Exemple #1
0
    def get(self, request, pk=None):
        """
        Return creation or edition form if pk is provided
        """
        if pk is None:
            default_data = {
                'app_page_type': CTA().get_for_names("page_text",
                                                     "pageapp_text")
            }

            if 'parent' in request.GET and request.GET['parent'] != '0':
                default_data['parent'] = request.GET['parent']
            form = PageWAForm(initial=default_data)

            html = render_to_string('administration/page/page-create.html', {
                'form': form,
            },
                                    context_instance=RequestContext(request))

            response = Response(status.HTTP_200_OK, {"html": html})
            return self.render(response)
        else:
            page = get_object_or_404(request.website.pages, pk=pk)
            form = PageWAForm(instance=page)
            html = render_to_string('administration/page/page-edit.html', {
                'form': form,
                'page': page
            },
                                    context_instance=RequestContext(request))
            response = Response(status.HTTP_200_OK, {"html": html})
            return self.render(response)
Exemple #2
0
    def post(self, request, contact_id):
        #################
        # Setup
        #################

        headers = {
            "Content-Type": "application/json",
            "Allow": "",
        }

        #################
        # Validation
        #################

        try:
            account_id = int(request.session["_auth_user_id"])
        except KeyError:
            return Response(status=status.HTTP_401_UNAUTHORIZED)

        try:
            account = Account.objects.get(user_id=account_id)
        except Account.DoesNotExist:
            return Response(status=status.HTTP_401_UNAUTHORIZED)

        if account.type is not 'administrator':
            return Response(status=status.HTTP_401_UNAUTHORIZED)

        errors = {
            "header_request_method":
            "This endpoint only supports GET, PUT and DELETE requests."
        }
        return Response(content=errors,
                        headers=headers,
                        status=status.HTTP_405_METHOD_NOT_ALLOWED)
Exemple #3
0
    def put(self, request, pk=None):
        post_values = self.DATA.copy()
        post_values['website'] = request.website.id
        form = PageWAForm(post_values)
        if form.is_valid():
            page = form.save()

            # Add the new page on auto_display PluginRelation
            plugins_relation = PluginRelation.objects.filter(
                display_on_new_pages=True, pages__website=request.website)

            for plugin_relation in plugins_relation:
                plugin_relation.pages.add(page)

            response = Response(
                status.HTTP_202_ACCEPTED, {
                    "msg": MESSAGES.get('redirection', ""),
                    'location': page.get_absolute_url()
                })
        else:
            content = render_to_string(
                'administration/page/page-create.html', {
                    'form': form,
                },
                context_instance=RequestContext(request))
            response = Response(status.HTTP_400_BAD_REQUEST, {
                "html": content,
                "msg": MESSAGES.get('default_error', "")
            })
        return self.render(response)
Exemple #4
0
    def delete(self, request, pk):
        page = get_object_or_404(request.website.pages, pk=pk)
        url_home_page = request.website.get_url_home_page()

