def new_case(request):
"""Creates a new case."""
if request.method == "POST":
form = forms.CaseForm(request.POST)
if form.is_valid():
case = form.save(commit=False)
case.owner = request.user
case.save()
form.save_m2m()
# Always add owner.
case.users.add(request.user)
# Auditing.
log_activity("C", "Created new case %s" % case.name, request)
return HttpResponseRedirect(
reverse("analyses.views.show_case", args=(case.id, "list")))
"""Creates a new case."""
if request.method == "POST":
form = forms.CaseForm(request.POST)
if form.is_valid():
case = form.save(commit=False)
case.owner = request.user
case.save()
form.save_m2m()
# Always add owner.
case.users.add(request.user)
# Auditing.
log_activity("C", "Created new case %s" % case.name, request)
return HttpResponseRedirect(
reverse("analyses.views.show_case", args=(case.id, "list")))
else:
form = forms.CaseForm()
return render_to_response("analyses/cases/new.html", {"form": form},
context_instance=RequestContext(request))
@login_required
def edit_case(request, case_id):
"""Edit a case."""
case = get_object_or_404(Case, pk=case_id)
# Security check.
if request.user != case.owner and not request.user.is_superuser:
return render_to_response(
"error.html", {"error": "You are not authorized to edit this."},
context_instance=RequestContext(request))