def edit_code_package(request, id):
"""edit a code package"""
# prepare messages
mm = MessageManager(request)
cp = get_object_or_404(CodePackage, pk=id)
if request.user.is_authenticated() and request.user.username == cp.user.username:
if request.POST:
form = EditCodePackageForm(request.POST, user=request.user)
if form.is_valid():
form.save(request, cp)
mm.set_success("Your code package has been updated")
return redirect(cp.get_absolute_url())
else:
# form had errors
return render(request, 'main/code_package/edit.html', mm.messages(), {'form':form, 'code_package':cp})
else:
# prepare new form for user
cpk = None
if cp.group():
cpk = cp.group().pk
term_str = delim_list(object_taxon(cp), ',')
form = EditCodePackageForm(user=request.user, initial={'group': cpk, 'title':cp.title, 'description':cp.description, 'terms':term_str})
return render(request, 'main/code_package/edit.html', mm.messages(), {'form':form, 'code_package':cp})
else:
return redirect(request.META.get('HTTP_REFERER','/'))
def edit_account(request, username):
"""edit a user's account details"""
# prepare messages
mm = MessageManager(request)
try:
u = cUser.objects.get(username=username)
except cUser.DoesNotExist:
u = get_object_or_404(User, username=username)
# must be an authenticated user and own the profile in order to get the form.
if request.user.is_authenticated() and request.user == u:
if request.POST:
# collect form
form = EditAccountForm(request.POST)
if form.is_valid():
form.update(request, u)
mm.set_success("Your account has been updated")
return redirect(request.user.get_absolute_url())
else:
return render(request, 'accounts/user/edit.html', {'form':form}, mm.messages())
else:
# prepare form
form = EditAccountForm(initial={'username':u.username, 'email':u.email})
return render(request, 'accounts/user/edit.html', {'form':form}, mm.messages())
else:
return redirect(u.get_absolute_url())
def user_account(request, username):
"""display user account details page"""
mm = MessageManager(request)
# must be an authenticated user and own the profile in order to get the form.
if request.user.is_authenticated() and request.user.username == username:
# must also be of type cUser. since the super is default to a User.
if request.user.__class__ == cUser:
if request.POST:
# collect form
form = SettingsForm(request.POST)
if form.is_valid():
s = request.user.settings
s.public_comments = form.cleaned_data['public_comments']
s.code_pkg_updates = form.cleaned_data['code_pkg_updates']
s.save()
mm.set_success("Your settings have been saved")
return render(request, 'accounts/user/account.html', {'form':form}, mm.messages())
else:
mm.set_error("Sorry! We encountered an error and were unable to save your settings")
form = SettingsForm(instance=request.user.settings)
return render(request, 'accounts/user/account.html', {'form':form}, mm.messages())
else:
# prepare form
form = SettingsForm(instance=request.user.settings)
return render(request, 'accounts/user/account.html', {'form':form}, mm.messages())
return render(request, 'accounts/user/account.html', mm.messages())
def edit_link(request, id):
"""edit a link"""
# prepare messages
mm = MessageManager(request)
link = get_object_or_404(Link, pk=id)
if request.user.is_authenticated() and request.user.username == link.user.username:
if request.POST:
form = CreateLinkForm(request.POST, request.FILES, user=request.user)
if form.is_valid():
form.update(request, link)
mm.set_success("Your link has been updated")
return redirect(link.get_absolute_url())
else:
# form had errors
return render(request, 'main/link/edit.html', mm.messages(), {'form':form, 'link':link})
else:
# prepare new form for user
lpk = None
if link.group():
lpk = link.group().pk
term_str = delim_list(object_taxon(link), ',')
form = CreateLinkForm(user=request.user, initial={'group': lpk, 'title':link.title, 'url':link.url, 'terms':term_str})
