def dispatch(self, request, *args, **kwargs):
if self.permission_policy is not None:
if self.permission_required is not None:
if not self.permission_policy.user_has_permission(
request.user, self.permission_required
):
return permission_denied(request)
if self.any_permission_required is not None:
if not self.permission_policy.user_has_any_permission(
request.user, self.any_permission_required
):
return permission_denied(request)
return super(PermissionCheckedMixin, self).dispatch(request, *args, **kwargs)
def edit(request, redirect_id):
theredirect = get_object_or_404(models.Redirect, id=redirect_id)
if not permission_policy.user_has_permission_for_instance(
request.user, 'change', theredirect
):
return permission_denied(request)
if request.method == 'POST':
form = RedirectForm(request.POST, request.FILES, instance=theredirect)
if form.is_valid():
form.save()
messages.success(request, _("Redirect '{0}' updated.").format(theredirect.title), buttons=[
messages.button(reverse('tuiuiuredirects:edit', args=(theredirect.id,)), _('Edit'))
])
return redirect('tuiuiuredirects:index')
else:
messages.error(request, _("The redirect could not be saved due to errors."))
else:
form = RedirectForm(instance=theredirect)
return render(request, "tuiuiuredirects/edit.html", {
'redirect': theredirect,
'form': form,
'user_can_delete': permission_policy.user_has_permission(request.user, 'delete'),
})
def delete(request, user_id):
user = get_object_or_404(User, pk=user_id)
if not user_can_delete_user(request.user, user):
return permission_denied(request)
if request.method == 'POST':
user.delete()
messages.success(request, _("User '{0}' deleted.").format(user))
return redirect('tuiuiuusers_users:index')
return render(request, "tuiuiuusers/users/confirm_delete.html", {
'user': user,
})
def delete(request, image_id):
image = get_object_or_404(get_image_model(), id=image_id)
if not permission_policy.user_has_permission_for_instance(
request.user, 'delete', image):
return permission_denied(request)
if request.method == 'POST':
image.delete()
messages.success(request,
_("Image '{0}' deleted.").format(image.title))
return redirect('tuiuiuimages:index')
return render(request, "tuiuiuimages/images/confirm_delete.html", {
'image': image,
})
def delete(request, redirect_id):
theredirect = get_object_or_404(models.Redirect, id=redirect_id)
if not permission_policy.user_has_permission_for_instance(
request.user, 'delete', theredirect
):
return permission_denied(request)
if request.method == 'POST':
theredirect.delete()
messages.success(request, _("Redirect '{0}' deleted.").format(theredirect.title))
return redirect('tuiuiuredirects:index')
return render(request, "tuiuiuredirects/confirm_delete.html", {
'redirect': theredirect,
})
def delete(request, document_id):
Document = get_document_model()
doc = get_object_or_404(Document, id=document_id)
if not permission_policy.user_has_permission_for_instance(
request.user, 'delete', doc):
return permission_denied(request)
if request.method == 'POST':
doc.delete()
messages.success(request,
_("Document '{0}' deleted.").format(doc.title))
return redirect('tuiuiudocs:index')
return render(request, "tuiuiudocs/documents/confirm_delete.html", {
'document': doc,
})
def url_generator(request, image_id):
image = get_object_or_404(get_image_model(), id=image_id)
if not permission_policy.user_has_permission_for_instance(
request.user, 'change', image):
return permission_denied(request)
form = URLGeneratorForm(
initial={
'filter_method': 'original',
'width': image.width,
'height': image.height,
})
return render(request, "tuiuiuimages/images/url_generator.html", {
'image': image,
'form': form,
})
def edit(request, app_label, model_name, id):
model = get_snippet_model_from_url_params(app_label, model_name)
permission = get_permission_name('change', model)
if not request.user.has_perm(permission):
return permission_denied(request)
instance = get_object_or_404(model, id=id)
edit_handler_class = get_snippet_edit_handler(model)
form_class = edit_handler_class.get_form_class(model)
if request.method == 'POST':
form = form_class(request.POST, request.FILES, instance=instance)
if form.is_valid():
form.save()
messages.success(
request,
_("{snippet_type} '{instance}' updated.").format(
snippet_type=capfirst(model._meta.verbose_name_plural),
instance=instance),
buttons=[
messages.button(
reverse('tuiuiusnippets:edit',
args=(app_label, model_name, instance.id)),
_('Edit'))
])
return redirect('tuiuiusnippets:list', app_label, model_name)
else:
messages.error(request,
_("The snippet could not be saved due to errors."))
edit_handler = edit_handler_class(instance=instance, form=form)
else:
form = form_class(instance=instance)
edit_handler = edit_handler_class(instance=instance, form=form)
return render(
request, 'tuiuiusnippets/snippets/edit.html', {
'model_opts': model._meta,
'instance': instance,
'edit_handler': edit_handler,
'form': form,
})
def delete(request, app_label, model_name, id):
model = get_snippet_model_from_url_params(app_label, model_name)
permission = get_permission_name('delete', model)
if not request.user.has_perm(permission):
return permission_denied(request)
instance = get_object_or_404(model, id=id)
if request.method == 'POST':
instance.delete()
messages.success(
request,
_("{snippet_type} '{instance}' deleted.").format(
snippet_type=capfirst(model._meta.verbose_name_plural),
instance=instance))
return redirect('tuiuiusnippets:list', app_label, model_name)
return render(request, 'tuiuiusnippets/snippets/confirm_delete.html', {
'model_opts': model._meta,
'instance': instance,
})
def edit(request, image_id):
Image = get_image_model()
ImageForm = get_image_form(Image)
image = get_object_or_404(Image, id=image_id)
if not permission_policy.user_has_permission_for_instance(
request.user, 'change', image):
return permission_denied(request)
if request.method == 'POST':
original_file = image.file
form = ImageForm(request.POST,
request.FILES,
instance=image,
user=request.user)
if form.is_valid():
if 'file' in form.changed_data:
