def update_position(request, space_url):
"""
This view saves the new note position in the debate board. Instead of
reloading all the note form with all the data, we use the partial form
"UpdateNotePosition" which only handles the column and row of the note.
"""
note = get_object_or_404(Note, pk=request.POST['noteid'])
position_form = UpdateNotePosition(request.POST or None, instance=note)
place = get_object_or_404(Space, url=space_url)
if request.method == "POST" and request.is_ajax:
if has_operation_permission(request.user, place, 'note.change_note',
allow=['admins', 'mods']) or request.user == note.author:
if position_form.is_valid():
position_form_uncommited = position_form.save(commit=False)
position_form_uncommited.column = get_object_or_404(Column,
pk=request.POST['column'])
position_form_uncommited.row = get_object_or_404(Row,
pk=request.POST['row'])
position_form_uncommited.save()
msg = "The note has been updated."
else:
msg = "There has been an error validating the form."
else:
msg = "There was some error in the petition."
return HttpResponse(msg)
def get_object(self):
space = get_object_or_404(Space, url=self.kwargs['space_url'])
if has_operation_permission(self.request.user, space,
'voting.delete_poll', allow=['admins']):
return get_object_or_404(Poll, pk=self.kwargs['poll_id'])
else:
self.template_name = 'not_allowed.html'
def get_object(self):
space = get_object_or_404(Space, url=self.kwargs['space_url'])
if has_operation_permission(self.request.user,
space,
'voting.delete_poll',
allow=['admins']):
return get_object_or_404(Poll, pk=self.kwargs['poll_id'])
else:
self.template_name = 'not_allowed.html'
def form_valid(self, form):
self.space = get_object_or_404(Space, url=self.kwargs['space_url'])
if has_operation_permission(self.request.user, self.space, 'voting.add_voting', allow=['admins', 'mods']):
form_uncommited = form.save(commit=False)
form_uncommited.author = self.request.user
form_uncommited.space = self.space
form_uncommited.save()
form.save_m2m()
return super(AddVoting, self).form_valid(form)
else:
template_name = 'not_allowed.html'
def get_object(self):
prop_id = self.kwargs['prop_id']
space_url = self.kwargs['space_url']
proposal = get_object_or_404(Proposal, pk = prop_id)
space = get_object_or_404(Space, url = space_url)
if has_operation_permission(self.request.user, space,
'proposals.delete_proposal', allow=['admins', 'mods']) \
or proposal.author.id == self.request.user.id:
return proposal
else:
return render_to_response('not_allowed.html',
context_instance=RequestContext(self.request))
def form_valid(self, form):
space = get_object_or_404(Space, url=self.kwargs['space_url'])
if has_operation_permission(self.request.user, space,
'proposals.add_proposal', allow=['admins', 'mods','users']):
form_uncommited = form.save(commit=False)
form_uncommited.space = space
form_uncommited.author = self.request.user
form_uncommited.save()
return super(AddProposal, self).form_valid(form)
else:
return render_to_response('not_allowed.html',
context_instance=RequestContext(self.request))
def edit_debate(request, space_url, debate_id):
pk = debate_id
place = get_object_or_404(Space, url=space_url)
if has_operation_permission(request.user, place, 'debate.change_debate',
allow=['admins', 'mods']):
RowFormSet = inlineformset_factory(Debate, Row, extra=1)
ColumnFormSet = inlineformset_factory(Debate, Column, extra=1)
instance = Debate.objects.get(pk=debate_id)
debate_form = DebateForm(request.POST or None, instance=instance)
row_formset = RowFormSet(request.POST or None, instance=instance, prefix="rowform")
column_formset = ColumnFormSet(request.POST or None, instance=instance, prefix="colform")
if request.method == 'POST':
if debate_form.is_valid() and row_formset.is_valid() \
and column_formset.is_valid():
debate_form_uncommited = debate_form.save(commit=False)
debate_form_uncommited.space = place
debate_form_uncommited.author = request.user
saved_debate = debate_form_uncommited.save()
debate_instance = get_object_or_404(Debate,
pk=debate_id)
row = row_formset.save(commit=False)
for form in row:
form.debate = instance
form.save()
column = column_formset.save(commit=False)
for form in column:
form.debate = instance
form.save()
return HttpResponseRedirect(reverse(urln.DEBATE_VIEW,
kwargs={'space_url': space_url,
'debate_id': str(debate_form_uncommited.id)}))
return render_to_response('debate/debate_add.html',
{'form': debate_form,
'rowform': row_formset,
'colform': column_formset,
'get_place': place,
'debateid': debate_id},
context_instance=RequestContext(request))
return render_to_response('not_allowed.html',
context_instance=RequestContext(request))
def update_note(request, space_url):
"""
Updated the current note with the POST data. UpdateNoteForm is an incomplete
form that doesn't handle some properties, only the important for the note
editing.
