def locations_import_preview(request, id, template_name='locations/import-map-fields.html'): """ This will generate a form based on the uploaded CSV for field mapping. A preview will be generated based on the mapping given. """ locport = get_object_or_404(LocationImport, pk=id) if request.method == 'POST': form = ImportMapForm(request.POST, locport=locport) if form.is_valid(): # Show the user a preview based on the mapping cleaned_data = form.cleaned_data #file_path = os.path.join(settings.MEDIA_ROOT, locport.get_file().file.name) file_path = locport.get_file().file.name locations, stats = parse_locs_from_csv(file_path, cleaned_data) # return the form to use it for the confirm view template_name = 'locations/import-preview.html' return render_to_response(template_name, { 'locations': locations, 'stats': stats, 'locport': locport, 'form': form, 'now': datetime.now(), }, context_instance=RequestContext(request)) else: form = ImportMapForm(locport=locport) return render_to_response(template_name, { 'form': form, 'locport': locport, 'now': datetime.now(), }, context_instance=RequestContext(request))
def delete(request, id, template_name="directories/delete.html"): directory = get_object_or_404(Directory, pk=id) if has_perm(request.user,'directories.delete_directory'): if request.method == "POST": msg_string = 'Successfully deleted %s' % directory messages.add_message(request, messages.SUCCESS, _(msg_string)) # send notification to administrators recipients = get_notice_recipients('module', 'directories', 'directoryrecipients') if recipients: if notification: extra_context = { 'object': directory, 'request': request, } notification.send_emails(recipients,'directory_deleted', extra_context) directory.delete() return HttpResponseRedirect(reverse('directory.search')) return render_to_response(template_name, {'directory': directory}, context_instance=RequestContext(request)) else: raise Http403
def directory_export(request, template_name="directories/export.html"): """Export Directories""" if not request.user.profile.is_superuser: raise Http403 form = DirectoryExportForm(request.POST or None) if request.method == "POST" and form.is_valid(): export_fields = form.cleaned_data['export_fields'] export_status_detail = form.cleaned_data['export_status_detail'] identifier = int(time.time()) temp_file_path = 'export/directories/%s_temp.csv' % identifier default_storage.save(temp_file_path, ContentFile('')) # start the process subprocess.Popen(["python", "manage.py", "directory_export_process", '--export_fields=%s' % export_fields, '--export_status_detail=%s' % export_status_detail, '--identifier=%s' % identifier, '--user=%s' % request.user.id]) # log an event EventLog.objects.log() return HttpResponseRedirect(reverse('directory.export_status', args=[identifier])) context = {'form': form} return render_to_response(template_name, context, RequestContext(request))
def edit_meta(request, id, form_class=MetaForm, template_name="directories/edit-meta.html"): directory = get_object_or_404(Directory, pk=id) if not has_perm(request.user, 'directories.change_directory', directory): raise Http403 defaults = { 'title': directory.get_title(), 'description': directory.get_description(), 'keywords': directory.get_keywords(), 'canonical_url': directory.get_canonical_url(), } directory.meta = MetaTags(**defaults) if request.method == "POST": form = form_class(request.POST, instance=directory.meta) if form.is_valid(): directory.meta = form.save() # save meta directory.save() # save relationship msg_string = 'Successfully updated meta for %s' % directory messages.add_message(request, messages.SUCCESS, _(msg_string)) return HttpResponseRedirect(reverse('directory', args=[directory.slug])) else: form = form_class(instance=directory.meta) return render_to_response(template_name, {'directory': directory, 'form':form}, context_instance=RequestContext(request))
def export(request, template_name="locations/export.html"): """Export Locations""" if not request.user.is_superuser: raise Http403 if request.method == 'POST': # initilize initial values fields = [ 'guid', 'location_name', 'description', 'contact', 'address', 'address2', 'city', 'state', 'zipcode', 'country', 'phone', 'fax', 'email', 'website', 'latitude', 'longitude', 'hq', 'entity', ] export_id = run_export_task('locations', 'location', fields) EventLog.objects.log() return redirect('export.status', export_id) return render_to_response(template_name, { }, context_instance=RequestContext(request))
def detail(request, slug=None, template_name="news/view.html"): if not slug: return HttpResponseRedirect(reverse('news.search')) news = get_object_or_404(News, slug=slug) # non-admin can not view the non-active content # status=0 has been taken care of in the has_perm function if (news.status_detail).lower() != 'active' and (not request.user.profile.is_superuser): raise Http403 # check permission if not has_perm(request.user, 'news.view_news', news): raise Http403 #check for release date if it's in the future or not if not news.is_released: if not request.user.is_authenticated(): raise Http404 if not request.user.profile.is_superuser: raise Http403 EventLog.objects.log(instance=news) return render_to_response(template_name, {'news': news}, context_instance=RequestContext(request))
def search(request, template_name="news/search.html"): query = request.GET.get('q', None) form = NewsSearchForm(request.GET) if form.is_valid(): try: news_group = int(form.cleaned_data.get('news_group', None)) except: news_group = None if get_setting('site', 'global', 'searchindex') and query: news = News.objects.search(query, user=request.user) # use order (existing for all modules) for sorting cause the current # haystack + whoosh cannot sort by release_dt correctly news = news.order_by('-order') else: filters = get_query_filters(request.user, 'news.view_news') news = News.objects.filter(filters).distinct() news = news.order_by('-release_dt') if news_group: news = news.filter(groups__in=[news_group]) if not has_perm(request.user, 'news.view_news'): news = news.filter(release_dt_local__lte=datetime.now()) EventLog.objects.log() return render_to_response(template_name, {'search_news': news, 'form': form}, context_instance=RequestContext(request))
