def view_or_edit(request, pk=None, id_number=None, type_id=None,
revision_number=None, version_name=None, latest=False):
"""
Edit if user is the author, otherwise view
"""
revision = get_package_revision(pk, id_number, type_id,
revision_number, version_name, latest)
edit_available = True
if revision.package.deleted:
edit_available = False
if not request.user.is_authenticated():
raise Http404
try:
Package.objects.active_with_deleted(viewer=request.user).get(
pk=revision.package.pk)
except ObjectDoesNotExist:
raise Http404
if not revision.package.active:
if not request.user.is_authenticated():
raise Http404
try:
Package.objects.active_with_disabled(viewer=request.user).get(
pk=revision.package.pk)
except ObjectDoesNotExist:
raise Http404
if (edit_available
and request.user.is_authenticated()
and request.user.pk == revision.author.pk):
return edit(request, revision)
else:
return view(request, revision)
def package_add_attachment(r, id, type, revision_number=None, version_name=None):
"""
Add new attachment to the PackageRevision
"""
revision = get_package_revision(id, type, revision_number, version_name)
if r.user.pk != revision.author.pk:
return HttpResponseForbidden('You are not the author of this %s' % revision.package.get_type_name())
content = r.raw_post_data
path = r.META.get('HTTP_X_FILE_NAME', False)
if not path:
return HttpResponseServerError
filename, ext = os.path.splitext(path)
ext = ext.split('.')[1].lower() if ext else ''
upload_path = "%s_%s_%s.%s" % (revision.package.id_number, time.strftime("%m-%d-%H-%M-%S"), filename, ext)
handle = open(os.path.join(settings.UPLOAD_DIR, upload_path), 'w')
handle.write(content)
handle.close()
attachment = revision.attachment_create(
author=r.user,
filename=filename,
ext=ext,
path=upload_path
)
return render_to_response("json/attachment_added.json",
{'revision': revision, 'attachment': attachment},
context_instance=RequestContext(r),
mimetype='application/json')
def package_remove_attachment(r, id_number, type_id, revision_number):
"""
Remove attachment from PackageRevision
"""
revision = get_package_revision(id_number, type_id, revision_number)
if r.user.pk != revision.author.pk:
return HttpResponseForbidden('You are not the author of this Package')
filename = r.POST.get('filename', '').strip()
attachments = revision.attachments.all()
attachment_found = False
for att in attachments:
if att.get_filename() == filename:
attachment = att
attachment_found = True
if not attachment_found:
return HttpResponseForbidden(
'There is no such attachment in %s' % escape(
revision.package.full_name))
revision.attachment_remove(attachment)
return render_to_response("json/attachment_removed.json",
{'revision': revision, 'attachment': attachment},
context_instance=RequestContext(r),
mimetype='application/json')
def package_remove_module(r, id_number, type_id, revision_number):
"""
Remove module from PackageRevision
"""
revision = get_package_revision(id_number, type_id, revision_number)
if r.user.pk != revision.author.pk:
return HttpResponseForbidden('You are not the author of this Package')
filename = r.POST.get('filename')
modules = revision.modules.all()
module_found = False
for mod in modules:
if mod.filename == filename:
module = mod
module_found = True
if not module_found:
return HttpResponseForbidden(
'There is no such module in %s' % escape(
revision.package.full_name))
revision.module_remove(module)
return render_to_response("json/module_removed.json",
{'revision': revision, 'module': module},
context_instance=RequestContext(r),
mimetype='application/json')
def package_add_module(r, id_number, type_id,
revision_number=None, version_name=None):
"""
Add new module to the PackageRevision
"""
revision = get_package_revision(id_number, type_id, revision_number,
version_name)
if r.user.pk != revision.author.pk:
return HttpResponseForbidden(
'You are not the author of this %s' % escape(
revision.package.get_type_name()))
filename = slugify(r.POST.get('filename'))
mod = Module(
filename=filename,
author=r.user,
code="""// %s.js - %s's module
// author: %s""" % (filename, revision.package.full_name, r.user.get_profile())
)
try:
mod.save()
revision.module_add(mod)
except FilenameExistException, err:
mod.delete()
return HttpResponseForbidden(escape(str(err)))
def package_copy(r, id, type, revision_number=None, version_name=None):
"""
Copy package - create a duplicate of the Package, set author as current user
"""
revision = get_package_revision(id, type, revision_number, version_name)
""" it may be useful to copy your own package ...