return render(request, 'main/link/edit.html', mm.messages(), {'form':form, 'link':link})
else:
return redirect(request.META.get('HTTP_REFERER','/'))
def edit_discussion(request, id):
"""edit a discussion"""
# prepare messages
mm = MessageManager(request)
d = get_object_or_404(Discussion, pk=id)
if request.user.is_authenticated() and request.user.username == d.user.username:
if request.POST:
form = CreateDiscussionForm(request.POST, request.FILES, user=request.user)
if form.is_valid():
form.update(request, d)
mm.set_success("Your discussion has been updated")
return redirect(d.get_absolute_url())
else:
# form had errors
return render(request, 'main/discussion/edit.html', mm.messages(), {'form':form, 'discussion':d})
else:
# prepare new form for user
dpk = None
if d.group():
dpk = d.group().pk
term_str = delim_list(object_taxon(d), ',')
form = CreateDiscussionForm(user=request.user, initial={'group': dpk, 'title':d.title, 'body':d.body, 'type':d.type, 'terms':term_str})
return render(request, 'main/discussion/edit.html', mm.messages(), {'form':form, 'discussion':d})
else:
return redirect(request.META.get('HTTP_REFERER','/'))
def contact(request):
"""contact page"""
# prepare messages
mm = MessageManager(request)
if request.POST:
form = ContactForm(request.POST)
if form.is_valid():
data = request.POST.copy()
# make sure we have a human
if not form.isValidHuman(data):
mm.set_error('Sorry only humans can contact us. Try reloading the page.')
return render(request, 'main/contact.html', mm.messages(), {'form':form})
# prepare email
email_subject = 'Comperio Form Submission'
email_body =\
"Form submission from %s\n\nName: %s\nEmail: %s\n\n%s" % (
SITE_URL,
data['name'],
data['email'],
data['message'])
emails = [x[1] for x in ADMINS]
send_mail(email_subject,
email_body,
'*****@*****.**',
emails)
mm.set_success("Thank you! We received your message.")
return redirect('/')
else:
return render(request, 'main/contact.html', {'form':form}, mm.messages())
else:
form = ContactForm()
return render(request, 'main/contact.html', {'form':form}, mm.messages())
def delete(request, username):
"""delete a user account"""
# prepare messages
mm = MessageManager(request)
if request.user.is_active and request.user.username == username:
if request.user.is_superuser:
mm.set_error("um... you can't delete a super user silly.")
return redirect(request.META.get('HTTP_REFERER','/'))
# Build the removal key for account
salt = sha.new(str(random.random())).hexdigest()[:5]
removal_key = sha.new(salt+username).hexdigest()
key_expires = datetime.datetime.today() + datetime.timedelta(2)
request.user.removal_key = removal_key
request.user.key_expires = key_expires
request.user.save()
# prepare email
email_subject = 'Confirm account deletion'
email_body =\
"We just received a request to delete your Comperio account.\
\n\nTo delete your account, click this link within 48 hours:\
\n%s/users/delete/confirm/%s" % (
SITE_URL,
request.user.removal_key)
send_mail(email_subject,
email_body,
'*****@*****.**',
[request.user.email])
mm.set_success("We just sent you an email to verify your account removal.")
return redirect(request.META.get('HTTP_REFERER','/'))
def upload(request):
"""upload a code package to a user profile"""
mm = MessageManager(request)
if request.POST:
form = UploadCodePackageForm(request.POST, request.FILES)
if form.is_valid():
e = form.cleaned_data['username']
p = form.cleaned_data['password']
try:
user = authenticate(username=e, password=p)
except NameError:
user = None
if user is not None:
if user.is_active:
if form.save(request, user):
mm.set_success("package uploaded")
form = UploadCodePackageForm()
else:
mm.set_error("package could not be uploaded")
else:
# account is disabled
mm.set_error('This account has been disabled, or has not been activated.')
else:
# invalid login
mm.set_error('Invalid credentials.')
