def edit_code_package(request, id): """edit a code package""" # prepare messages mm = MessageManager(request) cp = get_object_or_404(CodePackage, pk=id) if request.user.is_authenticated() and request.user.username == cp.user.username: if request.POST: form = EditCodePackageForm(request.POST, user=request.user) if form.is_valid(): form.save(request, cp) mm.set_success("Your code package has been updated") return redirect(cp.get_absolute_url()) else: # form had errors return render(request, 'main/code_package/edit.html', mm.messages(), {'form':form, 'code_package':cp}) else: # prepare new form for user cpk = None if cp.group(): cpk = cp.group().pk term_str = delim_list(object_taxon(cp), ',') form = EditCodePackageForm(user=request.user, initial={'group': cpk, 'title':cp.title, 'description':cp.description, 'terms':term_str}) return render(request, 'main/code_package/edit.html', mm.messages(), {'form':form, 'code_package':cp}) else: return redirect(request.META.get('HTTP_REFERER','/'))
def edit_account(request, username): """edit a user's account details""" # prepare messages mm = MessageManager(request) try: u = cUser.objects.get(username=username) except cUser.DoesNotExist: u = get_object_or_404(User, username=username) # must be an authenticated user and own the profile in order to get the form. if request.user.is_authenticated() and request.user == u: if request.POST: # collect form form = EditAccountForm(request.POST) if form.is_valid(): form.update(request, u) mm.set_success("Your account has been updated") return redirect(request.user.get_absolute_url()) else: return render(request, 'accounts/user/edit.html', {'form':form}, mm.messages()) else: # prepare form form = EditAccountForm(initial={'username':u.username, 'email':u.email}) return render(request, 'accounts/user/edit.html', {'form':form}, mm.messages()) else: return redirect(u.get_absolute_url())
def user_account(request, username): """display user account details page""" mm = MessageManager(request) # must be an authenticated user and own the profile in order to get the form. if request.user.is_authenticated() and request.user.username == username: # must also be of type cUser. since the super is default to a User. if request.user.__class__ == cUser: if request.POST: # collect form form = SettingsForm(request.POST) if form.is_valid(): s = request.user.settings s.public_comments = form.cleaned_data['public_comments'] s.code_pkg_updates = form.cleaned_data['code_pkg_updates'] s.save() mm.set_success("Your settings have been saved") return render(request, 'accounts/user/account.html', {'form':form}, mm.messages()) else: mm.set_error("Sorry! We encountered an error and were unable to save your settings") form = SettingsForm(instance=request.user.settings) return render(request, 'accounts/user/account.html', {'form':form}, mm.messages()) else: # prepare form form = SettingsForm(instance=request.user.settings) return render(request, 'accounts/user/account.html', {'form':form}, mm.messages()) return render(request, 'accounts/user/account.html', mm.messages())
def edit_link(request, id): """edit a link""" # prepare messages mm = MessageManager(request) link = get_object_or_404(Link, pk=id) if request.user.is_authenticated() and request.user.username == link.user.username: if request.POST: form = CreateLinkForm(request.POST, request.FILES, user=request.user) if form.is_valid(): form.update(request, link) mm.set_success("Your link has been updated") return redirect(link.get_absolute_url()) else: # form had errors return render(request, 'main/link/edit.html', mm.messages(), {'form':form, 'link':link}) else: # prepare new form for user lpk = None if link.group(): lpk = link.group().pk term_str = delim_list(object_taxon(link), ',') form = CreateLinkForm(user=request.user, initial={'group': lpk, 'title':link.title, 'url':link.url, 'terms':term_str}) return render(request, 'main/link/edit.html', mm.messages(), {'form':form, 'link':link}) else: return redirect(request.META.get('HTTP_REFERER','/'))
def edit_discussion(request, id): """edit a discussion""" # prepare messages mm = MessageManager(request) d = get_object_or_404(Discussion, pk=id) if request.user.is_authenticated() and request.user.username == d.user.username: if request.POST: form = CreateDiscussionForm(request.POST, request.FILES, user=request.user) if form.is_valid(): form.update(request, d) mm.set_success("Your discussion has been updated") return redirect(d.get_absolute_url()) else: # form had errors return render(request, 'main/discussion/edit.html', mm.messages(), {'form':form, 'discussion':d}) else: # prepare new form for user dpk = None if d.group(): dpk = d.group().pk term_str = delim_list(object_taxon(d), ',') form = CreateDiscussionForm(user=request.user, initial={'group': dpk, 'title':d.title, 'body':d.body, 'type':d.type, 'terms':term_str}) return render(request, 'main/discussion/edit.html', mm.messages(), {'form':form, 'discussion':d}) else: return redirect(request.META.get('HTTP_REFERER','/'))
