def post(self, request, *args, **kwargs):
user = self.request.user
form = UpdateForm(self.request.POST)
if not form.is_valid():
return render_to_response('403.html', {},
context_instance=RequestContext(request))
requests_to_modify = form.cleaned_data['requests_to_modify']
for obj in requests_to_modify:
can_edit = user.has_perm(Request.get_permission_name('edit'), obj)
if not can_edit:
# Chicanery?
return render_to_response(
'403.html', {}, context_instance=RequestContext(request))
if form.cleaned_data['newduedate']:
obj.due_date = form.cleaned_data['newduedate']
if form.cleaned_data['newsubject']:
obj.title = form.cleaned_data['newsubject']
if form.cleaned_data['newupdateddate']:
obj.date_updated = form.cleaned_data['newupdateddate']
if form.cleaned_data['newfulfilleddate']:
obj.date_fulfilled = form.cleaned_data['newfulfilleddate']
if form.cleaned_data['newstatus']:
#allow requests to be set even if they aren't sent because not all requests can be emailed
obj.set_status(form.cleaned_data['newstatus'])
if obj.status != 'F' and obj.status != 'P':
obj.date_fulfilled = None
elif obj.status == 'F' or obj.status == 'P' and form.cleaned_data[
'newfulfilleddate']:
obj.date_fulfilled = form.cleaned_data['newfulfilleddate']
elif obj.status == 'F' or obj.status == 'P' and not form.cleaned_data[
'newfulfilleddate']:
obj.date_fulfilled = datetime.now(tz=pytz.utc)
else:
obj.date_fulfilled = None
if form.cleaned_data['addgroups']:
editperm = Request.get_permissions_path('edit')
viewperm = Request.get_permissions_path('view')
for group in form.cleaned_data['addgroups']:
assign_perm(editperm, group, obj)
assign_perm(viewperm, group, obj)
if form.cleaned_data['removegroups']:
for group in form.cleaned_data['removegroups']:
# Can't remove the author of the request
if group.name != obj.author.username:
remove_perm('edit_this_request', group, obj)
action = form.cleaned_data['action']
if action == "Make Public":
obj.private = False
if action == "Make Private":
obj.private = True
obj.save()
return self.get(request, *args, **kwargs)
def post(self, request, *args, **kwargs):
user = self.request.user
form = UpdateForm(self.request.POST)
if not form.is_valid():
return render_to_response('403.html', {}, context_instance=RequestContext(request))
requests_to_modify = form.cleaned_data['requests_to_modify']
for obj in requests_to_modify:
can_edit = user.has_perm(Request.get_permission_name('edit'), obj)
if not can_edit:
# Chicanery?
return render_to_response('403.html', {}, context_instance=RequestContext(request))
if form.cleaned_data['newduedate']:
obj.due_date = form.cleaned_data['newduedate']
if form.cleaned_data['newsubject']:
obj.title = form.cleaned_data['newsubject']
if form.cleaned_data['newupdateddate']:
obj.date_updated = form.cleaned_data['newupdateddate']
if form.cleaned_data['newfulfilleddate']:
obj.date_fulfilled = form.cleaned_data['newfulfilleddate']
if form.cleaned_data['newstatus']:
#allow requests to be set even if they aren't sent because not all requests can be emailed
obj.set_status(form.cleaned_data['newstatus'])
if obj.status != 'F' and obj.status != 'P':
obj.date_fulfilled = None
elif obj.status == 'F' or obj.status == 'P' and form.cleaned_data['newfulfilleddate']:
obj.date_fulfilled = form.cleaned_data['newfulfilleddate']
elif obj.status == 'F' or obj.status == 'P' and not form.cleaned_data['newfulfilleddate']:
obj.date_fulfilled = datetime.now(tz=pytz.utc)
else:
obj.date_fulfilled = None
if form.cleaned_data['addgroups']:
editperm = Request.get_permissions_path('edit')
viewperm = Request.get_permissions_path('view')
for group in form.cleaned_data['addgroups']:
assign_perm(editperm, group, obj)
assign_perm(viewperm, group, obj)
if form.cleaned_data['removegroups']:
for group in form.cleaned_data['removegroups']:
# Can't remove the author of the request
if group.name != obj.author.username:
remove_perm('edit_this_request', group, obj)
action = form.cleaned_data['action']
if action == "Make Public":
obj.private = False
if action == "Make Private":
obj.private = True
obj.save()
return self.get(request, *args, **kwargs)
def apply_filters(self, request, applicable_filters):
filters = applicable_filters
if 'groups__name' in filters:
groups_name = filters.pop('groups__name')
else:
groups_name = None
if 'groups__id' in filters:
groups_id = filters.pop('groups__id')
else:
groups_id = None
filtered = super(RequestResource, self).apply_filters(request, applicable_filters)
group = None
if groups_id:
try:
group = Group.objects.get(id = groups_id)
except:
pass
if groups_name:
try:
group = Group.objects.get(name = groups_name)
except:
pass
if group and request.user.has_perm(UserProfile.get_permission_name('view'), group):
return get_objects_for_group(group, Request.get_permissions_path('view')).filter(~Q(status='X'))
return filtered
def apply_filters(self, request, applicable_filters):
filters = applicable_filters
if 'groups__name' in filters:
groups_name = filters.pop('groups__name')
else:
groups_name = None
if 'groups__id' in filters:
groups_id = filters.pop('groups__id')
else:
groups_id = None
filtered = super(RequestResource,
self).apply_filters(request, applicable_filters)
group = None
if groups_id:
try:
group = Group.objects.get(id=groups_id)
except:
pass
if groups_name:
try:
group = Group.objects.get(name=groups_name)
except:
pass
if group and request.user.has_perm(
UserProfile.get_permission_name('view'), group):
return get_objects_for_group(
group,
Request.get_permissions_path('view')).filter(~Q(status='X'))
return filtered
def get_queryset(self, **kwargs):
try:
pk = self.kwargs['pk']
user = self.request.user
group = user.groups.get(pk=pk)
return get_objects_for_group(group, Request.get_permissions_path('view')).filter(~Q(status='X'))
except Exception as e:
return Request.objects.none()
def get_queryset(self, **kwargs):
try:
pk = self.kwargs['pk']
user = self.request.user
group = user.groups.get(pk=pk)
return get_objects_for_group(
group,
Request.get_permissions_path('view')).filter(~Q(status='X'))
except Exception as e:
return Request.objects.none()
def get_queryset(self):
from guardian.shortcuts import get_objects_for_user
queryset = get_objects_for_user(self.request.user, Request.get_permissions_path('view'))
#queryset = Request.objects.for_user(self.request.user).filter(private=True).exclude(author=self.request.user).order_by('-date_added')
return super(GroupRequestListView, self).filter_queryset(queryset)
def get_queryset(self):
from guardian.shortcuts import get_objects_for_user
queryset = get_objects_for_user(self.request.user,
Request.get_permissions_path('view'))
#queryset = Request.objects.for_user(self.request.user).filter(private=True).exclude(author=self.request.user).order_by('-date_added')
return super(GroupRequestListView, self).filter_queryset(queryset)