return render(request, 'api/upload.html', {'form':form}, mm.messages())
else:
# return form errors to user
return render(request, 'api/upload.html', {'form':form}, mm.messages())
else:
form = UploadCodePackageForm()
return render(request, 'api/upload.html', {'form':form}, mm.messages())
def edit_task(request, id):
"""edit and existing task"""
mm = MessageManager(request)
t = get_object_or_404(Task, pk=id)
if request.user.is_authenticated() and request.user.username == t.user.username:
if request.POST:
# receive sent form
form = NewTaskForm(request.POST)
if form.is_valid():
mm.set_success("task updated")
t.due_date = form.cleaned_data['due_date']
t.description = form.cleaned_data['description']
notify = form.cleaned_data['notify']
if notify is False:
t.notify = False
else:
t.notify = True
t.save()
return redirect(t.get_absolute_url())
else:
mm.set_error("error")
# error
pass
else:
# setup new form
form = NewTaskForm(initial={'due_date':t.due_date, 'description':t.description, 'notify':t.notify})
return render(request, 'tasks/edit.html', {'form':form, 'task':t}, mm.messages())
else:
mm.set_notice("you are not authorized to edit that task.")
return redirect(request.META.get('HTTP_REFERER','/'))
def _survey_redirect(
request,
survey,
group_slug=None,
group_slug_field=None,
group_qs=None,
template_name="survey/thankyou.html",
extra_context=None,
*args,
**kw
):
"""
Conditionally redirect to the appropriate page;
if there is a "next" value in the GET URL parameter,
go to the URL specified under Next.
If there is no "next" URL specified, then go to
the survey results page...but only if it is viewable
by the user.
Otherwise, only direct the user to a page showing
their own survey answers...assuming they have answered
any questions.
If all else fails, go to the Thank You page.
"""
if (
"next" in request.REQUEST
and request.REQUEST["next"].startswith("http:")
and request.REQUEST["next"] != request.path
):
return HttpResponseRedirect(request.REQUEST["next"])
if survey.answers_viewable_by(request.user):
return HttpResponseRedirect(reverse("survey-results", None, (), {"survey_slug": survey.__dict__["slug"]}))
# For this survey, have they answered any questions?
# if (hasattr(request, 'session') and Answer.objects.filter(
# session_key=request.session.session_key.lower(),
# question__survey__visible=True,
# question__survey__slug=survey.__dict__['slug']).count()):
# print "ytest4"
# return HttpResponseRedirect(
# reverse('answers-detail', None, (),
# {'survey_slug': survey.__dict__['slug'],
# 'key': request.session.session_key.lower()}))
# go to thank you page
# return render()
mm = MessageManager(request)
mm.set_success("Thank You For Participating In The Survey!")
return HttpResponseRedirect(request.user.get_absolute_url())
# return render_to_response(template_name,
# {'survey': survey, 'title': 'Thank You'},
# context_instance=RequestContext(request))
return render(request, template_name, {"survey": survey, "title": "Thank You"})
def delete_task(request, id):
"""delete a task"""
mm = MessageManager(request)
t = get_object_or_404(Task, pk=id)
if request.user.is_authenticated() and request.user.username == t.user.username:
t.delete()
mm.set_success("task removed")
return redirect(request.user.get_absolute_url())
else:
mm.set_notice("you are not authorized to delete that task.")
return redirect(request.META.get('HTTP_REFERER','/'))
def delete_lesson(request, c_id, l_id):
"""delete an existing lesson"""
mm = MessageManager(request)
l = get_object_or_404(Lesson, pk=l_id)
c = get_object_or_404(Curriculum, pk=c_id)
if request.user.is_authenticated() and request.user.username == l.user.username:
name = l.title
l.delete()
mm.set_success('"%s" has been deleted' % name)
else:
mm.set_notice('you are not authorized to delete this lesson')
return redirect(c.get_absolute_url())
def reject_from_group(request, gid, uid):
"""reject a pending membership request"""
mm = MessageManager(request)
g = get_object_or_404(cGroup, pk=gid)
u = get_object_or_404(cUser, pk=uid)
if request.user.is_authenticated() and request.user.is_group_manager(g):
if u in g.pending_users.all():
mm.set_success("membership refused for %s" % u.username)
g.pending_users.remove(u)
g.save()
else:
mm.set_error("you can't just reject whomever you want!")