def contact(request): """contact page""" # prepare messages mm = MessageManager(request) if request.POST: form = ContactForm(request.POST) if form.is_valid(): data = request.POST.copy() # make sure we have a human if not form.isValidHuman(data): mm.set_error('Sorry only humans can contact us. Try reloading the page.') return render(request, 'main/contact.html', mm.messages(), {'form':form}) # prepare email email_subject = 'Comperio Form Submission' email_body =\ "Form submission from %s\n\nName: %s\nEmail: %s\n\n%s" % ( SITE_URL, data['name'], data['email'], data['message']) emails = [x[1] for x in ADMINS] send_mail(email_subject, email_body, '*****@*****.**', emails) mm.set_success("Thank you! We received your message.") return redirect('/') else: return render(request, 'main/contact.html', {'form':form}, mm.messages()) else: form = ContactForm() return render(request, 'main/contact.html', {'form':form}, mm.messages())
def delete(request, username): """delete a user account""" # prepare messages mm = MessageManager(request) if request.user.is_active and request.user.username == username: if request.user.is_superuser: mm.set_error("um... you can't delete a super user silly.") return redirect(request.META.get('HTTP_REFERER','/')) # Build the removal key for account salt = sha.new(str(random.random())).hexdigest()[:5] removal_key = sha.new(salt+username).hexdigest() key_expires = datetime.datetime.today() + datetime.timedelta(2) request.user.removal_key = removal_key request.user.key_expires = key_expires request.user.save() # prepare email email_subject = 'Confirm account deletion' email_body =\ "We just received a request to delete your Comperio account.\ \n\nTo delete your account, click this link within 48 hours:\ \n%s/users/delete/confirm/%s" % ( SITE_URL, request.user.removal_key) send_mail(email_subject, email_body, '*****@*****.**', [request.user.email]) mm.set_success("We just sent you an email to verify your account removal.") return redirect(request.META.get('HTTP_REFERER','/'))
def upload(request): """upload a code package to a user profile""" mm = MessageManager(request) if request.POST: form = UploadCodePackageForm(request.POST, request.FILES) if form.is_valid(): e = form.cleaned_data['username'] p = form.cleaned_data['password'] try: user = authenticate(username=e, password=p) except NameError: user = None if user is not None: if user.is_active: if form.save(request, user): mm.set_success("package uploaded") form = UploadCodePackageForm() else: mm.set_error("package could not be uploaded") else: # account is disabled mm.set_error('This account has been disabled, or has not been activated.') else: # invalid login mm.set_error('Invalid credentials.') return render(request, 'api/upload.html', {'form':form}, mm.messages()) else: # return form errors to user return render(request, 'api/upload.html', {'form':form}, mm.messages()) else: form = UploadCodePackageForm() return render(request, 'api/upload.html', {'form':form}, mm.messages())
def edit_task(request, id): """edit and existing task""" mm = MessageManager(request) t = get_object_or_404(Task, pk=id) if request.user.is_authenticated() and request.user.username == t.user.username: if request.POST: # receive sent form form = NewTaskForm(request.POST) if form.is_valid(): mm.set_success("task updated") t.due_date = form.cleaned_data['due_date'] t.description = form.cleaned_data['description'] notify = form.cleaned_data['notify'] if notify is False: t.notify = False else: t.notify = True t.save() return redirect(t.get_absolute_url()) else: mm.set_error("error") # error pass else: # setup new form form = NewTaskForm(initial={'due_date':t.due_date, 'description':t.description, 'notify':t.notify}) return render(request, 'tasks/edit.html', {'form':form, 'task':t}, mm.messages()) else: mm.set_notice("you are not authorized to edit that task.") return redirect(request.META.get('HTTP_REFERER','/'))
