def move_post_2(request, group, post_id, category_id): """ Display threads in category (category_id) where the post can be moved to """ post = Post.objects.get(pk=post_id) if not post.allow_moving_post(): raise PermissionDenied() thread = post.get_thread() category = Category.objects.get(pk=category_id) thread_list = category.get_thread_list().exclude( root_post=thread.pk).order_by('-thread_latest_postdate') res = object_list(request=request, queryset=thread_list, allow_empty=True, template_name="sphene/sphboard/move_post_2.html", extra_context={ 'post': post, 'category': category }, template_object_name='thread', paginate_by=get_sph_setting('board_post_paging')) return res
def showThread(request, thread_id, group=None, slug=None): thread = get_object_or_404(Post.objects, pk=thread_id) if not thread.category.has_view_permission(request.user): raise PermissionDenied() thread.viewed(request.session, request.user) sphdata = get_current_sphdata() if sphdata != None: sphdata['subtitle'] = thread.subject category_type = thread.category.get_category_type() template_name = category_type.get_show_thread_template() res = object_list( request=request, #queryset = Post.objects.filter( Q( pk = thread_id ) | Q( thread = thread ) ).order_by('postdate'), queryset=thread.get_all_posts().order_by('postdate'), allow_empty=True, template_name=template_name, extra_context={ 'thread': thread, 'allowPosting': thread.allowPosting(request.user), 'postSubject': 'Re: ' + thread.subject, 'category_type': category_type, }, template_object_name='post', paginate_by=get_sph_setting('board_post_paging'), ) res.sph_lastmodified = thread.get_latest_post().postdate return res
def admin_permission_rolegroup_edit(request, group, rolegroup_id): if not has_permission_flag(request.user, 'community_manage_roles'): raise PermissionDenied() rolegroup = RoleGroup.objects.get( pk=rolegroup_id, group=group, ) if request.method == 'POST': username = request.POST['username'] if username: user = User.objects.get(username=username) RoleGroupMember(user=user, rolegroup=rolegroup).save() return HttpResponseRedirect(rolegroup.get_absolute_editurl()) if 'cmd' in request.GET and 'id' in request.GET: if request.GET['cmd'] == 'remove': member = rolegroup.rolegroupmember_set.get(pk=request.GET['id']) messages.success(request, message=ugettext(u'Removed user %(username)s from rolegroup.') % \ {'username': member.user.username}) member.delete() return HttpResponseRedirect(rolegroup.get_absolute_editurl()) return render(request, 'sphene/community/admin/permission/rolegroup_edit.html', {'rolegroup': rolegroup})
def edit_poll(request, group, poll_id): poll = get_object_or_404(Poll, pk=poll_id) if not poll.allow_editing(): raise PermissionDenied() postdata = None if request.method == 'POST': postdata = request.POST form = PollForm(postdata, instance=poll) choiceforms = [ PollChoiceForm( postdata, prefix='choice_%d' % choice.id, instance=choice, ) for choice in poll.pollchoice_set.all() ] if request.method == 'POST' and form.is_valid() \ and not [ True for choiceform in choiceforms if not choiceform.is_valid() ]: form.save() for choiceform in choiceforms: choiceform.save() return HttpResponseRedirect( sph_reverse('sphene.sphboard.views.showThread', kwargs={'thread_id': poll.post.get_thread().id})) return sph_render_to_response('sphene/sphboard/edit_poll.html', { 'form': form, 'choiceforms': choiceforms, })
