def get_permissions(user): permission_dict = { 'can_edit_mindset': Permissions.can_update_mindset_materials(user), 'can_edit_outreach': user.is_superuser, 'can_edit_profiles': Permissions.can_manage_officers(user), } return permission_dict
def get_permissions(user): permission_dict = { 'can_edit_corporate': Permissions.can_edit_corporate_page(user), 'can_add_contact': Permissions.can_add_corporate_contact(user), 'can_edit_contacts': Permissions.can_edit_corporate_page(user), 'can_add_company': Permissions.can_add_company(user), } return permission_dict
def get_permissions(user): permission_dict = get_member_permissions(user) permission_dict.update({ 'can_create_groups': Permissions.can_manage_electee_progress(user), 'can_edit_resources': Permissions.can_manage_electee_progress(user), }) return permission_dict
def get_permissions(user): permission_dict={ 'can_post':Permissions.can_post_web_article(user), 'can_edit':Permissions.can_approve_web_article(user), 'post_button':Permissions.can_upload_articles(user), 'is_member':hasattr(user,'userprofile') and user.userprofile.is_member(), 'can_process_project_reports': Permissions.can_process_project_reports(user), } return permission_dict
def get_permissions(user): permission_dict = get_member_permissions(user) permission_dict.update( { "can_create_groups": Permissions.can_manage_electee_progress(user), "can_edit_resources": Permissions.can_manage_electee_progress(user), } ) return permission_dict
def get_permissions(user): can_process_reports = Permissions.can_process_project_reports(user) permission_dict = { 'can_post': Permissions.can_post_web_article(user), 'can_edit': Permissions.can_approve_web_article(user), 'post_button': Permissions.can_upload_articles(user), 'is_member': (hasattr(user, 'userprofile') and user.userprofile.is_member()), 'can_process_project_reports': can_process_reports, } return permission_dict
def get_permissions(user): permission_dict=get_member_permissions(user) is_member=False if hasattr(user,'userprofile') and user.userprofile.is_member(): is_member=True permission_dict.update({'can_create_thread':Permissions.can_create_thread(user), 'can_create_forum':Permissions.can_create_forum(user), 'can_comment':hasattr(user,'userprofile') and user.userprofile.is_member(), 'can_moderate':Permissions.can_create_forum(user), 'can_downvote':get_user_points(user.userprofile.memberprofile)>0 if is_member else False}) return permission_dict
def get_permissions(user): permission_dict = get_member_permissions(user) permission_dict.update({ 'can_edit_resources':Permissions.can_manage_electee_progress(user), 'can_edit_surveys':Permissions.can_manage_electee_progress(user), 'can_complete_surveys':Permissions.can_complete_electee_survey(user), 'can_submit_background_form':can_submit_background_form(user), 'can_submit_interview_followups':user_is_member(user) and user.userprofile.memberprofile.status.name=='Active', 'can_view_interview_pairings':Permissions.can_view_interview_pairings(user), 'can_view_followups':Permissions.can_see_follow_up(user), }) return permission_dict
def get_permissions(user): """ Standardized way of querying user permissions across the website. Permissions for the entire (or most of it) module are loaded into a dictionary that gets merged with the template context to provide the template with a list of permissions so as to generate the page correctly. """ permission_dict = { 'can_edit_about_photos': Permissions.can_manage_website(user), 'can_edit_bylaws': Permissions.can_manage_bylaws(user), } return permission_dict
def get_article_view(request,article_id): request.session['current_page']=request.path today = date.today() web_articles = WebsiteArticle.get_stories() if Permissions.can_post_web_article(request.user): NewArticleForm = modelform_factory(WebsiteArticle,form=WebArticleForm) if request.method == 'POST': form = NewArticleForm(request.POST) if form.is_valid(): a=form.save() if Permissions.can_approve_web_article(request.user): a.approved=True a.save() request.session['success_message']='Your webstory was posted successfully' else: request.session['success_message']='Your webstory has been submitted and is awaiting approval' if hasattr(request.user,'userprofile') and request.user.userprofile.is_member(): a.created_by = request.user.userprofile.memberprofile a.save() tweet_option = form.cleaned_data.pop('tweet_option','N') if tweet_option=='T': a.tweet_story(False) elif tweet_option=='H': a.tweet_story(True) return get_previous_page(request, 'history:index') else: request.session['error_message']='There were errors in your submission. Please correct the noted errors.' else: form = NewArticleForm(initial={'date_posted':today}) else: form = None template = loader.get_template('history/publications.html') if not article_id: if web_articles: article_id=web_articles[0].id else: article_id=0 context_dict = { 'web_articles':web_articles, 'main_id':int(article_id), 'form':form, 'subnav':'news', 'event_photos': (EventPhoto.objects.all() if form else None), } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) context = RequestContext(request, context_dict) return HttpResponse(template.render(context))
def edit_survey_questions(request): if not Permissions.can_manage_electee_progress(request.user): request.session['error_message']='You are not authorized to edit the electee survey.' return redirect('electees:view_electee_groups') SurveyQuestionFormSet = modelformset_factory(SurveyQuestion, exclude=[]) prefix='surveyquestions' if request.method =='POST': formset = SurveyQuestionFormSet(request.POST,prefix=prefix,queryset=SurveyQuestion.objects.all()) if formset.is_valid(): formset.save() request.session['success_message']='Electee interview survey questions updated successfully' return redirect('electees:manage_survey') else: request.session['error_message']='Form is invalid. Please correct the noted errors.' else: formset = SurveyQuestionFormSet(prefix=prefix,queryset=SurveyQuestion.objects.all()) template = loader.get_template('generic_formset.html') context_dict = { 'formset':formset, 'prefix':prefix, 'has_files':False, 'can_add_row':True, 'submit_name':'Update Electee Survey Questions', 'form_title':'Update Electee Interview Survey Questions', 'help_text':'Add or edit the different questions for the survey. Questions will only be displayed if they are added to the current survey. There should be no need to remove survey parts. If there is no word limit for a question, leave that field blank.', 'base':'electees/base_electees.html', 'back_button':{'link':reverse('electees:manage_survey'),'text':'To Survey Manager'}, } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) return HttpResponse(template.render(context_dict, request))
