def locations_import_preview(request, id, template_name='locations/import-map-fields.html'):
"""
This will generate a form based on the uploaded CSV for field mapping.
A preview will be generated based on the mapping given.
"""
locport = get_object_or_404(LocationImport, pk=id)
if request.method == 'POST':
form = ImportMapForm(request.POST, locport=locport)
if form.is_valid():
# Show the user a preview based on the mapping
cleaned_data = form.cleaned_data
#file_path = os.path.join(settings.MEDIA_ROOT, locport.get_file().file.name)
file_path = locport.get_file().file.name
locations, stats = parse_locs_from_csv(file_path, cleaned_data)
# return the form to use it for the confirm view
template_name = 'locations/import-preview.html'
return render_to_resp(request=request, template_name=template_name, context={
'locations': locations,
'stats': stats,
'locport': locport,
'form': form,
'now': datetime.now(),
})
else:
form = ImportMapForm(locport=locport)
return render_to_resp(request=request, template_name=template_name, context={
'form': form,
'locport': locport,
'now': datetime.now(),
})
def view_ticket(request):
ticket_req = request.GET.get('ticket', '')
ticket = False
email = request.GET.get('email', '')
error_message = ''
if ticket_req and email:
parts = ticket_req.split('-')
queue = '-'.join(parts[0:-1])
ticket_id = parts[-1]
try:
ticket = Ticket.objects.get(id=ticket_id, queue__slug__iexact=queue, submitter_email__iexact=email)
except:
ticket = False
error_message = _('Invalid ticket ID or e-mail address. Please try again.')
if ticket:
if request.user.is_staff:
redirect_url = reverse('helpdesk_view', args=[ticket_id])
if 'close' in request.GET:
redirect_url += '?close'
return HttpResponseRedirect(redirect_url)
if 'close' in request.GET and ticket.status == Ticket.RESOLVED_STATUS:
from tendenci.apps.helpdesk.views.staff import update_ticket
# Trick the update_ticket() view into thinking it's being called with
# a valid POST.
request.POST = {
'new_status': Ticket.CLOSED_STATUS,
'public': 1,
'title': ticket.title,
'comment': _('Submitter accepted resolution and closed ticket'),
}
if ticket.assigned_to:
request.POST['owner'] = ticket.assigned_to.id
request.GET = {}
return update_ticket(request, ticket_id, public=True)
# redirect user back to this ticket if possible.
redirect_url = ''
if helpdesk_settings.HELPDESK_NAVIGATION_ENABLED:
redirect_url = reverse('helpdesk_view', args=[ticket_id])
return render_to_resp(request=request, template_name='helpdesk/public_view_ticket.html',
context={
'ticket': ticket,
'helpdesk_settings': helpdesk_settings,
'next': redirect_url,
})
return render_to_resp(request=request, template_name='helpdesk/public_view_form.html',
context={
'ticket': ticket,
'email': email,
'error_message': error_message,
'helpdesk_settings': helpdesk_settings,
})
def homepage(request):
if not request.user.is_authenticated and helpdesk_settings.HELPDESK_REDIRECT_TO_LOGIN_BY_DEFAULT:
return HttpResponseRedirect(reverse('auth_login') + "?next=" + request.path)
if (request.user.is_staff or (request.user.is_authenticated and helpdesk_settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE)):
try:
if getattr(request.user.usersettings.settings, 'login_view_ticketlist', False):
return HttpResponseRedirect(reverse('helpdesk_list'))
else:
if request.user.is_staff:
return HttpResponseRedirect(reverse('helpdesk_dashboard'))
else:
return HttpResponseRedirect(reverse('helpdesk_submit'))
except UserSettings.DoesNotExist:
return HttpResponseRedirect(reverse('helpdesk_dashboard'))
if request.method == 'POST':
form = PublicTicketForm(request.POST, request.FILES)
form.fields['queue'].choices = [('', '--------')] + [[q.id, q.title] for q in Queue.objects.filter(allow_public_submission=True)]
if form.is_valid():
if text_is_spam(form.cleaned_data['body'], request):
# This submission is spam. Let's not save it.
return render_to_resp(request=request, template_name='helpdesk/public_spam.html')
else:
ticket = form.save()
return HttpResponseRedirect('%s?ticket=%s&email=%s'% (
reverse('helpdesk_public_view'),
ticket.ticket_for_url,
requests.utils.quote(ticket.submitter_email))
)
else:
try:
queue = Queue.objects.get(slug=request.GET.get('queue', None))
except Queue.DoesNotExist:
queue = None
initial_data = {}
if queue:
initial_data['queue'] = queue.id
if request.user.is_authenticated and request.user.email:
initial_data['submitter_email'] = request.user.email
form = PublicTicketForm(initial=initial_data)
form.fields['queue'].choices = [('', '--------')] + [[q.id, q.title] for q in Queue.objects.filter(allow_public_submission=True)]
knowledgebase_categories = KBCategory.objects.all()
return render_to_resp(request=request, template_name='helpdesk/public_homepage.html',
context={
'form': form,
'helpdesk_settings': helpdesk_settings,
'kb_categories': knowledgebase_categories
})
def item(request, item):
item = get_object_or_404(KBItem, pk=item)
return render_to_resp(request=request, template_name='helpdesk/kb_item.html',
context={
'item': item,
'helpdesk_settings': helpdesk_settings,
})
def directory_export(request, template_name="directories/export.html"):
"""Export Directories"""
if not request.user.profile.is_superuser:
raise Http403
form = DirectoryExportForm(request.POST or None)
if request.method == "POST" and form.is_valid():
export_fields = form.cleaned_data['export_fields']
export_status_detail = form.cleaned_data['export_status_detail']
identifier = int(time.time())
temp_file_path = 'export/directories/%s_temp.csv' % identifier
default_storage.save(temp_file_path, ContentFile(''))
# start the process
subprocess.Popen([python_executable(), "manage.py",
"directory_export_process",
'--export_fields=%s' % export_fields,
'--export_status_detail=%s' % export_status_detail,
'--identifier=%s' % identifier,
'--user=%s' % request.user.id])
# log an event
EventLog.objects.log()
return HttpResponseRedirect(reverse('directory.export_status', args=[identifier]))
context = {'form': form}
return render_to_resp(request=request, template_name=template_name, context=context)
def delete(request, id, template_name="files/delete.html"):
file = get_object_or_404(File, pk=id)
# check permission
if not has_perm(request.user, 'files.delete_file'):
raise Http403
if request.method in ["POST", 'DELETE']:
# reassign owner to current user
file.owner = request.user
file.owner_username = request.user.username
file.save()
file.delete()
if request.method == 'DELETE':
# used by tinymce upload
return HttpResponse('true')
if 'ajax' in request.POST:
return HttpResponse('Ok')
else:
return HttpResponseRedirect(reverse('file.search'))
return render_to_resp(
request=request, template_name=template_name, context={
'file': file
})
def detail(request, slug, template_name="committees/detail.html"):
committee = get_object_or_404(Committee, slug=slug)
if has_perm(request.user, 'committees.view_committee', committee):
EventLog.objects.log(instance=committee)
officers = committee.officers()
#has_group_view_permission is True if there is at least one
#group where the user is a member that has a view_committee permission.
