def render(self, context):
request = context['request']
category = self.category.resolve(context)
try:
categories = map(int, category.split(','))
except:
context[self.var_name] = []
return ''
allowed_objects = get_allowed_objects(
request.user, ArticleCategory, 'reader')
categories = [ c for c in categories if c in allowed_objects]
if categories:
categories = ArticleCategory.objects.filter(pk__in=categories)
mao = get_allowed_objects(
request.user, ArticleCategory, 'reader')
stories = ArticleStory.objects.select_related().filter(
categories__in=categories).distinct().order_by('-time_updated')[:int(self.limit)]
for story in stories:
story.current_categories = story.categories.all()
story.current_category = story.current_categories[0]
story.url = reverse('view_story', args=[story.current_category.pk, story.pk, story.slug])
intersect = set(mao).intersection( set([category.pk for category in story.current_categories]))
if intersect:
story.edit__url = reverse('edit_story', args=[story.pk])
else:
stories = []
context[self.var_name] = stories
return ''
def auto_completion_search_members(context, input_suggest):
"""
Render an auto completion to search users.
Override ``account/ac_search_users.html`` if you want to change the
design.
"""
request = context['request']
input_suggest = input_suggest
data = []
ao = set([])
ao_member = get_allowed_objects(request.user, Community, 'member')
ao = ao.union(set(ao_member))
ao_manage = get_allowed_objects(request.user, Community, 'manage')
ao = ao.union(set(ao_manage))
communities = Community.objects.filter(id__in=ao).order_by('name')
objects = set([])
for com in communities:
objects = objects.union(set(get_acl_by_object(com, 'member')))
objects = objects.union(set(get_acl_by_object(com, 'manage')))
data.append([com.name, ("g-%s" % str(com.id))])
data.extend([("%s %s" % (x.last_name, x.first_name), ("u-%s" % str(x.id)))
for x in objects])
members_data = simplejson.dumps(data)
return locals()
def auto_completion_search_members(context, input_suggest):
"""
Render an auto completion to search users.
Override ``account/ac_search_users.html`` if you want to change the
design.
"""
request = context['request']
input_suggest = input_suggest
data = []
ao = set([])
ao_member = get_allowed_objects(request.user, Community, 'member')
ao = ao.union(set(ao_member))
ao_manage = get_allowed_objects(request.user, Community, 'manage')
ao = ao.union(set(ao_manage))
communities = Community.objects.filter(id__in=ao).order_by('name')
objects = set([])
for com in communities:
objects = objects.union(set(get_acl_by_object(com, 'member')))
objects = objects.union(set(get_acl_by_object(com, 'manage')))
data.append([com.name, ("g-%s" % str(com.id))])
data.extend([("%s %s" % (x.last_name, x.first_name), ("u-%s" % str(x.id)))
for x in objects])
members_data = simplejson.dumps(data)
return locals()
def get_menu_children(request, menu):
ao_articles = get_allowed_objects(request.user, ArticleCategory, 'reader')
ao_faqs = get_allowed_objects(request.user, Faq, 'reader')
ao_forms_sub = get_allowed_objects(request.user, FormsForm, 'creator')
ao_forms_list = get_allowed_objects(request.user, FormsForm, 'viewer')
ct_articles = ContentType.objects.get(model='articlecategory')
ct_faqs = ContentType.objects.get(model='faq')
ct_forms = ContentType.objects.get(model='formsform')
children = menu.get_children().filter(
Q(object_id__in=ao_articles, content_type=ct_articles)
| Q(object_id__in=ao_faqs, content_type=ct_faqs)
| Q(object_id__in=ao_forms_sub, content_type=ct_forms)
| Q(object_id__in=ao_forms_list, content_type=ct_forms)
| Q(object_id__isnull=True))
for child in children:
if child.object_id and child.content_type == ct_articles:
child.url = child.content_object.get_url_path()
elif child.object_id and child.content_type == ct_faqs:
child.url = child.content_object.get_url_path()
elif child.object_id and child.content_type == ct_forms:
if child.extra_info == 'submission':
child.url = child.content_object.get_url_path()