def manually_edit_electee_group_membership(request): if not Permissions.can_manage_electee_progress(request.user): request.session['error_message']='You are not authorized to edit electee teams' return redirect('electees:view_electee_groups') e_groups = ElecteeGroup.objects.filter(term=AcademicTerm.get_current_term()) prefix = 'manual_groups' term =AcademicTerm.get_current_term() formset=ManualElecteeGroupMembersFormSet(request.POST or None,prefix=prefix,queryset=ElecteeGroup.objects.filter(term=term)) if request.method=='POST': if formset.is_valid(): formset.save() request.session['success_message']='Electee team membership updated successfully' return redirect('electees:view_electee_groups') else: request.session['error_message']='Form is invalid. Please correct the noted errors.' template = loader.get_template('generic_formset.html') context_dict = { 'formset':formset, 'prefix':prefix, 'subsubnav':'members', 'has_files':False, 'submit_name':'Update Electee Team Membership', 'form_title':'Add Electee Team Members', 'help_text':'Add members to electee teams. This is for initial addition only, for edits use the drag-and-drop interface.', 'can_add_row':False, 'base':'electees/base_electees.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) return HttpResponse(template.render(context_dict, request))
def view_and_send_email(request): if not Permissions.can_edit_corporate_page(request.user): request.session['error_message'] = 'You are not authorized to email companies' return redirect('corporate:index') existing_email = CorporateEmail.objects.filter(active=True) if existing_email.exists(): existing_email = existing_email[0] else: request.session['error_message'] = 'No email specified' return redirect('corporate:index') contacts = CompanyContact.get_contacts(gets_email=True) context_dict = { 'contacts': contacts, 'email':existing_email.preview_email(), 'mig_alum_email':existing_email.preview_email(mig_alum=True), 'other_alum_email':existing_email.preview_email(other_alum=True), 'previous_contact_email':existing_email.preview_email(previous_contact=True), 'personal_contact_email':existing_email.preview_email(personal_contact=True), 'subnav': 'index', 'base': 'corporate/base_corporate.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) context = RequestContext(request, context_dict) template = loader.get_template('corporate/view_and_send_email.html') return HttpResponse(template.render(context))
def upload_article(request): """ Upload a printed article """ if not Permissions.can_upload_articles(request.user): raise PermissionDenied() form = ArticleForm(request.POST or None, request.FILES or None) if request.method == 'POST': if form.is_valid(): form.save() request.session['success_message'] = ('Article uploaded ' 'successfully') return get_previous_page(request, 'history:cornerstone_view') else: request.session['error_message'] = messages.GENERIC_SUBMIT_ERROR template = loader.get_template('generic_form.html') context_dict = { 'form': form, 'subnav': 'cornerstone', 'has_files': True, 'submit_name': 'Upload Printed Publication', 'form_title': 'Upload Article', 'help_text': 'Make sure to specify the type of publication.', 'base': 'history/base_history.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) return HttpResponse(template.render(context_dict, request))
def update_corporate_email(request): if not Permissions.can_edit_corporate_page(request.user): request.session[ 'error_message'] = 'You are not authorized to email companies' return redirect('corporate:index') prefix = 'corporate_email' existing_email = CorporateEmail.objects.filter(active=True) UpdateEmailForm = modelform_factory(CorporateEmail, exclude=[]) if existing_email.exists(): form = UpdateEmailForm(request.POST or None, prefix=prefix, instance=existing_email[0]) else: form = UpdateEmailForm(request.POST or None, prefix=prefix) if request.method == 'POST': if form.is_valid(): instance = form.save(commit=False) instance.id = None instance.pk = None instance.save() if existing_email.exists(): ex = existing_email[0] ex.active = False ex.save() request.session[ 'success_message'] = 'Company email successfully updated.' return redirect('corporate:index') else: request.session['error_message'] = FORM_ERROR context_dict = { 'form': form, 'subnav': 'index', 'prefix': prefix, 'has_files': False, 'submit_name': 'Update corporate email', 'back_button': { 'link': reverse('corporate:index'), 'text': 'To Corporate Page' }, 'form_title': 'Update corporate email', 'help_text': ('Update the email sent to companies to encourage their' 'participation in TBP corporate events.\n\nUse ' '{{company_name}} in the subject line as a placeholder' 'and {{extra_text}} in the body as a placeholder for the' 'extra text to members or personal contacts.'), 'base': 'corporate/base_corporate.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) template = loader.get_template('generic_form.html') return HttpResponse(template.render(context_dict, request))
def edit_company_contacts(request): if not Permissions.can_edit_corporate_page(request.user): request.session['error_message'] = 'You are not authorized to add company contacts' return redirect('corporate:index') prefix = 'corporate_page' formset = ContactFormSet(request.POST or None,prefix=prefix,initial=CompanyContact.get_contacts()) if request.method == 'POST': if formset.is_valid(): overdetermined = formset.save() if overdetermined: request.session['warning_message'] = 'Name, email, phone, bio, and chapter are ignored when profile provided.' request.session['success_message'] = 'Corporate contact successfully added.' return redirect('corporate:index') else: request.session['error_message'] = FORM_ERROR context_dict = { 'formset': formset, 'subnav': 'index', 'prefix': prefix, 'has_files': False, 'submit_name': 'Update company contacts', 'back_button': {'link': reverse('corporate:index'), 'text': 'To Corporate Page'}, 'form_title': 'Edit company contacts', 'help_text': ('Edit the list of company contacts. ' 'Contact info is ignored if a profile is provided.'), 'can_add_row':True, 'base': 'corporate/base_corporate.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) context = RequestContext(request, context_dict) template = loader.get_template('generic_formset.html') return HttpResponse(template.render(context))
def upload_article(request): if not Permissions.can_upload_articles(request.user): raise PermissionDenied() if request.method == 'POST': form = ArticleForm(request.POST,request.FILES) if form.is_valid(): form.save() request.session['success_message']='Article uploaded successfully' return get_previous_page(request,'history:cornerstone_view') else: request.session['error_message']='There were errors in your submission. Please correct the noted errors.' else: form = ArticleForm() template = loader.get_template('generic_form.html') context_dict = { 'form':form, 'subnav':'cornerstone', 'has_files':True, 'submit_name':'Upload Printed Publication', 'form_title':'Upload Article', 'help_text':'Make sure to specify the type of publication.', 'base':'history/base_history.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) context = RequestContext(request, context_dict) return HttpResponse(template.render(context))
