def bulk_add(request, template_name="files/bulk-add.html"):
if not has_perm(request.user, "files.add_file"):
raise Http403
FileFormSet = modelformset_factory(
File,
form=FileForm,
can_delete=True,
fields=("name", "allow_anonymous_view", "user_perms", "member_perms", "group_perms", "status"),
extra=0,
)
if request.method == "POST":
# Setup formset html for json response
file_list = []
file_formset = FileFormSet(request.POST)
if file_formset.is_valid():
file_formset.save()
else:
# Handle formset errors
return render_to_response(
template_name, {"file_formset": file_formset}, context_instance=RequestContext(request)
)
formset_edit = True
# Handle existing files. Instance returned by file_formset.save() is not enough
for num in xrange(file_formset.total_form_count()):
key = "form-" + str(num) + "-id"
if request.POST.get(key):
file_list.append(request.POST.get(key))
# Handle new file uploads
for file in request.FILES.getlist("files"):
newFile = File(file=file)
# set up the user information
newFile.creator = request.user
newFile.creator_username = request.user.username
newFile.owner = request.user
newFile.owner_username = request.user.username
newFile.save()
file_list.append(newFile.id)
formset_edit = False
# Redirect if form_set is edited i.e. not a file select or drag event
if formset_edit:
return HttpResponseRedirect(reverse("file.search"))
# Handle json response
file_qs = File.objects.filter(id__in=file_list)
file_formset = FileFormSet(queryset=file_qs)
html = render_to_response(
"files/file-formset.html", {"file_formset": file_formset}, context_instance=RequestContext(request)
).content
data = {"form_set": html}
response = JSONResponse(data, {}, "application/json")
response["Content-Disposition"] = "inline; filename=files.json"
return response
else:
file_formset = FileFormSet({"form-TOTAL_FORMS": u"0", "form-INITIAL_FORMS": u"0", "form-MAX_NUM_FORMS": u""})
return render_to_response(template_name, {"file_formset": file_formset}, context_instance=RequestContext(request))
def locations_import_preview(request, id, template_name='locations/import-map-fields.html'):
"""
This will generate a form based on the uploaded CSV for field mapping.
A preview will be generated based on the mapping given.
"""
locport = get_object_or_404(LocationImport, pk=id)
if request.method == 'POST':
form = ImportMapForm(request.POST, locport=locport)
if form.is_valid():
# Show the user a preview based on the mapping
cleaned_data = form.cleaned_data
#file_path = os.path.join(settings.MEDIA_ROOT, locport.get_file().file.name)
file_path = locport.get_file().file.name
locations, stats = parse_locs_from_csv(file_path, cleaned_data)
# return the form to use it for the confirm view
template_name = 'locations/import-preview.html'
return render_to_response(template_name, {
'locations': locations,
'stats': stats,
'locport': locport,
'form': form,
'now': datetime.now(),
}, context_instance=RequestContext(request))
else:
form = ImportMapForm(locport=locport)
return render_to_response(template_name, {
'form': form,
'locport': locport,
'now': datetime.now(),
}, context_instance=RequestContext(request))
def edit(request, id, form_class=DirectoryForm, template_name="directories/edit.html"):
directory = get_object_or_404(Directory, pk=id)
if not has_perm(request.user,'directories.change_directory', directory):
raise Http403
form = form_class(request.POST or None, request.FILES or None,
instance=directory,
user=request.user)
del form.fields['payment_method']
if not request.user.profile.is_superuser:
del form.fields['pricing']
del form.fields['list_type']
if request.method == "POST":
if form.is_valid():
directory = form.save(commit=False)
if directory.logo:
try:
directory.logo.file.seek(0)
except IOError:
directory.logo = None
# update all permissions and save the model
directory = update_perms_and_save(request, form, directory)
# resize the image that has been uploaded
if directory.logo:
if settings.USE_S3_STORAGE:
resize_s3_image(directory.logo.name)
else:
try:
logo = Image.open(directory.logo.path)
logo.thumbnail((200,200),Image.ANTIALIAS)
logo.save(directory.logo.path)
except:
pass
messages.add_message(request, messages.SUCCESS, 'Successfully updated %s' % directory)
return HttpResponseRedirect(reverse('directory', args=[directory.slug]))
else:
form = form_class(instance=directory, user=request.user)
return render_to_response(template_name, {'directory': directory, 'form':form},
context_instance=RequestContext(request))
return render_to_response(template_name, {'directory': directory, 'form':form},
context_instance=RequestContext(request))
def search(request, template_name="articles/search.html"):
get = dict(request.GET)
query = get.pop('q', [])
get.pop('page', None) # pop page query string out; page ruins pagination
query_extra = ['%s:%s' % (k, v[0]) for k, v in get.items() if v[0].strip()]
query = ' '.join(query)
if query_extra:
query = '%s %s' % (query, ' '.join(query_extra))
if get_setting('site', 'global', 'searchindex') and query:
articles = Article.objects.search(query, user=request.user)
else:
filters = get_query_filters(request.user, 'articles.view_article')
articles = Article.objects.filter(filters).distinct()
if not request.user.is_anonymous():
articles = articles.select_related()
if not has_perm(request.user, 'articles.view_article'):
articles = articles.filter(release_dt__lte=datetime.now())
articles = articles.order_by('-release_dt')
EventLog.objects.log()
# Query list of category and subcategory for dropdown filters
category = request.GET.get('category')
try:
category = int(category)
except:
category = 0
categories, sub_categories = Article.objects.get_categories(category=category)
return render_to_response(template_name, {'articles': articles, 'categories': categories,
'sub_categories': sub_categories},
context_instance=RequestContext(request))
def edit_meta(request, id, form_class=MetaForm, template_name="articles/edit-meta.html"):
# check permission
article = get_object_or_404(Article, pk=id)
if not has_perm(request.user, 'articles.change_article', article):
raise Http403
defaults = {
'title': article.get_title(),
'description': article.get_description(),
'keywords': article.get_keywords(),
'canonical_url': article.get_canonical_url(),
}
article.meta = MetaTags(**defaults)
if request.method == "POST":
form = form_class(request.POST, instance=article.meta)
if form.is_valid():
article.meta = form.save() # save meta
article.save() # save relationship
messages.add_message(request, messages.SUCCESS, 'Successfully updated meta for %s' % article)
return HttpResponseRedirect(reverse('article', args=[article.slug]))
else:
