Exemplo n.º 1
0
def profile(request):
    context = PatchworkRequestContext(request)

    if request.method == 'POST':
        form = UserProfileForm(instance = request.user.get_profile(),
                data = request.POST)
        if form.is_valid():
            form.save()
    else:
        form = UserProfileForm(instance = request.user.get_profile())

    context.project = request.user.get_profile().primary_project
    context['bundles'] = Bundle.objects.filter(owner = request.user)
    context['profileform'] = form

    optout_query = '%s.%s IN (SELECT %s FROM %s)' % (
                        Person._meta.db_table,
                        Person._meta.get_field('email').column,
                        EmailOptout._meta.get_field('email').column,
                        EmailOptout._meta.db_table)
    people = Person.objects.filter(user = request.user) \
             .extra(select = {'is_optout': optout_query})
    context['linked_emails'] = people
    context['linkform'] = UserPersonLinkForm()

    return render_to_response('patchwork/profile.html', context)
Exemplo n.º 2
0
def profile(request):
    if request.method == 'POST':
        form = UserProfileForm(instance=request.user.profile,
                               data=request.POST)
        if form.is_valid():
            form.save()
    else:
        form = UserProfileForm(instance=request.user.profile)

    # TODO(stephenfin): Add a related_name for User->Bundle
    context = {
        'bundles': Bundle.objects.filter(owner=request.user),
        'profileform': form,
    }

    # FIXME(stephenfin): This looks unsafe. Investigate.
    optout_query = '%s.%s IN (SELECT %s FROM %s)' % (
        Person._meta.db_table,
        Person._meta.get_field('email').column,
        EmailOptout._meta.get_field('email').column,
        EmailOptout._meta.db_table)
    people = Person.objects.filter(user=request.user) \
        .extra(select={'is_optout': optout_query})
    context['linked_emails'] = people
    context['linkform'] = EmailForm()

    return render(request, 'patchwork/profile.html', context)
Exemplo n.º 3
0
def profile(request):
    if request.method == 'POST':
        form = UserProfileForm(instance=request.user.profile,
                               data=request.POST)
        if form.is_valid():
            form.save()
    else:
        form = UserProfileForm(instance=request.user.profile)

    # TODO(stephenfin): Add a related_name for User->Bundle
    context = {
        'bundles': Bundle.objects.filter(owner=request.user),
        'profileform': form,
    }

    # This looks unsafe but is actually fine: it just gets the names
    # of tables and columns, not user-supplied data.
    #
    # An example of generated SQL is:
    # patchwork_person.email IN (SELECT email FROM patchwork_emailoptout)
    optout_query = '%s.%s IN (SELECT %s FROM %s)' % (
        Person._meta.db_table,
        Person._meta.get_field('email').column,
        EmailOptout._meta.get_field('email').column,
        EmailOptout._meta.db_table)
    people = Person.objects.filter(user=request.user) \
        .extra(select={'is_optout': optout_query})
    context['linked_emails'] = people
    context['linkform'] = EmailForm()
    context['api_token'] = request.user.profile.token
    if settings.ENABLE_REST_API:
        context['rest_api_enabled'] = True

    return render(request, 'patchwork/profile.html', context)
Exemplo n.º 4
0
def profile(request):
    context = PatchworkRequestContext(request)

    if request.method == 'POST':
        form = UserProfileForm(instance=request.user.profile,
                               data=request.POST)
        if form.is_valid():
            form.save()
    else:
        form = UserProfileForm(instance=request.user.profile)

    context.project = request.user.profile.primary_project
    context['bundles'] = Bundle.objects.filter(owner=request.user)
    context['profileform'] = form

    optout_query = '%s.%s IN (SELECT %s FROM %s)' % (
        Person._meta.db_table, Person._meta.get_field('email').column,
        EmailOptout._meta.get_field('email').column,
        EmailOptout._meta.db_table)
    people = Person.objects.filter(user = request.user) \
             .extra(select = {'is_optout': optout_query})
    context['linked_emails'] = people
    context['linkform'] = UserPersonLinkForm()

    return render_to_response('patchwork/profile.html', context)
Exemplo n.º 5
0
def profile(request):
    if request.method == 'POST':
        form = UserProfileForm(instance=request.user.profile,
                               data=request.POST)
        if form.is_valid():
            form.save()
    else:
        form = UserProfileForm(instance=request.user.profile)

    context = {
        'bundles': request.user.bundles.all(),
        'profileform': form,
    }

    # This looks unsafe but is actually fine: it just gets the names
    # of tables and columns, not user-supplied data.
    #
    # An example of generated SQL is:
    # patchwork_person.email IN (SELECT email FROM patchwork_emailoptout)
    optout_query = '%s.%s IN (SELECT %s FROM %s)' % (
        Person._meta.db_table, Person._meta.get_field('email').column,
        EmailOptout._meta.get_field('email').column,
        EmailOptout._meta.db_table)
    people = Person.objects.filter(user=request.user) \
        .extra(select={'is_optout': optout_query})
    context['linked_emails'] = people
    context['linkform'] = EmailForm()
    context['api_token'] = request.user.profile.token
    if settings.ENABLE_REST_API:
        context['rest_api_enabled'] = True

    return render(request, 'patchwork/profile.html', context)
Exemplo n.º 6
0
def profile(request):
    if request.method == 'POST':
        form = UserProfileForm(instance=request.user.profile,
                               data=request.POST)
        if form.is_valid():
            form.save()
    else:
        form = UserProfileForm(instance=request.user.profile)

    # TODO(stephenfin): Add a related_name for User->Bundle
    context = {
        'bundles': Bundle.objects.filter(owner=request.user),
        'profileform': form,
    }

    # FIXME(stephenfin): This looks unsafe. Investigate.
    optout_query = '%s.%s IN (SELECT %s FROM %s)' % (
        Person._meta.db_table, Person._meta.get_field('email').column,
        EmailOptout._meta.get_field('email').column,
        EmailOptout._meta.db_table)
    people = Person.objects.filter(user=request.user) \
        .extra(select={'is_optout': optout_query})
    context['linked_emails'] = people
    context['linkform'] = EmailForm()

    return render(request, 'patchwork/profile.html', context)
Exemplo n.º 7
0
def profile(request):
    context = PatchworkRequestContext(request)

    if request.method == 'POST':
        form = UserProfileForm(instance = request.user.get_profile(),
                data = request.POST)
        if form.is_valid():
            form.save()
    else:
        form = UserProfileForm(instance = request.user.get_profile())

    context.project = request.user.get_profile().primary_project
    context['bundles'] = Bundle.objects.filter(owner = request.user)
    context['profileform'] = form

    people = Person.objects.filter(user = request.user)
    context['linked_emails'] = people
    context['linkform'] = UserPersonLinkForm()

    return render_to_response('patchwork/profile.html', context)