def test_invalid_user_gallery_form_noexist_user(self):
data = {
'user': '******',
'mode': 'W'
}
form = UserGalleryForm(data=data)
self.assertFalse(form.is_valid())
def test_valid_user_gallery_form(self):
data = {
'user': self.profile,
'mode': 'R'
}
form = UserGalleryForm(data=data)
self.assertTrue(form.is_valid())
def test_valid_user_gallery_form(self):
data = {
'user': self.profile,
'mode': 'R'
}
form = UserGalleryForm(data=data)
self.assertTrue(form.is_valid())
def test_invalid_user_gallery_form_noexist_user(self):
data = {
'user': '******',
'mode': 'W'
}
form = UserGalleryForm(data=data)
self.assertFalse(form.is_valid())
def test_valid_user_gallery_form(self):
gallery = GalleryFactory()
data = {
'action': 'add',
'user': self.profile,
'mode': 'R'
}
form = UserGalleryForm(gallery=gallery, data=data)
self.assertTrue(form.is_valid())
def test_invalid_user_gallery_form_noexist_user(self):
gallery = GalleryFactory()
data = {
'action': 'add',
'user': '******',
'mode': 'W'
}
form = UserGalleryForm(gallery=gallery, data=data)
self.assertFalse(form.is_valid())
def test_valid_user_gallery_form(self):
gallery = GalleryFactory()
data = {
'action': 'add',
'user': self.profile,
'mode': 'R'
}
form = UserGalleryForm(gallery=gallery, data=data)
self.assertTrue(form.is_valid())
def test_invalid_user_gallery_form_noexist_user(self):
gallery = GalleryFactory()
data = {
'action': 'add',
'user': '******',
'mode': 'W'
}
form = UserGalleryForm(gallery=gallery, data=data)
self.assertFalse(form.is_valid())
def modify_gallery(request):
'''Modify gallery instance'''
if request.method != 'POST':
raise Http404
# Global actions
if 'delete_multi' in request.POST:
l = request.POST.getlist('items')
perms = UserGallery.objects\
.filter(gallery__pk__in=l, user=request.user, mode='W')\
.count()
# Check that the user has the RW right on each gallery
if perms < len(l):
raise Http404
# Delete all the permissions on all the selected galleries
UserGallery.objects.filter(gallery__pk__in=l).delete()
# Delete all the images of the gallery (autodelete of file)
Image.objects.filter(gallery__pk__in=l).delete()
# Finally delete the selected galleries
Gallery.objects.filter(pk__in=l).delete()
return redirect(reverse('zds.gallery.views.gallery_list'))
# Gallery-specific actions
try:
gal_pk = request.POST['gallery']
except KeyError:
raise Http404
gal = get_object_or_404(Gallery, pk=gal_pk)
gal_mode = get_object_or_404(UserGallery, gallery=gal, user=request.user)
# Disallow actions to read-only members
if gal_mode.mode != 'W':
raise Http404
if 'adduser' in request.POST:
form = UserGalleryForm(request.POST)
u = get_object_or_404(User, username=request.POST['user'])
if form.is_valid():
ug = UserGallery()
ug.user = u
ug.gallery = gal
ug.mode = 'W'
ug.save()
return redirect(gal.get_absolute_url())
def get_context_data(self, **kwargs):
context = super(GalleryDetails, self).get_context_data(**kwargs)
context['permissions'] = self.users_and_permissions[self.request.user.pk]
context['form'] = UserGalleryForm(gallery=self.gallery)
context['gallery'] = self.gallery
context['content_linked'] = self.linked_content()
context['current_user'] = self.request.user
context['mode_choices'] = UserGallery.MODE_CHOICES
return context
def get_context_data(self, **kwargs):
context = super(GalleryDetails, self).get_context_data(**kwargs)
context["permissions"] = self.users_and_permissions[self.request.user.pk]
context["form"] = UserGalleryForm(gallery=self.gallery)
context["gallery"] = self.gallery
context["content_linked"] = self.linked_content()
context["current_user"] = self.request.user
context["mode_choices"] = UserGallery.MODE_CHOICES
return context
def gallery_details(request, gal_pk, gal_slug):
"""Gallery details."""
