def groupsView(request, group_id):
if not request.user.is_authenticated:
raise PermissionDenied
# group_id = request.POST.get("group_id", "default")
if not group_exists(group_id):
raise PermissionDenied
group = Groups.objects.get(id=group_id)
if group.post_view_access == 0 and (not isMember(request.user, group)
and not isAdmin(request.user, group)):
raise PermissionDenied
obj = Groups.objects.get(pk=group_id)
x = giveGroupMembers(obj)
all_posts = getGroupPosts(group)
# pending_requests = getPendingRequests(obj)
# context = {'members': x, 'group_id': group_id, 'member_requests': pending_requests}
is_admin = isAdmin(request.user, group)
# is_member = isMember(request.user, group)
# print(is_admin)
can_post = isMember(request.user, group) or isAdmin(request.user, group)
print(isMember(request.user, group))
context = {
'members': x,
'group_id': group_id,
'group': group,
'all_posts': all_posts,
'is_admin': is_admin,
'can_post': can_post
}
return render(request, 'group_view.html', context)
def update_group_details(request):
if not request.user.is_authenticated:
raise PermissionDenied
group_id = request.POST.get("group_id", "null")
if not group_exists(group_id):
raise PermissionDenied
group = Groups.objects.get(id=group_id)
if not isAdmin(request.user, group):
raise PermissionDenied
group_name = request.POST.get("group_name", "null")
group_description = request.POST.get("group_description", "null")
group_fees = 0
try:
group_fees = int(request.POST.get("group_fees", "null"))
except:
raise PermissionDenied
if group_fees < 0:
raise PermissionDenied
if group_fees != group.fees:
transaction_now = Transaction.objects.filter(transaction_user_2=request.user, transaction_group=True, transaction_accepted=False)
for transaction in transaction_now:
transaction.transaction_user_1.user_balance += transaction.transaction_amount
transaction.transaction_user_1.save()
transaction_now.delete()
Group_Members.objects.filter(confirmed=False, group_id=group_id).delete()
group.group_name = group_name
group.description = group_description
group.fees = group_fees
group.save()
return HttpResponseRedirect(reverse('privacy_settings:group_settings', kwargs={'group_id' : group_id}))
def add_group_post(request):
if not request.user.is_authenticated:
raise PermissionDenied
group_id = request.POST.get("group_id", "null")
member_id = request.POST.get("member_id", "null")
post_text = request.POST.get("post_text", "null")
utils.check_captcha(request)
if not group_exists(group_id):
raise PermissionDenied
if not member_exists(member_id):
raise PermissionDenied
group = Groups.objects.get(id=group_id)
member = CustomUser.objects.get(id=member_id)
if not (isMember(member, group) or isAdmin(member, group)):
raise PermissionDenied
Group_Posts.objects.create(group=group,
author=member,
description=post_text)
return HttpResponseRedirect(
reverse('groups:group_view', kwargs={'group_id': group_id}))
def group_settings(request, group_id):
if not request.user.is_authenticated:
raise PermissionDenied
if not group_exists(group_id):
raise PermissionDenied
group = Groups.objects.get(id=group_id)
if not isAdmin(request.user, group):
raise PermissionDenied
context = {'group' : group}
return render(request, 'group_settings.html', context=context)
def acceptJoinRequest(request):
if not request.user.is_authenticated:
raise PermissionDenied
if request.user.user_type == 1:
raise PermissionDenied
group_id = request.POST.get("group_id", "default")
member_id = request.POST.get("member_id", "default")
if not group_exists(group_id):
raise PermissionDenied
if not member_exists(member_id):
raise PermissionDenied
## zap
group = Groups.objects.get(id=group_id)
if not isAdmin(request.user, group):
raise PermissionDenied
member = CustomUser.objects.get(id=member_id)
# print(group_id, member_id)
obj = None
try:
obj = Group_Members.objects.get(member_id=member_id, group_id=group_id)
except:
raise PermissionDenied
transaction = None
try:
transaction = Transaction.objects.get(transaction_user_1=member,
transaction_user_2=group.admin,
transaction_group=True,
transaction_accepted=False,
transaction_amount=group.fees)
except:
raise PermissionDenied
obj.confirmed = True
obj.save()
group = Groups.objects.get(id=group_id)
group.admin.user_balance += group.fees
group.admin.save()
transaction.transaction_accepted = True
transaction.save()
return HttpResponseRedirect(reverse('groups:group_admin'))
def update_post_view_access(request): # actually it restricts from showing the whole group
if not request.user.is_authenticated:
raise PermissionDenied
group_id = request.POST.get("group_id", "null")
if not group_exists(group_id):
raise PermissionDenied
group = Groups.objects.get(id = group_id)
if not isAdmin(request.user, group):
raise PermissionDenied
post_view_access = 0
try:
post_view_access = int(request.POST.get("post_view_access", "null"))
except:
raise PermissionDenied
if post_view_access not in [0, 1]:
raise PermissionDenied
group.post_view_access = post_view_access
group.save()
return HttpResponseRedirect(reverse('privacy_settings:group_settings', kwargs={'group_id': group_id}))
def update_member_deletion_access(request):
if not request.user.is_authenticated:
raise PermissionDenied
group_id = request.POST.get("group_id", "null")
if not group_exists(group_id):
raise PermissionDenied
group = Groups.objects.get(id = group_id)
if not isAdmin(request.user, group):
raise PermissionDenied
member_deletion_access = 0
try:
member_deletion_access = int(request.POST.get("member_deletion_access", "null"))
except:
raise PermissionDenied
if member_deletion_access not in [0, 1]:
raise PermissionDenied
group.member_deletion_access = member_deletion_access
group.save()
return HttpResponseRedirect(reverse('privacy_settings:group_settings', kwargs={'group_id': group_id}))
def remove_other_from_group(request):
if not request.user.is_authenticated:
raise PermissionDenied
group_id = request.POST.get("group_id", "default")
username = request.POST.get("username", "default")
if not group_exists(group_id):
raise PermissionDenied
if not username_exists(username):
raise PermissionDenied
group = Groups.objects.get(id=group_id)
_user = CustomUser.objects.get(username=username)
# print(isAdmin(_user, group))
if not isAdmin(request.user, group) and group.member_deletion_access == 0:
raise PermissionDenied
members = Group_Members.objects.filter(member=_user, group_id=group_id)
if len(members) == 0:
raise PermissionDenied
members.delete()
return HttpResponseRedirect(
reverse('groups:group_view', kwargs={'group_id': group_id}))
def rejectJoinRequest(request):
if not request.user.is_authenticated:
raise PermissionDenied
if request.user.user_type == 1:
raise PermissionDenied
group_id = request.POST.get("group_id", "default")
member_id = request.POST.get("member_id", "default")
if not group_exists(group_id):
raise PermissionDenied
if not member_exists(member_id):
raise PermissionDenied
member = CustomUser.objects.get(id=member_id)
group = Groups.objects.get(id=group_id)
if not isAdmin(request.user, group):
raise PermissionDenied
try:
Group_Members.objects.get(member_id=member_id,
group_id=group_id).delete()
except:
raise PermissionDenied
try:
Transaction.objects.get(transaction_user_1=member,
transaction_user_2=group.admin,
transaction_group=True,
transaction_accepted=False,
transaction_amount=group.fees).delete()
except:
raise PermissionDenied
member.user_balance += group.fees
member.save()
return HttpResponseRedirect(reverse('groups:group_admin'))