def home(request):
global SHARE_TYPE_CHOICES
global MEMBER_TYPE_CHOICES
member_types = MEMBER_TYPE_CHOICES
share_types = SHARE_TYPE_CHOICES
member_status = [
{'name': 'active', 'display': _('Aktive')},
{'name': 'inactive', 'display': _('Inaktive')},
{'name': 'all', 'display': _('Beides')},
]
try:
member = Member.objects.get(user=request.user)
except Member.DoesNotExist:
error_admin_logged_in = True
return render_to_response('home.html',
locals(),
context_instance=RequestContext(request),
)
projects = Project.objects.filter(member=member)
is_god = check_god(request)
breadcrums = get_breadcrums(request)
return render_to_response('home.html',
locals(),
context_instance=RequestContext(request),
)
def info(request):
is_god = check_god(request)
breadcrums = get_breadcrums(request)
return render_to_response('info.html',
locals(),
context_instance=RequestContext(request),
)
def delete(request, what, which):
user_is_sure = False
is_god = check_god(request)
breadcrums = get_breadcrums(request)
if request.method == 'POST':
if is_god:
user_is_sure = True
else:
raise PermissionDenied
if what == 'project':
instance = get_object_or_404(Project, pk=which)
overview_what = "projects"
elif what == "user":
# will delete user and member object automatically together
instance = get_object_or_404(User, pk=which)
overview_what = "members"
elif what == "share":
overview_what = "shares"
instance = get_object_or_404(Share, pk=which)
if user_is_sure:
instance.delete()
return HttpResponseRedirect(reverse('overview', args=[overview_what]))
else:
return render_to_response('delete.html',
locals(),
context_instance=RequestContext(request),
)
def shareadd(request):
is_god = check_god(request)
breadcrums = get_breadcrums(request)
if request.method == 'POST':
if not is_god:
raise PermissionDenied
form = ShareAddForm(request.POST)
if not form.is_valid():
return render_to_response('shareaddform.html',
locals(),
context_instance=RequestContext(request),
)
new_share = form.save()
request_apache_reload()
return HttpResponseRedirect(reverse('sharemod', args=[str(new_share.id)]))
form = ShareAddForm()
return render_to_response('shareaddform.html',
locals(),
context_instance=RequestContext(request),
)
def projectadd(request):
"""
Only Gods can add projects
"""
is_god = check_god(request)
breadcrums = get_breadcrums(request)
if request.method == 'POST':
if not is_god:
raise PermissionDenied
form = ProjectAddForm(request.POST)
if not form.is_valid():
return render_to_response('projectaddform.html',
locals(),
context_instance=RequestContext(request),
)
new_project = form.save()
request_apache_reload()
return HttpResponseRedirect(reverse('projectmod', args=[str(new_project.id)]))
# Handle GET requests
form = ProjectAddForm()
return render_to_response('projectaddform.html',
locals(),
context_instance=RequestContext(request),
)
def usermod(request, user_id):
"""
Only the member himself or Gods can modify members
"""
# determine user to view resp. change
# the user who is editing is available with request.user
user = get_object_or_404(User, id=user_id)
member = get_object_or_404(Member, user=user)
form = MemberModForm(instance=user)
breadcrums = get_breadcrums(request)
groups = Group.objects.all()
is_god = check_god(request)
def input_error(form, error):
is_god = check_god(request)
breadcrums = get_breadcrums(request)
return render_to_response('usermodform.html',
locals(),
context_instance=RequestContext(request),
)
if request.method == "POST":
if is_god:
pass
else:
if not user == request.user:
error = _("You are not allowed to change profiles others than yours.")
return input_error(form, error)
# Set user data
user.first_name = request.POST.get('first_name')
user.last_name = request.POST.get('last_name')
user.email = request.POST.get('email')
new_password = request.POST.get('password')
new_username = request.POST.get('username')
if not new_username == user.username:
if not is_god:
error = _("Changing the username is not allowed for you.")
return input_error(form, error)
# Don't check uniquenes of username if it did not change
if new_username == user.username:
try:
user.full_clean(exclude=["username",])
except ValidationError, e:
return input_error(form, e)
else:
user.username = new_username
try:
user.full_clean()
except ValidationError, e:
return input_error(form, e)
def input_error(form, error):
is_god = check_god(request)
breadcrums = get_breadcrums(request)
return render_to_response('usermodform.html',
locals(),
context_instance=RequestContext(request),
)
def projectmod(request, project_id):
"""
Only project members can view and Gods may modify projects
"""
project = get_object_or_404(Project,pk = project_id)
is_god = check_god(request)
member = Member.objects.get(user=request.user)
breadcrums = get_breadcrums(request)
if not (member in project.member_set.all() or is_god):
raise PermissionDenied
if request.method == "POST":
if not is_god:
raise PermissionDenied
form = ProjectModForm(request.POST, instance=project, member=member) # remember database instance and inputs
if not form.is_valid():
return render_to_response("projectmodform.html",
locals(),
context_instance=RequestContext(request),
)
new_members = [ int(m) for m in request.POST.getlist('members') ]
members_project = Member.objects.in_bulk(new_members)
for m in Member.objects.all():
if m.pk in members_project.keys():
m.projects.add(project)
else:
m.projects.remove(project)
form.save() # Will also take care about m2m-relations
# Renew form to ensure the new data can evaluated during ProjectModForm constructor
# especially the 'allow_alumni' flag
form = ProjectModForm(instance=project, member=member)
request_apache_reload()
success = True
return render_to_response('projectmodform.html',
locals(),
context_instance=RequestContext(request),
)
# Handle GET requeset here
form = ProjectModForm(instance=project, member=member)
return render_to_response('projectmodform.html',
locals(),
context_instance=RequestContext(request),
)
def projects(request):
"""
Current projects of the logged in user. Available for every user.
