def post_delete(request, post_id):
# retrieve post
post = get_object_or_404(Post, pk=post_id)
project = post.project
# check post is not one of the critical project pages
if post.is_predefined():
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
else:
# check permission: only project members can delete non-predefined project pages
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
if request.method == 'GET':
return render(request,
'cog/post/post_delete.html',
{'post': post, 'project': project,
'title': '%s Deletion Request' % post.type.capitalize()})
else:
# pass a temporary copy of the object to the view
_post = copy.copy(post)
# send post update signal
post.send_signal(SIGNAL_OBJECT_DELETED)
# delete the post
post.delete()
return render(request,
'cog/post/post_delete.html',
{'post': _post, 'project': project,
'title': '%s Deletion Confirmation' % _post.type.capitalize()})
def bookmark_add(request, project_short_name):
# load user from session, project from HTTP request
user = request.user
project = get_object_or_404(Project, short_name__iexact=project_short_name)
# security check
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
if request.method == 'GET':
# create unbounded form object
form = BookmarkForm(project)
# return to view
return render_bookmark_form(request, project, form)
else:
# create form object from form data
form = BookmarkForm(project, request.POST)
if form.is_valid():
bookmark = form.save()
# redirect to the project bookmarks
return HttpResponseRedirect(
reverse('bookmark_list', args=[project.short_name.lower()]))
else:
print 'Form is invalid: %s' % form.errors
return render_bookmark_form(request, project, form)
def bookmark_add(request, project_short_name):
# load user from session, project from HTTP request
user = request.user
project = get_object_or_404(Project, short_name__iexact=project_short_name)
# security check
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
if request.method == 'GET':
# create unbounded form object
form = BookmarkForm(project)
# return to view
return render_bookmark_form(request, project, form)
else:
# create form object from form data
form = BookmarkForm(project, request.POST)
if form.is_valid():
bookmark = form.save()
# redirect to the project bookmarks
return HttpResponseRedirect(reverse('bookmark_list', args=[project.short_name.lower()]))
else:
print 'Form is invalid: %s' % form.errors
return render_bookmark_form(request, project, form)
def folder_update(request, project_short_name, folder_id):
# retrieve folder from request
folder = get_object_or_404(Folder, pk=folder_id)
# security check
if not userHasContributorPermission(request.user, folder.project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
if request.method == 'GET':
form = FolderForm(folder.project, instance=folder)
return render_folder_form(request, folder.project, form)
else:
# create form object from form data
form = FolderForm(folder.project, request.POST, instance=folder)
if form.is_valid():
folder = form.save()
# always set active=True upon updating
folder.active = True
folder.save()
# redirect to bookmarks listing
return HttpResponseRedirect(
reverse('bookmark_list',
args=[folder.project.short_name.lower()]))
else:
# return to view
print "Form is invalid: %s" % form.errors
return render_folder_form(request, folder.project, form)
def folder_update(request, project_short_name, folder_id):
# retrieve folder from request
folder = get_object_or_404(Folder, pk=folder_id)
# security check
if not userHasContributorPermission(request.user, folder.project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
if request.method == 'GET':
form = FolderForm(folder.project, instance=folder)
return render_folder_form(request, folder.project, form)
else:
# create form object from form data
form = FolderForm(folder.project, request.POST, instance=folder)
if form.is_valid():
folder = form.save()
# always set active=True upon updating
folder.active = True
folder.save()
# redirect to bookmarks listing
return HttpResponseRedirect(reverse('bookmark_list', args=[folder.project.short_name.lower()]))
else:
# return to view
print "Form is invalid: %s" % form.errors
return render_folder_form(request, folder.project, form)
def _buildQuerySet(self, projects, user):
qs = Q(
pk=0) # start with an empty query set - does not match any project
for p in projects:
if userHasContributorPermission(user, p):
qs = qs | Q(pk=p.id)
return qs
def doc_add(request, project_short_name):
project = get_object_or_404(Project, short_name__iexact=project_short_name)
# check permission
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
if request.method == 'GET':
# create empty document
doc = Doc()
# assign project
doc.project = project
# change form such that if a project is private, the Private? checkbox is checked by default
if doc.project.private:
doc.is_private = True
# create form from instance
form = DocForm(project, instance=doc)
return render_doc_form(request, form, project)
else:
form = DocForm(project, request.POST, request.FILES)
if form.is_valid():
doc = form.save(commit=False)
doc.author = request.user
if doc.title is None or len(doc.title.strip()) == 0:
doc.title = basename(doc.file.name)
# save the document so to assign path in project directory: 'projects/<this project>/<filename>'
doc.save()
# store path explicitly in the database so it can be used for searching
doc.path = doc.file.name
# must save again
doc.save()
# optionally create Resource in selected Folder
folder = form.cleaned_data['folder']
if folder is not None:
# must use full URL since Bookmark.url is of type URLField
url = request.build_absolute_uri(doc.file.url)
