def update_position(request, space_url): """ This view saves the new note position in the debate board. Instead of reloading all the note form with all the data, we use the partial form "UpdateNotePosition" which only handles the column and row of the note. """ note = get_object_or_404(Note, pk=request.POST['noteid']) position_form = UpdateNotePosition(request.POST or None, instance=note) place = get_object_or_404(Space, url=space_url) if request.method == "POST" and request.is_ajax: if has_operation_permission(request.user, place, 'note.change_note', allow=['admins', 'mods']) or request.user == note.author: if position_form.is_valid(): position_form_uncommited = position_form.save(commit=False) position_form_uncommited.column = get_object_or_404(Column, pk=request.POST['column']) position_form_uncommited.row = get_object_or_404(Row, pk=request.POST['row']) position_form_uncommited.save() msg = "The note has been updated." else: msg = "There has been an error validating the form." else: msg = "There was some error in the petition." return HttpResponse(msg)
def get_object(self): space = get_object_or_404(Space, url=self.kwargs['space_url']) if has_operation_permission(self.request.user, space, 'voting.delete_poll', allow=['admins']): return get_object_or_404(Poll, pk=self.kwargs['poll_id']) else: self.template_name = 'not_allowed.html'
def form_valid(self, form): self.space = get_object_or_404(Space, url=self.kwargs['space_url']) if has_operation_permission(self.request.user, self.space, 'voting.add_voting', allow=['admins', 'mods']): form_uncommited = form.save(commit=False) form_uncommited.author = self.request.user form_uncommited.space = self.space form_uncommited.save() form.save_m2m() return super(AddVoting, self).form_valid(form) else: template_name = 'not_allowed.html'
def get_object(self): prop_id = self.kwargs['prop_id'] space_url = self.kwargs['space_url'] proposal = get_object_or_404(Proposal, pk = prop_id) space = get_object_or_404(Space, url = space_url) if has_operation_permission(self.request.user, space, 'proposals.delete_proposal', allow=['admins', 'mods']) \ or proposal.author.id == self.request.user.id: return proposal else: return render_to_response('not_allowed.html', context_instance=RequestContext(self.request))
def form_valid(self, form): space = get_object_or_404(Space, url=self.kwargs['space_url']) if has_operation_permission(self.request.user, space, 'proposals.add_proposal', allow=['admins', 'mods','users']): form_uncommited = form.save(commit=False) form_uncommited.space = space form_uncommited.author = self.request.user form_uncommited.save() return super(AddProposal, self).form_valid(form) else: return render_to_response('not_allowed.html', context_instance=RequestContext(self.request))
def edit_debate(request, space_url, debate_id): pk = debate_id place = get_object_or_404(Space, url=space_url) if has_operation_permission(request.user, place, 'debate.change_debate', allow=['admins', 'mods']): RowFormSet = inlineformset_factory(Debate, Row, extra=1) ColumnFormSet = inlineformset_factory(Debate, Column, extra=1) instance = Debate.objects.get(pk=debate_id) debate_form = DebateForm(request.POST or None, instance=instance) row_formset = RowFormSet(request.POST or None, instance=instance, prefix="rowform") column_formset = ColumnFormSet(request.POST or None, instance=instance, prefix="colform") if request.method == 'POST': if debate_form.is_valid() and row_formset.is_valid() \ and column_formset.is_valid(): debate_form_uncommited = debate_form.save(commit=False) debate_form_uncommited.space = place debate_form_uncommited.author = request.user saved_debate = debate_form_uncommited.save() debate_instance = get_object_or_404(Debate, pk=debate_id) row = row_formset.save(commit=False) for form in row: form.debate = instance form.save() column = column_formset.save(commit=False) for form in column: form.debate = instance form.save() return HttpResponseRedirect(reverse(urln.DEBATE_VIEW, kwargs={'space_url': space_url, 'debate_id': str(debate_form_uncommited.id)})) return render_to_response('debate/debate_add.html', {'form': debate_form, 'rowform': row_formset, 'colform': column_formset, 'get_place': place, 'debateid': debate_id}, context_instance=RequestContext(request)) return render_to_response('not_allowed.html', context_instance=RequestContext(request))