has_group_view_permission = False
#Check user for group view permissions
if request.user.is_authenticated:
groups = request.user.group_set.all()
perms = has_groups_perms(committee).filter(group__in=groups)
for perm in perms:
#Check if permission has view committee permission
has_group_view_permission |= perm.codename == 'view_committee'
if has_group_view_permission:
break
filters = get_query_filters(request.user, 'files.view_file')
files = File.objects.filter(filters).filter(group=committee.group).distinct()
return render_to_resp(request=request, template_name=template_name,
context={
'committee': committee,
'officers': officers,
'files': files,
'has_group_view_permission': has_group_view_permission,
})
else:
raise Http403
def locations_import_upload(request, template_name='locations/import-upload-file.html'):
"""
This is the upload view for the location imports.
This will upload the location import file and then redirect the user
to the import mapping/preview page of the import file
"""
if request.method == 'POST':
form = UploadForm(request.POST, request.FILES)
if form.is_valid():
locport = LocationImport.objects.create(creator=request.user)
csv = File.objects.save_files_for_instance(request, locport)[0]
file_path = str(csv.file.name)
import_valid, import_errs = is_import_valid(file_path)
if not import_valid:
for err in import_errs:
messages.add_message(request, messages.ERROR, err)
locport.delete()
return redirect('locations_import_upload_file')
EventLog.objects.log()
# reset the password_promt session
del request.session['password_promt']
return redirect('locations_import_preview', locport.id)
else:
form = UploadForm()
return render_to_resp(request=request, template_name=template_name, context={
'form': form,
'now': datetime.now(),
})
def delete(request, id, template_name="committees/delete.html"):
committee = get_object_or_404(Committee, pk=id)
if not has_perm(request.user, 'committees.delete_committee'):
raise Http403
if request.method == "POST":
EventLog.objects.log(instance=committee)
messages.add_message(request, messages.SUCCESS, 'Successfully deleted %s' % committee)
# send notification to administrators
recipients = get_notice_recipients('module', 'committees', 'committeerecipients')
if recipients:
if notification:
extra_context = {
'object': committee,
'request': request,
}
notification.send_emails(recipients, 'committee_deleted', extra_context)
committee.delete()
return HttpResponseRedirect(reverse('committees.search'))
return render_to_resp(request=request, template_name=template_name,
context={'committee': committee})
def detail(request, id, template_name="discounts/view.html"):
discount = get_object_or_404(Discount, id=id)
if not has_perm(request.user, 'discounts.view_discount', discount):
raise Http403
registrations = Registration.objects.filter(invoice__discount_code=discount.discount_code)
registrant_list = []
for registration in registrations:
registrant_list += registration.registrant_set.filter(discount_amount__gt=0)
memberships = MembershipSet.objects.filter(invoice__discount_code=discount.discount_code)
membership_list = []
for membership in memberships:
count = DiscountUse.objects.filter(invoice=membership.invoice).count()
membership_list += membership.membershipdefault_set.all()[:count]
EventLog.objects.log(instance=discount)
return render_to_resp(
request=request, template_name=template_name,
context={'discount':discount,
'registrant_list':registrant_list,
'membership_list':membership_list}
)
def add(request, form_class=HelpFileForm, template_name="help_files/add.html"):
if has_perm(request.user,'help_files.add_helpfile'):
if request.method == "POST":
form = form_class(request.POST, user=request.user)
if form.is_valid():
help_file = form.save(commit=False)
# add all permissions and save the model
help_file = update_perms_and_save(request, form, help_file)
form.save_m2m()
msg_string = 'Successfully added %s' % help_file
messages.add_message(request, messages.SUCCESS, _(msg_string))
# # send notification to administrator(s) and module recipient(s)
# recipients = get_notice_recipients('module', 'help_files', 'helpfilerecipients')
# # if recipients and notification:
# notification.send_emails(recipients,'help_file_added', {
# 'object': help_file,
# 'request': request,
# })
return HttpResponseRedirect(reverse('help_file.details', args=[help_file.slug]))
else:
form = form_class(user=request.user)
return render_to_resp(request=request, template_name=template_name,
context={'form':form})
else:
raise Http403
def api(request, method):
"""
Regardless of any other paramaters, we provide a help screen
to the user if they requested one.
If the user isn't looking for help, then we enforce a few conditions:
* The request must be sent via HTTP POST
* The request must contain a 'user' and 'password' which
must be valid users
* The method must match one of the public methods of the API class.
"""
if method == 'help':
return render_to_resp(request=request, template_name='helpdesk/help_api.html')
if request.method != 'POST':
return api_return(STATUS_ERROR_BADMETHOD)
# TODO: Move away from having the username & password in every request.
request.user = authenticate(
request=request,
username=request.POST.get('user', False),
password=request.POST.get('password'),
)
if request.user is None:
return api_return(STATUS_ERROR_PERMISSIONS)
api = API(request)
if hasattr(api, 'api_public_%s' % method):
return getattr(api, 'api_public_%s' % method)()
return api_return(STATUS_ERROR)
def locations_import_confirm(request, id, template_name='locations/import-confirm.html'):
"""
Confirm the locations import and continue with the process.
This can only be accessed via a hidden post form from the preview page.
That will hold the original mappings selected by the user.