else:
child.url = child.content_object.get_url_browse_path()
return children
def dirlist_shared(request):
r = ['<ul class="jqueryFileTree" style="display: none;">']
category = request.GET.get('dir', '')
ob = get_allowed_objects(request.user, ZornaNoteCategory, 'viewer')
try:
category = category.rstrip('/')
c = category.split('/')
category = ZornaNoteCategory.objects.get(pk=int(c[-1]))
except:
category = None
if category:
ob_list = ZornaNoteCategory.objects.filter(pk__in=ob, parent=category)
pcat = "%s/" % category.pk
else:
ob_list = ZornaNoteCategory.objects.filter(pk__in=ob,
parent__isnull=True)
pcat = ''
for cat in ob_list:
r.append(
'<li class="directory collapsed"><a href="#" id="%s" rel="%s%s/">%s</a></li>'
% (cat.pk, pcat, cat.pk, cat.name))
r.append('</ul>')
return HttpResponse(''.join(r))
def manager_list_faqs(request):
aom = get_allowed_objects(request.user, Faq, "manager")
aoc = get_allowed_objects(request.user, Faq, "reader")
allowed_objects = list(set(aom) | set(aoc))
if len(allowed_objects) == 0:
return HttpResponseRedirect("/")
ob_list = Faq.objects.filter(pk__in=allowed_objects)
for ob in ob_list:
if ob.pk in aom:
ob.manager = True
else:
ob.manager = False
extra_context = {}
extra_context["faq_list"] = ob_list
context = RequestContext(request)
return render_to_response("faq/manager_list_faqs.html", extra_context, context_instance=context)
def view_story(request, category, story, slug):
allowed_objects = get_allowed_objects(
request.user, ArticleCategory, 'reader')
category = int(category)
if category in allowed_objects:
category = ArticleCategory.objects.get(pk=category)
try:
story = ArticleStory.objects.get(pk=story, categories=category)
except ArticleStory.DoesNotExist:
return HttpResponseForbidden()
story.edit_url = story.get_edit_url(request.user)
extra_context = {}
extra_context['ancestors'] = category.get_ancestors()
extra_context['category'] = category
extra_context['story'] = story
extra_context['story_comments'] = ArticleComments.objects.filter(
article=story)
extra_context['zorna_title_page'] = story.title
try:
avatar_user = UserAvatar.objects.get(user=story.owner)
except UserAvatar.DoesNotExist:
avatar_user = None
extra_context['avatar_user'] = avatar_user
extra_context['recent_stories'] = ArticleStory.objects.filter(
owner=story.owner, categories__in=allowed_objects).distinct().exclude(pk=story.pk).order_by('-time_created')[0:10]
for s in extra_context['recent_stories']:
s.category = s.categories.all()[0]
context = RequestContext(request)
return render_to_response(['story_%s.html' % category.slug, 'story_default.html', 'articles/story_default.html'], extra_context, context_instance=context)
else:
return HttpResponseRedirect('/')
def pages_item_menu(context, category, permission, template='pages_item_menu.html'):
request = context['request']
allowed_objects = get_allowed_objects(
request.user, ArticleCategory, permission)
children = category.get_children().filter(id__in=allowed_objects)
for cat in children:
cat.url = cat.get_url_path()
return {'template': template, 'children': children, 'category': category, 'request': request}
def render(self, context):
object = self.object.resolve(context)
request = context['request']
allowed_objects = get_allowed_objects(
request.user, ArticleCategory, 'reader')
context[self.var_name] = object.get_ancestors().filter(
id__in=allowed_objects)
return ''
def is_user_community_manager(user, community_id=0):
allowed_objects = get_allowed_objects(user, Community, 'manage')
if community_id == 0:
return len(allowed_objects) != 0
elif community_id in allowed_objects:
return True
else:
return False
def get_contributor_messages(request, member):
allowed_objects = get_allowed_objects(
request.user, Community, ['member', 'manage'])
# messages =
# MessageCommunity.objects.select_related().filter(Q(communities__in=allowed_objects)
# & (Q(owner=member)|Q(messagecommunity__owner=member)))
messages = MessageCommunity.objects.select_related().filter(Q(communities__in=allowed_objects) & (