if r.user.pk == revision.author.pk:
return HttpResponseForbidden('You are the author of this %s' % revision.package.get_type_name())
"""
try:
package = Package.objects.get(
full_name=revision.package.get_copied_full_name(),
author__username=r.user.username
)
return HttpResponseForbidden(
'You already have a %s with that name' % revision.package.get_type_name()
)
except:
package = revision.package.copy(r.user)
revision.save_new_revision(package)
return render_to_response("json/%s_copied.json" % package.get_type_name(),
{'revision': revision},
context_instance=RequestContext(r),
mimetype='application/json')
def add_empty_attachment(request, id_number, type_id,
revision_number=None, version_name=None):
""" Add new empty attachment to the PackageRevision
"""
revision = get_package_revision(None, id_number, type_id, revision_number,
version_name)
if request.user.pk != revision.author.pk:
log_msg = ("[security] Attempt to add attachment to package (%s) by "
"non-owner (%s)" % (id_number, request.user))
log.warning(log_msg)
return HttpResponseForbidden(
'You are not the author of this %s' % escape(
revision.package.get_type_name()))
filename = request.POST.get('filename', False)
if not filename:
log_msg = 'Path not found: %s, package: %s.' % (
filename, id_number)
log.error(log_msg)
return HttpResponseServerError('Path not found.')
try:
attachment = revision.attachment_create_by_filename(request.user,
filename, '')
except ValidationError, e:
return HttpResponseForbidden(
'Validation errors.\n%s' % parse_validation_messages(e))
def add_empty_attachment(request,
id_number,
type_id,
revision_number=None,
version_name=None):
""" Add new empty attachment to the PackageRevision
"""
revision = get_package_revision(None, id_number, type_id, revision_number,
version_name)
if request.user.pk != revision.author.pk:
log_msg = ("[security] Attempt to add attachment to package (%s) by "
"non-owner (%s)" % (id_number, request.user))
log.warning(log_msg)
return HttpResponseForbidden('You are not the author of this %s' %
escape(revision.package.get_type_name()))
filename = request.POST.get('filename', False)
if not filename:
log_msg = 'Path not found: %s, package: %s.' % (filename, id_number)
log.error(log_msg)
return HttpResponseServerError('Path not found.')
try:
attachment = revision.attachment_create_by_filename(
request.user, filename, '')
except ValidationError, e:
return HttpResponseForbidden('Validation errors.\n%s' %
parse_validation_messages(e))
def add_module(request, id_number, type_id, revision_number=None,
version_name=None):
"""
Add new module to the PackageRevision
"""
revision = get_package_revision(id_number, type_id, revision_number,
version_name)
if request.user.pk != revision.author.pk:
log_msg = ("[security] Attempt to add a module to package (%s) by "
"non-owner (%s)" % (id_number, request.user))
log.warning(log_msg)
return HttpResponseForbidden(
'You are not the author of this %s' % escape(
revision.package.get_type_name()))
filename = pathify(request.POST.get('filename'))
mod = Module(
filename=filename,
author=request.user,
code="""// %s.js - %s's module
// author: %s""" % (filename, revision.package.full_name,
request.user.get_profile())
)
try:
mod.save()
revision.module_add(mod)
except FilenameExistException, err:
mod.delete()
return HttpResponseForbidden(escape(str(err)))
def package_copy(r, id_number, type_id,
revision_number=None, version_name=None):
"""
Copy package - create a duplicate of the Package, set user as author
"""
source = get_package_revision(id_number, type_id, revision_number,
version_name)
try:
package = Package.objects.get(
full_name=source.package.get_copied_full_name(),
author__username=r.user.username
)
except Package.DoesNotExist:
package = source.package.copy(r.user)
source.save_new_revision(package)
return render_to_response(
"json/%s_copied.json" % package.get_type_name(),
{'revision': source},
context_instance=RequestContext(r),
mimetype='application/json')
return HttpResponseForbidden('You already have a %s with that name' %
escape(source.package.get_type_name()))
def upload_attachments(request, id_number, type_id,
revision_number=None, version_name=None):
""" Upload new attachments to the PackageRevision
"""
revision = get_package_revision(None, id_number, type_id, revision_number,
version_name)
if request.user.pk != revision.author.pk:
log_msg = ("[security] Attempt to upload attachment to package (%s) "
"by non-owner (%s)" % (id_number, request.user))
log.warning(log_msg)
return HttpResponseForbidden(
'You are not the author of this %s' % escape(
revision.package.get_type_name()))
content = request.raw_post_data
filename = request.META.get('HTTP_X_FILE_NAME')
if not filename:
log_msg = 'Path not found: %s, package: %s.' % (
filename, id_number)
log.error(log_msg)
return HttpResponseServerError('Path not found.')
