class UniversitySubjectDetailView(BaseManageView): """ Manage to change/delete based on UniversitySubject model """ error_messages = { "__all__": { "invalid": "This university or subject is invalid", } } def __init__(self, *args, **kwargs): self.VIEWS_BY_METHOD = { 'GET': self.get_subject, 'POST': self.add_subject, 'DELETE': self.delete_subject, } def get_subject(self, request, university_id, subject_id): try: univ_subject = UniversitySubject.objects.select_related( "university", "subject").get(university=university_id, subject=subject_id) except UniversitySubject.DoesNotExist: return self.json_error(field='__all__', code="invalid") else: result = univ_subject.parse_profile() return JsonResponse(result) @method_decorator( permission_required_or_403("university.change_university", (University, 'id', 'university_id'))) def add_subject(self, request, university_id, subject_id): form = UniversitySubjectCreateForm({ "university": university_id, "subject": subject_id }) if form.is_valid(): form.save() return JsonResponse({"success": True}, status=201) else: error = form.errors.get_json_data() return JsonResponse(error, status=404) @method_decorator( permission_required_or_403("university.change_university", (University, 'id', 'university_id'))) def delete_subject(self, request, university_id, subject_id): delete_form = UniversitySubjectDeleteForm({ "university": university_id, "subject": subject_id }) if delete_form.is_valid(): delete_form.delete() return JsonResponse({"success": True}, status=200) else: error = delete_form.errors.get_json_data() return JsonResponse(error, status=404)
class UserUpdateView(G3WRequestViewMixin, UpdateView): form_class = G3WUserUpdateForm model = User template_name = 'usersmanage/user_form.html' context_object_name = 'user2update' @method_decorator(permission_required_or_403('auth.change_user', (User, 'pk', 'pk'))) @method_decorator(permission_required_by_backend_or_403('change_user', (User, 'pk', 'pk'))) def dispatch(self, *args, **kwargs): return super(UserUpdateView, self).dispatch(*args, **kwargs) def get_form_kwargs(self): kwargs = super(UserUpdateView,self).get_form_kwargs() kwargs['initial']['password'] = self.object.password if hasattr(self.object, 'userdata'): kwargs['initial']['department'] = self.object.userdata.department kwargs['initial']['avatar'] = self.object.userdata.avatar ''' if self.object.userdata.avatar: name = Path(self.object.userdata.avatar.name).name kwargs['initial']['avatar'] = ExistingFile(name) ''' # add initial data for user_groups kwargs['initial']['user_groups'] = get_user_groups(self.object) return kwargs def get_context_data(self, **kwargs): c = super(UserUpdateView,self).get_context_data(**kwargs) return c def get_success_url(self): return reverse('user-list')
class FeedbackUpdate(UpdateView): model = Feedback form_class = FeedbackForm @method_decorator(login_required) @method_decorator( permission_required_or_403( 'edit_decisions_feedback', (Organization, 'decision__feedback', 'pk') ) ) def dispatch(self, *args, **kwargs): return super(FeedbackUpdate, self).dispatch(*args, **kwargs) def post(self, *args, **kwargs): if self.request.POST.get('submit', None) == _("Cancel"): self.object = self.get_object() return HttpResponseRedirect(self.get_success_url()) return super(FeedbackUpdate, self).post(*args, **kwargs) def form_valid(self, form, *args, **kwargs): form.instance.editor = self.request.user form.instance.minor_edit = form.cleaned_data['minor_edit'] return super(FeedbackUpdate, self).form_valid(form, *args, **kwargs) def get_context_data(self, *args, **kwargs): context = super(FeedbackUpdate, self).get_context_data(**kwargs) context['tab'] = self.object.decision.status return context def get_success_url(self, *args, **kwargs): return reverse('publicweb_item_detail', args=[self.object.decision.pk])
class AssetDetail(DetailView): model = asset template_name = 'asset/asset-detail.html' @method_decorator(login_required) @method_decorator( permission_required_or_403('asset.read_asset', (asset, 'id', 'pk'))) def dispatch(self, *args, **kwargs): return super(AssetDetail, self).dispatch(*args, **kwargs) def get_context_data( self, **kwargs, ): pk = self.kwargs.get(self.pk_url_kwarg, None) detail = asset.objects.get(id=pk) context = { "asset_active": "active", "asset_list_active": "active", "assets": detail, "nid": pk, } kwargs.update(context) return super(AssetDetail, self).get_context_data(**kwargs)
