def edit_space(request, space_url): """ Returns a form filled with the current space data to edit. Access to this view is restricted only to site and space administrators. The filter for space administrators is given by the change_space and admin_space permission and their belonging to that space. :attributes: - place: current space intance. - form: SpaceForm instance. - form_uncommited: form instance before commiting to the DB, so we can modify the data. :permissions required: spaces.change_space, spaces.admin_space :param space_url: Space URL :rtype: HTML Form :context: form, get_place, entityformset """ place = get_object_or_404(Space, url=space_url) if (request.user.has_perm('change_space', place) and request.user.has_perm('admin_space', place)): form = SpaceForm(request.POST or None, request.FILES or None, instance=place) entity_forms = EntityFormSet( request.POST or None, request.FILES or None, queryset=Entity.objects.all().filter(space=place)) if request.method == 'POST': if form.is_valid() and entity_forms.is_valid(): form_uncommited = form.save(commit=False) form_uncommited.author = request.user new_space = form_uncommited.save() space = get_object_or_404(Space, name=form_uncommited.name) ef_uncommited = entity_forms.save(commit=False) for ef in ef_uncommited: ef.space = space ef.save() form.save_m2m() return HttpResponseRedirect( reverse(urln.SPACE_INDEX, kwargs={'space_url': space.url})) return render_to_response('spaces/space_form.html', { 'form': form, 'get_place': place, 'entityformset': entity_forms }, context_instance=RequestContext(request)) else: raise PermissionDenied
def edit_space(request, space_url): """ Returns a form filled with the current space data to edit. Access to this view is restricted only to site and space administrators. The filter for space administrators is given by the change_space permission and their belonging to that space. :attributes: - place: current space intance. - form: SpaceForm instance. - form_uncommited: form instance before commiting to the DB, so we can modify the data. :param space_url: Space URL :rtype: HTML Form :context: form, get_place """ place = get_object_or_404(Space, url=space_url) if has_space_permission(request.user, place, allow=['admins']): form = SpaceForm(request.POST or None, request.FILES or None, instance=place) entity_forms = EntityFormSet( request.POST or None, request.FILES or None, queryset=Entity.objects.all().filter(space=place)) if request.method == 'POST': if form.is_valid() and entity_forms.is_valid(): form_uncommited = form.save(commit=False) form_uncommited.author = request.user new_space = form_uncommited.save() space = get_object_or_404(Space, name=form_uncommited.name) ef_uncommited = entity_forms.save(commit=False) for ef in ef_uncommited: ef.space = space ef.save() form.save_m2m() messages.success(request, _('Space edited successfully')) return redirect('/spaces/' + space.url + '/') return render_to_response('spaces/space_form.html', { 'form': form, 'get_place': place, 'entityformset': entity_forms }, context_instance=RequestContext(request)) return render_to_response('not_allowed.html', context_instance=RequestContext(request))
def edit_space(request, space_url): """ Returns a form filled with the current space data to edit. Access to this view is restricted only to site and space administrators. The filter for space administrators is given by the change_space and admin_space permission and their belonging to that space. :attributes: - place: current space intance. - form: SpaceForm instance. - form_uncommited: form instance before commiting to the DB, so we can modify the data. :permissions required: spaces.change_space, spaces.admin_space :param space_url: Space URL :rtype: HTML Form :context: form, get_place, entityformset """ place = get_object_or_404(Space, url=space_url) if (request.user.has_perm('change_space', place) and request.user.has_perm('admin_space', place)): form = SpaceForm(request.POST or None, request.FILES or None, instance=place) entity_forms = EntityFormSet(request.POST or None, request.FILES or None, queryset=Entity.objects.all().filter(space=place)) if request.method == 'POST': if form.is_valid() and entity_forms.is_valid(): form_uncommited = form.save(commit=False) form_uncommited.author = request.user new_space = form_uncommited.save() space = get_object_or_404(Space, name=form_uncommited.name) ef_uncommited = entity_forms.save(commit=False) for ef in ef_uncommited: ef.space = space ef.save() form.save_m2m() return HttpResponseRedirect(reverse(urln.SPACE_INDEX, kwargs={'space_url': space.url})) return render_to_response('spaces/space_form.html', {'form': form, 'get_place': place, 'entityformset': entity_forms}, context_instance=RequestContext(request)) else: raise PermissionDenied
