def edit_keys(request, key_id=None, user_id=None):
if not request.is_ajax():
raise PermissionDenied
if key_id:
api_key = get_object_or_404(MemberAPIKey, keyid=key_id)
else:
api_key = None
user = None
if user_id:
user = get_object_or_404(User, pk=user_id)
if request.method == 'POST':
key_id = int(request.POST.get('key_id', None).replace(' ', ''))
user = get_object_or_404(User, pk=request.POST.get('user_id', None))
if user != request.user and not request.user.has_perm('API.add_keys'):
raise PermissionDenied
vcode = request.POST.get('vcode', None).replace(' ', '')
if api_key:
api_key.keyid = key_id
api_key.vcode = vcode
api_key.user = user
api_key.validate()
else:
api_key = MemberAPIKey(user=user, keyid=key_id, vcode=vcode)
api_key.validate()
return TemplateResponse(request, "api_key_form.html", {
'key': api_key,
'member': user
})