def diff(request, group, snipName, changeId=None): snip = get_object_or_404(WikiSnip, group=group, name=snipName) if not snip.has_view_permission(): raise PermissionDenied() changeEnd = get_object_or_404( WikiSnipChange, snip=snip, pk=changeId, ) args = { 'snip': snip, 'snipName': snipName, } try: changeStart = snip.wikisnipchange_set.filter( edited__lt=changeEnd.edited, ).order_by('-edited')[0] args['prev_change'] = changeStart except IndexError: changeStart = None diffTable = ugettext("This is the first change.") try: next_change = snip.wikisnipchange_set.filter( edited__gt=changeEnd.edited, ).order_by('edited')[0] args['next_change'] = next_change except IndexError: pass if changeStart: htmlDiff = HtmlDiff(wrapcolumn=50, ) from sphene.community.templatetags.sph_extras import sph_date, sph_user_displayname desc = ugettext('%(date)s by %(editor)s') if snip.has_edit_permission(): desc += ' / <a href="%(editversionlink)s">' + ugettext( 'Edit this version') + '</a>' fromdesc = desc % { 'date': sph_date(changeStart.edited), 'editor': sph_user_displayname(changeStart.editor), 'editversionlink': changeStart.get_absolute_editurl() }, todesc = desc % { 'date': sph_date(changeEnd.edited), 'editor': sph_user_displayname(changeEnd.editor), 'editversionlink': changeEnd.get_absolute_editurl() }, diffTable = htmlDiff.make_table( changeStart.body.splitlines(1), changeEnd.body.splitlines(1), fromdesc=fromdesc, todesc=todesc, context=True, ) args['diffTable'] = mark_safe(diffTable) args['fromchange'] = changeStart args['tochange'] = changeEnd return render_to_response('sphene/sphwiki/diff.html', args, context_instance=RequestContext(request))
def admin_user_switch_active(request, user_id, group): if not has_permission_flag(request.user, 'community_manage_users'): raise PermissionDenied() usr = get_object_or_404(User, pk=user_id, is_superuser=False) usr.is_active = not usr.is_active usr.save() user_status = _('no') button_label = _('Enable') if usr.is_active: user_status = _('yes') button_label = _('Disable') else: # clear user sessions - only works if sessions are stored in django db if settings.SESSION_ENGINE == 'django.contrib.sessions.backends.db': from django.contrib.sessions.models import Session [ s.delete() for s in Session.objects.all() if s.get_decoded().get('_auth_user_id') == usr.id ] if not request.is_ajax(): messages.success( request, message=ugettext(u'Successfully changed user status.')) req = request.GET if request.method == 'GET' else request.POST url = req.get('next', reverse('sph_admin_users')) return HttpResponseRedirect(url) else: return HttpResponse(json.dumps({ "user_status": user_status, "button_label": button_label }), mimetype='application/json')
def move_post_2(request, group, post_id, category_id): """ Display threads in category (category_id) where the post can be moved to """ post_obj = Post.objects.get(pk=post_id) if not post_obj.allow_moving_post(): raise PermissionDenied() thread = post_obj.get_thread() category = Category.objects.get(pk=category_id) thread_list = category.get_thread_list().exclude( root_post=thread.pk).order_by('-thread_latest_postdate') paginator = Paginator(thread_list, get_sph_setting('board_post_paging'), allow_empty_first_page=True) page = request.GET.get('page') page_obj = paginator.get_page(page) # res = object_list(request=request, # queryset=thread_list, # allow_empty=True, # template_name="sphene/sphboard/move_post_2.html", # extra_context={'post': post_obj, # 'category': category}, # template_object_name='thread', # paginate_by=get_sph_setting('board_post_paging') # ) return render(request, 'sphene/sphboard/move_post_2.html', { 'post': post_obj, 'category': category, 'thread_list': page_obj, })
def showSnip(request, group, snipName): snip_rendered_body = None try: snip = WikiSnip.objects.get(group=group, name__exact=snipName) except WikiSnip.DoesNotExist: snip = WikiSnip(name=snipName, group=group) if not snip.has_view_permission(): raise PermissionDenied() res = None if 'type' in request.GET: if request.GET['type'] == 'src': res = HttpResponse( snip.body, mimetype='text/plain', ) if request.GET['type'] == 'full': res = HttpResponse( snip.render(), mimetype='text/html', ) if not res: sphdata = get_current_sphdata() snip_rendered_body = False redirects = () while not snip_rendered_body or 'sphwiki_redirect_to_snip' in sphdata: if snip_rendered_body: if snip in redirects: if request.user.is_authenticated(): request.user.message_set.create( message=ugettext("Detected