def edit(request, id, form_class=DirectoryForm, template_name="directories/edit.html"): directory = get_object_or_404(Directory, pk=id) if not has_perm(request.user,'directories.change_directory', directory): raise Http403 form = form_class(request.POST or None, request.FILES or None, instance=directory, user=request.user) del form.fields['payment_method'] if not request.user.profile.is_superuser: del form.fields['pricing'] del form.fields['list_type'] if request.method == "POST": if form.is_valid(): directory = form.save(commit=False) if directory.logo: try: directory.logo.file.seek(0) except IOError: directory.logo = None # update all permissions and save the model directory = update_perms_and_save(request, form, directory) msg_string = 'Successfully updated %s' % directory messages.add_message(request, messages.SUCCESS, _(msg_string)) return HttpResponseRedirect(reverse('directory', args=[directory.slug])) return render_to_response(template_name, {'directory': directory, 'form':form}, context_instance=RequestContext(request))
def edit_meta(request, id, form_class=MetaForm, template_name="resumes/edit-meta.html"): # check permission resume = get_object_or_404(Resume, pk=id) if not has_perm(request.user,'resumes.change_resume',resume): raise Http403 defaults = { 'title': resume.get_title(), 'description': resume.get_description(), 'keywords': resume.get_keywords(), 'canonical_url': resume.get_canonical_url(), } resume.meta = MetaTags(**defaults) if request.method == "POST": form = form_class(request.POST, instance=resume.meta) if form.is_valid(): resume.meta = form.save() # save meta resume.save() # save relationship messages.add_message(request, messages.SUCCESS, _('Successfully updated meta for %(r)s' % { 'r':resume})) return HttpResponseRedirect(reverse('resume', args=[resume.slug])) else: form = form_class(instance=resume.meta) return render_to_response(template_name, {'resume': resume, 'form':form}, context_instance=RequestContext(request))
def approve(request, id, template_name="resumes/approve.html"): if not request.user.profile.is_superuser: raise Http403 resume = get_object_or_404(Resume, pk=id) if request.method == "POST": resume.activation_dt = datetime.now() resume.allow_anonymous_view = True resume.status = True resume.status_detail = 'active' if not resume.creator: resume.creator = request.user resume.creator_username = request.user.username if not resume.owner: resume.owner = request.user resume.owner_username = request.user.username resume.save() messages.add_message(request, messages.SUCCESS, _('Successfully approved %(r)s' % {'r':resume})) return HttpResponseRedirect(reverse('resume', args=[resume.slug])) return render_to_response(template_name, {'resume': resume}, context_instance=RequestContext(request))
def delete(request, id, template_name="files/delete.html"): file = get_object_or_404(File, pk=id) # check permission if not has_perm(request.user, 'files.delete_file'): raise Http403 if request.method in ["POST", 'DELETE']: # reassign owner to current user file.owner = request.user file.owner_username = request.user.username file.save() file.delete() if request.method == 'DELETE': # used by tinymce upload return HttpResponse('true') if 'ajax' in request.POST: return HttpResponse('Ok') else: return HttpResponseRedirect(reverse('file.search')) return render_to_response( template_name, { 'file': file }, context_instance=RequestContext(request))
def delete(request, id, template_name="news/delete.html"): news = get_object_or_404(News, pk=id) # check permission if not has_perm(request.user, 'news.delete_news'): raise Http403 if request.method == "POST": msg_string = 'Successfully deleted %s' % unicode(news) messages.add_message(request, messages.SUCCESS, _(msg_string)) # send notification to administrators recipients = get_notice_recipients('module', 'news', 'newsrecipients') if recipients: if notification: extra_context = { 'object': news, 'request': request, } notification.send_emails(recipients, 'news_deleted', extra_context) news.delete() return HttpResponseRedirect(reverse('news.search')) return render_to_response(template_name, {'news': news}, context_instance=RequestContext(request))
def edit_meta(request, id, form_class=MetaForm, template_name="news/edit-meta.html"): # check permission news = get_object_or_404(News, pk=id) if not has_perm(request.user, 'news.change_news', news): raise Http403 defaults = { 'title': news.get_title(), 'description': news.get_description(), 'keywords': news.get_keywords(), 'canonical_url': news.get_canonical_url(), } news.meta = MetaTags(**defaults) if request.method == "POST": form = form_class(request.POST, instance=news.meta) if form.is_valid(): news.meta = form.save() # save meta news.save() # save relationship msg_string = 'Successfully updated meta for %s' % unicode(news) messages.add_message(request, messages.SUCCESS, _(msg_string)) return HttpResponseRedirect(reverse('news.detail', args=[news.slug])) else: form = form_class(instance=news.meta) return render_to_response(template_name, {'news': news, 'form': form}, context_instance=RequestContext(request))
def photoset_zip(request, id, template_name="photos/photo-set/zip.html"): """ Generate zip file for the entire photo set for admins only. """ photo_set = get_object_or_404(PhotoSet, id=id) #admin only if not request.user.profile.is_superuser: raise Http403 file_path = "" task_id = "" if not settings.CELERY_IS_ACTIVE: task = ZipPhotoSetTask() file_path = task.run(photo_set) else: task = ZipPhotoSetTask.delay(photo_set) task_id = task.task_id return render_to_response(template_name, { "photo_set": photo_set, "task_id":task_id, "file_path":file_path, }, context_instance=RequestContext(request))
def photoset_details(request, id, template_name="photos/photo-set/details.html"): """ View photos in photo set """ photo_set = get_object_or_404(PhotoSet, id=id) if not has_view_perm(request.user, 'photos.view_photoset', photo_set): raise Http403 order = get_setting('module', 'photos', 'photoordering') #if order == 'descending': # photos = photo_set.get_images(user=request.user).order_by('-pk') #else: # photos = photo_set.get_images(user=request.user).order_by('pk') photos = photo_set.get_images(user=request.user).order_by("position") EventLog.objects.log(**{ 'event_id': 991500, 'event_data': '%s (%d) viewed by %s' % (photo_set._meta.object_name, photo_set.pk, request.user), 'description': '%s viewed' % photo_set._meta.object_name, 'user': request.user, 'request': request, 'instance': photo_set, }) return render_to_response(template_name, { "photos": photos, "photo_set": photo_set, }, context_instance=RequestContext(request))