def _survey_redirect( request, survey, group_slug=None, group_slug_field=None, group_qs=None, template_name="survey/thankyou.html", extra_context=None, *args, **kw ): """ Conditionally redirect to the appropriate page; if there is a "next" value in the GET URL parameter, go to the URL specified under Next. If there is no "next" URL specified, then go to the survey results page...but only if it is viewable by the user. Otherwise, only direct the user to a page showing their own survey answers...assuming they have answered any questions. If all else fails, go to the Thank You page. """ if ( "next" in request.REQUEST and request.REQUEST["next"].startswith("http:") and request.REQUEST["next"] != request.path ): return HttpResponseRedirect(request.REQUEST["next"]) if survey.answers_viewable_by(request.user): return HttpResponseRedirect(reverse("survey-results", None, (), {"survey_slug": survey.__dict__["slug"]})) # For this survey, have they answered any questions? # if (hasattr(request, 'session') and Answer.objects.filter( # session_key=request.session.session_key.lower(), # question__survey__visible=True, # question__survey__slug=survey.__dict__['slug']).count()): # print "ytest4" # return HttpResponseRedirect( # reverse('answers-detail', None, (), # {'survey_slug': survey.__dict__['slug'], # 'key': request.session.session_key.lower()})) # go to thank you page # return render() mm = MessageManager(request) mm.set_success("Thank You For Participating In The Survey!") return HttpResponseRedirect(request.user.get_absolute_url()) # return render_to_response(template_name, # {'survey': survey, 'title': 'Thank You'}, # context_instance=RequestContext(request)) return render(request, template_name, {"survey": survey, "title": "Thank You"})
def delete_task(request, id): """delete a task""" mm = MessageManager(request) t = get_object_or_404(Task, pk=id) if request.user.is_authenticated() and request.user.username == t.user.username: t.delete() mm.set_success("task removed") return redirect(request.user.get_absolute_url()) else: mm.set_notice("you are not authorized to delete that task.") return redirect(request.META.get('HTTP_REFERER','/'))
def delete_lesson(request, c_id, l_id): """delete an existing lesson""" mm = MessageManager(request) l = get_object_or_404(Lesson, pk=l_id) c = get_object_or_404(Curriculum, pk=c_id) if request.user.is_authenticated() and request.user.username == l.user.username: name = l.title l.delete() mm.set_success('"%s" has been deleted' % name) else: mm.set_notice('you are not authorized to delete this lesson') return redirect(c.get_absolute_url())
def reject_from_group(request, gid, uid): """reject a pending membership request""" mm = MessageManager(request) g = get_object_or_404(cGroup, pk=gid) u = get_object_or_404(cUser, pk=uid) if request.user.is_authenticated() and request.user.is_group_manager(g): if u in g.pending_users.all(): mm.set_success("membership refused for %s" % u.username) g.pending_users.remove(u) g.save() else: mm.set_error("you can't just reject whomever you want!") return redirect(reverse('manage-group', None, (), {'gid':g.pk})) return redirect(g.get_absolute_url())
def create_curriculum(request): """create a new curriculum container""" mm = MessageManager(request) if request.POST: form = CreateCurriculumForm(request.POST) if form.is_valid(): # save it c = form.save(request) mm.set_success("the curriculum was saved") return redirect(c.get_absolute_url()) else: mm.set_error("the form has errors") pass else: form = CreateCurriculumForm() return render(request, 'curricula/create_curriculum.html', {'form':form}, mm.messages())
def login_view(request): """Login to a user account and redirect to profile""" # TODO: put link on profile page to return to original page # prepare messages mm = MessageManager(request) if request.user.is_authenticated(): return redirect(request.user.get_absolute_url()) if request.POST: if request.session.test_cookie_worked(): request.session.delete_test_cookie() # cookies are enabled form = LoginForm(request.POST) if not form == None and form.is_valid(): # log the user in. we extended to backend to allow using email # instead of just username e = form.cleaned_data['username'] p = form.cleaned_data['password'] try: user = authenticate(username=e, password=p) except NameError: user = None if user is not None: if user.is_active: #request.user = user login(request, user) mm.set_success('you are logged in!') return redirect(request.user.get_absolute_url()) else: # account is disabled mm.set_error('This account has been disabled, or has not been activated.') else: # invalid login mm.set_error('Invalid credentials.') else: #mm.set_error('The form is invalid') pass else: # cookies are not enabled mm.set_error('Please enable cookies and try again.') else: form = LoginForm() request.session.set_test_cookie() return render(request, 'accounts/login.html', {'form':form}, mm.messages())