def edit_space(request, space_url): """ Returns a form filled with the current space data to edit. Access to this view is restricted only to site and space administrators. The filter for space administrators is given by the change_space permission and their belonging to that space. :attributes: - place: current space intance. - form: SpaceForm instance. - form_uncommited: form instance before commiting to the DB, so we can modify the data. :param space_url: Space URL :rtype: HTML Form :context: form, get_place """ place = get_object_or_404(Space, url=space_url) if has_space_permission(request.user, place, allow=["admins"]): form = SpaceForm(request.POST or None, request.FILES or None, instance=place) entity_forms = EntityFormSet( request.POST or None, request.FILES or None, queryset=Entity.objects.all().filter(space=place) ) if request.method == "POST": if form.is_valid() and entity_forms.is_valid(): form_uncommited = form.save(commit=False) form_uncommited.author = request.user new_space = form_uncommited.save() space = get_object_or_404(Space, name=form_uncommited.name) ef_uncommited = entity_forms.save(commit=False) for ef in ef_uncommited: ef.space = space ef.save() form.save_m2m() return HttpResponseRedirect(reverse(urln.SPACE_INDEX, kwargs={"space_url": space.url})) return render_to_response( "spaces/space_form.html", {"form": form, "get_place": place, "entityformset": entity_forms}, context_instance=RequestContext(request), ) return render_to_response("not_allowed.html", context_instance=RequestContext(request))
def edit_space(request, space_url): """ Returns a form filled with the current space data to edit. Access to this view is restricted only to site and space administrators. The filter for space administrators is given by the change_space permission and their belonging to that space. :attributes: - place: current space intance. - form: SpaceForm instance. - form_uncommited: form instance before commiting to the DB, so we can modify the data. :param space_url: Space URL :rtype: HTML Form :context: form, get_place """ place = get_object_or_404(Space, url=space_url) if request.user in place.admins.all(): form = SpaceForm(request.POST or None, request.FILES or None, instance=place) entity_forms = EntityFormSet(request.POST or None, request.FILES or None, queryset=Entity.objects.all().filter(space=place)) if request.method == 'POST': if form.is_valid() and entity_forms.is_valid(): form_uncommited = form.save(commit=False) form_uncommited.author = request.user new_space = form_uncommited.save() space = get_object_or_404(Space, name=form_uncommited.name) ef_uncommited = entity_forms.save(commit=False) for ef in ef_uncommited: ef.space = space ef.save() form.save_m2m() messages.success(request, _('Space edited successfully')) return redirect('/spaces/' + space.url + '/') return render_to_response('spaces/space_form.html', {'form': form, 'get_place': place, 'entityformset': entity_forms}, context_instance=RequestContext(request)) return render_to_response('not_allowed.html', context_instance=RequestContext(request))
def create_space(request): """ Returns a SpaceForm form to fill with data to create a new space. There is an attached EntityFormset to save the entities related to the space. Only site administrators are allowed to create spaces. :attributes: - space_form: empty SpaceForm instance - entity_forms: empty EntityFormSet :rtype: Space object, multiple entity objects. :context: form, entityformset """ space_form = SpaceForm(request.POST or None, request.FILES or None) entity_forms = EntityFormSet(request.POST or None, request.FILES or None, queryset=Entity.objects.none()) if request.method == 'POST': if space_form.is_valid() and entity_forms.is_valid(): space_form_uncommited = space_form.save(commit=False) space_form_uncommited.author = request.user new_space = space_form_uncommited.save() space = get_object_or_404(Space, name=space_form_uncommited.name) ef_uncommited = entity_forms.save(commit=False) for ef in ef_uncommited: ef.space = space ef.save() # We add the created spaces to the user allowed spaces # space.admins.add(request.user) space_form.save_m2m() return HttpResponseRedirect( reverse(urln.SPACE_INDEX, kwargs={'space_url': space.url})) return render_to_response('spaces/space_form.html', { 'form': space_form, 'entityformset': entity_forms }, context_instance=RequestContext(request))