try:
attachment = revision.attachment_create_by_filename(
request.user, filename, content)
except ValidationError, e:
return HttpResponseForbidden(
'Validation errors.\n%s' % parse_validation_messages(e))
def package_assign_library(r, id, type, revision_number=None, version_name=None):
" assign library to the package "
revision = get_package_revision(id, type, revision_number, version_name)
if r.user.pk != revision.author.pk:
return HttpResponseForbidden('You are not the author of this Package')
library = get_object_or_404(Package, type='l', id_number=r.POST['id_number'])
if r.POST.get('use_latest_version', False):
lib_revision = library.version
else:
lib_revision = library.latest
try:
revision.dependency_add(lib_revision)
except Exception as err:
return HttpResponseForbidden(err.__str__())
lib_revision_url = lib_revision.get_edit_url() \
if r.user.pk == lib_revision.pk \
else lib_revision.get_absolute_url()
return render_to_response('json/library_assigned.json',
locals(),
context_instance=RequestContext(r),
mimetype='application/json')
def remove_module(request, id_number, type_id, revision_number):
"""
Remove module from PackageRevision
"""
revision = get_package_revision(id_number, type_id, revision_number)
if request.user.pk != revision.author.pk:
log_msg = ("[security] Attempt to remove a module from package (%s) "
"by non-owner (%s)" % (id_number, request.user))
log.warning(log_msg)
return HttpResponseForbidden('You are not the author of this Package')
filenames = request.POST.get('filename').split(',')
revision.add_commit_message('module removed')
try:
removed_modules, removed_dirs = revision.modules_remove_by_path(
filenames)
except Module.DoesNotExist:
log_msg = 'Attempt to delete a non existing module(s) %s from %s.' % (
str(filenames), id_number)
log.warning(log_msg)
return HttpResponseForbidden(
'There is no such module in %s' % escape(
revision.package.full_name))
return render_json(request,
"json/module_removed.json",
{'revision': revision,
'removed_modules': simplejson.dumps(removed_modules),
'removed_dirs': simplejson.dumps(removed_dirs)})
def package_add_module(r, id_number, type_id, revision_number=None, version_name=None):
"""
Add new module to the PackageRevision
"""
revision = get_package_revision(id_number, type_id, revision_number, version_name)
if r.user.pk != revision.author.pk:
log_msg = "User %s wanted to add a module to not his own Package %s." % (r.user, id_number)
log = commonware.log.getLogger("f.jetpack")
log.debug(log_msg)
return HttpResponseForbidden("You are not the author of this %s" % escape(revision.package.get_type_name()))
filename = slugify(r.POST.get("filename"))
mod = Module(
filename=filename,
author=r.user,
code="""// %s.js - %s's module
// author: %s"""
% (filename, revision.package.full_name, r.user.get_profile()),
)
try:
mod.save()
revision.module_add(mod)
except FilenameExistException, err:
mod.delete()
return HttpResponseForbidden(escape(str(err)))
def upload_attachments(request,
id_number,
type_id,
revision_number=None,
version_name=None):
""" Upload new attachments to the PackageRevision
"""
revision = get_package_revision(None, id_number, type_id, revision_number,
version_name)
if request.user.pk != revision.author.pk:
log_msg = ("[security] Attempt to upload attachment to package (%s) "
"by non-owner (%s)" % (id_number, request.user))
log.warning(log_msg)
return HttpResponseForbidden('You are not the author of this %s' %
escape(revision.package.get_type_name()))
content = request.raw_post_data
filename = request.META.get('HTTP_X_FILE_NAME')
if not filename:
log_msg = 'Path not found: %s, package: %s.' % (filename, id_number)
log.error(log_msg)
return HttpResponseServerError('Path not found.')