"""
locport = get_object_or_404(LocationImport, pk=id)
if request.method == "POST":
form = ImportMapForm(request.POST, locport=locport)
if form.is_valid():
cleaned_data = form.cleaned_data
file_path = str(locport.get_file().file.name)
if not settings.CELERY_IS_ACTIVE:
# if celery server is not present
# evaluate the result and render the results page
result = ImportLocationsTask()
locations, stats = result.run(request.user, file_path, cleaned_data)
return render_to_resp(request=request, template_name=template_name, context={
'locations': locations,
'stats': stats,
'now': datetime.now(),
})
else:
result = ImportLocationsTask.delay(request.user, file_path, cleaned_data)
return redirect('locations_import_status', result.task_id)
else:
return redirect('locations_import_preview', locport.id)
def user_upload_process(request, sid,
template_name="imports/users_process.html"):
if not request.user.profile.is_superuser:
raise Http403 # admin only page
sid = str(sid)
import_dict = get_user_import_settings(request, sid)
if not import_dict:
return HttpResponseRedirect(reverse('import.user_upload_add'))
import_dict['folder_name'] = IMPORT_FOLDER_NAME
import_dict['id'] = sid
if not default_storage.exists(os.path.join(import_dict['folder_name'],
import_dict['file_name'])):
return HttpResponseRedirect(reverse('import.user_upload_add'))
#reset group - delete all members in the group
if import_dict['clear_group_membership'] and import_dict['group']:
GroupMembership.objects.filter(group=import_dict['group']).delete()
d = request.session[sid]
d.update({
'is_completed': False,
'count_insert': 0,
'count_update': 0,
'total_done': 0
})
request.session[sid] = d
d = None
return render_to_resp(request=request, template_name=template_name,
context=import_dict)
def edit_meta(request, id, form_class=MetaForm, template_name="committees/edit-meta.html"):
"""
Return committee that allows you to edit meta-html information.
"""
# check permission
committee = get_object_or_404(Committee, pk=id)
if not has_perm(request.user, 'committees.change_committee', committee):
raise Http403
EventLog.objects.log(instance=committee)
defaults = {
'title': committee.get_title(),
'description': committee.get_description(),
'keywords': committee.get_keywords(),
'canonical_url': committee.get_canonical_url(),
}
committee.meta = MetaTags(**defaults)
if request.method == "POST":
form = form_class(request.POST, instance=committee.meta)
if form.is_valid():
committee.meta = form.save() # save meta
committee.save() # save relationship
messages.add_message(request, messages.SUCCESS, 'Successfully updated meta for %s' % committee)
return HttpResponseRedirect(reverse('committees.detail', args=[committee.slug]))
else:
form = form_class(instance=committee.meta)
return render_to_resp(request=request, template_name=template_name,
context={'committee': committee, 'form': form})
def add(request, form_class=LocationForm, template_name="locations/add.html"):
if has_perm(request.user,'locations.add_location'):
if request.method == "POST":
form = form_class(request.POST, request.FILES, user=request.user)
if form.is_valid():
location = form.save(commit=False)
# update all permissions and save the model
location = update_perms_and_save(request, form, location)
if 'photo_upload' in form.cleaned_data:
photo = form.cleaned_data['photo_upload']
if photo:
location.save(photo=photo)
msg_string = 'Successfully added %s' % location
messages.add_message(request, messages.SUCCESS, _(msg_string))
return HttpResponseRedirect(reverse('location', args=[location.slug]))
else:
form = form_class(user=request.user)
return render_to_resp(request=request, template_name=template_name,
context={'form':form})
else:
raise Http403
def campaign_delete(request, campaign_id, template_name="campaign_monitor/campaigns/delete.html"):
campaign = get_object_or_404(Campaign, campaign_id=campaign_id)
if not has_perm(request.user,'campaign_monitor.delete_campaign'):
raise Http403
if request.method == "POST":
try:
CSC(auth=auth, campaign_id=campaign.campaign_id).delete()
except BadRequest as e:
msg_string = 'Bad Request %s: %s' % (e.data.Code, e.data.Message)
messages.add_message(request, messages.ERROR, _(msg_string))
return redirect(campaign)
except Exception as e:
msg_string = 'Error: %s' % e
messages.add_message(request, messages.ERROR, _(msg_string))
return redirect(campaign)
campaign.delete()
messages.add_message(request, messages.SUCCESS, _('Successfully deleted campaign.'))
return redirect("campaign_monitor.campaign_index")
return render_to_resp(request=request, template_name=template_name,
context={'campaign': campaign})
def view(request, id, template_name="emails/view.html"):
email = get_object_or_404(Email, pk=id)
if not email.allow_view_by(request.user): raise Http403
return render_to_resp(request=request, template_name=template_name,
context={'email':email})
def _export_page(request):
ctx = {}
ctx.update(get_app_permissions(request))
form = None
if request.method == 'POST':
form = DatabaseDumpForm(request.POST)
if form.is_valid():
print("Form submitted is valid!")
if can_create_dump():
new_obj = DatabaseDumpFile()
new_obj.author = request.user
new_obj.export_format = form.cleaned_data['format']
new_obj.save()
subprocess.Popen([python_executable(), "manage.py",
"create_database_dump",
str(request.user.pk), form.cleaned_data['format'], str(new_obj.pk) ])
messages.add_message(request, messages.INFO, "Success! The system is now generating your export file. Please reload in a few seconds to update the list.")
else:
messages.add_message(request, messages.ERROR, "Cannot create file. You have already reached the limit of existing dump files. Please delete old unused exports and try again.")