def view_and_send_email(request): if not Permissions.can_edit_corporate_page(request.user): request.session[ 'error_message'] = 'You are not authorized to email companies' return redirect('corporate:index') existing_email = CorporateEmail.objects.filter(active=True) if existing_email.exists(): existing_email = existing_email[0] else: request.session['error_message'] = 'No email specified' return redirect('corporate:index') contacts = CompanyContact.get_contacts(gets_email=True) context_dict = { 'contacts': contacts, 'email': existing_email.preview_email(), 'mig_alum_email': existing_email.preview_email(mig_alum=True), 'other_alum_email': existing_email.preview_email(other_alum=True), 'previous_contact_email': existing_email.preview_email(previous_contact=True), 'personal_contact_email': existing_email.preview_email(personal_contact=True), 'subnav': 'index', 'base': 'corporate/base_corporate.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) template = loader.get_template('corporate/view_and_send_email.html') return HttpResponse(template.render(context_dict, request))
def eligibility(request): """ The joining page. The name eligibility is a backwards compatibility to the old name of the page. Unfortunately changing the view names is a big hassle as all the links throughout the website are kind of based on those. Shows text determined by the JoiningTextField table and a static photo that desperately needs updating. """ template = loader.get_template('about/eligibility.html') eligibility_text = JoiningTextField.objects.filter(section='EL') ugrad_reqs_text = JoiningTextField.objects.filter(section='UG') grad_reqs_text = JoiningTextField.objects.filter(section='GR') why_join_text = JoiningTextField.objects.filter(section='Y') context_dict = { 'eligibility_text': eligibility_text, 'ugrad_text': ugrad_reqs_text, 'grad_text': grad_reqs_text, 'why_join_text': why_join_text, 'can_edit_page': Permissions.can_manage_electee_progress(request.user), 'subnav': 'joining', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) context = RequestContext(request, context_dict) return HttpResponse(template.render(context))
def eligibility(request): """ The joining page. The name eligibility is a backwards compatibility to the old name of the page. Unfortunately changing the view names is a big hassle as all the links throughout the website are kind of based on those. Shows text determined by the :model:`about.JoiningTextField` table and a static photo that desperately needs updating. """ template = loader.get_template('about/eligibility.html') eligibility_text = JoiningTextField.objects.filter(section='EL') ugrad_reqs_text = JoiningTextField.objects.filter(section='UG') grad_reqs_text = JoiningTextField.objects.filter(section='GR') why_join_text = JoiningTextField.objects.filter(section='Y') context_dict = { 'eligibility_text': eligibility_text, 'ugrad_text': ugrad_reqs_text, 'grad_text': grad_reqs_text, 'why_join_text': why_join_text, 'can_edit_page': Permissions.can_manage_electee_progress(request.user), 'subnav': 'joining', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) return HttpResponse(template.render(context_dict, request))
def edit_electee_resources(request): if not Permissions.can_manage_electee_progress(request.user): request.session['error_message']='You are not authorized to edit electee resources.' return redirect('electees:view_electee_groups') ResourceFormSet = modelformset_factory(ElecteeResource,exclude=('term',),can_delete=True) term =AcademicTerm.get_current_term() if request.method =='POST': formset = ResourceFormSet(request.POST,request.FILES,prefix='resources',queryset=ElecteeResource.objects.filter(term=term)) if formset.is_valid(): instances=formset.save(commit=False) for obj in formset.deleted_objects: obj.delete() for instance in instances: instance.term=term instance.save() request.session['success_message']='Electee resources updated successfully' return redirect('electees:view_electee_groups') else: request.session['error_message']='Form is invalid. Please correct the noted errors.' else: formset = ResourceFormSet(prefix='resources',queryset=ElecteeResource.objects.filter(term=term)) template = loader.get_template('generic_formset.html') context_dict = { 'formset':formset, 'prefix':'resources', 'has_files':True, 'submit_name':'Update Electee Resources', 'form_title':'Update/Add/Remove Electee Resources for %s'%(unicode(term)), 'help_text':'These are the full packets and their constituent parts. If you need a part that isn\'t listed here, contact the web chair.', 'can_add_row':True, 'base':'electees/base_electees.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) return HttpResponse(template.render(context_dict, request))
def edit_electee_process_visibility(request): if not Permissions.can_manage_electee_progress(request.user): request.session['error_message']='You are not authorized to edit the electee process visibility settings.' return redirect('electees:view_electee_groups') current_vis = ElecteeProcessVisibility.objects.get_or_create(term=AcademicTerm.get_current_term()) VisibilityForm = modelform_factory(ElecteeProcessVisibility,exclude=['term']) prefix='visibility' form = VisibilityForm(request.POST or None ,prefix=prefix,instance=current_vis[0]) if request.method =='POST': if form.is_valid(): form.save() request.session['success_message']='Electee settings updated successfully' return redirect('electees:manage_survey') else: request.session['error_message']='Form is invalid. Please correct the noted errors.' template = loader.get_template('generic_form.html') context_dict = { 'form':form, 'prefix':prefix, 'has_files':False, 'submit_name':'Update Visibility Settings', 'form_title':'Update Electee Visibility Settings for %s'%(unicode(AcademicTerm.get_current_term())), 'help_text':'Change whether certain electee items are visible to all actives.', 'base':'electees/base_electees.html', 'back_button':{'link':reverse('electees:manage_survey'),'text':'To Survey Manager'}, } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) return HttpResponse(template.render(context_dict, request))
def create_forum(request): if not Permissions.can_create_forum(request.user): raise PermissionDenied() NewForumForm = modelform_factory(Forum) form = NewForumForm(request.POST or None) if request.method == 'POST': if form.is_valid(): form.save() request.session['success_message'] = 'Forum successfully created' return get_previous_page(request, alternate='fora:index') else: request.session['error_message'] = messages.GENERIC_SUBMIT_ERROR template = loader.get_template('generic_form.html') context_dict = { 'form': form, 'has_files': False, 'submit_name': 'Create new forum', 'form_title': 'Create new forum', 'help_text': ('A new forum should be organized around a topic or a ' 'style of post.'), 'base': 'fora/base_fora.html', 'back_button': { 'link': reverse('fora:index'), 'text': 'Back to fora' }, } context_dict.update(get_permissions(request.user)) context_dict.update(get_common_context(request)) return HttpResponse(template.render(context_dict, request))
