def motd(request):
try:
motd = Motd.objects.latest()
except Motd.DoesNotExist:
motd = None
can_edit = request.user.is_superuser or UrlPermission.user_has_access(
request.user, '/editmotd/')
#{{motd|safe}} to escape html markup
return {'motd': motd, 'can_edit_motd': can_edit}
def motd(request):
try:
motd = Motd.objects.latest()
except Motd.DoesNotExist:
motd = None
can_edit = request.user.is_superuser or UrlPermission.user_has_access(request.user, '/editmotd/')
#{{motd|safe}} to escape html markup
return {'motd': motd, 'can_edit_motd': can_edit}
def menu(request):
"""
Adds the variable {{ user_menu }} to all the templates.
The menu is composed with items from each ECM app/plugin (see the menu.py files)
The items are dynamically displayed according to user accesses.
"""
user_menus = []
for menu in ECM_MENUS:
if request.user.is_superuser or UrlPermission.user_has_access(request.user, menu['url']):
user_menus.append(menu)
data = {
'menus': user_menus,
'path': str(request.get_full_path())
}
return {'user_menu': render_to_string('ecm/menu.html', data), 'request_path': data['path']}
def menu(request):
"""
Adds the variable {{ user_menu }} to all the templates.
The menu is composed with items from each ECM app/plugin (see the menu.py files)
The items are dynamically displayed according to user accesses.
"""
user_menus = []
for menu in ECM_MENUS:
if request.user.is_superuser or UrlPermission.user_has_access(
request.user, menu['url']):
user_menus.append(menu)
data = {'menus': user_menus, 'path': str(request.get_full_path())}
return {
'user_menu': render_to_string('ecm/menu.html', data),
'request_path': data['path']
}
def is_cyno_alt(request, characterID):
"""
Serves /hr/members/<characterID>/is_cyno_alt/
"""
member = get_object_or_404(Member, characterID=int(characterID))
if not (request.user.is_superuser or request.user == member.owner
or UrlPermission.user_has_access(request.user,
request.get_full_path())):
return HttpResponseForbidden(request)
if request.method == 'POST':
try:
is_cyno_alt = bool(json.loads(request.POST.get('is_cyno_alt')))
except (ValueError, TypeError), e:
return HttpResponseBadRequest(str(e))
member.is_cyno_alt = is_cyno_alt
member.save()
logger.info('"%s" Changed cyno alt status of "%s" -> %s' %
(request.user, member, is_cyno_alt))
def _wrapped_view(request, *args, **kwargs):
if request.user.is_authenticated():
access_ok = UrlPermission.user_has_access(request.user, request.get_full_path())
if not access_ok:
try:
url_re = re.compile("^/members/\d+.*$")
if url_re.match(request.get_full_path()):
characterID = int(args[0])
access_ok = (Member.objects.get(characterID=characterID).owner == request.user)
except:
pass
if request.user.is_superuser or access_ok:
return view_function(request, *args, **kwargs)
else:
return forbidden(request)
else:
from django.contrib.auth.views import redirect_to_login
return redirect_to_login(request.get_full_path())
def is_cyno_alt(request, characterID):
"""
Serves /hr/members/<characterID>/is_cyno_alt/
"""
member = get_object_or_404(Member, characterID=int(characterID))
if not (
request.user.is_superuser
or request.user == member.owner
or UrlPermission.user_has_access(request.user, request.get_full_path())
):
return HttpResponseForbidden(request)
if request.method == "POST":
try:
is_cyno_alt = bool(json.loads(request.POST.get("is_cyno_alt")))
except (ValueError, TypeError), e:
return HttpResponseBadRequest(str(e))
member.is_cyno_alt = is_cyno_alt
member.save()
logger.info('"%s" Changed cyno alt status of "%s" -> %s' % (request.user, member, is_cyno_alt))