def locations_import_preview(request, id, template_name='locations/import-map-fields.html'):
"""
This will generate a form based on the uploaded CSV for field mapping.
A preview will be generated based on the mapping given.
"""
locport = get_object_or_404(LocationImport, pk=id)
if request.method == 'POST':
form = ImportMapForm(request.POST, locport=locport)
if form.is_valid():
# Show the user a preview based on the mapping
cleaned_data = form.cleaned_data
#file_path = os.path.join(settings.MEDIA_ROOT, locport.get_file().file.name)
file_path = locport.get_file().file.name
locations, stats = parse_locs_from_csv(file_path, cleaned_data)
# return the form to use it for the confirm view
template_name = 'locations/import-preview.html'
return render_to_response(template_name, {
'locations': locations,
'stats': stats,
'locport': locport,
'form': form,
'now': datetime.now(),
}, context_instance=RequestContext(request))
else:
form = ImportMapForm(locport=locport)
return render_to_response(template_name, {
'form': form,
'locport': locport,
'now': datetime.now(),
}, context_instance=RequestContext(request))
def delete(request, id, template_name="directories/delete.html"):
directory = get_object_or_404(Directory, pk=id)
if has_perm(request.user,'directories.delete_directory'):
if request.method == "POST":
msg_string = 'Successfully deleted %s' % directory
messages.add_message(request, messages.SUCCESS, _(msg_string))
# send notification to administrators
recipients = get_notice_recipients('module', 'directories', 'directoryrecipients')
if recipients:
if notification:
extra_context = {
'object': directory,
'request': request,
}
notification.send_emails(recipients,'directory_deleted', extra_context)
directory.delete()
return HttpResponseRedirect(reverse('directory.search'))
return render_to_response(template_name, {'directory': directory},
context_instance=RequestContext(request))
else:
raise Http403
def directory_export(request, template_name="directories/export.html"):
"""Export Directories"""
if not request.user.profile.is_superuser:
raise Http403
form = DirectoryExportForm(request.POST or None)
if request.method == "POST" and form.is_valid():
export_fields = form.cleaned_data['export_fields']
export_status_detail = form.cleaned_data['export_status_detail']
identifier = int(time.time())
temp_file_path = 'export/directories/%s_temp.csv' % identifier
default_storage.save(temp_file_path, ContentFile(''))
# start the process
subprocess.Popen(["python", "manage.py",
"directory_export_process",
'--export_fields=%s' % export_fields,
'--export_status_detail=%s' % export_status_detail,
'--identifier=%s' % identifier,
'--user=%s' % request.user.id])
# log an event
EventLog.objects.log()
return HttpResponseRedirect(reverse('directory.export_status', args=[identifier]))
context = {'form': form}
return render_to_response(template_name, context, RequestContext(request))
def edit_meta(request, id, form_class=MetaForm, template_name="directories/edit-meta.html"):
directory = get_object_or_404(Directory, pk=id)
if not has_perm(request.user, 'directories.change_directory', directory):
raise Http403
defaults = {
'title': directory.get_title(),
'description': directory.get_description(),
'keywords': directory.get_keywords(),
'canonical_url': directory.get_canonical_url(),
}
directory.meta = MetaTags(**defaults)
if request.method == "POST":
form = form_class(request.POST, instance=directory.meta)
if form.is_valid():
directory.meta = form.save() # save meta
directory.save() # save relationship
msg_string = 'Successfully updated meta for %s' % directory
messages.add_message(request, messages.SUCCESS, _(msg_string))
return HttpResponseRedirect(reverse('directory', args=[directory.slug]))
else:
form = form_class(instance=directory.meta)
return render_to_response(template_name, {'directory': directory, 'form':form},
context_instance=RequestContext(request))
def export(request, template_name="locations/export.html"):
"""Export Locations"""
if not request.user.is_superuser:
raise Http403
if request.method == 'POST':
# initilize initial values
fields = [
'guid',
'location_name',
'description',
'contact',
'address',
'address2',
'city',
'state',
'zipcode',
'country',
'phone',
'fax',
'email',
'website',
'latitude',
'longitude',
'hq',
'entity',
]
export_id = run_export_task('locations', 'location', fields)
EventLog.objects.log()
return redirect('export.status', export_id)
return render_to_response(template_name, {
}, context_instance=RequestContext(request))
def detail(request, slug=None, template_name="news/view.html"):
if not slug:
return HttpResponseRedirect(reverse('news.search'))
news = get_object_or_404(News, slug=slug)
# non-admin can not view the non-active content
# status=0 has been taken care of in the has_perm function
if (news.status_detail).lower() != 'active' and (not request.user.profile.is_superuser):
raise Http403
# check permission
if not has_perm(request.user, 'news.view_news', news):
raise Http403
#check for release date if it's in the future or not
if not news.is_released:
if not request.user.is_authenticated():
raise Http404
if not request.user.profile.is_superuser:
raise Http403
EventLog.objects.log(instance=news)
return render_to_response(template_name, {'news': news},
context_instance=RequestContext(request))
def search(request, template_name="news/search.html"):
query = request.GET.get('q', None)
form = NewsSearchForm(request.GET)
if form.is_valid():
try:
news_group = int(form.cleaned_data.get('news_group', None))
except:
news_group = None
if get_setting('site', 'global', 'searchindex') and query:
news = News.objects.search(query, user=request.user)
# use order (existing for all modules) for sorting cause the current
# haystack + whoosh cannot sort by release_dt correctly
news = news.order_by('-order')
else:
filters = get_query_filters(request.user, 'news.view_news')
news = News.objects.filter(filters).distinct()
news = news.order_by('-release_dt')
if news_group:
news = news.filter(groups__in=[news_group])
if not has_perm(request.user, 'news.view_news'):
news = news.filter(release_dt_local__lte=datetime.now())
EventLog.objects.log()
return render_to_response(template_name, {'search_news': news,
'form': form},
context_instance=RequestContext(request))
def edit(request, id, form_class=DirectoryForm, template_name="directories/edit.html"):
directory = get_object_or_404(Directory, pk=id)
if not has_perm(request.user,'directories.change_directory', directory):
raise Http403
form = form_class(request.POST or None, request.FILES or None,
instance=directory,
user=request.user)
del form.fields['payment_method']
if not request.user.profile.is_superuser:
del form.fields['pricing']
del form.fields['list_type']
if request.method == "POST":
if form.is_valid():
directory = form.save(commit=False)
if directory.logo:
try:
directory.logo.file.seek(0)
except IOError:
directory.logo = None
# update all permissions and save the model
directory = update_perms_and_save(request, form, directory)