def photoset_add(request, form_class=PhotoSetAddForm, template_name="photos/photo-set/add.html"): """ Add a photo set """ # if no permission; permission exception if not has_perm(request.user,'photos.add_photoset'): raise Http403 if request.method == "POST": if request.POST["action"] == "add": form = form_class(request.POST, user=request.user) if form.is_valid(): photo_set = form.save(commit=False) photo_set.author = request.user # update all permissions and save the model photo_set = update_perms_and_save(request, form, photo_set) checklist_update('add-album') messages.add_message(request, messages.SUCCESS, _('Successfully added photo set!')) return HttpResponseRedirect(reverse('photos_batch_add', kwargs={'photoset_id':photo_set.id})) else: form = form_class(user=request.user) return render_to_response(template_name, { "photoset_form": form, }, context_instance=RequestContext(request))
def tinymce_fb(request, template_name="files/templates/tinymce_fb.html"): """ Get a list of files (images) for tinymce file browser. """ query = u'' try: page_num = int(request.GET.get('page', 1)) except: page_num = 1 form = FileSearchMinForm(request.GET) if form.is_valid(): query = form.cleaned_data.get('q', '') filters = get_query_filters(request.user, 'files.view_file') files = File.objects.filter(filters).distinct().order_by('-create_dt') type = request.GET.get('type', '') if type == 'image': files = files.filter(f_type='image') elif type == 'media': files = files.filter(f_type='video') if query: files = files.filter(Q(file__icontains=query)| Q(name__icontains=query)) paginator = Paginator(files, 10) files = paginator.page(page_num) return render_to_response( template_name, { "files": files, 'page_num': page_num, 'page_range': paginator.page_range, 'csrf_token': csrf_get_token(request), 'can_upload_file': has_perm(request.user, 'files.add_file') }, context_instance=RequestContext(request))
def locations_import_upload(request, template_name='locations/import-upload-file.html'): """ This is the upload view for the location imports. This will upload the location import file and then redirect the user to the import mapping/preview page of the import file """ if request.method == 'POST': form = UploadForm(request.POST, request.FILES) if form.is_valid(): locport = LocationImport.objects.create(creator=request.user) csv = File.objects.save_files_for_instance(request, locport)[0] file_path = str(csv.file.name) import_valid, import_errs = is_import_valid(file_path) if not import_valid: for err in import_errs: messages.add_message(request, messages.ERROR, err) locport.delete() return redirect('locations_import_upload_file') EventLog.objects.log() # reset the password_promt session del request.session['password_promt'] return redirect('locations_import_preview', locport.id) else: form = UploadForm() return render_to_response(template_name, { 'form': form, 'now': datetime.now(), }, context_instance=RequestContext(request))
def add(request, form_class=FormForm, template_name="forms/add.html"): if not has_perm(request.user,'forms.add_form'): raise Http403 PricingFormSet = inlineformset_factory(Form, Pricing, form=PricingForm, extra=2, can_delete=False) formset = PricingFormSet() if request.method == "POST": form = form_class(request.POST, user=request.user) if form.is_valid(): form_instance = form.save(commit=False) # save form and associated pricings form_instance = update_perms_and_save(request, form, form_instance) formset = PricingFormSet(request.POST, instance=form_instance) if formset.is_valid(): # update_perms_and_save does not appear to consider ManyToManyFields for method in form.cleaned_data['payment_methods']: form_instance.payment_methods.add(method) formset.save() messages.add_message(request, messages.SUCCESS, _('Successfully added %(f)s' % {'f':form_instance})) return HttpResponseRedirect(reverse('form_field_update', args=[form_instance.pk])) else: form = form_class(user=request.user) return render_to_response(template_name, { 'form':form, 'formset': formset, }, context_instance=RequestContext(request))
def mark_as_paid(request, id, template_name="invoices/mark-as-paid.html"): """ Makes a payment-record with a specified date/time payment method and payment amount. """ invoice = get_object_or_404(Invoice, pk=id) if not has_perm(request.user, "payments.change_payment"): raise Http403 if request.method == "POST": form = MarkAsPaidForm(request.POST) if form.is_valid(): # make payment record payment = form.save(user=request.user, invoice=invoice, commit=False) payment = update_perms_and_save(request, form, payment) # update invoice; make accounting entries action_taken = invoice.make_payment(payment.creator, payment.amount) if action_taken: EventLog.objects.log(instance=invoice) messages.add_message(request, messages.SUCCESS, _("Payment successfully made")) return redirect(invoice) else: form = MarkAsPaidForm(initial={"amount": invoice.balance, "submit_dt": datetime.now()}) return render_to_response( template_name, {"invoice": invoice, "form": form}, context_instance=RequestContext(request) )
def memberphotos(request, username, template_name="photos/memberphotos.html", group_slug=None, bridge=None): """ Get the members photos and display them """ if bridge: try: group = bridge.get_group(group_slug) except ObjectDoesNotExist: raise Http404 else: group = None user = get_object_or_404(User, username=username) photos = Image.objects.filter( member__username = username, is_public = True ) if group: photos = group.content_objects(photos, join="pool") else: photos = photos.filter(pool__object_id=None) photos = photos.order_by("-date_added") return render_to_response(template_name, { "group": group, "photos": photos, }, context_instance=RequestContext(request))
def search(request, template_name="resumes/search.html"): """ This page lists out all resumes from newest to oldest. If a search index is available, this page will also have the option to search through resumes. """ has_index = get_setting('site', 'global', 'searchindex') query = request.GET.get('q', None) if has_index and query: resumes = Resume.objects.search(query, user=request.user) else: filters = get_query_filters(request.user, 'resumes.view_resume') resumes = Resume.objects.filter(filters).distinct() if request.user.is_authenticated(): resumes = resumes.select_related() resumes = resumes.order_by('-create_dt') EventLog.objects.log(**{ 'event_id' : 354000, 'event_data': '%s searched by %s' % ('Resume', request.user), 'description': '%s searched' % 'Resume', 'user': request.user, 'request': request, 'source': 'resumes' }) return render_to_response(template_name, {'resumes':resumes}, context_instance=RequestContext(request))
