def __init__(self, *args, **kwargs):
super(JobForm, self).__init__(*args, **kwargs)
if self.instance.pk:
self.fields['description'].widget.mce_attrs['app_instance_id'] = self.instance.pk
#self.fields['pricing'].initial = JobPricing.objects.filter(duration=self.instance.requested_duration)[0]
if is_admin(self.user):
self.fields['status_detail'].choices = STATUS_DETAIL_CHOICES
else:
self.fields['description'].widget.mce_attrs['app_instance_id'] = 0
self.fields['pricing'].choices = pricing_choices(self.user)
if 'payment_method' in self.fields:
self.fields['payment_method'].widget = forms.RadioSelect(choices=get_payment_method_choices(self.user))
# adjust fields depending on user status
fields_to_pop = []
if not self.user.is_authenticated():
fields_to_pop += [
'entity',
'allow_anonymous_view',
'user_perms',
'group_perms',
'member_perms',
'post_dt',
'activation_dt',
'expiration_dt',
'syndicate',
'status',
'status_detail'
]
else:
fields_to_pop += [
'captcha'
]
if not is_admin(self.user):
fields_to_pop += [
'slug',
'entity',
'allow_anonymous_view',
'user_perms',
'member_perms',
'group_perms',
'post_dt',
'activation_dt',
'expiration_dt',
'syndicate',
'status',
'status_detail'
]
if not is_developer(self.user):
fields_to_pop += [
'status'
]
for f in list(set(fields_to_pop)):
if f in self.fields:
self.fields.pop(f)
def __init__(self, *args, **kwargs):
super(ServiceForm, self).__init__(*args, **kwargs)
if self.instance.pk:
self.fields["description"].widget.mce_attrs["app_instance_id"] = self.instance.pk
else:
self.fields["description"].widget.mce_attrs["app_instance_id"] = 0
# adjust fields depending on user status
fields_to_pop = []
if not self.user.is_authenticated():
fields_to_pop += [
"allow_anonymous_view",
"user_perms",
"group_perms",
"activation_dt",
"expiration_dt",
"syndicate",
"status",
"status_detail",
]
else:
fields_to_pop += ["captcha"]
if not is_admin(self.user):
fields_to_pop += ["status", "status_detail"]
if not is_developer(self.user):
fields_to_pop += ["status"]
for f in list(set(fields_to_pop)):
if f in self.fields:
self.fields.pop(f)
def index(request, template_name="reports/index.html"):
if not is_admin(request.user) and is_developer(request.user):
raise Http403
return render_to_response(template_name, {},
context_instance=RequestContext(request))
def __init__(self, *args, **kwargs):
if 'user_this' in kwargs:
self.user_this = kwargs.pop('user_this', None)
else:
self.user_this = None
if 'user_current' in kwargs:
self.user_current = kwargs.pop('user_current', None)
else:
self.user_current = None
if 'required_fields_list' in kwargs:
self.required_fields_list = kwargs.pop('required_fields_list', None)
else:
self.required_fields_list = None
super(ProfileForm, self).__init__(*args, **kwargs)
if self.user_this:
self.fields['first_name'].initial = self.user_this.first_name
self.fields['last_name'].initial = self.user_this.last_name
self.fields['username'].initial = self.user_this.username
if self.user_this.is_superuser and self.user_this.is_staff:
self.fields['security_level'].initial = "developer"
elif self.user_this.is_staff:
self.fields['security_level'].initial = "admin"
else:
self.fields['security_level'].initial = "user"
if self.user_this.is_active == 1:
self.fields['interactive'].initial = 1
else:
self.fields['interactive'].initial = 0
del self.fields['password1']
del self.fields['password2']
if not is_admin(self.user_current):
del self.fields['admin_notes']
del self.fields['security_level']
del self.fields['status']
del self.fields['status_detail']
if is_admin(self.user_current) and not is_developer(self.user_current):
self.fields['security_level'].choices=(('user','User'), ('admin','Admin'),)
if not is_admin(self.user_current):
if 'status' in self.fields: self.fields.pop('status')
if 'status_detail' in self.fields: self.fields.pop('status_detail')