form = form_class(instance=article.meta)
return render_to_response(template_name, {'article': article, 'form': form},
context_instance=RequestContext(request))
def add(request, form_class=ArticleForm, template_name="articles/add.html"):
if has_perm(request.user, 'articles.add_article'):
if request.method == "POST":
form = form_class(request.POST, user=request.user)
if form.is_valid():
article = form.save(commit=False)
# add all permissions and save the model
update_perms_and_save(request, form, article)
messages.add_message(request, messages.SUCCESS, 'Successfully added %s' % article)
# send notification to administrator(s) and module recipient(s)
recipients = get_notice_recipients('module', 'articles', 'articlerecipients')
if recipients and notification:
notification.send_emails(recipients, 'article_added', {
'object': article,
'request': request,
})
return HttpResponseRedirect(reverse('article', args=[article.slug]))
else:
form = form_class(user=request.user)
return render_to_response(template_name, {'form': form},
context_instance=RequestContext(request))
else:
raise Http403
def nearest(request, template_name="locations/nearest.html"):
locations = []
lat, lng = None, None
query = request.GET.get('q')
filters = get_query_filters(request.user, 'locations.view_location')
if query:
lat, lng = get_coordinates(address=query)
all_locations = Location.objects.filter(filters).distinct()
if not request.user.is_anonymous():
all_locations = all_locations.select_related()
if all((lat,lng)):
for location in all_locations:
location.distance = location.get_distance2(lat, lng)
if location.distance != None:
locations.append(location)
locations.sort(key=lambda x: x.distance)
EventLog.objects.log()
return render_to_response(template_name, {
'locations':locations,
'origin': {'lat':lat,'lng':lng},
}, context_instance=RequestContext(request))
def delete(request, id, template_name="articles/delete.html"):
article = get_object_or_404(Article, pk=id)
if has_perm(request.user, 'articles.delete_article'):
if request.method == "POST":
messages.add_message(request, messages.SUCCESS, 'Successfully deleted %s' % article)
# send notification to administrators
recipients = get_notice_recipients('module', 'articles', 'articlerecipients')
if recipients:
if notification:
extra_context = {
'object': article,
'request': request,
}
notification.send_emails(recipients, 'article_deleted', extra_context)
article.delete()
return HttpResponseRedirect(reverse('article.search'))
return render_to_response(template_name, {'article': article},
context_instance=RequestContext(request))
else:
raise Http403
def memberphotos(request, username, template_name="photos/memberphotos.html", group_slug=None, bridge=None):
""" Get the members photos and display them """
if bridge:
try:
group = bridge.get_group(group_slug)
except ObjectDoesNotExist:
raise Http404
else:
group = None
user = get_object_or_404(User, username=username)
photos = Image.objects.filter(
member__username = username,
is_public = True
)
if group:
photos = group.content_objects(photos, join="pool")
else:
photos = photos.filter(pool__object_id=None)
photos = photos.order_by("-date_added")
return render_to_response(template_name, {
"group": group,
"photos": photos,
}, context_instance=RequestContext(request))
def edit(request, id, form_class=NewsForm, template_name="news/edit.html"):
news = get_object_or_404(News, pk=id)
# check permission
if not has_perm(request.user, 'news.change_news', news):
raise Http403
form = form_class(instance=news, user=request.user)
if request.method == "POST":
form = form_class(request.POST, request.FILES, instance=news, user=request.user)
if form.is_valid():
news = form.save(commit=False)
# update all permissions and save the model
news = update_perms_and_save(request, form, news)
# save photo
photo = form.cleaned_data['photo_upload']
if photo:
news.save(photo=photo)
assign_files_perms(news, files=[news.thumbnail])
messages.add_message(request, messages.SUCCESS, 'Successfully updated %s' % news)
return HttpResponseRedirect(reverse('news.detail', args=[news.slug]))
return render_to_response(template_name, {'news': news, 'form': form},
context_instance=RequestContext(request))
def export(request, template_name="locations/export.html"):
"""Export Locations"""
if not request.user.is_superuser:
raise Http403
if request.method == 'POST':
# initilize initial values
fields = [
'guid',
'location_name',
'description',
'contact',
'address',
'address2',
'city',
'state',
'zipcode',
'country',
'phone',
'fax',
'email',
'website',
'latitude',
'longitude',
'hq',
'entity',
]
export_id = run_export_task('locations', 'location', fields)
EventLog.objects.log()
return redirect('export.status', export_id)
return render_to_response(template_name, {
}, context_instance=RequestContext(request))
def pricing_add(request, form_class=JobPricingForm,
template_name="jobs/pricing-add.html"):
if has_perm(request.user, 'jobs.add_jobpricing'):
if request.method == "POST":
form = form_class(request.POST)
if form.is_valid():
job_pricing = form.save(commit=False)
job_pricing.status = 1
job_pricing.save(request.user)
EventLog.objects.log(instance=job_pricing)
if "_popup" in request.REQUEST:
return HttpResponse('<script type="text/javascript">opener.dismissAddAnotherPopup(window, "%s", "%s");</script>' % (escape(job_pricing.pk), escape(job_pricing)))
return HttpResponseRedirect(
reverse('job_pricing.view', args=[job_pricing.id]))
else:
form = form_class()
if "_popup" in request.REQUEST:
template_name="jobs/pricing-add-popup.html"
return render_to_response(template_name, {'form': form},
context_instance=RequestContext(request))
else:
raise Http403
def add(request, form_class=LocationForm, template_name="locations/add.html"):
if has_perm(request.user,'locations.add_location'):
if request.method == "POST":
form = form_class(request.POST, request.FILES, user=request.user)
if form.is_valid():
location = form.save(commit=False)
# update all permissions and save the model
location = update_perms_and_save(request, form, location)
if 'photo_upload' in form.cleaned_data:
photo = form.cleaned_data['photo_upload']
if photo:
location.save(photo=photo)
messages.add_message(request, messages.SUCCESS, 'Successfully added %s' % location)
return HttpResponseRedirect(reverse('location', args=[location.pk]))
else:
form = form_class(user=request.user)
return render_to_response(template_name, {'form':form},
context_instance=RequestContext(request))
else:
raise Http403
def locations_import_upload(request, template_name='locations/import-upload-file.html'):
"""
This is the upload view for the location imports.