        # We can't delete the home page
        if page.get_absolute_url() == url_home_page:
            response = Response(
                status.HTTP_400_BAD_REQUEST,
                {"msg": MESSAGES.get('delete_home_page_error', "")})
            return self.render(response)
        # Need redirection if page is currently displayed
        if request.page == page:
            redirection = True
        else:
            redirection = False
        # Deleting page
        page.delete()
        # Make response
        if redirection:
            response = Response(status.HTTP_202_ACCEPTED,
                                {'location': url_home_page})
        else:
            # Refresh Menu navigation:
            navigation_html = RenderingContext(request).html_navigation
            response = Response(
                status.HTTP_200_OK, {
                    "id": pk,
                    "navigation_html": navigation_html,
                    "msg": MESSAGES.get('page_delete_success', "")
                })
        # Send response
        return self.render(response)
Exemple #5
0
 def post(self, request, test_id):
     try:
         test = Test.objects.get(id=test_id)
     except ObjectDoesNotExist:
         return Response(status.HTTP_404_NOT_FOUND)
     if request.user == test.teacher:
         if self.CONTENT["answer_id"].test != test:
             return Response(
                 status.HTTP_400_BAD_REQUEST,
                 "This answer isn't associated with the current test.")
         try:
             checkedAnswer = CheckedAnswers.objects.create(
                 **{
                     "answer": self.CONTENT["answer_id"],
                     "list": self.CONTENT["list"],
                     "note": self.CONTENT["note"],
                 })
         except IntegrityError:
             return Response(status.HTTP_400_BAD_REQUEST,
                             "These answers have already been checked.")
         else:
             return reverse("test_checked_answer",
                            kwargs={
                                "test_id": test_id,
                                "answer_id": checkedAnswer.answer.student.id
                            })
     else:
         return Response(status.HTTP_401_UNAUTHORIZED)
Exemple #6
0
 def get(self, request, test_id, answer_id):
     try:
         checkedAnswer = CheckedAnswers.objects.get(
             answer__student=answer_id)
     except ObjectDoesNotExist:
         return Response(status.HTTP_404_NOT_FOUND)
     if request.user in (checkedAnswer.answer.student,
                         checkedAnswer.answer.test.teacher):
         return {
             "list":
             checkedAnswer.list,
             "note":
             checkedAnswer.note,
             "answer":
             reverse("test_answer",
                     kwargs={
                         "test_id": test_id,
                         "student_id": answer_id
                     }),
             "url":
             reverse("test_checked_answer",
                     kwargs={
                         "test_id": test_id,
                         "answer_id": answer_id
                     }),
         }
     else:
         return Response(status.HTTP_401_UNAUTHORIZED)
Exemple #7
0
    def post(self, request, account_id):
        #################
        # Setup
        #################

        headers = {
            "Content-Type": "application/json",
            "Allow": "GET, PUT, DELETE",
        }

        #################
        # Validation
        #################

        try:
            request.session["_auth_user_id"]
        except KeyError:
            return Response(status=status.HTTP_401_UNAUTHORIZED)

        errors = {
            "header_request_method":
            "This endpoint only supports GET, PUT and DELETE requests."
        }
        return Response(content=errors,
                        headers=headers,
                        status=status.HTTP_405_METHOD_NOT_ALLOWED)
Exemple #8
0
    def delete(self, request):
        #################
        # Setup
        #################

        headers = {
            "Content-Type": "application/json",
            "Allow": "POST",
        }

        try:
            request.session["_auth_user_id"]
        except KeyError:
            return Response(status=status.HTTP_401_UNAUTHORIZED)

        #################
        # Validation
        #################

        errors = {
            "header_request_method":
            "This endpoint only supports POST requests."
        }
        return Response(content=errors,
                        headers=headers,
                        status=status.HTTP_405_METHOD_NOT_ALLOWED)
    def dispatch(self, request, *args, **kwargs):
        self.request = request
        self.args = args
        self.kwargs = kwargs
        self.headers = {}

        try:
            self.initial(request, *args, **kwargs)

            # Authenticate and check request has the relevant permissions
            self._check_permissions()

            # Get the appropriate handler method
            if self.method.lower() in self.http_method_names:
                handler = getattr(self, self.method.lower(), self.http_method_not_allowed)
            else:
                handler = self.http_method_not_allowed

            response_obj = handler(request, *args, **kwargs)

            # Allow return value to be either HttpResponse, Response, or an object, or None
            if isinstance(response_obj, HttpResponse):
                return response_obj
            elif isinstance(response_obj, Response):
                response = response_obj
            elif response_obj is not None:
                response = Response(status.HTTP_200_OK, response_obj)
            else:
                response = Response(status.HTTP_204_NO_CONTENT)

            # Pre-serialize filtering (eg filter complex objects into natively serializable types)
            response.cleaned_content = self.filter_response(response.raw_content)