def update_about_photos(request): if not Permissions.can_manage_website(request.user): request.session['error_message']='You are not authorized to update about page photos' return redirect('about:index') AboutPhotoForm = modelformset_factory(AboutSlideShowPhoto, can_delete=True) if request.method=='POST': formset = AboutPhotoForm(request.POST,request.FILES,prefix='about_photo') if formset.is_valid(): instances = formset.save() request.session['success_message']='About page photos successfully updated.' return redirect('about:index') else: request.session['error_message']='Your submision contained errors, please correct and resubmit.' else: formset=AboutPhotoForm(prefix='about_photo') context_dict = { 'formset':formset, 'prefix':'about_photo', 'subnav':'about', 'has_files':True, 'submit_name':'Update About Page Photos', 'back_button':{'link':reverse('about:index'),'text':'To About Page'}, 'form_title':'Edit About Page Photos', 'help_text':'These are the photos shown in the about page photo slideshow. You can omit a photo from being displayed by unchecking the \"Active\" option.', 'can_add_row':True, 'base':'about/base_about.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) context = RequestContext(request, context_dict) template = loader.get_template('generic_formset.html') return HttpResponse(template.render(context))
def accept_or_decline_nomination(request, nomination_id): """ 'View' that gets visited when an individual accepts/declines a nomination. """ if not Permissions.can_nominate(request.user): request.session['error_message'] = messages.ELECTION_NO_ACCEPT_PERM return redirect('elections:index') nom = get_object_or_404(Nomination, id=nomination_id) if not nom.nominee == request.user.userprofile.memberprofile: request.session['error_message'] = ('You can only accept or decline ' 'your own nominations.') return redirect('elections:index') if request.method == 'POST': request_body = request.POST else: request_body = request.GET if request_body.__contains__('accept'): accepted = (request_body.__getitem__('accept') == 'YES') nom.accepted = accepted nom.save() return HttpResponseRedirect( reverse('elections:my_nominations', args=(nom.election.id,)) )
def add_jobfield(request): if not Permissions.can_add_company(request.user): request.session[ 'error_message'] = 'You are not authorized to add industries' return redirect('corporate:index') prefix = 'corporate_page' AddIndustryForm = modelform_factory(JobField, exclude=[]) form = AddIndustryForm(request.POST or None, prefix=prefix) if request.method == 'POST': if form.is_valid(): instance = form.save() request.session['success_message'] = 'Industry successfully added.' return redirect('corporate:index') else: request.session['error_message'] = FORM_ERROR context_dict = { 'form': form, 'subnav': 'index', 'prefix': prefix, 'has_files': False, 'submit_name': 'Add industry', 'back_button': { 'link': reverse('corporate:index'), 'text': 'To Corporate Page' }, 'form_title': 'Add industry', 'help_text': ('Add industry information. Select all relevant majors.'), 'base': 'corporate/base_corporate.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) template = loader.get_template('generic_form.html') return HttpResponse(template.render(context_dict, request))
def manually_edit_electee_group_membership(request): if not Permissions.can_manage_electee_progress(request.user): request.session['error_message']='You are not authorized to edit electee teams' return redirect('electees:view_electee_groups') e_groups = ElecteeGroup.objects.filter(term=AcademicTerm.get_current_term()) prefix = 'manual_groups' term =AcademicTerm.get_current_term() formset=ManualElecteeGroupMembersFormSet(request.POST or None,prefix=prefix,queryset=ElecteeGroup.objects.filter(term=term)) if request.method=='POST': if formset.is_valid(): formset.save() request.session['success_message']='Electee team membership updated successfully' return redirect('electees:view_electee_groups') else: request.session['error_message']='Form is invalid. Please correct the noted errors.' template = loader.get_template('generic_formset.html') context_dict = { 'formset':formset, 'prefix':prefix, 'subsubnav':'members', 'has_files':False, 'submit_name':'Update Electee Team Membership', 'form_title':'Add Electee Team Members', 'help_text':'Add members to electee teams. This is for initial addition only, for edits use the drag-and-drop interface.', 'can_add_row':False, 'base':'electees/base_electees.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) context = RequestContext(request, context_dict) return HttpResponse(template.render(context))
def send_corporate_email(request): if not Permissions.can_edit_corporate_page(request.user): request.session[ 'error_message'] = 'You are not authorized to email companies' return { 'fragments': { '#ajax-message': r'''<div id="ajax-message" class="alert alert-danger"> <button type="button" class="close" data-dismiss="alert">×</button> <strong>Error:</strong>%s</div>''' % (request.session.pop('error_message')) } } existing_email = CorporateEmail.objects.filter(active=True) if existing_email.exists(): existing_email[0].send_corporate_email() request.session['success_message'] = 'Companies successfully emailed' return { 'fragments': { '#ajax-message': r'''<div id="ajax-message" class="alert alert-success"> <button type="button" class="close" data-dismiss="alert">×</button> <strong>Success:</strong>%s</div>''' % (request.session.pop('success_message')) } } else: request.session['error_message'] = 'Company email text does not exist' return { 'fragments': { '#ajax-message': r'''<div id="ajax-message" class="alert alert-danger"> <button type="button" class="close" data-dismiss="alert">×</button> <strong>Error:</strong>%s</div>''' % (request.session.pop('error_message')) } }
def edit_survey_questions(request): if not Permissions.can_manage_electee_progress(request.user): request.session['error_message']='You are not authorized to edit the electee survey.' return redirect('electees:view_electee_groups') SurveyQuestionFormSet = modelformset_factory(SurveyQuestion) prefix='surveyquestions' if request.method =='POST': formset = SurveyQuestionFormSet(request.POST,prefix=prefix,queryset=SurveyQuestion.objects.all()) if formset.is_valid(): formset.save() request.session['success_message']='Electee interview survey questions updated successfully' return redirect('electees:manage_survey') else: request.session['error_message']='Form is invalid. Please correct the noted errors.' else: formset = SurveyQuestionFormSet(prefix=prefix,queryset=SurveyQuestion.objects.all()) template = loader.get_template('generic_formset.html') context_dict = { 'formset':formset, 'prefix':prefix, 'has_files':False, 'can_add_row':True, 'submit_name':'Update Electee Survey Questions', 'form_title':'Update Electee Interview Survey Questions', 'help_text':'Add or edit the different questions for the survey. Questions will only be displayed if they are added to the current survey. There should be no need to remove survey parts. If there is no word limit for a question, leave that field blank.', 'base':'electees/base_electees.html', 'back_button':{'link':reverse('electees:manage_survey'),'text':'To Survey Manager'}, } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) context = RequestContext(request, context_dict) return HttpResponse(template.render(context))