def create_group(request): """create a new user group""" mm = MessageManager(request) if request.user.is_authenticated() and request.user.__class__ is cUser: if request.POST: form = CreateGroupForm(request.POST) if form.is_valid(): data = request.POST.copy() # make sure the group name is unique try: cGroup.objects.get(name=data["title"]) mm.set_error("that group name is already taken") return render(request,'accounts/groups/create.html', mm.messages(), {'form':form}) except cGroup.DoesNotExist: # create group g = cGroup() g.name = data["title"] g.description = data["description"] g.type = data["type"] g.visibility = data["visibility"] g.open_registration = data.has_key("open_registration") g.save() # add user to group request.user.groups.add(g) g.managers.add(request.user) # Build the invitation key salt = sha.new(str(random.random())).hexdigest()[:5] g.invitation_key = sha.new(salt+g.name).hexdigest()[:13] g.key_expires = datetime.datetime.today() + datetime.timedelta(2) g.save() manage_url = reverse('manage-group', None, (), {'gid':g.pk}) invite_url = "%s%s/%s" % (SITE_URL, reverse('join-group', None, (), {'gid':g.pk}), g.invitation_key) mm.set_success("Successfully Created Group \"%s\"!<p> We automatically generated an invitation url that you can share with your friends. For more information check out the <a href=\"%s\">Administration Page</a>.</p><p>Invitation Url: <a href=\"%s\">%s</a></p>" % (g.name, manage_url, invite_url, invite_url)) # TODO: take to new group page return redirect(g.get_absolute_url()) else: return render(request,'accounts/groups/create.html', mm.messages(), {'form':form}) else: # prepare new form for user form = CreateGroupForm(initial={'open_registration':True}) return render(request,'accounts/groups/create.html', mm.messages(), {'form':form}) else: mm.set_error("you are not allowed to create a group") return redirect(request.META.get('HTTP_REFERER','/'))
def delete_code_package(request, id): """delete a code package""" mm = MessageManager(request) try: cp = CodePackage.objects.get(pk=id) except CodePackage.DoesNotExist: raise Http404 if request.user.is_authenticated() and request.user.username == cp.user.username: cp.delete() mm.set_success("Code package %s has been deleted" % cp.title ) if cp.group(): return redirect(cp.group().get_absolute_url() + "#code") else: return redirect(request.user.get_absolute_url() + "#code") else: raise Http404
def delete_discussion(request, id): """delete a discussion""" mm = MessageManager(request) try: d = Discussion.objects.get(pk=id) except Discussion.DoesNotExist: raise Http404 if request.user.is_authenticated() and request.user.username == d.user.username: d.delete() mm.set_success("Discussion %s has been deleted" % d.title ) if d.group(): return redirect(d.group().get_absolute_url() + "#discussions") else: return redirect(request.user.get_absolute_url() + "#discussions") else: raise Http404
def admit_to_group(request, gid, uid): """admit a user into a group""" mm = MessageManager(request) g = get_object_or_404(cGroup, pk=gid) u = get_object_or_404(cUser, pk=uid) if request.user.is_authenticated() and request.user.is_group_manager(g): if u in g.pending_users.all(): mm.set_success("%s has been admitted" % u.username) g.pending_users.remove(u) u.groups.add(g) g.members.add(u) u.save() g.save() else: mm.set_error("you can't just add whomever you want to your group!") return redirect(reverse('manage-group', None, (), {'gid':g.pk})) return redirect(g.get_absolute_url())
def confirm_delete(request, removal_key): """confirm a account removal""" # prepare messages mm = MessageManager(request) user = get_object_or_404(cUser, removal_key=removal_key) if user.key_expires < datetime.datetime.today(): mm.set_notice("This removal code as expired.") return render(request, 'accounts/confirm_delete.html', mm.messages(), {'expired':True}) user.key_expires = datetime.datetime.today() - datetime.timedelta(days=1) user.is_active = False user.save() logout(request) mm.set_success("Your account has been successfully removed. Please visit us again!") return render(request, 'main/index.html', mm.messages())
def create_lesson(request, c_id): """create a new lesson""" c = get_object_or_404(Curriculum, pk=c_id) mm = MessageManager(request) if request.POST: form = CreateLessonForm(request.POST) if form.is_valid(): # save it l = form.save(request, c) mm.set_success("the lesson was saved") return redirect(c.get_absolute_url()) else: mm.set_error("the form has errors") pass else: form = CreateLessonForm() return render(request, 'curricula/create_lesson.html', {'form':form, 'curriculum':c}, mm.messages())