"""
member = Member.objects.get(user=request.user)
is_god = check_god(request)
projects = member.projects.all()
breadcrums = get_breadcrums(request)
return render_to_response('member_projects.html',
locals(),
context_instance=RequestContext(request),
)
def sharemod(request, share_id):
share = Share.objects.get(pk = share_id)
is_god = check_god(request)
member = Member.objects.get(user=request.user)
breadcrums = get_breadcrums(request)
# determine if current user may view this share.
# get all projects from member, after that all the related shares, after that the share's pks, afterthat set the query for these pks on Share
shares = []
for p in member.projects.all():
for s in p.shares.all():
shares.append(s.pk)
if not (int(share_id) in shares or is_god):
raise PermissionDenied
if request.method == "POST":
if not is_god:
raise PermissionDenied
form = ShareModForm(request.POST, instance=share) # remember database instance and inputs
if not form.is_valid():
return render_to_response('sharemodform.html',
locals(),
context_instance=RequestContext(request),
)
form.save()
request_apache_reload()
success = True
return render_to_response('sharemodform.html',
locals(),
context_instance=RequestContext(request),
)
# Handle GET request
form = ShareModForm(instance=share)
return render_to_response('sharemodform.html',
locals(),
context_instance=RequestContext(request),
)
def get_config(request, which):
is_god = check_god(request)
if not is_god:
raise PermissionDenied
if which == "groups.dav":
groups = get_groups_to_render()
return render_to_response('configs/groups.dav', locals(), mimetype="text/plain" )
pass
elif not which in share_types:
return HttpResponse(which + " is a invalid share type. Supported are: " + ", ".join(share_types))
shares = get_shares_to_render(which)
return render_to_response('configs/' + which + '.config',
{'shares': shares},
mimetype="text/plain",
)
def overview(request, what):
"""
This is for members of group Gods. refer to 'views.projects' for project
listing of currently logged in member
"""
is_god = check_god(request)
if not is_god:
raise PermissionDenied
breadcrums = get_breadcrums(request)
if what == "projects":
projects = Project.objects.all()
return render_to_response('overview_projects.html',
locals(),
context_instance=RequestContext(request),
)
elif what == "shares":
shares = Share.objects.all()
return render_to_response('overview_shares.html',
locals(),
context_instance=RequestContext(request),
)
elif what == "members":
members = Member.objects.all()
return render_to_response('overview_members.html',
locals(),
context_instance=RequestContext(request),
)
elif what == "groups":
groups = Group.objects.all()
return render_to_response('overview_groups.html',
locals(),
context_instance=RequestContext(request),
)
else:
return HttpResponse("The requested overview " + what + " is not available / implemented")
def useradd(request):
"""
Only Gods may add users
"""
breadcrums = get_breadcrums(request)
groups = Group.objects.all()
is_god = check_god(request)
form = UserAddForm()
if request.method == 'POST':
form = UserAddForm(request.POST)
if not form.is_valid():
return render_to_response('useraddform.html',
locals(),
context_instance=RequestContext(request),
)
new_user = form.save(commit=False)
# a new password will be genereated and emailed to the members email address
import string
from random import sample, choice
chars = string.letters + string.digits
length = 8
password = ''.join(choice(chars) for _ in range(length))
## We have a cleartext password. generate the correct one
## password = request.POST.get('password')
new_user.set_password(password)
new_user.save()
# Also create a apache htdigest compatible password
username = request.POST.get('username')
try:
apache_htdigest = create_apache_htdigest(username, password)
except Exception, e:
if not new_user.id == None:
new_user.delete()
error = e
return render_to_response('useraddform.html',
locals(),
context_instance=RequestContext(request),
)
new_member = Member(
htdigest = apache_htdigest,
expires = request.POST.get('expires'),
begins = request.POST.get('begins'),
member_type = request.POST.get('member_type'),
user = new_user,
)
try:
new_member.clean_fields()
except ValidationError, e:
if not new_user.id == None:
new_user.delete()
error = e
return render_to_response('useraddform.html',
locals(),
context_instance=RequestContext(request),
)
def emails(request, what, param, which):
# param what can be: project, a member_type_*, share_*, all
# param which is the pk of what or 0
# param param can be: active, expired, all
if not param in ["active", "inactive", "all"]:
return HttpResponse("The parameter '" + param + "' is not valid. Valid parameters are: 'all', 'expired', 'active'. E.g: \nemails/project/expired/1",