class FeedbackCreate(CreateView): model = Feedback form_class = FeedbackForm @method_decorator(login_required) @method_decorator(permission_required_or_403('edit_decisions_feedback', (Organization, 'decision', 'parent_pk'))) def dispatch(self, request, *args, **kwargs): self.rating_initial = Feedback.COMMENT_STATUS rating = request.GET.get('rating') if rating: self.rating_initial = [value for value, name in Feedback.RATING_CHOICES if name==rating][0] return super(FeedbackCreate, self).dispatch(request, *args, **kwargs) def get_initial(self): initial = super(FeedbackCreate, self).get_initial().copy() initial['rating'] = self.rating_initial return initial def form_valid(self, form): form.instance.author = self.request.user form.instance.decision = Decision.objects.get(pk=self.kwargs['parent_pk']) form.instance.last_status = 'new' return super(FeedbackCreate, self).form_valid(form) def get_success_url(self, *args, **kwargs): return reverse('publicweb_item_detail', args=[self.kwargs['parent_pk']]) def post(self, *args, **kwargs): if self.request.POST.get('submit', None) == "Cancel": return HttpResponseRedirect(self.get_success_url()) return super(FeedbackCreate, self).post(*args, **kwargs)
class DbUpdate(UpdateView): model = db_mysql form_class = DbMysqlForm template_name = 'db/db-update.html' success_url = reverse_lazy('db:db_list') @method_decorator(login_required) @method_decorator( permission_required_or_403('db.change_db_mysql', (db_mysql, 'id', 'pk'))) def dispatch(self, *args, **kwargs): return super(DbUpdate, self).dispatch(*args, **kwargs) def get_context_data(self, **kwargs): context = { "db_active": "active", "db_list_active": "active", } kwargs.update(context) return super(DbUpdate, self).get_context_data(**kwargs) def form_invalid(self, form): print(form.errors) return super(DbUpdate, self).form_invalid(form) def form_valid(self, form): self.object = form.save() return super(DbUpdate, self).form_valid(form) def get_success_url(self): return super(DbUpdate, self).get_success_url()
class AssetAdd(CreateView): model = asset form_class = AssetForm template_name = 'asset/asset-add.html' success_url = reverse_lazy('asset:asset_list') @method_decorator(login_required) @method_decorator(permission_required_or_403('asset.add_asset')) def dispatch(self, *args, **kwargs): return super(AssetAdd, self).dispatch(*args, **kwargs) def form_valid(self, form): self.asset_save = asset_save = form.save() myproduct = asset.objects.get(network_ip=form.cleaned_data['network_ip']).product_line mygroup = Group.objects.get(name=myproduct) GroupObjectPermission.objects.assign_perm("read_asset", mygroup, obj=asset_save) GroupObjectPermission.objects.assign_perm("add_asset", mygroup, obj=asset_save) GroupObjectPermission.objects.assign_perm("change_asset", mygroup, obj=asset_save) GroupObjectPermission.objects.assign_perm("delete_asset", mygroup, obj=asset_save) return super(AssetAdd, self).form_valid(form) def get_success_url(self): return super(AssetAdd, self).get_success_url() def get_context_data(self, **kwargs): context = { "asset_active": "active", "asset_list_active": "active", } kwargs.update(context) return super(AssetAdd, self).get_context_data(**kwargs)
class NameAdd(LoginRequiredMixin, CreateView): """ 登录用户增加 """ model = Names form_class = NameForm template_name = 'name/name-add-update.html' success_url = reverse_lazy('name:name_list') @method_decorator(permission_required_or_403('name.add_names')) def dispatch(self, *args, **kwargs): return super().dispatch(*args, **kwargs) def get_context_data(self, **kwargs): context = { "name_active": "active", "name_list_active": "active", } kwargs.update(context) return super().get_context_data(**kwargs) def form_valid(self, form): forms = form.save() password_form = form.cleaned_data['password'] if password_form is not None: forms.set_password(password_form) forms.save() return super().form_valid(form)