def delete_link(request, id): """delete a link""" mm = MessageManager(request) try: l = Link.objects.get(pk=id) except Link.DoesNotExist: raise Http404 if request.user.is_authenticated() and request.user.username == l.user.username: l.delete() mm.set_success("Link %s has been deleted" % l.title ) if l.group(): return redirect(l.group().get_absolute_url() + "#links") else: return redirect(request.user.get_absolute_url() + "#links") else: raise Http404
def create_bug(request): """create a new bug report""" # prepare messages mm = MessageManager(request) if request.user.is_authenticated(): if request.POST: form = BugForm(request.POST) if form.is_valid(): form.save(request) mm.set_success("Thanks! We'll fix this bug as soon as possible.") return redirect('/') else: return render(request, 'bugs/create.html', mm.messages(), {'form':form}) else: form = BugForm() return render(request, 'bugs/create.html', mm.messages(), {'form':form}) mm.set_notice("You must log in before you can report a bug") return login_view(request)
def kick_from_group(request, gid, uid): """kick a user out of a group""" mm = MessageManager(request) g = get_object_or_404(cGroup, pk=gid) u = get_object_or_404(cUser, pk=uid) if request.user.is_authenticated() and request.user.is_group_manager(g): # can only kick normal users, not managers if u in g.users(): u.groups.remove(g) g.members.remove(u) u.save() g.save() mm.set_success("%s has been kicked" % u.username) else: mm.set_error("you can only kick existing members") return redirect(reverse('manage-group', None, (), {'gid':g.pk})) return redirect(g.get_absolute_url())
def create_code_package(request, gid=None): """page to create a new code package object""" # prepare messages mm = MessageManager(request) if request.user.is_authenticated(): # TODO: allow unauthorized users to create temporary content, but require them to # sign up for an account before it can be saved. (html5 local db) form = None if request.POST: form = CreateCodePackageForm(request.POST, request.FILES) if form.is_valid(): new = form.save(request, gid) mm.set_success("You successfully created a new code package \"%s\"" % new.title) if new.group(): return redirect(new.group().get_absolute_url()) else: return redirect(request.user.get_absolute_url()) else: # form had errors data = request.POST.copy() formerr = form dgroup=None if gid: form.fields['group'].widget.attrs['disabled'] = True # radio / checkbox dgroup = get_object_or_404(cGroup, pk=gid) form.fields['group'].widget.choices = ((gid,dgroup.name),) return render(request, 'main/code_package/create.html', {'form':form, 'group':dgroup}, mm.messages()) else: # prepare new form for user form = CreateCodePackageForm(user=request.user, initial={'group': gid}) dgroup=None if gid: dgroup = get_object_or_404(cGroup, pk=gid) form.fields['group'].widget.attrs['disabled'] = True # radio / checkbox form.fields['group'].widget.initial = dgroup.name return render(request, 'main/code_package/create.html', mm.messages(), {'form':form, 'group':dgroup}) else: return redirect(request.META.get('HTTP_REFERER','/'))
def edit_group(request, gid): """edit a group""" mm = MessageManager(request) g = get_object_or_404(cGroup, pk=gid) if request.user.is_authenticated() and request.user.is_group_manager(g): if request.POST: form = CreateGroupForm(request.POST) if form.is_valid(): data = request.POST.copy() # make sure the group name is unique #try: # cGroup.objects.get(name=data["title"]) # mm.set_error("that group name is already taken") # return render(request,'accounts/groups/create.html', mm.messages(), {'form':form}) #except cGroup.DoesNotExist: # create group #g = cGroup() g.name = data["title"] g.description = data["description"] g.type = data["type"] g.visibility = data["visibility"] g.open_registration = data.has_key("open_registration") g.save() # add user to group #request.user.groups.add(g) #g.managers.add(request.user) #g.save() mm.set_success("edits were successfull") # TODO: take to new group page return redirect(g.get_absolute_url()) else: return render(request,'accounts/groups/edit.html', mm.messages(), {'form':form, 'group':g}) else: # prepare new form for user form = CreateGroupForm(initial={'title': g.name, 'description':g.description, 'type':g.type, 'open_registration':g.open_registration}) return render(request,'accounts/groups/edit.html', mm.messages(), {'form':form, 'group':g}) else: mm.set_error("you are not allowed to edit this group") return redirect(g.get_absolute-url())
