def permissions(request, title): document = get_object_or_404(Document, url_title=title) content_type = ContentType.objects.get_for_model(document) check_permissions(document, request.user, [document.edit_permission_name]) if not document.show_permissions_editor(): raise PermissionDenied() PermissionForm = get_permission_form(document) PermissionFormset = formset_factory(get_permission_form(document), extra=0) initial_data = PermissionForm.prepare_initial_data(Group.objects.all(), content_type, document) formset = PermissionFormset(request.POST or None, initial=initial_data) if request.POST and formset.is_valid(): for form in formset: form.save(document) messages.success(request, _("Permissions have been changed successfully.")) if request.user.has_perm(document.edit_permission_name, document): return HttpResponseRedirect(reverse(document.get_permissions_url_name(), args=[document.url_title])) if request.user.has_perm(document.view_permission_name, document): return HttpResponseRedirect(reverse(document.get_view_url_name(), args=[document.url_title])) return HttpResponseRedirect(reverse('index')) return render(request, 'documents_permissions.html', { 'document': document, 'formset_header': PermissionForm.header(content_type), 'formset': formset, 'active_page': 'permissions', 'permission_overview': document_permission_overview(request.user, document), })
def attachments(request, title): document = get_object_or_404(Document, url_title=title) check_permissions(document, request.user, [document.edit_permission_name]) success, form, __ = handle_attachment(request, document) if success: messages.success(request, _("File has been uploaded successfully!")) return HttpResponseRedirect( reverse(document.get_attachments_url_name(), args=[document.url_title])) else: return render( request, "documents_attachments.html", { 'document': document, 'edit_url': reverse(document.get_attachments_url_name(), args=[document.url_title]), 'form': form, 'attachments': document.attachments.all().order_by('index'), 'active_page': 'attachments', 'permission_overview': document_permission_overview(request.user, document), })
def results(request, poll, url_title): if poll.start_date > datetime.date.today(): # poll is not open raise Http404 if request.user.has_perm(Poll.get_vote_permission(), poll) \ and not poll.participants.filter(id=request.user.pk).exists() \ and poll.end_date >= datetime.date.today(): return vote(request, poll, url_title) if not poll.show_results_immediately and poll.end_date >= datetime.date.today(): messages.info( request, _("You can not see the results of this poll right now. You have to wait until {} to see the results of this poll.").format( (poll.end_date + datetime.timedelta(days=1)).strftime("%d. %B %Y") ) ) return HttpResponseRedirect(reverse('polls:index')) description, toc = convert_markdown(poll.text) return render( request, 'polls_results.html', { "document": poll, "description": description, 'toc': toc, 'active_page': 'view', 'view_page': True, 'attachments': poll.attachments.filter(no_direct_download=False).order_by('index'), 'permission_overview': document_permission_overview(request.user, poll), "has_choice_descriptions": poll.has_choice_descriptions, } )
def view(request, title): document = get_object_or_404(Document, url_title=title) content_type = ContentType.objects.get_for_model(document) check_permissions(document, request.user, [document.view_permission_name]) try: function = get_model_function(content_type, 'view') return function(request, title) except (ImportError, AttributeError): pass text, toc = convert_markdown(document.text) return render( request, 'documents_base.html', { 'document': document, 'text': text, 'toc': toc, 'attachments': document.attachments.filter( no_direct_download=False).order_by('index'), 'active_page': 'view', 'view_page': True, 'permission_overview': document_permission_overview(request.user, document), })
def results_for_admin(request, title): if not request.user.is_superuser: raise PermissionDenied poll = get_object_or_404(Document, url_title=title) description, toc = convert_markdown(poll.text) return render( request, 'polls_results.html', { "document": poll, "description": description, 'toc': toc, 'active_page': 'view', 'view_page': True, 'attachments': poll.attachments.filter( no_direct_download=False).order_by('index'), 'permission_overview': document_permission_overview(request.user, poll), "has_choice_descriptions": poll.has_choice_descriptions, "is_preview": True, })
