def embed(request,text_id,type):
if user_has_perm_on_text(None, 'can_view_local_text', text_id):
if type=="public_view" :
return _viewandcommentversion(request,text_id,embed = True)
else :#if type=="public_view_textonly" :
text = get_object_or_404(Text,pk = text_id)
version = text.get_latest_version()
additional_commentsinfo_css = """
.acinfo {
padding:5px 10px 5px 10px;
color:#222;
font:normal 11px tahoma, arial, helvetica, sans-serif;
}
"""
nbcomments,nbreplies = version.get_visible_commentsandreplies_count(request.user)
comment_count_msg = _(u'this text has %(nbcomments)d comment(s) and %(nbreplies)d reply(ies)') % {'nbcomments': nbcomments,'nbreplies': nbreplies,}
if user_has_perm_on_text(None, 'can_add_comment_local_text', text_id) :
click_here_msg = _(u"click here to view or add comments")
else :
click_here_msg = _(u"click here to view comments")
viewandcomment_url = settings.SITE_URL + reverse('text-viewandcomment',args=[text_id])
additional_commentsinfo = u"""<div class="acinfo">co-ment®: %s, <a href="%s" target="blank" >%s</a>
</div>""" % (comment_count_msg, viewandcomment_url, click_here_msg)
body = "%s%s" % (version.content, additional_commentsinfo)
css = "%s%s" % (additional_commentsinfo_css, version.css)
content = combine_css_body(body,css)
return HttpResponse(content)
else:
redirect_url = reverse('embeded_unauthorized')
return HttpResponseRedirect(redirect_url)
def _check_local_perm(request, *args, **kwargs):
if not settings.CHECK_PERMISSIONS:
# permission check disabled
return view_func(request, *args, **kwargs)
if must_be_logged_in and not request.user.is_authenticated():
return HttpResponseRedirect('%s?%s=%s' % (login_url, redirect_field_name, urlquote(request.get_full_path())))
#text = Text.objects.get(pk=kwargs['text_id'])
if 'text_id' in kwargs:
text_id = kwargs['text_id']
elif 'version_id' in kwargs:
version_id = kwargs['version_id']
version = get_object_or_404(TextVersion, pk = version_id)
text_id = version.text.id
elif 'image_id' in kwargs:
image_id = kwargs['image_id']
image = get_object_or_404(Image, pk = image_id)
text_id = image.text_version.text.id
else:
raise Exception('no security check possible')
permission = get_perm_by_name_or_perm(perm)
if user_has_perm_on_text(request.user,permission,text_id):
return view_func(request, *args, **kwargs)
else:
# if some user have the perm and not logged-in : redirect to login
# TODO : test that
if not request.user.is_authenticated() and number_has_perm_on_text(permission, text_id) > 0:
return HttpResponseRedirect('%s?%s=%s' % (login_url, redirect_field_name, urlquote(request.get_full_path())))
# else : unauthorized
redirect_url = reverse('unauthorized')
return HttpResponseRedirect(redirect_url)
def render(self, context):
ctype = ContentType.objects.get_for_model(Text)
permission = Permission.objects.filter(content_type=ctype,codename=self.perm_name)[0]
context[self.var_name] = user_has_perm_on_text(self.user.resolve(context),
permission,
(self.text.resolve(context)).id)
return ''
def textversion_created(sender, **kwargs):
if kwargs["created"]:
text_version = kwargs["instance"]
text = text_version.text
alerts = EmailAlert.objects.get_alerts(text)
for alert in alerts:
user = alert.user
# permission check
if user.is_active and user_has_perm_on_text(user, "can_view_local_text", text.id):
if text_version.note:
title = _(
u"A new version of the text entitled '%(text_version_name)s' has been created (note : '%(version_note)s')"
) % {"version_note": text_version.note, "text_version_name": text_version.title}
else:
title = _(u"A new version of the text entitled '%(text_version_name)s' has been created") % {
"text_version_name": text_version.title
}
content = _(u"Click here to access this version: %(version_url)s") % {
"version_url": settings.SITE_URL
+ reverse("text-viewandcommentversion", args=[text.id, text_version.id])
}
body = render_to_string(
"notifications/alert_email_body.html",
{
"title": title,
"text_url": reverse("text-viewandcomment", args=[alert.text.id]),
"site_url": settings.SITE_URL,
"site_name": settings.SITE_NAME,
"content": content,
"unsubscribe_url": alert.get_unsubscribe_url(),
},
)
EmailMessage(EMAIL_SUBJECT_PREFIX + title, body, settings.DEFAULT_FROM_EMAIL, [user.email]).send()
def text_feed(request,text_id):
if not user_has_perm_on_text(None, 'can_view_local_text', text_id):
raise Http404 #HttpResponse(status=401)
else:
return _text_feed(request,text_id)