return redirect(reverse('manage-group', None, (), {'gid':g.pk}))
return redirect(g.get_absolute_url())
def create_curriculum(request):
"""create a new curriculum container"""
mm = MessageManager(request)
if request.POST:
form = CreateCurriculumForm(request.POST)
if form.is_valid():
# save it
c = form.save(request)
mm.set_success("the curriculum was saved")
return redirect(c.get_absolute_url())
else:
mm.set_error("the form has errors")
pass
else:
form = CreateCurriculumForm()
return render(request, 'curricula/create_curriculum.html', {'form':form}, mm.messages())
def login_view(request):
"""Login to a user account and redirect to profile"""
# TODO: put link on profile page to return to original page
# prepare messages
mm = MessageManager(request)
if request.user.is_authenticated():
return redirect(request.user.get_absolute_url())
if request.POST:
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
# cookies are enabled
form = LoginForm(request.POST)
if not form == None and form.is_valid():
# log the user in. we extended to backend to allow using email
# instead of just username
e = form.cleaned_data['username']
p = form.cleaned_data['password']
try:
user = authenticate(username=e, password=p)
except NameError:
user = None
if user is not None:
if user.is_active:
#request.user = user
login(request, user)
mm.set_success('you are logged in!')
return redirect(request.user.get_absolute_url())
else:
# account is disabled
mm.set_error('This account has been disabled, or has not been activated.')
else:
# invalid login
mm.set_error('Invalid credentials.')
else:
#mm.set_error('The form is invalid')
pass
else:
# cookies are not enabled
mm.set_error('Please enable cookies and try again.')
else:
form = LoginForm()
request.session.set_test_cookie()
return render(request, 'accounts/login.html', {'form':form}, mm.messages())
def create_group(request):
"""create a new user group"""
mm = MessageManager(request)
if request.user.is_authenticated() and request.user.__class__ is cUser:
if request.POST:
form = CreateGroupForm(request.POST)
if form.is_valid():
data = request.POST.copy()
# make sure the group name is unique
try:
cGroup.objects.get(name=data["title"])
mm.set_error("that group name is already taken")
return render(request,'accounts/groups/create.html', mm.messages(), {'form':form})
except cGroup.DoesNotExist:
# create group
g = cGroup()
g.name = data["title"]
g.description = data["description"]
g.type = data["type"]
g.visibility = data["visibility"]
g.open_registration = data.has_key("open_registration")
g.save()
# add user to group
request.user.groups.add(g)
g.managers.add(request.user)
# Build the invitation key
salt = sha.new(str(random.random())).hexdigest()[:5]
g.invitation_key = sha.new(salt+g.name).hexdigest()[:13]
g.key_expires = datetime.datetime.today() + datetime.timedelta(2)
g.save()
manage_url = reverse('manage-group', None, (), {'gid':g.pk})
invite_url = "%s%s/%s" % (SITE_URL, reverse('join-group', None, (), {'gid':g.pk}), g.invitation_key)
mm.set_success("Successfully Created Group \"%s\"!<p> We automatically generated an invitation url that you can share with your friends. For more information check out the <a href=\"%s\">Administration Page</a>.</p><p>Invitation Url: <a href=\"%s\">%s</a></p>" % (g.name, manage_url, invite_url, invite_url))
# TODO: take to new group page
return redirect(g.get_absolute_url())
else:
return render(request,'accounts/groups/create.html', mm.messages(), {'form':form})
else:
# prepare new form for user
form = CreateGroupForm(initial={'open_registration':True})
return render(request,'accounts/groups/create.html', mm.messages(), {'form':form})