def update_bylaws(request): denied_message = 'You are not authorized to update bylaws.' if not Permissions.can_manage_bylaws(request.user): request.session['error_message'] = denied_message return redirect('about:bylaws') form = GoverningDocumentForm(request.POST or None, request.FILES or None) if request.method == 'POST': if form.is_valid(): form.save() request.session['success_message'] = ('Document uploaded ' 'successfully') return get_previous_page(request, 'about:bylaws') else: request.session['error_message'] = messages.GENERIC_SUBMIT_ERROR template = loader.get_template('generic_form.html') context_dict = { 'form': form, 'subnav': 'bylaws', 'has_files': True, 'submit_name': 'Update Governing Document', 'form_title': 'Upload New Version of Governing Document', 'help_text': 'This will replace the existing document of this type.', 'base': 'about/base_about.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) return HttpResponse(template.render(context_dict, request))
def edit_electee_group_membership(request): if not Permissions.can_manage_electee_progress(request.user): request.session['error_message']='You are not authorized to edit electee teams' return redirect('electees:view_electee_groups') if request.method =='POST': electee_groups_json=request.POST['electee_groups'] electee_groups = json.loads(electee_groups_json) for group_id in electee_groups: members = electee_groups[group_id] group = ElecteeGroup.objects.get(id=group_id) group.members.clear() for member in members: group.members.add(MemberProfile.objects.get(uniqname=member)) request.session['success_message']='Your changes have been saved' e_groups = ElecteeGroup.objects.filter(term=AcademicTerm.get_current_term()) template = loader.get_template('electees/edit_electee_group_membership.html') context_dict = { 'electee_groups':e_groups, 'unassigned_electees':get_unassigned_electees(), 'subsubnav':'members', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) return HttpResponse(template.render(context_dict, request))
def add_jobfield(request): if not Permissions.can_add_company(request.user): request.session['error_message'] = 'You are not authorized to add industries' return redirect('corporate:index') prefix = 'corporate_page' AddIndustryForm = modelform_factory(JobField) form = AddIndustryForm(request.POST or None,prefix=prefix) if request.method == 'POST': if form.is_valid(): instance = form.save() request.session['success_message'] = 'Industry successfully added.' return redirect('corporate:index') else: request.session['error_message'] = FORM_ERROR context_dict = { 'form': form, 'subnav': 'index', 'prefix': prefix, 'has_files': False, 'submit_name': 'Add industry', 'back_button': {'link': reverse('corporate:index'), 'text': 'To Corporate Page'}, 'form_title': 'Add industry', 'help_text': ('Add industry information. Select all relevant majors.'), 'base': 'corporate/base_corporate.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) context = RequestContext(request, context_dict) template = loader.get_template('generic_form.html') return HttpResponse(template.render(context))
def update_joining_page(request): if not Permissions.can_manage_electee_progress(request.user): request.session['error_message']='You are not authorized to update joining page text.' return redirect('about:eligibility') JoiningTextForm = modelformset_factory(JoiningTextField,extra=0) if request.method=='POST': formset = JoiningTextForm(request.POST) if formset.is_valid(): instances = formset.save() request.session['success_message']='Joining page successfully updated.' return redirect('about:eligibility') else: request.session['error_message']='Your submision contained errors, please correct and resubmit.' else: formset=JoiningTextForm() context_dict = { 'formset':formset, 'subnav':'joining', 'has_files':False, 'submit_name':'Update Joining Page', 'back_button':{'link':reverse('about:eligibility'),'text':'To Joining Page'}, 'form_title':'Edit Joining Page Text', 'help_text':'These sections use markdown syntax. You can change the content and how it is displayed here.', 'can_add_row':False, 'base':'about/base_about.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) context = RequestContext(request, context_dict) template = loader.get_template('generic_formset.html') return HttpResponse(template.render(context))
def update_corporate_page(request): if not Permissions.can_edit_corporate_page(request.user): request.session['error_message'] = 'You are not authorized to edit the corporate page' return redirect('corporate:index') prefix = 'corporate_page' CorporateTextForm = modelformset_factory(CorporateTextField, extra=1, exclude=[]) formset = CorporateTextForm(request.POST or None,prefix=prefix) if request.method == 'POST': if formset.is_valid(): instances = formset.save() request.session['success_message'] = 'Corporate page successfully updated.' return redirect('corporate:index') else: request.session['error_message'] = FORM_ERROR context_dict = { 'formset': formset, 'subnav': 'index', 'prefix': prefix, 'has_files': False, 'submit_name': 'Update Corporate Page', 'back_button': {'link': reverse('corporate:index'), 'text': 'To Corporate Page'}, 'form_title': 'Edit Corporate Page Text', 'help_text': ('The text shown on the corporate main page. This text ' 'uses markdown syntax.'), 'can_add_row': False, 'base': 'corporate/base_corporate.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) context = RequestContext(request, context_dict) template = loader.get_template('generic_formset.html') return HttpResponse(template.render(context))
