Пример #1
0
def edit_note(request):
    """ Function to edit existing note. Checks user rights before editing. """

    note_id = request.GET.get('id', '')
    note = Notes.objects.get(id=note_id)
    error = ''
    user = User.objects.get(id=request.user.id)
    if note.user_id != user.id:  # additional check in case of cheating
        error = 'This note is private, only author can edit this note.'
    if request.method == 'POST':
        cleaned_body = django_wysiwyg.clean_html(request.POST['body'])
        form = NoteForm(request.POST, instance=note)
        form.instance.user = user
        form.instance.body = cleaned_body
        form.instance.date = timezone.now()
        if form.is_valid():
            form.save()
            return HttpResponseRedirect('/show_note/?id={}'.format(note_id),
                                        RequestContext(request))
    else:
        form = NoteForm(instance=note)
    return render_to_response('notes/edit_note.html', {
        'form': form,
        'note_id': note_id,
        'error': error
    }, RequestContext(request))
Пример #2
0
def add_note(request):
    """ Function to add new note. """

    redirect_to = request.GET.get('next', '/home/')
    if request.method == 'POST':
        user = User.objects.get(id=request.user.id)
        cleaned_body = django_wysiwyg.clean_html(request.POST['body'])
        form = NoteForm(request.POST)
        form.instance.user = user
        form.instance.body = cleaned_body
        if form.is_valid():
            form.save()
            messages.info(request, "Your note was successfully saved.")
            return HttpResponseRedirect(redirect_to, RequestContext(request))
    else:
        form = NoteForm()
    return render_to_response('notes/add_note.html', {
        'form': form,
        'redirect_to': redirect_to
    }, RequestContext(request))