else:
mm.set_error("you are not allowed to create a group")
return redirect(request.META.get('HTTP_REFERER','/'))
def delete_code_package(request, id):
"""delete a code package"""
mm = MessageManager(request)
try:
cp = CodePackage.objects.get(pk=id)
except CodePackage.DoesNotExist:
raise Http404
if request.user.is_authenticated() and request.user.username == cp.user.username:
cp.delete()
mm.set_success("Code package %s has been deleted" % cp.title )
if cp.group():
return redirect(cp.group().get_absolute_url() + "#code")
else:
return redirect(request.user.get_absolute_url() + "#code")
else:
raise Http404
def delete_discussion(request, id):
"""delete a discussion"""
mm = MessageManager(request)
try:
d = Discussion.objects.get(pk=id)
except Discussion.DoesNotExist:
raise Http404
if request.user.is_authenticated() and request.user.username == d.user.username:
d.delete()
mm.set_success("Discussion %s has been deleted" % d.title )
if d.group():
return redirect(d.group().get_absolute_url() + "#discussions")
else:
return redirect(request.user.get_absolute_url() + "#discussions")
else:
raise Http404
def admit_to_group(request, gid, uid):
"""admit a user into a group"""
mm = MessageManager(request)
g = get_object_or_404(cGroup, pk=gid)
u = get_object_or_404(cUser, pk=uid)
if request.user.is_authenticated() and request.user.is_group_manager(g):
if u in g.pending_users.all():
mm.set_success("%s has been admitted" % u.username)
g.pending_users.remove(u)
u.groups.add(g)
g.members.add(u)
u.save()
g.save()
else:
mm.set_error("you can't just add whomever you want to your group!")
return redirect(reverse('manage-group', None, (), {'gid':g.pk}))
return redirect(g.get_absolute_url())
def confirm_delete(request, removal_key):
"""confirm a account removal"""
# prepare messages
mm = MessageManager(request)
user = get_object_or_404(cUser, removal_key=removal_key)
if user.key_expires < datetime.datetime.today():
mm.set_notice("This removal code as expired.")
return render(request, 'accounts/confirm_delete.html', mm.messages(), {'expired':True})
user.key_expires = datetime.datetime.today() - datetime.timedelta(days=1)
user.is_active = False
user.save()
logout(request)
mm.set_success("Your account has been successfully removed. Please visit us again!")
return render(request, 'main/index.html', mm.messages())
def create_lesson(request, c_id):
"""create a new lesson"""
c = get_object_or_404(Curriculum, pk=c_id)
mm = MessageManager(request)
if request.POST:
form = CreateLessonForm(request.POST)
if form.is_valid():
# save it
l = form.save(request, c)
mm.set_success("the lesson was saved")
return redirect(c.get_absolute_url())
else:
mm.set_error("the form has errors")
pass
else:
form = CreateLessonForm()
return render(request, 'curricula/create_lesson.html', {'form':form, 'curriculum':c}, mm.messages())
def delete_link(request, id):
"""delete a link"""
mm = MessageManager(request)
try:
l = Link.objects.get(pk=id)
except Link.DoesNotExist:
raise Http404
if request.user.is_authenticated() and request.user.username == l.user.username:
l.delete()
mm.set_success("Link %s has been deleted" % l.title )
if l.group():
return redirect(l.group().get_absolute_url() + "#links")
else:
return redirect(request.user.get_absolute_url() + "#links")
else:
raise Http404
def create_bug(request):
"""create a new bug report"""
# prepare messages
mm = MessageManager(request)
if request.user.is_authenticated():
if request.POST:
form = BugForm(request.POST)
if form.is_valid():
form.save(request)
mm.set_success("Thanks! We'll fix this bug as soon as possible.")
