class UniversitySubjectDetailView(BaseManageView):
"""
Manage to change/delete based on UniversitySubject model
"""
error_messages = {
"__all__": {
"invalid": "This university or subject is invalid",
}
}
def __init__(self, *args, **kwargs):
self.VIEWS_BY_METHOD = {
'GET': self.get_subject,
'POST': self.add_subject,
'DELETE': self.delete_subject,
}
def get_subject(self, request, university_id, subject_id):
try:
univ_subject = UniversitySubject.objects.select_related(
"university", "subject").get(university=university_id,
subject=subject_id)
except UniversitySubject.DoesNotExist:
return self.json_error(field='__all__', code="invalid")
else:
result = univ_subject.parse_profile()
return JsonResponse(result)
@method_decorator(
permission_required_or_403("university.change_university",
(University, 'id', 'university_id')))
def add_subject(self, request, university_id, subject_id):
form = UniversitySubjectCreateForm({
"university": university_id,
"subject": subject_id
})
if form.is_valid():
form.save()
return JsonResponse({"success": True}, status=201)
else:
error = form.errors.get_json_data()
return JsonResponse(error, status=404)
@method_decorator(
permission_required_or_403("university.change_university",
(University, 'id', 'university_id')))
def delete_subject(self, request, university_id, subject_id):
delete_form = UniversitySubjectDeleteForm({
"university": university_id,
"subject": subject_id
})
if delete_form.is_valid():
delete_form.delete()
return JsonResponse({"success": True}, status=200)
else:
error = delete_form.errors.get_json_data()
return JsonResponse(error, status=404)
class UserUpdateView(G3WRequestViewMixin, UpdateView):
form_class = G3WUserUpdateForm
model = User
template_name = 'usersmanage/user_form.html'
context_object_name = 'user2update'
@method_decorator(permission_required_or_403('auth.change_user', (User, 'pk', 'pk')))
@method_decorator(permission_required_by_backend_or_403('change_user', (User, 'pk', 'pk')))
def dispatch(self, *args, **kwargs):
return super(UserUpdateView, self).dispatch(*args, **kwargs)
def get_form_kwargs(self):
kwargs = super(UserUpdateView,self).get_form_kwargs()
kwargs['initial']['password'] = self.object.password
if hasattr(self.object, 'userdata'):
kwargs['initial']['department'] = self.object.userdata.department
kwargs['initial']['avatar'] = self.object.userdata.avatar
'''
if self.object.userdata.avatar:
name = Path(self.object.userdata.avatar.name).name
kwargs['initial']['avatar'] = ExistingFile(name)
'''
# add initial data for user_groups
kwargs['initial']['user_groups'] = get_user_groups(self.object)
return kwargs
def get_context_data(self, **kwargs):
c = super(UserUpdateView,self).get_context_data(**kwargs)
return c
def get_success_url(self):
return reverse('user-list')
class FeedbackUpdate(UpdateView):
model = Feedback
form_class = FeedbackForm
@method_decorator(login_required)
@method_decorator(
permission_required_or_403(
'edit_decisions_feedback',
(Organization, 'decision__feedback', 'pk')
)
)
def dispatch(self, *args, **kwargs):
return super(FeedbackUpdate, self).dispatch(*args, **kwargs)
def post(self, *args, **kwargs):
if self.request.POST.get('submit', None) == _("Cancel"):
self.object = self.get_object()
return HttpResponseRedirect(self.get_success_url())
return super(FeedbackUpdate, self).post(*args, **kwargs)