        except ErrorResponse, exc:
            response = exc.response
Exemple #10
0
 def get(self, request, test_id):
     try:
         test = Test.objects.get(id=test_id)
     except ObjectDoesNotExist:
         return Response(status.HTTP_404_NOT_FOUND)
     result = {
         "id":
         test.id,
         "teacher":
         reverse("user", kwargs={"id": test.teacher.id}),
         "url":
         reverse("test", kwargs={"test_id": test_id}),
         "students":
         reverse("test_students", kwargs={"test_id": test_id}),
         "groups":
         reverse("test_groups", kwargs={"test_id": test_id}),
         "answers":
         reverse("test_answers", kwargs={"test_id": test_id}),
         "checked_answers":
         reverse("test_checked_answers", kwargs={"test_id": test_id}),
     }
     if request.user == test.teacher:
         result["list"] = test.list
         return result
     elif request.user.has_perm('do_test', test):
         result["list"] = self._strip_answers(test.list)
         return result
     else:
         return Response(status.HTTP_401_UNAUTHORIZED)
Exemple #11
0
    def post(self, request):
        """
        Handle POST requests, managing the user authentication.
        """
        
        try:
            user = User.objects.get(email=request.POST['email'])
            user = authenticate(username=user.username, password=request.POST['password'])
          
            if user is not None:
                if user.is_active:
                    login(request, user)
                    response = Response(status.HTTP_200_OK,
                                        {"msg": MESSAGES.get('user_authenticated', "")})
                else:
                    response = Response(status.HTTP_400_BAD_REQUEST,
                                        {"msg": MESSAGES.get('inactive_user', "")})
                    
            else:
                response = Response(status.HTTP_400_BAD_REQUEST,
                                    {"msg": MESSAGES.get('bad_login_pwd', "")})

        except User.DoesNotExist:            
            response = Response(status.HTTP_400_BAD_REQUEST,
                                {"msg": MESSAGES.get('bad_login_pwd', "")})
            
        return self.render(response)
Exemple #12
0
    def dispatch(self, request, *args, **kwargs):
        self.request = request
        self.args = args
        self.kwargs = kwargs
        self.headers = {}

        try:
            self.initial(request, *args, **kwargs)

            # Authenticate and check request has the relevant permissions
            self._check_permissions()

            # Get the appropriate handler method
            if self.method.lower() in self.http_method_names:
                handler = getattr(self, self.method.lower(), self.http_method_not_allowed)
            else:
                handler = self.http_method_not_allowed

            response_obj = handler(request, *args, **kwargs)

            # Allow return value to be either HttpResponse, Response, or an object, or None
            if isinstance(response_obj, HttpResponse):
                return response_obj
            elif isinstance(response_obj, Response):
                response = response_obj
            elif response_obj is not None:
                response = Response(status.HTTP_200_OK, response_obj)
            else:
                response = Response(status.HTTP_204_NO_CONTENT)

            # Pre-serialize filtering (eg filter complex objects into natively serializable types)
            response.cleaned_content = self.filter_response(response.raw_content)

        except ErrorResponse, exc:
            response = exc.response
Exemple #13
0
    def post(self, request, pk):
        domain = get_object_or_404(request.website.ndds, pk=pk)

        if 'primary' in request.POST:
            request.website.domain = domain
            request.website.save()
            response = Response(
                status.HTTP_202_ACCEPTED, {
                    'location':
                    'http://%s%s#admin' %
                    (domain.domain, request.page.get_absolute_url())
                })
        else:
            form = DomainWAForm(request.POST, instance=domain)

            if form.is_valid():
                form.save()
                response = Response(
                    status.HTTP_200_OK,
                    {'msg': MESSAGES.get('item_edit_success', "")})
            else:
                html = render_to_string(
                    'administration/website/domain.html', {
                        'form': form,
                        'edit': True
                    },
                    context_instance=RequestContext(request))