msg_string = 'Successfully updated %s' % directory
messages.add_message(request, messages.SUCCESS, _(msg_string))
return HttpResponseRedirect(reverse('directory', args=[directory.slug]))
return render_to_response(template_name, {'directory': directory, 'form':form},
context_instance=RequestContext(request))
def edit_meta(request, id, form_class=MetaForm, template_name="resumes/edit-meta.html"):
# check permission
resume = get_object_or_404(Resume, pk=id)
if not has_perm(request.user,'resumes.change_resume',resume):
raise Http403
defaults = {
'title': resume.get_title(),
'description': resume.get_description(),
'keywords': resume.get_keywords(),
'canonical_url': resume.get_canonical_url(),
}
resume.meta = MetaTags(**defaults)
if request.method == "POST":
form = form_class(request.POST, instance=resume.meta)
if form.is_valid():
resume.meta = form.save() # save meta
resume.save() # save relationship
messages.add_message(request, messages.SUCCESS, _('Successfully updated meta for %(r)s' % { 'r':resume}))
return HttpResponseRedirect(reverse('resume', args=[resume.slug]))
else:
form = form_class(instance=resume.meta)
return render_to_response(template_name, {'resume': resume, 'form':form},
context_instance=RequestContext(request))
def approve(request, id, template_name="resumes/approve.html"):
if not request.user.profile.is_superuser:
raise Http403
resume = get_object_or_404(Resume, pk=id)
if request.method == "POST":
resume.activation_dt = datetime.now()
resume.allow_anonymous_view = True
resume.status = True
resume.status_detail = 'active'
if not resume.creator:
resume.creator = request.user
resume.creator_username = request.user.username
if not resume.owner:
resume.owner = request.user
resume.owner_username = request.user.username
resume.save()
messages.add_message(request, messages.SUCCESS, _('Successfully approved %(r)s' % {'r':resume}))
return HttpResponseRedirect(reverse('resume', args=[resume.slug]))
return render_to_response(template_name, {'resume': resume},
context_instance=RequestContext(request))
def delete(request, id, template_name="files/delete.html"):
file = get_object_or_404(File, pk=id)
# check permission
if not has_perm(request.user, 'files.delete_file'):
raise Http403
if request.method in ["POST", 'DELETE']:
# reassign owner to current user
file.owner = request.user
file.owner_username = request.user.username
file.save()
file.delete()
if request.method == 'DELETE':
# used by tinymce upload
return HttpResponse('true')
if 'ajax' in request.POST:
return HttpResponse('Ok')
else:
return HttpResponseRedirect(reverse('file.search'))
return render_to_response(
template_name, {
'file': file
}, context_instance=RequestContext(request))
def delete(request, id, template_name="news/delete.html"):
news = get_object_or_404(News, pk=id)
# check permission
if not has_perm(request.user, 'news.delete_news'):
raise Http403
if request.method == "POST":
msg_string = 'Successfully deleted %s' % unicode(news)
messages.add_message(request, messages.SUCCESS, _(msg_string))
# send notification to administrators
recipients = get_notice_recipients('module', 'news', 'newsrecipients')
if recipients:
if notification:
extra_context = {
'object': news,
'request': request,
}
notification.send_emails(recipients, 'news_deleted', extra_context)
news.delete()
return HttpResponseRedirect(reverse('news.search'))
return render_to_response(template_name, {'news': news},
context_instance=RequestContext(request))
def edit_meta(request, id, form_class=MetaForm, template_name="news/edit-meta.html"):
# check permission
news = get_object_or_404(News, pk=id)
if not has_perm(request.user, 'news.change_news', news):
raise Http403
defaults = {
'title': news.get_title(),
'description': news.get_description(),
'keywords': news.get_keywords(),
'canonical_url': news.get_canonical_url(),
}
news.meta = MetaTags(**defaults)
if request.method == "POST":
form = form_class(request.POST, instance=news.meta)
if form.is_valid():
news.meta = form.save() # save meta
news.save() # save relationship
msg_string = 'Successfully updated meta for %s' % unicode(news)
messages.add_message(request, messages.SUCCESS, _(msg_string))
return HttpResponseRedirect(reverse('news.detail', args=[news.slug]))
else:
form = form_class(instance=news.meta)
return render_to_response(template_name, {'news': news, 'form': form},
context_instance=RequestContext(request))
def photoset_zip(request, id, template_name="photos/photo-set/zip.html"):
""" Generate zip file for the entire photo set
for admins only.
"""
photo_set = get_object_or_404(PhotoSet, id=id)
#admin only
if not request.user.profile.is_superuser:
raise Http403
file_path = ""
task_id = ""
if not settings.CELERY_IS_ACTIVE:
task = ZipPhotoSetTask()
file_path = task.run(photo_set)
else:
task = ZipPhotoSetTask.delay(photo_set)
task_id = task.task_id
return render_to_response(template_name, {
"photo_set": photo_set,
"task_id":task_id,
"file_path":file_path,
}, context_instance=RequestContext(request))
def photoset_details(request, id, template_name="photos/photo-set/details.html"):
""" View photos in photo set """
photo_set = get_object_or_404(PhotoSet, id=id)
if not has_view_perm(request.user, 'photos.view_photoset', photo_set):
raise Http403
order = get_setting('module', 'photos', 'photoordering')
#if order == 'descending':
# photos = photo_set.get_images(user=request.user).order_by('-pk')
#else:
# photos = photo_set.get_images(user=request.user).order_by('pk')
photos = photo_set.get_images(user=request.user).order_by("position")
EventLog.objects.log(**{
'event_id': 991500,
'event_data': '%s (%d) viewed by %s' % (photo_set._meta.object_name, photo_set.pk, request.user),
'description': '%s viewed' % photo_set._meta.object_name,
'user': request.user,
'request': request,
'instance': photo_set,
})
return render_to_response(template_name, {
"photos": photos,
"photo_set": photo_set,
}, context_instance=RequestContext(request))
def photoset_add(request, form_class=PhotoSetAddForm, template_name="photos/photo-set/add.html"):
""" Add a photo set """
# if no permission; permission exception
if not has_perm(request.user,'photos.add_photoset'):
raise Http403
if request.method == "POST":
if request.POST["action"] == "add":
form = form_class(request.POST, user=request.user)
if form.is_valid():
photo_set = form.save(commit=False)
photo_set.author = request.user
# update all permissions and save the model
photo_set = update_perms_and_save(request, form, photo_set)
checklist_update('add-album')
messages.add_message(request, messages.SUCCESS, _('Successfully added photo set!'))
return HttpResponseRedirect(reverse('photos_batch_add', kwargs={'photoset_id':photo_set.id}))
else:
form = form_class(user=request.user)
return render_to_response(template_name, {
"photoset_form": form,
}, context_instance=RequestContext(request))
def tinymce_fb(request, template_name="files/templates/tinymce_fb.html"):
"""
Get a list of files (images) for tinymce file browser.