class GroupsObjectAdd(LoginRequiredMixin, CreateView): """ 系统组对象 增加 """ model = GroupObjectPermission form_class = GroupsObjectForm template_name = 'name/groups-object-add-update.html' success_url = reverse_lazy('name:groups_object_list') @method_decorator( permission_required_or_403('guardian.add_groupobjectpermission')) def dispatch(self, *args, **kwargs): return super().dispatch(*args, **kwargs) def get_context_data(self, **kwargs): context = { "name_active": "active", "groups_object_list_active": "active", } kwargs.update(context) return super().get_context_data(**kwargs) def form_invalid(self, form): print(form.errors) return super().form_invalid(form) def form_valid(self, form): forms = form.save(commit=False) object_pk1 = form.cleaned_data['object_pk1'] forms.object_pk = object_pk1 forms.save() return super().form_valid(form)
class GroupsObjectAllDel(LoginRequiredMixin, View): """ 系统组删除 """ model = GroupObjectPermission @method_decorator( permission_required_or_403('guardian.delete_groupobjectpermission')) def dispatch(self, *args, **kwargs): return super().dispatch(*args, **kwargs) @staticmethod def post(request): ret = { 'status': True, 'error': None, } try: if request.POST.get('nid'): ids = request.POST.get('nid', None) GroupObjectPermission.objects.get(id=ids).delete() else: ids = request.POST.getlist('id', None) idstring = ','.join(ids) GroupObjectPermission.objects.extra( where=['id IN (' + idstring + ')']).delete() except Exception as e: ret['status'] = False ret['error'] = '删除请求错误,没有权限{}'.format(e) finally: return HttpResponse(json.dumps(ret))
class GroupPage(AJAX_GroupPageHandler, POSTHandler): """ This class manage the present logic of group page. """ def __init__(self, *args, **kwargs): super(GroupPage, self).__init__(*args, **kwargs) # for GroupUserHandler setting _display_control = True @method_decorator( permission_required_or_403('real_group_membership', ( RealGroup, 'id', 'real_group_id', )), ) def dispatch(self, *args, **kwargs): return super(GroupPage, self).dispatch(*args, **kwargs) def get(self, request, real_group_id): real_group = get_object_or_404(RealGroup, id=int(real_group_id)) render_data_dict = { 'request': request, 'real_group': real_group, } return render(request, 'real_group/group_page.html', render_data_dict) def post(self, request, real_group_id): real_group = get_object_or_404(RealGroup, id=int(real_group_id)) return self._handler(request, real_group)
class AssetUserAdd(LoginRequiredMixin, CreateView): """ 资产用户 增加 """ model = AssetLoginUser form_class = AssetUserForm template_name = 'asset/asset-user-add-update.html' success_url = reverse_lazy('asset:asset_user_list') @method_decorator(permission_required_or_403('asset.add_assetloginuser')) def dispatch(self, *args, **kwargs): return super().dispatch(*args, **kwargs) def get_context_data(self, **kwargs): context = { "asset_active": "active", "asset_user_list_active": "active", } kwargs.update(context) return super().get_context_data(**kwargs) def form_valid(self, form): forms = form.save() password_form = form.cleaned_data['password'] if password_form is not None: password = encrypt_p(password_form) forms.password = password forms.save() name = form.cleaned_data['hostname'] obj = AssetLoginUser.objects.get(hostname=name).private_key.name system("chmod 600 {0}".format(obj)) return super().form_valid(form)
class JobViewSet( mixins.ListModelMixin, mixins.RetrieveModelMixin, mixins.DestroyModelMixin, viewsets.GenericViewSet, ): queryset = models.Job.objects.order_by("-received_request_time").all() serializer_class = serializers.JobSerializer serializer_action_classes = { "list": serializers.JobListSerializer, } permission_classes = (ExtendedObjectPermissions, ) filter_backends = (ObjectPermissionsFilter, ) def get_serializer_class(self, *args, **kwargs): """ Instantiate the list of serializers per action from class attribute (must be defined). """ kwargs["partial"] = True try: return self.serializer_action_classes[self.action] except (KeyError, AttributeError): return super(JobViewSet, self).get_serializer_class() @action(detail=True, methods=["patch"]) @method_decorator([ permission_required_or_403("api_app.change_job"), ]) def kill(self, request, pk=None): """ Kill running job by closing celery tasks and marking as killed :param url: pk (job_id) :returns: - 200 - if killed - 404 - not found - 403 - forbidden, 400 bad request """ logger.info( f"kill running job received request from {str(request.user)} " f"-- (job_id:{pk}).") # get job object or raise 404 try: job = models.Job.objects.get(pk=pk) except models.Job.DoesNotExist: raise NotFound() # check permission if not request.user.has_perm("api_app.change_job", job): raise PermissionDenied() # check if job running if job.status != "running": raise ParseError(detail="Job is not running") # close celery tasks general.kill_running_analysis(pk) # set job status job.status = "killed" job.save() return Response(status=status.HTTP_200_OK)