gal = get_object_or_404(Gallery, pk=gal_pk)
try:
gal_mode = UserGallery.objects.get(gallery=gal, user=request.user)
except:
raise PermissionDenied
images = gal.get_images()
form = UserGalleryForm()
return render_template("gallery/gallery/details.html", {
"gallery": gal,
"gallery_mode": gal_mode,
"images": images,
"form": form,
})
def test_valid_user_gallery_form(self):
gallery = GalleryFactory()
data = {"action": "add", "user": self.profile, "mode": "R"}
form = UserGalleryForm(gallery=gallery, data=data)
self.assertTrue(form.is_valid())
def test_invalid_user_gallery_form_noexist_user(self):
gallery = GalleryFactory()
data = {"action": "add", "user": "******", "mode": "W"}
form = UserGalleryForm(gallery=gallery, data=data)
self.assertFalse(form.is_valid())
def modify_gallery(request):
"""Modify gallery instance: delete galleries or add user to them"""
# Global actions
if 'delete_multi' in request.POST:
list_items = request.POST.getlist('items')
# Don't delete gallery when it's link to tutorial
free_galleries = []
for g_pk in list_items:
# check if the gallery is not linked to a content
v2_content = PublishableContent.objects.filter(
gallery__pk=g_pk).first()
has_v2_content = v2_content is not None
if has_v2_content:
gallery = Gallery.objects.get(pk=g_pk)
_type = _(u'au tutoriel')
if v2_content.type == 'ARTICLE':
_type = _(u"à l'article")
error_message = _(u'La galerie « {} » ne peut pas être supprimée car elle est liée {} « {} ».')\
.format(gallery.title, _type, v2_content.title)
messages.error(request, error_message)
else:
free_galleries.append(g_pk)
perms = UserGallery.objects.filter(gallery__pk__in=free_galleries,
user=request.user,
mode='W').count()
# Check that the user has the RW right on each gallery
if perms < len(free_galleries):
raise PermissionDenied
# Delete all the permissions on all the selected galleries
UserGallery.objects.filter(gallery__pk__in=free_galleries).delete()
# Delete all the images of the gallery (autodelete of file)
Image.objects.filter(gallery__pk__in=free_galleries).delete()
# Finally delete the selected galleries
Gallery.objects.filter(pk__in=free_galleries).delete()
return redirect(reverse('gallery-list'))
elif 'adduser' in request.POST:
# Gallery-specific actions
try:
gal_pk = request.POST['gallery']
except KeyError:
raise Http404
gallery = get_object_or_404(Gallery, pk=gal_pk)
# Disallow actions to read-only members
try:
gal_mode = UserGallery.objects.get(gallery=gallery,
user=request.user)
if gal_mode.mode != 'W':
raise PermissionDenied
except:
raise PermissionDenied
form = UserGalleryForm(request.POST)
if form.is_valid():
user = get_object_or_404(User, username=request.POST['user'])
# If a user is already in a user gallery, we don't add him.
galleries = UserGallery.objects.filter(gallery=gallery,
user=user).all()
if galleries.count() > 0:
return redirect(gallery.get_absolute_url())
if user.profile.is_private():
return redirect(gallery.get_absolute_url())
user_gal = UserGallery()
user_gal.user = user
user_gal.gallery = gallery
user_gal.mode = request.POST['mode']
user_gal.save()
else:
return render(
request, 'gallery/gallery/details.html', {
'gallery': gallery,
'gallery_mode': gal_mode,
'images': gallery.get_images(),
'form': form,
})
return redirect(gallery.get_absolute_url())
def modify_gallery(request):
"""Modify gallery instance."""