def edit_curriculum(request, id): """edit a curriculum""" mm = MessageManager(request) c = get_object_or_404(Curriculum, pk=id) if request.user.is_authenticated() and request.user.username == c.user.username: if request.POST: form = CreateCurriculumForm(request.POST) if form.is_valid(): # update it c = form.update(request, c) mm.set_success('"%s" has been updated' % c.title) return redirect(c.get_absolute_url()) else: mm.set_error("the form has errors") pass else: form = CreateCurriculumForm(initial={'title':c.title, 'description':c.description}) return render(request, 'curricula/edit_curriculum.html', {'form':form, 'curriculum':c}, mm.messages()) else: mm.set_notice('You are not authorized to edit that curriculum') return redirect(request.META.get('HTTP_REFERER','/'))
def confirm(request, activation_key): """confirm a user registration""" # prepare messages mm = MessageManager(request) if request.user.is_active and request.user.activation_key == activation_key: raise Http404() user = get_object_or_404(cUser, activation_key=activation_key) if user.key_expires < datetime.datetime.today(): mm.set_notice("This activation code as expired. Try creating a new account") # TODO: completely remove accounts that have expired return render(request, 'accounts/confirm.html', mm.messages(), {'expired':True}) user.key_expires = datetime.datetime.today() - datetime.timedelta(days=1) mm.set_success("Congratulations! You just activated your account!") request.session.set_test_cookie() if request.session.test_cookie_worked(): request.session.delete_test_cookie() # cookies are enabled # we need to call authenticate to set some varibles before calling login() auth_user = None try: auth_user = authenticate(username=user.username, password=user.activation_key) # activate the user after authentication so we can't # login with the activation key anymore #auth_user.is_active = True #auth_user.save() except NameError: pass if auth_user is not None: if auth_user.is_active: login(request, auth_user) # TODO: we don't cover all our bases here. we need to be more thorough with error checking if auth_user: return redirect(auth_user.get_absolute_url()) else: return redirect('/')
def edit_lesson(request, c_id, l_id): """edit a lesson""" mm = MessageManager(request) c = get_object_or_404(Curriculum, pk=c_id) # we don't need both curriculum and lesson id because we are moving towards just using the custom lesson model l = get_object_or_404(Lesson, pk=l_id) if request.user.is_authenticated() and request.user.username == l.user.username: if request.POST: form = CreateLessonForm(request.POST) if form.is_valid(): # update it l = form.update(request, l) mm.set_success('"%s" has been updated' % l.title) return redirect(l.get_absolute_url()) else: mm.set_error("the form has errors") pass else: form = CreateLessonForm(initial={'title':l.title, 'description':l.description, 'body':l.body}) return render(request, 'curricula/edit_lesson.html', {'form':form, 'lesson':l, 'curriculum':c}, mm.messages()) else: mm.set_notice('You are not authorized to edit that curriculum') return redirect(request.META.get('HTTP_REFERER','/'))
def join_group(request, gid, invitation_key = None): """request to join a group""" mm = MessageManager(request) g = get_object_or_404(cGroup, pk=gid) if not g.open_registration and invitation_key is None: return redirect(g.get_absolute_url()) if request.user.is_authenticated() and request.user.__class__ == cUser: if request.user.is_group_member(g): mm.set_notice("you are already a member of this group.") return redirect(g.get_absolute_url()) if request.user.is_group_manager(g): mm.set_notice("you are a manager of this group and cannot become a member.") return redirect(g.get_absolute_url()) if invitation_key != None: if invitation_key == g.invitation_key: if g.key_expires < datetime.datetime.today(): mm.set_notice("This invitation code as expired.") else: mm.set_success("you are now a member of this group!") request.user.groups.add(g) request.user.save() if request.user in g.pending_users.all(): g.pending_users.remove(request.user) g.members.add(request.user) g.save() else: mm.set_notice("that invitation key is invalid or has expired") else: g.pending_users.add(request.user) g.save() mm.set_success("your membership request has been sent to the group administrators") else: mm.set_notice("you must login or create an acount before you can join a group.") return HttpResponseRedirect(reverse('login-page')) return redirect(g.get_absolute_url())