class DbAdd(CreateView): model = db_mysql form_class = DbMysqlForm template_name = 'db/db-add.html' success_url = reverse_lazy('db:db_list') @method_decorator(login_required) @method_decorator(permission_required_or_403('db.add_db_mysql')) def dispatch(self, *args, **kwargs): return super(DbAdd, self).dispatch(*args, **kwargs) def form_valid(self, form): self.db_save = form.save() return super(DbAdd, self).form_valid(form) def get_success_url(self): return super(DbAdd, self).get_success_url() def get_context_data(self, **kwargs): context = { "db_active": "active", "db_list_active": "active", } kwargs.update(context) return super(DbAdd, self).get_context_data(**kwargs)
class AssetAdd(CreateView): model = asset template_name = 'asset/asset_add.html' form_class = AssetForm success_url = reverse_lazy('asset:asset_list') @method_decorator(login_required()) @method_decorator(permission_required_or_403('asset.add_asset')) def dispath(self,*args,**kwargs): return super(AssetAdd,self).dispatch(*args,**kwargs) def get_context_data(self,**kwargs): context = { 'asset_list':get_objects_for_user(self.request.user,'asset.read_asset') } kwargs.update(context) return super(AssetAdd,self).get_context_data(**kwargs) def get(self,request): user = User.objects.get(username=request.user) ret = asset.objects.all return render(request,'asset/asset.html',{'asset_list':ret}) def form_valid(self, form): self.asset_save = asset_save = form.save() grouptest = 'mine' mygroup = Group.objects.get(name=grouptest) GroupObjectPermission.objects.assign_perm("read_asset",mygroup,obj=asset_save) GroupObjectPermission.objects.assign_perm("add_asset",mygroup,obj=asset_save) GroupObjectPermission.objects.assign_perm("change_asset",mygroup,obj=asset_save) GroupObjectPermission.objects.assign_perm("delete_asset",mygroup,obj=asset_save) return super(AssetAdd,self).form_valid(form) def get_success_url(self): return super(AssetAdd,self).get_success_url()
class DbAdd(CreateView): model = db_mysql form_class = DbMysqlForm template_name = 'db/db-add.html' success_url = reverse_lazy('db:db_list') @method_decorator(login_required) @method_decorator(permission_required_or_403('db.add_db_mysql')) def dispatch(self, *args, **kwargs): return super(DbAdd, self).dispatch(*args, **kwargs) def form_valid(self, form): self.db = db = form.save() myproduct = form.cleaned_data['product_line'] mygroup = Group.objects.get(name=myproduct) GroupObjectPermission.objects.assign_perm("read_db_mysql", mygroup, obj=db) GroupObjectPermission.objects.assign_perm("add_db_mysql", mygroup, obj=db) GroupObjectPermission.objects.assign_perm("change_db_mysql", mygroup, obj=db) GroupObjectPermission.objects.assign_perm("delete_db_mysql", mygroup, obj=db) GroupObjectPermission.objects.assign_perm("task_db_mysql", mygroup, obj=db) return super(DbAdd, self).form_valid(form) def get_success_url(self): return super(DbAdd, self).get_success_url() def get_context_data(self, **kwargs): context = { "db_active": "active", "db_list_active": "active", } kwargs.update(context) return super(DbAdd, self).get_context_data(**kwargs)
class NameUpdate(LoginRequiredMixin, UpdateView): """登录用户更新""" model = Names form_class = NameForm template_name = 'name/name-add-update.html' success_url = reverse_lazy('name:name_list') @method_decorator(permission_required_or_403('name.change_names')) def dispatch(self, *args, **kwargs): return super().dispatch(*args, **kwargs) def get_context_data(self, **kwargs): context = { "name_active": "active", "name_list_active": "active", } kwargs.update(context) return super().get_context_data(**kwargs) def form_valid(self, form): pk = self.kwargs.get(self.pk_url_kwarg, None) obj = Names.objects.get(id=pk) old_password = obj.password new_password = form.cleaned_data['password'] forms = form.save() if new_password == "1": forms.password = old_password else: forms.set_password(new_password) forms.save() return super().form_valid(form)
