def create(request, forening_id): current_forening = Forening.objects.get(id=forening_id) if current_forening not in request.user.all_foreninger(): raise PermissionDenied # The parent choices are tricky to define in the forms API, so do it here. # Note that we're intentionally letting users choose parents among only # those they have permission to. all_sorted = request.user.all_foreninger_sorted() parents_choices = { 'forening': all_sorted['forening'], 'turlag': all_sorted['turlag'], } # If the parent of the current forening isn't in the user's permissions, we # still need to include that one as an available parent so that they're # able to make changes. if current_forening.type != 'sentral': for current_parent in current_forening.get_main_foreninger(): if (current_parent not in parents_choices['forening'] and current_parent not in parents_choices['turlag']): parents_choices[current_parent.type].append(current_parent) form = CreateForeningForm(request.user, initial={ 'zipcode': '', }) context = { 'current_forening': current_forening, 'parents_choices': parents_choices, 'admin_user_search_char_length': settings.ADMIN_USER_SEARCH_CHAR_LENGTH, 'form': form, } # Give URLPicker the homepage site for the current forening. If they don't # have one, just use the central site relevant_site = current_forening.get_homepage_site() or Site.get_central() context.update(url_picker_context(relevant_site)) if request.method == 'GET': return render(request, 'central/admin/foreninger/create.html', context) elif request.method == 'POST': form = CreateForeningForm(request.user, request.POST) if form.is_valid(): forening = Forening() forening.name = form.cleaned_data['name'] forening.type = form.cleaned_data['type'] if forening.type == 'turgruppe': forening.group_type = form.cleaned_data['group_type'] else: forening.group_type = '' forening.save() # Set M2M-fields after the initial db-save forening.parents = form.cleaned_data['parents'] # Ensure the Turbasen object is re-saved with applicable # M2M-relations forening.save_turbasen_object() # Add the current user as admin on the new forening request.user.add_perm( 'sherpa/association/user', association_id=forening.id, created_by=request.user ) request.user.add_perm( 'sherpa/association/admin', association_id=forening.id, created_by=request.user ) cache.clear() return redirect('admin:foreninger.edit', forening.id) else: context.update({'form': form}) return render( request, 'central/admin/foreninger/create.html', context) else: return redirect('admin:foreninger.create', current_forening.id)
def create(request, forening_id): current_forening = Forening.objects.get(id=forening_id) if current_forening not in request.user.all_foreninger(): raise PermissionDenied # The parent choices are tricky to define in the forms API, so do it here. # Note that we're intentionally letting users choose parents among only those they have permission to. all_sorted = request.user.all_foreninger_sorted() parents_choices = { 'forening': all_sorted['forening'], 'turlag': all_sorted['turlag'], } # If the parent of the current forening isn't in the user's permissions, we still need to include that one as an # available parent so that they're able to make changes. if current_forening.type != 'sentral': for current_parent in current_forening.get_main_foreninger(): if current_parent not in parents_choices['forening'] and current_parent not in parents_choices['turlag']: parents_choices[current_parent.type].append(current_parent) form = CreateForeningForm(request.user, initial={ 'zipcode': '', }) context = { 'current_forening': current_forening, 'parents_choices': parents_choices, 'admin_user_search_char_length': settings.ADMIN_USER_SEARCH_CHAR_LENGTH, 'form': form, } # Give URLPicker the homepage site for the current forening. If they don't have one, just use the central site relevant_site = current_forening.get_homepage_site() or Site.get_central() context.update(url_picker_context(relevant_site)) if request.method == 'GET': return render(request, 'central/admin/foreninger/create.html', context) elif request.method == 'POST': form = CreateForeningForm(request.user, request.POST) if form.is_valid(): forening = Forening() forening.name = form.cleaned_data['name'] forening.type = form.cleaned_data['type'] if forening.type == 'turgruppe': forening.group_type = form.cleaned_data['group_type'] else: forening.group_type = '' forening.save() # Set M2M-fields after the initial db-save forening.parents = form.cleaned_data['parents'] # Ensure the Turbasen object is re-saved with applicable M2M-relations forening.save_turbasen_object() # Add the current user as admin on the new forening role = ForeningRole( user=request.user, forening=forening, role='admin', ) role.save() # FIXME: We can't delete the permission cache for all users, so some may find that they can't edit # the new forening even though they should be able, until the cache (which is currently 24h) expires. cache.delete('user.%s.all_foreninger' % request.user.id) messages.info(request, 'forening_create_success') request.session['active_forening'] = forening.id cache.delete('foreninger.all.sorted_by_name') cache.delete('foreninger.all.sorted_by_type') cache.delete('foreninger.rendered_select') cache.delete('forening.%s' % forening.id) cache.delete('forening.main_foreninger.%s' % forening.id) return redirect('admin:foreninger.edit', forening.id) else: context.update({'form': form}) return render(request, 'central/admin/foreninger/create.html', context) else: return redirect('admin:foreninger.create', current_forening.id)