def create_space(request): """ Returns a SpaceForm form to fill with data to create a new space. There is an attached EntityFormset to save the entities related to the space. Only site administrators are allowed to create spaces. :attributes: - space_form: empty SpaceForm instance - entity_forms: empty EntityFormSet :rtype: Space object, multiple entity objects. :context: form, entityformset """ space_form = SpaceForm(request.POST or None, request.FILES or None) entity_forms = EntityFormSet(request.POST or None, request.FILES or None, queryset=Entity.objects.none()) if request.method == 'POST': if space_form.is_valid() and entity_forms.is_valid(): space_form_uncommited = space_form.save(commit=False) space_form_uncommited.author = request.user new_space = space_form_uncommited.save() space = get_object_or_404(Space, name=space_form_uncommited.name) ef_uncommited = entity_forms.save(commit=False) for ef in ef_uncommited: ef.space = space ef.save() # We add the created spaces to the user allowed spaces # space.admins.add(request.user) space_form.save_m2m() return HttpResponseRedirect(reverse(urln.SPACE_INDEX, kwargs={'space_url': space.url})) return render_to_response('spaces/space_form.html', {'form': space_form, 'entityformset': entity_forms}, context_instance=RequestContext(request))
def create_space(request): """ Returns a SpaceForm form to fill with data to create a new space. There is an attached EntityFormset to save the entities related to the space. Every user in the platform is allowed to create spaces. Once it's created we assign the administration permissions to the user, along with some others for the sake of functionality. .. note:: Since everyone can have the ability to create spaces, instead of checking for the add_space permission we just ask for login. :attributes: - space_form: empty SpaceForm instance - entity_forms: empty EntityFormSet :permissions required: login_required :rtype: Space object, multiple entity objects. :context: form, entityformset """ space_form = SpaceForm(request.POST or None, request.FILES or None) entity_forms = EntityFormSet(request.POST or None, request.FILES or None, queryset=Entity.objects.none()) if request.method == 'POST': if space_form.is_valid() and entity_forms.is_valid(): space_form_uncommited = space_form.save(commit=False) space_form_uncommited.author = request.user new_space = space_form_uncommited.save() space = get_object_or_404(Space, name=space_form_uncommited.name) ef_uncommited = entity_forms.save(commit=False) for ef in ef_uncommited: ef.space = space ef.save() # We add the created spaces to the user allowed spaces # space.admins.add(request.user) space_form.save_m2m() # Assign permissions to the user so he can chenge everything in the # space assign_perm('view_space', request.user, space) assign_perm('change_space', request.user, space) assign_perm('delete_space', request.user, space) assign_perm('admin_space', request.user, space) if DEBUG: # This will tell us if the user got the right permissions for # the object un = request.user.username u = ObjectPermissionChecker(request.user) # Avoid unnecesary queries for the permission checks print """Space permissions for user '%s': View: %s Change: %s Delete: %s Admin: %s Mod: %s """ % (un, u.has_perm('view_space', space), u.has_perm('change_space', space), u.has_perm('delete_space', space), u.has_perm('admin_space', space), u.has_perm('mod_space', space)) return HttpResponseRedirect(reverse(urln.SPACE_INDEX, kwargs={'space_url': space.url})) return render_to_response('spaces/space_form.html', {'form': space_form, 'entityformset': entity_forms}, context_instance=RequestContext(request))