Q(owner=member, reply__isnull=True) | Q(messagecommunity__owner=member)))
return messages
def manager_list_faqs(request):
aom = get_allowed_objects(request.user, Faq, 'manager')
aoc = get_allowed_objects(request.user, Faq, 'reader')
allowed_objects = list(set(aom) | set(aoc))
if len(allowed_objects) == 0:
return HttpResponseRedirect('/')
ob_list = Faq.objects.filter(pk__in=allowed_objects)
for ob in ob_list:
if ob.pk in aom:
ob.manager = True
else:
ob.manager = False
extra_context = {}
extra_context['faq_list'] = ob_list
context = RequestContext(request)
return render_to_response('faq/manager_list_faqs.html',
extra_context,
context_instance=context)
def alerts(request):
from zorna.site.models import SiteAlert
ao = get_allowed_objects(request.user, SiteAlert, 'viewer')
alerts = SiteAlert.objects.filter(
pk__in=ao, start__lte=datetime.datetime.now(), end__gte=datetime.datetime.now())
context_extras = {}
context_extras['ALERTS'] = alerts
return context_extras
def get_message_by_id(request, message_id):
allowed_objects = get_allowed_objects(
request.user, Community, ['member', 'manage'])
if request.user.is_authenticated():
messages = MessageCommunity.objects.select_related().filter(Q(communities__in=allowed_objects) | Q(
users=request.user) | Q(owner=request.user), reply__isnull=True, pk=message_id)
else:
messages = MessageCommunity.objects.select_related().filter(Q(
communities__in=allowed_objects), reply__isnull=True, pk=message_id)
return messages
def render(self, context):
request = context['request']
allowed_objects = get_allowed_objects(
request.user, ArticleCategory, self.permission)
object = self.object.resolve(context)
categories = object.get_children().filter(id__in=allowed_objects)
for cat in categories:
cat.url = cat.get_url_path()
context[self.var_name] = categories
return ''
def writer_stories_list(request):
q = request.GET.get('q', None)
aom = get_allowed_objects(
request.user, ArticleCategory, 'manager')
aow = get_allowed_objects(
request.user, ArticleCategory, 'writer')
if q:
ob_list = ArticleStory.objects.filter(Q(title__icontains=q) & (Q(owner=request.user) | Q(categories__in=aom))).annotate(
Count('categories')).order_by('-time_updated')
else:
ob_list = ArticleStory.objects.filter(Q(owner=request.user) | Q(categories__in=aom)).annotate(
Count('categories')).order_by('-time_updated')
extra_context = {}
context = RequestContext(request)
if ob_list or aow:
extra_context['stories_list'] = ob_list
return render_to_response('articles/writer_stories_list.html', extra_context, context_instance=context)
return HttpResponseForbidden()
def render(self, context):
request = context['request']
allowed_objects = get_allowed_objects(
request.user, ArticleCategory, self.permission)
categories = ArticleCategory.objects.filter(
parent__isnull=True, id__in=allowed_objects)
for cat in categories:
cat.url = cat.get_url_path()
context[self.var_name] = categories
return ''
def isUserManager(request, slug):
try:
fw = FormsWorkspace.objects.get(slug=slug)
ao = get_allowed_objects(request.user, FormsWorkspace, 'manager')
if fw.pk in ao:
return fw
else:
return False
except:
return False
def isUserManager(request, slug):
try:
fw = FormsWorkspace.objects.get(slug=slug)
ao = get_allowed_objects(request.user, FormsWorkspace, 'manager')
if fw.pk in ao:
return fw
else:
return False
except:
return False
def get_edit_url(self, user):
if self.owner == user:
return reverse('edit_story', args=[self.pk])
allowed_objects = get_allowed_objects(
user, ArticleCategory, 'manager')
intersect = set(allowed_objects).intersection( set([category.pk for category in self.categories.all()]))
if intersect:
return reverse('edit_story', args=[self.pk])
return None
def notes_get_content(request, extra={}, category=None):
if request.user.is_authenticated():
extra_context = dict(**extra)
extra_context['category'] = category
extra_context['search_text'] = request.GET.get('search_text', '')
