security check
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
    
    if request.method == 'GET':
        
        # create empty Folder object, pre-populate project and user
        folder = Folder()
        folder.project = project
        
        # get or create top-level folder
        topfolder = getTopFolder(project)
        folder.parent = topfolder
                     
        # create form from instance
        # project is used to sub-select the parent folder options
        form = FolderForm(project, 
                          instance=folder, 
                          initial={'redirect': request.GET.get('next', None)})
        return render_folder_form(request, project, form)
    
    else:
        
        # create form object from form data
        form = FolderForm(project, request.POST)
        
        if form.is_valid():
            
            folder = form.save(commit=False)
            # enable new folders by default
            folder.active = True
            folder.save()
            
            redirect = form.cleaned_data['redirect']
            if redirect is not None and redirect.lower() != 'none' and len(redirect.strip()) > 0:
                return HttpResponseRedirect(redirect)
            else:
                # redirect to bookmark add page
                return HttpResponseRedirect(reverse('bookmark_add', args=[project.short_name.lower()]))
            
        else:
            # return to view
            print "Form is invalid: %s" % form.errors
            return render_folder_form(request, project, form) 
Beispiel #16
0
 def isVisible(self, user):
     
     if self.active == False:
         return False
     elif self.private == False:
         return True
     elif userHasUserPermission(user, self):
         return True
     elif userHasContributorPermission(user, self):
         return True
     elif userHasAdminPermission(user, self):
         return True
     else:
         return False
Beispiel #17
0
def news_update(request, news_id):

    news = get_object_or_404(News, pk=news_id)

    # check permission
    if not userHasContributorPermission(request.user, news.project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    # GET method pre-populates the form with the news properties
    if request.method == 'GET':

        # create form from instance
        form = NewsForm(news.project, request.user, instance=news)
        return render_news_form(request, request.GET, form, news.project)

    # POST method saves the modified instance
    elif request.method == 'POST':

        # update existing database model with form data
        form = NewsForm(news.project,
                        request.user,
                        request.POST,
                        instance=news)
        if form.is_valid():

            # save data from web
            news = form.save()

            # assign related projects
            news.other_projects = []
            for proj in (list(form.cleaned_data['parent_projects']) +
                         list(form.cleaned_data['peer_projects']) +
                         list(form.cleaned_data['child_projects'])):
                if proj not in news.other_projects.all():
                    news.other_projects.add(proj)

            # save new m2m relations
            news.save()

            # redirect to project home (GET-POST-REDIRECT)
            return HttpResponseRedirect(
                reverse('project_home',
                        args=[news.project.short_name.lower()]))

        # invalid data
        else:
            print "Form is invalid: %s" % form.errors
            news = form.instance
            return render_news_form(request, request.POST, form, news.project)
Beispiel #18
0
def news_update(request, news_id):

    news = get_object_or_404(News, pk=news_id)

    # check permission
    if not userHasContributorPermission(request.user, news.project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    # GET method pre-populates the form with the news properties
    if request.method == "GET":

        # create form from instance
        form = NewsForm(news.project, request.user, instance=news)
        return render_news_form(request, request.GET, form, news.project)

    # POST method saves the modified instance
    elif request.method == "POST":

        # update existing database model with form data
        form = NewsForm(news.project, request.user, request.POST, instance=news)
        if form.is_valid():

            # save data from web
            news = form.save()

            # assign related projects
            news.other_projects = []
            for proj in (
                list(form.cleaned_data["parent_projects"])
                + list(form.cleaned_data["peer_projects"])
                + list(form.cleaned_data["child_projects"])
            ):
                if proj not in news.other_projects.all():
                    news.other_projects.add(proj)

            # save new m2m relations
            news.save()

            # redirect to project home (GET-POST-REDIRECT)
            return HttpResponseRedirect(reverse("project_home", args=[news.project.short_name.lower()]))

        # invalid data
        else:
            print "Form is invalid: %s" % form.errors
            news = form.instance
            return render_news_form(request, request.POST, form, news.project)
Beispiel #19
0
def news_delete(request, news_id):

    news = get_object_or_404(News, pk=news_id)
    project = news.project

    # check permission
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    # show confirmation form
    if request.method == "GET":
        return render(request, "cog/news/news_delete.html", {"news": news, "project": project, "title": "Delete News"})