def nearest(request, template_name="locations/nearest.html"): locations = [] lat, lng = None, None query = request.GET.get('q') filters = get_query_filters(request.user, 'locations.view_location') if query: lat, lng = get_coordinates(address=query) all_locations = Location.objects.filter(filters).distinct() if not request.user.is_anonymous(): all_locations = all_locations.select_related() if all((lat,lng)): for location in all_locations: location.distance = location.get_distance2(lat, lng) if location.distance != None: locations.append(location) locations.sort(key=lambda x: x.distance) EventLog.objects.log() return render_to_response(template_name, { 'locations':locations, 'origin': {'lat':lat,'lng':lng}, }, context_instance=RequestContext(request))
def delete(request, id, template_name="resumes/delete.html"): resume = get_object_or_404(Resume, pk=id) if has_perm(request.user,'resumes.delete_resume'): if request.method == "POST": EventLog.objects.log(instance=resume) messages.add_message(request, messages.SUCCESS, _('Successfully deleted %(r)s' % {'r':resume})) # send notification to administrators recipients = get_notice_recipients('module', 'resumes', 'resumerecipients') if recipients: if notification: extra_context = { 'object': resume, 'request': request, } notification.send_emails(recipients,'resume_deleted', extra_context) resume.delete() return HttpResponseRedirect(reverse('resume.search')) return render_to_response(template_name, {'resume': resume}, context_instance=RequestContext(request)) else: raise Http403
def pricing_add(request, form_class=JobPricingForm, template_name="jobs/pricing-add.html"): if has_perm(request.user, 'jobs.add_jobpricing'): if request.method == "POST": form = form_class(request.POST) if form.is_valid(): job_pricing = form.save(commit=False) job_pricing.status = 1 job_pricing.save(request.user) EventLog.objects.log(instance=job_pricing) if "_popup" in request.REQUEST: return HttpResponse('<script type="text/javascript">opener.dismissAddAnotherPopup(window, "%s", "%s");</script>' % (escape(job_pricing.pk), escape(job_pricing))) return HttpResponseRedirect( reverse('job_pricing.view', args=[job_pricing.id])) else: form = form_class() if "_popup" in request.REQUEST: template_name="jobs/pricing-add-popup.html" return render_to_response(template_name, {'form': form}, context_instance=RequestContext(request)) else: raise Http403
def locations_import_confirm(request, id, template_name='locations/import-confirm.html'): """ Confirm the locations import and continue with the process. This can only be accessed via a hidden post form from the preview page. That will hold the original mappings selected by the user. """ locport = get_object_or_404(LocationImport, pk=id) if request.method == "POST": form = ImportMapForm(request.POST, locport=locport) if form.is_valid(): cleaned_data = form.cleaned_data file_path = str(locport.get_file().file.name) if not settings.CELERY_IS_ACTIVE: # if celery server is not present # evaluate the result and render the results page result = ImportLocationsTask() locations, stats = result.run(request.user, file_path, cleaned_data) return render_to_response(template_name, { 'locations': locations, 'stats': stats, 'now': datetime.now(), }, context_instance=RequestContext(request)) else: result = ImportLocationsTask.delay(request.user, file_path, cleaned_data) return redirect('locations_import_status', result.task_id) else: return redirect('locations_import_preview', locport.id)
def edit_meta(request, id, form_class=MetaForm, template_name="pages/edit-meta.html"): """ Return page that allows you to edit meta-html information. """ # check permission page = get_object_or_404(Page, pk=id) if not has_perm(request.user, "pages.change_page", page): raise Http403 defaults = { "title": page.get_title(), "description": page.get_description(), "keywords": page.get_keywords(), "canonical_url": page.get_canonical_url(), } page.meta = MetaTags(**defaults) if request.method == "POST": form = form_class(request.POST, instance=page.meta) if form.is_valid(): page.meta = form.save() # save meta page.save() # save relationship messages.add_message( request, messages.SUCCESS, _("Successfully updated meta for %(p)s" % {"p": unicode(page)}) ) return HttpResponseRedirect(reverse("page", args=[page.slug])) else: form = form_class(instance=page.meta) return render_to_response(template_name, {"page": page, "form": form}, context_instance=RequestContext(request))
def export(request, template_name="pages/export.html"): """Export Pages""" if not request.user.is_superuser: raise Http403 if request.method == "POST": fields = [ "guid", "title", "slug", "header_image", "content", "view_contact_form", "design_notes", "syndicate", "template", "tags", "entity", "meta", "categories", ] export_id = run_export_task("pages", "page", fields) return redirect("export.status", export_id) return render_to_response(template_name, {}, context_instance=RequestContext(request))
def add(request, form_class=LocationForm, template_name="locations/add.html"): if has_perm(request.user,'locations.add_location'): if request.method == "POST": form = form_class(request.POST, request.FILES, user=request.user) if form.is_valid(): location = form.save(commit=False) # update all permissions and save the model location = update_perms_and_save(request, form, location) if 'photo_upload' in form.cleaned_data: photo = form.cleaned_data['photo_upload'] if photo: location.save(photo=photo) msg_string = 'Successfully added %s' % location messages.add_message(request, messages.SUCCESS, _(msg_string)) return HttpResponseRedirect(reverse('location', args=[location.slug])) else: form = form_class(user=request.user) return render_to_response(template_name, {'form':form}, context_instance=RequestContext(request)) else: raise Http403
def detail(request, id, template_name="discounts/view.html"): discount = get_object_or_404(Discount, id=id) if not has_perm(request.user, 'discounts.view_discount', discount): raise Http403 registrations = Registration.objects.filter(invoice__discount_code=discount.discount_code) registrant_list = [] for registration in registrations: registrant_list += registration.registrant_set.filter(discount_amount__gt=0) memberships = MembershipSet.objects.filter(invoice__discount_code=discount.discount_code) membership_list = [] for membership in memberships: count = DiscountUse.objects.filter(invoice=membership.invoice).count() membership_list += membership.membershipdefault_set.all()[:count] EventLog.objects.log(instance=discount) return render_to_response( template_name, {'discount':discount, 'registrant_list':registrant_list, 'membership_list':membership_list}, context_instance=RequestContext(request) )
