def q_test(request):
context = add_parameters_to_context(request)
project = QProject.objects.get(pk=1)
# work out user roles...
project_authenticated = project.authenticated
current_user = request.user
is_admin = is_admin_of(current_user, project)
is_user = is_user_of(current_user, project)
is_member = is_member_of(current_user, project)
is_pending = is_pending_of(current_user, project)
can_view = True
can_edit = not project_authenticated or (is_user or is_admin)
can_customize = not project_authenticated or is_admin
can_join = current_user.is_authenticated() and not (is_member or is_user or is_admin)
can_delete = is_admin
can_manage = is_admin
can_publish = is_user or is_admin
# gather all the extra information required by the template
template_context = {
"project": project,
"can_customize": can_customize,
"can_edit": can_edit,
"can_view": can_view,
"can_join": can_join,
"can_delete": can_delete,
"can_manage": can_manage,
"can_publish": can_publish,
}
return render_to_response('questionnaire/q_test.html', template_context, context_instance=context)
def has_object_permission(self, request, view, obj):
# anybody can submit GET, HEAD, or OPTIONS requests
if request.method in permissions.SAFE_METHODS:
return True
# anybody can manipulate objects in a non-authenticated project
project = obj.project
if not project.authenticated:
return True
# but every other request requires project admin permissions
current_user = request.user
return current_user.is_authenticated() and is_user_of(current_user, project)
def q_project(request, project_name=None):
context = add_parameters_to_context(request)
try:
project = QProject.objects.get(name=project_name)
except QProject.DoesNotExist:
if not project_name:
msg = u"Please specify a project name."
else:
msg = u"Unable to locate project '%s'" % (project_name)
return q_error(request, error_msg=msg)
if not project.is_active:
msg = u"This project has been disabled."
return q_error(request, error_msg=msg)
# work out user roles...
project_authenticated = project.authenticated
current_user = request.user
can_view = True # is_member_of(current_user, project) or not project_authenticated
can_edit = not project_authenticated or (is_user_of(current_user, project) or is_admin_of(current_user, project))
can_customize = not project_authenticated or is_admin_of(current_user, project)
can_join = current_user.is_authenticated() and not (is_member_of(current_user, project) and is_user_of(current_user, project) and is_admin_of(current_user, project))
can_delete = is_admin_of(current_user, project)
# TODO:
# has_published = project.models.published_documents().count() > 0
has_published = project.models_bak.filter(is_document=True, is_root=True, is_published=True).count() > 0
# gather all the extra information required by the template
_dict = {
"project": project,
"can_customize": can_customize,
"can_edit": can_edit,
"can_view": can_view,
"can_join": can_join,
"can_delete": can_delete,
"has_published": has_published,
}
return render_to_response('questionnaire/q_project.html', _dict, context_instance=context)
def q_edit_new(request, project_name=None, ontology_key=None, document_type=None):
# save any request parameters...
# (in case of redirection)
context = add_parameters_to_context(request)
# check the arguments...
validity, project, ontology, model_proxy, model_customization, msg = validate_view_arguments(
project_name=project_name,
ontology_key=ontology_key,
document_type=document_type
)
if not validity:
return q_error(request, msg)
# check authentication...
# (not using "@login_required" b/c some projects ignore authentication)
current_user = request.user
if project.authenticated:
if not current_user.is_authenticated():
next_page = add_parameters_to_url(reverse("account_login"), next=request.path)
return HttpResponseRedirect(next_page)
if not is_user_of(current_user, project):
next_page = reverse("project", kwargs={"project_name": project_name})
msg = "You have tried to view a restricted resource for this project. Please consider joining."
messages.add_message(request, messages.WARNING, msg)
return HttpResponseRedirect(next_page)
# get (or set) realization objects from the cache...
session_key = get_key_from_request(request)
cached_realizations_key = "{0}_realizations".format(session_key)
model_realization = get_or_create_cached_object(request.session, cached_realizations_key,
get_new_realizations,
**{
"project": project,
"ontology": ontology,
"model_proxy": model_proxy,
"key": model_proxy.name,
}
)
if current_user.is_authenticated():
set_owner(model_realization, evaluate_lazy_object(current_user))
model_realization.is_root = True # TODO: COME UP W/ A BETTER WAY OF DEALING W/ "is_root"
