def projects_detail(request, slug, pk=None): """ Provide a form to add a "project" to a company profile. A project includes a reference to up to 10 Stone items, a description, up to 20 pictures, and (in case of a pubic building) a street address, so that it can be visited irl. """ form = None user = get_object_or_404(User, username=slug) view_item = Project.objects.all_for_user(user).filter(pk=pk).first() can_edit = request.user.is_authenticated() and request.user == user if not can_edit and not view_item: # Needs auth to see /new page. return HttpResponseRedirect(get_login_url(request)) if can_edit: if 'DELETE' in (request.method, request.POST.get('_method', None)): if not view_item: return HttpResponseBadRequest() # Delete the entire view_item and and all attached pics. view_item.delete() messages.success(request, _('The item was deleted.')) _next = reverse('companydb_projects', args=[user.username]) return HttpResponseRedirect(_next) elif 'POST' == request.method: form = CompanyProjectForm(request.POST, instance=view_item) # manually add stones selection stone_pks = request.POST.getlist('stones', []) stones = Stone.objects.filter(pk__in=stone_pks) # manually add uploaded pics selection pics_pks = request.POST.getlist('pics', []) pics = Pic.objects.all_for_user(request.user) \ .filter(pk__in=pics_pks, module='projects') if form.is_valid(): project_item = form.save(commit=False) project_item.user = request.user project_item.save() project_item.stones = stones project_item.save() # point pictures to the new Project item for p in pics: p.attach_to(project_item.pk) _next = reverse('companydb_projects', args=[user.username]) return HttpResponseRedirect(request.POST.get('next', _next)) else: form = CompanyProjectForm(instance=view_item) return render(request, 'companydb/projects_detail.html', _ctx({ 'form': form, 'projects': user.project_set.all(), 'view_item': view_item, 'view_user': user}))
def stock_detail(request, slug, pk=None): form = None user = get_object_or_404(User, username=slug) view_item = Stock.objects.all_for_user(user).filter(pk=pk).first() can_edit = request.user.is_authenticated() and request.user == user if not can_edit: if request.method not in ['GET', 'HEAD', 'OPTIONS']: return HttpResponseBadRequest() if not view_item: return HttpResponseRedirect(get_login_url(request)) if can_edit: if 'DELETE' in (request.method, request.POST.get('_method', None)): if not view_item: return HttpResponseBadRequest() # Delete the entire view_item and and all attached pics. view_item.delete() messages.success(request, _('The item was deleted.')) _next = reverse('companydb_stock', args=[user.username]) return HttpResponseRedirect(_next) elif 'POST' in (request.method, request.POST.get('_method', None)): form = CompanyStockForm(request.POST, instance=view_item) # manually add stone selected stone_pk = request.POST.get('stone', None) stone = Stone.objects.filter(pk=stone_pk).first() # manually add uploaded pics selection pics_pks = request.POST.getlist('pics', []) pics = Pic.objects.all_for_user(request.user)\ .filter(pk__in=pics_pks, module='stock') if form.is_valid(): stock_item = form.save(commit=False) stock_item.stone = stone stock_item.user = request.user stock_item.save() # point pictures to the new Stone item for p in pics: p.attach_to(stock_item.id) _next = reverse('companydb_stock', args=[user.username]) return HttpResponseRedirect(request.POST.get('next', _next)) else: # Return form with the item to edit, or empty form to add new item. form = CompanyStockForm(instance=view_item) return render(request, 'companydb/stock_detail.html', _ctx({ 'form': form, 'view_item': view_item, 'view_user': user}))
def photos(request, slug): page = request.GET.get('page', 1) form = None view_user = get_object_or_404(User, username=slug, is_active=True) li = Pic.objects.all_for_user(view_user) can_edit = request.user.is_authenticated() and request.user == view_user if 'POST' in (request.method, request.POST.get('_method', None)): if not can_edit: return HttpResponseRedirect(get_login_url(request)) module = request.POST.get('module', 'profile') if module not in [x[0] for x in Pic.MODULE_CHOICES]: raise ValueError('Module does not exist.') form = PicUploadForm(request.POST, request.FILES) if form.is_valid(): _pic = request.FILES['pic'] if module == 'profile': _title = form.cleaned_data['title'] pic = Pic.objects.add_to_profile(request.user, _pic, _title) else: pic = Pic.objects.add_upload(request.user, _pic, module) if request.is_ajax(): return JsonResponse({'pic': { 'id': pic.id, 'url': reverse('companydb_pic_item', kwargs={'id': pic.id}), 'url_thumb': pic.url_thumb, 'url_small': pic.url_small, 'url_medium': pic.url_medium, 'url_large': pic.url_large, }}) else: return HttpResponseRedirect(request.path) else: pass elif 'GET' in (request.method, ): if can_edit: form = PicUploadForm() canonical = reverse('companydb_photos', args=[view_user.username]) return render(request, 'companydb/photos.html', _ctx({ 'view_user': view_user, 'form': form, 'photos': _get_page(li, page), 'canonical': canonical}))