    # execute, and redirect to project's home page
    else:
        news.delete()
        # redirect to project home (GET-POST-REDIRECT)
        return HttpResponseRedirect(reverse("project_home", args=[project.short_name.lower()]))
Beispiel #20
0
def folder_delete(request, project_short_name, folder_id):
    
    # retrieve folder from request
    folder = get_object_or_404(Folder, pk=folder_id)
    project = folder.project
    # parentFolder = folder.topParent()
    
    # security check
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
    
    if folder.parent == None:
        return HttpResponseForbidden("Top-level folders cannot be deleted")
        
    # delete folder and all of its content
    delete_folder(folder)
    
    # redirect to project folder
    return HttpResponseRedirect(reverse('bookmark_list', args=[project.short_name.lower()]))
Beispiel #21
0
def bookmark_delete(request, project_short_name, bookmark_id):
    
    bookmark = get_object_or_404(Bookmark, pk=bookmark_id)
    folder = bookmark.folder
    project = bookmark.folder.project
    
    # security check
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
        
    # delete notes (recursively)
    if bookmark.notes:
        bookmark.notes.delete()
        
    # delete bookmark
    bookmark.delete()
    
    # redirect to bookmarks view
    return HttpResponseRedirect(reverse('bookmark_list', args=[project.short_name.lower()]))
Beispiel #22
0
def folder_delete(request, project_short_name, folder_id):

    # retrieve folder from request
    folder = get_object_or_404(Folder, pk=folder_id)
    project = folder.project
    # parentFolder = folder.topParent()

    # security check
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    if folder.parent == None:
        return HttpResponseForbidden("Top-level folders cannot be deleted")

    # delete folder and all of its content
    delete_folder(folder)

    # redirect to project folder
    return HttpResponseRedirect(
        reverse('bookmark_list', args=[project.short_name.lower()]))
Beispiel #23
0
def bookmark_delete(request, project_short_name, bookmark_id):

    bookmark = get_object_or_404(Bookmark, pk=bookmark_id)
    folder = bookmark.folder
    project = bookmark.folder.project

    # security check
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    # delete notes (recursively)
    if bookmark.notes:
        bookmark.notes.delete()

    # delete bookmark
    bookmark.delete()

    # redirect to bookmarks view
    return HttpResponseRedirect(
        reverse('bookmark_list', args=[project.short_name.lower()]))
Beispiel #24
0
def doc_remove(request, doc_id):
        
    # retrieve document from database
    doc = get_object_or_404(Doc, pk=doc_id)
    project = doc.project
    
    # check permission
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
    
    # delete doc altogether
    delete_doc(doc)
        
    # redirect to original page, or to project home if not found
    redirect = getQueryDict(request).get('redirect', None)
    if redirect is None:
        redirect = reverse('project_home', kwargs={'project_short_name': project.short_name.lower()})
    
    # redirect to project home page
    #return HttpResponseRedirect( reverse('doc_list', kwargs={'project_short_name': project.short_name.lower() } ) ) 
    return HttpResponseRedirect(redirect)
Beispiel #25
0
def bookmark_update(request, project_short_name, bookmark_id):

    bookmark = get_object_or_404(Bookmark, pk=bookmark_id)
    project = bookmark.folder.project

    # security check
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    if request.method == 'GET':
        # create form object from model
        form = BookmarkForm(project, instance=bookmark)
        # return to view
        return render_bookmark_form(request, project, form)

    else:

        # create form object from form data
        form = BookmarkForm(project, request.POST, instance=bookmark)

        if form.is_valid():

            bookmark = form.save()

            # update associated Doc, if any
            doc = getDocFromBookmark(bookmark)
            if doc is not None:
                print 'Updating associated doc: %s' % doc
                doc.title = bookmark.name
                doc.description = bookmark.description
                doc.save()

