def visible(self, user=None): """ Returns visible whiteboards by group visibility. Takes an optional user parameter which adds whiteboards from groups that the member is a part of. Handles AnonymousUser instances transparently """ filter_q = Q(parent_group__visibility='E') if user is not None and not user.is_anonymous(): # admins with admin-o-vision on automatically see everything if user_can_adminovision( user) and user.get_profile().adminovision == 1: return self.get_query_set() # and similar for exec-o-vision, except only for your own chapter's groups if user_can_execovision( user) and user.get_profile().adminovision == 1: filter_q |= Q(parent_group__parent__members__user=user, parent_group__parent__members__is_admin=True) # everyone else only sees stuff from their own groups #filter_q |= Q(parent_group__member_users=user) groups = user.basegroup_set.all() groups = groups.values_list('pk', flat=True) filter_q |= Q(parent_group__in=list(groups)) # would it be more efficient to remove the OR query above and just write # two different queries, instead of using distinct() here? #return self.get_query_set().filter(filter_q).distinct() return self.get_query_set().filter(filter_q)
def visible(self, user=None): """ Returns visible posts by group visibility. Takes an optional user parameter which adds GroupTopics from groups that the member is a part of. Handles AnonymousUser instances transparently """ filter_q = Q(parent_group__visibility='E') if user is not None and not user.is_anonymous(): # admins with admin-o-vision on automatically see everything if user_can_adminovision(user) and user.get_profile().adminovision == 1: return self.get_query_set() # and similar for exec-o-vision, except only for your own chapter's groups if user_can_execovision(user) and user.get_profile().adminovision == 1: filter_q |= Q(parent_group__parent__members__user=user, parent_group__parent__members__is_admin=True) # everyone else only sees stuff from their own groups filter_q |= Q(parent_group__member_users=user) # would it be more efficient to remove the OR query above and just write # two different queries, instead of using distinct() here? return self.get_query_set().filter(filter_q).distinct()
def adminovision_toggle(request, group_slug=None): """ Toggles admin-o-vision for the current user. No effect if user is not an admin """ if user_can_adminovision(request.user) | user_can_execovision(request.user): profile = request.user.get_profile() profile.adminovision = not profile.adminovision profile.save() # this redirect should be OK, since the adminovision link is only visible from reverse('home') return HttpResponseRedirect(reverse('home'))
def adminovision_toggle(request, group_slug=None): """ Toggles admin-o-vision for the current user. No effect if user is not an admin """ if user_can_adminovision(request.user) | user_can_execovision( request.user): profile = request.user.get_profile() profile.adminovision = not profile.adminovision profile.save() # this redirect should be OK, since the adminovision link is only visible from reverse('home') return HttpResponseRedirect(reverse('home'))
def visible(self, user=None, sort='p'): """ Returns visible posts by group visibility. Takes an optional user parameter which adds GroupTopics from groups that the member is a part of. Handles AnonymousUser instances transparently """ filter_q = Q(visible=True) order = '-last_reply' if user is not None and not user.is_anonymous(): if user.get_profile().sort_by == 'p': order = '-created' # admins with admin-o-vision on automatically see everything if user_can_adminovision( user) and user.get_profile().adminovision == 1: return self.get_query_set().filter( pending=False).order_by(order) # and similar for exec-o-vision, except only for your own chapter's groups if user_can_execovision( user) and user.get_profile().adminovision == 1: admingroups = GroupMember.objects.filter( user=user, is_admin=True, group__model='Network') admingroups = admingroups.values_list('group', flat=True) filter_q |= Q(parent_group__parent__in=list(admingroups)) #filter_q |= Q(parent_group__parent__members__user=user, # parent_group__parent__members__is_admin=True) # everyone else only sees stuff from their own groups groups = user.basegroup_set.all() groups = groups.values_list('pk', flat=True) filter_q |= Q(parent_group__in=list(groups)) # doing this is MUCH MUCH quicker than trying to do a dynamic # join based on member records, ie, Q(parent_group__member_users=user), # and then needing to call distinct() later. # it's in the order of, 15-minute query vs 0.01s query! # would it be more efficient to remove the OR query above and just write # two different queries, instead of using distinct() here? #return self.get_query_set().filter(filter_q).distinct().order_by(order) return self.get_query_set().filter( pending=False).filter(filter_q).order_by(order)