"""
query = u''
try:
page_num = int(request.GET.get('page', 1))
except:
page_num = 1
form = FileSearchMinForm(request.GET)
if form.is_valid():
query = form.cleaned_data.get('q', '')
filters = get_query_filters(request.user, 'files.view_file')
files = File.objects.filter(filters).distinct().order_by('-create_dt')
type = request.GET.get('type', '')
if type == 'image':
files = files.filter(f_type='image')
elif type == 'media':
files = files.filter(f_type='video')
if query:
files = files.filter(Q(file__icontains=query)|
Q(name__icontains=query))
paginator = Paginator(files, 10)
files = paginator.page(page_num)
return render_to_response(
template_name, {
"files": files,
'page_num': page_num,
'page_range': paginator.page_range,
'csrf_token': csrf_get_token(request),
'can_upload_file': has_perm(request.user, 'files.add_file')
}, context_instance=RequestContext(request))
def locations_import_upload(request, template_name='locations/import-upload-file.html'):
"""
This is the upload view for the location imports.
This will upload the location import file and then redirect the user
to the import mapping/preview page of the import file
"""
if request.method == 'POST':
form = UploadForm(request.POST, request.FILES)
if form.is_valid():
locport = LocationImport.objects.create(creator=request.user)
csv = File.objects.save_files_for_instance(request, locport)[0]
file_path = str(csv.file.name)
import_valid, import_errs = is_import_valid(file_path)
if not import_valid:
for err in import_errs:
messages.add_message(request, messages.ERROR, err)
locport.delete()
return redirect('locations_import_upload_file')
EventLog.objects.log()
# reset the password_promt session
del request.session['password_promt']
return redirect('locations_import_preview', locport.id)
else:
form = UploadForm()
return render_to_response(template_name, {
'form': form,
'now': datetime.now(),
}, context_instance=RequestContext(request))
def add(request, form_class=FormForm, template_name="forms/add.html"):
if not has_perm(request.user,'forms.add_form'):
raise Http403
PricingFormSet = inlineformset_factory(Form, Pricing, form=PricingForm, extra=2, can_delete=False)
formset = PricingFormSet()
if request.method == "POST":
form = form_class(request.POST, user=request.user)
if form.is_valid():
form_instance = form.save(commit=False)
# save form and associated pricings
form_instance = update_perms_and_save(request, form, form_instance)
formset = PricingFormSet(request.POST, instance=form_instance)
if formset.is_valid():
# update_perms_and_save does not appear to consider ManyToManyFields
for method in form.cleaned_data['payment_methods']:
form_instance.payment_methods.add(method)
formset.save()
messages.add_message(request, messages.SUCCESS, _('Successfully added %(f)s' % {'f':form_instance}))
return HttpResponseRedirect(reverse('form_field_update', args=[form_instance.pk]))
else:
form = form_class(user=request.user)
return render_to_response(template_name, {
'form':form,
'formset': formset,
}, context_instance=RequestContext(request))
def mark_as_paid(request, id, template_name="invoices/mark-as-paid.html"):
"""
Makes a payment-record with a specified date/time
payment method and payment amount.
"""
invoice = get_object_or_404(Invoice, pk=id)
if not has_perm(request.user, "payments.change_payment"):
raise Http403
if request.method == "POST":
form = MarkAsPaidForm(request.POST)
if form.is_valid():
# make payment record
payment = form.save(user=request.user, invoice=invoice, commit=False)
payment = update_perms_and_save(request, form, payment)
# update invoice; make accounting entries
action_taken = invoice.make_payment(payment.creator, payment.amount)
if action_taken:
EventLog.objects.log(instance=invoice)
messages.add_message(request, messages.SUCCESS, _("Payment successfully made"))
return redirect(invoice)
else:
form = MarkAsPaidForm(initial={"amount": invoice.balance, "submit_dt": datetime.now()})
return render_to_response(
template_name, {"invoice": invoice, "form": form}, context_instance=RequestContext(request)
)
def memberphotos(request, username, template_name="photos/memberphotos.html", group_slug=None, bridge=None):
""" Get the members photos and display them """
if bridge:
try:
group = bridge.get_group(group_slug)
except ObjectDoesNotExist:
raise Http404
else:
group = None
user = get_object_or_404(User, username=username)
photos = Image.objects.filter(
member__username = username,
is_public = True
)
if group:
photos = group.content_objects(photos, join="pool")
else:
photos = photos.filter(pool__object_id=None)
photos = photos.order_by("-date_added")
return render_to_response(template_name, {
"group": group,
"photos": photos,
}, context_instance=RequestContext(request))
def search(request, template_name="resumes/search.html"):
"""
This page lists out all resumes from newest to oldest.
If a search index is available, this page will also
have the option to search through resumes.