return redirect('/')
else:
return render(request, 'bugs/create.html', mm.messages(), {'form':form})
else:
form = BugForm()
return render(request, 'bugs/create.html', mm.messages(), {'form':form})
mm.set_notice("You must log in before you can report a bug")
return login_view(request)
def kick_from_group(request, gid, uid):
"""kick a user out of a group"""
mm = MessageManager(request)
g = get_object_or_404(cGroup, pk=gid)
u = get_object_or_404(cUser, pk=uid)
if request.user.is_authenticated() and request.user.is_group_manager(g):
# can only kick normal users, not managers
if u in g.users():
u.groups.remove(g)
g.members.remove(u)
u.save()
g.save()
mm.set_success("%s has been kicked" % u.username)
else:
mm.set_error("you can only kick existing members")
return redirect(reverse('manage-group', None, (), {'gid':g.pk}))
return redirect(g.get_absolute_url())
def create_code_package(request, gid=None):
"""page to create a new code package object"""
# prepare messages
mm = MessageManager(request)
if request.user.is_authenticated():
# TODO: allow unauthorized users to create temporary content, but require them to
# sign up for an account before it can be saved. (html5 local db)
form = None
if request.POST:
form = CreateCodePackageForm(request.POST, request.FILES)
if form.is_valid():
new = form.save(request, gid)
mm.set_success("You successfully created a new code package \"%s\"" % new.title)
if new.group():
return redirect(new.group().get_absolute_url())
else:
return redirect(request.user.get_absolute_url())
else:
# form had errors
data = request.POST.copy()
formerr = form
dgroup=None
if gid:
form.fields['group'].widget.attrs['disabled'] = True # radio / checkbox
dgroup = get_object_or_404(cGroup, pk=gid)
form.fields['group'].widget.choices = ((gid,dgroup.name),)
return render(request, 'main/code_package/create.html', {'form':form, 'group':dgroup}, mm.messages())
else:
# prepare new form for user
form = CreateCodePackageForm(user=request.user, initial={'group': gid})
dgroup=None
if gid:
dgroup = get_object_or_404(cGroup, pk=gid)
form.fields['group'].widget.attrs['disabled'] = True # radio / checkbox
form.fields['group'].widget.initial = dgroup.name
return render(request, 'main/code_package/create.html', mm.messages(), {'form':form, 'group':dgroup})
else:
return redirect(request.META.get('HTTP_REFERER','/'))
def edit_group(request, gid):
"""edit a group"""
mm = MessageManager(request)
g = get_object_or_404(cGroup, pk=gid)
if request.user.is_authenticated() and request.user.is_group_manager(g):
if request.POST:
form = CreateGroupForm(request.POST)
if form.is_valid():
data = request.POST.copy()
# make sure the group name is unique
#try:
# cGroup.objects.get(name=data["title"])
# mm.set_error("that group name is already taken")
# return render(request,'accounts/groups/create.html', mm.messages(), {'form':form})
#except cGroup.DoesNotExist:
# create group
#g = cGroup()
g.name = data["title"]
g.description = data["description"]
g.type = data["type"]
g.visibility = data["visibility"]
g.open_registration = data.has_key("open_registration")
g.save()
# add user to group
#request.user.groups.add(g)
#g.managers.add(request.user)
#g.save()
mm.set_success("edits were successfull")
# TODO: take to new group page
return redirect(g.get_absolute_url())
else:
return render(request,'accounts/groups/edit.html', mm.messages(), {'form':form, 'group':g})
else:
# prepare new form for user
form = CreateGroupForm(initial={'title': g.name, 'description':g.description, 'type':g.type, 'open_registration':g.open_registration})
return render(request,'accounts/groups/edit.html', mm.messages(), {'form':form, 'group':g})
else:
mm.set_error("you are not allowed to edit this group")
return redirect(g.get_absolute-url())
def edit_curriculum(request, id):
"""edit a curriculum"""
mm = MessageManager(request)
c = get_object_or_404(Curriculum, pk=id)
if request.user.is_authenticated() and request.user.username == c.user.username:
if request.POST:
form = CreateCurriculumForm(request.POST)
if form.is_valid():
# update it
c = form.update(request, c)
mm.set_success('"%s" has been updated' % c.title)
return redirect(c.get_absolute_url())
else:
mm.set_error("the form has errors")
pass
else:
form = CreateCurriculumForm(initial={'title':c.title, 'description':c.description})
return render(request, 'curricula/edit_curriculum.html', {'form':form, 'curriculum':c}, mm.messages())
else:
mm.set_notice('You are not authorized to edit that curriculum')
return redirect(request.META.get('HTTP_REFERER','/'))
def confirm(request, activation_key):
"""confirm a user registration"""
# prepare messages
mm = MessageManager(request)
if request.user.is_active and request.user.activation_key == activation_key:
raise Http404()
user = get_object_or_404(cUser, activation_key=activation_key)
if user.key_expires < datetime.datetime.today():
mm.set_notice("This activation code as expired. Try creating a new account")
# TODO: completely remove accounts that have expired
return render(request, 'accounts/confirm.html', mm.messages(), {'expired':True})
user.key_expires = datetime.datetime.today() - datetime.timedelta(days=1)
mm.set_success("Congratulations! You just activated your account!")