This will upload the location import file and then redirect the user
to the import mapping/preview page of the import file
"""
if request.method == 'POST':
form = UploadForm(request.POST, request.FILES)
if form.is_valid():
cleaned_data = form.cleaned_data
locport = LocationImport.objects.create(creator=request.user)
csv = File.objects.save_files_for_instance(request, locport)[0]
#file_path = os.path.join(settings.MEDIA_ROOT, csv.file.name)
file_path = str(csv.file.name)
import_valid, import_errs = is_import_valid(file_path)
if not import_valid:
for err in import_errs:
messages.add_message(request, messages.ERROR, err)
locport.delete()
return redirect('locations_import_upload_file')
EventLog.objects.log()
# reset the password_promt session
request.session['password_promt'] = False
return redirect('locations_import_preview', locport.id)
else:
form = UploadForm()
return render_to_response(template_name, {
'form': form,
'now': datetime.now(),
}, context_instance=RequestContext(request))
def edit(request, id=None, form_class=HelpFileForm, template_name="help_files/edit.html"):
help_file = get_object_or_404(HelpFile, pk=id)
if has_perm(request.user,'help_files.change_helpfile', help_file):
if request.method == "POST":
form = form_class(request.POST, instance=help_file, user=request.user)
if form.is_valid():
help_file = form.save(commit=False)
# add all permissions and save the model
help_file = update_perms_and_save(request, form, help_file)
form.save_m2m()
messages.add_message(request, messages.SUCCESS, 'Successfully edited %s' % help_file)
# send notification to administrator(s) and module recipient(s)
recipients = get_notice_recipients('module', 'help_files', 'helpfilerecipients')
# if recipients and notification:
# notification.send_emails(recipients,'help_file_added', {
# 'object': help_file,
# 'request': request,
# })
return HttpResponseRedirect(reverse('help_file.details', args=[help_file.slug]))
else:
form = form_class(instance=help_file, user=request.user)
return render_to_response(template_name, {'help_file': help_file, 'form':form},
context_instance=RequestContext(request))
else:
raise Http403
def edit_meta(request, id, form_class=MetaForm,
template_name="jobs/edit-meta.html"):
# check permission
job = get_object_or_404(Job, pk=id)
if not has_perm(request.user, 'jobs.change_job', job):
raise Http403
defaults = {
'title': job.get_title(),
'description': job.get_description(),
'keywords': job.get_keywords(),
'canonical_url': job.get_canonical_url(),
}
job.meta = MetaTags(**defaults)
if request.method == "POST":
form = form_class(request.POST, instance=job.meta)
if form.is_valid():
job.meta = form.save() # save meta
job.save() # save relationship
msg_string = 'Successfully updated meta for %s' % job
messages.add_message(request, messages.SUCCESS, _(msg_string))
return HttpResponseRedirect(reverse('job', args=[job.slug]))
else:
form = form_class(instance=job.meta)
return render_to_response(template_name, {'job': job, 'form': form},
context_instance=RequestContext(request))
def photoset_add(request, form_class=PhotoSetAddForm, template_name="photos/photo-set/add.html"):
""" Add a photo set """
# if no permission; permission exception
if not has_perm(request.user,'photos.add_photoset'):
raise Http403
if request.method == "POST":
if request.POST["action"] == "add":
form = form_class(request.POST, user=request.user)
if form.is_valid():
photo_set = form.save(commit=False)
photo_set.author = request.user
# update all permissions and save the model
photo_set = update_perms_and_save(request, form, photo_set)
messages.add_message(request, messages.SUCCESS, 'Successfully added photo set!')
return HttpResponseRedirect(reverse('photos_batch_add', kwargs={'photoset_id':photo_set.id}))
else:
form = form_class(user=request.user)
return render_to_response(template_name, {
"photoset_form": form,
}, context_instance=RequestContext(request))
def photoset_details(request, id, template_name="photos/photo-set/details.html"):
""" View photos in photo set """
photo_set = get_object_or_404(PhotoSet, id=id)
if not has_view_perm(request.user, 'photos.view_photoset', photo_set):
raise Http403
order = get_setting('module', 'photos', 'photoordering')
#if order == 'descending':
# photos = photo_set.get_images(user=request.user).order_by('-pk')
#else:
# photos = photo_set.get_images(user=request.user).order_by('pk')
photos = photo_set.get_images(user=request.user).order_by("position")
EventLog.objects.log(**{
'event_id': 991500,
'event_data': '%s (%d) viewed by %s' % (photo_set._meta.object_name, photo_set.pk, request.user),
'description': '%s viewed' % photo_set._meta.object_name,
'user': request.user,
'request': request,
'instance': photo_set,
})
return render_to_response(template_name, {
"photos": photos,
"photo_set": photo_set,
}, context_instance=RequestContext(request))
def edit_meta(request, id, form_class=MetaForm, template_name="pages/edit-meta.html"):
"""
Return page that allows you to edit meta-html information.
