def group_view(request, group, **kwargs):
"""View a list of users in a group. Does not show users that are not
visible to the user making the request.
@param request An HttpRequest
@oaram group The group to view
@return HttpResponse"""
tn='vns/group_view.html'
if not request.user.is_authenticated():
return HttpResponseRedirect('/login/')
# Find the user profiles in this group which the user is allowed to see
try:
users = permissions.get_allowed_users(request.user)
users = users.filter(user__vns_groups=group, retired=False)
except User.DoesNotExist:
messages.info(request, "There are no users in group %s which you "
"can view." % gn)
return HttpResponseRedirect("/%s/groups/" % request.user.org.name)
# Find the user profiles which this user is allowed to delete
l = lambda up: permissions.allowed_user_access_delete(request.user, up.user)
deletable_users = filter(l, list(users))
# Switch to a template to print them out
return direct_to_template(request, tn, {'users':users,
'group':group,
'deletable_users':deletable_users})
def org_users(request, org, on):
tn = 'vns/org_users.html'
# Get a list of visible users from this organization
users = list(permissions.get_allowed_users(request.user).filter(org=org, retired=False))
users.sort(db.UserProfile.cmp_pos_order)
# Get a list of users which this user can delete
l = lambda up: permissions.allowed_user_access_delete(request.user, up.user)
deletable_users = filter(l, list(users))
return direct_to_template(request, tn, {'org':org,
'users':users,
'deletable_users':deletable_users})