def form_valid(self, form, *args, **kwargs):
form.instance.editor = self.request.user
form.instance.minor_edit = form.cleaned_data['minor_edit']
return super(FeedbackUpdate, self).form_valid(form, *args, **kwargs)
def get_context_data(self, *args, **kwargs):
context = super(FeedbackUpdate, self).get_context_data(**kwargs)
context['tab'] = self.object.decision.status
return context
def get_success_url(self, *args, **kwargs):
return reverse('publicweb_item_detail', args=[self.object.decision.pk])
class AssetDetail(DetailView):
model = asset
template_name = 'asset/asset-detail.html'
@method_decorator(login_required)
@method_decorator(
permission_required_or_403('asset.read_asset', (asset, 'id', 'pk')))
def dispatch(self, *args, **kwargs):
return super(AssetDetail, self).dispatch(*args, **kwargs)
def get_context_data(
self,
**kwargs,
):
pk = self.kwargs.get(self.pk_url_kwarg, None)
detail = asset.objects.get(id=pk)
context = {
"asset_active": "active",
"asset_list_active": "active",
"assets": detail,
"nid": pk,
}
kwargs.update(context)
return super(AssetDetail, self).get_context_data(**kwargs)
class FeedbackCreate(CreateView):
model = Feedback
form_class = FeedbackForm
@method_decorator(login_required)
@method_decorator(permission_required_or_403('edit_decisions_feedback', (Organization, 'decision', 'parent_pk')))
def dispatch(self, request, *args, **kwargs):
self.rating_initial = Feedback.COMMENT_STATUS
rating = request.GET.get('rating')
if rating:
self.rating_initial = [value for value, name in Feedback.RATING_CHOICES if name==rating][0]
return super(FeedbackCreate, self).dispatch(request, *args, **kwargs)
def get_initial(self):
initial = super(FeedbackCreate, self).get_initial().copy()
initial['rating'] = self.rating_initial
return initial
def form_valid(self, form):
form.instance.author = self.request.user
form.instance.decision = Decision.objects.get(pk=self.kwargs['parent_pk'])
form.instance.last_status = 'new'
return super(FeedbackCreate, self).form_valid(form)
def get_success_url(self, *args, **kwargs):
return reverse('publicweb_item_detail', args=[self.kwargs['parent_pk']])
def post(self, *args, **kwargs):
if self.request.POST.get('submit', None) == "Cancel":
return HttpResponseRedirect(self.get_success_url())
return super(FeedbackCreate, self).post(*args, **kwargs)
class DbUpdate(UpdateView):
model = db_mysql
form_class = DbMysqlForm
template_name = 'db/db-update.html'
success_url = reverse_lazy('db:db_list')
@method_decorator(login_required)
@method_decorator(
permission_required_or_403('db.change_db_mysql',
(db_mysql, 'id', 'pk')))
def dispatch(self, *args, **kwargs):
return super(DbUpdate, self).dispatch(*args, **kwargs)
def get_context_data(self, **kwargs):
context = {
"db_active": "active",
"db_list_active": "active",
}
kwargs.update(context)
return super(DbUpdate, self).get_context_data(**kwargs)
def form_invalid(self, form):
print(form.errors)
return super(DbUpdate, self).form_invalid(form)
def form_valid(self, form):
self.object = form.save()
return super(DbUpdate, self).form_valid(form)
def get_success_url(self):
return super(DbUpdate, self).get_success_url()
class AssetAdd(CreateView):
model = asset
form_class = AssetForm
template_name = 'asset/asset-add.html'
success_url = reverse_lazy('asset:asset_list')
@method_decorator(login_required)
@method_decorator(permission_required_or_403('asset.add_asset'))