def update_note(request, space_url): """ Updated the current note with the POST data. UpdateNoteForm is an incomplete form that doesn't handle some properties, only the important for the note editing. """ place = get_object_or_404(Space, url=space_url) if request.method == "GET" and request.is_ajax: note = get_object_or_404(Note, pk=request.GET['noteid']) ctype = ContentType.objects.get_for_model(Note) latest_comments = Comment.objects.filter(is_public=True, is_removed=False, content_type=ctype, object_pk=note.id) \ .order_by('-submit_date')[:5] form = CommentForm(target_object=note) response_data = {} response_data['title'] = note.title response_data['message'] = note.message response_data['author'] = {'name': note.author.username} response_data['comments'] = [{'username': c.user.username, 'comment': c.comment, 'submit_date': c.submit_date} for c in latest_comments] response_data["form_html"] = form.as_p() return HttpResponse(json.dumps(response_data, cls=DjangoJSONEncoder), mimetype="application/json") if request.method == "POST" and request.is_ajax: if has_operation_permission(request.user, place, 'note.change_note', allow=['admins', 'mods']) or request.user == note.author: note = get_object_or_404(Note, pk=request.POST['noteid']) note_form = UpdateNoteForm(request.POST or None, instance=note) if note_form.is_valid(): note_form_uncommited = note_form.save(commit=False) note_form_uncommited.title = request.POST['title'] note_form_uncommited.message = request.POST['message'] note_form_uncommited.last_mod_author = request.user note_form_uncommited.save() msg = "The note has been updated." else: msg = "The form is not valid, check field(s): " + note_form.errors return HttpResponse(msg) else: msg = "There was some error in the petition." return HttpResponse(msg)
def add_poll(request, space_url): """ Create a new poll. Only registered users belonging to a concrete group are allowed to create polls. The polls are composed by a form and a choice formset. :parameters: space_url :context: get_place """ space = get_object_or_404(Space, url=space_url) poll_form = PollForm(request.POST or None) choice_form = ChoiceFormSet(request.POST or None, prefix="choiceform", queryset=Choice.objects.none()) if (has_operation_permission(request.user, space, 'voting.add_poll', allow=['admins', 'mods'])): if request.method == 'POST': if poll_form.is_valid() and choice_form.is_valid(): poll_form_uncommited = poll_form.save(commit=False) poll_form_uncommited.space = space poll_form_uncommited.author = request.user saved_poll = poll_form_uncommited.save() poll_instance = get_object_or_404(Poll, pk=poll_form_uncommited.pk) cform_uncommited = choice_form.save(commit=False) for cf in cform_uncommited: cf.poll = poll_instance cf.save() return HttpResponseRedirect( reverse(urln.SPACE_INDEX, kwargs={'space_url': space.url})) return render_to_response('voting/poll_form.html', { 'form': poll_form, 'choiceform': choice_form, 'get_place': space }, context_instance=RequestContext(request)) return render_to_response('not_allowed.html', context_instance=RequestContext(request))
def edit_poll(request, space_url, poll_id): """ Edit a specific poll. :parameters: space_url, poll_id :context: form, get_place, choiceform, pollid """ place = get_object_or_404(Space, url=space_url) if has_operation_permission(request.user, place, 'voting.change_poll', allow=['admins', 'mods']): ChoiceFormSet = inlineformset_factory(Poll, Choice) instance = Poll.objects.get(pk=poll_id) poll_form = PollForm(request.POST or None, instance=instance) choice_form = ChoiceFormSet(request.POST or None, instance=instance, prefix="choiceform") if request.method == 'POST': if poll_form.is_valid() and choice_form.is_valid(): poll_form_uncommited = poll_form.save(commit=False) poll_form_uncommited.space = place poll_form_uncommited.author = request.user saved_poll = poll_form_uncommited.save() for form in choice_form.forms: choice = form.save(commit=False) choice.poll = instance choice.save() return HttpResponseRedirect( reverse(urln.SPACE_INDEX, kwargs={'space_url': place.url})) return render_to_response('voting/poll_form.html', { 'form': poll_form, 'choiceform': choice_form, 'get_place': place, 'pollid': poll_id, }, context_instance=RequestContext(request)) else: return render_to_response('not_allowed.html', context_instance=RequestContext(request))
def edit_poll(request, space_url, poll_id): """ Edit a specific poll. :parameters: space_url, poll_id :context: form, get_place, choiceform, pollid """ place = get_object_or_404(Space, url=space_url) if has_operation_permission(request.user, place, 'voting.change_poll', allow=['admins', 'mods']): ChoiceFormSet = inlineformset_factory(Poll, Choice, extra=1) instance = Poll.objects.get(pk=poll_id) poll_form = PollForm(request.POST or None, instance=instance) choice_form = ChoiceFormSet(request.POST or None, instance=instance, prefix="choiceform") if request.method == 'POST': if poll_form.is_valid() and choice_form.is_valid(): poll_form_uncommited = poll_form.save(commit=False) poll_form_uncommited.space = place poll_form_uncommited.author = request.user saved_poll = poll_form_uncommited.save() choices = choice_form.save(commit=False) for form in choices: form.poll = instance form.save() return HttpResponseRedirect(reverse(urln.SPACE_INDEX, kwargs={'space_url': place.url})) return render_to_response('voting/poll_form.html', {'form': poll_form, 'choiceform': choice_form, 'get_place': place, 'pollid': poll_id, }, context_instance=RequestContext(request)) else: return render_to_response('not_allowed.html', context_instance=RequestContext(request))