mimetype = "text/plain")
members = Member.objects.all()
member = Member.objects.get(user=request.user)
is_god = check_god(request)
breadcrums = get_breadcrums(request)
if what == "project":
try:
project = Project.objects.get(pk = which)
except Project.DoesNotExist:
return HttpResponse("Id " + which + " is not a valid project ID", "text/plain")
if not (project in member.projects.all() or is_god):
return HttpResponse(_("Your are neither in groups Gods nor member in this project"), "text/plain")
if not (project.pub_mem or is_god):
return HttpResponse(_("Project does not allow to see each other and your not in group Gods"), "text/plain")
if param == "active":
users = [m.user for m in members.filter(projects = project, user__is_active = True)]
elif param == "inactive" and is_god:
users = [m.user for m in members.filter(projects = project, user__is_active = False)]
elif param == "all" and is_god:
users = [m.user for m in members.filter(projects = project)]
else:
return HttpResponse(_("The parameter " + param + " is either invalid or you are not allowed to see the result"), "text/plain")
elif what == "share":
try:
share = Share.objects.get(pk = which)
except Share.DoesNotExist:
return HttpResponse("Id " + which + " is not a valid project ID", "text/plain")
# get all projects from user, after that
# all shares of the project. but only if
# pub_mem is true. then check if this share
# is in the list of the users shares.
member_pub_projects = [ p.pk for p in member.projects.all().filter(pub_mem=True) ]
shares = Share.objects.in_bulk(member_pub_projects)
if not (share in shares or is_god):
return HttpResponse(_("Your are neither in groups Gods nor affiliated via a project with pub_mem = True with this share"), "text/plain")
# get all related projects to share, after that
# all related members to project. For Gods the option
# pub_mem is ignored
if is_god:
project_ids = [ p.pk for p in share.project_set.all() ]
queries = [ Q(projects__pk=p) for p in project_ids ]
query = queries.pop()
for i in queries:
query |= i
if param == "active":
users = [m.user for m in Member.objects.filter(query).filter(user__is_active=True)]
elif param == "inactive":
users = [m.user for m in Member.objects.filter(query).filter(user__is_active=False)]
elif param == "all":
users = [m.user for m in Member.objects.filter(query)]
else:
return HttpResponse(_("The parameter " + param + " is invalid"), "text/plain")
else:
project_ids = [ p.pk for p in share.project_set.filter(pub_member=True) ]
queries = [ Q(projects__pk=p) for p in project_ids ]
query = queries.pop()
for i in queries:
query |= i
if param == "active":
users = [m.user for m in Member.objects.filter(query).filter(user__is_active=True)]
else:
return HttpResponse(_("You are not allowed to see the result"), "text/plain")
elif what == "all":
if not is_god:
return HttpResponse(_("You are not allowed to see the result"), "text/plain")
if param == "active":
users = [m.user for m in members.filter( user__is_active = True)]
elif param == "inactive":
users = [m.user for m in members.filter( user__is_active = False)]
elif param == "all":
users = [m.user for m in members]
elif "member_type_" in what:
if not is_god:
return HttpResponse(_("You are not allowed to see the result"), "text/plain")
member_type = what[12:]
global MEMBER_TYPE_CHOICES
member_types = [ m[0] for m in MEMBER_TYPE_CHOICES ]
if not member_type in member_types:
return HttpResponse("Member type " + what + " is not a valid member type",
"text/plain")
if param == "active":
users = [m.user for m in members.filter(member_type = member_type, user__is_active = True)]
elif param == "inactive":
users = [m.user for m in members.filter(member_type = member_type, user__is_active = False)]
elif param == "all":
users = [m.user for m in members.filter(member_type = member_type)]
elif "share_type_" in what:
if not is_god:
return HttpResponse(_("You are not allowed to see the result"), "text/plain")
share_type = what[11:]
if not share_type in share_types:
return HttpResponse("I don't know share type " + share_type)
if param == "active":
ms = members.filter(user__is_active = True)
elif param == "inactive":
ms = members.filter(user__is_active = False)
elif param == "all":
ms = members
unique_users = {}
for m in ms:
for project in m.projects.all():
for s in project.shares.filter(share_type = share_type):
unique_users[m.user.username] = m.user
users = [ unique_users[key] for key in unique_users.keys() ]
else:
return HttpResponse("Retrieving emails from '" + what + "' not yet implemented/not supported." , mimetype="text/plain")
email_list = [ u.email for u in users ]
emails = ", \n".join(email_list)
return HttpResponse("Emails for members of '" + what + "' with parameter '" + param + "':\n" + emails, mimetype = "text/plain")