# no forms are created here,
# instead the load-on-demand paradigm is used,
# work out various paths, so that ng can reload things as needed...
view_url_dirname = request.path.rsplit('/', 1)[0]
api_url_dirname = reverse("realization-list").rsplit('/', 1)[0]
# gather all the extra information required by the template...
template_context = {
"project": project,
"ontology": ontology,
"proxy": model_proxy,
"view_url_dirname": view_url_dirname,
"api_url_dirname": api_url_dirname,
"session_key": session_key,
"customization": model_customization,
"realization": model_realization,
"read_only": "false", # passing "false" instead of False b/c this is a JS variable
}
return render_to_response('questionnaire/q_edit.html', template_context, context_instance=context)
def q_edit_existing(request, project_name=None, ontology_key=None, document_type=None, realization_pk=None):
# save any request parameters...
# (in case of redirection)
context = add_parameters_to_context(request)
# check the arguments...
validity, project, ontology, model_proxy, model_customization, msg = validate_view_arguments(
project_name=project_name,
ontology_key=ontology_key,
document_type=document_type
)
if not validity:
return q_error(request, msg)
# check authentication...
# (not using "@login_required" b/c some projects ignore authentication)
current_user = request.user
if project.authenticated:
if not current_user.is_authenticated():
next_page = add_parameters_to_url(reverse("account_login"), next=request.path)
return HttpResponseRedirect(next_page)
if not is_user_of(current_user, project):
next_page = reverse("project", kwargs={"project_name": project_name})
msg = "You have tried to view a restricted resource for this project. Please consider joining."
messages.add_message(request, messages.WARNING, msg)
return HttpResponseRedirect(next_page)
# get (or set) realization objects from the cache...
# note that unlike in "q_edit_new" above, this bit is enclosed in a try/catch block
try:
session_key = get_key_from_request(request)
cached_realizations_key = "{0}_realizations".format(session_key)
model_realization = get_or_create_cached_object(request.session, cached_realizations_key,
get_existing_realizations,
**{
"project": project,
"ontology": ontology,
"model_proxy": model_proxy,
"model_id": realization_pk
}
)
except ObjectDoesNotExist:
msg = "Cannot find a document with an id of '{0}' for that project/ontology/document type combination.".format(realization_pk)
return q_error(request, msg)
# no forms are created here,
# instead the load-on-demand paradigm is used,
# work out various paths, so that ng can reload things as needed...
# (notice these are slightly different than in "q_edit_new" above
view_url_dirname = request.path.rsplit('/', 1)[0]
api_url_dirname = reverse("realization-detail", kwargs={"pk": model_realization.pk}).rsplit('/', 2)[0]
# gather all the extra information required by the template...
template_context = {
"project": project,
"ontology": ontology,
"proxy": model_proxy,
"view_url_dirname": view_url_dirname,
"api_url_dirname": api_url_dirname,
"session_key": session_key,
"customization": model_customization,
"realization": model_realization,
"read_only": "false", # passing "false" instead of False b/c this is a JS variable
}
return render_to_response('questionnaire/q_edit.html', template_context, context_instance=context)
def q_edit_new(request, project_name=None, ontology_key=None, document_type=None):
# save any request parameters...
# (in case of redirection)
context = add_parameters_to_context(request)
# check the arguments...
validity, project, ontology, model_proxy, model_customization, msg = validate_view_arguments(
project_name=project_name,
ontology_key=ontology_key,
document_type=document_type
)
if not validity:
return q_error(request, msg)
# check authentication...
# (not using "@login_required" b/c some projects ignore authentication)
current_user = request.user
if project.authenticated:
if not current_user.is_authenticated():
next_page = "/login/?next=%s" % request.path
return HttpResponseRedirect(next_page)
if not is_user_of(current_user, project):
next_page = "/%s/" % project_name
msg = "You have tried to view a restricted resource for this project. Please consider joining."