def dispatch(self, *args, **kwargs):
return super(AssetAdd, self).dispatch(*args, **kwargs)
def form_valid(self, form):
self.asset_save = asset_save = form.save()
myproduct = asset.objects.get(network_ip=form.cleaned_data['network_ip']).product_line
mygroup = Group.objects.get(name=myproduct)
GroupObjectPermission.objects.assign_perm("read_asset", mygroup, obj=asset_save)
GroupObjectPermission.objects.assign_perm("add_asset", mygroup, obj=asset_save)
GroupObjectPermission.objects.assign_perm("change_asset", mygroup, obj=asset_save)
GroupObjectPermission.objects.assign_perm("delete_asset", mygroup, obj=asset_save)
return super(AssetAdd, self).form_valid(form)
def get_success_url(self):
return super(AssetAdd, self).get_success_url()
def get_context_data(self, **kwargs):
context = {
"asset_active": "active",
"asset_list_active": "active",
}
kwargs.update(context)
return super(AssetAdd, self).get_context_data(**kwargs)
class NameAdd(LoginRequiredMixin, CreateView):
"""
登录用户增加
"""
model = Names
form_class = NameForm
template_name = 'name/name-add-update.html'
success_url = reverse_lazy('name:name_list')
@method_decorator(permission_required_or_403('name.add_names'))
def dispatch(self, *args, **kwargs):
return super().dispatch(*args, **kwargs)
def get_context_data(self, **kwargs):
context = {
"name_active": "active",
"name_list_active": "active",
}
kwargs.update(context)
return super().get_context_data(**kwargs)
def form_valid(self, form):
forms = form.save()
password_form = form.cleaned_data['password']
if password_form is not None:
forms.set_password(password_form)
forms.save()
return super().form_valid(form)
class GroupsObjectAdd(LoginRequiredMixin, CreateView):
"""
系统组对象 增加
"""
model = GroupObjectPermission
form_class = GroupsObjectForm
template_name = 'name/groups-object-add-update.html'
success_url = reverse_lazy('name:groups_object_list')
@method_decorator(
permission_required_or_403('guardian.add_groupobjectpermission'))
def dispatch(self, *args, **kwargs):
return super().dispatch(*args, **kwargs)
def get_context_data(self, **kwargs):
context = {
"name_active": "active",
"groups_object_list_active": "active",
}
kwargs.update(context)
return super().get_context_data(**kwargs)
def form_invalid(self, form):
print(form.errors)
return super().form_invalid(form)
def form_valid(self, form):
forms = form.save(commit=False)
object_pk1 = form.cleaned_data['object_pk1']
forms.object_pk = object_pk1
forms.save()
return super().form_valid(form)
class GroupsObjectAllDel(LoginRequiredMixin, View):
"""
系统组删除
"""
model = GroupObjectPermission
@method_decorator(
permission_required_or_403('guardian.delete_groupobjectpermission'))
def dispatch(self, *args, **kwargs):
return super().dispatch(*args, **kwargs)
@staticmethod
def post(request):
ret = {
'status': True,
'error': None,
}
try:
if request.POST.get('nid'):
ids = request.POST.get('nid', None)
GroupObjectPermission.objects.get(id=ids).delete()
else:
ids = request.POST.getlist('id', None)
idstring = ','.join(ids)
GroupObjectPermission.objects.extra(
where=['id IN (' + idstring + ')']).delete()
except Exception as e:
ret['status'] = False
ret['error'] = '删除请求错误,没有权限{}'.format(e)
finally:
return HttpResponse(json.dumps(ret))
class GroupPage(AJAX_GroupPageHandler, POSTHandler):
"""
This class manage the present logic of group page.
