Esempio n. 1
0
def update_position(request, space_url):

    """
    This view saves the new note position in the debate board. Instead of
    reloading all the note form with all the data, we use the partial form
    "UpdateNotePosition" which only handles the column and row of the note.
    """
    note = get_object_or_404(Note, pk=request.POST['noteid'])
    position_form = UpdateNotePosition(request.POST or None, instance=note)
    place = get_object_or_404(Space, url=space_url)

    if request.method == "POST" and request.is_ajax:
        if has_operation_permission(request.user, place, 'note.change_note',
        allow=['admins', 'mods']) or request.user == note.author:
            if position_form.is_valid():
                position_form_uncommited = position_form.save(commit=False)
                position_form_uncommited.column = get_object_or_404(Column,
                                                pk=request.POST['column'])
                position_form_uncommited.row = get_object_or_404(Row,
                                                pk=request.POST['row'])
                position_form_uncommited.save()
                msg = "The note has been updated."
            else:
                msg = "There has been an error validating the form."
        else:
            msg = "There was some error in the petition."

    return HttpResponse(msg)
Esempio n. 2
0
 def get_object(self):
     space = get_object_or_404(Space, url=self.kwargs['space_url'])
     if has_operation_permission(self.request.user, space,
                                 'voting.delete_poll', allow=['admins']):
         return get_object_or_404(Poll, pk=self.kwargs['poll_id'])
     else:
         self.template_name = 'not_allowed.html'
Esempio n. 3
0
 def get_object(self):
     space = get_object_or_404(Space, url=self.kwargs['space_url'])
     if has_operation_permission(self.request.user,
                                 space,
                                 'voting.delete_poll',
                                 allow=['admins']):
         return get_object_or_404(Poll, pk=self.kwargs['poll_id'])
     else:
         self.template_name = 'not_allowed.html'
Esempio n. 4
0
 def form_valid(self, form):
     self.space = get_object_or_404(Space, url=self.kwargs['space_url'])
     if has_operation_permission(self.request.user, self.space, 'voting.add_voting', allow=['admins', 'mods']):
         form_uncommited = form.save(commit=False)
         form_uncommited.author = self.request.user
         form_uncommited.space = self.space
         form_uncommited.save()
         form.save_m2m()
         return super(AddVoting, self).form_valid(form)
     else:
         template_name = 'not_allowed.html'
Esempio n. 5
0
    def get_object(self):
        prop_id = self.kwargs['prop_id']
        space_url = self.kwargs['space_url']
        proposal = get_object_or_404(Proposal, pk = prop_id)
        space = get_object_or_404(Space, url = space_url)

        if has_operation_permission(self.request.user, space,
        'proposals.delete_proposal', allow=['admins', 'mods']) \
        or proposal.author.id == self.request.user.id:
            return proposal
        else:
            return render_to_response('not_allowed.html',
                context_instance=RequestContext(self.request))
Esempio n. 6
0
    def form_valid(self, form):
        space = get_object_or_404(Space, url=self.kwargs['space_url'])

        if has_operation_permission(self.request.user, space,
        'proposals.add_proposal', allow=['admins', 'mods','users']):
            form_uncommited = form.save(commit=False)
            form_uncommited.space = space
            form_uncommited.author = self.request.user
            form_uncommited.save()

            return super(AddProposal, self).form_valid(form)
        else:
            return render_to_response('not_allowed.html',
                context_instance=RequestContext(self.request))
Esempio n. 7
0
def edit_debate(request, space_url, debate_id):

    pk = debate_id
    place = get_object_or_404(Space, url=space_url)

    if has_operation_permission(request.user, place, 'debate.change_debate',
                                allow=['admins', 'mods']):

