def new(request): if not request.user.payment.status['is_paid']: return render(request, 'central/fjelltreffen/payment_required.html') other_active_annonse_exists = Annonse.get_active().filter(user=request.user, hidden=False).exists() context = { 'counties': County.typical_objects(), 'annonse_retention_days': settings.FJELLTREFFEN_ANNONSE_RETENTION_DAYS, 'obscured_age': Annonse.obscure_age(request.user.get_age()), 'other_active_annonse_exists': other_active_annonse_exists } return render(request, 'central/fjelltreffen/edit.html', context)
def show_mine(request, id): if not request.user.payment.status['is_paid']: messages.error(request, 'membership_not_paid') return redirect('fjelltreffen:mine') try: # Hide all other annonser that belongs to this user first hidden = Annonse.get_active().filter(user=request.user).update(hidden=True) if hidden > 0: messages.info(request, 'max_one_active_annonse') annonse = Annonse.objects.get(id=id, user=request.user) annonse.hidden = False annonse.save() return redirect('fjelltreffen:mine') except Annonse.DoesNotExist: # Unexpected case; maybe some asynchronous browsing. Ignore and return to the annonse-list return redirect('fjelltreffen:mine')
def edit(request, id): try: annonse = Annonse.objects.get(id=id) # checks if the user is the owner if annonse.user != request.user: raise PermissionDenied except Annonse.DoesNotExist: return render(request, 'central/fjelltreffen/edit_not_found.html') other_active_annonse_exists = Annonse.get_active().exclude(id=annonse.id).filter(user=request.user).exists() context = { 'annonse': annonse, 'counties': County.typical_objects(), 'annonse_retention_days': settings.FJELLTREFFEN_ANNONSE_RETENTION_DAYS, 'obscured_age': Annonse.obscure_age(request.user.get_age()), 'other_active_annonse_exists': other_active_annonse_exists } return render(request, 'central/fjelltreffen/edit.html', context)
def save(request): if request.method != 'POST': return redirect('fjelltreffen:mine') # If user hasn't paid, allow editing, but not creating new annonser if not request.user.payment.status['is_paid'] and request.POST['id'] == '': raise PermissionDenied # Pre-save validations errors = False if request.POST.get('id', '') == '': # New annonse (not editing an existing one), create it annonse = Annonse() annonse.user = request.user else: annonse = Annonse.objects.get(id=request.POST['id']) if annonse.user != request.user: # someone is trying to edit an annonse that dosent belong to them raise PermissionDenied if request.POST.get('title', '') == '': messages.error(request, 'missing_title') errors = True if not validator.email(request.POST['email']): messages.error(request, 'invalid_email') errors = True if request.POST.get('text', '') == '': messages.error(request, 'missing_text') errors = True if 'image' in request.FILES: try: # Uploading image file = request.FILES['image'] data = file.read() extension = standardize_extension(file.name.split(".")[-1]) # Create the thumbnail thumb = PIL.Image.open(BytesIO(data)).copy() fp = BytesIO() thumb.thumbnail( [settings.FJELLTREFFEN_IMAGE_THUMB_SIZE, settings.FJELLTREFFEN_IMAGE_THUMB_SIZE], PIL.Image.ANTIALIAS, ) thumb.save(fp, extension) thumb_data = fp.getvalue() # Calculate sha1-hashes sha1 = hashlib.sha1() sha1.update(data) hash = sha1.hexdigest() sha1 = hashlib.sha1() sha1.update(thumb_data) thumb_hash = sha1.hexdigest() except Exception: logger.warning( "Kunne ikke laste opp Fjelltreffen-bilde", exc_info=sys.exc_info(), extra={'request': request} ) messages.error(request, 'image_upload_error') errors = True if errors: if request.POST.get('id', '') == '': return redirect('fjelltreffen:new') else: return redirect('fjelltreffen:edit', request.POST['id']) hidden = request.POST.get('hidden', 'hide') == 'hide' # Don't allow showing an already hidden annonse when you haven't paid if request.POST['id'] != '': if annonse.hidden and not request.user.payment.status['is_paid']: hidden = True # Don't create new annonser if you already have an active annonse if request.POST.get('id', '') == '': annonser_to_check = Annonse.get_active() else: annonser_to_check = Annonse.get_active().exclude(id=request.POST['id']) if annonser_to_check.filter(user=request.user).exists(): hidden = True if request.POST.get('county', '') == 'international': annonse.county = None else: annonse.county = County.typical_objects().get(id=request.POST.get('county', '')) # TODO: Validate and return form to user with error message annonse.title = request.POST.get('title', '')[:255] annonse.email = request.POST.get('email', '')[:255] if 'image' in request.FILES: # Delete any existing image annonse.delete_image() # Setup AWS connection conn = boto.connect_s3(settings.AWS_ACCESS_KEY_ID, settings.AWS_SECRET_ACCESS_KEY) bucket = conn.get_bucket(settings.AWS_S3_BUCKET) # Upload the original image to AWS key = bucket.new_key("%s/%s.%s" % (settings.AWS_S3_FOLDERS['fjelltreffen'], hash, extension)) key.content_type = file.content_type key.set_contents_from_string(data, policy='public-read') # Upload the thumbnail to AWS key = bucket.new_key("%s/%s.%s" % (settings.AWS_S3_FOLDERS['fjelltreffen'], thumb_hash, extension)) key.content_type = file.content_type key.set_contents_from_string(thumb_data, policy='public-read') # Update the DB fields with new images annonse.image = "%s.%s" % (hash, extension) annonse.image_thumb = "%s.%s" % (thumb_hash, extension) annonse.text = request.POST.get('text', '') annonse.hidden = hidden annonse.hideage = request.POST.get('hideage', '') == 'hide' annonse.save() return redirect('fjelltreffen:mine')