# we make first_name, last_name, email, username and password as required field regardless
# the rest of fields will be decided by the setting - UsersRequiredFields
if self.required_fields_list:
for field in self.required_fields_list:
for myfield in self.fields:
if field == self.fields[myfield].label:
self.fields[myfield].required = True
continue
def __init__(self, *args, **kwargs):
super(LocationForm, self).__init__(*args, **kwargs)
if not is_admin(self.user):
if 'status' in self.fields: self.fields.pop('status')
if 'status_detail' in self.fields: self.fields.pop('status_detail')
if not is_developer(self.user):
if 'status' in self.fields: self.fields.pop('status')
def get_imp_user(username, real_user):
"""
Search for an impersonated user
and return the user object
"""
from perms.utils import is_developer
user = None
if username == 'anonymous':
user = AnonymousUser()
else:
try:
user = User.objects.get(username=username)
except:
pass
# Don't allow non-developers to impersonate developers
if not is_developer(real_user) and is_developer(user):
return None
return user
def __init__(self, *args, **kwargs):
super(FormForm, self).__init__(*args, **kwargs)
if not is_admin(self.user):
if "status" in self.fields:
self.fields.pop("status")
if "status_detail" in self.fields:
self.fields.pop("status_detail")
if not is_developer(self.user):
if "status" in self.fields:
self.fields.pop("status")
def __init__(self, *args, **kwargs):
super(ArticleForm, self).__init__(*args, **kwargs)
if self.instance.pk:
self.fields['body'].widget.mce_attrs['app_instance_id'] = self.instance.pk
else:
self.fields['body'].widget.mce_attrs['app_instance_id'] = 0
if not is_admin(self.user):
if 'status' in self.fields: self.fields.pop('status')
if 'status_detail' in self.fields: self.fields.pop('status_detail')
if not is_developer(self.user):
if 'status' in self.fields: self.fields.pop('status')
def render(self, context):
user = self.resolve(self.user, context)
if isinstance(user, User):
is_developer = utils.is_developer(user)
else:
is_developer= False
if self.var_name:
context[self.var_name] = is_developer
return ""
else:
return is_developer
def _permissions_sqs(self, sqs, user, status, status_detail, **kwargs):
from perms.utils import is_admin, is_member, is_developer
if is_admin(user) or is_developer(user):
sqs = sqs.all()
else:
if user.is_anonymous():
sqs = self._anon_sqs(sqs, status=status, status_detail=status_detail)
elif is_member(user):
sqs = self._member_sqs(sqs, user, status=status,
status_detail=status_detail)
else:
sqs = self._user_sqs(sqs, user, status=status,
status_detail=status_detail)
return sqs
def get_key(self, user, api_key):
"""
Attempts to find the API key for the user. Uses ``ApiKey`` by default
In addition this checks if the user is a developer.
If the user is not even if he has a key he will still be unauthorized.
"""
from tastypie.models import ApiKey
if not is_developer(user):
return self._unauthorized()
try:
key = ApiKey.objects.get(user=user, key=api_key)
except ApiKey.DoesNotExist:
return self._unauthorized()
return True
def roles(self):
from perms.utils import is_developer, is_admin, is_member
role_set = []
if is_developer(self.user):
role_set.append('developer')
if is_admin(self.user):
role_set.append('admin')
if is_member(self.user):
role_set.append('member')
if self.user.is_active:
role_set.append('user')
return role_set or ['disabled']
def __init__(self, *args, **kwargs):
super(HelpFileForm, self).__init__(*args, **kwargs)
if self.instance.pk:
self.fields['answer'].widget.mce_attrs['app_instance_id'] = self.instance.pk
else:
self.fields['answer'].widget.mce_attrs['app_instance_id'] = 0
if not is_admin(self.user):
if 'status' in self.fields: self.fields.pop('status')
if 'status_detail' in self.fields: self.fields.pop('status_detail')
if 'allow_anonymous_view' in self.fields: self.fields.pop('allow_anonymous_view')
if 'user_perms' in self.fields: self.fields.pop('user_perms')
if 'member_perms' in self.fields: self.fields.pop('member_perms')