try:
attachment = revision.attachment_create_by_filename(
request.user, filename, content)
except ValidationError, e:
return HttpResponseForbidden('Validation errors.\n%s' %
parse_validation_messages(e))
def remove_attachment(request, id_number, type_id, revision_number):
"""
Remove attachment from PackageRevision
"""
revision = get_package_revision(id_number, type_id, revision_number)
if request.user.pk != revision.author.pk:
log_msg = ("[security] Attempt to remove attachment from package (%s) "
"by non-owner (%s)" % (id_number, request.user))
log.warning(log_msg)
return HttpResponseForbidden('You are not the author of this Package')
uid = request.POST.get('uid', '').strip()
attachment = get_object_with_related_or_404(Attachment,
pk=uid, revisions=revision)
if not attachment:
log_msg = ('Attempt to remove a non existing attachment. attachment: '
'%s, package: %s.' % (uid, id_number))
log.warning(log_msg)
return HttpResponseForbidden(
'There is no such attachment in %s' % escape(
revision.package.full_name))
revision.attachment_remove(attachment)
return render_json(request,
"json/attachment_removed.json",
{'revision': revision, 'attachment': attachment})
def package_remove_attachment(r, id_number, type_id, revision_number):
"""
Remove attachment from PackageRevision
"""
revision = get_package_revision(id_number, type_id, revision_number)
if r.user.pk != revision.author.pk:
log_msg = ("[security] Attempt to remove attachment from package (%s) "
"by non-owner (%s)" % (id_number, r.user))
log.warning(log_msg)
return HttpResponseForbidden('You are not the author of this Package')
uid = r.POST.get('uid', '').strip()
attachment = Attachment.objects.get(pk=uid, revisions=revision)
if not attachment:
log_msg = ('Attempt to remove a non existing attachment. attachment: '
'%s, package: %s.' % (uid, id_number))
log.warning(log_msg)
return HttpResponseForbidden(
'There is no such attachment in %s' % escape(
revision.package.full_name))
revision.attachment_remove(attachment)
return render_to_response("json/attachment_removed.json",
{'revision': revision, 'attachment': attachment},
context_instance=RequestContext(r),
mimetype='application/json')
def package_upload_attachment(r, id_number, type_id,
revision_number=None, version_name=None):
""" Upload new attachment to the PackageRevision
"""
revision = get_package_revision(id_number, type_id, revision_number,
version_name)
if r.user.pk != revision.author.pk:
log_msg = ("[security] Attempt to upload attachment to package (%s) "
"by non-owner (%s)" % (id_number, r.user))
log.warning(log_msg)
return HttpResponseForbidden(
'You are not the author of this %s' \
% escape(revision.package.get_type_name()))
file = r.FILES.get('upload_attachment')
filename = r.META.get('HTTP_X_FILE_NAME')
if not file:
log_msg = 'Path not found: %s, package: %s.' % (
filename, id_number)
log.error(log_msg)
return HttpResponseServerError('Path not found.')
content = file.read()
try:
attachment = revision.attachment_create_by_filename(
r.user, filename, content)
except ValidationError, e:
return HttpResponseForbidden('Validation errors.')
def package_latest_dependencies(r, id_number, type_id, revision_number):
revision = get_package_revision(id_number, type_id, revision_number)
out_of_date = revision.get_outdated_dependency_versions()
return render_to_response('json/latest_dependencies.json',
{'revisions': out_of_date},
context_instance=RequestContext(r),
mimetype='application/json')
def package_details(r, id, type, revision_number=None, version_name=None, latest=False):
"""
Show package - read only
"""
revision = get_package_revision(id, type, revision_number, version_name, latest)
libraries = revision.dependencies.all()
library_counter = len(libraries)
if revision.package.is_addon():
corelibrary = Package.objects.get(id_number=settings.MINIMUM_PACKAGE_ID)
corelibrary = corelibrary.latest
library_counter += 1
readonly = True
return render_to_response("%s_view.html" % revision.package.get_type_name(), locals(),
context_instance=RequestContext(r))
def package_rename_module(r, id_number, type_id, revision_number):
"""
Rename a module in a PackageRevision
"""
revision = get_package_revision(id_number, type_id, revision_number)
if r.user.pk != revision.author.pk:
log_msg = ("[security] Attempt to rename a module to package (%s) by "
"non-owner (%s)" % (id_number, r.user))
log.warning(log_msg)
return HttpResponseForbidden('You are not the author of this Package')
old_name = r.POST.get('old_filename')
new_name = r.POST.get('new_filename')
if old_name == 'main':
return HttpResponseForbidden(
'Sorry, you cannot change the name of the main module.'