"""
def __init__(self, *args, **kwargs):
super(GroupPage, self).__init__(*args, **kwargs)
# for GroupUserHandler setting
_display_control = True
@method_decorator(
permission_required_or_403('real_group_membership', (
RealGroup,
'id',
'real_group_id',
)), )
def dispatch(self, *args, **kwargs):
return super(GroupPage, self).dispatch(*args, **kwargs)
def get(self, request, real_group_id):
real_group = get_object_or_404(RealGroup, id=int(real_group_id))
render_data_dict = {
'request': request,
'real_group': real_group,
}
return render(request, 'real_group/group_page.html', render_data_dict)
def post(self, request, real_group_id):
real_group = get_object_or_404(RealGroup, id=int(real_group_id))
return self._handler(request, real_group)
class AssetUserAdd(LoginRequiredMixin, CreateView):
"""
资产用户 增加
"""
model = AssetLoginUser
form_class = AssetUserForm
template_name = 'asset/asset-user-add-update.html'
success_url = reverse_lazy('asset:asset_user_list')
@method_decorator(permission_required_or_403('asset.add_assetloginuser'))
def dispatch(self, *args, **kwargs):
return super().dispatch(*args, **kwargs)
def get_context_data(self, **kwargs):
context = {
"asset_active": "active",
"asset_user_list_active": "active",
}
kwargs.update(context)
return super().get_context_data(**kwargs)
def form_valid(self, form):
forms = form.save()
password_form = form.cleaned_data['password']
if password_form is not None:
password = encrypt_p(password_form)
forms.password = password
forms.save()
name = form.cleaned_data['hostname']
obj = AssetLoginUser.objects.get(hostname=name).private_key.name
system("chmod 600 {0}".format(obj))
return super().form_valid(form)
class JobViewSet(
mixins.ListModelMixin,
mixins.RetrieveModelMixin,
mixins.DestroyModelMixin,
viewsets.GenericViewSet,
):
queryset = models.Job.objects.order_by("-received_request_time").all()
serializer_class = serializers.JobSerializer
serializer_action_classes = {
"list": serializers.JobListSerializer,
}
permission_classes = (ExtendedObjectPermissions, )
filter_backends = (ObjectPermissionsFilter, )
def get_serializer_class(self, *args, **kwargs):
"""
Instantiate the list of serializers per action from class attribute
(must be defined).
"""
kwargs["partial"] = True
try:
return self.serializer_action_classes[self.action]
except (KeyError, AttributeError):
return super(JobViewSet, self).get_serializer_class()
@action(detail=True, methods=["patch"])
@method_decorator([
permission_required_or_403("api_app.change_job"),
])
def kill(self, request, pk=None):
"""
Kill running job by closing celery tasks and marking as killed
:param url: pk (job_id)
:returns:
- 200 - if killed
- 404 - not found
- 403 - forbidden, 400 bad request
"""
logger.info(
f"kill running job received request from {str(request.user)} "
f"-- (job_id:{pk}).")
# get job object or raise 404
try:
job = models.Job.objects.get(pk=pk)
except models.Job.DoesNotExist:
raise NotFound()
# check permission
if not request.user.has_perm("api_app.change_job", job):
raise PermissionDenied()
# check if job running
if job.status != "running":
raise ParseError(detail="Job is not running")
# close celery tasks
general.kill_running_analysis(pk)
# set job status
job.status = "killed"
job.save()
return Response(status=status.HTTP_200_OK)
class DbAdd(CreateView):
model = db_mysql
form_class = DbMysqlForm
template_name = 'db/db-add.html'
success_url = reverse_lazy('db:db_list')
@method_decorator(login_required)
@method_decorator(permission_required_or_403('db.add_db_mysql'))
def dispatch(self, *args, **kwargs):
return super(DbAdd, self).dispatch(*args, **kwargs)
def form_valid(self, form):
self.db_save = form.save()
return super(DbAdd, self).form_valid(form)
def get_success_url(self):
return super(DbAdd, self).get_success_url()
def get_context_data(self, **kwargs):
context = {
"db_active": "active",
"db_list_active": "active",
}
kwargs.update(context)