if 'group_perms' in self.fields: self.fields.pop('group_perms')
if 'syndicate' in self.fields: self.fields.pop('syndicate')
if not is_developer(self.user):
if 'status' in self.fields: self.fields.pop('status')
def check_security(request, *args, **kwargs):
user_security_level = 'anonymous'
if request.user.is_authenticated():
if is_developer(request.user):
user_security_level = 'developer'
elif is_admin(request.user):
user_security_level = 'administrator'
else:
user_security_level = 'user'
boo = False
if self.page_security_level == 'anonymous':
boo = True
elif self.page_security_level == 'user':
if user_security_level <> 'anonymous':
boo = True
elif self.page_security_level == 'administrator':
if user_security_level == 'administrator' or user_security_level == 'developer':
boo = True
elif self.page_security_level == 'developer':
if user_security_level == 'developer':
boo = True
if boo:
# if request.user.is_authenticated(), log an event here
return f(request, *args, **kwargs)
else:
if request.user.is_authenticated():
raise Http403
else:
# redirect to login page
redirect_field_name=REDIRECT_FIELD_NAME
login_url = settings.LOGIN_URL
path = urlquote(request.get_full_path())
tup = login_url, redirect_field_name, path
return HttpResponseRedirect('%s?%s=%s' % tup)
def __init__(self, *args, **kwargs):
super(DirectoryForm, self).__init__(*args, **kwargs)
if self.instance.pk:
self.fields["body"].widget.mce_attrs["app_instance_id"] = self.instance.pk
if is_admin(self.user):
self.fields["status_detail"].choices = (
("active", "Active"),
("inactive", "Inactive"),
("pending", "Pending"),
("paid - pending approval", "Paid - Pending Approval"),
)
else:
self.fields["body"].widget.mce_attrs["app_instance_id"] = 0
if self.instance.logo:
self.fields["logo"].help_text = (
'<input name="remove_photo" id="id_remove_photo" type="checkbox"/> Remove current logo: <a target="_blank" href="/site_media/media/%s">%s</a>'
% (self.instance.logo, basename(self.instance.logo.file.name))
)
else:
self.fields.pop("remove_photo")
if not is_admin(self.user):
if "status" in self.fields:
self.fields.pop("status")
if "status_detail" in self.fields:
self.fields.pop("status_detail")
if not is_developer(self.user):
if "status" in self.fields:
self.fields.pop("status")
if self.fields.has_key("payment_method"):
self.fields["payment_method"].widget = forms.RadioSelect(choices=get_payment_method_choices(self.user))
if self.fields.has_key("requested_duration"):
self.fields["requested_duration"].choices = get_duration_choices()
def search(self, query=None, *args, **kwargs):
"""
Search the Django Haystack search index
Returns a SearchQuerySet object
"""
from perms.utils import is_admin, is_member, is_developer
sqs = kwargs.get('sqs', SearchQuerySet())
# user information
user = kwargs.get('user') or AnonymousUser()
user = self._impersonation(user)
self.user = user
# if the status_detail is something like "published"
# then you can specify the kwargs to override
status_detail = kwargs.get('status_detail', 'active')
if query:
sqs = sqs.auto_query(sqs.query.clean(query))
if is_admin(user) or is_developer(user):
sqs = sqs.all()
else:
if user.is_anonymous():
sqs = anon3_sqs(sqs, status_detail=status_detail)
elif is_member(user):
sqs = self._member_sqs(sqs, user=user,
status_detail=status_detail)
else:
sqs = user3_sqs(sqs, user=user,
status_detail=status_detail)
# pass
return sqs.models(self.model)
def clean_user(self):
user = self.cleaned_data['user']
if not is_developer(user):
raise forms.ValidationError('This user is not a developer.')
return user
def application_details(request, slug=None, cmb_id=None, imv_id=0, imv_guid=None, secret_hash="", membership_id=0, template_name="memberships/applications/details.html"):
"""
Display a built membership application and handle submission.
"""
if not slug: raise Http404
user = request.user
app = get_object_or_404(App, slug=slug)
if not app.allow_view_by(user):