class UserGroupUpdateView(G3WRequestViewMixin, UpdateView): """ View for change User Group """ form_class = G3WUserGroupUpdateForm model = Group template_name = 'usersmanage/user_group_form.html' @method_decorator(permission_required_or_403('auth.change_group', (Group, 'pk', 'pk'))) def dispatch(self, *args, **kwargs): return super(UserGroupUpdateView, self).dispatch(*args, **kwargs) def get_initial(self): initials = super(UserGroupUpdateView, self).get_initial() # add group role try: initials['role'] = self.object.grouprole.role except: pass return initials # todo: check group if not in base editor and viewer group def get_success_url(self): return reverse('user-group-list')
class OpenrouteServiceProjectFormBase(G3WRequestViewMixin): form_class = OpenrouteserviceProjectForm success_url = reverse_lazy('ors-project-list') model = OpenrouteserviceProject @method_decorator(permission_required_or_403('qdjango.change_project')) def dispatch(self, *args, **kwargs): return super().dispatch(*args, **kwargs)
class GroupDeleteView(DeleteView): model = GroupProfile template_name = 'ojuser/group_confirm_delete.html' success_url = reverse_lazy('mygroup-list') @method_decorator( permission_required_or_403('delete_groupprofile', (GroupProfile, 'pk', 'pk'))) def dispatch(self, request, *args, **kwargs): return super(GroupDeleteView, self).dispatch(request, *args, **kwargs)
class ProjectMessagePage(View): @method_decorator(login_required) @method_decorator( permission_required_or_403('project.project_membership', (Project, 'id', 'project_id')), ) def get(self, request, project_id): project = get_object_or_404(Project, id=int(project_id)) return render(request, 'project/project_message_page.html', {'project': project})
class GroupMemberView(TemplateView): template_name = 'ojuser/group_members.html' @method_decorator( permission_required_or_403('change_groupprofile', (GroupProfile, 'pk', 'pk'))) def dispatch(self, request, *args, **kwargs): return super(GroupMemberView, self).dispatch(request, *args, **kwargs) def get_context_data(self, pk=None, **kwargs): context = super(GroupMemberView, self).get_context_data(**kwargs) context['pk'] = pk return context
class AssetUpdate(UpdateView): model = asset form_class = AssetForm template_name = 'asset/asset-update.html' success_url = reverse_lazy('asset:asset_list') @method_decorator(login_required) @method_decorator( permission_required_or_403('asset.add_asset', (asset, 'id', 'pk'))) def dispatch(self, *args, **kwargs): return super(AssetUpdate, self).dispatch(*args, **kwargs) def get_context_data(self, **kwargs): context = { "asset_active": "active", "asset_list_active": "active", } kwargs.update(context) return super(AssetUpdate, self).get_context_data(**kwargs) def form_invalid(self, form): print(form.errors) return super(AssetUpdate, self).form_invalid(form) def form_valid(self, form): pk = self.kwargs.get(self.pk_url_kwarg, None) oldmyproduct = asset.objects.get(id=pk).product_line oldmygroup = Group.objects.get(name=oldmyproduct) self.object = form.save() myproduct = asset.objects.get(id=pk).product_line mygroup = Group.objects.get(name=myproduct) if oldmygroup != mygroup: GroupObjectPermission.objects.filter(object_pk=pk).delete() GroupObjectPermission.objects.assign_perm("read_asset", mygroup, obj=self.object) GroupObjectPermission.objects.assign_perm("add_asset", mygroup, obj=self.object) GroupObjectPermission.objects.assign_perm("change_asset", mygroup, obj=self.object) GroupObjectPermission.objects.assign_perm("delete_asset", mygroup, obj=self.object) return super(AssetUpdate, self).form_valid(form) def get_success_url(self): return super(AssetUpdate, self).get_success_url()
class GroupManagementPageOfMember(BasicGroupManagementPage): # for GroupUserHandler setting _display_control = True @method_decorator(login_required) @method_decorator( permission_required_or_403('real_group_membership', ( RealGroup, 'id', 'real_group_id', ))) def dispatch(self, *args, **kwargs): return super(GroupManagementPageOfMember, self).dispatch(*args, **kwargs)
