def clean_parent_topic(self):
pk = self.cleaned_data.get("parent_topic")
if pk:
parent_topic = Topic.objects.get(pk=int(pk))
if not permissions.has_permission_to_edit_topic(self.user, parent_topic):
raise ValidationError(_("You are not allowed to edit the topic “{parent_topic}”.").\
format(parent_topic=parent_topic.name))
return parent_topic
elif not permissions.has_permission_to_edit_topic(self.user):
raise ValidationError(_("You are only allowed to create sub topics. You have to select an upper topic."))
def clean_parent_topic(self):
pk = self.cleaned_data.get("parent_topic")
if pk:
parent_topic = Topic.objects.get(pk=int(pk))
if not permissions.has_permission_to_edit_topic(self.user, parent_topic):
raise ValidationError(_("You are not allowed to edit the topic “{parent_topic}”.").\
format(parent_topic=parent_topic.name))
return parent_topic
elif not permissions.has_permission_to_edit_topic(self.user):
raise ValidationError(_("You are only allowed to create sub topics. You have to select an upper topic."))
def list_(request):
"""View for a complete list of all topics that the user can edit. The
user may select one, which leads him to the membership view for this topic.
If the user can't edit any topic, a 404 is raised.
:param request: the current HTTP Request object
:type request: HttpRequest
:return:
the HTTP response object
:rtype: HttpResponse
"""
user = request.user
topics = []
for topic in Topic.objects.filter(parent_topic=None).iterator():
if topic.confidential and user not in topic.members.all() and not user.is_superuser:
continue
editable = False
if permissions.has_permission_to_edit_topic(user, topic):
editable = True
topics.append((topic, editable))
if not topics:
raise Http404("Can't find any topics.")
return render(request, "samples/list_topics.html", {"title": _("List of all topics"), "topics": topics})
def list_(request):
"""View for a complete list of all topics that the user can edit. The
user may select one, which leads him to the membership view for this topic.
If the user can't edit any topic, a 404 is raised.
:param request: the current HTTP Request object
:type request: HttpRequest
:return:
the HTTP response object
:rtype: HttpResponse
"""
user = request.user
topics = []
for topic in Topic.objects.filter(parent_topic=None).iterator():
if topic.confidential and user not in topic.members.all(
) and not user.is_superuser:
continue
editable = False
if permissions.has_permission_to_edit_topic(user, topic):
editable = True
topics.append((topic, editable))
if not topics:
raise Http404("Can't find any topics.")
return render(request, "samples/list_topics.html", {
"title": _("List of all topics"),
"topics": topics
})
def clean(self):
cleaned_data = super(EditTopicForm, self).clean()
if "members" in cleaned_data and "confidential" in cleaned_data:
if cleaned_data["confidential"] and \
not any(permissions.has_permission_to_edit_topic(user, self.topic) for user in cleaned_data["members"]):
self.add_error("members",
_("In confidential topics, at least one member must have permission to edit the topic."))
return cleaned_data
def clean(self):
cleaned_data = super(EditTopicForm, self).clean()
if "members" in cleaned_data and "confidential" in cleaned_data:
if cleaned_data["confidential"] and \
not any(permissions.has_permission_to_edit_topic(user, self.topic) for user in cleaned_data["members"]):
self.add_error("members", ValidationError(
_("In confidential topics, at least one member must have permission to edit the topic."), code="invalid"))
return cleaned_data
def __init__(self, user, *args, **kwargs):
super(NewTopicForm, self).__init__(*args, **kwargs)
self.fields["new_topic_name"].widget.attrs["size"] = 40
self.user = user
if user.is_superuser:
self.fields["parent_topic"].choices = [(topic.pk, topic) for topic in
Topic.objects.iterator()]
else:
self.fields["parent_topic"].choices = [(topic.pk, topic.get_name_for_user(user)) for topic in
Topic.objects.filter(department=user.jb_user_details.department).iterator()
if permissions.has_permission_to_edit_topic(user, topic)]
self.fields["parent_topic"].choices.insert(0, ("", 9 * "-"))
self.fields["topic_manager"].set_users(user, user)
self.fields["topic_manager"].initial = user.pk
def __init__(self, user, *args, **kwargs):
super(NewTopicForm, self).__init__(*args, **kwargs)
self.fields["new_topic_name"].widget.attrs["size"] = 40
self.user = user
if user.is_superuser:
self.fields["parent_topic"].choices = [(topic.pk, topic) for topic in
Topic.objects.iterator()]
else:
self.fields["parent_topic"].choices = [(topic.pk, topic.get_name_for_user(user)) for topic in
Topic.objects.filter(department=user.jb_user_details.department).iterator()
if permissions.has_permission_to_edit_topic(user, topic)]
self.fields["parent_topic"].choices.insert(0, ("", 9 * "-"))
self.fields["topic_manager"].set_users(user, user)
self.fields["topic_manager"].initial = user.pk
def list_(request):
"""View for a complete list of all topics that the user can edit. The
user may select one, which leads him to the membership view for this topic.