        RowFormSet = inlineformset_factory(Debate, Row, extra=1)
        ColumnFormSet = inlineformset_factory(Debate, Column, extra=1)

        instance = Debate.objects.get(pk=debate_id)
        debate_form = DebateForm(request.POST or None, instance=instance)
        row_formset = RowFormSet(request.POST or None, instance=instance, prefix="rowform")
        column_formset = ColumnFormSet(request.POST or None, instance=instance, prefix="colform")

        if request.method == 'POST':
            if debate_form.is_valid() and row_formset.is_valid() \
                    and column_formset.is_valid():
                debate_form_uncommited = debate_form.save(commit=False)
                debate_form_uncommited.space = place
                debate_form_uncommited.author = request.user

                saved_debate = debate_form_uncommited.save()
                debate_instance = get_object_or_404(Debate,
                    pk=debate_id)

                row = row_formset.save(commit=False)
                for form in row:
                    form.debate = instance
                    form.save()

                    column = column_formset.save(commit=False)
                    for form in column:
                        form.debate = instance
                        form.save()

                return HttpResponseRedirect(reverse(urln.DEBATE_VIEW,
                    kwargs={'space_url': space_url,
                            'debate_id': str(debate_form_uncommited.id)}))

        return render_to_response('debate/debate_add.html',
                                  {'form': debate_form,
                                   'rowform': row_formset,
                                   'colform': column_formset,
                                   'get_place': place,
                                           'debateid': debate_id},
                                  context_instance=RequestContext(request))
    return render_to_response('not_allowed.html',
                              context_instance=RequestContext(request))
Esempio n. 8
0
def update_note(request, space_url):

    """
    Updated the current note with the POST data. UpdateNoteForm is an incomplete
    form that doesn't handle some properties, only the important for the note
    editing.
    """

    place = get_object_or_404(Space, url=space_url)

    if request.method == "GET" and request.is_ajax:
        note = get_object_or_404(Note, pk=request.GET['noteid'])
        ctype = ContentType.objects.get_for_model(Note)
        latest_comments = Comment.objects.filter(is_public=True,
            is_removed=False, content_type=ctype, object_pk=note.id) \
            .order_by('-submit_date')[:5]
        form = CommentForm(target_object=note)

        response_data = {}
        response_data['title'] = note.title
        response_data['message'] = note.message
        response_data['author'] = {'name': note.author.username}
        response_data['comments'] = [{'username': c.user.username,
            'comment': c.comment,
            'submit_date': c.submit_date} for c in latest_comments]
        response_data["form_html"] = form.as_p()

        return HttpResponse(json.dumps(response_data, cls=DjangoJSONEncoder),
                            mimetype="application/json")

    if request.method == "POST" and request.is_ajax:
        if has_operation_permission(request.user, place, 'note.change_note',
        allow=['admins', 'mods']) or request.user == note.author:
            note = get_object_or_404(Note, pk=request.POST['noteid'])
            note_form = UpdateNoteForm(request.POST or None, instance=note)
            if note_form.is_valid():
                note_form_uncommited = note_form.save(commit=False)
                note_form_uncommited.title = request.POST['title']
                note_form_uncommited.message = request.POST['message']
                note_form_uncommited.last_mod_author = request.user

                note_form_uncommited.save()
                msg = "The note has been updated."
            else:
                msg = "The form is not valid, check field(s): " + note_form.errors
            return HttpResponse(msg)
        else:
            msg = "There was some error in the petition."
    return HttpResponse(msg)
Esempio n. 9
0
def add_poll(request, space_url):
    """
    Create a new poll. Only registered users belonging to a concrete group
    are allowed to create polls. The polls are composed by a form and a choice
    formset.
    
    :parameters: space_url
    :context: get_place
    """
    space = get_object_or_404(Space, url=space_url)
    poll_form = PollForm(request.POST or None)
    choice_form = ChoiceFormSet(request.POST or None,
                                prefix="choiceform",
                                queryset=Choice.objects.none())

    if (has_operation_permission(request.user,
                                 space,
                                 'voting.add_poll',
                                 allow=['admins', 'mods'])):
        if request.method == 'POST':
            if poll_form.is_valid() and choice_form.is_valid():
                poll_form_uncommited = poll_form.save(commit=False)
                poll_form_uncommited.space = space
                poll_form_uncommited.author = request.user

                saved_poll = poll_form_uncommited.save()
                poll_instance = get_object_or_404(Poll,
                                                  pk=poll_form_uncommited.pk)

                cform_uncommited = choice_form.save(commit=False)
                for cf in cform_uncommited:
                    cf.poll = poll_instance
                    cf.save()

                return HttpResponseRedirect(
                    reverse(urln.SPACE_INDEX, kwargs={'space_url': space.url}))

        return render_to_response('voting/poll_form.html', {
            'form': poll_form,
            'choiceform': choice_form,
            'get_place': space
        },
                                  context_instance=RequestContext(request))

    return render_to_response('not_allowed.html',
                              context_instance=RequestContext(request))
Esempio n. 10
0
def edit_poll(request, space_url, poll_id):
    """
    Edit a specific poll.