)
if not revision.validate_module_filename(new_name):
return HttpResponseForbidden(
('Sorry, there is already a module in your add-on '
'with the name "%s". Each module in your add-on '
'needs to have a unique name.') % new_name
)
modules = revision.modules.all()
module = None
for mod in modules:
if mod.filename == old_name:
module = mod
if not module:
log_msg = 'Attempt to rename a non existing module %s from %s.' % (
old_name, id_number)
log.warning(log_msg)
return HttpResponseForbidden(
'There is no such module in %s' % escape(
revision.package.full_name))
module.filename = new_name
revision.add_commit_message('module renamed')
revision.update(module)
return render_to_response("json/module_renamed.json",
{'revision': revision, 'module': module},
context_instance=RequestContext(r),
mimetype='application/json')
def package_remove_library(r, id_number, type_id, revision_number):
" remove dependency from the library provided via POST "
revision = get_package_revision(id_number, type_id, revision_number)
if r.user.pk != revision.author.pk:
return HttpResponseForbidden(
'You are not the author of this %s' % escape(
revision.package.get_type_name()))
lib_id_number = r.POST.get('id_number')
library = get_object_or_404(Package, id_number=lib_id_number)
try:
revision.dependency_remove_by_id_number(lib_id_number)
except Exception, err:
return HttpResponseForbidden(escape(err.__unicode__()))
def package_remove_library(r, id_number, type_id, revision_number):
" remove dependency from the library provided via POST "
revision = get_package_revision(id_number, type_id, revision_number)
if r.user.pk != revision.author.pk:
log_msg = "Unauthorised attempt to remove a library. user: %s, package: %s." % (r.user, id_number)
log = commonware.log.getLogger("f.jetpack")
log.debug(log_msg)
return HttpResponseForbidden("You are not the author of this %s" % escape(revision.package.get_type_name()))
lib_id_number = r.POST.get("id_number")
library = get_object_or_404(Package, id_number=lib_id_number)
try:
revision.dependency_remove_by_id_number(lib_id_number)
except Exception, err:
return HttpResponseForbidden(escape(err.__unicode__()))
def package_switch_sdk(r, id_number, revision_number):
" switch SDK used to create XPI - sdk_id from POST "
revision = get_package_revision(id_number, 'a', revision_number)
if r.user.pk != revision.author.pk:
return HttpResponseForbidden('You are not the author of this Add-on')
sdk_id = r.POST.get('id', None)
sdk = SDK.objects.get(id=sdk_id)
revision.sdk = sdk
revision.save()
return render_to_response("json/sdk_switched.json",
{'revision': revision, 'sdk': sdk,
'sdk_lib': revision.get_sdk_revision()
},
context_instance=RequestContext(r),
mimetype='application/json')
def package_switch_sdk(r, id_number, revision_number):
" switch SDK used to create XPI - sdk_id from POST "
revision = get_package_revision(id_number, "a", revision_number)
if r.user.pk != revision.author.pk:
return HttpResponseForbidden("You are not the author of this Add-on")
sdk_id = r.POST.get("id", None)
sdk = SDK.objects.get(id=sdk_id)
revision.sdk = sdk
revision.save()
sdk_lib_package = sdk.kit_lib.package if sdk.kit_lib else sdk.core_lib.package
return render_to_response(
"json/sdk_switched.json",
{"revision": revision, "sdk": sdk, "sdk_lib": revision.get_sdk_revision()},
context_instance=RequestContext(r),
mimetype="application/json",
)
def remove_library(request, id_number, type_id, revision_number):
" remove dependency from the library provided via POST "
revision = get_package_revision(id_number, type_id, revision_number)
if request.user.pk != revision.author.pk:
log_msg = ("[security] Attempt to remove library from package (%s) by "
"non-owner (%s)" % (id_number, request.user))
log.warning(log_msg)
return HttpResponseForbidden(
'You are not the author of this %s' % escape(
revision.package.get_type_name()))
lib_id_number = request.POST.get('id_number')
library = get_object_or_404(Package, id_number=lib_id_number)
try:
revision.dependency_remove_by_id_number(lib_id_number)
except Exception, err:
return HttpResponseForbidden(escape(err.__str__()))
def package_add_folder(r, id_number, type_id, revision_number):
" adds an EmptyDir to a revision "
revision = get_package_revision(id_number, type_id, revision_number)
if r.user.pk != revision.author.pk:
log_msg = ("[security] Attempt to add a folder to package (%s) by "
"non-owner (%s)" % (id_number, r.user))
log.warning(log_msg)
return HttpResponseForbidden('You are not the author of this Package')
foldername, root = r.POST.get('name', ''), r.POST.get('root_dir')
dir = EmptyDir(name=foldername, author=r.user, root_dir=root)
try:
dir.save()
revision.folder_add(dir)