"""
has_index = get_setting('site', 'global', 'searchindex')
query = request.GET.get('q', None)
if has_index and query:
resumes = Resume.objects.search(query, user=request.user)
else:
filters = get_query_filters(request.user, 'resumes.view_resume')
resumes = Resume.objects.filter(filters).distinct()
if request.user.is_authenticated():
resumes = resumes.select_related()
resumes = resumes.order_by('-create_dt')
EventLog.objects.log(**{
'event_id' : 354000,
'event_data': '%s searched by %s' % ('Resume', request.user),
'description': '%s searched' % 'Resume',
'user': request.user,
'request': request,
'source': 'resumes'
})
return render_to_response(template_name, {'resumes':resumes},
context_instance=RequestContext(request))
def nearest(request, template_name="locations/nearest.html"):
locations = []
lat, lng = None, None
query = request.GET.get('q')
filters = get_query_filters(request.user, 'locations.view_location')
if query:
lat, lng = get_coordinates(address=query)
all_locations = Location.objects.filter(filters).distinct()
if not request.user.is_anonymous():
all_locations = all_locations.select_related()
if all((lat,lng)):
for location in all_locations:
location.distance = location.get_distance2(lat, lng)
if location.distance != None:
locations.append(location)
locations.sort(key=lambda x: x.distance)
EventLog.objects.log()
return render_to_response(template_name, {
'locations':locations,
'origin': {'lat':lat,'lng':lng},
}, context_instance=RequestContext(request))
def delete(request, id, template_name="resumes/delete.html"):
resume = get_object_or_404(Resume, pk=id)
if has_perm(request.user,'resumes.delete_resume'):
if request.method == "POST":
EventLog.objects.log(instance=resume)
messages.add_message(request, messages.SUCCESS, _('Successfully deleted %(r)s' % {'r':resume}))
# send notification to administrators
recipients = get_notice_recipients('module', 'resumes', 'resumerecipients')
if recipients:
if notification:
extra_context = {
'object': resume,
'request': request,
}
notification.send_emails(recipients,'resume_deleted', extra_context)
resume.delete()
return HttpResponseRedirect(reverse('resume.search'))
return render_to_response(template_name, {'resume': resume},
context_instance=RequestContext(request))
else:
raise Http403
def pricing_add(request, form_class=JobPricingForm,
template_name="jobs/pricing-add.html"):
if has_perm(request.user, 'jobs.add_jobpricing'):
if request.method == "POST":
form = form_class(request.POST)
if form.is_valid():
job_pricing = form.save(commit=False)
job_pricing.status = 1
job_pricing.save(request.user)
EventLog.objects.log(instance=job_pricing)
if "_popup" in request.REQUEST:
return HttpResponse('<script type="text/javascript">opener.dismissAddAnotherPopup(window, "%s", "%s");</script>' % (escape(job_pricing.pk), escape(job_pricing)))
return HttpResponseRedirect(
reverse('job_pricing.view', args=[job_pricing.id]))
else:
form = form_class()
if "_popup" in request.REQUEST:
template_name="jobs/pricing-add-popup.html"
return render_to_response(template_name, {'form': form},
context_instance=RequestContext(request))
else:
raise Http403
def locations_import_confirm(request, id, template_name='locations/import-confirm.html'):
"""
Confirm the locations import and continue with the process.
This can only be accessed via a hidden post form from the preview page.
That will hold the original mappings selected by the user.
"""
locport = get_object_or_404(LocationImport, pk=id)
if request.method == "POST":
form = ImportMapForm(request.POST, locport=locport)
if form.is_valid():
cleaned_data = form.cleaned_data
file_path = str(locport.get_file().file.name)
if not settings.CELERY_IS_ACTIVE:
# if celery server is not present
# evaluate the result and render the results page
result = ImportLocationsTask()
locations, stats = result.run(request.user, file_path, cleaned_data)
return render_to_response(template_name, {
'locations': locations,
'stats': stats,
'now': datetime.now(),
}, context_instance=RequestContext(request))
else:
result = ImportLocationsTask.delay(request.user, file_path, cleaned_data)
return redirect('locations_import_status', result.task_id)
else:
return redirect('locations_import_preview', locport.id)
def edit_meta(request, id, form_class=MetaForm, template_name="pages/edit-meta.html"):
"""
Return page that allows you to edit meta-html information.
"""
# check permission
page = get_object_or_404(Page, pk=id)
if not has_perm(request.user, "pages.change_page", page):
raise Http403
defaults = {
"title": page.get_title(),
"description": page.get_description(),
"keywords": page.get_keywords(),
"canonical_url": page.get_canonical_url(),
}
page.meta = MetaTags(**defaults)
if request.method == "POST":
form = form_class(request.POST, instance=page.meta)
if form.is_valid():
page.meta = form.save() # save meta
page.save() # save relationship
messages.add_message(
request, messages.SUCCESS, _("Successfully updated meta for %(p)s" % {"p": unicode(page)})
)
return HttpResponseRedirect(reverse("page", args=[page.slug]))
else:
form = form_class(instance=page.meta)
return render_to_response(template_name, {"page": page, "form": form}, context_instance=RequestContext(request))
def export(request, template_name="pages/export.html"):
"""Export Pages"""
if not request.user.is_superuser:
raise Http403
if request.method == "POST":
fields = [
"guid",
"title",
"slug",
"header_image",
"content",
"view_contact_form",
"design_notes",
"syndicate",
"template",
"tags",
"entity",
"meta",
"categories",
]
export_id = run_export_task("pages", "page", fields)
return redirect("export.status", export_id)
return render_to_response(template_name, {}, context_instance=RequestContext(request))
def add(request, form_class=LocationForm, template_name="locations/add.html"):
if has_perm(request.user,'locations.add_location'):
if request.method == "POST":
form = form_class(request.POST, request.FILES, user=request.user)
if form.is_valid():
location = form.save(commit=False)
# update all permissions and save the model
location = update_perms_and_save(request, form, location)
if 'photo_upload' in form.cleaned_data:
photo = form.cleaned_data['photo_upload']
if photo:
location.save(photo=photo)
msg_string = 'Successfully added %s' % location
messages.add_message(request, messages.SUCCESS, _(msg_string))
return HttpResponseRedirect(reverse('location', args=[location.slug]))
else:
form = form_class(user=request.user)
return render_to_response(template_name, {'form':form},
context_instance=RequestContext(request))
else:
raise Http403
def detail(request, id, template_name="discounts/view.html"):