            # redirect to bookmarks listing
            return HttpResponseRedirect(
                reverse('bookmark_list', args=[project.short_name.lower()]))

        else:
            print "Form is invalid: %s" % form.errors
            # return to view
            return render_bookmark_form(request, project, form)
Beispiel #26
0
def bookmark_update(request, project_short_name, bookmark_id):
    
    bookmark = get_object_or_404(Bookmark, pk=bookmark_id)
    project = bookmark.folder.project
    
    # security check
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
        
    if request.method == 'GET':
        # create form object from model
        form = BookmarkForm(project, instance=bookmark)
        # return to view
        return render_bookmark_form(request, project, form) 

    else:
        
        # create form object from form data
        form = BookmarkForm(project, request.POST, instance=bookmark)
        
        if form.is_valid():
            
            bookmark = form.save()
            
            # update associated Doc, if any
            doc = getDocFromBookmark(bookmark)
            if doc is not None:
                print 'Updating associated doc: %s' % doc
                doc.title = bookmark.name
                doc.description = bookmark.description
                doc.save()
            
            # redirect to bookmarks listing
            return HttpResponseRedirect(reverse('bookmark_list', args=[project.short_name.lower()]))
            
        else:
            print "Form is invalid: %s" % form.errors
            # return to view
            return render_bookmark_form(request, project, form)  
Beispiel #27
0
def post_delete(request, post_id):

    # retrieve post
    post = get_object_or_404(Post, pk=post_id)
    project = post.project

    # check post is not one of the critical project pages
    if post.is_predefined():
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
    else:
        # check permission: only project members can delete non-predefined project pages
        if not userHasContributorPermission(request.user, project):
            return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    if request.method == 'GET':
        return render(
            request, 'cog/post/post_delete.html', {
                'post': post,
                'project': project,
                'title': '%s Deletion Request' % post.type.capitalize()
            })
    else:

        # pass a temporary copy of the object to the view
        _post = copy.copy(post)

        # send post update signal
        post.send_signal(SIGNAL_OBJECT_DELETED)

        # delete the post
        post.delete()

        return render(
            request, 'cog/post/post_delete.html', {
                'post': _post,
                'project': project,
                'title': '%s Deletion Confirmation' % _post.type.capitalize()
            })
Beispiel #28
0
def bookmark_add2(request, project_short_name):

    # load user from session, project from HTTP request
    user = request.user

    project = get_object_or_404(Project, short_name__iexact=project_short_name)

    # security check
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    response_data = {}
    response_data['errors'] = {}
    if request.method == 'POST':

        # create form object from form data
        form = BookmarkForm(project, request.POST)

        if form.is_valid():
            bookmark = form.save()
            response_data['result'] = 'Success'
            response_data['message'] = 'Your bookmark was saved.'

        else:
            print 'Form is invalid: %s' % form.errors
            # encode errors in response - although not used
            for key, value in form.errors.items():
                response_data['errors'][key] = value
            response_data['result'] = 'Error'
            response_data[
                'message'] = 'Sorry, the form data is invalid: %s' % form.errors

    else:
        response_data['result'] = 'Error'
        response_data['message'] = 'Sorry, the GET method is not supported'

    return HttpResponse(json.dumps(response_data),
                        content_type='application/json')
Beispiel #29
0
def doc_remove(request, doc_id):

    # retrieve document from database
    doc = get_object_or_404(Doc, pk=doc_id)
    project = doc.project

    # check permission
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    # delete doc altogether
    delete_doc(doc)

    # redirect to original page, or to project home if not found
    redirect = getQueryDict(request).get('redirect', None)
    if redirect is None:
        redirect = reverse(
            'project_home',
            kwargs={'project_short_name': project.short_name.lower()})

    # redirect to project home page
    #return HttpResponseRedirect( reverse('doc_list', kwargs={'project_short_name': project.short_name.lower() } ) )
    return HttpResponseRedirect(redirect)
Beispiel #30
0
def news_delete(request, news_id):

    news = get_object_or_404(News, pk=news_id)
    project = news.project

    # check permission
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    # show confirmation form
    if request.method == 'GET':
        return render(request, 'cog/news/news_delete.html', {
            'news': news,
            'project': project,
            'title': 'Delete News'
        })