bookmark = Bookmark.objects.create(name=doc.title, url=url, folder=folder,
description=doc.description, order=len(folder.bookmark_set.all()))
# optional redirect
redirect = form.cleaned_data['redirect']
if redirect:
# add newly created doc id to redirect URL (GET-POST-REDIRECT)
return HttpResponseRedirect(redirect + "?doc_id=%i" % doc.id)
else:
# (GET-POST-REDIRECT)
return HttpResponseRedirect(reverse('doc_detail', kwargs={'doc_id': doc.id}))
else:
#print form.errors
return render_doc_form(request, form, project)
def userCanPost(user, post):
# page editing is restricted to project administrators
if post.is_restricted:
return userHasAdminPermission(user, post.project)
# page can be edited by all project members
else:
return userHasContributorPermission(user, post.project)
def userCanPost(user, post):
# page editing is restricted to project administrators
if post.is_restricted:
return userHasAdminPermission(user, post.project)
# page can be edited by all project members
else:
return userHasContributorPermission(user, post.project)
def impacts_update(request, project_short_name, tab):
# load user from session, project from HTTP request
user = request.user
project = get_object_or_404(Project, short_name__iexact=project_short_name)
# check permission
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
# number of empty instances to be displayed
# exclude fields 'project', so it doesn't get validated
# allow for instances to be deleted
nextras = 2
ProjectImpactFormSet = modelformset_factory(
ProjectImpact,
extra=nextras,
exclude=('project', ),
can_delete=True,
formfield_callback=custom_field_callback)
queryset = ProjectImpact.objects.filter(project=project)
# GET
if request.method == 'GET':
# create formset instance backed by current saved instances
# must provide the initial data to all the extra instances,
# which come in the list after the database instances
#queryset = ExternalUrl.objects.filter(project=project, type=type)
#initial_data = [ {'project':project, 'type':type } for count in xrange(len(queryset)+nextras)]
#formset = ExternalUrlFormSet(queryset=queryset,initial=initial_data)
formset = ProjectImpactFormSet(queryset=queryset)
return render_impacts_form(request, project, formset, tab)
# POST
else:
formset = ProjectImpactFormSet(request.POST)
if formset.is_valid():
# select instances that have changed, don't save to database yet
instances = formset.save(commit=False)
for instance in instances:
instance.project = project
instance.order = 1
instance.save()
for obj in formset.deleted_objects:
obj.delete()
redirect = reverse('aboutus_display',
args=[project_short_name, tab])
return HttpResponseRedirect(redirect)
else:
print formset.errors
return render_impacts_form(request, project, formset, tab)
def news_add(request, project_short_name):
project = get_object_or_404(Project, short_name__iexact=project_short_name)
# check permission
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
# GET method pre-populates the form from the request parameters
if request.method == 'GET':
# create empty News object
news = News()
# set main project
news.project = project
# create form from (unsaved) instance
form = NewsForm(project, request.user, instance=news)
return render_news_form(request, request.GET, form, news.project)
# POST method validates the form data and saves instance to database
else:
# create form object from form data
form = NewsForm(project, request.user, request.POST)
if form.is_valid():
# save object to the database
news = form.save()
# assign related projects
for proj in form.cleaned_data['parent_projects']:
news.other_projects.add(proj)
for proj in form.cleaned_data['peer_projects']:
news.other_projects.add(proj)
for proj in form.cleaned_data['child_projects']:
news.other_projects.add(proj)
# save m2m relationships
news.save()
# redirect to project home (GET-POST-REDIRECT)
return HttpResponseRedirect(
reverse('project_home',
args=[news.project.short_name.lower()]))
# invalid data
else:
print "Form is invalid: %s" % form.errors
news = form.instance
return render_news_form(request, request.POST, form, news.project)
def impacts_update(request, project_short_name, tab):
# load user from session, project from HTTP request
user = request.user
project = get_object_or_404(Project, short_name__iexact=project_short_name)
# check permission
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
# number of empty instances to be displayed
# exclude fields 'project', so it doesn't get validated
# allow for instances to be deleted
nextras = 2
ProjectImpactFormSet = modelformset_factory(ProjectImpact, extra=nextras, exclude=('project',), can_delete=True,
formfield_callback=custom_field_callback)
queryset = ProjectImpact.objects.filter(project=project)
# GET
if request.method == 'GET':
# create formset instance backed by current saved instances
# must provide the initial data to all the extra instances,
# which come in the list after the database instances
#queryset = ExternalUrl.objects.filter(project=project, type=type)
#initial_data = [ {'project':project, 'type':type } for count in xrange(len(queryset)+nextras)]
#formset = ExternalUrlFormSet(queryset=queryset,initial=initial_data)
formset = ProjectImpactFormSet(queryset=queryset)
return render_impacts_form(request, project, formset, tab)
# POST
else:
formset = ProjectImpactFormSet(request.POST)
if formset.is_valid():
# select instances that have changed, don't save to database yet
instances = formset.save(commit=False)
for instance in instances:
instance.project = project
instance.order = 1
instance.save()
for obj in formset.deleted_objects:
obj.delete()
redirect = reverse('aboutus_display', args=[project_short_name, tab])