class EconsensusActionitemUpdateView(ActionItemUpdateView): template_name = 'actionitem_update_snippet.html' form_class = EconsensusActionItemUpdateForm @method_decorator(login_required) @method_decorator(permission_required_or_403('edit_decisions_feedback', (Organization, 'decision', 'decisionpk'))) def dispatch(self, *args, **kwargs): if not switch_is_active('actionitems'): raise Http404 return super(EconsensusActionitemUpdateView, self).dispatch(*args, **kwargs) def get_success_url(self, *args, **kwargs): kwargs = {'decisionpk': self.kwargs.get('decisionpk'), 'pk': self.object.pk} return reverse('actionitem_detail', kwargs=kwargs)
class GroupEditView(UpdateView): """ When one wants to edit a group """ form_class = GroupEditForm slug_field = 'slug' model = WorkGroup template_name = 'workgroup/page/group_edit.html' @method_decorator(login_required) @method_decorator( permission_required_or_403('change_workgroup', (WorkGroup, 'slug', 'slug'))) def dispatch(self, request, *args, **kwargs): return super(GroupEditView, self).dispatch(request, *args, **kwargs)
class DbUpdate(UpdateView): model = db_mysql form_class = DbMysqlForm template_name = 'db/db-update.html' success_url = reverse_lazy('db:db_list') @method_decorator(login_required) @method_decorator(permission_required_or_403('db.change_db_mysql', (db_mysql, 'id', 'pk'))) def dispatch(self, *args, **kwargs): return super(DbUpdate, self).dispatch(*args, **kwargs) def get_context_data(self, **kwargs): context = { "db_active": "active", "db_list_active": "active", } kwargs.update(context) return super(DbUpdate, self).get_context_data(**kwargs) def form_invalid(self, form): print(form.errors) return super(DbUpdate, self).form_invalid(form) def form_valid(self, form): pk = self.kwargs.get(self.pk_url_kwarg, None) old_myproduct = db_mysql.objects.get(id=pk).product_line old_mygroup = Group.objects.get(name=old_myproduct) new_mygroup = Group.objects.get(name=form.cleaned_data['product_line']) self.object = form.save() if old_mygroup != new_mygroup: GroupObjectPermission.objects.filter(object_pk=pk).delete() GroupObjectPermission.objects.assign_perm("read_db_mysql", new_mygroup, obj=self.object) GroupObjectPermission.objects.assign_perm("add_db_mysql", new_mygroup, obj=self.object) GroupObjectPermission.objects.assign_perm("change_db_mysql", new_mygroup, obj=self.object) GroupObjectPermission.objects.assign_perm("delete_db_mysql", new_mygroup, obj=self.object) GroupObjectPermission.objects.assign_perm("task_db_mysql",new_mygroup, obj=self.object) return super(DbUpdate, self).form_valid(form) def get_success_url(self): return super(DbUpdate, self).get_success_url()
class DecisionCreate(CreateView): model = Decision form_class = DecisionForm status = Decision.PROPOSAL_STATUS @method_decorator(login_required) @method_decorator( permission_required_or_403( 'edit_decisions_feedback', (Organization, 'slug', 'org_slug') ) ) def dispatch(self, *args, **kwargs): self.status = kwargs.get('status', Decision.PROPOSAL_STATUS) slug = kwargs.get('org_slug', None) self.organization = Organization.active.get(slug=slug) return super(DecisionCreate, self).dispatch(*args, **kwargs) def get(self, *args, **kwargs): return super(DecisionCreate, self).get(*args, **kwargs) def get_form(self, form): form = super(DecisionCreate, self).get_form(form) form.fields['status'].initial = self.status return form def form_valid(self, form): form.instance.author = self.request.user form.instance.editor = self.request.user form.instance.last_status = 'new' form.instance.organization = self.organization return super(DecisionCreate, self).form_valid(form) def get_context_data(self, *args, **kwargs): context = super(DecisionCreate, self).get_context_data(**kwargs) context['organization'] = self.organization context['tab'] = self.status return context def get_success_url(self, *args, **kwargs): status = getattr(self, 'object', self).status return reverse('publicweb_item_list', args=[self.organization.slug, status]) def post(self, *args, **kwargs): if self.request.POST.get('submit', None) == _("Cancel"): return HttpResponseRedirect(self.get_success_url()) return super(DecisionCreate, self).post(*args, **kwargs)