except FilenameExistException, err:
dir.delete()
return HttpResponseForbidden(escape(str(err)))
def package_remove_library(r, id, type, revision_number):
" remove dependency from the library provided via POST "
revision = get_package_revision(id, type, revision_number)
if r.user.pk != revision.author.pk:
return HttpResponseForbidden('You are not the author of this %s' % revision.package.get_type_name())
id_number = r.POST.get('id_number')
library = get_object_or_404(Package, id_number=id_number)
try:
revision.dependency_remove_by_id_number(id_number)
except Exception as err:
return HttpResponseForbidden(err.__unicode__())
return render_to_response('json/dependency_removed.json',
{'revision': revision, 'library': library},
context_instance=RequestContext(r),
mimetype='application/json')
def package_assign_library(r, id_number, type_id, revision_number=None, version_name=None):
" assign library to the package "
revision = get_package_revision(id_number, type_id, revision_number, version_name)
if r.user.pk != revision.author.pk:
log_msg = "Unauthorised attempt to assign library. user: %s, package: %s." % (r.user, id_number)
log = commonware.log.getLogger("f.jetpack")
log.debug(log_msg)
return HttpResponseForbidden("You are not the author of this Package")
library = get_object_or_404(Package, type="l", id_number=r.POST["id_number"])
if r.POST.get("use_latest_version", False):
lib_revision = library.version
else:
lib_revision = library.latest
try:
revision.dependency_add(lib_revision)
except Exception, err:
return HttpResponseForbidden(escape(err.__str__()))
def package_assign_library(r, id_number, type_id,
revision_number=None, version_name=None):
" assign library to the package "
revision = get_package_revision(id_number, type_id, revision_number,
version_name)
if r.user.pk != revision.author.pk:
return HttpResponseForbidden('You are not the author of this Package')
library = get_object_or_404(
Package, type='l', id_number=r.POST['id_number'])
if r.POST.get('use_latest_version', False):
lib_revision = library.version
else:
lib_revision = library.latest
try:
revision.dependency_add(lib_revision)
except Exception, err:
return HttpResponseForbidden(escape(err.__str__()))
def package_update_library(r, id_number, type_id, revision_number):
" update a dependency to a certain version "
revision = get_package_revision(id_number, type_id, revision_number)
if r.user.pk != revision.author.pk:
log_msg = ("[security] Attempt to update library in package (%s) by "
"non-owner (%s)" % (id_number, r.user))
log.warning(log_msg)
return HttpResponseForbidden(
'You are not the author of this %s' % escape(
revision.package.get_type_name()))
lib_id_number = r.POST.get('id_number')
lib_revision = r.POST.get('revision')
library = get_object_or_404(PackageRevision, pk=lib_revision, package__id_number=lib_id_number)
try:
revision.dependency_update(library)
except DependencyException, err:
return HttpResponseForbidden(escape(err.__str__()))
def switch_sdk(request, id_number, revision_number):
" switch SDK used to create XPI - sdk_id from POST "
revision = get_package_revision(id_number, 'a', revision_number)
if request.user.pk != revision.author.pk:
return HttpResponseForbidden('You are not the author of this Add-on')
sdk_id = request.POST.get('id', None)
sdk = SDK.objects.get(id=sdk_id)
old_sdk = revision.sdk
log.info('Addon %s (%s) switched from Add-on Kit version %s to %s' % (
revision.package.full_name, revision.package.id_number,
old_sdk.version, sdk.version))
revision.sdk = sdk
revision.add_commit_message('Switched to Add-on Kit %s' % sdk.version)
revision.save()
return render_json(request,
"json/sdk_switched.json",
{'revision': revision, 'sdk': sdk,
'sdk_lib': revision.get_sdk_revision()})
def view_or_edit(request,
pk=None,
id_number=None,
type_id=None,
revision_number=None,
version_name=None,
latest=False):
"""
Edit if user is the author, otherwise view
"""
revision = get_package_revision(pk, id_number, type_id, revision_number,
version_name, latest)
edit_available = not waffle.switch_is_active('read_only')
if revision.package.deleted:
edit_available = False
if not request.user.is_authenticated():
raise Http404
try:
Package.objects.active_with_deleted(viewer=request.user).get(
pk=revision.package.pk)
except ObjectDoesNotExist:
raise Http404
if not revision.package.active:
if not request.user.is_authenticated():
raise Http404
try:
Package.objects.active_with_disabled(viewer=request.user).get(
pk=revision.package.pk)
except ObjectDoesNotExist:
raise Http404
if (edit_available and request.user.is_authenticated()
and request.user.pk == revision.author.pk):
return edit(request, revision)
else:
return view(request, revision)