# if providing a new image file, delete the old one and all renditions.
# NB Doing this via original_file.delete() clears the file field,
# which definitely isn't what we want...
original_file.storage.delete(original_file.name)
image.renditions.all().delete()
# Set new image file size
image.file_size = image.file.size
form.save()
# Reindex the image to make sure all tags are indexed
search_index.insert_or_update_object(image)
messages.success(request,
_("Image '{0}' updated.").format(image.title),
buttons=[
messages.button(
reverse('tuiuiuimages:edit',
args=(image.id, )),
_('Edit again'))
])
return redirect('tuiuiuimages:index')
else:
messages.error(request,
_("The image could not be saved due to errors."))
else:
form = ImageForm(instance=image, user=request.user)
# Check if we should enable the frontend url generator
# :) foo
try:
reverse('tuiuiuimages_serve', args=('foo', '1', 'bar'))
url_generator_enabled = True
except NoReverseMatch:
url_generator_enabled = False
if image.is_stored_locally():
# Give error if image file doesn't exist
if not os.path.isfile(image.file.path):
messages.error(
request,
_("The source image file could not be found. Please change the source or delete the image."
).format(image.title),
buttons=[
messages.button(
reverse('tuiuiuimages:delete', args=(image.id, )),
_('Delete'))
])
return render(
request, "tuiuiuimages/images/edit.html", {
'image':
image,
'form':
form,
'url_generator_enabled':
url_generator_enabled,
'filesize':
image.get_file_size(),
'user_can_delete':
permission_policy.user_has_permission_for_instance(
request.user, 'delete', image),
})
def edit(request, document_id):
Document = get_document_model()
DocumentForm = get_document_form(Document)
doc = get_object_or_404(Document, id=document_id)
if not permission_policy.user_has_permission_for_instance(
request.user, 'change', doc):
return permission_denied(request)
if request.method == 'POST':
original_file = doc.file
form = DocumentForm(request.POST,
request.FILES,
instance=doc,
user=request.user)
if form.is_valid():
if 'file' in form.changed_data:
# if providing a new document file, delete the old one.
# NB Doing this via original_file.delete() clears the file field,
# which definitely isn't what we want...
original_file.storage.delete(original_file.name)
doc = form.save()
# Reindex the document to make sure all tags are indexed
search_index.insert_or_update_object(doc)
messages.success(request,
_("Document '{0}' updated").format(doc.title),
buttons=[
messages.button(
reverse('tuiuiudocs:edit',
args=(doc.id, )), _('Edit'))
])
return redirect('tuiuiudocs:index')
else:
messages.error(request,
_("The document could not be saved due to errors."))
else:
form = DocumentForm(instance=doc, user=request.user)
filesize = None
# Get file size when there is a file associated with the Document object
if doc.file:
try:
filesize = doc.file.size
except OSError:
# File doesn't exist
pass
if not filesize:
messages.error(
request,
_("The file could not be found. Please change the source or delete the document"
),
buttons=[
messages.button(reverse('tuiuiudocs:delete', args=(doc.id, )),
_('Delete'))
])
return render(
request, "tuiuiudocs/documents/edit.html", {
'document':
doc,
'filesize':
filesize,
'form':
form,
'user_can_delete':
permission_policy.user_has_permission_for_instance(
request.user, 'delete', doc),
})
def list(request, app_label, model_name):
model = get_snippet_model_from_url_params(app_label, model_name)
permissions = [
get_permission_name(action, model)
for action in ['add', 'change', 'delete']
]
if not any([request.user.has_perm(perm) for perm in permissions]):
return permission_denied(request)
items = model.objects.all()
# Preserve the snippet's model-level ordering if specified, but fall back on PK if not
# (to ensure pagination is consistent)
if not items.ordered:
items = items.order_by('pk')
# Search
is_searchable = class_is_indexed(model)
is_searching = False
search_query = None
if is_searchable and 'q' in request.GET:
search_form = SearchForm(
request.GET,
placeholder=_("Search %(snippet_type_name)s") %
{'snippet_type_name': model._meta.verbose_name_plural})
if search_form.is_valid():
search_query = search_form.cleaned_data['q']
search_backend = get_search_backend()
items = search_backend.search(search_query, items)
is_searching = True
else:
search_form = SearchForm(
placeholder=_("Search %(snippet_type_name)s") %
{'snippet_type_name': model._meta.verbose_name_plural})
paginator, paginated_items = paginate(request, items)
# Template
if request.is_ajax():
template = 'tuiuiusnippets/snippets/results.html'
else:
template = 'tuiuiusnippets/snippets/type_index.html'
return render(
request, template, {
'model_opts':
model._meta,
'items':
paginated_items,
'can_add_snippet':
request.user.has_perm(get_permission_name('add', model)),
'is_searchable':
is_searchable,
'search_form':
search_form,
'is_searching':
is_searching,
'query_string':
search_query,
})