return HttpResponseRedirect(redirect)
else:
print formset.errors
return render_impacts_form(request, project, formset, tab)
def folder_add(request, project_short_name):
# retrieve project from request, user from session
project = get_object_or_404(Project, short_name__iexact=project_short_name)
# user = request.user
# security check
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
if request.method == 'GET':
# create empty Folder object, pre-populate project and user
folder = Folder()
folder.project = project
# get or create top-level folder
topfolder = getTopFolder(project)
folder.parent = topfolder
# create form from instance
# project is used to sub-select the parent folder options
form = FolderForm(project,
instance=folder,
initial={'redirect': request.GET.get('next', None)})
return render_folder_form(request, project, form)
else:
# create form object from form data
form = FolderForm(project, request.POST)
if form.is_valid():
folder = form.save(commit=False)
# enable new folders by default
folder.active = True
folder.save()
redirect = form.cleaned_data['redirect']
if redirect is not None and redirect.lower() != 'none' and len(
redirect.strip()) > 0:
return HttpResponseRedirect(redirect)
else:
# redirect to bookmark add page
return HttpResponseRedirect(
reverse('bookmark_add', args=[project.short_name.lower()]))
else:
# return to view
print "Form is invalid: %s" % form.errors
return render_folder_form(request, project, form)
def news_add(request, project_short_name):
project = get_object_or_404(Project, short_name__iexact=project_short_name)
# check permission
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
# GET method pre-populates the form from the request parameters
if request.method == "GET":
# create empty News object
news = News()
# set main project
news.project = project
# create form from (unsaved) instance
form = NewsForm(project, request.user, instance=news)
return render_news_form(request, request.GET, form, news.project)
# POST method validates the form data and saves instance to database
else:
# create form object from form data
form = NewsForm(project, request.user, request.POST)
if form.is_valid():
# save object to the database
news = form.save()
# assign related projects
for proj in form.cleaned_data["parent_projects"]:
news.other_projects.add(proj)
for proj in form.cleaned_data["peer_projects"]:
news.other_projects.add(proj)
for proj in form.cleaned_data["child_projects"]:
news.other_projects.add(proj)
# save m2m relationships
news.save()
# redirect to project home (GET-POST-REDIRECT)
return HttpResponseRedirect(reverse("project_home", args=[news.project.short_name.lower()]))
# invalid data
else:
print "Form is invalid: %s" % form.errors
news = form.instance
return render_news_form(request, request.POST, form, news.project)
def folder_add(request, project_short_name):
# retrieve project from request, user from session
project = get_object_or_404(Project, short_name__iexact=project_short_name)
# user = request.user
# security check
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
if request.method == 'GET':
# create empty Folder object, pre-populate project and user
folder = Folder()
folder.project = project
# get or create top-level folder
topfolder = getTopFolder(project)
folder.parent = topfolder
# create form from instance
# project is used to sub-select the parent folder options
form = FolderForm(project,
instance=folder,
initial={'redirect': request.GET.get('next', None)})
return render_folder_form(request, project, form)
else:
# create form object from form data
form = FolderForm(project, request.POST)
if form.is_valid():
folder = form.save(commit=False)
# enable new folders by default
folder.active = True
folder.save()
redirect = form.cleaned_data['redirect']
if redirect is not None and redirect.lower() != 'none' and len(redirect.strip()) > 0:
return HttpResponseRedirect(redirect)
else:
# redirect to bookmark add page
return HttpResponseRedirect(reverse('bookmark_add', args=[project.short_name.lower()]))
else:
# return to view
print "Form is invalid: %s" % form.errors
return render_folder_form(request, project, form)
def isVisible(self, user):
if self.active == False:
return False
elif self.private == False:
return True
elif userHasUserPermission(user, self):
return True
elif userHasContributorPermission(user, self):
return True
elif userHasAdminPermission(user, self):
return True
else:
return False
def news_update(request, news_id):
news = get_object_or_404(News, pk=news_id)
# check permission
if not userHasContributorPermission(request.user, news.project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
# GET method pre-populates the form with the news properties
if request.method == 'GET':
# create form from instance
form = NewsForm(news.project, request.user, instance=news)
return render_news_form(request, request.GET, form, news.project)
# POST method saves the modified instance
elif request.method == 'POST':
# update existing database model with form data
form = NewsForm(news.project,
request.user,
request.POST,
instance=news)
if form.is_valid():
# save data from web
news = form.save()
# assign related projects
news.other_projects = []
for proj in (list(form.cleaned_data['parent_projects']) +
list(form.cleaned_data['peer_projects']) +
list(form.cleaned_data['child_projects'])):
if proj not in news.other_projects.all():
news.other_projects.add(proj)
# save new m2m relations
news.save()
# redirect to project home (GET-POST-REDIRECT)
return HttpResponseRedirect(
reverse('project_home',
args=[news.project.short_name.lower()]))
# invalid data
else:
print "Form is invalid: %s" % form.errors
news = form.instance
return render_news_form(request, request.POST, form, news.project)
def news_update(request, news_id):
news = get_object_or_404(News, pk=news_id)
# check permission
if not userHasContributorPermission(request.user, news.project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
# GET method pre-populates the form with the news properties
if request.method == "GET":
# create form from instance
form = NewsForm(news.project, request.user, instance=news)
return render_news_form(request, request.GET, form, news.project)
# POST method saves the modified instance
elif request.method == "POST":
# update existing database model with form data
form = NewsForm(news.project, request.user, request.POST, instance=news)
if form.is_valid():
# save data from web
news = form.save()
# assign related projects
news.other_projects = []
for proj in (
list(form.cleaned_data["parent_projects"])
+ list(form.cleaned_data["peer_projects"])
+ list(form.cleaned_data["child_projects"])
):
if proj not in news.other_projects.all():
news.other_projects.add(proj)
# save new m2m relations
news.save()
# redirect to project home (GET-POST-REDIRECT)
return HttpResponseRedirect(reverse("project_home", args=[news.project.short_name.lower()]))
# invalid data
else:
print "Form is invalid: %s" % form.errors
news = form.instance
return render_news_form(request, request.POST, form, news.project)
def news_delete(request, news_id):
news = get_object_or_404(News, pk=news_id)
project = news.project
# check permission
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
# show confirmation form
if request.method == "GET":
return render(request, "cog/news/news_delete.html", {"news": news, "project": project, "title": "Delete News"})
# execute, and redirect to project's home page
else:
news.delete()
# redirect to project home (GET-POST-REDIRECT)
return HttpResponseRedirect(reverse("project_home", args=[project.short_name.lower()]))
def folder_delete(request, project_short_name, folder_id):
# retrieve folder from request
folder = get_object_or_404(Folder, pk=folder_id)
project = folder.project
# parentFolder = folder.topParent()
# security check
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
if folder.parent == None:
return HttpResponseForbidden("Top-level folders cannot be deleted")
# delete folder and all of its content
delete_folder(folder)
# redirect to project folder
return HttpResponseRedirect(reverse('bookmark_list', args=[project.short_name.lower()]))
def bookmark_delete(request, project_short_name, bookmark_id):
bookmark = get_object_or_404(Bookmark, pk=bookmark_id)
folder = bookmark.folder
project = bookmark.folder.project
# security check
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
# delete notes (recursively)
if bookmark.notes:
bookmark.notes.delete()
# delete bookmark
bookmark.delete()
# redirect to bookmarks view
return HttpResponseRedirect(reverse('bookmark_list', args=[project.short_name.lower()]))
def folder_delete(request, project_short_name, folder_id):
# retrieve folder from request
folder = get_object_or_404(Folder, pk=folder_id)
project = folder.project
# parentFolder = folder.topParent()
# security check
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
if folder.parent == None:
return HttpResponseForbidden("Top-level folders cannot be deleted")
# delete folder and all of its content
delete_folder(folder)
# redirect to project folder
return HttpResponseRedirect(
reverse('bookmark_list', args=[project.short_name.lower()]))
def bookmark_delete(request, project_short_name, bookmark_id):
bookmark = get_object_or_404(Bookmark, pk=bookmark_id)
folder = bookmark.folder
project = bookmark.folder.project
# security check
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
# delete notes (recursively)
if bookmark.notes:
bookmark.notes.delete()
# delete bookmark
bookmark.delete()
# redirect to bookmarks view
return HttpResponseRedirect(
reverse('bookmark_list', args=[project.short_name.lower()]))
def doc_remove(request, doc_id):
# retrieve document from database
doc = get_object_or_404(Doc, pk=doc_id)
project = doc.project
# check permission
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
# delete doc altogether
delete_doc(doc)
# redirect to original page, or to project home if not found
redirect = getQueryDict(request).get('redirect', None)
if redirect is None:
redirect = reverse('project_home', kwargs={'project_short_name': project.short_name.lower()})
# redirect to project home page
#return HttpResponseRedirect( reverse('doc_list', kwargs={'project_short_name': project.short_name.lower() } ) )
return HttpResponseRedirect(redirect)
def bookmark_update(request, project_short_name, bookmark_id):
bookmark = get_object_or_404(Bookmark, pk=bookmark_id)
project = bookmark.folder.project
# security check
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
if request.method == 'GET':
# create form object from model
form = BookmarkForm(project, instance=bookmark)
# return to view
return render_bookmark_form(request, project, form)
else:
# create form object from form data
form = BookmarkForm(project, request.POST, instance=bookmark)
if form.is_valid():
bookmark = form.save()
# update associated Doc, if any
doc = getDocFromBookmark(bookmark)
if doc is not None:
print 'Updating associated doc: %s' % doc
doc.title = bookmark.name
doc.description = bookmark.description
doc.save()
# redirect to bookmarks listing
return HttpResponseRedirect(
reverse('bookmark_list', args=[project.short_name.lower()]))
else:
print "Form is invalid: %s" % form.errors
# return to view
return render_bookmark_form(request, project, form)