def edit_electee_group_points(request): if not Permissions.can_manage_electee_progress(request.user): request.session['error_message']='You are not authorized to edit electee team points.' return redirect('electees:view_electee_groups') term =AcademicTerm.get_current_term() GroupPointsFormSet = modelformset_factory(ElecteeGroupEvent,exclude=('related_event_id',),can_delete=True) GroupPointsFormSet.form.base_fields['electee_group'].queryset=ElecteeGroup.objects.filter(term=term) if request.method =='POST': formset = GroupPointsFormSet(request.POST,prefix='group_points',queryset=ElecteeGroupEvent.objects.filter(related_event_id=None,electee_group__term=term)) if formset.is_valid(): formset.save() request.session['success_message']='Electee team points updated successfully' return redirect('electees:view_electee_groups') else: request.session['error_message']='Form is invalid. Please correct the noted errors.' else: formset = GroupPointsFormSet(prefix='group_points',queryset=ElecteeGroupEvent.objects.filter(related_event_id=None,electee_group__term=term)) template = loader.get_template('generic_formset.html') context_dict = { 'formset':formset, 'prefix':'group_points', 'subsubnav':'points', 'has_files':False, 'submit_name':'Update Electee Team Points', 'form_title':'Update/Add Remove Electee Team Points', 'help_text':'Track the electee team points. You should not note any points from threshold participation at service or social events here. Those are tabulated automatically.', 'can_add_row':True, 'base':'electees/base_electees.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) return HttpResponse(template.render(context_dict, request))
def edit_survey_parts(request): if not Permissions.can_manage_electee_progress(request.user): request.session['error_message']='You are not authorized to edit the electee survey.' return redirect('electees:view_electee_groups') SurveyPartFormSet = modelformset_factory(SurveyPart, exclude=[]) prefix='surveyparts' if request.method =='POST': formset = SurveyPartFormSet(request.POST,prefix=prefix,queryset=SurveyPart.objects.all()) if formset.is_valid(): formset.save() request.session['success_message']='Electee interview survey parts updated successfully' return redirect('electees:manage_survey') else: request.session['error_message']='Form is invalid. Please correct the noted errors.' else: formset = SurveyPartFormSet(prefix=prefix,queryset=SurveyPart.objects.all()) template = loader.get_template('generic_formset.html') context_dict = { 'formset':formset, 'prefix':prefix, 'has_files':False, 'can_add_row':True, 'submit_name':'Update Electee Survey Parts', 'form_title':'Update Electee Interview Survey Parts', 'help_text':'Add or edit the different parts of the survey. Questions will be associated with a particular part. Only those parts that have questions which appear in a given survey will be included in that survey. There should be no need to remove survey parts. If all questions in a part are required, leave that field blank.', 'base':'electees/base_electees.html', 'back_button':{'link':reverse('electees:manage_survey'),'text':'To Survey Manager'}, } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) return HttpResponse(template.render(context_dict, request))
def edit_electee_group_membership(request): if not Permissions.can_manage_electee_progress(request.user): request.session['error_message']='You are not authorized to edit electee teams' return redirect('electees:view_electee_groups') if request.method =='POST': electee_groups_json=request.POST['electee_groups'] electee_groups = json.loads(electee_groups_json) for group_id in electee_groups: members = electee_groups[group_id] group = ElecteeGroup.objects.get(id=group_id) group.members.clear() for member in members: group.members.add(MemberProfile.objects.get(uniqname=member)) request.session['success_message']='Your changes have been saved' e_groups = ElecteeGroup.objects.filter(term=AcademicTerm.get_current_term()) template = loader.get_template('electees/edit_electee_group_membership.html') context_dict = { 'electee_groups':e_groups, 'unassigned_electees':get_unassigned_electees(), 'subsubnav':'members', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) context = RequestContext(request, context_dict) return HttpResponse(template.render(context))
def edit_articles(request): if not Permissions.can_approve_web_article(request.user): request.session['error_message']='You are not authorized to edit web articles.' return redirect('history:index') prefix='webstories' WebStoryFormset = modelformset_factory(WebsiteArticle,can_delete=True) if request.method =='POST': formset = WebStoryFormset(request.POST,prefix=prefix,queryset = WebsiteArticle.objects.order_by('approved','-date_posted')) if formset.is_valid(): formset.save() request.session['success_message']='Web stories updated successfully' return redirect('history:index') else: request.session['error_message']='Form is invalid. Please correct the noted errors.' else: formset = WebStoryFormset(prefix=prefix,queryset = WebsiteArticle.objects.order_by('approved','-date_posted')) template = loader.get_template('generic_formset.html') context_dict = { 'formset':formset, 'prefix':prefix, 'has_files':False, 'can_add_row':False, 'submit_name':'Update Website Stories', 'form_title':'Edit Website Stories', 'help_text':'Use this to edit or approve website stories submitted by others, for long stories, make sure to add the <fold> attribute.', 'base':'history/base_history.html', 'back_button':{'link':reverse('history:index'),'text':'To Website Stories'}, } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) context = RequestContext(request, context_dict) return HttpResponse(template.render(context))
def edit_electee_group_points(request): if not Permissions.can_manage_electee_progress(request.user): request.session['error_message']='You are not authorized to edit electee team points.' return redirect('electees:view_electee_groups') term =AcademicTerm.get_current_term() GroupPointsFormSet = modelformset_factory(ElecteeGroupEvent,exclude=('related_event_id',),can_delete=True) GroupPointsFormSet.form.base_fields['electee_group'].queryset=ElecteeGroup.objects.filter(term=term) if request.method =='POST': formset = GroupPointsFormSet(request.POST,prefix='group_points',queryset=ElecteeGroupEvent.objects.filter(related_event_id=None,electee_group__term=term)) if formset.is_valid(): formset.save() request.session['success_message']='Electee team points updated successfully' return redirect('electees:view_electee_groups') else: request.session['error_message']='Form is invalid. Please correct the noted errors.' else: formset = GroupPointsFormSet(prefix='group_points',queryset=ElecteeGroupEvent.objects.filter(related_event_id=None,electee_group__term=term)) template = loader.get_template('generic_formset.html') context_dict = { 'formset':formset, 'prefix':'group_points', 'subsubnav':'points', 'has_files':False, 'submit_name':'Update Electee Team Points', 'form_title':'Update/Add Remove Electee Team Points', 'help_text':'Track the electee team points. You should not note any points from threshold participation at service or social events here. Those are tabulated automatically.', 'can_add_row':True, 'base':'electees/base_electees.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) context = RequestContext(request, context_dict) return HttpResponse(template.render(context))