def entry_detail(request, id, template_name="forms/entry_detail.html"): entry = get_object_or_404(FormEntry, pk=id) # check permission if not has_perm(request.user,'forms.change_form',entry.form): raise Http403 form_template = entry.form.template if not form_template or not template_exists(form_template): form_template = "forms/base.html" return render_to_response(template_name, {'entry':entry, 'form_template': form_template}, context_instance=RequestContext(request))
def export(request, template_name="navs/export.html"): """Export Navs""" if not request.user.is_superuser: raise Http403 if request.method == 'POST': export_id = run_export_task('navs', 'nav', []) EventLog.objects.log() return redirect('export.status', export_id) return render_to_response(template_name, { }, context_instance=RequestContext(request))
def search(request, template_name="discounts/search.html"): if not has_perm(request.user, 'discounts.view_discount'): raise Http403 filters = get_query_filters(request.user, 'discounts.view_discount') discounts = Discount.objects.filter(filters).distinct() query = request.GET.get('q', None) if query: discounts = discounts.filter(discount_code__icontains=query) EventLog.objects.log() return render_to_response(template_name, {'discounts': discounts}, context_instance=RequestContext(request))
def entry_delete(request, id, template_name="forms/entry_delete.html"): entry = get_object_or_404(FormEntry, pk=id) # check permission if not has_perm(request.user,'forms.delete_form',entry.form): raise Http403 if request.method == "POST": messages.add_message(request, messages.SUCCESS, _('Successfully deleted entry %(e)s' % { 'e': entry})) entry.delete() return HttpResponseRedirect(reverse('forms')) return render_to_response(template_name, {'entry': entry}, context_instance=RequestContext(request))
def delete(request, id, template_name="discounts/delete.html"): discount = get_object_or_404(Discount, pk=id) if not has_perm(request.user, 'discounts.delete_discount', discount): raise Http403 if request.method == "POST": messages.add_message(request, messages.SUCCESS, _('Successfully deleted %(d)s' % {'d' : discount})) discount.delete() return redirect('discounts') return render_to_response(template_name, {'discount': discount}, context_instance=RequestContext(request))
def delete(request, id, template_name="redirects/delete.html"): redirect = get_object_or_404(Redirect, pk=id) # check permission if not has_perm(request.user,'redirects.delete_redirect'): raise Http403 if request.method == "POST": messages.add_message(request, messages.SUCCESS, _('Successfully deleted %(r)s' % {'r':redirect})) redirect.delete() return HttpResponseRedirect(reverse('redirects')) return render_to_response(template_name, {'redirect': redirect}, context_instance=RequestContext(request))
def entries_export_status(request, task_id, template_name="forms/entry_export_status.html"): try: task = TaskMeta.objects.get(task_id=task_id) except TaskMeta.DoesNotExist: task = None return render_to_response(template_name, { 'task': task, 'task_id': task_id, 'user_this': None, }, context_instance=RequestContext(request))
def delete(request, id, template_name="navs/delete.html"): nav = get_object_or_404(Nav, pk=id) if has_perm(request.user,'navs.delete_nav'): if request.method == "POST": messages.add_message(request, messages.SUCCESS, _('Successfully deleted %(nav)s' % {'nav': nav})) nav.delete() return HttpResponseRedirect(reverse('navs.search')) return render_to_response(template_name, {'current_nav': nav}, context_instance=RequestContext(request)) else: raise Http403
def robots_txt(request): options = [ 'base/robots_private.txt', 'base/robots_public.txt', 'robots.txt' ] template_name = "robots.txt" robots_setting = get_setting('site', 'global', 'robotstxt') if robots_setting in options: template_name = robots_setting site_url = get_setting('site', 'global', 'siteurl') return render_to_response(template_name, {'site_url': site_url}, context_instance=RequestContext(request), content_type="text/plain")
def photoset_edit(request, id, form_class=PhotoSetEditForm, template_name="photos/photo-set/edit.html"): from tendenci.apps.perms.object_perms import ObjectPermission photo_set = get_object_or_404(PhotoSet, id=id) # if no permission; permission exception if not has_perm(request.user, 'photos.change_photoset', photo_set): raise Http403 if request.method == "POST": if request.POST["action"] == "edit": form = form_class(request.POST, instance=photo_set, user=request.user) if form.is_valid(): photo_set = form.save(commit=False) # update all permissions and save the model photo_set = update_perms_and_save(request, form, photo_set) # copy all privacy settings from photo set to photos Image.objects.filter(photoset=photo_set).update( **get_privacy_settings(photo_set)) # photo set group permissions group_perms = photo_set.perms.filter( group__isnull=False).values_list('group', 'codename') group_perms = tuple([(unicode(g), c.split('_')[0]) for g, c in group_perms]) photos = Image.objects.filter(photoset=photo_set) for photo in photos: ObjectPermission.objects.remove_all(photo) ObjectPermission.objects.assign_group(group_perms, photo) messages.add_message(request, messages.SUCCESS, _("Successfully updated photo set! ")) return HttpResponseRedirect( reverse('photoset_details', args=[photo_set.id])) else: form = form_class(instance=photo_set, user=request.user) return render_to_response(template_name, { 'photo_set': photo_set, "photoset_form": form, }, context_instance=RequestContext(request))
def view(request, id, guid=None, form_class=AdminNotesForm, template_name="invoices/view.html"): """ Invoice information, payment attempts (successful and unsuccessful). """ invoice = get_object_or_404(Invoice.objects.all_invoices(), pk=id) if not invoice.allow_view_by(request.user, guid): raise Http403 allowed_tuple = (request.user.profile.is_superuser, has_perm(request.user, 'invoices.change_invoice')) form = None if any(allowed_tuple): if request.method == "POST": form = form_class(request.POST, instance=invoice) if form.is_valid(): invoice = form.save() EventLog.objects.log(instance=invoice) else: form = form_class(initial={'admin_notes': invoice.admin_notes}) notify = request.GET.get('notify', u'') guid = guid or u'' merchant_login = ( # boolean value hasattr(settings, 'MERCHANT_LOGIN') and settings.MERCHANT_LOGIN) obj = invoice.get_object() obj_name = u'' if obj: obj_name = obj._meta.verbose_name return render_to_response( template_name, { 'invoice': invoice, 'obj': obj, 'obj_name': obj_name, 'guid': guid, 'notify': notify, 'form': form, 'can_pay': invoice.allow_payment_by(request.user, guid), 'merchant_login': merchant_login }, context_instance=RequestContext(request))