                response = Response(status.HTTP_400_BAD_REQUEST, {
                    "html": html,
                    'msg': MESSAGES.get('default_error', "")
                })
        return self.render(response)
Exemple #14
0
 def delete(self, request, id):
     if role(request) == "admin":
         try:
             User.objects.get(id=id).delete()
         except ObjectDoesNotExist:
             return Response(status.HTTP_404_NOT_FOUND)
         else:
             return reverse("users")
     else:
         return Response(status.HTTP_401_UNAUTHORIZED)
Exemple #15
0
 def delete(self, request, group_id):
     try:
         group = Group.objects.get(id=group_id)
     except ObjectDoesNotExist:
         return Response(status.HTTP_404_NOT_FOUND)
     if role(request) == "admin":
         group.delete()
         return reverse("groups")
     else:
         return Response(status.HTTP_401_UNAUTHORIZED)
Exemple #16
0
 def delete(self, request, test_id):
     try:
         test = Test.objects.get(id=test_id)
     except ObjectDoesNotExist:
         return Response(status.HTTP_404_NOT_FOUND)
     if request.user == test.teacher:
         test.delete()
         return reverse("tests")
     else:
         return Response(status.HTTP_401_UNAUTHORIZED)
Exemple #17
0
 def post(self, request):
     if role(request) == "admin":
         try:
             group = Group.objects.create(name=self.CONTENT["name"])
         except IntegrityError:
             return Response(HTTP_400_BAD_REQUEST,
                             "Group name already in use.")
         return reverse("group", kwargs={"group_id": group.id})
     else:
         return Response(status.HTTP_401_UNAUTHORIZED)
Exemple #18
0
 def delete(self, request, test_id, answer_id):
     try:
         checkedAnswer = CheckedAnswers.objects.get(
             answer__student=answer_id)
     except ObjectDoesNotExist:
         return Response(status.HTTP_404_NOT_FOUND)
     if checkedAnswer.answer.test.teacher == request.user:
         checkedAnswer.delete()
         return reverse("test_checked_answers", kwargs={"test_id": test_id})
     else:
         return Response(status.HTTP_401_UNAUTHORIZED)
Exemple #19
0
    def put(self, request):
        #################
        # Setup
        #################

        headers = {
            "Content-Type": "application/json",
            "Allow": "GET, POST",
        }

        # Check content-type header
        if not self.content_type.startswith('application/json'):
            errors = {
                "header_content_type":
                "Content-Type must be 'application/json'. Your Content-Type is "
                + str(self.content_type)
            }
            return Response(content=errors,
                            headers=headers,
                            status=status.HTTP_400_BAD_REQUEST)

        try:
            action = self.CONTENT['action']
        except KeyError:
            error = {"action": "Missing action."}
            return Response(content=error,
                            headers=headers,
                            status=status.HTTP_400_BAD_REQUEST)

        #################
        # Validation
        #################

        # Request to reset user's password
        if action == 'request_password_reset':
            try:
                email = self.CONTENT['email']
            except KeyError:
                error = {"email": "Missing email address."}
                return Response(content=error,
                                headers=headers,
                                status=status.HTTP_400_BAD_REQUEST)

            result = Account.request_reset_password(email)

        else:
            result = {"action": "Invalid action."}

        if isinstance(result, dict):
            return Response(content=result,
                            headers=headers,
                            status=status.HTTP_400_BAD_REQUEST)

        return Response(content={}, headers=headers, status=status.HTTP_200_OK)
    def post(self, request, poll_id):
        poll = get_object_or_404(Poll.objects.all(), pk=poll_id)
        form = PollForm(request.POST, instance=poll)

        if form.is_valid():
            form.save()
        else:
            return Response(content=form.errors, status=400)

        return Response(
            status=303,
            headers={'Location': reverse('polls_api_results', args=[poll_id])})
Exemple #21
0
    def delete(self, request, pk):
        domain = get_object_or_404(request.website.ndds, pk=pk)