    # execute, and redirect to project's home page
    else:
        news.delete()
        # redirect to project home (GET-POST-REDIRECT)
        return HttpResponseRedirect(
            reverse('project_home', args=[project.short_name.lower()]))
Beispiel #31
0
def doc_update(request, doc_id):

    # retrieve document from database
    doc = get_object_or_404(Doc, pk=doc_id)

    # check permission
    if not userHasContributorPermission(request.user, doc.project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    if request.method == 'GET':
        # create form from model
        form = DocForm(doc.project, instance=doc)
        return render_doc_form(request, form, doc.project)

    else:

        form = DocForm(doc.project, request.POST, request.FILES, instance=doc)

        if form.is_valid():

            # update existing database model with form data
            doc = form.save()

            # update associated Bookmar, if any
            bookmark = getBookmarkFromDoc(doc)
            if bookmark is not None:
                bookmark.name = doc.title
                bookmark.description = doc.description
                bookmark.save()
                print 'Updated associated bookmark: %s' % bookmark

            # redirect to document detail (GET-POST-REDIRECT)
            return HttpResponseRedirect(
                reverse('doc_detail', kwargs={'doc_id': doc.id}))

        else:
            return render_doc_form(request, form, doc.project)
Beispiel #32
0
def bookmark_add2(request, project_short_name):
            
    # load user from session, project from HTTP request
    user = request.user
    
    project = get_object_or_404(Project, short_name__iexact=project_short_name)
    
    # security check
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    response_data = {}
    response_data['errors'] = {}
    if request.method == 'POST':
    
        # create form object from form data
        form = BookmarkForm(project, request.POST)
        
        if form.is_valid():
            bookmark = form.save()
            response_data['result'] = 'Success'
            response_data['message'] = 'Your bookmark was saved.'
                                      
        else:
            print 'Form is invalid: %s' % form.errors
            # encode errors in response - although not used
            for key, value in form.errors.items():
                response_data['errors'][key] = value           
            response_data['result'] = 'Error'
            response_data['message'] = 'Sorry, the form data is invalid: %s' % form.errors

    else:
        response_data['result'] = 'Error'
        response_data['message'] = 'Sorry, the GET method is not supported'
                
    return HttpResponse(json.dumps(response_data), content_type='application/json')    
Beispiel #33
0
def doc_update(request, doc_id):
    
    # retrieve document from database
    doc = get_object_or_404(Doc, pk=doc_id)
    
    # check permission
    if not userHasContributorPermission(request.user, doc.project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
    
    if request.method == 'GET':
        # create form from model
        form = DocForm(doc.project, instance=doc)
        return render_doc_form(request, form, doc.project)
        
    else:
        
        form = DocForm(doc.project, request.POST, request.FILES, instance=doc)
        
        if form.is_valid():
            
            # update existing database model with form data
            doc = form.save()
            
            # update associated Bookmar, if any
            bookmark = getBookmarkFromDoc(doc)
            if bookmark is not None:
                bookmark.name = doc.title
                bookmark.description = doc.description
                bookmark.save()
                print 'Updated associated bookmark: %s' % bookmark
            
            # redirect to document detail (GET-POST-REDIRECT)
            return HttpResponseRedirect(reverse('doc_detail', kwargs={'doc_id': doc.id}))
        
        else:
            return render_doc_form(request, form, doc.project)
Beispiel #34
0
def external_urls_update(request, project_short_name, suburl):
    
    # load user from session, project from HTTP request
    user = request.user
    project = get_object_or_404(Project, short_name__iexact=project_short_name)
    
    # check permission
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
    
    try:
        externalUrlConf = externalUrlManager.getConf(suburl=suburl)
    except KeyError:
        raise Exception("URL: %s is not properly configured" % request.path)
    type = externalUrlConf.type

    redirect = reverse('%s_display' % suburl, args=[project_short_name, suburl])
    
    # number of empty instances to be displayed
    # exclude fields 'project', 'type' so they don't get validated
    # allow for instances to be deleted
    nextras = 1
    ExternalUrlFormSet = modelformset_factory(ExternalUrl, extra=nextras, exclude=('project', 'type'), can_delete=True,
                                              #widgets={'description': Textarea(attrs={'rows': 4})} ) # not working
                                              formfield_callback=custom_field_callback)
    