def memcached_status(request): try: import memcache except ImportError: raise Http404 if not request.user.is_authenticated() and request.user.is_superuser: raise Http404 # get first memcached URI m = re.match("memcached://([.\w]+:\d+)", settings.CACHE_BACKEND) if not m: raise Http404 host = memcache._Host(m.group(1)) host.connect() host.send_cmd("stats") class Stats: pass stats = Stats() while 1: line = host.readline().split(None, 2) if line[0] == "END": break stat, key, value = line try: # convert to native type, if possible value = int(value) if key == "uptime": value = datetime.timedelta(seconds=value) elif key == "time": value = datetime.datetime.fromtimestamp(value) except ValueError: pass setattr(stats, key, value) host.close_socket() return render_to_response( template_name='base/memcached_status.html', dictionary={ 'stats': stats, 'hit_rate': 100 * stats.get_hits / stats.cmd_get, 'time': str(datetime.datetime.now()), # server time }, context_instance=RequestContext(request))
def search(request, template_name="files/search.html"): """ This page lists out all files from newest to oldest. If a search index is available, this page will also have the option to search through files. """ query = u'' category = None sub_category = None group = None form = FileSearchForm(request.GET, **{'user': request.user}) if form.is_valid(): query = form.cleaned_data.get('q', '') category = form.cleaned_data.get('file_cat', None) sub_category = form.cleaned_data.get('file_sub_cat', None) group = form.cleaned_data.get('group', None) filters = get_query_filters(request.user, 'files.view_file') files = File.objects.filter(filters).distinct() if query: files = files.filter(Q(file__icontains=query)| Q(name__icontains=query)| Q(description__icontains=query)| Q(tags__icontains=query)) if category: files = files.filter(file_cat=category) if sub_category: files = files.filter(file_sub_cat=sub_category) if group: files = files.filter(group_id=group) files = files.order_by('-update_dt') EventLog.objects.log() layout = get_setting("module", "files", "layout") base_template_path = "files/base.html" if layout == 'grid': base_template_path = "base-wide.html" return render_to_response( template_name, { 'files': files, 'form': form, 'layout': layout, 'base_template_path': base_template_path, }, context_instance=RequestContext(request))
def edit(request, id, form_class=FileForm, template_name="files/edit.html"): file = get_object_or_404(File, pk=id) # check permission if not has_perm(request.user, 'files.change_file', file): raise Http403 if request.method == "POST": form = form_class(request.POST, request.FILES, instance=file, user=request.user) if form.is_valid(): file = form.save(commit=False) # update all permissions and save the model file = update_perms_and_save(request, form, file) #setup categories category = Category.objects.get_for_object(file, 'category') sub_category = Category.objects.get_for_object(file, 'sub_category') ## update the category of the file category_removed = False category = file.file_cat.name if file.file_cat else None if category: Category.objects.update(file, category, 'category') else: # remove category_removed = True Category.objects.remove(file, 'category') Category.objects.remove(file, 'sub_category') if not category_removed: # update the sub category of the article sub_category = file.file_sub_cat.name if file.file_sub_cat else None if sub_category: Category.objects.update(file, sub_category, 'sub_category') else: # remove Category.objects.remove(file, 'sub_category') file.save() return HttpResponseRedirect(reverse('file.search')) else: form = form_class(instance=file, user=request.user) return render_to_response( template_name, { 'file': file, 'form': form, }, context_instance=RequestContext(request))
def approve(request, id, template_name="directories/approve.html"): can_view_directories = has_perm(request.user, 'directories.view_directory') can_change_directories = has_perm(request.user, 'directories.change_directory') if not all([can_view_directories, can_change_directories]): raise Http403 directory = get_object_or_404(Directory, pk=id) if request.method == "POST": directory.activation_dt = datetime.now() directory.expiration_dt = directory.activation_dt + timedelta( days=directory.requested_duration) directory.allow_anonymous_view = True directory.status = True directory.status_detail = 'active' if not directory.creator: directory.creator = request.user directory.creator_username = request.user.username if not directory.owner: directory.owner = request.user directory.owner_username = request.user.username directory.save() # send email notification to user recipients = [directory.creator.email] if recipients: extra_context = { 'object': directory, 'request': request, } try: send_email_notification('directory_approved_user_notice', recipients, extra_context) except: pass msg_string = 'Successfully approved %s' % directory messages.add_message(request, messages.SUCCESS, _(msg_string)) return HttpResponseRedirect(reverse('directory', args=[directory.slug])) return render_to_response(template_name, {'directory': directory}, context_instance=RequestContext(request))
def edit(request, id, set_id=0, form_class=PhotoEditForm, template_name="photos/edit.html"): """ edit photo view """ # get photo photo = get_object_or_404(Image, id=id) set_id = int(set_id) # permissions if not has_perm(request.user, 'photos.change_image', photo): raise Http403 # get available photo sets photo_sets = PhotoSet.objects.all() if request.method == "POST": if request.POST["action"] == "update": form = form_class(request.POST, instance=photo, user=request.user) if form.is_valid(): photo = form.save(commit=False) # update all permissions and save the model photo = update_perms_and_save(request, form, photo) messages.add_message( request, messages.SUCCESS, _("Successfully updated photo '%(title)s'" % {'title': unicode(photo)})) return HttpResponseRedirect( reverse("photo", kwargs={ "id": photo.id, "set_id": set_id })) else: form = form_class(instance=photo, user=request.user) else: form = form_class(instance=photo, user=request.user) return render_to_response(template_name, { "photo_form": form, "photo": photo, "photo_sets": photo_sets, "id": photo.id, "set_id": set_id, }, context_instance=RequestContext(request))