else:
form = DatabaseDumpForm()
# get all active DB Dump Files
# if current existing DB Dump Files are less than the limit, enable form submission
db_objs = DatabaseDumpFile.objects.filter(~Q(status='expired'))
ctx['objects'] = db_objs
if can_create_dump():
ctx['enable_form'] = True
ctx['form'] = form
return render_to_resp(request=request, template_name="explorer/export_page.html", context=ctx)
def detail(request, slug=None, hash=None, template_name="articles/view.html"):
if not slug and not hash:
return HttpResponseRedirect(reverse('articles'))
if hash:
version = get_object_or_404(Version, hash=hash)
current_article = get_object_or_404(Article, pk=version.object_id)
article = version.get_version_object()
msg_string = 'You are viewing a previous version of this article. View the <a href="%s%s">Current Version</a>.' % (get_setting('site', 'global', 'siteurl'), current_article.get_absolute_url())
messages.add_message(request, messages.WARNING, _(msg_string))
else:
article = get_object_or_404(Article, slug=slug)
# non-admin can not view the non-active content
# status=0 has been taken care of in the has_perm function
if (article.status_detail).lower() != 'active' and (not request.user.profile.is_superuser):
raise Http403
if not article.release_dt_local and article.release_dt:
article.assign_release_dt_local()
if not article.release_dt_local or article.release_dt_local >= datetime.now():
if not any([
has_perm(request.user, 'articles.view_article'),
request.user == article.owner,
request.user == article.creator
]):
raise Http403
if has_view_perm(request.user, 'articles.view_article', article):
EventLog.objects.log(instance=article)
return render_to_resp(request=request, template_name=template_name,
context={'article': article})
else:
raise Http403
def technology(request, id, template_name="case_studies/search.html"):
"List of case studies by technology"
technology = get_object_or_404(Technology, pk=id)
query = '"technology:%s"' % technology
case_studies = CaseStudy.objects.search(query, user=request.user)
EventLog.objects.log()
return render_to_resp(request=request, template_name=template_name,
context={'technology':technology, 'case_studies': case_studies})
EventLog.objects.log()
return render_to_resp(request=request, template_name=template_name,
context={'technology':technology, 'case_studies': case_studies})
def add(request, form_class=ContactForm, template_name="contacts/add.html"):
if has_perm(request.user,'contacts.add_contact'):
if request.method == "POST":
form = form_class(request.POST)
if form.is_valid():
contact = form.save(commit=False)
# set up the user information
contact.creator = request.user
contact.creator_username = request.user.username
contact.owner = request.user
contact.owner_username = request.user.username
contact.allow_anonymous_view = False
contact.save()
ObjectPermission.objects.assign(contact.creator, contact)
return HttpResponseRedirect(reverse('contact', args=[contact.pk]))
else:
form = form_class()
print(form_class())
return render_to_resp(request=request, template_name=template_name,
context={'form':form})
else:
raise Http403
def export(request, template_name="help_files/export.html"):
"""Export Help Files"""
if not request.user.is_superuser:
raise Http403
if request.method == 'POST':
# initilize initial values
fields = [
'slug',
'topics',
'question',
'answer',
'level',
'is_faq',
'is_featured',
'is_video',
'syndicate',
'view_totals',
]
export_id = run_export_task('help_files', 'helpfile', fields)
EventLog.objects.log()
return redirect('export.status', export_id)
return render_to_resp(request=request, template_name=template_name, context={
})
def add(request, form_class=FormForm, template_name="forms/add.html"):
if not has_perm(request.user,'forms.add_form'):
raise Http403
PricingFormSet = inlineformset_factory(Form, Pricing, form=PricingForm, extra=2, can_delete=False)
formset = PricingFormSet()
if request.method == "POST":
form = form_class(request.POST, user=request.user)
if form.is_valid():
form_instance = form.save(commit=False)
# save form and associated pricings
form_instance = update_perms_and_save(request, form, form_instance)
formset = PricingFormSet(request.POST, instance=form_instance)
if formset.is_valid():
# update_perms_and_save does not appear to consider ManyToManyFields
for method in form.cleaned_data['payment_methods']:
form_instance.payment_methods.add(method)
formset.save()
messages.add_message(request, messages.SUCCESS, _('Successfully added %(f)s' % {'f':form_instance}))
return HttpResponseRedirect(reverse('form_field_update', args=[form_instance.pk]))
else:
form = form_class(user=request.user)
return render_to_resp(request=request, template_name=template_name, context={
'form':form,
'formset': formset,
})
def change_language(request):
return_to = ''
if 'return_to' in request.GET:
return_to = request.GET['return_to']
return render_to_resp(request=request, template_name='helpdesk/public_change_language.html',
context={'next': return_to})
def export(request, template_name="locations/export.html"):
"""Export Locations"""
if not request.user.is_superuser:
raise Http403
if request.method == 'POST':
# initilize initial values
fields = [
'guid',
'location_name',
'description',
'contact',
'address',
'address2',
'city',
'state',
'zipcode',
'country',
'phone',
'fax',
'email',
'website',
'latitude',
'longitude',
'hq',
'entity',
]
export_id = run_export_task('locations', 'location', fields)
EventLog.objects.log()
return redirect('export.status', export_id)
return render_to_resp(request=request, template_name=template_name, context={
})
def delete(request, id, template_name="directories/delete.html"):
directory = get_object_or_404(Directory, pk=id)
if has_perm(request.user,'directories.delete_directory'):
if request.method == "POST":
msg_string = 'Successfully deleted %s' % directory
messages.add_message(request, messages.SUCCESS, _(msg_string))
# send notification to administrators
recipients = get_notice_recipients('module', 'directories', 'directoryrecipients')
if recipients:
if notification:
extra_context = {
'object': directory,
'request': request,
}
notification.send_emails(recipients,'directory_deleted', extra_context)
directory.delete()
return HttpResponseRedirect(reverse('directory.search'))
return render_to_resp(request=request, template_name=template_name,
context={'directory': directory})
else:
raise Http403
def nearest(request, template_name="locations/nearest.html"):
locations = []
lat, lng = None, None
query = request.GET.get('q')
filters = get_query_filters(request.user, 'locations.view_location')
if query:
lat, lng = get_coordinates(address=query)
all_locations = Location.objects.filter(filters).distinct()
if not request.user.is_anonymous:
all_locations = all_locations.select_related()
if all((lat,lng)):
for location in all_locations:
location.distance = location.get_distance2(lat, lng)
if location.distance is not None:
locations.append(location)
locations.sort(key=lambda x: x.distance)
EventLog.objects.log()
return render_to_resp(request=request, template_name=template_name, context={
'locations':locations,
'origin': {'lat':lat,'lng':lng},
})
def edit_meta(request, id, form_class=MetaForm, template_name="directories/edit-meta.html"):
directory = get_object_or_404(Directory, pk=id)
if not has_perm(request.user, 'directories.change_directory', directory):
raise Http403
defaults = {
'title': directory.get_title(),
'description': directory.get_description(),
'keywords': directory.get_keywords(),
'canonical_url': directory.get_canonical_url(),
}
directory.meta = MetaTags(**defaults)
if request.method == "POST":
form = form_class(request.POST, instance=directory.meta)
if form.is_valid():
directory.meta = form.save() # save meta
directory.save() # save relationship
msg_string = 'Successfully updated meta for %s' % directory
messages.add_message(request, messages.SUCCESS, _(msg_string))
return HttpResponseRedirect(reverse('directory', args=[directory.slug]))
else:
form = form_class(instance=directory.meta)
return render_to_resp(request=request, template_name=template_name,
context={'directory': directory, 'form':form})
def search(request, template_name="entities/search.html"):
filters = get_query_filters(request.user, 'entities.view_entity')
entities = Entity.objects.filter(filters).distinct()
EventLog.objects.log()
return render_to_resp(request=request, template_name=template_name,
context={'entities':entities})
def addon_upload(request, template_name="base/addon_upload.html"):
from tendenci.apps.event_logs.models import EventLog
form = AddonUploadForm(request.POST or None, request.FILES or None)
if request.method == 'POST':
if form.is_valid():
identifier = str(int(time.time()))
temp_file_path = 'uploads/addons/%s_%s' % (
identifier, form.cleaned_data['addon'])
default_storage.save(temp_file_path, form.cleaned_data['addon'])
request.session[identifier] = temp_file_path
EventLog.objects.log(event_data='%s uploaded by %s' %
(form.cleaned_data['addon'], request.user),
description='%s' % form.cleaned_data['addon'])
return redirect('addon.upload.preview', identifier)
return render_to_resp(request=request,
template_name=template_name,
context={'form': form})
def index(request, cat_slug=None, template_name="videos/list.html"):
"""
This page lists out all videos. The order can be customized.