    # GET
    if request.method == 'GET':
        print type

        # create formset instance backed by current saved instances
        # must provide the initial data to all the extra instances, 
        # which come in the list after the database instances

        # if template is release schedules or prioritization, which are dates, reverse order of the urls
        # sorting of the view occurs in models/project.py/get_external_urls()
        if type == 'release_schedule':
            formset = ExternalUrlFormSet(queryset=ExternalUrl.objects.filter(project=project, type=type).
                                         order_by('-title'))

        elif type == 'prioritization':
            formset = ExternalUrlFormSet(queryset=ExternalUrl.objects.filter(project=project, type=type).
                                         order_by('-title'))
        else:

            # external_urls are ordered by title when editing to match the order when just viewing.
            formset = ExternalUrlFormSet(queryset=ExternalUrl.objects.filter(project=project, type=type).
                                         order_by('title'))

        return render_external_urls_form(request, project, formset, externalUrlConf, redirect)
    
    # POST
    else:
        formset = ExternalUrlFormSet(request.POST)

        if formset.is_valid():
            # select instances that have changed, don't save to database yet
            instances = formset.save(commit=False)
            # must manually delete the instances marked for deletion
            for obj in formset.deleted_objects:
                obj.delete()
            # for all others, assign the project reference and persist changes
            for instance in instances:
                instance.project = project
                instance.type = type
                instance.save()
            return HttpResponseRedirect(redirect)
        
        else:
            print formset.errors
            return render_external_urls_form(request, project, formset, externalUrlConf, redirect)
Beispiel #35
0
def doc_add(request, project_short_name):
    project = get_object_or_404(Project, short_name__iexact=project_short_name)

    # check permission
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    if request.method == 'GET':

        # create empty document
        doc = Doc()

        # assign project
        doc.project = project

        # change form such that if a project is private, the Private? checkbox is checked by default
        if doc.project.private:
            doc.is_private = True

        # create form from instance
        form = DocForm(project, instance=doc)

        return render_doc_form(request, form, project)

    else:
        form = DocForm(project, request.POST, request.FILES)

        if form.is_valid():

            doc = form.save(commit=False)
            doc.author = request.user
            if doc.title is None or len(doc.title.strip()) == 0:
                doc.title = basename(doc.file.name)
            # save the document so to assign path in project directory: 'projects/<this project>/<filename>'
            doc.save()
            # store path explicitly in the database so it can be used for searching
            doc.path = doc.file.name
            # must save again
            doc.save()

            # optionally create Resource in selected Folder
            folder = form.cleaned_data['folder']
            if folder is not None:
                # must use full URL since Bookmark.url is of type URLField
                url = request.build_absolute_uri(doc.file.url)
                bookmark = Bookmark.objects.create(
                    name=doc.title,
                    url=url,
                    folder=folder,
                    description=doc.description,
                    order=len(folder.bookmark_set.all()))

            # optional redirect
            redirect = form.cleaned_data['redirect']
            if redirect:
                # add newly created doc id to redirect URL (GET-POST-REDIRECT)
                return HttpResponseRedirect(redirect + "?doc_id=%i" % doc.id)
            else:
                # (GET-POST-REDIRECT)
                return HttpResponseRedirect(
                    reverse('doc_detail', kwargs={'doc_id': doc.id}))
        else:
            #print form.errors
            return render_doc_form(request, form, project)
Beispiel #36
0
def external_urls_update(request, project_short_name, suburl):

    # load user from session, project from HTTP request
    user = request.user
    project = get_object_or_404(Project, short_name__iexact=project_short_name)

    # check permission
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    try:
        externalUrlConf = externalUrlManager.getConf(suburl=suburl)
    except KeyError:
        raise Exception("URL: %s is not properly configured" % request.path)
    type = externalUrlConf.type

    redirect = reverse('%s_display' % suburl,
                       args=[project_short_name, suburl])