"""
# check permission
page = get_object_or_404(Page, pk=id)
if not has_perm(request.user, 'pages.change_page', page):
raise Http403
defaults = {
'title': page.get_title(),
'description': page.get_description(),
'keywords': page.get_keywords(),
'canonical_url': page.get_canonical_url(),
}
page.meta = MetaTags(**defaults)
if request.method == "POST":
form = form_class(request.POST, instance=page.meta)
if form.is_valid():
page.meta = form.save() # save meta
page.save() # save relationship
messages.add_message(request, messages.SUCCESS,
_('Successfully updated meta for %(p)s' % {'p': unicode(page)}))
return HttpResponseRedirect(reverse('page', args=[page.slug]))
else:
form = form_class(instance=page.meta)
return render_to_response(template_name, {'page': page, 'form': form},
context_instance=RequestContext(request))
def index(request, template_name="help_files/index.html"):
"""List all topics and all links"""
topic_pks = []
filters = get_query_filters(request.user, 'help_files.view_helpfile')
# Access the join table and iterate over a dict to avoid
# n+1 queries to get all of the correct topics.
byhelpfile = {}
for tp in HelpFile_Topics.objects.select_related('helpfile', 'topic').all():
byhelpfile.setdefault(tp.helpfile.id, []).append(tp.topic)
# Use stored lists
for hf in HelpFile.objects.filter(filters).distinct():
if byhelpfile.get(hf.id, ''):
for topic in byhelpfile[hf.id]:
topic_pks.append(topic.pk)
topic_pks = sorted(list(set(topic_pks)))
topics = Topic.objects.filter(pk__in=topic_pks)
m = len(topics) / 2
topics = topics[:m], topics[m:] # two columns
most_viewed = HelpFile.objects.filter(filters).order_by('-view_totals').distinct()[:5]
featured = HelpFile.objects.filter(filters).filter(is_featured=True).distinct()[:5]
faq = HelpFile.objects.filter(filters).filter(is_faq=True).distinct()[:3]
EventLog.objects.log()
return render_to_response(template_name, locals(),
context_instance=RequestContext(request))
def delete(request, id, template_name="news/delete.html"):
news = get_object_or_404(News, pk=id)
# check permission
if not has_perm(request.user, 'news.delete_news'):
raise Http403
if request.method == "POST":
messages.add_message(request, messages.SUCCESS, 'Successfully deleted %s' % news)
# send notification to administrators
recipients = get_notice_recipients('module', 'news', 'newsrecipients')
if recipients:
if notification:
extra_context = {
'object': news,
'request': request,
}
notification.send_emails(recipients, 'news_deleted', extra_context)
news.delete()
return HttpResponseRedirect(reverse('news.search'))
return render_to_response(template_name, {'news': news},
context_instance=RequestContext(request))
def search(request, template_name="resumes/search.html"):
"""
This page lists out all resumes from newest to oldest.
If a search index is available, this page will also
have the option to search through resumes.
"""
has_index = get_setting('site', 'global', 'searchindex')
query = request.GET.get('q', None)
if has_index and query:
resumes = Resume.objects.search(query, user=request.user)
else:
filters = get_query_filters(request.user, 'resumes.view_resume')
resumes = Resume.objects.filter(filters).distinct()
if request.user.is_authenticated():
resumes = resumes.select_related()
resumes = resumes.order_by('-create_dt')
EventLog.objects.log(**{
'event_id' : 354000,
'event_data': '%s searched by %s' % ('Resume', request.user),
'description': '%s searched' % 'Resume',
'user': request.user,
'request': request,
'source': 'resumes'
})
return render_to_response(template_name, {'resumes':resumes},
context_instance=RequestContext(request))
def delete(request, id, template_name="jobs/delete.html"):
job = get_object_or_404(Job, pk=id)
if has_perm(request.user, 'jobs.delete_job', job):
if request.method == "POST":
msg_string = 'Successfully deleted %s' % job
messages.add_message(request, messages.SUCCESS, _(msg_string))
# send notification to administrators
recipients = get_notice_recipients(
'module', 'jobs', 'jobrecipients')
if recipients:
if notification:
extra_context = {
'object': job,
'request': request,
}
notification.send_emails(recipients,
'job_deleted', extra_context)
job.delete()
return HttpResponseRedirect(reverse('job.search'))
return render_to_response(template_name, {'job': job},
context_instance=RequestContext(request))
else:
raise Http403
def export(request, template_name="pages/export.html"):
"""Export Pages"""
if not request.user.is_superuser:
raise Http403
if request.method == 'POST':
fields = [
'guid',
'title',
'slug',
'header_image',
'content',
'view_contact_form',
'design_notes',
'syndicate',
'template',
'tags',
'entity',
'meta',
'categories',
]
export_id = run_export_task('pages', 'page', fields)
return redirect('export.status', export_id)
return render_to_response(template_name, {
}, context_instance=RequestContext(request))
def approve(request, id, template_name="resumes/approve.html"):
if not request.user.profile.is_superuser:
raise Http403
resume = get_object_or_404(Resume, pk=id)
if request.method == "POST":
resume.activation_dt = datetime.now()
resume.allow_anonymous_view = True
resume.status = True
resume.status_detail = 'active'
if not resume.creator:
resume.creator = request.user
resume.creator_username = request.user.username
if not resume.owner:
resume.owner = request.user
resume.owner_username = request.user.username
resume.save()
messages.add_message(request, messages.SUCCESS, 'Successfully approved %s' % resume)
return HttpResponseRedirect(reverse('resume', args=[resume.slug]))
return render_to_response(template_name, {'resume': resume},
context_instance=RequestContext(request))
def photoset_zip(request, id, template_name="photos/photo-set/zip.html"):
""" Generate zip file for the entire photo set
for admins only.