return super(DbAdd, self).get_context_data(**kwargs)
class AssetAdd(CreateView):
model = asset
template_name = 'asset/asset_add.html'
form_class = AssetForm
success_url = reverse_lazy('asset:asset_list')
@method_decorator(login_required())
@method_decorator(permission_required_or_403('asset.add_asset'))
def dispath(self,*args,**kwargs):
return super(AssetAdd,self).dispatch(*args,**kwargs)
def get_context_data(self,**kwargs):
context = {
'asset_list':get_objects_for_user(self.request.user,'asset.read_asset')
}
kwargs.update(context)
return super(AssetAdd,self).get_context_data(**kwargs)
def get(self,request):
user = User.objects.get(username=request.user)
ret = asset.objects.all
return render(request,'asset/asset.html',{'asset_list':ret})
def form_valid(self, form):
self.asset_save = asset_save = form.save()
grouptest = 'mine'
mygroup = Group.objects.get(name=grouptest)
GroupObjectPermission.objects.assign_perm("read_asset",mygroup,obj=asset_save)
GroupObjectPermission.objects.assign_perm("add_asset",mygroup,obj=asset_save)
GroupObjectPermission.objects.assign_perm("change_asset",mygroup,obj=asset_save)
GroupObjectPermission.objects.assign_perm("delete_asset",mygroup,obj=asset_save)
return super(AssetAdd,self).form_valid(form)
def get_success_url(self):
return super(AssetAdd,self).get_success_url()
class DbAdd(CreateView):
model = db_mysql
form_class = DbMysqlForm
template_name = 'db/db-add.html'
success_url = reverse_lazy('db:db_list')
@method_decorator(login_required)
@method_decorator(permission_required_or_403('db.add_db_mysql'))
def dispatch(self, *args, **kwargs):
return super(DbAdd, self).dispatch(*args, **kwargs)
def form_valid(self, form):
self.db = db = form.save()
myproduct = form.cleaned_data['product_line']
mygroup = Group.objects.get(name=myproduct)
GroupObjectPermission.objects.assign_perm("read_db_mysql", mygroup, obj=db)
GroupObjectPermission.objects.assign_perm("add_db_mysql", mygroup, obj=db)
GroupObjectPermission.objects.assign_perm("change_db_mysql", mygroup, obj=db)
GroupObjectPermission.objects.assign_perm("delete_db_mysql", mygroup, obj=db)
GroupObjectPermission.objects.assign_perm("task_db_mysql", mygroup, obj=db)
return super(DbAdd, self).form_valid(form)
def get_success_url(self):
return super(DbAdd, self).get_success_url()
def get_context_data(self, **kwargs):
context = {
"db_active": "active",
"db_list_active": "active",
}
kwargs.update(context)
return super(DbAdd, self).get_context_data(**kwargs)
class NameUpdate(LoginRequiredMixin, UpdateView):
"""登录用户更新"""
model = Names
form_class = NameForm
template_name = 'name/name-add-update.html'
success_url = reverse_lazy('name:name_list')
@method_decorator(permission_required_or_403('name.change_names'))
def dispatch(self, *args, **kwargs):
return super().dispatch(*args, **kwargs)
def get_context_data(self, **kwargs):
context = {
"name_active": "active",
"name_list_active": "active",
}
kwargs.update(context)
return super().get_context_data(**kwargs)
def form_valid(self, form):
pk = self.kwargs.get(self.pk_url_kwarg, None)
obj = Names.objects.get(id=pk)
old_password = obj.password
new_password = form.cleaned_data['password']
forms = form.save()
if new_password == "1":
forms.password = old_password
else:
forms.set_password(new_password)
forms.save()
return super().form_valid(form)
class UserGroupUpdateView(G3WRequestViewMixin, UpdateView):
"""
View for change User Group
"""
form_class = G3WUserGroupUpdateForm
model = Group
template_name = 'usersmanage/user_group_form.html'
@method_decorator(permission_required_or_403('auth.change_group', (Group, 'pk', 'pk')))
def dispatch(self, *args, **kwargs):
return super(UserGroupUpdateView, self).dispatch(*args, **kwargs)
def get_initial(self):
initials = super(UserGroupUpdateView, self).get_initial()
# add group role
try:
initials['role'] = self.object.grouprole.role
except:
pass
return initials
# todo: check group if not in base editor and viewer group
def get_success_url(self):