messages.add_message(request, messages.WARNING, msg)
return HttpResponseRedirect(next_page)
# get (or set) realization objects from the cache...
session_key = get_key_from_request(request)
# # no need to cache customizations; I access them as needed during form creation
# # cached_customizations_key = "{0}_customizations".format(session_key)
# # model_customization = get_or_create_cached_object(request.session, cached_customizations_key,
# # get_existing_customizations,
# # **{
# # "project": project,
# # "ontology": ontology,
# # "model_proxy": model_proxy,
# # "customization_id": customization.id,
# # }
# # )
cached_realizations_key = "{0}_realizations".format(session_key)
model_realization = get_or_create_cached_object(request.session, cached_realizations_key,
get_new_realizations,
**{
"project": project,
"ontology": ontology,
"model_proxy": model_proxy,
"key": model_proxy.name,
"customization": model_customization,
}
)
if current_user.is_authenticated():
set_owner(model_realization, evaluate_lazy_object(current_user))
# TODO: THIS IS A ONE-OFF TO GET ME THROUGH THE MEDIUM-TERM
# TODO: IN THE LONG-TERM I OUGHT TO FIGURE OUT HOW TO AUTOMATICALLY WORK OUT HOW/WHEN TO SET "is_root"
# TODO: (MOST LIKELY IT SHOULD BE IN "Q.questionnaire.models.models_realizations.QModel#reset")
model_realization.is_root = True
# no need to generate any forms or formsets; I do that all via the load-on-demand paradigm
# work out the various paths,
# so that ng can reload things as needed
view_url = request.path
view_url_sections = [section for section in view_url.split('/') if section]
view_url_dirname = '/'.join(view_url_sections[:])
api_url = reverse("realization-list", kwargs={})
api_url_sections = [section for section in api_url.split('/') if section]
api_url_dirname = '/'.join(api_url_sections[:])
# gather all the extra information required by the template
_dict = {
"session_key": session_key,
"view_url_dirname": "/{0}/".format(view_url_dirname),
"api_url_dirname": "/{0}/".format(api_url_dirname),
"project": project,
"ontology": ontology,
"proxy": model_proxy,
"realization": model_realization,
"customization": model_customization,
"read_only": "false",
}
return render_to_response('questionnaire/q_edit.html', _dict, context_instance=context)
def q_edit_existing(request, project_name=None, ontology_key=None, document_type=None, realization_pk=None):
# save any request parameters...
# (in case of redirection)
context = add_parameters_to_context(request)
# check the arguments...
validity, project, ontology, model_proxy, model_customization, msg = validate_view_arguments(
project_name=project_name,
ontology_key=ontology_key,
document_type=document_type
)
if not validity:
return q_error(request, msg)
# check authentication...
# (not using "@login_required" b/c some projects ignore authentication)
current_user = request.user
if project.authenticated:
if not current_user.is_authenticated():
next_page = "/login/?next=%s" % request.path
return HttpResponseRedirect(next_page)
if not is_user_of(current_user, project):
next_page = "/%s/" % project_name
msg = "You have tried to view a restricted resource for this project. Please consider joining."
messages.add_message(request, messages.WARNING, msg)
return HttpResponseRedirect(next_page)
# get (or set) realization objects from the cache...
# note that unlike in "q_edit_new" above, this bit is enclosed in a try/catch block
# this is to deal w/ the possibility of an invalid realization_pk
try:
session_key = get_key_from_request(request)
cached_realizations_key = "{0}_realizations".format(session_key)
model_realization = get_or_create_cached_object(request.session, cached_realizations_key,
get_existing_realizations,
**{
"project": project,
"ontology": ontology,
"model_proxy": model_proxy,
"model_id": realization_pk,
}
)
except ObjectDoesNotExist:
msg = "Cannot find a document with an id of '{0}' for that project/ontology/model combination.".format(
realization_pk)
return q_error(request, msg)
# no need to generate any forms or formsets; I do that all via the load-on-demand paradigm
# work out the various paths,
# so that ng can reload things as needed
# (notice these are slightly different than in "q_edit_new" above
view_url = request.path
view_url_sections = [section for section in view_url.split('/') if section]
view_url_dirname = '/'.join(view_url_sections[:-1])
api_url = reverse("realization-detail", kwargs={"pk": model_realization.pk})
api_url_sections = [section for section in api_url.split('/') if section]
api_url_dirname = '/'.join(api_url_sections[:-1])
# gather all the extra information required by the template
_dict = {
"session_key": session_key,
"view_url_dirname": "/{0}/".format(view_url_dirname),
"api_url_dirname": "/{0}/".format(api_url_dirname),
"project": project,
"ontology": ontology,
"proxy": model_proxy,
"realization": model_realization,
"customization": model_customization,
"read_only": "false",
}
return render_to_response('questionnaire/q_edit.html', _dict, context_instance=context)