"""
photo_set = get_object_or_404(PhotoSet, id=id)
#admin only
if not request.user.profile.is_superuser:
raise Http403
file_path = ""
task_id = ""
if not settings.CELERY_IS_ACTIVE:
task = ZipPhotoSetTask()
file_path = task.run(photo_set)
else:
task = ZipPhotoSetTask.delay(photo_set)
task_id = task.task_id
return render_to_response(template_name, {
"photo_set": photo_set,
"task_id":task_id,
"file_path":file_path,
}, context_instance=RequestContext(request))
def delete(request, id, template_name="pages/delete.html"):
page = get_object_or_404(Page, pk=id)
if not has_perm(request.user, 'pages.delete_page'):
raise Http403
if request.method == "POST":
EventLog.objects.log(instance=page)
messages.add_message(request, messages.SUCCESS,
_('Successfully deleted %(p)s' % { 'p': unicode(page)}))
# send notification to administrators
recipients = get_notice_recipients('module', 'pages', 'pagerecipients')
if recipients:
if notification:
extra_context = {
'object': page,
'request': request,
}
notification.send_emails(recipients, 'page_deleted', extra_context)
# Soft delete
page.status = False
page.status_detail = 'inactive'
page.save()
return HttpResponseRedirect(reverse('page.search'))
return render_to_response(template_name, {'page': page},
context_instance=RequestContext(request))
def export(request, template_name="help_files/export.html"):
"""Export Help Files"""
if not request.user.is_superuser:
raise Http403
if request.method == 'POST':
# initilize initial values
file_name = "help_files.csv"
fields = [
'slug',
'topics',
'question',
'answer',
'level',
'is_faq',
'is_featured',
'is_video',
'syndicate',
'view_totals',
]
export_id = run_export_task('help_files', 'helpfile', fields)
EventLog.objects.log()
return redirect('export.status', export_id)
return render_to_response(template_name, {
}, context_instance=RequestContext(request))
def locations_import_confirm(request, id, template_name='locations/import-confirm.html'):
"""
Confirm the locations import and continue with the process.
This can only be accessed via a hidden post form from the preview page.
That will hold the original mappings selected by the user.
"""
locport = get_object_or_404(LocationImport, pk=id)
if request.method == "POST":
form = ImportMapForm(request.POST, locport=locport)
if form.is_valid():
cleaned_data = form.cleaned_data
file_path = str(locport.get_file().file.name)
if not settings.CELERY_IS_ACTIVE:
# if celery server is not present
# evaluate the result and render the results page
result = ImportLocationsTask()
locations, stats = result.run(request.user, file_path, cleaned_data)
return render_to_response(template_name, {
'locations': locations,
'stats': stats,
'now': datetime.now(),
}, context_instance=RequestContext(request))
else:
result = ImportLocationsTask.delay(request.user, file_path, cleaned_data)
return redirect('locations_import_status', result.task_id)
else:
return redirect('locations_import_preview', locport.id)
def add(request, form_class=FormForm, template_name="forms/add.html"):
if not has_perm(request.user,'forms.add_form'):
raise Http403
PricingFormSet = inlineformset_factory(Form, Pricing, form=PricingForm, extra=2, can_delete=False)
formset = PricingFormSet()
if request.method == "POST":
form = form_class(request.POST, user=request.user)
if form.is_valid():
form_instance = form.save(commit=False)
# save form and associated pricings
form_instance = update_perms_and_save(request, form, form_instance)
formset = PricingFormSet(request.POST, instance=form_instance)
if formset.is_valid():
# update_perms_and_save does not appear to consider ManyToManyFields
for method in form.cleaned_data['payment_methods']:
form_instance.payment_methods.add(method)
formset.save()
messages.add_message(request, messages.SUCCESS, 'Successfully added %s' % form_instance)
return HttpResponseRedirect(reverse('form_field_update', args=[form_instance.pk]))
else:
form = form_class(user=request.user)
return render_to_response(template_name, {
'form':form,
'formset':formset,
}, context_instance=RequestContext(request))
def details(request, slug=None, template_name="directories/view.html"):
if not slug: return HttpResponseRedirect(reverse('directories'))
directory = get_object_or_404(Directory, slug=slug)
if has_view_perm(request.user,'directories.view_directory',directory):
EventLog.objects.log(instance=directory)
return render_to_response(template_name, {'directory': directory},
context_instance=RequestContext(request))
else:
raise Http403
def report_top_spenders(request, template_name="reports/top_spenders.html"):
"""Show dollars per user report"""
if not request.user.is_superuser:
raise Http403
entry_list = User.objects.order_by('-profile__total_spend')[:10]
return render_to_response(template_name, {
'entry_list': entry_list,
},
context_instance=RequestContext(request))
def print_view(request, id, template_name="files/print-view.html"):
file = get_object_or_404(File, pk=id)
# check permission
if not has_view_perm(request.user, 'files.view_file', file):
raise Http403
return render_to_response(
template_name, {
'file': file
}, context_instance=RequestContext(request))
def form_sent(request, slug, template="forms/form_sent.html"):
"""
Show the response message.