discount = get_object_or_404(Discount, id=id)
if not has_perm(request.user, 'discounts.view_discount', discount):
raise Http403
registrations = Registration.objects.filter(invoice__discount_code=discount.discount_code)
registrant_list = []
for registration in registrations:
registrant_list += registration.registrant_set.filter(discount_amount__gt=0)
memberships = MembershipSet.objects.filter(invoice__discount_code=discount.discount_code)
membership_list = []
for membership in memberships:
count = DiscountUse.objects.filter(invoice=membership.invoice).count()
membership_list += membership.membershipdefault_set.all()[:count]
EventLog.objects.log(instance=discount)
return render_to_response(
template_name,
{'discount':discount,
'registrant_list':registrant_list,
'membership_list':membership_list},
context_instance=RequestContext(request)
)
def entry_detail(request, id, template_name="forms/entry_detail.html"):
entry = get_object_or_404(FormEntry, pk=id)
# check permission
if not has_perm(request.user,'forms.change_form',entry.form):
raise Http403
form_template = entry.form.template
if not form_template or not template_exists(form_template):
form_template = "forms/base.html"
return render_to_response(template_name, {'entry':entry, 'form_template': form_template},
context_instance=RequestContext(request))
def export(request, template_name="navs/export.html"):
"""Export Navs"""
if not request.user.is_superuser:
raise Http403
if request.method == 'POST':
export_id = run_export_task('navs', 'nav', [])
EventLog.objects.log()
return redirect('export.status', export_id)
return render_to_response(template_name, {
}, context_instance=RequestContext(request))
def search(request, template_name="discounts/search.html"):
if not has_perm(request.user, 'discounts.view_discount'):
raise Http403
filters = get_query_filters(request.user, 'discounts.view_discount')
discounts = Discount.objects.filter(filters).distinct()
query = request.GET.get('q', None)
if query:
discounts = discounts.filter(discount_code__icontains=query)
EventLog.objects.log()
return render_to_response(template_name, {'discounts': discounts},
context_instance=RequestContext(request))
def entry_delete(request, id, template_name="forms/entry_delete.html"):
entry = get_object_or_404(FormEntry, pk=id)
# check permission
if not has_perm(request.user,'forms.delete_form',entry.form):
raise Http403
if request.method == "POST":
messages.add_message(request, messages.SUCCESS, _('Successfully deleted entry %(e)s' % { 'e': entry}))
entry.delete()
return HttpResponseRedirect(reverse('forms'))
return render_to_response(template_name, {'entry': entry},
context_instance=RequestContext(request))
def delete(request, id, template_name="discounts/delete.html"):
discount = get_object_or_404(Discount, pk=id)
if not has_perm(request.user, 'discounts.delete_discount', discount):
raise Http403
if request.method == "POST":
messages.add_message(request, messages.SUCCESS, _('Successfully deleted %(d)s' % {'d' : discount}))
discount.delete()
return redirect('discounts')
return render_to_response(template_name, {'discount': discount},
context_instance=RequestContext(request))
def delete(request, id, template_name="redirects/delete.html"):
redirect = get_object_or_404(Redirect, pk=id)
# check permission
if not has_perm(request.user,'redirects.delete_redirect'):
raise Http403
if request.method == "POST":
messages.add_message(request, messages.SUCCESS, _('Successfully deleted %(r)s' % {'r':redirect}))
redirect.delete()
return HttpResponseRedirect(reverse('redirects'))
return render_to_response(template_name, {'redirect': redirect},
context_instance=RequestContext(request))
def entries_export_status(request,
task_id,
template_name="forms/entry_export_status.html"):
try:
task = TaskMeta.objects.get(task_id=task_id)
except TaskMeta.DoesNotExist:
task = None
return render_to_response(template_name, {
'task': task,
'task_id': task_id,
'user_this': None,
},
context_instance=RequestContext(request))
def delete(request, id, template_name="navs/delete.html"):
nav = get_object_or_404(Nav, pk=id)
if has_perm(request.user,'navs.delete_nav'):
if request.method == "POST":
messages.add_message(request, messages.SUCCESS, _('Successfully deleted %(nav)s' % {'nav': nav}))
nav.delete()
return HttpResponseRedirect(reverse('navs.search'))
return render_to_response(template_name, {'current_nav': nav},
context_instance=RequestContext(request))
else:
raise Http403
def robots_txt(request):
options = [
'base/robots_private.txt', 'base/robots_public.txt', 'robots.txt'
]
template_name = "robots.txt"
robots_setting = get_setting('site', 'global', 'robotstxt')
if robots_setting in options:
template_name = robots_setting
site_url = get_setting('site', 'global', 'siteurl')
return render_to_response(template_name, {'site_url': site_url},
context_instance=RequestContext(request),
content_type="text/plain")
def photoset_edit(request,
id,
form_class=PhotoSetEditForm,
template_name="photos/photo-set/edit.html"):
from tendenci.apps.perms.object_perms import ObjectPermission
photo_set = get_object_or_404(PhotoSet, id=id)
# if no permission; permission exception
if not has_perm(request.user, 'photos.change_photoset', photo_set):
raise Http403
if request.method == "POST":
if request.POST["action"] == "edit":
form = form_class(request.POST,
instance=photo_set,
user=request.user)
if form.is_valid():
photo_set = form.save(commit=False)
# update all permissions and save the model
photo_set = update_perms_and_save(request, form, photo_set)
# copy all privacy settings from photo set to photos
Image.objects.filter(photoset=photo_set).update(
**get_privacy_settings(photo_set))
# photo set group permissions
group_perms = photo_set.perms.filter(
group__isnull=False).values_list('group', 'codename')
group_perms = tuple([(unicode(g), c.split('_')[0])
for g, c in group_perms])
photos = Image.objects.filter(photoset=photo_set)
for photo in photos:
ObjectPermission.objects.remove_all(photo)
ObjectPermission.objects.assign_group(group_perms, photo)
messages.add_message(request, messages.SUCCESS,
_("Successfully updated photo set! "))
return HttpResponseRedirect(
reverse('photoset_details', args=[photo_set.id]))
else:
form = form_class(instance=photo_set, user=request.user)
return render_to_response(template_name, {
'photo_set': photo_set,
"photoset_form": form,
},
context_instance=RequestContext(request))
def view(request,
id,
guid=None,
form_class=AdminNotesForm,
template_name="invoices/view.html"):
"""
Invoice information, payment attempts (successful and unsuccessful).