def create_note(request, space_url): """ This function creates a new note inside the debate board. It receives the order from the createNote() AJAX function. To create the note first we create the note in the DB, and if successful we return some of its parameters to the debate board for the user. In case the petition had errors, we return the error message that will be shown by jsnotify. .. versionadded:: 0.1.5 """ note_form = NoteForm(request.POST or None) place = get_object_or_404(Space, url=space_url) if request.method == "POST" and request.is_ajax: if has_operation_permission(request.user, place, 'note.add_note', allow=['admins', 'mods', 'users']): if note_form.is_valid(): note_form_uncommited = note_form.save(commit=False) note_form_uncommited.author = request.user note_form_uncommited.debate = get_object_or_404(Debate, pk=request.POST['debateid']) note_form_uncommited.title = request.POST['title'] note_form_uncommited.message = request.POST['message'] note_form_uncommited.column = get_object_or_404(Column, pk=request.POST['column']) note_form_uncommited.row = get_object_or_404(Row, pk=request.POST['row']) note_form_uncommited.save() response_data = {} response_data['id'] = note_form_uncommited.id response_data['message'] = note_form_uncommited.message response_data['title'] = note_form_uncommited.title msg = "The note has been created." return HttpResponse(json.dumps(response_data), mimetype="application/json") else: msg = "The note form didn't validate. This fields gave errors: " + str(note_form.errors) else: msg = "The petition was not POST." return HttpResponse(json.dumps(msg), mimetype="application/json")
def AddPoll(request, space_url): """ Create a new poll. Only registered users belonging to a concrete group are allowed to create polls. :parameters: space_url :context: get_place """ place = get_object_or_404(Space, url=space_url) poll_form = PollForm(request.POST or None) choice_form = ChoiceFormSet(request.POST or None, prefix="choiceform") try: last_poll_id = Poll.objects.latest('id') current_poll_id = last_poll_id.pk + 1 except ObjectDoesNotExist: current_poll_id = 1 if (has_operation_permission(request.user, place, 'voting.add_poll', allow=['admins', 'mods'])): if request.method == 'POST': if poll_form.is_valid() and choice_form.is_valid(): poll_form_uncommited = poll_form.save(commit=False) poll_form_uncommited.space = place poll_form_uncommited.author = request.user saved_poll = poll_form_uncommited.save() poll_instance = get_object_or_404(Poll, pk=current_poll_id) for form in choice_form.forms: choice = form.save(commit=False) choice.poll = poll_instance choice.save() return redirect('/spaces/' + space_url) return render_to_response('voting/poll_form.html', {'form': poll_form, 'choiceform': choice_form, 'get_place': place, 'pollid': current_poll_id,}, context_instance=RequestContext(request)) return render_to_response('not_allowed.html',context_instance=RequestContext(request))
def add_poll(request, space_url): """ Create a new poll. Only registered users belonging to a concrete group are allowed to create polls. The polls are composed by a form and a choice formset. :parameters: space_url :context: get_place """ space = get_object_or_404(Space, url=space_url) poll_form = PollForm(request.POST or None) choice_form = ChoiceFormSet(request.POST or None, prefix="choiceform", queryset=Choice.objects.none()) if (has_operation_permission(request.user, space, 'voting.add_poll', allow=['admins', 'mods'])): if request.method == 'POST': if poll_form.is_valid() and choice_form.is_valid(): poll_form_uncommited = poll_form.save(commit=False) poll_form_uncommited.space = space poll_form_uncommited.author = request.user saved_poll = poll_form_uncommited.save() poll_instance = get_object_or_404(Poll, pk=poll_form_uncommited.pk) cform_uncommited = choice_form.save(commit=False) for cf in cform_uncommited: cf.poll = poll_instance cf.save() return HttpResponseRedirect(reverse(urln.SPACE_INDEX, kwargs={'space_url': space.url})) return render_to_response('voting/poll_form.html', {'form': poll_form, 'choiceform': choice_form, 'get_place': space}, context_instance=RequestContext(request)) return render_to_response('not_allowed.html', context_instance=RequestContext(request))