def bookmark_update(request, project_short_name, bookmark_id):
bookmark = get_object_or_404(Bookmark, pk=bookmark_id)
project = bookmark.folder.project
# security check
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
if request.method == 'GET':
# create form object from model
form = BookmarkForm(project, instance=bookmark)
# return to view
return render_bookmark_form(request, project, form)
else:
# create form object from form data
form = BookmarkForm(project, request.POST, instance=bookmark)
if form.is_valid():
bookmark = form.save()
# update associated Doc, if any
doc = getDocFromBookmark(bookmark)
if doc is not None:
print 'Updating associated doc: %s' % doc
doc.title = bookmark.name
doc.description = bookmark.description
doc.save()
# redirect to bookmarks listing
return HttpResponseRedirect(reverse('bookmark_list', args=[project.short_name.lower()]))
else:
print "Form is invalid: %s" % form.errors
# return to view
return render_bookmark_form(request, project, form)
def post_delete(request, post_id):
# retrieve post
post = get_object_or_404(Post, pk=post_id)
project = post.project
# check post is not one of the critical project pages
if post.is_predefined():
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
else:
# check permission: only project members can delete non-predefined project pages
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
if request.method == 'GET':
return render(
request, 'cog/post/post_delete.html', {
'post': post,
'project': project,
'title': '%s Deletion Request' % post.type.capitalize()
})
else:
# pass a temporary copy of the object to the view
_post = copy.copy(post)
# send post update signal
post.send_signal(SIGNAL_OBJECT_DELETED)
# delete the post
post.delete()
return render(
request, 'cog/post/post_delete.html', {
'post': _post,
'project': project,
'title': '%s Deletion Confirmation' % _post.type.capitalize()
})
def bookmark_add2(request, project_short_name):
# load user from session, project from HTTP request
user = request.user
project = get_object_or_404(Project, short_name__iexact=project_short_name)
# security check
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
response_data = {}
response_data['errors'] = {}
if request.method == 'POST':
# create form object from form data
form = BookmarkForm(project, request.POST)
if form.is_valid():
bookmark = form.save()
response_data['result'] = 'Success'
response_data['message'] = 'Your bookmark was saved.'
else:
print 'Form is invalid: %s' % form.errors
# encode errors in response - although not used
for key, value in form.errors.items():
response_data['errors'][key] = value
response_data['result'] = 'Error'
response_data[
'message'] = 'Sorry, the form data is invalid: %s' % form.errors
else:
response_data['result'] = 'Error'
response_data['message'] = 'Sorry, the GET method is not supported'
return HttpResponse(json.dumps(response_data),
content_type='application/json')
def doc_remove(request, doc_id):
# retrieve document from database
doc = get_object_or_404(Doc, pk=doc_id)
project = doc.project
# check permission
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
# delete doc altogether
delete_doc(doc)
# redirect to original page, or to project home if not found
redirect = getQueryDict(request).get('redirect', None)
if redirect is None:
redirect = reverse(
'project_home',
kwargs={'project_short_name': project.short_name.lower()})
# redirect to project home page
#return HttpResponseRedirect( reverse('doc_list', kwargs={'project_short_name': project.short_name.lower() } ) )
return HttpResponseRedirect(redirect)
def news_delete(request, news_id):
news = get_object_or_404(News, pk=news_id)
project = news.project
# check permission
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
# show confirmation form
if request.method == 'GET':
return render(request, 'cog/news/news_delete.html', {
'news': news,
'project': project,
'title': 'Delete News'
})
# execute, and redirect to project's home page
else:
news.delete()
# redirect to project home (GET-POST-REDIRECT)
return HttpResponseRedirect(
reverse('project_home', args=[project.short_name.lower()]))
def doc_update(request, doc_id):
# retrieve document from database
doc = get_object_or_404(Doc, pk=doc_id)
# check permission
if not userHasContributorPermission(request.user, doc.project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
if request.method == 'GET':
# create form from model
form = DocForm(doc.project, instance=doc)
return render_doc_form(request, form, doc.project)
else:
form = DocForm(doc.project, request.POST, request.FILES, instance=doc)
if form.is_valid():
# update existing database model with form data
doc = form.save()
# update associated Bookmar, if any
bookmark = getBookmarkFromDoc(doc)
if bookmark is not None:
bookmark.name = doc.title
bookmark.description = doc.description
bookmark.save()
print 'Updated associated bookmark: %s' % bookmark
# redirect to document detail (GET-POST-REDIRECT)
return HttpResponseRedirect(
reverse('doc_detail', kwargs={'doc_id': doc.id}))
else:
return render_doc_form(request, form, doc.project)
def bookmark_add2(request, project_short_name):
# load user from session, project from HTTP request
user = request.user
project = get_object_or_404(Project, short_name__iexact=project_short_name)
# security check
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
response_data = {}
response_data['errors'] = {}
if request.method == 'POST':
# create form object from form data
form = BookmarkForm(project, request.POST)
if form.is_valid():
bookmark = form.save()
response_data['result'] = 'Success'
response_data['message'] = 'Your bookmark was saved.'