"""
published = Form.objects.published(for_user=request.user)
form = get_object_or_404(published, slug=slug)
# set form's template to default if no template or template doesn't exist
if not form.template or not template_exists(form.template):
form.template = "default.html"
context = {"form": form, "form_template": form.template}
return render_to_response(template, context, RequestContext(request))
def entries_export_status(request, task_id, template_name="forms/entry_export_status.html"):
try:
task = TaskMeta.objects.get(task_id=task_id)
except TaskMeta.DoesNotExist:
task = None
return render_to_response(template_name, {
'task':task,
'task_id':task_id,
'user_this':None,
}, context_instance=RequestContext(request))
def pending(request, template_name="jobs/pending.html"):
can_view_jobs = has_perm(request.user, 'jobs.view_job')
can_change_jobs = has_perm(request.user, 'jobs.change_job')
if not all([can_view_jobs, can_change_jobs]):
raise Http403
EventLog.objects.log()
jobs = Job.objects.filter(status_detail__contains='pending')
return render_to_response(template_name, {'jobs': jobs},
context_instance=RequestContext(request))
def export(request, template_name="directories/export.html"):
"""Export Directories"""
if not request.user.is_superuser:
raise Http403
if request.method == 'POST':
# initilize initial values
file_name = "directories.csv"
fields = [
'guid',
'slug',
'timezone',
'headline',
'summary',
'body',
'source',
'logo',
'first_name',
'last_name',
'address',
'address2',
'city',
'state',
'zip_code',
'country',
'phone',
'phone2',
'fax',
'email',
'email2',
'website',
'list_type',
'requested_duration',
'pricing',
'activation_dt',
'expiration_dt',
'invoice',
'payment_method',
'syndicate',
'design_notes',
'admin_notes',
'tags',
'enclosure_url',
'enclosure_type',
'enclosure_length',
'entity',
]
export_id = run_export_task('directories', 'directory', fields)
EventLog.objects.log()
return redirect('export.status', export_id)
return render_to_response(template_name, {
}, context_instance=RequestContext(request))
def entries(request, id, template_name="forms/entries.html"):
form = get_object_or_404(Form, pk=id)
if not has_perm(request.user,'forms.change_form',form):
raise Http403
entries = form.entries.all()
EventLog.objects.log(instance=form)
return render_to_response(template_name, {'form':form,'entries': entries},
context_instance=RequestContext(request))
def print_view(request, slug, template_name="jobs/print-view.html"):
job = get_object_or_404(Job, slug=slug)
can_view = has_view_perm(request.user, 'jobs.view_job', job)
if can_view:
EventLog.objects.log(instance=job)
return render_to_response(template_name, {'job': job},
context_instance=RequestContext(request))
else:
raise Http403
def edit(request, id, form_class=FileForm, template_name="files/edit.html"):
file = get_object_or_404(File, pk=id)
# check permission
if not has_perm(request.user, 'files.change_file', file):
raise Http403
if request.method == "POST":
form = form_class(request.POST,
request.FILES,
instance=file,
user=request.user)
if form.is_valid():
file = form.save(commit=False)
# update all permissions and save the model
file = update_perms_and_save(request, form, file)
#setup categories
category = Category.objects.get_for_object(file, 'category')
sub_category = Category.objects.get_for_object(
file, 'sub_category')
## update the category of the file
category_removed = False
category = file.file_cat.name if file.file_cat else None
if category:
Category.objects.update(file, category, 'category')
else: # remove
category_removed = True
Category.objects.remove(file, 'category')
Category.objects.remove(file, 'sub_category')
if not category_removed:
# update the sub category of the article
sub_category = file.file_sub_cat.name if file.file_sub_cat else None
if sub_category:
Category.objects.update(file, sub_category, 'sub_category')
else: # remove
Category.objects.remove(file, 'sub_category')
file.save()
return HttpResponseRedirect(reverse('file.search'))
else:
form = form_class(instance=file, user=request.user)
return render_to_response(template_name, {
'file': file,
'form': form,
},
context_instance=RequestContext(request))
def export(request, template_name="forms/export.html"):
"""Export forms"""
if not request.user.is_superuser:
raise Http403
if request.method == 'POST':
export_id = run_export_task('forms_builder.forms', 'form', [])
EventLog.objects.log()
return redirect('export.status', export_id)
return render_to_response(template_name, {
}, context_instance=RequestContext(request))
def detail(request, slug, template_name="help_files/details.html"):
"""Help file details"""
help_file = get_object_or_404(HelpFile, slug=slug)
if has_view_perm(request.user, 'help_files.view_helpfile', help_file):
HelpFile.objects.filter(pk=help_file.pk).update(
view_totals=help_file.view_totals + 1)
EventLog.objects.log(instance=help_file)
return render_to_response(template_name, {'help_file': help_file},
context_instance=RequestContext(request))
else:
raise Http403
def search_report(request, template_name="invoices/search.html"):
from django.db.models import Q
def is_number(num):
try:
float(num)
return True
except ValueError:
return False
#query
query = request.GET.get('q', None)
invoices = Invoice.objects.all()
if query:
if is_number(query):
invoices = invoices.filter(
Q(pk=query) | Q(total=query)
| Q(balance=query) | Q(title__icontains=query))
else:
invoices = invoices.filter(Q(title__icontains=query))
#permissions
if request.user.profile.is_superuser or has_perm(request.user,
'invoices.view_invoice'):
invoices = invoices.order_by('object_type', '-create_dt')
for i in invoices: #[0:2]:
print i.title, i.object_id, i.object_type
ct = ContentType.objects.get_for_model(Invoice)
print ct, ct.__module__, ct.pk, i.pk
# invoice_ids = invoices_objects.value_list('object_id', flat=True).filter(content_type = ct)
# events = Invoice.objects.filter(pk__in=event_ids)
# if i.object_type == 'registration':
# print 'hello'
# else: print 'not'
print dir(ct)
else:
if request.user.is_authenticated():
invoices = invoices.filter(
Q(creator=request.user)
| Q(owner=request.user)).order_by('-create_dt')
else:
raise Http403
EventLog.objects.log()
return render_to_response(template_name, {
'invoices': invoices,
'query': query
},
context_instance=RequestContext(request))
def pending(request, template_name="directories/pending.html"):
can_view_directories = has_perm(request.user, 'directories.view_directory')
can_change_directories = has_perm(request.user, 'directories.change_directory')
if not all([can_view_directories, can_change_directories]):
raise Http403
directories = Directory.objects.filter(status_detail__contains='pending')
EventLog.objects.log()
return render_to_response(template_name, {'directories': directories},
context_instance=RequestContext(request))
def index(request,
slug=None,
id=None,
hash=None,
template_name="pages/view.html"):
"""
Return page object, either as an archive, active, or version.