        # You cannot delete the primary domain
        if request.website.domain == domain:
            response = Response(status.HTTP_400_BAD_REQUEST,
                                {'msg': MESSAGES.get('default_error', "")})
        else:
            domain.delete()
            response = Response(
                status.HTTP_200_OK,
                {"msg": MESSAGES.get('item_delete_success', "")})
        # Send response
        return self.render(response)
Exemple #22
0
 def get(self, request):
     key = request.GET.get('api_key', None)
     account_id = -1
     if key:
         userprofile = None
         try:
             userprofile = UserProfile.objects.get(api_key=key)
             account_id = userprofile.user_id
         except:
             pass
         if userprofile:
             user = None
             try:
                 user = User.objects.get(pk=account_id)
             except:
                 pass
             if user:
                 if is_allowed(user):
                     videos = Video.objects.filter(
                         uploader__id=account_id).order_by('-created')[:1:]
                     json_videos = []
                     for video in videos:
                         channel_name = None
                         if video.channel:
                             channel_name = video.channel.name
                         json_videos.append({
                             'id':
                             video.id,
                             'channel':
                             channel_name,
                             'url':
                             video.get_absolute_url(),
                             'title':
                             video.title,
                             'embed_code':
                             video.get_embed_code()
                         })
                     response = Response(200, {
                         'success': True,
                         'videos': json_videos
                     })
                 else:
                     response = Response(401)
             else:
                 response = Response(401)
         else:
             response = Response(401)
     else:
         response = Response(400)
     return self.render(response)
Exemple #23
0
 def delete(self, request, group_id, student_id):
     try:
         group = Group.objects.get(id=group_id)
     except ObjectDoesNotExist:
         return Response(status.HTTP_404_NOT_FOUND)
     try:
         user = User.objects.get(id=student_id)
     except ObjectDoesNotExist:
         return Response(status.HTTP_404_NOT_FOUND)
     if role(request) == "admin":
         user.groups.remove(group)
         return reverse("group", kwargs={"group_id": group_id})
     else:
         return Response(status.HTTP_401_UNAUTHORIZED)
Exemple #24
0
 def delete(self, request, test_id, student_id):
     try:
         test = Test.objects.get(id=test_id)
     except ObjectDoesNotExist:
         return Response(status.HTTP_404_NOT_FOUND)
     if test.teacher == request.user:
         try:
             student = User.objects.get(id=student_id)
         except ObjectDoesNotExist:
             return Response(status.HTTP_404_NOT_FOUND)
         remove_perm('do_test', student, test)
         return reverse("test_students", kwargs={"test_id": test_id})
     else:
         return Response(status.HTTP_401_UNAUTHORIZED)
Exemple #25
0
 def post(self, request, test_id):
     try:
         test = Test.objects.get(id=test_id)
     except ObjectDoesNotExist:
         return Response(status.HTTP_404_NOT_FOUND)
     if test.teacher == request.user:
         student = self.CONTENT["student_id"]
         assign('do_test', student, test)
         return reverse("test_student",
                        kwargs={
                            "test_id": test_id,
                            "student_id": student.id
                        })
     else:
         return Response(status.HTTP_401_UNAUTHORIZED)
Exemple #26
0
    def post(self, request, *args, **kwargs):
        model = self.resource.model

        # Copy the dict to keep self.CONTENT intact
        content = dict(self.CONTENT)
        m2m_data = {}

        for field in model._meta.many_to_many:
            if field.name in content:
                m2m_data[field.name] = (field.m2m_reverse_field_name(),
                                        content[field.name])
                del content[field.name]

        instance = model(
            **self.get_instance_data(model, content, *args, **kwargs))
        instance.save()

        for fieldname in m2m_data:
            manager = getattr(instance, fieldname)

            if hasattr(manager, 'add'):
                manager.add(*m2m_data[fieldname][1])
            else:
                data = {}
                data[manager.source_field_name] = instance

                for related_item in m2m_data[fieldname][1]:
                    data[m2m_data[fieldname][0]] = related_item
                    manager.through(**data).save()

        headers = {}
        if hasattr(instance, 'get_absolute_url'):
            headers['Location'] = self.resource(self).url(instance)
        return Response(status.HTTP_201_CREATED, instance, headers)
Exemple #27
0
    def render_to_response_with_refresh(self, relation_id, app_obj, msg=None):
        
        id_items = check_object_html_id(relation_id,
                                        types=[settings.SLUG_PLUGIN,
                                               settings.SLUG_APP])
        # APP rendering
        if id_items[0] == settings.SLUG_APP:
            # Get placeholder slug in page
            placeholder_slug = app_obj.page.get().placeholder_slug
        # Plugin Rendering
        else:
            # Get placeholder_slug in relation
            placeholder_slug = app_obj.pages.get(pages=self.request.page).placeholder_slug

        placeholder_slug_items = check_placeholder_html_id(placeholder_slug)
        layout_section_slug = placeholder_slug_items[0]
        placeholder_id = placeholder_slug_items[2]
        rendering_context = RenderingContext(self.request)
        html = rendering_context.get_html_placeholder(layout_section_slug, placeholder_id,
                                                      context=RequestContext(self.request))
        datas = {'html': html, 'placeholder_slug': placeholder_slug}
        if msg:
            datas['msg'] = msg
        response = Response(status.HTTP_200_OK, datas)
        return self.render(response)
Exemple #28
0
    def post(self, request, relation_id, plugin, action_pk=None):