return reverse('user-group-list')
class OpenrouteServiceProjectFormBase(G3WRequestViewMixin):
form_class = OpenrouteserviceProjectForm
success_url = reverse_lazy('ors-project-list')
model = OpenrouteserviceProject
@method_decorator(permission_required_or_403('qdjango.change_project'))
def dispatch(self, *args, **kwargs):
return super().dispatch(*args, **kwargs)
class GroupDeleteView(DeleteView):
model = GroupProfile
template_name = 'ojuser/group_confirm_delete.html'
success_url = reverse_lazy('mygroup-list')
@method_decorator(
permission_required_or_403('delete_groupprofile',
(GroupProfile, 'pk', 'pk')))
def dispatch(self, request, *args, **kwargs):
return super(GroupDeleteView, self).dispatch(request, *args, **kwargs)
class ProjectMessagePage(View):
@method_decorator(login_required)
@method_decorator(
permission_required_or_403('project.project_membership',
(Project, 'id', 'project_id')),
)
def get(self, request, project_id):
project = get_object_or_404(Project, id=int(project_id))
return render(request,
'project/project_message_page.html',
{'project': project})
class GroupMemberView(TemplateView):
template_name = 'ojuser/group_members.html'
@method_decorator(
permission_required_or_403('change_groupprofile',
(GroupProfile, 'pk', 'pk')))
def dispatch(self, request, *args, **kwargs):
return super(GroupMemberView, self).dispatch(request, *args, **kwargs)
def get_context_data(self, pk=None, **kwargs):
context = super(GroupMemberView, self).get_context_data(**kwargs)
context['pk'] = pk
return context
class AssetUpdate(UpdateView):
model = asset
form_class = AssetForm
template_name = 'asset/asset-update.html'
success_url = reverse_lazy('asset:asset_list')
@method_decorator(login_required)
@method_decorator(
permission_required_or_403('asset.add_asset', (asset, 'id', 'pk')))
def dispatch(self, *args, **kwargs):
return super(AssetUpdate, self).dispatch(*args, **kwargs)
def get_context_data(self, **kwargs):
context = {
"asset_active": "active",
"asset_list_active": "active",
}
kwargs.update(context)
return super(AssetUpdate, self).get_context_data(**kwargs)
def form_invalid(self, form):
print(form.errors)
return super(AssetUpdate, self).form_invalid(form)
def form_valid(self, form):
pk = self.kwargs.get(self.pk_url_kwarg, None)
oldmyproduct = asset.objects.get(id=pk).product_line
oldmygroup = Group.objects.get(name=oldmyproduct)
self.object = form.save()
myproduct = asset.objects.get(id=pk).product_line
mygroup = Group.objects.get(name=myproduct)
if oldmygroup != mygroup:
GroupObjectPermission.objects.filter(object_pk=pk).delete()
GroupObjectPermission.objects.assign_perm("read_asset",
mygroup,
obj=self.object)
GroupObjectPermission.objects.assign_perm("add_asset",
mygroup,
obj=self.object)
GroupObjectPermission.objects.assign_perm("change_asset",
mygroup,
obj=self.object)
GroupObjectPermission.objects.assign_perm("delete_asset",
mygroup,
obj=self.object)
return super(AssetUpdate, self).form_valid(form)
def get_success_url(self):
return super(AssetUpdate, self).get_success_url()
class GroupManagementPageOfMember(BasicGroupManagementPage):
# for GroupUserHandler setting
_display_control = True
@method_decorator(login_required)
@method_decorator(
permission_required_or_403('real_group_membership', (
RealGroup,
'id',
'real_group_id',
)))
def dispatch(self, *args, **kwargs):
return super(GroupManagementPageOfMember,
self).dispatch(*args, **kwargs)
class EconsensusActionitemUpdateView(ActionItemUpdateView):
template_name = 'actionitem_update_snippet.html'
form_class = EconsensusActionItemUpdateForm
@method_decorator(login_required)
@method_decorator(permission_required_or_403('edit_decisions_feedback', (Organization, 'decision', 'decisionpk')))
def dispatch(self, *args, **kwargs):
if not switch_is_active('actionitems'):
raise Http404
return super(EconsensusActionitemUpdateView, self).dispatch(*args, **kwargs)
def get_success_url(self, *args, **kwargs):
