def update_work_item(request, wip_report, work_item_id):
wip_report = WIPReport.objects.get(name=wip_report)
work_item = get_object_or_404(WIPItem, id=work_item_id)
# Some security
allow_access = False
for group in request.user.groups.all():
if group in wip_report.read_acl.all():
allow_access = True
form = WIPItemUserForm(request.POST, instance=work_item)
if group in wip_report.write_acl.all():
allow_access = True
form = WIPItemEditorForm(wip_report, request.POST, instance=work_item)
if allow_access:
if form.is_valid():
t = form.save(commit=False)
if request.POST['update'] != '':
if request.user.get_full_name() == '':
update_name = request.user.username
else:
update_name = request.user.get_full_name()
t.history = '''\n\n------Updated by %s on %s------\n\n%s\n\n%s''' % ( update_name, time.strftime("%Y-%m-%d %H:%M"), form.cleaned_data.get('update'), work_item.history )
t.save()
_add_wip_to_archive(work_item.heading.all()[0].report.all()[0])
return HttpResponse( return_json_success() )
else:
return HttpResponse( handle_form_errors(form.errors))
