def form_valid(self, form):
if self.groups is None:
raise ImproperlyConfigured(
"UpdateViewGroupRestriction requires 'groups' to be a list of "
"group names")
if not self.request.user.is_authenticated():
reason = 'User must be logged in'
return responseutils.getHttpResponseForbiddenHTML(
'Update forbidden', self.request.user, reason)
for g in self.groups:
if not permscheck.isUserInGroup(self.request.user, g):
reason = 'User must be member of group: %s' % g
return responseutils.getHttpResponseForbiddenHTML(
'Update forbidden', self.request.user, reason)
return super(UpdateViewGroupRestriction, self).form_valid(form)
def form_valid(self, form):
comp = models.Component.objects.get(pk=self.kwargs['ref'])
if not self.request.user == comp.createdby:
reason = 'Only the One and Only Creator can modify his spawn'
return responseutils.getHttpResponseForbiddenHTML(
'Creation forbidden', self.request.user, reason)
form.instance.component = comp
return super(SupportedByView, self).form_valid(form)
def delete(self, request, *args, **kwargs):
"""
Calls the delete() method on the fetched object and then
redirects to the success URL.
"""
authuser = self.request.user
self.object = self.get_object()
if authuser.is_authenticated():
if not authuser == self.object:
reason = 'You are not allowed to delete other users'
return responseutils.getHttpResponseForbiddenHTML(
'User Deletion forbidden', self.request.user, reason)
logout(request)
else:
reason = 'You must be logged in to delete your user'
return responseutils.getHttpResponseForbiddenHTML(
'User Deletion forbidden', self.request.user, reason)
success_url = self.get_success_url()
self.object.delete()
return HttpResponseRedirect(success_url)
def delete(self, request, *args, **kwargs):
"""
Calls the delete() method on the fetched object and then
redirects to the success URL.
"""
self.object = self.get_object()
if not self.object.createdby == self.request.user:
reason = 'User must be the create of the component to delete it'
return responseutils.getHttpResponseForbiddenHTML(
'Component Deletion forbidden', self.request.user, reason)
success_url = self.get_success_url()
self.object.delete()
return HttpResponseRedirect(success_url)
def delete(self, request, *args, **kwargs):
"""
Calls the delete() method on the fetched object and then
redirects to the success URL.
"""
self.object = self.get_object()
if not self.object.component.createdby == self.request.user:
reason = 'User must be the creator of the relation to delete it'
return responseutils.getHttpResponseForbiddenHTML(
'Supported By Deletion forbidden', self.request.user, reason)
# In order to get the correct URL the order is important
success_url = self.get_success_url()
self.object.delete()
return HttpResponseRedirect(success_url)