    # number of empty instances to be displayed
    # exclude fields 'project', 'type' so they don't get validated
    # allow for instances to be deleted
    nextras = 1
    ExternalUrlFormSet = modelformset_factory(
        ExternalUrl,
        extra=nextras,
        exclude=('project', 'type'),
        can_delete=True,
        #widgets={'description': Textarea(attrs={'rows': 4})} ) # not working
        formfield_callback=custom_field_callback)

    # GET
    if request.method == 'GET':
        print type

        # create formset instance backed by current saved instances
        # must provide the initial data to all the extra instances,
        # which come in the list after the database instances

        # if template is release schedules or prioritization, which are dates, reverse order of the urls
        # sorting of the view occurs in models/project.py/get_external_urls()
        if type == 'release_schedule':
            formset = ExternalUrlFormSet(queryset=ExternalUrl.objects.filter(
                project=project, type=type).order_by('-title'))

        elif type == 'prioritization':
            formset = ExternalUrlFormSet(queryset=ExternalUrl.objects.filter(
                project=project, type=type).order_by('-title'))
        else:

            # external_urls are ordered by title when editing to match the order when just viewing.
            formset = ExternalUrlFormSet(queryset=ExternalUrl.objects.filter(
                project=project, type=type).order_by('title'))

        return render_external_urls_form(request, project, formset,
                                         externalUrlConf, redirect)

    # POST
    else:
        formset = ExternalUrlFormSet(request.POST)

        if formset.is_valid():
            # select instances that have changed, don't save to database yet
            instances = formset.save(commit=False)
            # must manually delete the instances marked for deletion
            for obj in formset.deleted_objects:
                obj.delete()
            # for all others, assign the project reference and persist changes
            for instance in instances:
                instance.project = project
                instance.type = type
                instance.save()
            return HttpResponseRedirect(redirect)

        else:
            print formset.errors
            return render_external_urls_form(request, project, formset,
                                             externalUrlConf, redirect)
Beispiel #37
0
def post_add(request, project_short_name, owner=None):
    """
    View to create a Post object within a context project.
    Optionally, an owner object can be specified, which is assigned a reference to the newly created Post
    through its method .setPost(Post)
    """
    
    # load project
    project = get_object_or_404(Project, short_name__iexact=project_short_name)
    
    # check permission
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    # retrieve type
    postType = getQueryDict(request).get('type')
  
    if request.method == 'GET':
        
        # create empty Post object, pre-populate project and type
        post = Post()
        post.project = project
        post.type = postType
        
        # optionally assign parent Post
        parent_id = request.GET.get('parent_id', None)
        if parent_id:
            ppost = get_object_or_404(Post, pk=parent_id)
            post.parent = ppost
            post.topic = ppost.topic
            
        # set fixed fields for hyperlinks
        #if postType == Post.TYPE_HYPERLINK:
        #    post.template = None
        #    post.is_private = False
        #    post.is_restricted = False
             
        # create form from instance
        # note extra argument project to customize the queryset!
        form = PostForm(postType, project, instance=post)
        return render_post_form(request, form, project, postType)
    
    else:
        # create form object from form data
        form = PostForm(postType, project, request.POST)
        if form.is_valid():
            # create a new post object but don't save it to the database yet
            post = form.save(commit=False)
            # modify the post object
            post.author = request.user
            # update date 
            post.update_date = now()

            # page: build full page URL
            if post.type == Post.TYPE_PAGE:
                post.url = get_project_page_full_url(project, post.url)
            elif post.type != Post.TYPE_HYPERLINK:
                # assign temporary value before object id is assigned
                post.url = datetime.now()
            # assign post order, if top-level
            # note that the post.topic may be None
            if post.parent is None:
                pages = Post.objects.filter(project=project).filter(topic=post.topic).filter(parent=None).\
                    filter(Q(type=Post.TYPE_PAGE) | Q(type=Post.TYPE_HYPERLINK)).order_by('order')
                post.order = len(pages)+1
            else:
                post.order = 0
            # save post object to the database (GET-POST-REDIRECT)
            post.save()
            # assign post URL and save again
            if post.type == Post.TYPE_BLOG or post.type == Post.TYPE_NOTES:
                post.url = reverse('post_detail', args=[post.id])
                post.save()
                