If the user can't edit any topic, a 404 is raised.
:param request: the current HTTP Request object
:type request: HttpRequest
:return:
the HTTP response object
:rtype: HttpResponse
"""
user = request.user
editable_topics = [topic for topic in Topic.objects.filter(parent_topic=None).all()
if permissions.has_permission_to_edit_topic(user, topic)]
if not editable_topics:
raise Http404("Can't find any topics that you can edit.")
return render(request, "samples/list_topics.html", {"title": _("List of all topics"), "topics": editable_topics})
def list_(request):
"""View for a complete list of all topics that the user can edit. The
user may select one, which leads him to the membership view for this topic.
If the user can't edit any topic, a 404 is raised.
:param request: the current HTTP Request object
:type request: HttpRequest
:return:
the HTTP response object
:rtype: HttpResponse
"""
user = request.user
editable_topics = [topic for topic in Topic.objects.filter(parent_topic=None).all()
if permissions.has_permission_to_edit_topic(user, topic)]
if not editable_topics:
raise Http404("Can't find any topics that you can edit.")
return render(request, "samples/list_topics.html", {"title": _("List of all topics"), "topics": editable_topics})
def main_menu(request):
"""The main menu view. It displays the “My Samples” list in a dynamic way, and
the actions that depend on the specific permissions a user has. The rest
is served static.
:param request: the current HTTP Request object
:type request: HttpRequest
:return:
the HTTP response object
:rtype: HttpResponse
"""
my_topics, topicless_samples = utils.build_structured_sample_list(
request.user)
allowed_physical_processes = permissions.get_allowed_physical_processes(
request.user)
lab_notebooks = []
for process_class, process in permissions.get_all_addable_physical_process_models(
).items():
try:
url = django.core.urlresolvers.reverse(
"lab_notebook_" + camel_case_to_underscores(process["type"]),
kwargs={"year_and_month": ""})
except django.core.urlresolvers.NoReverseMatch:
pass
else:
if permissions.has_permission_to_view_lab_notebook(
request.user, process_class):
lab_notebooks.append({
"label": process["label_plural"],
"url": url
})
if lab_notebooks:
lab_notebooks.sort(key=lambda process: process["label"].lower())
return render(
request, "samples/main_menu.html", {
"title":
_("Main menu"),
"my_topics":
my_topics,
"topicless_samples":
topicless_samples,
"add_sample_url":
django.core.urlresolvers.reverse(settings.ADD_SAMPLES_VIEW),
"user_hash":
permissions.get_user_hash(request.user),
"can_add_topic":
permissions.has_permission_to_edit_users_topics(request.user),
"can_edit_topics":
any(
permissions.has_permission_to_edit_topic(request.user, topic)
for topic in Topic.objects.all()),
"can_add_external_operator":
permissions.has_permission_to_add_external_operator(request.user),
"has_external_contacts":
request.user.external_contacts.exists() or
(ExternalOperator.objects.exists() and request.user.is_superuser),
"can_rename_samples":
request.user.has_perm("samples.rename_samples")
or request.user.is_superuser,
"physical_processes":
allowed_physical_processes,
"lab_notebooks":
lab_notebooks
})