Filtering by category only works if a search index is available.
"""
category = get_object_or_404(Category, slug=cat_slug)
filters = get_query_filters(request.user, 'videos.view_video')
videos = Video.objects.filter(filters).distinct()
if request.user.is_authenticated:
videos = videos.select_related()
if cat_slug:
videos = videos.filter(category__slug=cat_slug)
videos = videos.order_by('-position', '-create_dt')
categories = Category.objects.all()
video_types = VideoType.objects.all()
EventLog.objects.log()
return render_to_resp(request=request, template_name=template_name,
context=locals())
def photoset_view_latest(request,
template_name="photos/photo-set/latest.html"):
""" View latest photo set """
query = request.GET.get('q', None)
filters = get_query_filters(request.user, 'photos.view_photoset')
photo_sets = PhotoSet.objects.filter(filters).distinct()
if not request.user.is_anonymous:
photo_sets = photo_sets.select_related()
if query:
photo_sets = photo_sets.filter(
Q(name__icontains=query) | Q(description__icontains=query)
| Q(tags__icontains=query))
photo_sets = photo_sets.order_by('position', '-create_dt')
EventLog.objects.log()
return render_to_resp(request=request,
template_name=template_name,
context={"photo_sets": photo_sets})
def directory_export_status(request,
identifier,
template_name="directories/export_status.html"):
"""Display export status"""
if not request.user.profile.is_superuser:
raise Http403
export_path = 'export/directories/%s.csv' % identifier
download_ready = False
if default_storage.exists(export_path):
download_ready = True
else:
temp_export_path = 'export/directories/%s_temp.csv' % identifier
if not default_storage.exists(temp_export_path) and \
not default_storage.exists(export_path):
raise Http404
context = {'identifier': identifier, 'download_ready': download_ready}
return render_to_resp(request=request,
template_name=template_name,
context=context)
def photoset_delete(request, id, template_name="photos/photo-set/delete.html"):
photo_set = get_object_or_404(PhotoSet, id=id)
# if no permission; permission exception
if not has_perm(request.user, 'photos.delete_photoset', photo_set):
raise Http403
if request.method == "POST":
photo_set.delete()
# soft delete all images in photo set
Image.objects.filter(photoset=photo_set).delete()
messages.add_message(request, messages.SUCCESS, _('Photo Set %(set)s deleted' % {'set':photo_set}))
# redirect to the photo set search
return redirect('photoset_latest')
return render_to_resp(request=request, template_name=template_name, context={
'photo_set': photo_set,
})
def print_view(request, id, template_name="case_studies/print-view.html"):
case_study = get_object_or_404(CaseStudy, id=id)
services = Service.objects.all()
technologies = Technology.objects.all()
if (case_study.status_detail).lower() != 'active' and (
not request.user.profile.is_superuser):
raise Http403
if not has_perm(request.user, 'case_studies.view_casestudy', case_study):
raise Http403
EventLog.objects.log(instance=case_study)
return render_to_resp(request=request,
template_name=template_name,
context={
'case_study': case_study,
'services': services,
'technologies': technologies
})
def print_view(request, slug, template_name="pages/print-view.html"):
try:
page = get_object_or_404(Page, slug=slug)
except Page.MultipleObjectsReturned:
pages = Page.objects.filter(
slug=slug, status_detail='active'
).order_by('-pk')
if not pages:
pages = Page.objects.filter(slug=slug).order_by('-pk')
if not pages:
raise Http404
page = pages[0]
if not has_perm(request.user, 'pages.view_page', page):
raise Http403
EventLog.objects.log(instance=page)
return render_to_resp(request=request, template_name=template_name,
context={'page': page})
def update_fields(request, id, template_name="forms/update_fields.html"):
form_instance = get_object_or_404(Form, id=id)
if not has_perm(request.user,'forms.add_form',form_instance):
raise Http403
form_class=inlineformset_factory(Form, Field, form=FormForField, formset=BaseFieldFormSet, extra=3)
form_class._orderings = 'position'
if request.method == "POST":
form = form_class(request.POST, instance=form_instance, queryset=form_instance.fields.all().order_by('position'))
if form.is_valid():
form.save()
EventLog.objects.log()
messages.add_message(request, messages.SUCCESS, _('Successfully updated %(f)s' % {'f':form_instance}))
return redirect('form_detail', form_instance.slug)
else:
form = form_class(instance=form_instance, queryset=form_instance.fields.all().order_by('position'))
return render_to_resp(request=request, template_name=template_name,
context={'form':form, 'form_instance':form_instance})
def groupmembership_delete(request, group_slug, user_id, template_name="user_groups/member_delete.html"):
group = get_object_or_404(Group, slug=group_slug)
user = get_object_or_404(User, pk=user_id)
group_membership = get_object_or_404(GroupMembership, group=group, member=user)
if not has_perm(request.user,'user_groups.delete_groupmembership',group_membership):
raise Http403
if request.method == 'POST':
EventLog.objects.log(instance=group_membership)
group_membership.delete()
messages.add_message(
request,
messages.SUCCESS,
_('Successfully removed %(name)s from group %(grp)s' % {
'name':user.get_full_name(),
'grp': group})
)
return HttpResponseRedirect(group.get_absolute_url())
return render_to_resp(request=request, template_name=template_name, context=locals())
def edit_meta(request,
id,
form_class=MetaForm,
template_name="pages/edit-meta.html"):
"""
Return page that allows you to edit meta-html information.