    :parameters: space_url, poll_id
    :context: form, get_place, choiceform, pollid
    """
    place = get_object_or_404(Space, url=space_url)

    if has_operation_permission(request.user,
                                place,
                                'voting.change_poll',
                                allow=['admins', 'mods']):

        ChoiceFormSet = inlineformset_factory(Poll, Choice)
        instance = Poll.objects.get(pk=poll_id)
        poll_form = PollForm(request.POST or None, instance=instance)
        choice_form = ChoiceFormSet(request.POST or None,
                                    instance=instance,
                                    prefix="choiceform")

        if request.method == 'POST':
            if poll_form.is_valid() and choice_form.is_valid():
                poll_form_uncommited = poll_form.save(commit=False)
                poll_form_uncommited.space = place
                poll_form_uncommited.author = request.user

                saved_poll = poll_form_uncommited.save()

                for form in choice_form.forms:
                    choice = form.save(commit=False)
                    choice.poll = instance
                    choice.save()
                return HttpResponseRedirect(
                    reverse(urln.SPACE_INDEX, kwargs={'space_url': place.url}))

        return render_to_response('voting/poll_form.html', {
            'form': poll_form,
            'choiceform': choice_form,
            'get_place': place,
            'pollid': poll_id,
        },
                                  context_instance=RequestContext(request))
    else:
        return render_to_response('not_allowed.html',
                                  context_instance=RequestContext(request))
Esempio n. 11
0
def edit_poll(request, space_url, poll_id):

    """
    Edit a specific poll.

    :parameters: space_url, poll_id
    :context: form, get_place, choiceform, pollid
    """
    place = get_object_or_404(Space, url=space_url)

    if has_operation_permission(request.user, place, 'voting.change_poll',
                                allow=['admins', 'mods']):

        ChoiceFormSet = inlineformset_factory(Poll, Choice, extra=1)
        instance = Poll.objects.get(pk=poll_id)
        poll_form = PollForm(request.POST or None, instance=instance)
        choice_form = ChoiceFormSet(request.POST or None, instance=instance,
            prefix="choiceform")

        if request.method == 'POST':
            if poll_form.is_valid() and choice_form.is_valid():
                poll_form_uncommited = poll_form.save(commit=False)
                poll_form_uncommited.space = place
                poll_form_uncommited.author = request.user

                saved_poll = poll_form_uncommited.save()

                choices = choice_form.save(commit=False)

                for form in choices:
                    form.poll = instance
                    form.save()

                return HttpResponseRedirect(reverse(urln.SPACE_INDEX,
                kwargs={'space_url': place.url}))

        return render_to_response('voting/poll_form.html',
                                 {'form': poll_form,
                                  'choiceform': choice_form,
                                  'get_place': place,
                                  'pollid': poll_id, },
                                 context_instance=RequestContext(request))
    else:
        return render_to_response('not_allowed.html',
            context_instance=RequestContext(request))
Esempio n. 12
0
def create_note(request, space_url):

    """
    This function creates a new note inside the debate board. It receives the
    order from the createNote() AJAX function. To create the note first we
    create the note in the DB, and if successful we return some of its
    parameters to the debate board for the user. In case the petition had
    errors, we return the error message that will be shown by jsnotify.

    .. versionadded:: 0.1.5
    """
    note_form = NoteForm(request.POST or None)
    place = get_object_or_404(Space, url=space_url)

    if request.method == "POST" and request.is_ajax:
        if has_operation_permission(request.user, place, 'note.add_note',
        allow=['admins', 'mods', 'users']):
            if note_form.is_valid():
                note_form_uncommited = note_form.save(commit=False)
                note_form_uncommited.author = request.user
                note_form_uncommited.debate = get_object_or_404(Debate,
                    pk=request.POST['debateid'])
                note_form_uncommited.title = request.POST['title']
                note_form_uncommited.message = request.POST['message']
                note_form_uncommited.column = get_object_or_404(Column,
                    pk=request.POST['column'])
                note_form_uncommited.row = get_object_or_404(Row,
                    pk=request.POST['row'])
                note_form_uncommited.save()

                response_data = {}
                response_data['id'] = note_form_uncommited.id
                response_data['message'] = note_form_uncommited.message
                response_data['title'] = note_form_uncommited.title
                msg = "The note has been created."
                return HttpResponse(json.dumps(response_data),
                                    mimetype="application/json")

            else:
                msg = "The note form didn't validate. This fields gave errors: " + str(note_form.errors)
        else:
            msg = "The petition was not POST."

    return HttpResponse(json.dumps(msg), mimetype="application/json")
Esempio n. 13
0
def AddPoll(request, space_url):

    """
    Create a new poll. Only registered users belonging to a concrete group
    are allowed to create polls. 
    
