def EditList(request):
if request.is_ajax():
if request.method == "POST":
form = NewListForm(request.POST, error_class=TextErrorList)
if form.is_valid():
if str(request.POST['id']) == str(int(request.POST['id'])):
try:
listobj = List.objects.get(id=request.POST['id'])
except List.DoesNotExist:
raise Http404
if 'listsession' in request.POST.keys():
if request.POST['listsession']:
p = request.POST['listsession'].split('$')
if request.POST['listsession'] != passHash(request.user.username + listobj.password, p[1]):
raise Http404
else:
listsession = ''
else:
raise Http404
referer = request.META['HTTP_REFERER']
if referer[referer[:-1].rfind('/')+1:] != listobj.url:
raise Http404
if listobj.visibility == 0: #Public
if listobj.perm != 1 and request.user != listobj.user:
raise Http404
else: #Private
if request.user.is_authenticated():
if listobj.emails:
if request.user.email not in listobj.emails.split(',') and request.user != listobj.user:
raise Http404
elif request.user != listobj.user:
raise Http404
else:
raise Http404
listobj.name = form.cleaned_data['name']
listobj.description = form.cleaned_data['description']
listobj.url = form.cleaned_data['url']
listobj.visibility = form.cleaned_data['visibility']
listobj.perm = form.cleaned_data['perm']
listobj.emails = form.cleaned_data['emails']
try:
listobj.save()
except IntegrityError as error:
return HttpResponse(json.dumps({'errors':[error]}))
return HttpResponse(json.dumps({'errors':''}))
else:
raise Http404
else:
return HttpResponse(json.dumps({'errors':[form.non_field_errors(), ["%s: %s" % (field, error) for field, error in form.errors.items()]]}))
else:
raise Http404
else:
raise Http404
def NewList(request):
if request.method == "POST" and request.is_ajax():
form = NewListForm(request.POST, error_class=TextErrorList)
if form.is_valid():
referer = request.META['HTTP_REFERER']
if referer[referer[:-1].rfind('/')+1:] != 'dashboard/':
raise Http404
if form.cleaned_data['url'] != '':
try:
List.objects.get(url=form.cleaned_data['url'])
return HttpResponse(json.dumps({'errors':["The URL you chose was already taken."]}))
except List.DoesNotExist:
pass
listobj = List()
listobj.user = request.user
listobj.name = form.cleaned_data['name']
listobj.description = form.cleaned_data['description']
listobj.url = form.cleaned_data['url']
listobj.password = form.cleaned_data['password']
listobj.visibility = form.cleaned_data['visibility']
if 'perm' in form.cleaned_data.keys():
perm = form.cleaned_data['perm']
if perm == "on":
listobj.perm = 1
else:
listobj.perm = 0
listobj.emails = form.cleaned_data['emails']
try:
listobj.save()
print listobj.password
except IntegrityError as error:
return HttpResponse(json.dumps({'errors':[error.__str__()]}))
return HttpResponse(json.dumps({'errors':'', 'url':listobj.url, 'id':listobj.id}))
else:
return HttpResponse(json.dumps({'errors':[form.non_field_errors(), ["%s: %s" % (field, error) for field, error in form.errors.items()]]}))
else:
raise Http404