"""
# check permission
page = get_object_or_404(Page, pk=id)
if not has_perm(request.user, 'pages.change_page', page):
raise Http403
defaults = {
'title': page.get_title(),
'description': page.get_description(),
'keywords': page.get_keywords(),
'canonical_url': page.get_canonical_url(),
}
page.meta = MetaTags(**defaults)
if request.method == "POST":
form = form_class(request.POST, instance=page.meta)
if form.is_valid():
page.meta = form.save() # save meta
page.save() # save relationship
messages.add_message(
request, messages.SUCCESS,
_('Successfully updated meta for %(p)s' % {'p': str(page)}))
return HttpResponseRedirect(reverse('page', args=[page.slug]))
else:
form = form_class(instance=page.meta)
return render_to_resp(request=request,
template_name=template_name,
context={
'page': page,
'form': form
})
def edit(request, id, form_class=JobForm, template_name="jobs/edit.html", object_type=Job, success_redirect='job', job_change_perm='jobs.change_job'):
job = get_object_or_404(object_type, pk=id)
if not has_perm(request.user, job_change_perm, job):
raise Http403
form = form_class(request.POST or None,
instance=job,
user=request.user)
# delete admin only fields for non-admin on edit - GJQ 8/25/2010
if not request.user.profile.is_superuser:
del form.fields['pricing']
del form.fields['list_type']
if 'activation_dt' in form.fields:
del form.fields['activation_dt']
if 'post_dt' in form.fields:
del form.fields['post_dt']
if 'expiration_dt' in form.fields:
del form.fields['expiration_dt']
if 'entity' in form.fields:
del form.fields['entity']
del form.fields['payment_method']
if request.method == "POST":
if form.is_valid():
job = form.save(commit=False)
job = update_perms_and_save(request, form, job)
msg_string = u'Successfully updated {}'.format(str(job))
messages.add_message(request, messages.SUCCESS, _(msg_string))
return HttpResponseRedirect(
reverse(success_redirect, args=[job.slug]))
return render_to_resp(request=request, template_name=template_name, context={
'job': job,
'form': form,
})
def update_payment_info(
request,
recurring_payment_id,
template_name="recurring_payments/authnet/cim_update_payment_info2.html"
):
"""
Add or edit payment info.
"""
rp = get_object_or_404(RecurringPayment, pk=recurring_payment_id)
# only admin or user self can access this page
if not request.user.profile.is_superuser and request.user.id != rp.user.id:
raise Http403
rp.populate_payment_profile()
payment_profiles = PaymentProfile.objects.filter(
customer_profile_id=rp.customer_profile_id,
status=True,
status_detail='active')
if payment_profiles:
payment_profile = payment_profiles[0]
else:
payment_profile = None
token, gateway_error = get_token(rp,
CIMCustomerProfile,
CIMHostedProfilePage,
is_secure=request.is_secure())
test_mode = get_test_mode()
return render_to_resp(request=request,
template_name=template_name,
context={
'rp': rp,
'payment_profile': payment_profile,
'token': token,
'test_mode': test_mode,
'gateway_error': gateway_error
})
def edit(request, id, form_class=StoryForm, template_name="stories/edit.html"):
story = get_object_or_404(Story, pk=id)
if has_perm(request.user, 'stories.change_story', story):
if request.method == "POST":
form = form_class(request.POST,
request.FILES,
instance=story,
user=request.user)
if form.is_valid():
story = form.save(commit=False)
# save photo
photo = form.cleaned_data['photo_upload']
if photo:
story.save(photo=photo)
story = update_perms_and_save(request, form, story)
messages.add_message(
request, messages.SUCCESS,
_('Successfully updated %(str)s' % {'str': str(story)}))
redirect_to = request.POST.get('next', '')
if redirect_to:
return HttpResponseRedirect(redirect_to)
else:
return redirect('story', id=story.pk)
else:
form = form_class(instance=story, user=request.user)
else:
raise Http403
return render_to_resp(request=request,
template_name=template_name,
context={
'story': story,
'form': form
})
def edit(request, id, set_id=0, form_class=PhotoEditForm, template_name="photos/edit.html"):
""" edit photo view """
# get photo
photo = get_object_or_404(Image, id=id)
set_id = int(set_id)
# permissions
if not has_perm(request.user,'photos.change_image',photo):
raise Http403
# get available photo sets
photo_sets = PhotoSet.objects.all()
if request.method == "POST":
if request.POST["action"] == "update":
form = form_class(request.POST, instance=photo, user=request.user)
if form.is_valid():
photo = form.save(commit=False)
# update all permissions and save the model
photo = update_perms_and_save(request, form, photo)
messages.add_message(request, messages.SUCCESS, _("Successfully updated photo '%(title)s'" % {'title': str(photo)}) )
if set_id:
return HttpResponseRedirect(reverse("photo", kwargs={"id": photo.id, "set_id": set_id}))
else:
return HttpResponseRedirect(reverse("photo", kwargs={"id": photo.id}))
else:
form = form_class(instance=photo, user=request.user)
else:
form = form_class(instance=photo, user=request.user)
return render_to_resp(request=request, template_name=template_name, context={
"photo_form": form,
"photo": photo,
"photo_sets": photo_sets,
"id": photo.id,
"set_id": set_id,
})
def generate(request):
"""
Newsletter generator form
"""
if not has_perm(request.user, 'newsletters.add_newsletter'):
raise Http403
if request.method == 'POST':
form = GenerateForm(request.POST)
if form.is_valid():
template = form.cleaned_data['template']
html_url = [
reverse('newsletter.template_render',
args=[template.template_id]),
u'?jump_links=%s' % form.cleaned_data.get('jump_links'),
'&events=%s' % form.cleaned_data.get('events'),
'&events_type=%s' % form.cleaned_data.get('events_type'),
'&event_start_dt=%s' %
form.cleaned_data.get('event_start_dt', u''),
'&event_end_dt=%s' %
form.cleaned_data.get('event_end_dt', u''),
'&articles=%s' % form.cleaned_data.get('articles', u''),
'&articles_days=%s' %
form.cleaned_data.get('articles_days', u''),
'&news=%s' % form.cleaned_data.get('news', u''),
'&news_days=%s' % form.cleaned_data.get('news_days', u''),
'&jobs=%s' % form.cleaned_data.get('jobs', u''),
'&jobs_days=%s' % form.cleaned_data.get('jobs_days', u''),
'&pages=%s' % form.cleaned_data.get('pages', u''),
'&pages_days=%s' % form.cleaned_data.get('pages_days', u''),
]
return redirect(''.join(html_url))
form = GenerateForm()
return render_to_resp(request=request,
template_name='newsletters/generate.html',
context={'form': form})
def edit(request, id, form_class=DirectoryForm, template_name="directories/edit.html"):
directory = get_object_or_404(Directory, pk=id)