    :parameters: space_url
    :context: get_place
    """
    place = get_object_or_404(Space, url=space_url)
    poll_form = PollForm(request.POST or None)
    choice_form = ChoiceFormSet(request.POST or None, prefix="choiceform")

    try:
        last_poll_id = Poll.objects.latest('id')
        current_poll_id = last_poll_id.pk + 1
    except ObjectDoesNotExist:
        current_poll_id = 1

    if (has_operation_permission(request.user, place, 'voting.add_poll', allow=['admins', 'mods'])):
        if request.method == 'POST':
            if poll_form.is_valid() and choice_form.is_valid():
                poll_form_uncommited = poll_form.save(commit=False)
                poll_form_uncommited.space = place
                poll_form_uncommited.author = request.user

                saved_poll = poll_form_uncommited.save()
                poll_instance = get_object_or_404(Poll, pk=current_poll_id)

                for form in choice_form.forms:
                    choice = form.save(commit=False)
                    choice.poll = poll_instance
                    choice.save()

                return redirect('/spaces/' + space_url)
                
        return render_to_response('voting/poll_form.html',
            {'form': poll_form, 'choiceform': choice_form,
             'get_place': place, 'pollid': current_poll_id,},
             context_instance=RequestContext(request))
    
    return render_to_response('not_allowed.html',context_instance=RequestContext(request))
Esempio n. 14
0
def add_poll(request, space_url):

    """
    Create a new poll. Only registered users belonging to a concrete group
    are allowed to create polls. The polls are composed by a form and a choice
    formset.

    :parameters: space_url
    :context: get_place
    """
    space = get_object_or_404(Space, url=space_url)
    poll_form = PollForm(request.POST or None)
    choice_form = ChoiceFormSet(request.POST or None, prefix="choiceform",
        queryset=Choice.objects.none())

    if (has_operation_permission(request.user, space, 'voting.add_poll',
                                 allow=['admins', 'mods'])):
        if request.method == 'POST':
            if poll_form.is_valid() and choice_form.is_valid():
                poll_form_uncommited = poll_form.save(commit=False)
                poll_form_uncommited.space = space
                poll_form_uncommited.author = request.user

                saved_poll = poll_form_uncommited.save()
                poll_instance = get_object_or_404(Poll,
                    pk=poll_form_uncommited.pk)

                cform_uncommited = choice_form.save(commit=False)
                for cf in cform_uncommited:
                    cf.poll = poll_instance
                    cf.save()

                return HttpResponseRedirect(reverse(urln.SPACE_INDEX,
                kwargs={'space_url': space.url}))

        return render_to_response('voting/poll_form.html', {'form': poll_form,
            'choiceform': choice_form, 'get_place': space},
            context_instance=RequestContext(request))

    return render_to_response('not_allowed.html',
        context_instance=RequestContext(request))
Esempio n. 15
0
def vote_voting(request, space_url):

    """
    View to control the votes during a votation process. Do not confuse with
    proposals support_votes. This function creates a new ConfirmVote object
    trough VoteForm with the user and a token. After that an email is sent
    to the user with the token for validation. This function does not add the
    votes.