def vote_voting(request, space_url): """ View to control the votes during a votation process. Do not confuse with proposals support_votes. This function creates a new ConfirmVote object trough VoteForm with the user and a token. After that an email is sent to the user with the token for validation. This function does not add the votes. .. versionadded:: 0.1.7 """ proposal = get_object_or_404(Proposal, pk=request.POST['propid']) space = get_object_or_404(Space, url=space_url) voteform = VoteForm(request.POST) if has_operation_permission(request.user, space, 'voting.change_voting', allow=['admins', 'mods', 'users']): if request.method == 'POST' and voteform.is_valid(): # Generate the objetct token = hashlib.md5("%s%s%s" % (request.user, space, datetime.datetime.now())).hexdigest() voteform_uncommitted = voteform.save(commit=False) voteform_uncommitted.user = request.user voteform_uncommitted.token = token voteform_uncommitted.proposal = proposal voteform_uncommitted.save() # Send the email to the user. Get URL, get user mail, send mail. space_absolute_url = space.get_absolute_url() full_url = ''.join(['http://', get_current_site(request).domain, space_absolute_url, 'voting/vote/validate/', token]) user_email = request.user.email subject = _("Validate your vote") body = _("You voted recently on a process in our platform, please validate your vote following this link: %s") % full_url send_mail(subject, body, settings.DEFAULT_FROM_EMAIL, [user_email]) return HttpResponse("Vote emmited") else: return HttpResponse("Error P02: Couldn't emit the vote. You're not \ allowed.")
def delete_note(request, space_url): """ Deletes a note object. """ note = get_object_or_404(Note, pk=request.POST['noteid']) place = get_object_or_404(Space, url=space_url) if has_operation_permission(request.user, place, 'note.delete_note', allow=['admins', 'mods']) or note.author == request.user: ctype = ContentType.objects.get_for_model(Note) all_comments = Comment.objects.filter(is_public=True, is_removed=False, content_type=ctype, object_pk=note.id).all() for i in range(len(all_comments)): all_comments[i].delete() note.delete() return HttpResponse("The note has been deleted.") else: return HttpResponse("You're not the author of the note. Can't delete.")
def support_proposal(request, space_url): """ Increment support votes for the proposal in 1. We porform some permission checks, for example, the user has to be inside any of the user groups of the space. """ prop = get_object_or_404(Proposal, pk=request.POST['propid']) space = get_object_or_404(Space, url=space_url) if has_operation_permission(request.user, space, "proposals.change_proposal" ,allow=['admins', 'mods', 'users']): try: prop.support_votes.add(request.user) return HttpResponse(" Support vote emmited.") except: return HttpResponse("Error P01: Couldn't emit the vote. Couldn't \ add the user to the count. Contact support and tell them the \ error code.") else: return HttpResponse("Error P02: Couldn't emit the vote. You're not \ allowed.")
def validate_voting(request, space_url, token): """ Validate the votes done in a votation process. This function checks if the token provided by the user is the same located in the database. If the token is the same, a vote is added, if not, we redirect the user to an error page. """ space = get_object_or_404(Space, url=space_url) if has_operation_permission(request.user, space, "proposals.change_proposal", allow=['admins', 'mods', 'users']): try: tk = get_object_or_404(ConfirmVote, token=token) prop = get_object_or_404(Proposal, pk=tk.proposal.id) prop.votes.add(request.user) return HttpResponse("Your vote has been validated.") except: return HttpResponse("Error V01: Couldn't find the token for validation or the token has already been used.") tk.delete() else: return HttpResponse("Error V02: Couldn't emit the vote. You're not \ allowed.")
def get_object(self): self.space = get_object_or_404(Space, url=self.kwargs['space_url']) if has_operation_permission(self.request.user, self.space, 'debate.delete_debate', allow=['admins', 'mods']): return get_object_or_404(Debate, pk=self.kwargs['debate_id']) else: self.template_name = 'not_allowed.html'
def get_object(self): self.space = get_object_or_404(Space, url=self.kwargs["space_url"]) if has_operation_permission(self.request.user, self.space, "voting.delete_voting", allow=["admins", "mods"]): return get_object_or_404(Voting, pk=self.kwargs["voting_id"]) else: self.template_name = "not_allowed.html"
def get_object(self): self.space = get_object_or_404(Space, url=self.kwargs['space_url']) if has_operation_permission(self.request.user, self.space, 'voting.change_voting', allow=['admins', 'mods']): return get_object_or_404(Voting, pk=self.kwargs['voting_id']) else: self.template_name = 'not_allowed.html'