def locations_import_status(request, task_id, template_name='locations/import-confirm.html'): """ Checks if a location import is completed. """ try: task = TaskMeta.objects.get(task_id=task_id) except TaskMeta.DoesNotExist: #tasks database entries are not created at once. task = None if task and task.status == "SUCCESS": locations, stats = task.result return render_to_response(template_name, { 'locations': locations, 'stats':stats, 'now': datetime.now(), }, context_instance=RequestContext(request)) else: return render_to_response('memberships/import-status.html', { 'task': task, 'now': datetime.now(), }, context_instance=RequestContext(request))
def entries(request, id, template_name="forms/entries.html"): form = get_object_or_404(Form, pk=id) if not has_perm(request.user, 'forms.change_form', form): raise Http403 entries = form.entries.order_by('-entry_time') EventLog.objects.log(instance=form) return render_to_response(template_name, { 'form': form, 'entries': entries }, context_instance=RequestContext(request))
def index(request, slug=None, template_name="resumes/view.html"): if not get_setting('module', 'resumes', 'enabled'): redirect = get_object_or_404(Redirect, from_app='resumes') return HttpResponseRedirect('/' + redirect.to_url) if not slug: return HttpResponseRedirect(reverse('resume.search')) resume = get_object_or_404(Resume, slug=slug) if has_view_perm(request.user,'resumes.view_resume',resume): EventLog.objects.log() return render_to_response(template_name, {'resume': resume}, context_instance=RequestContext(request)) else: raise Http403
def delete(request, id, template_name="forms/delete.html"): form_instance = get_object_or_404(Form, pk=id) # check permission if not has_perm(request.user,'forms.delete_form',form_instance): raise Http403 if request.method == "POST": messages.add_message(request, messages.SUCCESS, _('Successfully deleted %(f)s' % {'f':form_instance})) form_instance.delete() return HttpResponseRedirect(reverse('forms')) return render_to_response(template_name, {'form': form_instance}, context_instance=RequestContext(request))
def delete(request, id, template_name="locations/delete.html"): location = get_object_or_404(Location, pk=id) if has_perm(request.user, 'locations.delete_location'): if request.method == "POST": msg_string = 'Successfully deleted %s' % location messages.add_message(request, messages.SUCCESS, _(msg_string)) location.delete() return HttpResponseRedirect(reverse('location.search')) return render_to_response(template_name, {'location': location}, context_instance=RequestContext(request)) else: raise Http403
def update_tendenci(request, template_name="base/update.html"): from tendenci.apps.base.utils import get_latest_version if request.method == "POST": tos = request.POST.get('tos') if tos: SubProcessManager.set_process(["python", "manage.py", "auto_update", "--user_id=%s" % request.user.id]) return redirect('update_tendenci.confirmation') return render_to_response(template_name, { 'latest_version': get_latest_version(), 'version': version, }, context_instance=RequestContext(request))
def search(request, template_name="directories/search.html"): filters = get_query_filters(request.user, 'directories.view_directory') directories = Directory.objects.filter(filters).distinct() cat = None if not request.user.is_anonymous(): directories = directories.select_related() query = request.GET.get('q', None) form = DirectorySearchForm(request.GET, is_superuser=request.user.is_superuser) if form.is_valid(): search_category = form.cleaned_data['search_category'] query = form.cleaned_data.get('q') search_method = form.cleaned_data['search_method'] cat = form.cleaned_data.get('cat') sub_cat = form.cleaned_data.get('sub_cat') if cat: directories = directories.filter(cat=cat) if sub_cat: directories = directories.filter(sub_cat=sub_cat) if query and 'tag:' in query: tag = query.strip('tag:') directories = directories.filter(tags__icontains=tag) elif query and search_category: search_type = '__iexact' if search_method == 'starts_with': search_type = '__istartswith' elif search_method == 'contains': search_type = '__icontains' search_filter = {'%s%s' % (search_category, search_type): query} directories = directories.filter(**search_filter) directories = directories.order_by('headline') EventLog.objects.log() return render_to_response(template_name, { 'directories': directories, 'form': form, 'a_to_z': string.lowercase[:26] }, context_instance=RequestContext(request))
def edit(request, id, form_class=ArticleForm, category_form_class=CategoryForm, template_name="articles/edit.html"): article = get_object_or_404(Article, pk=id) content_type = get_object_or_404(ContentType, app_label='articles', model='article') if has_perm(request.user, 'articles.change_article', article): if request.method == "POST": form = form_class(request.POST, instance=article, user=request.user) categoryform = category_form_class(content_type, request.POST,) if form.is_valid() and categoryform.is_valid(): article = form.save() article.update_category_subcategory( categoryform.cleaned_data['category'], categoryform.cleaned_data['sub_category'] ) # update all permissions and save the model update_perms_and_save(request, form, article) msg_string = 'Successfully updated %s' % unicode(article) messages.add_message(request, messages.SUCCESS, _(msg_string)) return HttpResponseRedirect(reverse('article', args=[article.slug])) else: form = form_class(instance=article, user=request.user) category = Category.objects.get_for_object(article, 'category') sub_category = Category.objects.get_for_object(article, 'sub_category') initial_category_form_data = { 'app_label': 'articles', 'model': 'article', 'pk': article.pk, 'category': getattr(category, 'name', '0'), 'sub_category': getattr(sub_category, 'name', '0') } categoryform = category_form_class(content_type, initial=initial_category_form_data,) return render_to_response(template_name, {'article': article, 'form': form, 'categoryform': categoryform,}, context_instance=RequestContext(request)) else: raise Http403