extra_context['search_tag'] = request.GET.get('search_tag', '')
if category:
try:
category = ZornaNoteCategory.objects.get(pk=category)
check = get_acl_for_model(ZornaNoteCategory)
extra_context['owner'] = category.owner == request.user
if extra_context['owner'] or check.viewer_zornanotecategory(category, request.user):
extra_context['category'] = category
extra_context[
'category_ancestors'] = category.get_ancestors()
notes = category.zornanote_set.all()
if extra_context['search_text']:
notes = notes.filter(Q(title__icontains=extra_context[
'search_text']) | Q(content__icontains=extra_context['search_text']))
if extra_context['search_tag']:
notes = notes.filter(Q(
tags__icontains=extra_context['search_tag']))
for n in notes:
n.attachments = []
for f in n.zornanotefile_set.all():
n.attachments.append({'file_name': os.path.basename(
f.file.name), 'pk': f.pk})
extra_context['notes'] = notes
except Exception as e:
return '%s' % e
else:
ob = get_allowed_objects(request.user, ZornaNoteCategory, 'viewer')
extra_context['owner'] = False
extra_context['category'] = None
extra_context['category_ancestors'] = []
notes = ZornaNote.objects.filter(Q(
owner=request.user) | Q(category__in=ob))
if extra_context['search_text']:
notes = notes.filter(Q(title__icontains=extra_context[
'search_text']) | Q(content__icontains=extra_context['search_text']))
if extra_context['search_tag']:
notes = notes.filter(Q(
tags__icontains=extra_context['search_tag']))
for n in notes:
n.attachments = []
for f in n.zornanotefile_set.all():
n.attachments.append({'file_name': os.path.basename(
f.file.name), 'pk': f.pk})
extra_context['notes'] = notes
t = loader.get_template('notes/notes_view_notes.html')
c = RequestContext(request, extra_context)
return t.render(c)
else:
return 'Access denied'
def render(self, context):
request = context['request']
try:
ct = ContentType.objects.get(
app_label=self.app_name, model=self.model)
ob = get_allowed_objects(
request.user, ct.model_class(), self.permission)
context[self.var_name] = ob
except:
pass
return ''
def render(self, context):
request = context['request']
try:
ct = ContentType.objects.get(app_label=self.app_name,
model=self.model)
ob = get_allowed_objects(request.user, ct.model_class(),
self.permission)
context[self.var_name] = ob
except:
pass
return ''
def render(self, context):
request = context['request']
check = get_acl_for_model(Community)
allowed_objects = get_allowed_objects(request.user, Community,
'member')
communities = Community.objects.filter(
id__in=allowed_objects).order_by('name')
for com in communities:
com.manager = check.manage_community(com, request.user)
com.member = True
context[self.var_name] = communities
return ''
def render(self, context):
request = context['request']
check = get_acl_for_model(Community)
allowed_objects = get_allowed_objects(
request.user, Community, 'member')
communities = Community.objects.filter(
id__in=allowed_objects).order_by('name')
for com in communities:
com.manager = check.manage_community(com, request.user)
com.member = True
context[self.var_name] = communities
return ''
def render(self, context):
request = context['request']
s = self.story.resolve(context)
allowed_objects = get_allowed_objects(
request.user, ArticleCategory, 'reader')
mao = get_allowed_objects(
request.user, ArticleCategory, 'manager')
stories = ArticleStory.objects.select_related().filter(
categories__in=allowed_objects, pk=int(s))
if stories:
story = stories[0]
story.current_categories = story.categories.all()
story.current_category = story.current_categories[0]
story.url = reverse('view_story', args=[story.current_category.pk, story.pk, story.slug])
intersect = set(mao).intersection( set([category.pk for category in story.current_categories]))
if intersect:
story.edit__url = reverse('edit_story', args=[story.pk])
context[self.var_name] = story
else:
context[self.var_name] = None
return ''
def render(self, context):
request = context['request']
events_list = []
try:
resource = ZornaResourceCalendar.objects.get(pk=self.cal_id)
calendar = get_resource_calendar(resource)
ao = get_allowed_objects(request.user, type(calendar), 'viewer')
if calendar.pk in ao:
events_list = get_events_for_object(
resource, self.start_date, self.end_date)
except:
pass
context[self.var_name] = events_list
return ''
def get_menu_children(request, menu):
ao_articles = get_allowed_objects(request.user, ArticleCategory, 'reader')
ao_faqs = get_allowed_objects(request.user, Faq, 'reader')
ao_forms_sub = get_allowed_objects(request.user, FormsForm, 'creator')
ao_forms_list = get_allowed_objects(request.user, FormsForm, 'viewer')
ct_articles = ContentType.objects.get(model='articlecategory')
ct_faqs = ContentType.objects.get(model='faq')
ct_forms = ContentType.objects.get(model='formsform')
children = menu.get_children().filter(Q(object_id__in=ao_articles, content_type=ct_articles) |
Q(object_id__in=ao_faqs, content_type=ct_faqs) |
Q(object_id__in=ao_forms_sub, content_type=ct_forms) |
Q(object_id__in=ao_forms_list, content_type=ct_forms) |
Q(object_id__isnull=True))
for child in children:
if child.object_id and child.content_type == ct_articles:
child.url = child.content_object.get_url_path()
elif child.object_id and child.content_type == ct_faqs:
child.url = child.content_object.get_url_path()
elif child.object_id and child.content_type == ct_forms:
if child.extra_info == 'submission':
child.url = child.content_object.get_url_path()
else:
child.url = child.content_object.get_url_browse_path()
return children
def is_manager_by_message(user, message):
baccess = False
allowed_objects = get_allowed_objects(user, Community, 'manage')
c = Community.objects.filter(
messagecommunity__pk=message, pk__in=allowed_objects)
if c:
baccess = True
elif user.is_authenticated():
# is this message owned by current user?
try:
MessageCommunity.objects.get(pk=message, owner=user)
baccess = True
except MessageCommunity.DoesNotExist:
baccess = False
return baccess
def render(self, context):
request = context['request']
s = self.story.resolve(context)
allowed_objects = get_allowed_objects(
request.user, ArticleCategory, 'reader')
stories = ArticleStory.objects.select_related().filter(
categories__in=allowed_objects, pk=s.pk)
attachments = s.articleattachments_set.all()
for f in attachments:
f.file_name = os.path.basename(f.attached_file.name)
f.file_url = reverse('get_story_file', args=[f.pk])
if stories:
context[self.var_name] = attachments
else:
context[self.var_name] = None
return ''
def dirlist_communities_folders(request):
r = ['<ul class="jqueryFileTree" style="display: none;">']
ppath = request.GET.get('dir', '')
ppath = urllib.unquote(ppath.rstrip('/'))
path = clean_path(ppath)
if path != ppath:
path = ''
if path:
buser, bmanager = get_user_access_to_path(request.user, path)
if buser:
ret = get_sub_folders(path)
else:
ret = []
else:
ppath = request.GET.get('path', None)
if ppath:
ppath = urllib.unquote(ppath.rstrip('/'))
folder_dest = clean_path(ppath)
buser, bmanager = get_user_access_to_path(
request.user, folder_dest)
if buser:
ret = get_sub_folders(folder_dest, request.user)
else:
ret = []
else:
allowed_objects = set([])
for perm in ['member', 'manage']:
objects = get_allowed_objects(request.user, Community, perm)
allowed_objects = allowed_objects.union(set(objects))
root_path = get_upload_library()
ret = []
com = Community.objects.filter(
pk__in=allowed_objects, enable_documents=True)
for c in com:
path = u"C%s" % c.pk
fullpath = u"%s/%s" % (root_path, path)
if not os.path.isdir(fullpath):
os.makedirs(fullpath)
pathx = c.name
ret.append({'name': pathx, 'rel': path})
for d in ret:
r.append(
'<li class="directory collapsed"><a href="#" rel="%s/" title="%s/">%s</a></li>' %
(d['rel'], d['rel'], d['name']))
r.append('</ul>')
return HttpResponse(''.join(r))
def dirlist_communities_folders(request):
r = ['<ul class="jqueryFileTree" style="display: none;">']
ppath = request.GET.get('dir', '')
ppath = urllib.unquote(ppath.rstrip('/'))