if not (has_perm(request.user,'directories.change_directory', directory) \
or directory.has_membership_with(request.user)):
raise Http403
if request.user.is_superuser:
if not directory.activation_dt:
# auto-populate activation_dt
directory.activation_dt = datetime.now()
form = form_class(request.POST or None, request.FILES or None,
instance=directory,
user=request.user)
del form.fields['payment_method']
if not request.user.profile.is_superuser:
del form.fields['pricing']
del form.fields['list_type']
if request.method == "POST":
if form.is_valid():
directory = form.save(commit=False)
if directory.logo:
try:
directory.logo.file.seek(0)
except IOError:
directory.logo = None
# update all permissions and save the model
directory = update_perms_and_save(request, form, directory)
form.save_m2m()
msg_string = 'Successfully updated %s' % directory
messages.add_message(request, messages.SUCCESS, _(msg_string))
return HttpResponseRedirect(reverse('directory', args=[directory.slug]))
return render_to_resp(request=request, template_name=template_name,
context={'directory': directory, 'form':form})
def edit(request,
id=None,
form_class=HelpFileForm,
template_name="help_files/edit.html"):
help_file = get_object_or_404(HelpFile, pk=id)
if has_perm(request.user, 'help_files.change_helpfile', help_file):
if request.method == "POST":
form = form_class(request.POST,
instance=help_file,
user=request.user)
if form.is_valid():
help_file = form.save(commit=False)
# add all permissions and save the model
help_file = update_perms_and_save(request, form, help_file)
form.save_m2m()
msg_string = 'Successfully edited %s' % help_file
messages.add_message(request, messages.SUCCESS, _(msg_string))
# # send notification to administrator(s) and module recipient(s)
# recipients = get_notice_recipients('module', 'help_files', 'helpfilerecipients')
# # if recipients and notification:
# notification.send_emails(recipients,'help_file_added', {
# 'object': help_file,
# 'request': request,
# })
return HttpResponseRedirect(
reverse('help_file.details', args=[help_file.slug]))
else:
form = form_class(instance=help_file, user=request.user)
return render_to_resp(request=request,
template_name=template_name,
context={
'help_file': help_file,
'form': form
})
else:
raise Http403
def export(request, template_name="articles/export.html"):
"""Export Profiles"""
if not request.user.profile.is_staff:
raise Http403
if request.method == "POST" and "download" in request.POST:
identifier = int(time.time())
temp_file_path = 'export/articles/%s_temp.csv' % identifier
default_storage.save(temp_file_path, ContentFile(''))
# start the process
subprocess.Popen([
python_executable(), "manage.py", "articles_export_process",
'--identifier=%s' % identifier,
'--user=%s' % request.user.id
])
# log an event
EventLog.objects.log()
return HttpResponseRedirect(
reverse('article.export_status', args=[identifier]))
return render_to_resp(request=request, template_name=template_name)
def articles_report(request, template_name='reports/articles.html'):
article_type = ContentType.objects.get(app_label="articles",
model="article")
stats = EventLog.objects.filter(content_type=article_type,
action='detail') \
.values('content_type', 'object_id', 'headline')\
.annotate(count=Count('pk'))\
.order_by('-count')
# get sort order
sort = request.GET.get('sort', 'viewed')
if sort == 'viewed':
stats = stats.order_by('-count')
elif sort == 'name':
stats = stats.order_by('headline')
elif sort == 'created':
stats = stats.order_by('create_dt')
for item in stats:
try:
article = Article.objects.get(pk=item['object_id'])
item['article'] = article
if article.age().days > 0:
item['per_day'] = item['count'] * 1.0 / article.age().days
else:
item['per_day'] = item['count'] * 1.0
except Article.DoesNotExist:
pass
EventLog.objects.log()
# special sort option
if sort == 'day':
stats = sorted(stats, key=lambda item: item['per_day'], reverse=True)
return render_to_resp(request=request,
template_name=template_name,
context={'stats': stats})
def detail(request, slug=None, hash=None, template_name="articles/view.html"):
if not slug and not hash:
return HttpResponseRedirect(reverse('articles'))
if hash:
version = get_object_or_404(Version, hash=hash)
current_article = get_object_or_404(Article, pk=version.object_id)
article = version.get_version_object()
msg_string = 'You are viewing a previous version of this article. View the <a href="%s%s">Current Version</a>.' % (
get_setting('site', 'global',
'siteurl'), current_article.get_absolute_url())
messages.add_message(request, messages.WARNING, _(msg_string))
else:
article = get_object_or_404(Article, slug=slug)
# non-admin can not view the non-active content
# status=0 has been taken care of in the has_perm function
if (article.status_detail).lower() != 'active' and (
not request.user.profile.is_superuser):
raise Http403
if not article.release_dt_local and article.release_dt:
article.assign_release_dt_local()
if not article.release_dt_local or article.release_dt_local >= datetime.now(
):
if not any([
has_perm(request.user, 'articles.view_article'), request.user
== article.owner, request.user == article.creator
]):
raise Http403
if has_view_perm(request.user, 'articles.view_article', article):
EventLog.objects.log(instance=article)
return render_to_resp(request=request,
template_name=template_name,
context={'article': article})
else:
raise Http403
def relief_map(request, template_name="social_services/map.html"):
responders = SkillSet.objects.filter(loc__isnull=False)
center = 0
if request.user.is_authenticated:
try:
skillset = request.user.skillset
if skillset.is_first_responder:
center = [skillset.loc.x, skillset.loc.y]
responders = responders.exclude(user=request.user)
except:
pass
b_points = [[r.loc.x, r.loc.y] for r in responders if r.is_first_responder]
disaster_areas = ReliefAssessment.objects.filter(loc__isnull=False)
r_points = [[r.loc.x, r.loc.y] for r in disaster_areas]
context = {'b_points': b_points, 'r_points': r_points, 'center': center}
return render_to_resp(request=request,
template_name=template_name,
context=context)
def add(request, form_class=FormForm, template_name="forms/add.html"):
if not has_perm(request.user, 'forms.add_form'):
raise Http403
PricingFormSet = inlineformset_factory(Form,
Pricing,
form=PricingForm,
extra=2,
can_delete=False)
formset = PricingFormSet()
if request.method == "POST":
form = form_class(request.POST, user=request.user)
if form.is_valid():
form_instance = form.save(commit=False)