def visible(self, user=None, sort='p'): """ Returns visible posts by group visibility. Takes an optional user parameter which adds GroupTopics from groups that the member is a part of. Handles AnonymousUser instances transparently """ filter_q = Q(visible=True) order = '-last_reply' if user is not None and not user.is_anonymous(): if user.get_profile().sort_by == 'p': order = '-created' # admins with admin-o-vision on automatically see everything if user_can_adminovision(user) and user.get_profile().adminovision == 1: return self.get_query_set().filter(pending=False).order_by(order) # and similar for exec-o-vision, except only for your own chapter's groups if user_can_execovision(user) and user.get_profile().adminovision == 1: admingroups = GroupMember.objects.filter(user=user, is_admin=True, group__model='Network') admingroups = admingroups.values_list('group', flat=True) filter_q |= Q(parent_group__parent__in=list(admingroups)) #filter_q |= Q(parent_group__parent__members__user=user, # parent_group__parent__members__is_admin=True) # everyone else only sees stuff from their own groups groups = user.basegroup_set.all() groups = groups.values_list('pk', flat=True) filter_q |= Q(parent_group__in=list(groups)) # doing this is MUCH MUCH quicker than trying to do a dynamic # join based on member records, ie, Q(parent_group__member_users=user), # and then needing to call distinct() later. # it's in the order of, 15-minute query vs 0.01s query! # would it be more efficient to remove the OR query above and just write # two different queries, instead of using distinct() here? #return self.get_query_set().filter(filter_q).distinct().order_by(order) return self.get_query_set().filter(pending=False).filter(filter_q).order_by(order)
def topics(request, group_slug=None, form_class=GroupTopicForm, attach_form_class=AttachmentForm, template_name="topics/topics.html", bridge=None, mode=None): if request.is_ajax() or request.GET.get('ajax', None): template_name = "topics/topics_ajax.html" # kinda hack-ish. but the easiest way; doesn't feel worth adding an AJAX param for this. if group_slug == 'featured': mode = 'featured' group_slug = None is_member = False group = None if group_slug is not None: group = get_object_or_404(BaseGroup, slug=group_slug) is_member = group.user_is_member(request.user, admin_override=True) if group and not group.is_visible(request.user): return HttpResponseForbidden() attach_count = 0 if request.method == "POST" and group: return new_topic(request, group_slug) else: topic_form = form_class(instance=GroupTopic(), user=request.user, group=group) attach_forms = [] # if it's a listing by group, check group visibility if group: topics = GroupTopic.objects.get_for_group(group) # otherwise throw up a generic listing of visible posts else: # generic topic listing: show posts from groups you're in # also shows posts from public groups... # for guests, show posts from public groups only topics = GroupTopic.objects.visible(user=request.user) if mode == 'featured': topics = GroupTopic.objects.featured(topics) elif mode == 'newposts' and request.user.is_authenticated(): topics = GroupTopic.objects.since(request.user.get_profile().previous_login, qs=topics) elif mode == 'newreplies' and request.user.is_authenticated(): topics = GroupTopic.objects.replies_since(request.user.get_profile().previous_login, qs=topics) if request.user.is_authenticated(): can_adminovision = user_can_adminovision(request.user) can_execovision = user_can_execovision(request.user) adminovision = request.user.get_profile().adminovision if not request.user.get_profile().show_emails: topics = GroupTopic.objects.exclude_emails(topics) else: can_adminovision = False can_execovision = False adminovision = False # also kinda hackish if group and group.slug == "ewb": group = None mode = "frontpage" elif not group and not mode: mode = "latest" return render_to_response(template_name, { "group": group, "topic_form": topic_form, "attach_forms": attach_forms, "attach_count": attach_count, "is_member": is_member, "topics": topics, "can_adminovision": can_adminovision, "can_execovision": can_execovision, "adminovision": adminovision, "login_form": EmailLoginForm(), # for front-page toolbar "mode": mode }, context_instance=RequestContext(request))