def add(request, form_class=ArticleForm, category_form_class=CategoryForm, template_name="articles/add.html"): content_type = get_object_or_404(ContentType, app_label='articles', model='article') if has_perm(request.user, 'articles.add_article'): if request.method == "POST": form = form_class(request.POST, user=request.user) categoryform = category_form_class(content_type, request.POST,) if form.is_valid() and categoryform.is_valid(): article = form.save() article.update_category_subcategory( categoryform.cleaned_data['category'], categoryform.cleaned_data['sub_category'] ) # add all permissions and save the model update_perms_and_save(request, form, article) msg_string = 'Successfully added %s' % unicode(article) messages.add_message(request, messages.SUCCESS, _(msg_string)) # send notification to administrator(s) and module recipient(s) recipients = get_notice_recipients('module', 'articles', 'articlerecipients') if recipients and notification: notification.send_emails(recipients, 'article_added', { 'object': article, 'request': request, }) return HttpResponseRedirect(reverse('article', args=[article.slug])) else: form = form_class(user=request.user) initial_category_form_data = { 'app_label': 'articles', 'model': 'article', 'pk': 0, } categoryform = category_form_class(content_type, initial=initial_category_form_data,) return render_to_response(template_name, {'form': form, 'categoryform': categoryform,}, context_instance=RequestContext(request)) else: raise Http403
def preview(request, id=None, form_class=PageForm, meta_form_class=MetaForm, category_form_class=CategoryForm, template="pages/preview.html"): content_type = get_object_or_404(ContentType, app_label='pages', model='page') page = None if id: page = get_object_or_404(Page, pk=id) if request.method == "POST": if page: form = form_class(request.POST, request.FILES, instance=page, user=request.user) else: form = form_class(request.POST, request.FILES, user=request.user) metaform = meta_form_class(request.POST, prefix='meta') categoryform = category_form_class(content_type, request.POST, prefix='category') if form.is_valid(): page = form.save(commit=False) edit_button = False if request.POST['preview_for'] == 'edit': edit_button = True f = form.cleaned_data['header_image'] if f: header = HeaderImage() header.content_type = ContentType.objects.get_for_model(Page) header.object_id = page.id header.creator = request.user header.creator_username = request.user.username header.owner = request.user header.owner_username = request.user.username filename = "%s-%s" % (page.slug, f.name) f.file.seek(0) header.file.save(filename, f, save=False) page.header_image = header return render_to_response(template, {'page': page, 'form': form, 'metaform': metaform, 'categoryform': categoryform, 'edit_button': edit_button}, context_instance=RequestContext(request)) return HttpResponseRedirect(reverse('page.search'))
def edit(request, id, form_class=FormForm, template_name="forms/edit.html"): form_instance = get_object_or_404(Form, pk=id) if not has_perm(request.user, 'forms.change_form', form_instance): raise Http403 PricingFormSet = inlineformset_factory(Form, Pricing, form=PricingForm, extra=2) if request.method == "POST": form = form_class(request.POST, instance=form_instance, user=request.user) if form_instance.recurring_payment: formset = RecurringPaymentFormSet(request.POST, instance=form_instance) else: formset = PricingFormSet(request.POST, instance=form_instance) if form.is_valid() and formset.is_valid(): form_instance = form.save(commit=False) form_instance = update_perms_and_save(request, form, form_instance) form.save_m2m() # save payment methods formset.save() # save price options # remove all pricings if no custom_payment form if not form.cleaned_data['custom_payment']: form_instance.pricing_set.all().delete() messages.add_message( request, messages.SUCCESS, _('Successfully edited %(f)s' % {'f': form_instance})) return HttpResponseRedirect( reverse('form_field_update', args=[form_instance.pk])) else: form = form_class(instance=form_instance, user=request.user) if form_instance.recurring_payment: formset = RecurringPaymentFormSet(instance=form_instance) else: formset = PricingFormSet(instance=form_instance) return render_to_response(template_name, { 'form': form, 'formset': formset, 'form_instance': form_instance, }, context_instance=RequestContext(request))
def search(request, template_name="pages/search.html"): """ Search pages. """ query = request.GET.get('q') filters = get_query_filters(request.user, 'pages.view_page', association_id=get_association_id(request)) pages = Page.objects.filter(filters).distinct() if query: if "category:" in query or "sub_category:" in query: # handle category and sub_category key, name = query.split(':', 1) categories = Category.objects.filter(name__iexact=name) if categories.exists(): category = categories[0] if key == 'category': page_ids = CategoryItem.objects.filter( content_type_id=ContentType.objects.get_for_model( Page), category_id=category.id, parent_id__isnull=True).values_list('object_id', flat=True) else: page_ids = CategoryItem.objects.filter( content_type_id=ContentType.objects.get_for_model( Page), parent_id=category.id, category_id__isnull=True).values_list('object_id', flat=True) pages = pages.filter(id__in=page_ids) else: pages = Page.objects.none() else: pages = pages.filter( Q(title__icontains=query) | Q(content__icontains=query) | Q(slug__icontains=query)) pages = pages.exclude(status_detail='archive') pages = pages.order_by('-create_dt') EventLog.objects.log() return render_to_response(template_name, {'pages': pages}, context_instance=RequestContext(request))
def pricing_edit(request, id, form_class=DirectoryPricingForm, template_name="directories/pricing-edit.html"): directory_pricing = get_object_or_404(DirectoryPricing, pk=id) if not has_perm(request.user,'directories.change_directorypricing',directory_pricing): Http403 if request.method == "POST": form = form_class(request.POST, instance=directory_pricing, user=request.user) if form.is_valid(): directory_pricing = form.save(commit=False) directory_pricing.save(request.user) return HttpResponseRedirect(reverse('directory_pricing.view', args=[directory_pricing.id])) else: form = form_class(instance=directory_pricing, user=request.user) return render_to_response(template_name, {'form':form}, context_instance=RequestContext(request))
def print_view(request, slug, template_name="articles/print-view.html"): article = get_object_or_404(Article, slug=slug) if article.release_dt >= datetime.now(): if not any([ has_perm(request.user, 'articles.view_article'), request.user == article.owner, request.user == article.creator ]): raise Http403 if has_view_perm(request.user, 'articles.view_article', article): EventLog.objects.log(instance=article) return render_to_response(template_name, {'article': article}, context_instance=RequestContext(request)) else: raise Http403