def edit_electee_group_membership(request): if not Permissions.can_manage_electee_progress(request.user): request.session["error_message"] = "You are not authorized to edit electee groups" return redirect("electees:view_electee_groups") if request.method == "POST": electee_groups_json = request.POST["electee_groups"] electee_groups = json.loads(electee_groups_json) for group_id in electee_groups: members = electee_groups[group_id] group = ElecteeGroup.objects.get(id=group_id) group.members.clear() for member in members: group.members.add(MemberProfile.objects.get(uniqname=member)) request.session["success_message"] = "Your changes have been saved" e_groups = ElecteeGroup.objects.filter(term=get_current_term()) template = loader.get_template("electees/edit_electee_group_membership.html") context_dict = { "electee_groups": e_groups, "unassigned_electees": get_unassigned_electees(), "subsubnav": "members", } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) context = RequestContext(request, context_dict) return HttpResponse(template.render(context))
def edit_electee_process_visibility(request): if not Permissions.can_manage_electee_progress(request.user): request.session['error_message']='You are not authorized to edit the electee process visibility settings.' return redirect('electees:view_electee_groups') current_vis = ElecteeProcessVisibility.objects.get_or_create(term=AcademicTerm.get_current_term()) VisibilityForm = modelform_factory(ElecteeProcessVisibility,exclude=['term']) prefix='visibility' form = VisibilityForm(request.POST or None ,prefix=prefix,instance=current_vis[0]) if request.method =='POST': if form.is_valid(): form.save() request.session['success_message']='Electee settings updated successfully' return redirect('electees:manage_survey') else: request.session['error_message']='Form is invalid. Please correct the noted errors.' template = loader.get_template('generic_form.html') context_dict = { 'form':form, 'prefix':prefix, 'has_files':False, 'submit_name':'Update Visibility Settings', 'form_title':'Update Electee Visibility Settings for %s'%(unicode(AcademicTerm.get_current_term())), 'help_text':'Change whether certain electee items are visible to all actives.', 'base':'electees/base_electees.html', 'back_button':{'link':reverse('electees:manage_survey'),'text':'To Survey Manager'}, } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) context = RequestContext(request, context_dict) return HttpResponse(template.render(context))
def edit_electee_groups(request): if not Permissions.can_manage_electee_progress(request.user): request.session[ 'error_message'] = 'You are not authorized to edit electee groups' return redirect('electees:view_electee_groups') e_groups = ElecteeGroup.objects.filter(term=get_current_term()) ElecteeGroupFormSet = modelformset_factory(ElecteeGroup, exclude=( 'term', 'members', 'points', ), can_delete=True, widgets={ 'leaders': CheckboxSelectMultiple, 'officers': CheckboxSelectMultiple }) ElecteeGroupFormSet.form.base_fields['leaders'].queryset = get_actives( ).order_by('last_name', 'first_name') #ElecteeGroupFormSet.form.base_fields['leaders'].widget=CheckboxSelectMultiple ElecteeGroupFormSet.form.base_fields[ 'officers'].queryset = get_current_officers().order_by( 'last_name', 'first_name') if request.method == 'POST': formset = ElecteeGroupFormSet(request.POST, prefix='groups') if formset.is_valid(): instances = formset.save(commit=False) for instance in instances: if not instance.id: instance.term = get_current_term() instance.points = 0 instance.save() formset.save_m2m() request.session[ 'success_message'] = 'Electee groups successfully updated' return redirect('electees:view_electee_groups') else: request.session[ 'error_message'] = 'Form is invalid. Please correct the noted errors' else: formset = ElecteeGroupFormSet(queryset=e_groups, prefix='groups') template = loader.get_template('generic_formset.html') context_dict = { 'formset': formset, 'prefix': 'groups', 'subsubnav': 'groups', 'has_files': False, 'submit_name': 'Update Electee Groups', 'form_title': 'Update/Add/Remove Electee Groups', 'help_text': 'Create the electee groups for this semester, and specify the leaders nd officers. You can also remove or edit here.', 'can_add_row': True, 'base': 'electees/base_electees.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) context = RequestContext(request, context_dict) return HttpResponse(template.render(context))
def update_mindset_photos(request): if not Permissions.can_update_mindset_materials(request.user): request.session['error_message']='You are not authorized to update MindSET Materials' return redirect('outreach:mindset') MindSETPhotoForm = modelformset_factory(OutreachPhoto,can_delete=True) if request.method=='POST': formset = MindSETPhotoForm(request.POST,request.FILES,prefix='mindset') if formset.is_valid(): instances = formset.save() request.session['success_message']='Photos successfully updated.' return redirect('outreach:mindset') else: request.session['error_message']='Your submission contained errors, please correct and resubmit.' else: formset=MindSETPhotoForm(prefix='mindset') context_dict = { 'formset':formset, 'prefix':'mindset', 'subnav':'mindset', 'has_files':True, 'submit_name':'Update MindSET Photos', 'back_button':{'link':reverse('outreach:mindset'),'text':'To MindSET Page'}, 'form_title':'Edit MindSET Photos', 'help_text':'You can update the photos for the MindSET section of the website here.', 'can_add_row':True, 'base':'outreach/base_outreach.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) context = RequestContext(request, context_dict) template = loader.get_template('generic_formset.html') return HttpResponse(template.render(context))
def get_permissions(user): permission_dict = get_member_permissions(user) is_member = False can_downvote = False if hasattr(user, 'userprofile') and user.userprofile.is_member(): is_member = True can_downvote = get_user_points(user.userprofile.memberprofile) > 0 permission_dict.update({ 'can_create_thread': Permissions.can_create_thread(user), 'can_create_forum': Permissions.can_create_forum(user), 'can_comment': is_member, 'can_moderate': Permissions.can_create_forum(user), 'can_downvote': can_downvote }) return permission_dict
def add_company_contact(request): if not Permissions.can_add_corporate_contact(request.user): request.session[ 'error_message'] = 'You are not authorized to add company contacts' return redirect('corporate:index') prefix = 'corporate_page' can_edit = Permissions.can_edit_corporate_page(request.user) form = AddContactForm(request.POST or None, prefix=prefix, can_edit=can_edit) if request.method == 'POST': if form.is_valid(): if form.is_overdetermined(): request.session[ 'warning_message'] = 'Name, email, phone, bio, and chapter are ignored when profile provided.' instance = form.save() request.session[ 'success_message'] = 'Corporate contact successfully added.' return redirect('corporate:index') else: request.session['error_message'] = FORM_ERROR help_text = 'Add a contact to the company contacts database.' if not can_edit: help_text = help_text + (' Note: you are adding a suggested contact; ' 'they will not be emailed unless approved by ' 'the Corporate Relations Officer.') context_dict = { 'form': form, 'subnav': 'index', 'prefix': prefix, 'has_files': False, 'submit_name': 'Add company contact', 'back_button': { 'link': reverse('corporate:index'), 'text': 'To Corporate Page' }, 'form_title': 'Add company contact', 'help_text': help_text, 'base': 'corporate/base_corporate.html', } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) template = loader.get_template('generic_form.html') return HttpResponse(template.render(context_dict, request))