def topics(request, group_slug=None, form_class=GroupTopicForm, attach_form_class=AttachmentForm, template_name="topics/topics.html", bridge=None, mode=None): if request.is_ajax() or request.GET.get('ajax', None): template_name = "topics/topics_ajax.html" # kinda hack-ish. but the easiest way; doesn't feel worth adding an AJAX param for this. if group_slug == 'featured': mode = 'featured' group_slug = None is_member = False group = None if group_slug is not None: group = get_object_or_404(BaseGroup, slug=group_slug) is_member = group.user_is_member(request.user, admin_override=True) if group and not group.is_visible(request.user): return HttpResponseForbidden() attach_count = 0 if request.method == "POST" and group: return new_topic(request, group_slug) else: topic_form = form_class(instance=GroupTopic(), user=request.user, group=group) attach_forms = [] # if it's a listing by group, check group visibility if group: topics = GroupTopic.objects.get_for_group(group) # otherwise throw up a generic listing of visible posts else: # generic topic listing: show posts from groups you're in # also shows posts from public groups... # for guests, show posts from public groups only topics = GroupTopic.objects.visible(user=request.user) if mode == 'featured': topics = GroupTopic.objects.featured(topics) elif mode == 'newposts' and request.user.is_authenticated(): topics = GroupTopic.objects.since( request.user.get_profile().previous_login, qs=topics) elif mode == 'newreplies' and request.user.is_authenticated(): topics = GroupTopic.objects.replies_since( request.user.get_profile().previous_login, qs=topics) if request.user.is_authenticated(): can_adminovision = user_can_adminovision(request.user) can_execovision = user_can_execovision(request.user) adminovision = request.user.get_profile().adminovision if not request.user.get_profile().show_emails: topics = GroupTopic.objects.exclude_emails(topics) else: can_adminovision = False can_execovision = False adminovision = False # also kinda hackish if group and group.slug == "ewb": group = None mode = "frontpage" elif not group and not mode: mode = "latest" return render_to_response( template_name, { "group": group, "topic_form": topic_form, "attach_forms": attach_forms, "attach_count": attach_count, "is_member": is_member, "topics": topics, "can_adminovision": can_adminovision, "can_execovision": can_execovision, "adminovision": adminovision, "login_form": EmailLoginForm(), # for front-page toolbar "mode": mode }, context_instance=RequestContext(request))
def topics(request, group_slug=None, form_class=GroupTopicForm, attach_form_class=AttachmentForm, template_name="topics/topics.html", bridge=None): is_member = False group = None if group_slug is not None: group = get_object_or_404(BaseGroup, slug=group_slug) is_member = group.user_is_member(request.user, admin_override=True) if group and not group.is_visible(request.user): return HttpResponseForbidden() attach_count = 0 if request.method == "POST" and group: if not request.user.is_authenticated(): return HttpResponseForbidden() try: attach_count = int(request.POST.get("attach_count", 0)) except ValueError: attach_count = 0 if is_member: topic_form = form_class(request.POST) attach_forms = [attach_form_class(request.POST, request.FILES, prefix=str(x), instance=Attachment()) for x in range(0,attach_count)] # do not take blank attachment forms into account for af in attach_forms: if not af.is_valid() and not af['attachment_file'].data: attach_forms.remove(af) attach_count = attach_count - 1 # all good. save it! if topic_form.is_valid() and all([af.is_valid() for af in attach_forms]): topic = topic_form.save(commit=False) if group: group.associate(topic, commit=False) topic.creator = request.user topic.save() # save the attachment. # We need the "Topic" object in order to retrieve attachments properly # since other functions only get the Topic object base_topic = GroupTopic.objects.get(id=topic.id) for af in attach_forms: attachment = af.save(request, base_topic) topic.send_email() # redirect out. request.user.message_set.create(message=_("You have started the topic %(topic_title)s") % {"topic_title": topic.title}) return HttpResponseRedirect(topic.get_absolute_url()) else: # if they can't start a topic, why are we still loading up a form? request.user.message_set.create(message=_("You are not a member and so cannot start a new topic")) topic_form = form_class(instance=GroupTopic()) attach_forms = [attach_form_class(prefix=str(x), instance=Attachment()) for x in range(0,attach_count)] else: topic_form = form_class(instance=GroupTopic()) attach_forms = [] # if it's a listing by group, check group visibility if group: topics = GroupTopic.objects.get_for_group(group) # otherwise throw up a generic listing of visible posts else: # generic topic listing: show posts from groups you're in # also shows posts from public groups... # for guests, show posts from public groups only topics = GroupTopic.objects.visible(user=request.user) if request.user.is_authenticated(): can_adminovision = user_can_adminovision(request.user) can_execovision = user_can_execovision(request.user) adminovision = request.user.get_profile().adminovision else: can_adminovision = False can_execovision = False adminovision = False return render_to_response(template_name, { "group": group, "topic_form": topic_form, "attach_forms": attach_forms, "attach_count": attach_count, "is_member": is_member, "topics": topics, "can_adminovision": can_adminovision, "can_execovision": can_execovision, "adminovision": adminovision, "login_form": EmailLoginForm(), # for front-page toolbar }, context_instance=RequestContext(request))