"""
place = get_object_or_404(Space, url=space_url)
if request.method == "GET" and request.is_ajax:
note = get_object_or_404(Note, pk=request.GET['noteid'])
ctype = ContentType.objects.get_for_model(Note)
latest_comments = Comment.objects.filter(is_public=True,
is_removed=False, content_type=ctype, object_pk=note.id) \
.order_by('-submit_date')[:5]
form = CommentForm(target_object=note)
response_data = {}
response_data['title'] = note.title
response_data['message'] = note.message
response_data['author'] = {'name': note.author.username}
response_data['comments'] = [{'username': c.user.username,
'comment': c.comment,
'submit_date': c.submit_date} for c in latest_comments]
response_data["form_html"] = form.as_p()
return HttpResponse(json.dumps(response_data, cls=DjangoJSONEncoder),
mimetype="application/json")
if request.method == "POST" and request.is_ajax:
if has_operation_permission(request.user, place, 'note.change_note',
allow=['admins', 'mods']) or request.user == note.author:
note = get_object_or_404(Note, pk=request.POST['noteid'])
note_form = UpdateNoteForm(request.POST or None, instance=note)
if note_form.is_valid():
note_form_uncommited = note_form.save(commit=False)
note_form_uncommited.title = request.POST['title']
note_form_uncommited.message = request.POST['message']
note_form_uncommited.last_mod_author = request.user
note_form_uncommited.save()
msg = "The note has been updated."
else:
msg = "The form is not valid, check field(s): " + note_form.errors
return HttpResponse(msg)
else:
msg = "There was some error in the petition."
return HttpResponse(msg)
def add_poll(request, space_url):
"""
Create a new poll. Only registered users belonging to a concrete group
are allowed to create polls. The polls are composed by a form and a choice
formset.
:parameters: space_url
:context: get_place
"""
space = get_object_or_404(Space, url=space_url)
poll_form = PollForm(request.POST or None)
choice_form = ChoiceFormSet(request.POST or None,
prefix="choiceform",
queryset=Choice.objects.none())
if (has_operation_permission(request.user,
space,
'voting.add_poll',
allow=['admins', 'mods'])):
if request.method == 'POST':
if poll_form.is_valid() and choice_form.is_valid():
poll_form_uncommited = poll_form.save(commit=False)
poll_form_uncommited.space = space
poll_form_uncommited.author = request.user
saved_poll = poll_form_uncommited.save()
poll_instance = get_object_or_404(Poll,
pk=poll_form_uncommited.pk)
cform_uncommited = choice_form.save(commit=False)
for cf in cform_uncommited:
cf.poll = poll_instance
cf.save()
return HttpResponseRedirect(
reverse(urln.SPACE_INDEX, kwargs={'space_url': space.url}))
return render_to_response('voting/poll_form.html', {
'form': poll_form,
'choiceform': choice_form,
'get_place': space
},
context_instance=RequestContext(request))
return render_to_response('not_allowed.html',
context_instance=RequestContext(request))
def edit_poll(request, space_url, poll_id):
"""
Edit a specific poll.