# save form and associated pricings
form_instance = update_perms_and_save(request, form, form_instance)
formset = PricingFormSet(request.POST, instance=form_instance)
if formset.is_valid():
# update_perms_and_save does not appear to consider ManyToManyFields
for method in form.cleaned_data['payment_methods']:
form_instance.payment_methods.add(method)
formset.save()
messages.add_message(
request, messages.SUCCESS,
_('Successfully added %(f)s' % {'f': form_instance}))
return HttpResponseRedirect(
reverse('form_field_update', args=[form_instance.pk]))
else:
form = form_class(user=request.user)
return render_to_resp(request=request,
template_name=template_name,
context={
'form': form,
'formset': formset,
})
def pricing_delete(request,
id,
template_name="directories/pricing-delete.html"):
directory_pricing = get_object_or_404(DirectoryPricing, pk=id)
if not has_perm(request.user, 'directories.delete_directorypricing'):
raise Http403
if request.method == "POST":
messages.add_message(request, messages.SUCCESS,
'Successfully deleted %s' % directory_pricing)
#directory_pricing.delete()
# soft delete
directory_pricing.status = False
directory_pricing.save()
return HttpResponseRedirect(reverse('directory_pricing.search'))
return render_to_resp(request=request,
template_name=template_name,
context={'directory_pricing': directory_pricing})
def users_added_report(request, kind):
if kind == 'added':
event_ids = (121000, 121100, 123001, 123103)
title = _('Site Users Added Report')
elif kind == 'referral':
event_ids = (125114, 125115)
title = _('Contacts Report - Referral Analysis Report (all contacts)')
else:
raise NotImplementedError('kind "%s" not supported' % kind)
from_date, to_date = request_month_range(request)
queryset = EventLog.objects.all()
queryset = queryset.filter(create_dt__gte=from_date)
queryset = queryset.filter(create_dt__lte=to_date)
chart_data = _events_chart(from_date, to_date, event_ids)
data = queryset.filter(event_id=221000)\
.filter()\
.values('headline')\
.annotate(count=Count('pk'))\
.order_by('-count')
return render_to_resp(request=request,
template_name='reports/users_added.html',
context={
'data':
data,
'chart_data':
chart_data,
'report_title':
title,
'entities':
Entity.objects.all().order_by('entity_name'),
'site':
Site.objects.get_current(),
'date_range': (from_date, to_date)
})
def edit(request, id, form_class=FormForm, template_name="forms/edit.html"):
form_instance = get_object_or_404(Form, pk=id)
if not has_perm(request.user,'forms.change_form',form_instance):
raise Http403
PricingFormSet = inlineformset_factory(Form, Pricing, form=PricingForm, extra=2)
RecurringPaymentFormSet = inlineformset_factory(Form, RecurringPayment, form=RecurringPaymentForm, extra=2)
if request.method == "POST":
form = form_class(request.POST, instance=form_instance, user=request.user)
if form_instance.recurring_payment:
formset = RecurringPaymentFormSet(request.POST, instance=form_instance)
else:
formset = PricingFormSet(request.POST, instance=form_instance)
if form.is_valid() and formset.is_valid():
form_instance = form.save(commit=False)
form_instance = update_perms_and_save(request, form, form_instance)
form.save_m2m() # save payment methods
formset.save() # save price options
# remove all pricings if no custom_payment form
if not form.cleaned_data['custom_payment']:
form_instance.pricing_set.all().delete()
messages.add_message(request, messages.SUCCESS, _('Successfully edited %(f)s' % {'f': form_instance}))
return HttpResponseRedirect(reverse('form_field_update', args=[form_instance.pk]))
else:
form = form_class(instance=form_instance, user=request.user)
if form_instance.recurring_payment:
formset = RecurringPaymentFormSet(instance=form_instance)
else:
formset = PricingFormSet(instance=form_instance)
return render_to_resp(request=request, template_name=template_name,context={
'form':form,
'formset':formset,
'form_instance':form_instance,
})
def group_edit_perms(request,
id,
form_class=GroupPermissionForm,
template_name="user_groups/edit_perms.html"):
group_edit = get_object_or_404(Group, pk=id)
if request.method == "POST":
form = form_class(request.POST, request.user, instance=group_edit)
else:
form = form_class(instance=group_edit)
if form.is_valid():
group_edit.permissions = form.cleaned_data['permissions']
group_edit.save()
return HttpResponseRedirect(group_edit.get_absolute_url())
return render_to_resp(request=request,
template_name=template_name,
context={
'group': group_edit,
'form': form
})
def import_process(
request,
import_id,
template_name="user_groups/imports/user_groups_process.html"):
"""Import Step 3: Import into database"""
if not request.user.profile.is_superuser:
raise Http403 # admin only page
import_i = get_object_or_404(Import, id=import_id)
subprocess.Popen(
[python_executable(), 'manage.py', 'import_groups',
str(import_id)])
return render_to_resp(request=request,
template_name=template_name,
context={
'total':
import_i.total_created + import_i.total_invalid,
"import_i": import_i,
})
def export(request, template_name="redirects/export.html"):
"""Export redirects"""
if not request.user.is_superuser:
raise Http403
if request.method == 'POST':
# initilize initial values
fields = [
'from_url',
'to_url',
'http_status',
'status',
'uses_regex',
'create_dt',
'update_dt',
]
export_id = run_export_task('redirects', 'redirect', fields)
return redirect('export.status', export_id)
return render_to_resp(request=request, template_name=template_name, context={
})
def requests_list(request,
directory_id,
template_name="directories/affiliates/requests_list.html"):
if not get_setting('module', 'directories', 'affiliates_enabled'):
raise Http404
directory = get_object_or_404(Directory, pk=directory_id)
# Check user permission
if not any([request.user.is_superuser, directory.is_owner(request.user)]):
raise Http403
affiliate_requests = AffiliateRequest.objects.filter(
to_directory=directory)
return render_to_resp(request=request,
template_name=template_name,
context={
'directory': directory,
'affiliate_requests': affiliate_requests,
'count': affiliate_requests.count()
})
def export(request, template_name="discounts/export.html"):
"""Export Discounts"""
if not request.user.is_superuser:
raise Http403
if request.method == 'POST':
# initilize initial values
fields = [
'discount_code',
'start_dt',
'end_dt',
'never_expires',
'value',
'cap',
]
export_id = run_export_task('discounts', 'discount', fields)
EventLog.objects.log()
return redirect('export.status', export_id)
return render_to_resp(request=request,
template_name=template_name,
context={})