"""
invoice = get_object_or_404(Invoice.objects.all_invoices(), pk=id)
if not invoice.allow_view_by(request.user, guid):
raise Http403
allowed_tuple = (request.user.profile.is_superuser,
has_perm(request.user, 'invoices.change_invoice'))
form = None
if any(allowed_tuple):
if request.method == "POST":
form = form_class(request.POST, instance=invoice)
if form.is_valid():
invoice = form.save()
EventLog.objects.log(instance=invoice)
else:
form = form_class(initial={'admin_notes': invoice.admin_notes})
notify = request.GET.get('notify', u'')
guid = guid or u''
merchant_login = ( # boolean value
hasattr(settings, 'MERCHANT_LOGIN') and settings.MERCHANT_LOGIN)
obj = invoice.get_object()
obj_name = u''
if obj:
obj_name = obj._meta.verbose_name
return render_to_response(
template_name, {
'invoice': invoice,
'obj': obj,
'obj_name': obj_name,
'guid': guid,
'notify': notify,
'form': form,
'can_pay': invoice.allow_payment_by(request.user, guid),
'merchant_login': merchant_login
},
context_instance=RequestContext(request))
def memcached_status(request):
try:
import memcache
except ImportError:
raise Http404
if not request.user.is_authenticated() and request.user.is_superuser:
raise Http404
# get first memcached URI
m = re.match("memcached://([.\w]+:\d+)", settings.CACHE_BACKEND)
if not m:
raise Http404
host = memcache._Host(m.group(1))
host.connect()
host.send_cmd("stats")
class Stats:
pass
stats = Stats()
while 1:
line = host.readline().split(None, 2)
if line[0] == "END":
break
stat, key, value = line
try:
# convert to native type, if possible
value = int(value)
if key == "uptime":
value = datetime.timedelta(seconds=value)
elif key == "time":
value = datetime.datetime.fromtimestamp(value)
except ValueError:
pass
setattr(stats, key, value)
host.close_socket()
return render_to_response(
template_name='base/memcached_status.html',
dictionary={
'stats': stats,
'hit_rate': 100 * stats.get_hits / stats.cmd_get,
'time': str(datetime.datetime.now()), # server time
},
context_instance=RequestContext(request))
def search(request, template_name="files/search.html"):
"""
This page lists out all files from newest to oldest.
If a search index is available, this page will also
have the option to search through files.
"""
query = u''
category = None
sub_category = None
group = None
form = FileSearchForm(request.GET, **{'user': request.user})
if form.is_valid():
query = form.cleaned_data.get('q', '')
category = form.cleaned_data.get('file_cat', None)
sub_category = form.cleaned_data.get('file_sub_cat', None)
group = form.cleaned_data.get('group', None)
filters = get_query_filters(request.user, 'files.view_file')
files = File.objects.filter(filters).distinct()
if query:
files = files.filter(Q(file__icontains=query)|
Q(name__icontains=query)|
Q(description__icontains=query)|
Q(tags__icontains=query))
if category:
files = files.filter(file_cat=category)
if sub_category:
files = files.filter(file_sub_cat=sub_category)
if group:
files = files.filter(group_id=group)
files = files.order_by('-update_dt')
EventLog.objects.log()
layout = get_setting("module", "files", "layout")
base_template_path = "files/base.html"
if layout == 'grid':
base_template_path = "base-wide.html"
return render_to_response(
template_name, {
'files': files,
'form': form,
'layout': layout,
'base_template_path': base_template_path,
}, context_instance=RequestContext(request))
def edit(request, id, form_class=FileForm, template_name="files/edit.html"):
file = get_object_or_404(File, pk=id)
# check permission
if not has_perm(request.user, 'files.change_file', file):
raise Http403
if request.method == "POST":
form = form_class(request.POST, request.FILES, instance=file, user=request.user)
if form.is_valid():
file = form.save(commit=False)
# update all permissions and save the model
file = update_perms_and_save(request, form, file)
#setup categories
category = Category.objects.get_for_object(file, 'category')
sub_category = Category.objects.get_for_object(file, 'sub_category')
## update the category of the file
category_removed = False
category = file.file_cat.name if file.file_cat else None
if category:
Category.objects.update(file, category, 'category')
else: # remove
category_removed = True
Category.objects.remove(file, 'category')
Category.objects.remove(file, 'sub_category')
if not category_removed:
# update the sub category of the article
sub_category = file.file_sub_cat.name if file.file_sub_cat else None
if sub_category:
Category.objects.update(file, sub_category, 'sub_category')
else: # remove
Category.objects.remove(file, 'sub_category')
file.save()
return HttpResponseRedirect(reverse('file.search'))
else:
form = form_class(instance=file, user=request.user)
return render_to_response(
template_name, {
'file': file,
'form': form,
}, context_instance=RequestContext(request))
def approve(request, id, template_name="directories/approve.html"):
can_view_directories = has_perm(request.user, 'directories.view_directory')
can_change_directories = has_perm(request.user,
'directories.change_directory')
if not all([can_view_directories, can_change_directories]):
raise Http403
directory = get_object_or_404(Directory, pk=id)
if request.method == "POST":
directory.activation_dt = datetime.now()
directory.expiration_dt = directory.activation_dt + timedelta(
days=directory.requested_duration)
directory.allow_anonymous_view = True
directory.status = True
directory.status_detail = 'active'
if not directory.creator:
directory.creator = request.user
directory.creator_username = request.user.username
if not directory.owner:
directory.owner = request.user
directory.owner_username = request.user.username
directory.save()
# send email notification to user
recipients = [directory.creator.email]
if recipients:
extra_context = {
'object': directory,
'request': request,
}
try:
send_email_notification('directory_approved_user_notice',
recipients, extra_context)
except:
pass
msg_string = 'Successfully approved %s' % directory
messages.add_message(request, messages.SUCCESS, _(msg_string))
return HttpResponseRedirect(reverse('directory',
args=[directory.slug]))
return render_to_response(template_name, {'directory': directory},
context_instance=RequestContext(request))
def edit(request,
id,
set_id=0,
form_class=PhotoEditForm,
template_name="photos/edit.html"):
""" edit photo view """
# get photo
photo = get_object_or_404(Image, id=id)
set_id = int(set_id)
# permissions
if not has_perm(request.user, 'photos.change_image', photo):
raise Http403
# get available photo sets
photo_sets = PhotoSet.objects.all()
if request.method == "POST":
if request.POST["action"] == "update":
form = form_class(request.POST, instance=photo, user=request.user)
if form.is_valid():
photo = form.save(commit=False)
# update all permissions and save the model
photo = update_perms_and_save(request, form, photo)
messages.add_message(
request, messages.SUCCESS,
_("Successfully updated photo '%(title)s'" %
{'title': unicode(photo)}))
return HttpResponseRedirect(
reverse("photo", kwargs={
"id": photo.id,
"set_id": set_id
}))
else:
form = form_class(instance=photo, user=request.user)
else:
form = form_class(instance=photo, user=request.user)
return render_to_response(template_name, {
"photo_form": form,
"photo": photo,
"photo_sets": photo_sets,
"id": photo.id,
"set_id": set_id,
},
context_instance=RequestContext(request))
def locations_import_status(request, task_id, template_name='locations/import-confirm.html'):
"""
Checks if a location import is completed.