:parameters: space_url, poll_id
:context: form, get_place, choiceform, pollid
"""
place = get_object_or_404(Space, url=space_url)
if has_operation_permission(request.user,
place,
'voting.change_poll',
allow=['admins', 'mods']):
ChoiceFormSet = inlineformset_factory(Poll, Choice)
instance = Poll.objects.get(pk=poll_id)
poll_form = PollForm(request.POST or None, instance=instance)
choice_form = ChoiceFormSet(request.POST or None,
instance=instance,
prefix="choiceform")
if request.method == 'POST':
if poll_form.is_valid() and choice_form.is_valid():
poll_form_uncommited = poll_form.save(commit=False)
poll_form_uncommited.space = place
poll_form_uncommited.author = request.user
saved_poll = poll_form_uncommited.save()
for form in choice_form.forms:
choice = form.save(commit=False)
choice.poll = instance
choice.save()
return HttpResponseRedirect(
reverse(urln.SPACE_INDEX, kwargs={'space_url': place.url}))
return render_to_response('voting/poll_form.html', {
'form': poll_form,
'choiceform': choice_form,
'get_place': place,
'pollid': poll_id,
},
context_instance=RequestContext(request))
else:
return render_to_response('not_allowed.html',
context_instance=RequestContext(request))
def edit_poll(request, space_url, poll_id):
"""
Edit a specific poll.
:parameters: space_url, poll_id
:context: form, get_place, choiceform, pollid
"""
place = get_object_or_404(Space, url=space_url)
if has_operation_permission(request.user, place, 'voting.change_poll',
allow=['admins', 'mods']):
ChoiceFormSet = inlineformset_factory(Poll, Choice, extra=1)
instance = Poll.objects.get(pk=poll_id)
poll_form = PollForm(request.POST or None, instance=instance)
choice_form = ChoiceFormSet(request.POST or None, instance=instance,
prefix="choiceform")
if request.method == 'POST':
if poll_form.is_valid() and choice_form.is_valid():
poll_form_uncommited = poll_form.save(commit=False)
poll_form_uncommited.space = place
poll_form_uncommited.author = request.user
saved_poll = poll_form_uncommited.save()
choices = choice_form.save(commit=False)
for form in choices:
form.poll = instance
form.save()
return HttpResponseRedirect(reverse(urln.SPACE_INDEX,
kwargs={'space_url': place.url}))
return render_to_response('voting/poll_form.html',
{'form': poll_form,
'choiceform': choice_form,
'get_place': place,
'pollid': poll_id, },
context_instance=RequestContext(request))
else:
return render_to_response('not_allowed.html',
context_instance=RequestContext(request))
def create_note(request, space_url):
"""
This function creates a new note inside the debate board. It receives the
order from the createNote() AJAX function. To create the note first we
create the note in the DB, and if successful we return some of its
parameters to the debate board for the user. In case the petition had
errors, we return the error message that will be shown by jsnotify.
.. versionadded:: 0.1.5
"""
note_form = NoteForm(request.POST or None)
place = get_object_or_404(Space, url=space_url)
if request.method == "POST" and request.is_ajax:
if has_operation_permission(request.user, place, 'note.add_note',
allow=['admins', 'mods', 'users']):
if note_form.is_valid():
note_form_uncommited = note_form.save(commit=False)
note_form_uncommited.author = request.user
note_form_uncommited.debate = get_object_or_404(Debate,
pk=request.POST['debateid'])
note_form_uncommited.title = request.POST['title']
note_form_uncommited.message = request.POST['message']
note_form_uncommited.column = get_object_or_404(Column,
pk=request.POST['column'])
note_form_uncommited.row = get_object_or_404(Row,
pk=request.POST['row'])
note_form_uncommited.save()
response_data = {}
response_data['id'] = note_form_uncommited.id
response_data['message'] = note_form_uncommited.message
response_data['title'] = note_form_uncommited.title
msg = "The note has been created."
return HttpResponse(json.dumps(response_data),
mimetype="application/json")
else:
msg = "The note form didn't validate. This fields gave errors: " + str(note_form.errors)
else:
msg = "The petition was not POST."
return HttpResponse(json.dumps(msg), mimetype="application/json")
def AddPoll(request, space_url):
"""
Create a new poll. Only registered users belonging to a concrete group
are allowed to create polls.