def receive_book_start(request, uniqname): """ Just show a form for the barcode On submit looks up the book type, if present redirects to receive_book If not saves the uniqname into request.session and redirects to create_book_type """ if not Permissions.can_process_bookswap(request.user): request.session['error_message'] = messages.BOOKSWAP_NO_PERM return get_previous_page(request, alternate='bookswap:admin_index') if not BookSwapStatus.can_receive(AcademicTerm.get_current_term()): request.session['error_message'] = 'Book receiving not enabled' return get_previous_page(request, alternate='bookswap:admin_index') form = BookSearchForm(request.POST or None) if request.method == 'POST': if form.is_valid(): barcode = form.cleaned_data.get('book_barcode', '') book_type = BookType.objects.filter(isbn=barcode) if book_type.exists(): # TODO: If multiple give choice? book_type = book_type[0] request.session['success_message'] = ('Book found, please ' 'enter sale details.') return redirect('bookswap:receive_book', uniqname=uniqname, book_type_id=book_type.id) else: request.session['warning_message'] = ('Book not found, please ' 'enter details.') request.session['uniqname'] = uniqname request.session['isbn'] = barcode return redirect('bookswap:create_book_type') else: request.session['error_message'] = messages.GENERIC_SUBMIT_ERROR template = loader.get_template('generic_form.html') context_dict = { 'form': form, 'subnav': 'admin', 'has_files': False, 'submit_name': 'Search for book by ISBN', 'form_title': 'Search for a book in the system', 'help_text': ('You can search for a book by its ISBN, which is the ' '13 digit code scanned by the barcode.'), 'base': 'bookswap/base_bookswap.html', } context_dict.update(get_permissions(request.user)) context_dict.update(get_common_context(request)) context = RequestContext(request, context_dict) return HttpResponse(template.render(context))
def delete_forum(request, forum_id): if not Permissions.can_create_forum(request.user): request.session['error_message'] = ('You are not authorized to delete ' 'fora') return redirect('fora:index') forum = get_object_or_404(Forum, id=forum_id) if forum.forumthread_set.filter(hidden=False).exists(): request.session['error_message'] = ('Forum has visible threads, ' 'unable to delete') return get_previous_page(request, alternate='fora:index') forum.delete() return redirect('fora:index')
def complete_survey_for_term(request,term_id): if not Permissions.can_complete_electee_survey(request.user): request.session['error_message']='You are not authorized to preview the electee survey.' return redirect('electees:view_electee_groups') term = get_object_or_404(AcademicTerm,id=term_id) current_surveys = ElecteeInterviewSurvey.objects.filter(term = term) submitter=request.user.userprofile.memberprofile if current_surveys.exists(): current_survey=current_surveys[0] existed=True else: raise Http404 questions = current_survey.questions.all() if request.method =='POST': form = ElecteeSurveyForm(request.POST,questions=questions) if form.is_valid(): print form.cleaned_data for (question, answer) in form.get_answers(): existing_answer = SurveyAnswer.objects.filter(term=term,submitter=submitter,question=question) if existing_answer.exists(): old_answer = existing_answer[0] if len(answer): old_answer.answer=answer old_answer.save() else: existing_answer.delete() else: if len(answer): new_answer = SurveyAnswer(term=term,submitter=submitter,answer=answer,question=question) new_answer.save() request.session['success_message']='Electee survey updated successfully' return redirect('electees:view_electee_groups') else: request.session['error_message']='Form is invalid. Please correct the noted errors.' else: answers = SurveyAnswer.objects.filter(submitter=submitter,term=term,question__in=questions).distinct() form = ElecteeSurveyForm(questions=questions,answers=answers) template = loader.get_template('electees/complete_survey.html') context_dict = { 'real_form':True, 'form':form, 'survey':current_survey, 'questions':questions, } context_dict.update(get_common_context(request)) context_dict.update(get_permissions(request.user)) return HttpResponse(template.render(context_dict, request))
def start_transaction(request): """ Just a simple form to receive the barcode, uniqname, or UMID Looks up the buyer or seller, redirects to form to confirm information """ if not Permissions.can_process_bookswap( request.user): # TODO: create permission logic request.session['error_message'] = messages.BOOKSWAP_NO_PERM return get_previous_page(request, alternate='bookswap:admin_index') form = StartTransactionForm(request.POST or None) if request.method == 'POST': if form.is_valid(): user = form.get_user() uniqname = '' if user: request.session['success_message'] = ('User found, please ' 'confirm details.') request.session['had_profile'] = True uniqname = user.user_profile.uniqname request.session['uniqname'] = uniqname else: request.session['error_message'] = ('User not found, please ' 'create now.') request.session['UMID'] = form.cleaned_data['user_UMID'] request.session['uniqname'] = form.cleaned_data[ 'user_uniqname'] request.session['barcode'] = form.cleaned_data['user_barcode'] request.session['had_profile'] = False return redirect('bookswap:update_person') else: request.session['error_message'] = messages.GENERIC_SUBMIT_ERROR template = loader.get_template('generic_form.html') context_dict = { 'form': form, 'subnav': 'admin', 'has_files': False, 'submit_name': 'Search for user', 'form_title': 'Search for a user in the system', 'help_text': ('You can search for a user by UMID, uniqname, or the ' 'barcode on their MCard.'), 'base': 'bookswap/base_bookswap.html', } context_dict.update(get_permissions(request.user)) context_dict.update(get_common_context(request)) context = RequestContext(request, context_dict) return HttpResponse(template.render(context))
def hide_comment(request, comment_id): if not Permissions.can_create_forum(request.user): request.session['error_message'] = ('You are not authorized to hide ' 'comments') return redirect('fora:index') message = get_object_or_404(ForumMessage, id=comment_id) message.hidden = True message.save() if not message.in_reply_to: thread = message.forum_thread thread.hidden = True thread.save() return redirect('fora:index') return get_previous_page(request, alternate='fora:index')