"""
if not slug and not id and not hash:
return HttpResponseRedirect(reverse('page.search'))
if hash:
version = get_object_or_404(Version, hash=hash)
current_page = get_object_or_404(Page, pk=version.object_id)
page = version.get_version_object()
msg_string = 'You are viewing a previous version of this article. View the ' + \
'<a href="%s">Current Version</a>.' % current_page.get_absolute_url()
messages.add_message(request, messages.WARNING, _(msg_string))
elif id:
page = get_object_or_404(Page, pk=id)
if page.status_detail != 'active':
if not request.user.is_authenticated():
pages = Page.objects.filter(
slug=page.slug, status_detail='active').order_by('-pk')
if not pages:
pages = Page.objects.filter(slug=slug).order_by('-pk')
if not pages:
raise Http404
return HttpResponseRedirect(reverse('page', args=[page.slug]))
else:
try:
page = get_object_or_404(Page, slug=slug)
except Page.MultipleObjectsReturned:
pages = Page.objects.filter(slug=slug,
status_detail='active').order_by('-pk')
if not pages:
pages = Page.objects.filter(slug=slug).order_by('-pk')
if not pages:
raise Http404
page = pages[0]
if not has_view_perm(request.user, 'pages.view_page', page):
raise Http403
if not page.template or not template_exists(page.template):
page.template = "pages/base.html"
EventLog.objects.log(instance=page)
return render_to_response(template_name, {'page': page},
context_instance=RequestContext(request))
def pricing_view(request, id, template_name="directories/pricing-view.html"):
directory_pricing = get_object_or_404(DirectoryPricing, id=id)
if has_perm(request.user, 'directories.view_directorypricing',
directory_pricing):
EventLog.objects.log(instance=directory_pricing)
return render_to_response(template_name,
{'directory_pricing': directory_pricing},
context_instance=RequestContext(request))
else:
raise Http403
def add(request, form_class=ResumeForm, template_name="resumes/add.html"):
can_add_active = has_perm(request.user, 'resumes.add_resume')
if request.method == "POST":
form = form_class(request.POST or None, user=request.user)
if form.is_valid():
resume = form.save(commit=False)
# set it to pending if the user does not have add permission
if not can_add_active:
resume.status_detail = 'pending'
# set up the expiration time based on requested duration
now = datetime.now()
resume.expiration_dt = now + timedelta(
days=resume.requested_duration)
resume = update_perms_and_save(request, form, resume)
# we need to save instance first since we need the id for the file path
if request.FILES:
resume.resume_file = request.FILES['resume_file']
resume.resume_file.file.seek(0)
resume.save()
EventLog.objects.log(instance=resume)
if request.user.is_authenticated():
messages.add_message(
request, messages.SUCCESS,
_('Successfully added %(r)s' % {'r': resume}))
# send notification to administrators
recipients = get_notice_recipients('module', 'resumes',
'resumerecipients')
if recipients:
if notification:
extra_context = {
'object': resume,
'request': request,
}
notification.send_emails(recipients, 'resume_added',
extra_context)
if not request.user.is_authenticated():
return HttpResponseRedirect(reverse('resume.thank_you'))
else:
return HttpResponseRedirect(
reverse('resume', args=[resume.slug]))
else:
form = form_class(user=request.user)
return render_to_response(template_name, {'form': form},
context_instance=RequestContext(request))
def robots_txt(request):
options = [
'base/robots_private.txt', 'base/robots_public.txt', 'robots.txt'
]
template_name = "robots.txt"
robots_setting = get_setting('site', 'global', 'robotstxt')
if robots_setting in options:
template_name = robots_setting
return render_to_response(template_name, {},
context_instance=RequestContext(request),
mimetype="text/plain")
def locations_import_preview(request,
id,
template_name='locations/import-map-fields.html'):
"""
This will generate a form based on the uploaded CSV for field mapping.
A preview will be generated based on the mapping given.
"""
locport = get_object_or_404(LocationImport, pk=id)
if request.method == 'POST':
form = ImportMapForm(request.POST, locport=locport)
if form.is_valid():
# Show the user a preview based on the mapping
cleaned_data = form.cleaned_data
#file_path = os.path.join(settings.MEDIA_ROOT, locport.get_file().file.name)
file_path = locport.get_file().file.name
locations, stats = parse_locs_from_csv(file_path, cleaned_data)
# return the form to use it for the confirm view
template_name = 'locations/import-preview.html'
return render_to_response(template_name, {
'locations': locations,
'stats': stats,
'locport': locport,
'form': form,
'now': datetime.now(),
},
context_instance=RequestContext(request))
else:
form = ImportMapForm(locport=locport)
return render_to_response(template_name, {
'form': form,
'locport': locport,
'now': datetime.now(),
},
context_instance=RequestContext(request))
def edit(request, id, form_class=DirectoryForm, template_name="directories/edit.html"):
directory = get_object_or_404(Directory, pk=id)
if not has_perm(request.user,'directories.change_directory', directory):
raise Http403
form = form_class(request.POST or None, request.FILES or None,
instance=directory,
user=request.user)
del form.fields['payment_method']
if not request.user.profile.is_superuser:
del form.fields['pricing']
del form.fields['list_type']
if request.method == "POST":
if form.is_valid():
directory = form.save(commit=False)
if directory.logo:
try:
directory.logo.file.seek(0)
except IOError:
directory.logo = None
# update all permissions and save the model
directory = update_perms_and_save(request, form, directory)
messages.add_message(request, messages.SUCCESS, 'Successfully updated %s' % directory)
return HttpResponseRedirect(reverse('directory', args=[directory.slug]))
else:
form = form_class(instance=directory, user=request.user)
return render_to_response(template_name, {'directory': directory, 'form':form},
context_instance=RequestContext(request))
return render_to_response(template_name, {'directory': directory, 'form':form},
context_instance=RequestContext(request))
def detail(request, slug=None, template_name="jobs/view.html"):
if not slug:
return HttpResponseRedirect(reverse('jobs'))
job = get_object_or_404(Job.objects.select_related(), slug=slug)
can_view = has_view_perm(request.user, 'jobs.view_job', job)
if can_view:
EventLog.objects.log(instance=job)
return render_to_response(template_name, {'job': job},
context_instance=RequestContext(request))
else:
raise Http403
def detail(request, id, template_name="navs/detail.html"):
nav = get_object_or_404(Nav, id=id)
if not has_view_perm(request.user, 'navs.view_nav', nav):
raise Http403
EventLog.objects.log(instance=nav)
return render_to_response(
template_name,
{'current_nav': nav},
context_instance=RequestContext(request),
)
def search(request, template_name="navs/search.html"):
query = request.GET.get('q', None)
filters = get_query_filters(request.user, 'navs.view_nav')
navs = Nav.objects.filter(filters).distinct()
if query:
navs = navs.filter(
Q(title__icontains=query) | Q(description__icontains=query))
EventLog.objects.log()
return render_to_response(template_name, {'navs': navs},
context_instance=RequestContext(request))
def requests(request, template_name="help_files/request_list.html"):
"""
Display a list of help file requests
"""
if not has_perm(request.user, 'help_files.change_request'):
raise Http403
requests = Request.objects.all()
EventLog.objects.log()
return render_to_response(template_name, {
'requests': requests,
},
context_instance=RequestContext(request))
def addon_upload_process(request, sid, template_name="base/addon_upload_process.html"):
if not sid in request.session:
raise Http404
path = request.session[sid]
if not default_storage.exists(path):
messages.add_message(request, messages.SUCCESS, _('Addon upload complete.'))