:parameters: space_url
:context: get_place
"""
place = get_object_or_404(Space, url=space_url)
poll_form = PollForm(request.POST or None)
choice_form = ChoiceFormSet(request.POST or None, prefix="choiceform")
try:
last_poll_id = Poll.objects.latest('id')
current_poll_id = last_poll_id.pk + 1
except ObjectDoesNotExist:
current_poll_id = 1
if (has_operation_permission(request.user, place, 'voting.add_poll', allow=['admins', 'mods'])):
if request.method == 'POST':
if poll_form.is_valid() and choice_form.is_valid():
poll_form_uncommited = poll_form.save(commit=False)
poll_form_uncommited.space = place
poll_form_uncommited.author = request.user
saved_poll = poll_form_uncommited.save()
poll_instance = get_object_or_404(Poll, pk=current_poll_id)
for form in choice_form.forms:
choice = form.save(commit=False)
choice.poll = poll_instance
choice.save()
return redirect('/spaces/' + space_url)
return render_to_response('voting/poll_form.html',
{'form': poll_form, 'choiceform': choice_form,
'get_place': place, 'pollid': current_poll_id,},
context_instance=RequestContext(request))
return render_to_response('not_allowed.html',context_instance=RequestContext(request))
def add_poll(request, space_url):
"""
Create a new poll. Only registered users belonging to a concrete group
are allowed to create polls. The polls are composed by a form and a choice
formset.
:parameters: space_url
:context: get_place
"""
space = get_object_or_404(Space, url=space_url)
poll_form = PollForm(request.POST or None)
choice_form = ChoiceFormSet(request.POST or None, prefix="choiceform",
queryset=Choice.objects.none())
if (has_operation_permission(request.user, space, 'voting.add_poll',
allow=['admins', 'mods'])):
if request.method == 'POST':
if poll_form.is_valid() and choice_form.is_valid():
poll_form_uncommited = poll_form.save(commit=False)
poll_form_uncommited.space = space
poll_form_uncommited.author = request.user
saved_poll = poll_form_uncommited.save()
poll_instance = get_object_or_404(Poll,
pk=poll_form_uncommited.pk)
cform_uncommited = choice_form.save(commit=False)
for cf in cform_uncommited:
cf.poll = poll_instance
cf.save()
return HttpResponseRedirect(reverse(urln.SPACE_INDEX,
kwargs={'space_url': space.url}))
return render_to_response('voting/poll_form.html', {'form': poll_form,
'choiceform': choice_form, 'get_place': space},
context_instance=RequestContext(request))
return render_to_response('not_allowed.html',
context_instance=RequestContext(request))
def vote_voting(request, space_url):
"""
View to control the votes during a votation process. Do not confuse with
proposals support_votes. This function creates a new ConfirmVote object
trough VoteForm with the user and a token. After that an email is sent
to the user with the token for validation. This function does not add the
votes.
.. versionadded:: 0.1.7
"""
proposal = get_object_or_404(Proposal, pk=request.POST['propid'])
space = get_object_or_404(Space, url=space_url)
voteform = VoteForm(request.POST)
if has_operation_permission(request.user, space, 'voting.change_voting', allow=['admins', 'mods',
'users']):
if request.method == 'POST' and voteform.is_valid():
# Generate the objetct
token = hashlib.md5("%s%s%s" % (request.user, space,
datetime.datetime.now())).hexdigest()
voteform_uncommitted = voteform.save(commit=False)
voteform_uncommitted.user = request.user
voteform_uncommitted.token = token
voteform_uncommitted.proposal = proposal
voteform_uncommitted.save()