redirect loop.")) break redirects += (snip, ) snip = sphdata['sphwiki_redirect_to_snip'] del sphdata['sphwiki_redirect_to_snip'] snip_rendered_body = snip.render() if sphdata != None: sphdata['subtitle'] = snip.title or snip.name res = render_to_response('sphene/sphwiki/showSnip.html', { 'snip': snip, 'snipName': snipName, 'snip_rendered_body': snip_rendered_body, 'redirects': redirects, 'commentstemplate': 'sphene.sphcomments' in settings.INSTALLED_APPS and 'sphene/sphwiki/wikicomments.html' or 'sphene/sphwiki/wikicomments_unavailable.html', }, context_instance=RequestContext(request)) res.sph_lastmodified = snip.changed return res
def admin_post_delete(request, group, user_id, post_id): post = get_object_or_404(Post, author=user_id, pk=post_id) if not post.allow_hiding(): raise PermissionDenied() post.hide() messages.success(request, message=ugettext(u'Post deleted')) return HttpResponseRedirect( sph_reverse('sphboard_admin_user_posts', kwargs={'user_id': user_id}))
def admin_permission_role_list(request, group): if not has_permission_flag(request.user, 'community_manage_roles'): raise PermissionDenied() roles = Role.objects.filter(group=group) return render_to_response( 'sphene/community/admin/permission/role_list.html', { 'roles': roles, }, context_instance=RequestContext(request))
def attachmentEdit(request, group, snipName, attachmentId=None): """Importing ModelForm""" from django.forms import ModelForm """ Class necessary for the Modelform """ class AttachmentFormNew(ModelForm): class Meta: model = WikiAttachment attachment = None if attachmentId is None: AttachmentForm = AttachmentFormNew() else: attachment = WikiAttachment.objects.get(id=attachmentId) AttachmentForm = AttachmentFormNew(instance=attachment) if attachment: if not attachment.snip.has_edit_permission(): raise PermissionDenied() if 'delete' in request.GET and request.GET['delete'] == '1': attachment.delete() messages.success(request, message=ugettext("Successfully deleted attachment.")) return HttpResponseRedirect( attachment.snip.get_absolute_attachmenturl()) AttachmentForm.base_fields['fileupload'].widget = widgets.FileInput() if request.method == 'POST': if get_sph_setting('django096compatibility'): reqdata = request.POST.copy() reqdata.update(request.FILES) form = AttachmentForm(reqdata) else: form = AttachmentFormNew(request.POST, request.FILES) if form.is_valid(): attachment = form.save(commit=False) snip = WikiSnip.objects.get(name__exact=snipName, group=group) attachment.snip = snip attachment.uploader = request.user if get_sph_setting('django096compatibility'): attachment.save_fileupload_file( reqdata['fileupload']['filename'], reqdata['fileupload']['content']) attachment.save() return HttpResponseRedirect(snip.get_absolute_attachmenturl()) else: form = AttachmentFormNew(instance=attachment) return render_to_response('sphene/sphwiki/editAttachment.html', { 'form': form, 'snipName': snipName, }, context_instance=RequestContext(request))
def admin_posts_delete(request, group, user_id): posts = Post.objects.filter(author=user_id) if posts: if not posts[0].allow_hiding(): raise PermissionDenied() for post in posts: post.hide() messages.success(request, message=ugettext(u'All posts deleted')) else: messages.success(request, message=ugettext(u'No posts to delete')) return HttpResponseRedirect( sph_reverse('sphboard_admin_user_posts', kwargs={'user_id': user_id}))
def attachment(request, group, snipName): snip = WikiSnip.objects.get(name__exact=snipName, group=group) if not snip.has_view_permission(): raise PermissionDenied() res = WikiAttachment.objects.filter(snip=snip) return object_list(request=request, queryset=WikiAttachment.objects.filter(snip=snip), template_name='sphene/sphwiki/listAttachments.html', extra_context={'snipName': snipName, 'snip': snip, }, allow_empty=True)