kwargs = {'decisionpk': self.kwargs.get('decisionpk'),
'pk': self.object.pk}
return reverse('actionitem_detail', kwargs=kwargs)
class GroupEditView(UpdateView):
"""
When one wants to edit a group
"""
form_class = GroupEditForm
slug_field = 'slug'
model = WorkGroup
template_name = 'workgroup/page/group_edit.html'
@method_decorator(login_required)
@method_decorator(
permission_required_or_403('change_workgroup',
(WorkGroup, 'slug', 'slug')))
def dispatch(self, request, *args, **kwargs):
return super(GroupEditView, self).dispatch(request, *args, **kwargs)
class DbUpdate(UpdateView):
model = db_mysql
form_class = DbMysqlForm
template_name = 'db/db-update.html'
success_url = reverse_lazy('db:db_list')
@method_decorator(login_required)
@method_decorator(permission_required_or_403('db.change_db_mysql', (db_mysql, 'id', 'pk')))
def dispatch(self, *args, **kwargs):
return super(DbUpdate, self).dispatch(*args, **kwargs)
def get_context_data(self, **kwargs):
context = {
"db_active": "active",
"db_list_active": "active",
}
kwargs.update(context)
return super(DbUpdate, self).get_context_data(**kwargs)
def form_invalid(self, form):
print(form.errors)
return super(DbUpdate, self).form_invalid(form)
def form_valid(self, form):
pk = self.kwargs.get(self.pk_url_kwarg, None)
old_myproduct = db_mysql.objects.get(id=pk).product_line
old_mygroup = Group.objects.get(name=old_myproduct)
new_mygroup = Group.objects.get(name=form.cleaned_data['product_line'])
self.object = form.save()
if old_mygroup != new_mygroup:
GroupObjectPermission.objects.filter(object_pk=pk).delete()
GroupObjectPermission.objects.assign_perm("read_db_mysql", new_mygroup, obj=self.object)
GroupObjectPermission.objects.assign_perm("add_db_mysql", new_mygroup, obj=self.object)
GroupObjectPermission.objects.assign_perm("change_db_mysql", new_mygroup, obj=self.object)
GroupObjectPermission.objects.assign_perm("delete_db_mysql", new_mygroup, obj=self.object)
GroupObjectPermission.objects.assign_perm("task_db_mysql",new_mygroup, obj=self.object)
return super(DbUpdate, self).form_valid(form)
def get_success_url(self):
return super(DbUpdate, self).get_success_url()
class DecisionCreate(CreateView):
model = Decision
form_class = DecisionForm
status = Decision.PROPOSAL_STATUS
@method_decorator(login_required)
@method_decorator(
permission_required_or_403(
'edit_decisions_feedback',
(Organization, 'slug', 'org_slug')
)
)
def dispatch(self, *args, **kwargs):
self.status = kwargs.get('status', Decision.PROPOSAL_STATUS)
slug = kwargs.get('org_slug', None)
self.organization = Organization.active.get(slug=slug)
return super(DecisionCreate, self).dispatch(*args, **kwargs)
def get(self, *args, **kwargs):
return super(DecisionCreate, self).get(*args, **kwargs)
def get_form(self, form):
form = super(DecisionCreate, self).get_form(form)
form.fields['status'].initial = self.status
return form
def form_valid(self, form):
form.instance.author = self.request.user
form.instance.editor = self.request.user
form.instance.last_status = 'new'
form.instance.organization = self.organization
return super(DecisionCreate, self).form_valid(form)
def get_context_data(self, *args, **kwargs):
context = super(DecisionCreate, self).get_context_data(**kwargs)
context['organization'] = self.organization
context['tab'] = self.status
return context
def get_success_url(self, *args, **kwargs):
status = getattr(self, 'object', self).status
return reverse('publicweb_item_list',
args=[self.organization.slug, status])
def post(self, *args, **kwargs):
if self.request.POST.get('submit', None) == _("Cancel"):
return HttpResponseRedirect(self.get_success_url())
return super(DecisionCreate, self).post(*args, **kwargs)
class DecisionUpdate(UpdateView):
model = Decision
form_class = DecisionForm
@method_decorator(login_required)
@method_decorator(
permission_required_or_403(
'edit_decisions_feedback',
(Organization, 'decision', 'pk')