path = clean_path(ppath)
if path != ppath:
path = ''
if path:
buser, bmanager = get_user_access_to_path(request.user, path)
if buser:
ret = get_sub_folders(path)
else:
ret = []
else:
ppath = request.GET.get('path', None)
if ppath:
ppath = urllib.unquote(ppath.rstrip('/'))
folder_dest = clean_path(ppath)
buser, bmanager = get_user_access_to_path(
request.user, folder_dest)
if buser:
ret = get_sub_folders(folder_dest, request.user)
else:
ret = []
else:
allowed_objects = set([])
for perm in ['member', 'manage']:
objects = get_allowed_objects(request.user, Community, perm)
allowed_objects = allowed_objects.union(set(objects))
root_path = get_upload_library()
ret = []
com = Community.objects.filter(
pk__in=allowed_objects, enable_documents=True)
for c in com:
path = u"C%s" % c.pk
fullpath = u"%s/%s" % (root_path, path)
if not os.path.isdir(fullpath):
os.makedirs(fullpath)
pathx = c.name
ret.append({'name': pathx, 'rel': path})
for d in ret:
r.append(
'<li class="directory collapsed"><a href="#" rel="%s/" title="%s/">%s</a></li>' %
(d['rel'], d['rel'], d['name']))
r.append('</ul>')
return HttpResponse(''.join(r))
def recent_files(request, what, limit):
roots = []
if what == "all" or what == "personal":
bpersonal = SiteOptions.objects.is_access_valid(request.user, "zorna_personal_documents")
if bpersonal:
roots.extend(["U%s" % request.user.pk])
if what == "all" or what == "shared":
aof = get_allowed_shared_folders(request.user, ["writer", "reader", "manager"])
roots.extend(["F%s" % f for f in aof])
for f in aof:
for d in ZornaFolder.objects.get(pk=f).get_descendants().exclude(inherit_permissions=False):
roots.append("F%s" % d.pk)
if what == "all" or what == "communities":
aof = get_allowed_objects(request.user, Community, ["manage", "member"])
roots.extend(["C%s" % f for f in aof])
return recent_files_folders(request, roots, limit)
def get_user_calendars(user, permissions=['viewer']):
allowed_objects = set([])
for perm in permissions:
objects = get_allowed_objects(user, ZornaCalendar, perm)
allowed_objects = allowed_objects.union(set(objects))
b_personal_calendar = SiteOptions.objects.is_access_valid(
user, 'zorna_personal_calendar')
if b_personal_calendar:
pcal = get_personal_calendar(User.objects.get(pk=user.pk))
allowed_objects.update([pcal.pk])
communities = get_communities(user)
for com in communities:
if com.enable_calendar:
cal = com.get_calendar()
allowed_objects.update([cal.pk])
allowed_objects = ZornaCalendar.objects.filter(pk__in=allowed_objects)
return allowed_objects
def get_messages_by_content_type(request, ct, community_id=0):
allowed_objects = get_allowed_objects(
request.user, Community, ['member', 'manage'])
if request.user.is_authenticated():
if community_id and int(community_id) in allowed_objects:
messages = MessageCommunity.objects.select_related().filter(Q(communities=community_id) | Q(
users=request.user) | Q(owner=request.user), messagecommunityextra__content_type=ct)
else:
messages = MessageCommunity.objects.select_related().filter(Q(communities__in=allowed_objects) | Q(
users=request.user) | Q(owner=request.user), messagecommunityextra__content_type=ct)
else:
if community_id and int(community_id) in allowed_objects:
messages = MessageCommunity.objects.select_related().filter(Q(
communities=community_id), messagecommunityextra__content_type=ct)
else:
messages = MessageCommunity.objects.select_related().filter(Q(
communities__in=allowed_objects), messagecommunityextra__content_type=ct)
return messages.distinct()
def render(self, context):
request = context['request']
try:
menu_item = self.menu_item.resolve(context)
except:
menu_item = self.menu_item
try:
mi = ZornaMenuItem.objects.get(slug=menu_item)
except ZornaMenuItem.DoesNotExist:
return ''
ao_articles = get_allowed_objects(
request.user, ArticleCategory, 'reader')
if mi.object_id and mi.content_type == ContentType.objects.get(model='ArticleCategory'):
if not mi.object_id in ao_articles:
return ''