class DecisionUpdate(UpdateView): model = Decision form_class = DecisionForm @method_decorator(login_required) @method_decorator( permission_required_or_403( 'edit_decisions_feedback', (Organization, 'decision', 'pk') ) ) def dispatch(self, *args, **kwargs): return super(DecisionUpdate, self).dispatch(*args, **kwargs) def form_valid(self, form): form.instance.editor = self.request.user form.instance.last_status = self.last_status form.instance.minor_edit = form.cleaned_data['minor_edit'] if (not form.cleaned_data['watch'] and notification.is_observing(self.object, self.request.user)): notification.stop_observing(self.object, self.request.user) elif (form.cleaned_data['watch'] and not notification.is_observing(self.object, self.request.user)): notification.observe( self.object, self.request.user, DECISION_CHANGE ) return super(DecisionUpdate, self).form_valid(form) def get_context_data(self, *args, **kwargs): context = super(DecisionUpdate, self).get_context_data(**kwargs) context['tab'] = self.object.status return context def get_success_url(self, *args, **kwargs): the_object = self.get_object() status = the_object.status slug = the_object.organization.slug return reverse('publicweb_item_list', args=[slug, status]) def post(self, *args, **kwargs): if self.request.POST.get('submit', None) == _("Cancel"): return HttpResponseRedirect(self.get_success_url()) else: self.last_status = self.get_object().status return super(DecisionUpdate, self).post(*args, **kwargs)
class AJAX_ProjectPageMessageList(MessageListBasic, APIView): @method_decorator(login_required) @method_decorator( permission_required_or_403('project.project_membership', (Project, 'id', 'project_id')), ) def get(self, request): project_id = request.GET.get('project_id', None) if project_id is None: raise PermissionDenied project = get_object_or_404(Project, id=int(project_id)) message_set = project.messages.filter(post_flag=True, ).order_by( '-post_time', ) return self._get_message_list(request, message_set)
""" try: page = int(request.GET.get('page', None)) except (TypeError, ValueError): page = page if userena_settings.USERENA_DISABLE_PROFILE_LIST \ and not request.user.is_staff: raise Http404 profile_model = get_profile_model() queryset = profile_model.objects.get_visible_profiles(request.user) if not extra_context: extra_context = dict() return list_detail.object_list(request, queryset=queryset, paginate_by=paginate_by, page=page, template_name=template_name, extra_context=extra_context, template_object_name='profile', **kwargs) profile_edit_view = secure_required(permission_required_or_403('change_profile', (get_profile_model(), 'user__username', 'username'))(profile_edit)) password_change_view = secure_required(permission_required_or_403('change_user', (User, 'username', 'username'))(password_change)) email_change_view = secure_required(permission_required_or_403('change_user', (User, 'username', 'username'))(email_change)) signin_view = secure_required(signin) email_confirm_view = secure_required(email_confirm) signup_view = secure_required(signup) activate_view = secure_required(activate)
return [] def index(request): projects = get_objects_for_user(request.user, 'projects.view_project') if len(projects) == 0: return unauthenticated(request) package_sets = [(project, request.user.has_perm('projects.upload_package', project), [package for package in project.package_set.order_by('-id')], ) for project in projects] context = {'package_sets': package_sets} return render(request, 'projects/index.html', context) @class_view_decorator(permission_required_or_403('projects.upload_package', (Project, 'pk', 'project_id'))) class UploadView(View): def get(self, request, project_id): form = UploadFileForm() return render_to_response('projects/upload.html', {'form': form, 'project_id': project_id}, context_instance=RequestContext(request)) def post(self, request, project_id): form = UploadFileForm(request.POST, request.FILES) if form.is_valid(): from guardian.shortcuts import assign_perm # handle files package = form.save(commit=False) package.status = Package.Status.uploaded package.project_id = project_id