def delete_invite(request, org_id, invite_id):
org = Organization.objects.get(pk=org_id)
invite = OrganizationInvitation.objects.get(pk=invite_id)
deletion = DeletionRecord(organization=org, deleter=request.user, deleted_invite=invite)
deletion.save()
invite.delete()
messages.success(request, "You have succesfully revoked the invitation for " + invite.email_to_invite + ".")
return HttpResponseRedirect(reverse("org_management"))
def delete_invite(request, org_id, invite_id):
org = Organization.objects.get(pk=org_id)
if not org.is_member(request.user):
return HttpResponseNotAllowed("Nice try, but you have to be an admin for an org to delete its invitations.")
invite = OrganizationInvitation.objects.get(pk=invite_id)
deletion = DeletionRecord(organization=org, deleter=request.user, deleted_invite=invite)
deletion.save()
invite.delete()
messages.success(request, "You have succesfully revoked the invitation for " + invite.email_to_invite + ".")
return HttpResponseRedirect(reverse("homepage"))
def delete_invite(request, org_id, invite_id):
org = Organization.objects.get(pk=org_id)
invite = OrganizationInvitation.objects.get(pk=invite_id)
deletion = DeletionRecord(organization=org,
deleter=request.user,
deleted_invite=invite)
deletion.save()
invite.delete()
messages.success(
request, "You have succesfully revoked the invitation for " +
invite.email_to_invite + ".")
return HttpResponseRedirect(reverse("org_management"))
def delete_admin(request, org_id, user_id):
org = Organization.objects.get(pk=org_id)
admin = org.users.get(pk=user_id)
if org.owner == admin:
raise PermissionDenied("The owner of an organization cannot be removed.")
if request.user == admin:
raise PermissionDenied("Your personal views are your own, but in this case " +
"you are not allowed to delete yourself.")
deletion = DeletionRecord(organization=org, deleter=request.user, deleted_user=admin)
deletion.save()
org.users.remove(admin)
messages.success(request, "You have succesfully removed " + admin.username + " as an administrator for " + org.name + ".")
return HttpResponseRedirect(reverse("org_management"))
def delete_admin(request, org_id, user_id):
org = Organization.objects.get(pk=org_id)
admin = org.users.get(pk=user_id)
if not org.is_member(request.user):
return HttpResponseNotAllowed("Nice try, but you have to be an admin for an org to delete someone from it.")
if org.owner == admin:
return HttpResponseNotAllowed("The owner of an organization cannot be removed.")
if request.user == admin:
return HttpResponseNotAllowed("Your personal views are your own, but in this case " +
"you are not allowed to delete yourself.")
deletion = DeletionRecord(organization=org, deleter=request.user, deleted_user=admin)
deletion.save()
org.users.remove(admin)
messages.success(request, "You have succesfully removed " + admin.username + " as an administrator for " + org.name + ".")
return HttpResponseRedirect(reverse("homepage"))
def delete_admin(request, org_id, user_id):
org = Organization.objects.get(pk=org_id)
admin = org.users.get(pk=user_id)
if org.owner == admin:
raise PermissionDenied(
"The owner of an organization cannot be removed.")
if request.user == admin:
raise PermissionDenied(
"Your personal views are your own, but in this case " +
"you are not allowed to delete yourself.")
deletion = DeletionRecord(organization=org,
deleter=request.user,
deleted_user=admin)
deletion.save()
org.users.remove(admin)
messages.success(
request, "You have succesfully removed " + admin.username +
" as an administrator for " + org.name + ".")
return HttpResponseRedirect(reverse("org_management"))