def versions(request, title): document = get_object_or_404(Document, url_title=title) check_permissions(document, request.user, [document.edit_permission_name]) document_versions = prepare_versions(document) if not document.can_be_reverted: messages.warning(request, _('This Document can not be reverted!')) return render(request, 'documents_versions.html', { 'active_page': 'versions', 'versions': document_versions, 'document': document, 'permission_overview': document_permission_overview(request.user, document), 'can_be_reverted': document.can_be_reverted, })
def attachments(request, title): document = get_object_or_404(Document, url_title=title) check_permissions(document, request.user, [document.edit_permission_name]) success, form, __ = handle_attachment(request, document) if success: messages.success(request, _("File has been uploaded successfully!")) return HttpResponseRedirect(reverse(document.get_attachments_url_name(), args=[document.url_title])) else: return render(request, "documents_attachments.html", { 'document': document, 'edit_url': reverse(document.get_attachments_url_name(), args=[document.url_title]), 'form': form, 'attachments': document.attachments.all().order_by('index'), 'active_page': 'attachments', 'permission_overview': document_permission_overview(request.user, document), })
def vote(request, poll, url_title): if poll.start_date > datetime.date.today(): # poll is not open raise Http404 if poll.end_date < datetime.date.today() or poll.participants.filter(id=request.user.pk).exists(): return results(request, poll, url_title) if request.method == 'POST': choices = request.POST.getlist('choice') if len(choices) == 0: messages.error(request, _("You must select one Choice at least!")) return HttpResponseRedirect(reverse(poll.get_view_url_name(), args=[url_title])) if len(choices) > poll.max_allowed_number_of_answers: messages.error(request, _("You can only select up to {} options!").format(poll.max_allowed_number_of_answers)) return HttpResponseRedirect(reverse(poll.get_view_url_name(), args=[url_title])) for choice_id in choices: choice = poll.choices.filter(id=choice_id) choice.update(votes=F('votes') + 1) poll.participants.add(request.user) messages.success(request, _("We've received your vote!")) if not poll.show_results_immediately: messages.info(request, _("The results of this poll will be available as from {}").format((poll.end_date + datetime.timedelta(days=1)).strftime("%d. %B %Y"))) return HttpResponseRedirect(reverse('polls:index')) return HttpResponseRedirect(reverse(poll.get_view_url_name(), args=[url_title])) description, toc = convert_markdown(poll.text) return render( request, 'polls_vote.html', { "document": poll, "description": description, 'toc': toc, 'active_page': 'view', 'view_page': True, "widget": "checkbox" if poll.max_allowed_number_of_answers != 1 else "radio", 'attachments': poll.attachments.filter(no_direct_download=False).order_by('index'), 'permission_overview': document_permission_overview(request.user, poll), "has_choice_descriptions": poll.has_choice_descriptions, } )
def edit(request, title, new_autosaved_pages=None, initial=None): document = get_object_or_404(Document, url_title=title) content_type = ContentType.objects.get_for_model(document) if document.has_perms(): check_permissions(document, request.user, [document.edit_permission_name]) elif new_autosaved_pages is None and initial is None: # page is not new and has no permissions set, it is likely that somebody tries to view an autosaved page # users are only allowed to view autosaved pages if they have the "add" permission for documents check_permissions(document, request.user, [document.add_permission_name]) # if the edit form has a formset we will initialize it here formset_factory = document.Form.get_formset_factory() formset = formset_factory(request.POST or None, instance=document) if formset_factory is not None else None if formset is not None: template_name = "{app}_edit.html".format(app=content_type.app_label) else: template_name = "documents_edit.html" try: creation_group = request.user.groups.get(id=request.GET.get('group', False)) except Group.DoesNotExist: creation_group = None success, form = handle_edit(request, document, formset, initial, creation_group=creation_group) __, attachment_form, __ = handle_attachment(request, document) if success: messages.success(request, _("Successfully saved changes")) return HttpResponseRedirect(reverse(document.get_view_url_name(), args=[document.url_title])) else: return render(request, template_name, { 'document': document, 'form': form, 'attachment_form': attachment_form, 'active_page': 'edit', 'creation': document.is_in_creation, 'new_autosaved_pages': new_autosaved_pages, 'permission_overview': document_permission_overview(request.user, document), 'supported_image_types': settings.SUPPORTED_IMAGE_TYPES, 'formset': formset, })