# Send the email to the user. Get URL, get user mail, send mail.
space_absolute_url = space.get_absolute_url()
full_url = ''.join(['http://', get_current_site(request).domain,
space_absolute_url, 'voting/vote/validate/', token])
user_email = request.user.email
subject = _("Validate your vote")
body = _("You voted recently on a process in our platform, please validate your vote following this link: %s") % full_url
send_mail(subject, body, settings.DEFAULT_FROM_EMAIL, [user_email])
return HttpResponse("Vote emmited")
else:
return HttpResponse("Error P02: Couldn't emit the vote. You're not \
allowed.")
def delete_note(request, space_url):
"""
Deletes a note object.
"""
note = get_object_or_404(Note, pk=request.POST['noteid'])
place = get_object_or_404(Space, url=space_url)
if has_operation_permission(request.user, place, 'note.delete_note',
allow=['admins', 'mods']) or note.author == request.user:
ctype = ContentType.objects.get_for_model(Note)
all_comments = Comment.objects.filter(is_public=True,
is_removed=False, content_type=ctype,
object_pk=note.id).all()
for i in range(len(all_comments)):
all_comments[i].delete()
note.delete()
return HttpResponse("The note has been deleted.")
else:
return HttpResponse("You're not the author of the note. Can't delete.")
def support_proposal(request, space_url):
"""
Increment support votes for the proposal in 1. We porform some permission
checks, for example, the user has to be inside any of the user groups of
the space.
"""
prop = get_object_or_404(Proposal, pk=request.POST['propid'])
space = get_object_or_404(Space, url=space_url)
if has_operation_permission(request.user, space,
"proposals.change_proposal" ,allow=['admins', 'mods', 'users']):
try:
prop.support_votes.add(request.user)
return HttpResponse(" Support vote emmited.")
except:
return HttpResponse("Error P01: Couldn't emit the vote. Couldn't \
add the user to the count. Contact support and tell them the \
error code.")
else:
return HttpResponse("Error P02: Couldn't emit the vote. You're not \
allowed.")
def validate_voting(request, space_url, token):
"""
Validate the votes done in a votation process. This function checks if the
token provided by the user is the same located in the database. If the
token is the same, a vote is added, if not, we redirect the user to an
error page.
"""
space = get_object_or_404(Space, url=space_url)
if has_operation_permission(request.user, space,
"proposals.change_proposal", allow=['admins', 'mods', 'users']):
try:
tk = get_object_or_404(ConfirmVote, token=token)
prop = get_object_or_404(Proposal, pk=tk.proposal.id)
prop.votes.add(request.user)
return HttpResponse("Your vote has been validated.")
except:
return HttpResponse("Error V01: Couldn't find the token for validation or the token has already been used.")
tk.delete()
else:
return HttpResponse("Error V02: Couldn't emit the vote. You're not \
allowed.")
def get_object(self):
self.space = get_object_or_404(Space, url=self.kwargs['space_url'])
if has_operation_permission(self.request.user, self.space, 'debate.delete_debate', allow=['admins', 'mods']):
return get_object_or_404(Debate, pk=self.kwargs['debate_id'])
else:
self.template_name = 'not_allowed.html'
def get_object(self):
self.space = get_object_or_404(Space, url=self.kwargs["space_url"])
if has_operation_permission(self.request.user, self.space, "voting.delete_voting", allow=["admins", "mods"]):
return get_object_or_404(Voting, pk=self.kwargs["voting_id"])
else:
self.template_name = "not_allowed.html"
def get_object(self):
self.space = get_object_or_404(Space, url=self.kwargs['space_url'])
if has_operation_permission(self.request.user, self.space, 'voting.change_voting', allow=['admins', 'mods']):
return get_object_or_404(Voting, pk=self.kwargs['voting_id'])
else:
self.template_name = 'not_allowed.html'