"""
try:
task = TaskMeta.objects.get(task_id=task_id)
except TaskMeta.DoesNotExist:
#tasks database entries are not created at once.
task = None
if task and task.status == "SUCCESS":
locations, stats = task.result
return render_to_response(template_name, {
'locations': locations,
'stats':stats,
'now': datetime.now(),
}, context_instance=RequestContext(request))
else:
return render_to_response('memberships/import-status.html', {
'task': task,
'now': datetime.now(),
}, context_instance=RequestContext(request))
def entries(request, id, template_name="forms/entries.html"):
form = get_object_or_404(Form, pk=id)
if not has_perm(request.user, 'forms.change_form', form):
raise Http403
entries = form.entries.order_by('-entry_time')
EventLog.objects.log(instance=form)
return render_to_response(template_name, {
'form': form,
'entries': entries
},
context_instance=RequestContext(request))
def index(request, slug=None, template_name="resumes/view.html"):
if not get_setting('module', 'resumes', 'enabled'):
redirect = get_object_or_404(Redirect, from_app='resumes')
return HttpResponseRedirect('/' + redirect.to_url)
if not slug: return HttpResponseRedirect(reverse('resume.search'))
resume = get_object_or_404(Resume, slug=slug)
if has_view_perm(request.user,'resumes.view_resume',resume):
EventLog.objects.log()
return render_to_response(template_name, {'resume': resume},
context_instance=RequestContext(request))
else:
raise Http403
def delete(request, id, template_name="forms/delete.html"):
form_instance = get_object_or_404(Form, pk=id)
# check permission
if not has_perm(request.user,'forms.delete_form',form_instance):
raise Http403
if request.method == "POST":
messages.add_message(request, messages.SUCCESS, _('Successfully deleted %(f)s' % {'f':form_instance}))
form_instance.delete()
return HttpResponseRedirect(reverse('forms'))
return render_to_response(template_name, {'form': form_instance},
context_instance=RequestContext(request))
def delete(request, id, template_name="locations/delete.html"):
location = get_object_or_404(Location, pk=id)
if has_perm(request.user, 'locations.delete_location'):
if request.method == "POST":
msg_string = 'Successfully deleted %s' % location
messages.add_message(request, messages.SUCCESS, _(msg_string))
location.delete()
return HttpResponseRedirect(reverse('location.search'))
return render_to_response(template_name, {'location': location},
context_instance=RequestContext(request))
else:
raise Http403
def update_tendenci(request, template_name="base/update.html"):
from tendenci.apps.base.utils import get_latest_version
if request.method == "POST":
tos = request.POST.get('tos')
if tos:
SubProcessManager.set_process(["python", "manage.py", "auto_update",
"--user_id=%s" % request.user.id])
return redirect('update_tendenci.confirmation')
return render_to_response(template_name, {
'latest_version': get_latest_version(),
'version': version,
}, context_instance=RequestContext(request))
def search(request, template_name="directories/search.html"):
filters = get_query_filters(request.user, 'directories.view_directory')
directories = Directory.objects.filter(filters).distinct()
cat = None
if not request.user.is_anonymous():
directories = directories.select_related()
query = request.GET.get('q', None)
form = DirectorySearchForm(request.GET,
is_superuser=request.user.is_superuser)
if form.is_valid():
search_category = form.cleaned_data['search_category']
query = form.cleaned_data.get('q')
search_method = form.cleaned_data['search_method']
cat = form.cleaned_data.get('cat')
sub_cat = form.cleaned_data.get('sub_cat')
if cat:
directories = directories.filter(cat=cat)
if sub_cat:
directories = directories.filter(sub_cat=sub_cat)
if query and 'tag:' in query:
tag = query.strip('tag:')
directories = directories.filter(tags__icontains=tag)
elif query and search_category:
search_type = '__iexact'
if search_method == 'starts_with':
search_type = '__istartswith'
elif search_method == 'contains':
search_type = '__icontains'
search_filter = {'%s%s' % (search_category, search_type): query}
directories = directories.filter(**search_filter)
directories = directories.order_by('headline')
EventLog.objects.log()
return render_to_response(template_name, {
'directories': directories,
'form': form,
'a_to_z': string.lowercase[:26]
},
context_instance=RequestContext(request))
def edit(request, id, form_class=ArticleForm,
category_form_class=CategoryForm,
template_name="articles/edit.html"):
article = get_object_or_404(Article, pk=id)
content_type = get_object_or_404(ContentType, app_label='articles',
model='article')
if has_perm(request.user, 'articles.change_article', article):
if request.method == "POST":
form = form_class(request.POST, instance=article, user=request.user)
categoryform = category_form_class(content_type,
request.POST,)
if form.is_valid() and categoryform.is_valid():
article = form.save()
article.update_category_subcategory(
categoryform.cleaned_data['category'],
categoryform.cleaned_data['sub_category']
)
# update all permissions and save the model
update_perms_and_save(request, form, article)
msg_string = 'Successfully updated %s' % unicode(article)
messages.add_message(request, messages.SUCCESS, _(msg_string))
return HttpResponseRedirect(reverse('article', args=[article.slug]))
else:
form = form_class(instance=article, user=request.user)
category = Category.objects.get_for_object(article, 'category')
sub_category = Category.objects.get_for_object(article, 'sub_category')
initial_category_form_data = {
'app_label': 'articles',
'model': 'article',
'pk': article.pk,
'category': getattr(category, 'name', '0'),
'sub_category': getattr(sub_category, 'name', '0')
}
categoryform = category_form_class(content_type,
initial=initial_category_form_data,)
return render_to_response(template_name, {'article': article,
'form': form,
'categoryform': categoryform,},
context_instance=RequestContext(request))
else:
raise Http403
def add(request, form_class=ArticleForm,
category_form_class=CategoryForm,
template_name="articles/add.html"):
content_type = get_object_or_404(ContentType,
app_label='articles',
model='article')
if has_perm(request.user, 'articles.add_article'):
if request.method == "POST":
form = form_class(request.POST, user=request.user)
categoryform = category_form_class(content_type,
request.POST,)
if form.is_valid() and categoryform.is_valid():
article = form.save()
article.update_category_subcategory(