def admin_permission_rolegroup_list(request, group): if not has_permission_flag(request.user, 'community_manage_roles'): raise PermissionDenied() if request.method == 'POST': name = request.POST['name'] if name: RoleGroup(group=group, name=name).save() return HttpResponseRedirect( sph_reverse('community_admin_permission_rolegroup_list')) rolegroups = RoleGroup.objects.filter(group=group) return render(request, 'sphene/community/admin/permission/rolegroup_list.html', {'rolegroups': rolegroups})
def options(request, thread_id, group=None): thread = Post.objects.get(pk=thread_id) if request.REQUEST['cmd'] == 'makeSticky': if not thread.allow_sticking(): raise PermissionDenied() thread.set_sticky(True) elif request.REQUEST['cmd'] == 'removeSticky': if not thread.allow_sticking(): raise PermissionDenied() thread.set_sticky(False) elif request.REQUEST['cmd'] == 'toggleClosed': if not thread.allow_locking(): raise PermissionDenied() thread.set_closed(not thread.is_closed()) elif request.REQUEST['cmd'] == 'modifytags': if not request.user.is_superuser: raise PermissionDenied() from tagging.models import Tag Tag.objects.update_tags(thread.get_threadinformation(), [ request.POST['tags'], ]) thread.save() return HttpResponseRedirect(thread.get_absolute_url())
def move_post_1(request, group, post_id): """ Display list of categories where the post can be moved to. """ post_obj = Post.objects.get(pk=post_id) if not post_obj.allow_moving_post(): raise PermissionDenied() categories = get_all_viewable_categories(group, request.user) categories = Category.objects.filter(pk__in=categories) return render(request, "sphene/sphboard/move_post_1.html", { 'categories': categories, 'post': post_obj })
def history(request, group, snipName): snip = get_object_or_404(WikiSnip, group=group, name=snipName) if not snip.has_view_permission(): raise PermissionDenied() return object_list( request=request, queryset=snip.wikisnipchange_set.order_by('-edited'), template_name='sphene/sphwiki/history.html', allow_empty=True, extra_context={ 'snipName': snipName, 'snip': snip, }, )
def get(self, request, group=None, thread_id=None, **kwargs): assert group self.thread = thread = get_object_or_404(Post.objects, pk=thread_id) if not thread.category.has_view_permission(request.user): raise PermissionDenied() thread.viewed(request.session, request.user) sphdata = get_current_sphdata() if sphdata is not None: sphdata['subtitle'] = thread.subject category_type = thread.category.get_category_type() self.template_name = category_type.get_show_thread_template() return super().get(request, **kwargs)
def generatePDF(request, group, snipName): if not hasattr(settings, 'SPH_SETTINGS'): return HttpResponse(ugettext('Not configured.')) snip = get_object_or_404(WikiSnip, group=group, name=snipName) if not snip.has_view_permission(): raise PermissionDenied() try: contents = open(snip.pdf_get(), 'rb').read() except Exception, e: import logging logging.exception('Error while generating PDF file.') #return HttpResponse(ugettext('Error while generating PDF file. %(error)s') % \ # { 'error': str(e) }) raise e
def admin_permission_role_edit(request, group, role_id=None): if not has_permission_flag(request.user, 'community_manage_roles'): raise PermissionDenied() role = None if role_id: role = get_object_or_404(Role, pk=role_id) if request.method == 'POST': form = EditRoleForm(request.POST) if form.is_valid(): data = form.cleaned_data r = role if not r: r = Role(group=group) r.name = data['name'] r.save() # Delete old flags r.permission_flags.clear() # Add all flags for flag_name in data['permission_flags']: r.permission_flags.add( PermissionFlag.objects.get(name=flag_name)) r.save() messages.success(request, message=ugettext(u'Successfully saved role.')) return HttpResponseRedirect(r.get_absolute_memberlisturl()) else: form = EditRoleForm() if role: form.fields['name'].initial = role.name form.fields['permission_flags'].initial = [ flag.name for flag in role.permission_flags.all() ] return render_to_response( 'sphene/community/admin/permission/role_edit.html', { 'form': form, }, context_instance=RequestContext(request))