def permissions(request, title): document = get_object_or_404(Document, url_title=title) content_type = ContentType.objects.get_for_model(document) check_permissions(document, request.user, [document.edit_permission_name]) if not document.show_permissions_editor(): raise PermissionDenied() PermissionForm = get_permission_form(document) PermissionFormset = formset_factory(get_permission_form(document), extra=0) initial_data = PermissionForm.prepare_initial_data(Group.objects.all(), content_type, document) formset = PermissionFormset(request.POST or None, initial=initial_data) if request.POST and formset.is_valid(): for form in formset: form.save(document) messages.success(request, _("Permissions have been changed successfully.")) if request.user.has_perm(document.edit_permission_name, document): return HttpResponseRedirect( reverse(document.get_permissions_url_name(), args=[document.url_title])) if request.user.has_perm(document.view_permission_name, document): return HttpResponseRedirect( reverse(document.get_view_url_name(), args=[document.url_title])) return HttpResponseRedirect(reverse('index')) return render( request, 'documents_permissions.html', { 'document': document, 'formset_header': PermissionForm.header(content_type), 'formset': formset, 'active_page': 'permissions', 'permission_overview': document_permission_overview(request.user, document), })
def results(request, poll, url_title): if poll.start_date > datetime.date.today(): # poll is not open raise Http404 if request.user.has_perm(Poll.get_vote_permission(), poll) \ and not poll.participants.filter(id=request.user.pk).exists() \ and poll.end_date >= datetime.date.today(): return vote(request, poll, url_title) if not poll.show_results_immediately and poll.end_date >= datetime.date.today( ): messages.info( request, _("You can not see the results of this poll right now. You have to wait until {} to see the results of this poll." ).format((poll.end_date + datetime.timedelta(days=1)).strftime("%d. %B %Y"))) return HttpResponseRedirect(reverse('polls:index')) description, toc = convert_markdown(poll.text) return render( request, 'polls_results.html', { "document": poll, "description": description, 'toc': toc, 'active_page': 'view', 'view_page': True, 'attachments': poll.attachments.filter( no_direct_download=False).order_by('index'), 'permission_overview': document_permission_overview(request.user, poll), "has_choice_descriptions": poll.has_choice_descriptions, })
def view(request, title): document = get_object_or_404(Document, url_title=title) content_type = ContentType.objects.get_for_model(document) check_permissions(document, request.user, [document.view_permission_name]) try: function = get_model_function(content_type, 'view') return function(request, title) except (ImportError, AttributeError): pass if document.text == "" and (document.text_en != "" or document.text_de != ""): messages.warning( request, _('The requested document is not available in the selected language. It will be shown in the available language instead.' )) text, toc = convert_markdown( next((text for text in (document.text_de, document.text_en) if text != ""), "")) else: text, toc = convert_markdown(document.text) return render( request, 'documents_base.html', { 'document': document, 'text': text, 'toc': toc, 'attachments': document.attachments.filter( no_direct_download=False).order_by('index'), 'active_page': 'view', 'view_page': True, 'permission_overview': document_permission_overview(request.user, document), })
def versions(request, title): document = get_object_or_404(Document, url_title=title) check_permissions(document, request.user, [document.edit_permission_name]) document_versions = prepare_versions(document) if not document.can_be_reverted: messages.warning(request, _('This Document can not be reverted!')) return render( request, 'documents_versions.html', { 'active_page': 'versions', 'versions': document_versions, 'document': document, 'permission_overview': document_permission_overview(request.user, document), 'can_be_reverted': document.can_be_reverted, })