categoryform.cleaned_data['category'],
categoryform.cleaned_data['sub_category']
)
# add all permissions and save the model
update_perms_and_save(request, form, article)
msg_string = 'Successfully added %s' % unicode(article)
messages.add_message(request, messages.SUCCESS, _(msg_string))
# send notification to administrator(s) and module recipient(s)
recipients = get_notice_recipients('module', 'articles', 'articlerecipients')
if recipients and notification:
notification.send_emails(recipients, 'article_added', {
'object': article,
'request': request,
})
return HttpResponseRedirect(reverse('article', args=[article.slug]))
else:
form = form_class(user=request.user)
initial_category_form_data = {
'app_label': 'articles',
'model': 'article',
'pk': 0,
}
categoryform = category_form_class(content_type,
initial=initial_category_form_data,)
return render_to_response(template_name, {'form': form,
'categoryform': categoryform,},
context_instance=RequestContext(request))
else:
raise Http403
def preview(request, id=None, form_class=PageForm, meta_form_class=MetaForm,
category_form_class=CategoryForm, template="pages/preview.html"):
content_type = get_object_or_404(ContentType,
app_label='pages',
model='page')
page = None
if id:
page = get_object_or_404(Page, pk=id)
if request.method == "POST":
if page:
form = form_class(request.POST, request.FILES, instance=page, user=request.user)
else:
form = form_class(request.POST, request.FILES, user=request.user)
metaform = meta_form_class(request.POST, prefix='meta')
categoryform = category_form_class(content_type,
request.POST,
prefix='category')
if form.is_valid():
page = form.save(commit=False)
edit_button = False
if request.POST['preview_for'] == 'edit':
edit_button = True
f = form.cleaned_data['header_image']
if f:
header = HeaderImage()
header.content_type = ContentType.objects.get_for_model(Page)
header.object_id = page.id
header.creator = request.user
header.creator_username = request.user.username
header.owner = request.user
header.owner_username = request.user.username
filename = "%s-%s" % (page.slug, f.name)
f.file.seek(0)
header.file.save(filename, f, save=False)
page.header_image = header
return render_to_response(template, {'page': page,
'form': form,
'metaform': metaform,
'categoryform': categoryform,
'edit_button': edit_button},
context_instance=RequestContext(request))
return HttpResponseRedirect(reverse('page.search'))
def edit(request, id, form_class=FormForm, template_name="forms/edit.html"):
form_instance = get_object_or_404(Form, pk=id)
if not has_perm(request.user, 'forms.change_form', form_instance):
raise Http403
PricingFormSet = inlineformset_factory(Form,
Pricing,
form=PricingForm,
extra=2)
if request.method == "POST":
form = form_class(request.POST,
instance=form_instance,
user=request.user)
if form_instance.recurring_payment:
formset = RecurringPaymentFormSet(request.POST,
instance=form_instance)
else:
formset = PricingFormSet(request.POST, instance=form_instance)
if form.is_valid() and formset.is_valid():
form_instance = form.save(commit=False)
form_instance = update_perms_and_save(request, form, form_instance)
form.save_m2m() # save payment methods
formset.save() # save price options
# remove all pricings if no custom_payment form
if not form.cleaned_data['custom_payment']:
form_instance.pricing_set.all().delete()
messages.add_message(
request, messages.SUCCESS,
_('Successfully edited %(f)s' % {'f': form_instance}))
return HttpResponseRedirect(
reverse('form_field_update', args=[form_instance.pk]))
else:
form = form_class(instance=form_instance, user=request.user)
if form_instance.recurring_payment:
formset = RecurringPaymentFormSet(instance=form_instance)
else:
formset = PricingFormSet(instance=form_instance)
return render_to_response(template_name, {
'form': form,
'formset': formset,
'form_instance': form_instance,
},
context_instance=RequestContext(request))
def search(request, template_name="pages/search.html"):
"""
Search pages.
"""
query = request.GET.get('q')
filters = get_query_filters(request.user,
'pages.view_page',
association_id=get_association_id(request))
pages = Page.objects.filter(filters).distinct()
if query:
if "category:" in query or "sub_category:" in query:
# handle category and sub_category
key, name = query.split(':', 1)
categories = Category.objects.filter(name__iexact=name)
if categories.exists():
category = categories[0]
if key == 'category':
page_ids = CategoryItem.objects.filter(
content_type_id=ContentType.objects.get_for_model(
Page),
category_id=category.id,
parent_id__isnull=True).values_list('object_id',
flat=True)
else:
page_ids = CategoryItem.objects.filter(
content_type_id=ContentType.objects.get_for_model(
Page),
parent_id=category.id,
category_id__isnull=True).values_list('object_id',
flat=True)
pages = pages.filter(id__in=page_ids)
else:
pages = Page.objects.none()
else:
pages = pages.filter(
Q(title__icontains=query)
| Q(content__icontains=query)
| Q(slug__icontains=query))
pages = pages.exclude(status_detail='archive')
pages = pages.order_by('-create_dt')
EventLog.objects.log()
return render_to_response(template_name, {'pages': pages},
context_instance=RequestContext(request))
def pricing_edit(request, id, form_class=DirectoryPricingForm, template_name="directories/pricing-edit.html"):
directory_pricing = get_object_or_404(DirectoryPricing, pk=id)
if not has_perm(request.user,'directories.change_directorypricing',directory_pricing): Http403
if request.method == "POST":
form = form_class(request.POST, instance=directory_pricing, user=request.user)
if form.is_valid():
directory_pricing = form.save(commit=False)
directory_pricing.save(request.user)
return HttpResponseRedirect(reverse('directory_pricing.view', args=[directory_pricing.id]))
else:
form = form_class(instance=directory_pricing, user=request.user)
return render_to_response(template_name, {'form':form},
context_instance=RequestContext(request))
def print_view(request, slug, template_name="articles/print-view.html"):
article = get_object_or_404(Article, slug=slug)
if article.release_dt >= datetime.now():
if not any([
has_perm(request.user, 'articles.view_article'), request.user
== article.owner, request.user == article.creator
]):
raise Http403
if has_view_perm(request.user, 'articles.view_article', article):
EventLog.objects.log(instance=article)
return render_to_response(template_name, {'article': article},
context_instance=RequestContext(request))
else:
raise Http403