# Global actions
if "delete_multi" in request.POST:
l = request.POST.getlist("items")
# Don't delete gallery when it's link to tutorial
free_galleries = []
for g_pk in l:
if Tutorial.objects.filter(gallery__pk=g_pk).exists():
gallery = Gallery.objects.get(pk=g_pk)
messages.error(request, "La galerie '{}' ne peut pas être supprimée car elle est liée à un tutoriel existant".format(gallery.title))
else:
free_galleries.append(g_pk)
perms = UserGallery.objects.filter(gallery__pk__in=free_galleries,
user=request.user, mode="W").count()
# Check that the user has the RW right on each gallery
if perms < len(free_galleries):
raise PermissionDenied
# Delete all the permissions on all the selected galleries
UserGallery.objects.filter(gallery__pk__in=free_galleries).delete()
# Delete all the images of the gallery (autodelete of file)
Image.objects.filter(gallery__pk__in=free_galleries).delete()
# Finally delete the selected galleries
Gallery.objects.filter(pk__in=free_galleries).delete()
return redirect(reverse("zds.gallery.views.gallery_list"))
elif "adduser" in request.POST:
# Gallery-specific actions
try:
gal_pk = request.POST["gallery"]
except KeyError:
raise Http404
gallery = get_object_or_404(Gallery, pk=gal_pk)
# Disallow actions to read-only members
try:
gal_mode = UserGallery.objects.get(gallery=gallery,
user=request.user)
if gal_mode.mode != "W":
raise PermissionDenied
except:
raise PermissionDenied
form = UserGalleryForm(request.POST)
if form.is_valid():
user = get_object_or_404(User, username=request.POST["user"])
# If a user is already in a user gallery, we don't add him.
galleries = UserGallery.objects.filter(gallery=gallery,
user=user).all()
if galleries.count() > 0:
return redirect(gallery.get_absolute_url())
ug = UserGallery()
ug.user = user
ug.gallery = gallery
ug.mode = request.POST["mode"]
ug.save()
else:
return render_template("gallery/gallery/details.html", {
"gallery": gallery,
"gallery_mode": gal_mode,
"images": gallery.get_images(),
"form": form,
})
return redirect(gallery.get_absolute_url())
def modify_gallery(request):
"""Modify gallery instance."""
# Global actions
if "delete_multi" in request.POST:
l = request.POST.getlist("items")
# Don't delete gallery when it's link to tutorial
free_galleries = []
for g_pk in l:
if Tutorial.objects.filter(gallery__pk=g_pk).exists():
gallery = Gallery.objects.get(pk=g_pk)
messages.error(
request,
"La galerie '{}' ne peut pas être supprimée car elle est liée à un tutoriel existant"
.format(gallery.title))
else:
free_galleries.append(g_pk)
perms = UserGallery.objects.filter(gallery__pk__in=free_galleries,
user=request.user,
mode="W").count()
# Check that the user has the RW right on each gallery
if perms < len(free_galleries):
raise PermissionDenied
# Delete all the permissions on all the selected galleries
UserGallery.objects.filter(gallery__pk__in=free_galleries).delete()
# Delete all the images of the gallery (autodelete of file)
Image.objects.filter(gallery__pk__in=free_galleries).delete()
# Finally delete the selected galleries
Gallery.objects.filter(pk__in=free_galleries).delete()
return redirect(reverse("zds.gallery.views.gallery_list"))
elif "adduser" in request.POST:
# Gallery-specific actions
try:
gal_pk = request.POST["gallery"]
except KeyError:
raise Http404
gallery = get_object_or_404(Gallery, pk=gal_pk)
# Disallow actions to read-only members
try:
gal_mode = UserGallery.objects.get(gallery=gallery,
user=request.user)
if gal_mode.mode != "W":
raise PermissionDenied
except:
raise PermissionDenied
form = UserGalleryForm(request.POST)
if form.is_valid():
user = get_object_or_404(User, username=request.POST["user"])
# If a user is already in a user gallery, we don't add him.
galleries = UserGallery.objects.filter(gallery=gallery,
user=user).all()
if galleries.count() > 0:
return redirect(gallery.get_absolute_url())
ug = UserGallery()
ug.user = user
ug.gallery = gallery
ug.mode = request.POST["mode"]
ug.save()
else:
return render_template(
"gallery/gallery/details.html", {
"gallery": gallery,
"gallery_mode": gal_mode,
"images": gallery.get_images(),
"form": form,
})
return redirect(gallery.get_absolute_url())