def results_for_admin(request, title): if not request.user.is_superuser: raise PermissionDenied poll = get_object_or_404(Document, url_title=title) description, toc = convert_markdown(poll.text) return render( request, 'polls_results.html', { "document": poll, "description": description, 'toc': toc, 'active_page': 'view', 'view_page': True, 'attachments': poll.attachments.filter(no_direct_download=False).order_by('index'), 'permission_overview': document_permission_overview(request.user, poll), "has_choice_descriptions": poll.has_choice_descriptions, "is_preview": True, } )
def view(request, title): document = get_object_or_404(Document, url_title=title) content_type = ContentType.objects.get_for_model(document) check_permissions(document, request.user, [document.view_permission_name]) try: function = get_model_function(content_type, 'view') return function(request, title) except (ImportError, AttributeError): pass text, toc = convert_markdown(document.text) return render(request, 'documents_base.html', { 'document': document, 'text': text, 'toc': toc, 'attachments': document.attachments.filter(no_direct_download=False).order_by('index'), 'active_page': 'view', 'view_page': True, 'permission_overview': document_permission_overview(request.user, document), })
def vote(request, poll, url_title): if poll.start_date > datetime.date.today(): # poll is not open raise Http404 if poll.end_date < datetime.date.today() or poll.participants.filter( id=request.user.pk).exists(): return results(request, poll, url_title) if request.method == 'POST': choices = request.POST.getlist('choice') if len(choices) == 0: messages.error(request, _("You must select one Choice at least!")) return HttpResponseRedirect( reverse(poll.get_view_url_name(), args=[url_title])) if len(choices) > poll.max_allowed_number_of_answers: messages.error( request, _("You can only select up to {} options!").format( poll.max_allowed_number_of_answers)) return HttpResponseRedirect( reverse(poll.get_view_url_name(), args=[url_title])) for choice_id in choices: choice = poll.choices.filter(id=choice_id) choice.update(votes=F('votes') + 1) poll.participants.add(request.user) messages.success(request, _("We've received your vote!")) if not poll.show_results_immediately: messages.info( request, _("The results of this poll will be available as from {}"). format((poll.end_date + datetime.timedelta(days=1)).strftime("%d. %B %Y"))) return HttpResponseRedirect(reverse('polls:index')) return HttpResponseRedirect( reverse(poll.get_view_url_name(), args=[url_title])) description, toc = convert_markdown(poll.text) return render( request, 'polls_vote.html', { "document": poll, "description": description, 'toc': toc, 'active_page': 'view', 'view_page': True, "widget": "checkbox" if poll.max_allowed_number_of_answers != 1 else "radio", 'attachments': poll.attachments.filter( no_direct_download=False).order_by('index'), 'permission_overview': document_permission_overview(request.user, poll), "has_choice_descriptions": poll.has_choice_descriptions, })
def edit(request, title, new_autosaved_pages=None, initial=None): document = get_object_or_404(Document, url_title=title) content_type = ContentType.objects.get_for_model(document) if document.has_perms(): check_permissions(document, request.user, [document.edit_permission_name]) elif new_autosaved_pages is None and initial is None: # page is not new and has no permissions set, it is likely that somebody tries to view an autosaved page # users are only allowed to view autosaved pages if they have the "add" permission for documents check_permissions(document, request.user, [document.add_permission_name]) # if the edit form has a formset we will initialize it here formset_factory = document.Form.get_formset_factory() formset = formset_factory( request.POST or None, instance=document) if formset_factory is not None else None if formset is not None: template_name = "{app}_edit.html".format(app=content_type.app_label) else: template_name = "documents_edit.html" try: creation_group = request.user.groups.get( id=request.GET.get('group', False)) except Group.DoesNotExist: creation_group = None success, form = handle_edit(request, document, formset, initial, creation_group=creation_group) __, attachment_form, __ = handle_attachment(request, document) if success: messages.success(request, _("Successfully saved changes")) return HttpResponseRedirect( reverse(document.get_view_url_name(), args=[document.url_title])) else: return render( request, template_name, { 'document': document, 'form': form, 'attachment_form': attachment_form, 'active_page': 'edit', 'creation': document.is_in_creation, 'new_autosaved_pages': new_autosaved_pages, 'permission_overview': document_permission_overview(request.user, document), 'supported_image_types': settings.SUPPORTED_IMAGE_TYPES, 'formset': formset, })