request.session.set_test_cookie()
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
# cookies are enabled
# we need to call authenticate to set some varibles before calling login()
auth_user = None
try:
auth_user = authenticate(username=user.username, password=user.activation_key)
# activate the user after authentication so we can't
# login with the activation key anymore
#auth_user.is_active = True
#auth_user.save()
except NameError:
pass
if auth_user is not None:
if auth_user.is_active:
login(request, auth_user)
# TODO: we don't cover all our bases here. we need to be more thorough with error checking
if auth_user:
return redirect(auth_user.get_absolute_url())
else:
return redirect('/')
def edit_lesson(request, c_id, l_id):
"""edit a lesson"""
mm = MessageManager(request)
c = get_object_or_404(Curriculum, pk=c_id) # we don't need both curriculum and lesson id because we are moving towards just using the custom lesson model
l = get_object_or_404(Lesson, pk=l_id)
if request.user.is_authenticated() and request.user.username == l.user.username:
if request.POST:
form = CreateLessonForm(request.POST)
if form.is_valid():
# update it
l = form.update(request, l)
mm.set_success('"%s" has been updated' % l.title)
return redirect(l.get_absolute_url())
else:
mm.set_error("the form has errors")
pass
else:
form = CreateLessonForm(initial={'title':l.title, 'description':l.description, 'body':l.body})
return render(request, 'curricula/edit_lesson.html', {'form':form, 'lesson':l, 'curriculum':c}, mm.messages())
else:
mm.set_notice('You are not authorized to edit that curriculum')
return redirect(request.META.get('HTTP_REFERER','/'))
def join_group(request, gid, invitation_key = None):
"""request to join a group"""
mm = MessageManager(request)
g = get_object_or_404(cGroup, pk=gid)
if not g.open_registration and invitation_key is None:
return redirect(g.get_absolute_url())
if request.user.is_authenticated() and request.user.__class__ == cUser:
if request.user.is_group_member(g):
mm.set_notice("you are already a member of this group.")
return redirect(g.get_absolute_url())
if request.user.is_group_manager(g):
mm.set_notice("you are a manager of this group and cannot become a member.")
return redirect(g.get_absolute_url())
if invitation_key != None:
if invitation_key == g.invitation_key:
if g.key_expires < datetime.datetime.today():
mm.set_notice("This invitation code as expired.")
else:
mm.set_success("you are now a member of this group!")
request.user.groups.add(g)
request.user.save()
if request.user in g.pending_users.all():
g.pending_users.remove(request.user)
g.members.add(request.user)
g.save()
else:
mm.set_notice("that invitation key is invalid or has expired")
else:
g.pending_users.add(request.user)
g.save()
mm.set_success("your membership request has been sent to the group administrators")
else:
mm.set_notice("you must login or create an acount before you can join a group.")
return HttpResponseRedirect(reverse('login-page'))
return redirect(g.get_absolute_url())