del request.session[sid]
return redirect('dashboard')
return render_to_response(template_name, {'sid': sid },
context_instance=RequestContext(request))
def search(request, template_name="directories/search.html"):
filters = get_query_filters(request.user, 'directories.view_directory')
directories = Directory.objects.filter(filters).distinct()
cat = None
category = None
sub_category = None
if not request.user.is_anonymous():
directories = directories.select_related()
query = request.GET.get('q', None)
# Handle legacy tag links
if query and "tag:" in query:
return HttpResponseRedirect(
"%s?q=%s&search_category=tags__icontains" %
(reverse('directories'), query.replace('tag:', '')))
form = DirectorySearchForm(request.GET,
is_superuser=request.user.is_superuser)
if form.is_valid():
cat = form.cleaned_data['search_category']
category = form.cleaned_data['category']
sub_category = form.cleaned_data['sub_category']
if query and cat:
directories = directories.filter(**{cat: query})
if category:
directories = directories.filter(categories__category__id=category)
if sub_category:
directories = directories.filter(categories__parent__id=sub_category)
directories = directories.order_by('headline')
EventLog.objects.log()
try:
category = int(category)
except:
category = 0
categories, sub_categories = Directory.objects.get_categories(
category=category)
return render_to_response(template_name, {
'directories': directories,
'categories': categories,
'form': form,
'sub_categories': sub_categories
},
context_instance=RequestContext(request))
def photoset_edit(request,
id,
form_class=PhotoSetEditForm,
template_name="photos/photo-set/edit.html"):
from tendenci.core.perms.object_perms import ObjectPermission
photo_set = get_object_or_404(PhotoSet, id=id)
# if no permission; permission exception
if not has_perm(request.user, 'photos.change_photoset', photo_set):
raise Http403
if request.method == "POST":
if request.POST["action"] == "edit":
form = form_class(request.POST,
instance=photo_set,
user=request.user)
if form.is_valid():
photo_set = form.save(commit=False)
# update all permissions and save the model
photo_set = update_perms_and_save(request, form, photo_set)
# copy all privacy settings from photo set to photos
Image.objects.filter(photoset=photo_set).update(
**get_privacy_settings(photo_set))
# photo set group permissions
group_perms = photo_set.perms.filter(
group__isnull=False).values_list('group', 'codename')
group_perms = tuple([(unicode(g), c.split('_')[0])
for g, c in group_perms])
photos = Image.objects.filter(photoset=photo_set)
for photo in photos:
ObjectPermission.objects.remove_all(photo)
ObjectPermission.objects.assign_group(group_perms, photo)
messages.add_message(request, messages.SUCCESS,
_("Successfully updated photo set! "))
return HttpResponseRedirect(
reverse('photoset_details', args=[photo_set.id]))
else:
form = form_class(instance=photo_set, user=request.user)
return render_to_response(template_name, {
'photo_set': photo_set,
"photoset_form": form,
},
context_instance=RequestContext(request))
def add(request, form_class=ArticleForm,
category_form_class=CategoryForm,
template_name="articles/add.html"):
content_type = get_object_or_404(ContentType,
app_label='articles',
model='article')
if has_perm(request.user, 'articles.add_article'):
if request.method == "POST":
form = form_class(request.POST, user=request.user)
categoryform = category_form_class(content_type,
request.POST,
prefix='category')
if form.is_valid() and categoryform.is_valid():
article = form.save()
article.update_category_subcategory(
categoryform.cleaned_data['category'],
categoryform.cleaned_data['sub_category']
)
# add all permissions and save the model
update_perms_and_save(request, form, article)
msg_string = 'Successfully added %s' % article
messages.add_message(request, messages.SUCCESS, _(msg_string))
# send notification to administrator(s) and module recipient(s)
recipients = get_notice_recipients('module', 'articles', 'articlerecipients')
if recipients and notification:
notification.send_emails(recipients, 'article_added', {
'object': article,
'request': request,
})
return HttpResponseRedirect(reverse('article', args=[article.slug]))
else:
form = form_class(user=request.user)
initial_category_form_data = {
'app_label': 'articles',
'model': 'article',
'pk': 0,
}
categoryform = category_form_class(content_type,
initial=initial_category_form_data,
prefix='category')
return render_to_response(template_name, {'form': form,
'categoryform': categoryform,},
context_instance=RequestContext(request))
else:
raise Http403
def search(request, template_name="discounts/search.html"):
if not has_perm(request.user, 'discounts.view_discount'):
raise Http403
filters = get_query_filters(request.user, 'discounts.view_discount')
discounts = Discount.objects.filter(filters).distinct()
query = request.GET.get('q', None)
if query:
discounts = discounts.filter(discount_code__icontains=query)
EventLog.objects.log()
return render_to_response(template_name, {'discounts': discounts},
context_instance=RequestContext(request))
def entry_delete(request, id, template_name="forms/entry_delete.html"):
entry = get_object_or_404(FormEntry, pk=id)
# check permission
if not has_perm(request.user,'forms.delete_form',entry.form):
raise Http403
if request.method == "POST":
messages.add_message(request, messages.SUCCESS, 'Successfully deleted entry %s' % entry)
entry.delete()
return HttpResponseRedirect(reverse('forms'))
return render_to_response(template_name, {'entry': entry},
context_instance=RequestContext(request))