            # create project-topic relation if not existing already
            if post.topic is not None:
                createProjectTopicIfNotExisting(project, post.topic)
                    
            # assign this reference to owner
            if owner is not None:
                owner.setPost(post)
                owner.save()
                       
            # send post update signal
            post.send_signal(SIGNAL_OBJECT_CREATED)
                
            # redirect to post (GET-POST-REDIRECT)
            if post.type != Post.TYPE_HYPERLINK:
                return redirect_to_post(request, post)
            # or to project home page
            else:
                return HttpResponseRedirect(reverse('project_home', args=[project_short_name.lower()]))
                
        # invalid data
        else:
            print form.errors
            return render_post_form(request, form, project, postType)
Beispiel #38
0
def hasContributorPermission(user, project):
    return userHasContributorPermission(user, project)
Beispiel #39
0
def hasContributorPermission(user, project):
    return userHasContributorPermission(user, project)
Beispiel #40
0
def post_add(request, project_short_name, owner=None):
    """
    View to create a Post object within a context project.
    Optionally, an owner object can be specified, which is assigned a reference to the newly created Post
    through its method .setPost(Post)
    """

    # load project
    project = get_object_or_404(Project, short_name__iexact=project_short_name)

    # check permission
    if not userHasContributorPermission(request.user, project):
        return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)

    # retrieve type
    postType = getQueryDict(request).get('type')

    if request.method == 'GET':

        # create empty Post object, pre-populate project and type
        post = Post()
        post.project = project
        post.type = postType

        # optionally assign parent Post
        parent_id = request.GET.get('parent_id', None)
        if parent_id:
            ppost = get_object_or_404(Post, pk=parent_id)
            post.parent = ppost
            post.topic = ppost.topic

        # set fixed fields for hyperlinks
        #if postType == Post.TYPE_HYPERLINK:
        #    post.template = None
        #    post.is_private = False
        #    post.is_restricted = False

        # create form from instance
        # note extra argument project to customize the queryset!
        form = PostForm(postType, project, instance=post)
        return render_post_form(request, form, project, postType)

    else:
        # create form object from form data
        form = PostForm(postType, project, request.POST)
        if form.is_valid():
            # create a new post object but don't save it to the database yet
            post = form.save(commit=False)
            # modify the post object
            post.author = request.user
            # update date
            post.update_date = now()

            # page: build full page URL
            if post.type == Post.TYPE_PAGE:
                post.url = get_project_page_full_url(project, post.url)
            elif post.type != Post.TYPE_HYPERLINK:
                # assign temporary value before object id is assigned
                post.url = datetime.now()
            # assign post order, if top-level
            # note that the post.topic may be None
            if post.parent is None:
                pages = Post.objects.filter(project=project).filter(topic=post.topic).filter(parent=None).\
                    filter(Q(type=Post.TYPE_PAGE) | Q(type=Post.TYPE_HYPERLINK)).order_by('order')
                post.order = len(pages) + 1
            else:
                post.order = 0
            # save post object to the database (GET-POST-REDIRECT)
            post.save()
            # assign post URL and save again
            if post.type == Post.TYPE_BLOG or post.type == Post.TYPE_NOTES:
                post.url = reverse('post_detail', args=[post.id])
                post.save()

            # create project-topic relation if not existing already
            if post.topic is not None:
                createProjectTopicIfNotExisting(project, post.topic)

            # assign this reference to owner
            if owner is not None:
                owner.setPost(post)
                owner.save()

            # send post update signal
            post.send_signal(SIGNAL_OBJECT_CREATED)

            # redirect to post (GET-POST-REDIRECT)
            if post.type != Post.TYPE_HYPERLINK:
                return redirect_to_post(request, post)
            # or to project home page
            else:
                return HttpResponseRedirect(
                    reverse('project_home', args=[project_short_name.lower()]))

        # invalid data
        else:
            print form.errors
            return render_post_form(request, form, project, postType)
Beispiel #41
0
 def _buildQuerySet(self, projects, user):
     qs = Q(pk=0)  # start with an empty query set - does not match any project
     for p in projects:
         if userHasContributorPermission(user, p):
             qs = qs | Q(pk=p.id)
     return qs