        links_html_id = request.POST.getlist('links_id[]')

        if links_html_id:
            # New ordering items
            order = 1
            for link_id in map(lambda s: s.split('-')[1], links_html_id):
                try:
                    obj = Link.objects.get(pk=link_id)
                    if obj.plugin == plugin:
                        obj.order = order
                        obj.save()
                        order += 1
                except Link.DoesNotExist:
                    pass

            # Rendering new content
            html = request.page.render_page(request).content

            if isinstance(html, HTMLRendering):
                html = html.content

            response = Response(
                status.HTTP_200_OK, {
                    'msg': MESSAGES.get('items_edit_success', ""),
                    'html': html,
                    'placeholder_type': placeholder_type,
                    'html_id': relation_id
                })
            return self.render(response)

        else:
            raise ErrorResponse(status.HTTP_400_BAD_REQUEST,
                                {'msg': MESSAGES.get('default_error', "")})
Exemple #29
0
    def post(self, request, group_id):
        try:
            group = Group.objects.get(id=group_id)
        except ObjectDoesNotExist:
            return Response(status.HTTP_404_NOT_FOUND)
        student = self.CONTENT["student_id"]

        if role(request) == "admin":
            student.groups.add(group)
            return reverse("group_member",
                           kwargs={
                               "group_id": group_id,
                               "student_id": student.id
                           })
        else:
            return Response(status.HTTP_401_UNAUTHORIZED)
Exemple #30
0
    def get(self, request):
        # Render HTML

        quota = render_quota_html(request)

        response = Response(status.HTTP_200_OK, {"quota": quota})
        return self.render(response)
Exemple #31
0
    def get(self, request, pk=None):

        current_theme = request.website.theme.split('/')[0]
        try:
            current_style = request.website.theme.split('/')[1]
        except:
            current_style = None
        # Render HTML

        if not pk:
            pk = current_theme
        theme = themes_info(pk)[0]

        html = render_to_string('administration/design/styles_list.html', {
            'theme': theme,
            'current_theme': current_theme,
            'current_style': current_style
        },
                                context_instance=RequestContext(request))

        response = Response(status.HTTP_200_OK, {
            "html": html,
            'current': current_theme
        })
        return self.render(response)
    def dispatch(self, request, *args, **kwargs):
        self.request = request
        self.args = args
        self.kwargs = kwargs
        self.headers = {}

        # Calls to 'reverse' will not be fully qualified unless we set the scheme/host/port here.
        orig_prefix = get_script_prefix()
        if not (orig_prefix.startswith('http:') or orig_prefix.startswith('https:')):
            prefix = '%s://%s' % (request.is_secure() and 'https' or 'http', request.get_host())
            set_script_prefix(prefix + orig_prefix)

        try:
            self.initial(request, *args, **kwargs)

            # Authenticate and check request has the relevant permissions
            self._check_permissions()

            # Get the appropriate handler method
            if self.method.lower() in self.http_method_names:
                handler = getattr(self, self.method.lower(), self.http_method_not_allowed)
            else:
                handler = self.http_method_not_allowed

            response_obj = handler(request, *args, **kwargs)

            # Allow return value to be either HttpResponse, Response, or an object, or None
            if isinstance(response_obj, HttpResponse):
                return response_obj
            elif isinstance(response_obj, Response):
                response = response_obj
            elif response_obj is not None:
                response = Response(status.HTTP_200_OK, response_obj)
            else:
                response = Response(status.HTTP_204_NO_CONTENT)

            if request.method == 'OPTIONS':
                # do not filter the response for HTTP OPTIONS, else the response fields are lost,
                # as they do not correspond with model fields
                response.cleaned_content = response.raw_content
            else:
                # Pre-serialize filtering (eg filter complex objects into natively serializable types)
                response.cleaned_content = self.filter_response(response.raw_content)

        except ErrorResponse, exc:
            response = exc.response