def _check_permission_for_user(self, user, **permissions):
# checks if user is owner or has ACL access
if check_access(user, self, **permissions):
return True
# if record does not have individual ACL...
if len(_records_with_individual_acl_by_ids([self.id])) > 0:
return False
# ...check collection access
return filter_by_access(
user, self.collection_set, **permissions).count() > 0
def _check_permission_for_user(self, user, **permissions):
# checks if user is owner or has ACL access
if check_access(user, self, **permissions):
return True
# if record does not have individual ACL...
if len(_records_with_individual_acl_by_ids([self.id])) > 0:
return False
# ...check collection access
return filter_by_access(
user, self.collection_set, **permissions).count() > 0
def editable_by(self, user):
return self.record.editable_by(user) and check_access(
user, self.storage, write=True)
def upload(request):
collection = Collection.objects.get(name='the-breeze')
storage = Storage.objects.get(name='the-breeze')
check_access(request.user, collection, write=True, fail_if_denied=True)
check_access(request.user, storage, write=True, fail_if_denied=True)
fcoverage = standardfield('coverage')
fdate = standardfield('date')
ftitle = standardfield('title')
fdescription = standardfield('description')
fidentifier = standardfield('identifier')
if request.method == 'POST':
form = UploadForm(request.POST, request.FILES)
if form.is_valid():
volume = str(form.cleaned_data['volume'])
issue = str(form.cleaned_data['issue'])
date = str(form.cleaned_data['date'])
pages = str(form.cleaned_data['pages'])
publication = form.cleaned_data['publication']
title = '%s %s Volume %s Issue %s' % (
publication,
date,
volume,
issue,
)
record = Record.objects.create()
CollectionItem.objects.create(record=record, collection=collection)
record.fieldvalue_set.create(
field=ftitle,
label=None,
order=1,
value=title,
)
record.fieldvalue_set.create(
field=fcoverage,
label='Volume',
order=2,
value=volume,
)
record.fieldvalue_set.create(
field=fcoverage,
label='Issue',
order=3,
value=issue,
)
record.fieldvalue_set.create(
field=fdate,
label=None,
order=4,
value=date,
)
record.fieldvalue_set.create(
field=fdescription,
label='Pages',
order=5,
value=pages,
)
record.fieldvalue_set.create(
field=fidentifier,
label=None,
order=6,
value=title,
hidden=True,
)
import re
filename = re.sub(r'[^a-z0-9]+', '-', title.lower()) + '.pdf'
media = Media.objects.create(
record=record,
storage=storage,
mimetype='application/pdf',
)
media.save_file(filename, request.FILES['pdf'])
return HttpResponseRedirect(reverse('thebreeze-main'))
else:
form = UploadForm()
return render_to_response('thebreeze-upload.html',
{'breezelogo': 'breeze_logo_%s.png' %
random.choice('00 01 02 03 04'.split()),
'form': form,
},
context_instance=RequestContext(request))
def editable_by(self, user):
return self.record.editable_by(user) and check_access(
user, self.storage, write=True)