else:
print 'Form is invalid: %s' % form.errors
# encode errors in response - although not used
for key, value in form.errors.items():
response_data['errors'][key] = value
response_data['result'] = 'Error'
response_data['message'] = 'Sorry, the form data is invalid: %s' % form.errors
else:
response_data['result'] = 'Error'
response_data['message'] = 'Sorry, the GET method is not supported'
return HttpResponse(json.dumps(response_data), content_type='application/json')
def doc_update(request, doc_id):
# retrieve document from database
doc = get_object_or_404(Doc, pk=doc_id)
# check permission
if not userHasContributorPermission(request.user, doc.project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
if request.method == 'GET':
# create form from model
form = DocForm(doc.project, instance=doc)
return render_doc_form(request, form, doc.project)
else:
form = DocForm(doc.project, request.POST, request.FILES, instance=doc)
if form.is_valid():
# update existing database model with form data
doc = form.save()
# update associated Bookmar, if any
bookmark = getBookmarkFromDoc(doc)
if bookmark is not None:
bookmark.name = doc.title
bookmark.description = doc.description
bookmark.save()
print 'Updated associated bookmark: %s' % bookmark
# redirect to document detail (GET-POST-REDIRECT)
return HttpResponseRedirect(reverse('doc_detail', kwargs={'doc_id': doc.id}))
else:
return render_doc_form(request, form, doc.project)
def external_urls_update(request, project_short_name, suburl):
# load user from session, project from HTTP request
user = request.user
project = get_object_or_404(Project, short_name__iexact=project_short_name)
# check permission
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
try:
externalUrlConf = externalUrlManager.getConf(suburl=suburl)
except KeyError:
raise Exception("URL: %s is not properly configured" % request.path)
type = externalUrlConf.type
redirect = reverse('%s_display' % suburl, args=[project_short_name, suburl])
# number of empty instances to be displayed
# exclude fields 'project', 'type' so they don't get validated
# allow for instances to be deleted
nextras = 1
ExternalUrlFormSet = modelformset_factory(ExternalUrl, extra=nextras, exclude=('project', 'type'), can_delete=True,
#widgets={'description': Textarea(attrs={'rows': 4})} ) # not working
formfield_callback=custom_field_callback)
# GET
if request.method == 'GET':
print type
# create formset instance backed by current saved instances
# must provide the initial data to all the extra instances,
# which come in the list after the database instances
# if template is release schedules or prioritization, which are dates, reverse order of the urls
# sorting of the view occurs in models/project.py/get_external_urls()
if type == 'release_schedule':
formset = ExternalUrlFormSet(queryset=ExternalUrl.objects.filter(project=project, type=type).
order_by('-title'))
elif type == 'prioritization':
formset = ExternalUrlFormSet(queryset=ExternalUrl.objects.filter(project=project, type=type).
order_by('-title'))
else:
# external_urls are ordered by title when editing to match the order when just viewing.
formset = ExternalUrlFormSet(queryset=ExternalUrl.objects.filter(project=project, type=type).