    .. versionadded:: 0.1.7
    """
    proposal = get_object_or_404(Proposal, pk=request.POST['propid'])
    space = get_object_or_404(Space, url=space_url)
    voteform = VoteForm(request.POST)

    if has_operation_permission(request.user, space, 'voting.change_voting', allow=['admins', 'mods',
                                                                                    'users']):
        if request.method == 'POST' and voteform.is_valid():
            # Generate the objetct
            token = hashlib.md5("%s%s%s" % (request.user, space,
                        datetime.datetime.now())).hexdigest()
            voteform_uncommitted = voteform.save(commit=False)
            voteform_uncommitted.user = request.user
            voteform_uncommitted.token = token
            voteform_uncommitted.proposal = proposal
            voteform_uncommitted.save()

            # Send the email to the user. Get URL, get user mail, send mail.
            space_absolute_url = space.get_absolute_url()
            full_url = ''.join(['http://', get_current_site(request).domain,
                        space_absolute_url, 'voting/vote/validate/', token])
            user_email = request.user.email
            subject = _("Validate your vote")
            body = _("You voted recently on a process in our platform, please validate your vote following this link: %s") % full_url
            send_mail(subject, body, settings.DEFAULT_FROM_EMAIL, [user_email])

            return HttpResponse("Vote emmited")

    else:
        return HttpResponse("Error P02: Couldn't emit the vote. You're not \
            allowed.")
Esempio n. 16
0
def delete_note(request, space_url):

    """
    Deletes a note object.
    """
    note = get_object_or_404(Note, pk=request.POST['noteid'])
    place = get_object_or_404(Space, url=space_url)

    if has_operation_permission(request.user, place, 'note.delete_note',
    allow=['admins', 'mods']) or note.author == request.user:
        ctype = ContentType.objects.get_for_model(Note)
        all_comments = Comment.objects.filter(is_public=True,
                is_removed=False, content_type=ctype,
                object_pk=note.id).all()
        for i in range(len(all_comments)):
            all_comments[i].delete()
        note.delete()
        return HttpResponse("The note has been deleted.")

    else:
        return HttpResponse("You're not the author of the note. Can't delete.")
Esempio n. 17
0
def support_proposal(request, space_url):

    """
    Increment support votes for the proposal in 1. We porform some permission
    checks, for example, the user has to be inside any of the user groups of
    the space.
    """
    prop = get_object_or_404(Proposal, pk=request.POST['propid'])
    space = get_object_or_404(Space, url=space_url)

    if has_operation_permission(request.user, space,
    "proposals.change_proposal" ,allow=['admins', 'mods', 'users']):
        try:
            prop.support_votes.add(request.user)
            return HttpResponse(" Support vote emmited.")
        except:
            return HttpResponse("Error P01: Couldn't emit the vote. Couldn't \
                add the user to the count. Contact support and tell them the \
                error code.")
    else:
        return HttpResponse("Error P02: Couldn't emit the vote. You're not \
            allowed.")
Esempio n. 18
0
def validate_voting(request, space_url, token):

    """
    Validate the votes done in a votation process. This function checks if the
    token provided by the user is the same located in the database. If the
    token is the same, a vote is added, if not, we redirect the user to an
    error page.
    """
    space = get_object_or_404(Space, url=space_url)

    if has_operation_permission(request.user, space,
    "proposals.change_proposal", allow=['admins', 'mods', 'users']):
        try:
            tk = get_object_or_404(ConfirmVote, token=token)
            prop = get_object_or_404(Proposal, pk=tk.proposal.id)
            prop.votes.add(request.user)
            return HttpResponse("Your vote has been validated.")
        except:
            return HttpResponse("Error V01: Couldn't find the token for validation or the token has already been used.")
        tk.delete()

    else:
        return HttpResponse("Error V02: Couldn't emit the vote. You're not \
            allowed.")
Esempio n. 19
0
 def get_object(self):
     self.space = get_object_or_404(Space, url=self.kwargs['space_url'])
     if has_operation_permission(self.request.user, self.space, 'debate.delete_debate', allow=['admins', 'mods']):
         return get_object_or_404(Debate, pk=self.kwargs['debate_id'])
     else:
         self.template_name = 'not_allowed.html'
Esempio n. 20
0
 def get_object(self):
     self.space = get_object_or_404(Space, url=self.kwargs["space_url"])
     if has_operation_permission(self.request.user, self.space, "voting.delete_voting", allow=["admins", "mods"]):
         return get_object_or_404(Voting, pk=self.kwargs["voting_id"])
     else:
         self.template_name = "not_allowed.html"
Esempio n. 21
0
 def get_object(self):
     self.space = get_object_or_404(Space, url=self.kwargs['space_url'])
     if has_operation_permission(self.request.user, self.space, 'voting.change_voting', allow=['admins', 'mods']):
         return get_object_or_404(Voting, pk=self.kwargs['voting_id'])
     else:
         self.template_name = 'not_allowed.html'