def delete_moved_info(request, group, pk): """ Delete information about moved thread """ th = get_object_or_404(ThreadInformation, pk=pk) if not th.allow_deleting_moved(request.user): raise PermissionDenied() if request.method == 'POST' and 'delete-th' in request.POST.keys(): back_url = th.category.get_absolute_url() th.delete() messages.success( request, message=ugettext( u'Information about moved thread has been deleted')) return HttpResponseRedirect(back_url) return render(request, "sphene/sphboard/delete_moved_info.html", {'th': th})
def annotate(request, group, post_id): post = Post.objects.get(pk=post_id) thread = post.get_thread() if not thread.allow_annotating(): raise PermissionDenied() annotation = None if post.is_annotated(): try: annotation = post.annotation.get() except PostAnnotation.DoesNotExist: # Ignore for now .. pass if request.method == 'POST': form = AnnotateForm(request.POST) if form.is_valid(): data = form.cleaned_data if annotation is None: annotation = PostAnnotation(post=post, ) annotation.body = data['body'] annotation.hide_post = data['hide_post'] annotation.markup = data['markup'] annotation.save() messages.success(request, message=ugettext(u'Annotated a users post.')) return HttpResponseRedirect(post.get_absolute_url()) else: form = AnnotateForm() if annotation is not None: form.fields['body'].initial = annotation.body form.fields['hide_post'].initial = annotation.hide_post if 'markup' in form.fields: form.fields['markup'].initial = annotation.markup return render_to_response("sphene/sphboard/annotate.html", { 'thread': thread, 'post': post, 'form': form, }, context_instance=RequestContext(request))
def show_active_monitors(context, profile_user): user = context['user'] request = context['request'] if user==profile_user: monitors = Monitor.objects.filter(Q(thread=None)|Q(thread__is_hidden=0), user = profile_user, group = get_current_group() ) else: if not has_permission_flag(request.user, 'community_manage_users'): raise PermissionDenied() monitors = Monitor.objects.filter(Q(thread=None)|Q(thread__is_hidden=0), user = profile_user, group = get_current_group() ) return {'monitors':monitors, 'request':request, 'is_current_user':user==profile_user}
def admin_permission_role_member_list(request, group, role_id): if not has_permission_flag(request.user, 'community_manage_roles'): raise PermissionDenied() role = get_object_or_404(Role, pk=role_id) members = role.rolemember_set.all() if 'cmd' in request.GET and request.GET['cmd'] == 'remove': memberid = request.GET['id'] role_member = RoleMember.objects.get(pk=memberid) role_member.delete() messages.success( request, message=ugettext(u'Successfully deleted role member.')) return HttpResponseRedirect(role.get_absolute_memberlisturl()) return render(request, 'sphene/community/admin/permission/role_member_list.html', { 'members': members, 'role': role })
def admin_users(request, group): if not has_permission_flag(request.user, 'community_manage_users'): raise PermissionDenied() orderby = request.GET.get('orderby', 'username') users = User.objects.filter(is_superuser=False).order_by(orderby) search_qs = {} search_form = UsersSearchForm() if request.GET.has_key('search'): search_form = UsersSearchForm(request.GET) if search_form.is_valid(): username = search_form.cleaned_data['username'] if username: search_params = Q(username__istartswith=username) | Q( first_name__istartswith=username) | Q( last_name__istartswith=username) | Q( email__istartswith=username) users = users.filter(search_params) search_qs = urlencode(search_form.cleaned_data) template_name = 'sphene/community/admin/users_list.html' context = { 'is_sphboard': 'sphene.sphboard' in settings.INSTALLED_APPS, 'search_qs': search_qs, 'search_form': search_form, 'orderby': orderby } res = object_list( request=request, queryset=users, template_name=template_name, template_object_name='sphuser', allow_empty=True, extra_context=context, paginate_by=10, ) return res
