def get_working_flowgram(user): profile = user.get_profile() try: log.debug("get_working_flowgram for user %s with working_flowgram_id = %s" % (str(user.id), profile.working_flowgram_id)) if profile.just_published and profile.working_flowgram_id != "": log.critical("User %s has just_published AND working_flowgram_id = %s." % (user, profile.working_flowgram_id)) working_flowgram = None if profile.working_flowgram_id != "": working_flowgram = Flowgram.objects.get(id=profile.working_flowgram_id) if profile.just_published or (working_flowgram and not permissions.can_edit(user, working_flowgram)): flowgram = new_flowgram(user) set_working_flowgram(user, flowgram) profile.just_published = False profile.save() return (flowgram, True) if working_flowgram: return (working_flowgram, False) except Flowgram.DoesNotExist: pass # Finally, return their latest-modified Flowgram if one exists, or else a new flowgram try: return (Flowgram.objects.filter(owner=user, published=False).latest('modified_at'), False) except Flowgram.DoesNotExist: flowgram = new_flowgram(user) set_working_flowgram(user, flowgram) return (flowgram, True)
def save_flowgram(request, flowgram, description, public, title, sent_owner_done_email, \ background_audio_loop, background_audio_volume, tags): if permissions.can_edit(request.user, flowgram): flowgram.description = description if public and not flowgram.public: flowgram.published_at = datetime.now() flowgram.public = public flowgram.title = title flowgram.sent_owner_done_email = sent_owner_done_email flowgram.background_audio_loop = background_audio_loop flowgram.background_audio_volume = background_audio_volume flowgram.save() if localsettings.FEATURE['subscriptions_fw']: data = {'fg_id': flowgram.id, 'eventCode': 'FG_MADE'} data['active'] = 'make_active' if public else 'make_inactive' controller.store_fgmade_event(data) if request.POST.has_key('tags'): controller.set_tags(request.user, flowgram, tags) if localsettings.FEATURE['subscriptions_fw']: controller.store_fgtagged_event({'current_user': request.user, 'fg_id': flowgram.id, 'eventCode': 'FG_TAGGED'})
def set_working_flowgram(user, fg): if permissions.can_edit(user, fg): profile = user.get_profile() profile.working_flowgram_id = fg.id profile.save() log.debug("Action log: set_working_flowgram to %s for %s" % (fg.id, str(user.id)))
def delete_comment(request, enc, comment_id): comment = get_object_or_404(models.Comment, id=comment_id) if not permissions.can_edit(request.user, comment.flowgram): log.sec_req(request, "User tried to delete comment on flowgram %s." % (comment.flowgram.id)) raise Http404 comment.delete() controller.record_stat(request, 'del_comment_website', '0', comment_id) return helpers.go_back(request)
def file_upload(request): # Uses GET parameters instead of POST for passing data, handled by Flex. file = request.FILES['file'] content = file['content'] content_type = file['content-type'] filename = file['filename'] filetype = request.GET.get('filetype', '') enc = request.GET.get('enc', 'json') flowgram_id = request.GET.get('flowgram_id') flowgram = get_object_or_404(models.Flowgram, id=flowgram_id) \ if flowgram_id \ else controller.get_working_flowgram(request.user) if not permissions.can_edit(request.user, flowgram): return error_response.create(enc, 'Does not have edit_flowgram permission.' \ if localsettings.DEBUG \ else 'Permission violation') if filetype == 'image' or content_type.startswith('image'): return handle_file_upload_image(enc, content, content_type, filetype, filename, flowgram) elif filetype in DOC_TYPE_EXTENSIONS: return handle_file_upload_doc(enc, content, content_type, filetype, filename, flowgram) elif filetype == 'media': page = None try: page_id = request.GET.get('page_id') page = models.Page.objects.get(id=page_id) except: pass if page and not permissions.can_edit(request.user, page): return error_response.create(enc, 'Does not have edit_page permission.' \ if localsettings.DEBUG \ else 'Permission violation') return handle_file_upload_media(enc, content, content_type, filetype, filename, \ page or flowgram) else: return error_response.create(enc, 'Unsupported file type')
def can_edit_fg(request, flowgram_id): try: log.debug('[can_edit_fg flowgram_id: %s]' % flowgram_id) flowgram = models.Flowgram.objects.get(id=flowgram_id) log.debug('(1 %s)' % request.user.username) except models.Flowgram.DoesNotExist: return HttpResponse('0 fg does not exist') log.debug('(2)') if permissions.can_edit(request.user, flowgram): log.debug('(3)') return HttpResponse('1') else: log.debug('(4)') return HttpResponse('0 user can\'t edit')
def show_flowgram(request, enc, flowgram): can_edit = permissions.can_edit(request.user, flowgram) context = { 'fg': flowgram, 'can_edit': can_edit, 'subs_active': localsettings.FEATURE['subscriptions_fw'], 'show_delete': can_edit, 'active': 'you' if request.user == flowgram.owner else 'browse', 'mostviewed': cached_sets.most_viewed()[:6], 'send_to_details': localsettings.FEATURE['send_to_details'] } context.update(webhelpers.get_flowgram_stats(flowgram)) controller.record_stat(request, 'view_flowgram_det_website', '0', flowgram.id) return helpers.req_render_to_response( request, 'flowgram/show_flowgram.html', context)
def to_dict(flowgram, deep=True, user=None): from flowgram.core import encode, helpers, models, permissions user_rating = -1 if user and user.is_authenticated(): try: user_rating = float(models.Rating.objects.get(user=user, flowgram=flowgram).value) / 2 except models.Rating.DoesNotExist: pass output = { 'id': flowgram.id, 'avg_rating': flowgram.avg_rating, 'background_audio': encode.audio.to_dict(flowgram.background_audio) \ if flowgram.background_audio \ else None, 'background_audio_loop': flowgram.background_audio_loop, 'background_audio_volume': flowgram.background_audio_volume, 'can_edit': permissions.can_edit(user, flowgram) \ if user and user.is_authenticated() \ else False, 'description':flowgram.description, 'num_comments': models.Comment.objects.filter(flowgram=flowgram).count(), 'num_ratings': flowgram.num_ratings, 'num_views': flowgram.views, 'owner_name': helpers.get_display_name(flowgram.owner), 'owner_url': str(flowgram.owner.get_profile().url()), 'owner_username': flowgram.owner.username, 'public':flowgram.public, 'sent_owner_done_email': flowgram.sent_owner_done_email, 'tag_list': sorted([tag.name for tag in models.Tag.objects.filter(flowgram=flowgram)]), 'title':flowgram.title, 'user_rating': user_rating, } pages = models.Page.objects.filter(flowgram=flowgram).order_by('position') if deep: output['pages'] = [encode.page.to_dict(page) for page in pages] else: output['pages'] = [{'id': page.id, 'duration': page.duration} for page in pages] return output
def check(request, method_args, transformed_values): from flowgram.core import permissions return permissions.can_edit(request.user, transformed_values['flowgram'])