mi.menu_children = get_menu_children(request, mi)
context[self.var_name] = mi
return ''
def render(self, context):
request = context['request']
try:
menu_item = self.menu_item.resolve(context)
except:
menu_item = self.menu_item
try:
mi = ZornaMenuItem.objects.get(slug=menu_item)
except ZornaMenuItem.DoesNotExist:
return ''
ao_articles = get_allowed_objects(request.user, ArticleCategory,
'reader')
if mi.object_id and mi.content_type == ContentType.objects.get(
model='ArticleCategory'):
if not mi.object_id in ao_articles:
return ''
mi.menu_children = get_menu_children(request, mi)
context[self.var_name] = mi
return ''
def get_story_file(request, file_id):
try:
file = ArticleAttachments.objects.get(pk=file_id)
story = file.article
allowed_objects = get_allowed_objects(
request.user, ArticleCategory, 'reader')
al = story.categories.filter(pk__in=allowed_objects)
if len(al) == 0:
return HttpResponseForbidden()
except:
return HttpResponseForbidden()
path = "%s/%s" % (get_upload_articles_files(), file.attached_file.name)
fp = open(path, 'rb')
content_type = file.mimetype
response = HttpResponse(fp.read(), content_type=content_type)
response['Content-Length'] = os.path.getsize(path)
response['Content-Disposition'] = "attachment; filename=%s" % os.path.basename(
file.attached_file.name)
return response
def get_allowed_folders(request, what='all'):
roots = []
if what == 'all' or what == 'personal':
bpersonal = SiteOptions.objects.is_access_valid(
request.user, 'zorna_personal_documents')
if bpersonal:
roots.extend(['U%s' % request.user.pk])
if what == 'all' or what == 'shared':
aof = get_allowed_shared_folders(
request.user, ['writer', 'reader', 'manager'])
roots.extend(['F%s' % f for f in aof])
for f in aof:
for d in ZornaFolder.objects.get(pk=f).get_descendants().exclude(inherit_permissions=False):
roots.append('F%s' % d.pk)
if what == 'all' or what == 'communities':
aof = get_allowed_objects(
request.user, Community, ['manage', 'member'])
roots.extend(['C%s' % f for f in aof])
return roots
def is_member_by_message(user, message):
baccess = False
allowed_objects = get_allowed_objects(user, Community, 'member')
c = Community.objects.filter(
messagecommunity__pk=message, pk__in=allowed_objects)
if c:
baccess = True
elif user.is_authenticated():
# is this message is sent to current user?
# u =
# User.objects.filter(Q(message_users__messagecommunity__pk=message,
# pk=user.pk))
l = MessageCommunity.objects.filter(users=user, pk=message)
if l:
baccess = True
else:
try:
MessageCommunity.objects.get(pk=message, owner=user)
baccess = True
except MessageCommunity.DoesNotExist:
pass
return baccess
def get_story_image(request, story, size=None):
try:
story = ArticleStory.objects.select_related().get(pk=story)
allowed_objects = get_allowed_objects(
request.user, ArticleCategory, 'reader')
al = story.categories.filter(pk__in=allowed_objects)
if len(al) == 0:
return HttpResponseRedirect('/')
except:
return HttpResponseRedirect('/')
path = u"%s/%s" % (get_upload_articles_images(), story.image)
if size:
miniature = resize_image(story.image.path, size)
split = path.rsplit('/', 1)
path = '%s/%s' % (split[0], miniature)
try:
image_data = open(path, "rb").read()
return HttpResponse(image_data, mimetype=story.mimetype)
except:
return HttpResponse('')
def get_allowed_folders(request, what='all'):
roots = []
if what == 'all' or what == 'personal':
bpersonal = SiteOptions.objects.is_access_valid(
request.user, 'zorna_personal_documents')
if bpersonal:
roots.extend(['U%s' % request.user.pk])
if what == 'all' or what == 'shared':
aof = get_allowed_shared_folders(request.user,
['writer', 'reader', 'manager'])
roots.extend(['F%s' % f for f in aof])
for f in aof:
for d in ZornaFolder.objects.get(pk=f).get_descendants().exclude(
inherit_permissions=False):
roots.append('F%s' % d.pk)
if what == 'all' or what == 'communities':
aof = get_allowed_objects(request.user, Community,
['manage', 'member'])
roots.extend(['C%s' % f for f in aof])
return roots
