def set_original_language(request, video_id):
"""
We only allow if a video is own a team, or the video owner is the
logged in user
"""
video = get_object_or_404(Video, video_id=video_id)
if not (can_edit_video(video.get_team_video(), request.user)
or video.user == request.user):
return HttpResponseForbidden("Can't touch this.")
form = ChangeVideoOriginalLanguageForm(
request.POST or None,
initial={'language_code': video.primary_audio_language_code})
if request.method == "POST" and form.is_valid():
video.primary_audio_language_code = form.cleaned_data['language_code']
video.save()
messages.success(
request,
fmt(_(u'The language for %(video)s has been changed'),
video=video))
return HttpResponseRedirect(
reverse("videos:set_original_language", args=(video_id, )))
return render_to_response("videos/set-original-language.html", {
"video": video,
'form': form
},
context_instance=RequestContext(request))
def test_can_edit_video(self):
user, team = self.user, self.team
# Policy: members.
team.video_policy = Team.VP_MEMBER
team.save()
for r in [ROLE_CONTRIBUTOR, ROLE_MANAGER, ROLE_ADMIN, ROLE_OWNER]:
with self.role(r):
self.assertTrue(can_edit_video(self.nonproject_video, user))
self.assertFalse(can_edit_video(self.nonproject_video, self.outsider))
# Policy: managers.
team.video_policy = Team.VP_MANAGER
team.save()
for r in [ROLE_MANAGER, ROLE_ADMIN, ROLE_OWNER]:
with self.role(r):
self.assertTrue(can_edit_video(self.nonproject_video, user))
with self.role(ROLE_CONTRIBUTOR):
self.assertFalse(can_edit_video(self.nonproject_video, user))
self.assertFalse(can_edit_video(self.nonproject_video, self.outsider))
# Make sure narrowings are taken into account.
with self.role(ROLE_MANAGER, self.test_project):
self.assertFalse(can_edit_video(self.nonproject_video, user))
self.assertTrue(can_edit_video(self.project_video, user))
# Policy: admins.
team.video_policy = Team.VP_ADMIN
team.save()
for r in [ROLE_ADMIN, ROLE_OWNER]:
with self.role(r):
self.assertTrue(can_edit_video(self.nonproject_video, user))
for r in [ROLE_CONTRIBUTOR, ROLE_MANAGER]:
with self.role(r):
self.assertFalse(can_edit_video(self.nonproject_video, user))
self.assertFalse(can_edit_video(self.nonproject_video, self.outsider))
def can_user_edit_video_urls(video, user):
"""Check if a user has permission to add a URL to a video."""
team_video = video.get_team_video()
if not team_video:
# for non-team videos, the allow_video_urls_edit attribute
# controls access. This should be True for all videos
return video.allow_video_urls_edit
else:
# for team videos, check if the user can edit the video
return teams_permissions.can_edit_video(team_video, user)
def user_can_edit_video(self, user):
return permissions.can_edit_video(self.team_video, user)