def hide(request, group, post_id): """ Delete post by setting is_hidden=True (annotate method above allows to hide content of the post but leaves it in thread) """ post_obj = get_object_or_404(Post, pk=post_id) thread = post_obj.get_thread() if not post_obj.allow_hiding(): raise PermissionDenied() if request.method == 'POST' and 'hide-post' in request.POST.keys(): post_obj.hide() messages.success(request, message=ugettext(u'Post deleted')) if post_obj == thread: return HttpResponseRedirect(post_obj.category.get_absolute_url()) return HttpResponseRedirect(thread.get_absolute_url()) return render(request, "sphene/sphboard/hide.html", { 'thread': thread, 'post': post_obj })
def admin_permission_role_member_add(request, group, role_id, addgroup=False): if not has_permission_flag(request.user, 'community_manage_roles'): raise PermissionDenied() role = get_object_or_404(Role, pk=role_id) if addgroup: EditForm = EditRoleGroupMemberForm else: EditForm = EditRoleMemberForm if request.method == 'POST': form = EditForm(group=group, data=request.POST) if form.is_valid(): data = form.cleaned_data role_member = RoleMember( role=role, user=data.get('user', None), rolegroup=data.get('rolegroup', None), has_limitations=data['has_limitations'], ) role_member.save() if data['has_limitations']: limitation = RoleMemberLimitation( role_member=role_member, object_type=data['object_type'], object_id=data['object'], ) limitation.save() messages.success(request, message=ugettext(u'Successfully added member.')) return HttpResponseRedirect(role.get_absolute_memberlisturl()) else: form = EditForm(group=group) return render_to_response( 'sphene/community/admin/permission/role_member_add.html', { 'form': form, 'role': role, }, context_instance=RequestContext(request))
def admin_user_posts(request, group, user_id): if not has_permission_flag(request.user, 'community_manage_users'): raise PermissionDenied() user = get_object_or_404(User, pk=user_id) orderby = request.GET.get('orderby', '-postdate') post_list = Post.objects.filter(author=user).order_by(orderby) template_name = 'sphene/sphboard/admin_user_posts.html' context = {'author': user, 'orderby': orderby} res = object_list( request=request, queryset=post_list, template_name=template_name, template_object_name='post', extra_context=context, allow_empty=True, paginate_by=10, ) return res
def votereply(request, group, reply_id): reply = Post.objects.get( pk = reply_id ) question = reply.get_thread() qext = question.sphquestions_ext.get() if reply.author == request.user and question.author != reply.author: # Users are not allowed to vote for their own replies. raise PermissionDenied() AnswerVoting(user = request.user, answer = reply, question = qext, rating = 5).save() answered = 1 if request.user == question.author: answered = 3 if qext.answered < answered: qext.answered = answered qext.save() return HttpResponseRedirect(reply.get_absolute_url())
def toggle_monitor(request, group, monitortype, object_id, monitor_user_id=None): if not request.user.is_authenticated(): raise PermissionDenied() obj = None if monitortype == 'group': obj = group object_id = 0 elif monitortype == 'category': obj = Category.objects.get(pk=object_id) elif monitortype == 'thread': obj = Post.objects.get(pk=object_id) new_monitor = None if monitor_user_id: monitor_user = User.objects.get(pk=monitor_user_id) new_monitor = obj.toggle_monitor(user=monitor_user) else: new_monitor = obj.toggle_monitor() if new_monitor: messages.success( request, message=ugettext( u'Successfully created email notification monitor.')) else: messages.success( request, message=ugettext(u'Removed email notification monitor.')) if 'next' in request.GET: return HttpResponseRedirect(request.GET['next']) if monitortype == 'group': return HttpResponseRedirect(sph_reverse('sphboard-index')) return HttpResponseRedirect(obj.get_absolute_url())