)
)
def dispatch(self, *args, **kwargs):
return super(DecisionUpdate, self).dispatch(*args, **kwargs)
def form_valid(self, form):
form.instance.editor = self.request.user
form.instance.last_status = self.last_status
form.instance.minor_edit = form.cleaned_data['minor_edit']
if (not form.cleaned_data['watch'] and
notification.is_observing(self.object, self.request.user)):
notification.stop_observing(self.object, self.request.user)
elif (form.cleaned_data['watch'] and
not notification.is_observing(self.object, self.request.user)):
notification.observe(
self.object,
self.request.user,
DECISION_CHANGE
)
return super(DecisionUpdate, self).form_valid(form)
def get_context_data(self, *args, **kwargs):
context = super(DecisionUpdate, self).get_context_data(**kwargs)
context['tab'] = self.object.status
return context
def get_success_url(self, *args, **kwargs):
the_object = self.get_object()
status = the_object.status
slug = the_object.organization.slug
return reverse('publicweb_item_list', args=[slug, status])
def post(self, *args, **kwargs):
if self.request.POST.get('submit', None) == _("Cancel"):
return HttpResponseRedirect(self.get_success_url())
else:
self.last_status = self.get_object().status
return super(DecisionUpdate, self).post(*args, **kwargs)
class AJAX_ProjectPageMessageList(MessageListBasic, APIView):
@method_decorator(login_required)
@method_decorator(
permission_required_or_403('project.project_membership',
(Project, 'id', 'project_id')), )
def get(self, request):
project_id = request.GET.get('project_id', None)
if project_id is None:
raise PermissionDenied
project = get_object_or_404(Project, id=int(project_id))
message_set = project.messages.filter(post_flag=True, ).order_by(
'-post_time', )
return self._get_message_list(request, message_set)
"""
try:
page = int(request.GET.get('page', None))
except (TypeError, ValueError):
page = page
if userena_settings.USERENA_DISABLE_PROFILE_LIST \
and not request.user.is_staff:
raise Http404
profile_model = get_profile_model()
queryset = profile_model.objects.get_visible_profiles(request.user)
if not extra_context: extra_context = dict()
return list_detail.object_list(request,
queryset=queryset,
paginate_by=paginate_by,
page=page,
template_name=template_name,
extra_context=extra_context,
template_object_name='profile',
**kwargs)
profile_edit_view = secure_required(permission_required_or_403('change_profile', (get_profile_model(), 'user__username', 'username'))(profile_edit))
password_change_view = secure_required(permission_required_or_403('change_user', (User, 'username', 'username'))(password_change))
email_change_view = secure_required(permission_required_or_403('change_user', (User, 'username', 'username'))(email_change))
signin_view = secure_required(signin)
email_confirm_view = secure_required(email_confirm)
signup_view = secure_required(signup)
activate_view = secure_required(activate)
return []
def index(request):
projects = get_objects_for_user(request.user, 'projects.view_project')
if len(projects) == 0:
return unauthenticated(request)
package_sets = [(project,
request.user.has_perm('projects.upload_package', project),
[package for package in project.package_set.order_by('-id')],
) for project in projects]
context = {'package_sets': package_sets}
return render(request, 'projects/index.html', context)
@class_view_decorator(permission_required_or_403('projects.upload_package', (Project, 'pk', 'project_id')))
class UploadView(View):
def get(self, request, project_id):
form = UploadFileForm()
return render_to_response('projects/upload.html',
{'form': form, 'project_id': project_id},
context_instance=RequestContext(request))
def post(self, request, project_id):
form = UploadFileForm(request.POST, request.FILES)
if form.is_valid():
from guardian.shortcuts import assign_perm
# handle files
package = form.save(commit=False)
package.status = Package.Status.uploaded
package.project_id = project_id