raise Http403
# if this app is for corporation individuals, redirect them to corp-pre page if
# they have not passed the security check.
is_corp_ind = False
corporate_membership = None
if hasattr(app, 'corp_app') and app.corp_app:
if not cmb_id:
# redirect them to the corp_pre page
return redirect(reverse('membership.application_details_corp_pre', args=[app.slug]))
is_corp_ind = True
corporate_membership = get_object_or_404(CorporateMembership, id=cmb_id)
# check if they have verified their email or entered the secret code
is_verified = False
if is_admin(request.user) or app.corp_app.authentication_method == 'admin':
is_verified = True
elif app.corp_app.authentication_method == 'email':
try:
indiv_veri = IndivMembEmailVeri8n.objects.get(pk=imv_id,
guid=imv_guid)
if indiv_veri.verified:
is_verified = True
except IndivMembEmailVeri8n.DoesNotExist:
pass
elif app.corp_app.authentication_method == 'secret_code':
tmp_secret_hash = md5('%s%s' % (corporate_membership.secret_code,
request.session.get('corp_hash_random_string', ''))).hexdigest()
if secret_hash == tmp_secret_hash:
is_verified = True
if not is_verified:
return redirect(reverse('membership.application_details_corp_pre', args=[slug]))
# log application details view
EventLog.objects.log(**{
'event_id' : 655000,
'event_data': '%s (%d) viewed by %s' % (app._meta.object_name, app.pk, user),
'description': '%s viewed' % app._meta.object_name,
'user': user,
'request': request,
'instance': app,
})
initial_dict = {}
if hasattr(user, 'memberships'):
membership = user.memberships.get_membership()
is_only_a_member = [
is_developer(user) == False,
is_admin(user) == False,
is_member(user) == True,
]
if corporate_membership:
# exclude corp. reps, creator and owner - they should be able to add new
is_only_a_member.append(corporate_membership.allow_edit_by(user)==False)
# deny access to renew memberships
if all(is_only_a_member):
initial_dict = membership.get_app_initial(app)
if not membership.can_renew():
return render_to_response("memberships/applications/no-renew.html", {
"app": app, "user":user, "membership": membership},
context_instance=RequestContext(request))
pending_entries = []
if hasattr(user, 'appentry_set'):
pending_entries = user.appentry_set.filter(
is_approved__isnull = True, # pending
)
# if an application entry was submitted
# after your current membership was created
if user.memberships.get_membership():
pending_entries.filter(
entry_time__gte = user.memberships.get_membership().subscribe_dt
)
app_entry_form = AppEntryForm(
app,
request.POST or None,
request.FILES or None,
user=user,
corporate_membership=corporate_membership,
initial=initial_dict,
)
if request.method == "POST":
if app_entry_form.is_valid():
entry = app_entry_form.save(commit=False)
entry_invoice = entry.save_invoice()
if user.is_authenticated():
entry.user = user
entry.is_renewal = all(is_only_a_member)
# add all permissions and save the model
entry = update_perms_and_save(request, app_entry_form, entry)
# administrators go to approve/disapprove page
if is_admin(user):
return redirect(reverse('membership.application_entries', args=[entry.pk]))
# send "joined" notification
Notice.send_notice(
entry=entry,
request = request,
emails=entry.email,
notice_type='join',
membership_type=entry.membership_type,
)
if entry_invoice.total == 0:
if not entry_invoice.is_tendered:
entry_invoice.tender(request.user)
# online payment
if entry_invoice.total>0 and entry.payment_method and entry.payment_method.is_online:
return HttpResponseRedirect(reverse(
'payments.views.pay_online',
args=[entry_invoice.pk, entry_invoice.guid]
))
if not entry.approval_required():
entry.approve()
# silence old memberships within renewal period
Membership.objects.silence_old_memberships(entry.user)
# get user from the membership since it's null in the entry
entry.user = entry.membership.user
membership_total = Membership.objects.filter(status=True, status_detail='active').count()
# send "approved" notification
Notice.send_notice(
request = request,
emails=entry.email,
notice_type='approve',
membership=entry.membership,
membership_type=entry.membership_type,
)
if not user.is_authenticated():
from django.core.mail import send_mail
from django.utils.http import int_to_base36
from django.contrib.auth.tokens import default_token_generator
from site_settings.utils import get_setting
token_generator = default_token_generator
site_url = get_setting('site', 'global', 'siteurl')
site_name = get_setting('site', 'global', 'sitedisplayname')
# send new user account welcome email (notification)
notification.send_emails([entry.user.email],'user_welcome', {
'site_url': site_url,
'site_name': site_name,
'uid': int_to_base36(entry.user.id),
'user': entry.user,
'username': entry.user.username,
'token': token_generator.make_token(entry.user),
})
# log - entry approval
EventLog.objects.log(**{
'event_id' : 1082101,
'event_data': '%s (%d) approved by %s' % (entry._meta.object_name, entry.pk, entry.judge),
'description': '%s viewed' % entry._meta.object_name,
'user': user,
'request': request,
'instance': entry,
})
# log - entry submission
EventLog.objects.log(**{
'event_id' : 1081000,
'event_data': '%s (%d) submitted by %s' % (entry._meta.object_name, entry.pk, request.user),
'description': '%s viewed' % entry._meta.object_name,
'user': user,
'request': request,
'instance': entry,
})
return redirect(entry.confirmation_url)
return render_to_response(template_name, {
'app': app,
'app_entry_form': app_entry_form,
'pending_entries': pending_entries,
}, context_instance=RequestContext(request))