order_by('title'))
return render_external_urls_form(request, project, formset, externalUrlConf, redirect)
# POST
else:
formset = ExternalUrlFormSet(request.POST)
if formset.is_valid():
# select instances that have changed, don't save to database yet
instances = formset.save(commit=False)
# must manually delete the instances marked for deletion
for obj in formset.deleted_objects:
obj.delete()
# for all others, assign the project reference and persist changes
for instance in instances:
instance.project = project
instance.type = type
instance.save()
return HttpResponseRedirect(redirect)
else:
print formset.errors
return render_external_urls_form(request, project, formset, externalUrlConf, redirect)
def doc_add(request, project_short_name):
project = get_object_or_404(Project, short_name__iexact=project_short_name)
# check permission
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
if request.method == 'GET':
# create empty document
doc = Doc()
# assign project
doc.project = project
# change form such that if a project is private, the Private? checkbox is checked by default
if doc.project.private:
doc.is_private = True
# create form from instance
form = DocForm(project, instance=doc)
return render_doc_form(request, form, project)
else:
form = DocForm(project, request.POST, request.FILES)
if form.is_valid():
doc = form.save(commit=False)
doc.author = request.user
if doc.title is None or len(doc.title.strip()) == 0:
doc.title = basename(doc.file.name)
# save the document so to assign path in project directory: 'projects/<this project>/<filename>'
doc.save()
# store path explicitly in the database so it can be used for searching
doc.path = doc.file.name
# must save again
doc.save()
# optionally create Resource in selected Folder
folder = form.cleaned_data['folder']
if folder is not None:
# must use full URL since Bookmark.url is of type URLField
url = request.build_absolute_uri(doc.file.url)
bookmark = Bookmark.objects.create(
name=doc.title,
url=url,
folder=folder,
description=doc.description,
order=len(folder.bookmark_set.all()))
# optional redirect
redirect = form.cleaned_data['redirect']
if redirect:
# add newly created doc id to redirect URL (GET-POST-REDIRECT)
return HttpResponseRedirect(redirect + "?doc_id=%i" % doc.id)
else:
# (GET-POST-REDIRECT)
return HttpResponseRedirect(
reverse('doc_detail', kwargs={'doc_id': doc.id}))
else:
#print form.errors
return render_doc_form(request, form, project)
def external_urls_update(request, project_short_name, suburl):
# load user from session, project from HTTP request
user = request.user
project = get_object_or_404(Project, short_name__iexact=project_short_name)
# check permission
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
try:
externalUrlConf = externalUrlManager.getConf(suburl=suburl)
except KeyError:
raise Exception("URL: %s is not properly configured" % request.path)
type = externalUrlConf.type
redirect = reverse('%s_display' % suburl,
args=[project_short_name, suburl])
# number of empty instances to be displayed
# exclude fields 'project', 'type' so they don't get validated
# allow for instances to be deleted
nextras = 1
ExternalUrlFormSet = modelformset_factory(
ExternalUrl,
extra=nextras,
exclude=('project', 'type'),
can_delete=True,
#widgets={'description': Textarea(attrs={'rows': 4})} ) # not working
formfield_callback=custom_field_callback)
# GET
if request.method == 'GET':
print type
# create formset instance backed by current saved instances
# must provide the initial data to all the extra instances,
# which come in the list after the database instances
# if template is release schedules or prioritization, which are dates, reverse order of the urls
# sorting of the view occurs in models/project.py/get_external_urls()
if type == 'release_schedule':
formset = ExternalUrlFormSet(queryset=ExternalUrl.objects.filter(
project=project, type=type).order_by('-title'))
elif type == 'prioritization':
formset = ExternalUrlFormSet(queryset=ExternalUrl.objects.filter(
project=project, type=type).order_by('-title'))
else:
# external_urls are ordered by title when editing to match the order when just viewing.
formset = ExternalUrlFormSet(queryset=ExternalUrl.objects.filter(
project=project, type=type).order_by('title'))
return render_external_urls_form(request, project, formset,
externalUrlConf, redirect)
# POST
else:
formset = ExternalUrlFormSet(request.POST)
if formset.is_valid():
# select instances that have changed, don't save to database yet
instances = formset.save(commit=False)
# must manually delete the instances marked for deletion
for obj in formset.deleted_objects:
obj.delete()
# for all others, assign the project reference and persist changes
for instance in instances:
instance.project = project
instance.type = type
instance.save()
return HttpResponseRedirect(redirect)
else:
print formset.errors
return render_external_urls_form(request, project, formset,
externalUrlConf, redirect)
def post_add(request, project_short_name, owner=None):
"""
View to create a Post object within a context project.
Optionally, an owner object can be specified, which is assigned a reference to the newly created Post
through its method .setPost(Post)
"""
# load project
project = get_object_or_404(Project, short_name__iexact=project_short_name)
# check permission
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
# retrieve type
postType = getQueryDict(request).get('type')
if request.method == 'GET':
# create empty Post object, pre-populate project and type
post = Post()
post.project = project
post.type = postType
# optionally assign parent Post
parent_id = request.GET.get('parent_id', None)
if parent_id:
ppost = get_object_or_404(Post, pk=parent_id)
post.parent = ppost
post.topic = ppost.topic
# set fixed fields for hyperlinks
#if postType == Post.TYPE_HYPERLINK:
# post.template = None
# post.is_private = False
# post.is_restricted = False
# create form from instance
# note extra argument project to customize the queryset!
form = PostForm(postType, project, instance=post)
return render_post_form(request, form, project, postType)
else:
# create form object from form data
form = PostForm(postType, project, request.POST)
if form.is_valid():
# create a new post object but don't save it to the database yet
post = form.save(commit=False)
# modify the post object
post.author = request.user
# update date
post.update_date = now()
# page: build full page URL
if post.type == Post.TYPE_PAGE:
post.url = get_project_page_full_url(project, post.url)
elif post.type != Post.TYPE_HYPERLINK:
# assign temporary value before object id is assigned
post.url = datetime.now()
# assign post order, if top-level
# note that the post.topic may be None
if post.parent is None:
pages = Post.objects.filter(project=project).filter(topic=post.topic).filter(parent=None).\
filter(Q(type=Post.TYPE_PAGE) | Q(type=Post.TYPE_HYPERLINK)).order_by('order')
post.order = len(pages)+1
else:
post.order = 0
# save post object to the database (GET-POST-REDIRECT)
post.save()
# assign post URL and save again
if post.type == Post.TYPE_BLOG or post.type == Post.TYPE_NOTES:
post.url = reverse('post_detail', args=[post.id])
post.save()
# create project-topic relation if not existing already
if post.topic is not None:
createProjectTopicIfNotExisting(project, post.topic)
# assign this reference to owner
if owner is not None:
owner.setPost(post)
owner.save()
# send post update signal
post.send_signal(SIGNAL_OBJECT_CREATED)
# redirect to post (GET-POST-REDIRECT)
if post.type != Post.TYPE_HYPERLINK:
return redirect_to_post(request, post)
# or to project home page
else:
return HttpResponseRedirect(reverse('project_home', args=[project_short_name.lower()]))
# invalid data
else:
print form.errors
return render_post_form(request, form, project, postType)
def hasContributorPermission(user, project):
return userHasContributorPermission(user, project)
def hasContributorPermission(user, project):
return userHasContributorPermission(user, project)
def post_add(request, project_short_name, owner=None):
"""
View to create a Post object within a context project.
Optionally, an owner object can be specified, which is assigned a reference to the newly created Post
through its method .setPost(Post)
"""
# load project
project = get_object_or_404(Project, short_name__iexact=project_short_name)
# check permission
if not userHasContributorPermission(request.user, project):
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
# retrieve type
postType = getQueryDict(request).get('type')
if request.method == 'GET':
# create empty Post object, pre-populate project and type
post = Post()
post.project = project
post.type = postType
# optionally assign parent Post
parent_id = request.GET.get('parent_id', None)
if parent_id:
ppost = get_object_or_404(Post, pk=parent_id)
post.parent = ppost
post.topic = ppost.topic
# set fixed fields for hyperlinks
#if postType == Post.TYPE_HYPERLINK:
# post.template = None
# post.is_private = False
# post.is_restricted = False
# create form from instance
# note extra argument project to customize the queryset!
form = PostForm(postType, project, instance=post)
return render_post_form(request, form, project, postType)
else:
# create form object from form data
form = PostForm(postType, project, request.POST)
if form.is_valid():
# create a new post object but don't save it to the database yet
post = form.save(commit=False)
# modify the post object
post.author = request.user
# update date
post.update_date = now()
# page: build full page URL
if post.type == Post.TYPE_PAGE:
post.url = get_project_page_full_url(project, post.url)
elif post.type != Post.TYPE_HYPERLINK:
# assign temporary value before object id is assigned
post.url = datetime.now()
# assign post order, if top-level
# note that the post.topic may be None
if post.parent is None:
pages = Post.objects.filter(project=project).filter(topic=post.topic).filter(parent=None).\
filter(Q(type=Post.TYPE_PAGE) | Q(type=Post.TYPE_HYPERLINK)).order_by('order')
post.order = len(pages) + 1
else:
post.order = 0
# save post object to the database (GET-POST-REDIRECT)
post.save()
# assign post URL and save again
if post.type == Post.TYPE_BLOG or post.type == Post.TYPE_NOTES:
post.url = reverse('post_detail', args=[post.id])
post.save()
# create project-topic relation if not existing already
if post.topic is not None:
createProjectTopicIfNotExisting(project, post.topic)
# assign this reference to owner
if owner is not None:
owner.setPost(post)
owner.save()
# send post update signal
post.send_signal(SIGNAL_OBJECT_CREATED)
# redirect to post (GET-POST-REDIRECT)
if post.type != Post.TYPE_HYPERLINK:
return redirect_to_post(request, post)
# or to project home page
else:
return HttpResponseRedirect(
reverse('project_home', args=[project_short_name.lower()]))
# invalid data
else:
print form.errors
return render_post_form(request, form, project, postType)
def _buildQuerySet(self, projects, user):
qs = Q(pk=0) # start with an empty query set - does not match any project
for p in projects:
if userHasContributorPermission(user, p):
qs = qs | Q(pk=p.id)
return qs