def change(request, id): # visibility check event = get_object_or_404(Event, pk=id) parent = helpers.get_obj(ct=event.content_type, id=event.object_id) if not helpers.is_visible(request.user, parent): return render_to_response('denied.html', context_instance=RequestContext(request)) if request.method == 'POST': #request.POST.update( { 'owner':request.user.id, 'object_id':id, # 'content_type':ct.id, 'content_obj': obj, } ) form = EventForm(request.POST, instance=event) if form.is_valid(): ev = form.save() return HttpResponseRedirect(ev.get_absolute_url()) else: form = EventForm(instance=event) context = { 'form': form, 'object': parent, 'content_type': event.content_type } context.update(locals()) return render_to_response('events/events_add.html', context,\ context_instance = RequestContext(request))
def for_instance(request, app_label, model_name, id, year=None, month=None, day=None): ''' Returns the events associated with the model instance ''' obj = helpers.get_obj(app_label=app_label, model_name=model_name, id=id ) if not helpers.is_visible(request.user, obj): return render_to_response('denied.html', context_instance=RequestContext(request)) events = Event.objects.filter(content_type = ContentType.objects.get_for_model(obj), object_id = id) events = timebound(events, year, month, day) if day: templatename = "events/events_for_day.html" else: templatename = "events/event_list.html" return render_to_response( templatename, { 'events': events, 'parent':obj, 'year':year, 'month':month, 'day':day, 'app_label': app_label, 'model_name': model_name, }, context_instance=RequestContext(request), )
def detail(request, id, slug): event = get_object_or_404(Event, pk=id) parent = helpers.get_obj(ct=event.content_type, id=event.object_id) if not helpers.is_visible(request.user, parent): return render_to_response('denied.html', context_instance=RequestContext(request)) # create whiteboard if needed member = False if event.whiteboard == None: # this will fail if the event's parent is not a group... # so, only events attached to a group can have a whiteboard. try: method = getattr(event.content_object, "associate") wb = Article(title="Event%d" % (event.id), content="") event.content_object.associate(wb, commit=False) wb.save() event.whiteboard = wb event.save() # FIXME: we assume if you can see the event, you can edit it member = True except: pass return render_to_response("events/event_detail.html", { 'object': event, 'member': member, }, context_instance=RequestContext(request), )
def feed_for_event(request, eventid): """ Returns an ical export of a single event """ event = get_object_or_404(Event, id=eventid) if not helpers.is_visible(request.user, event.content_object): return render_to_response('denied.html', context_instance=RequestContext(request)) return build_ical([event])
def change(request, id): # visibility check event = get_object_or_404(Event, pk=id) parent = helpers.get_obj(ct=event.content_type, id=event.object_id) if not helpers.is_visible(request.user, parent): return render_to_response('denied.html', context_instance=RequestContext(request)) return update_object(request, form_class=EventForm, object_id = id, )
def feed_for_instance(request, app_label, model_name, id, year=None, month=None, day=None): """ Returns an ical feed of a group's events """ obj = helpers.get_obj(app_label=app_label, model_name=model_name, id=id ) if not helpers.is_visible(request.user, obj): return render_to_response('denied.html', context_instance=RequestContext(request)) events = Event.objects.filter(content_type = ContentType.objects.get_for_model(obj), object_id = id) events = upcoming(events).order_by('start')[:30] return build_ical(events)
def events_upcoming(user, model_instance): ''' Show upcoming events (in list format) for a given model ''' if not helpers.is_visible(user, model_instance): return render_to_response('denied.html', context_instance=RequestContext(request)) events = Event.objects.upcoming_for(model_instance) events = events[:5] # TODO: non-hard-code? return {"events": events}
def events_upcoming(user, model_instance): ''' Show upcoming events (in list format) for a given model ''' if not helpers.is_visible(user, model_instance): return render_to_response('denied.html', context_instance=RequestContext(request)) events = Event.objects.filter(content_type = ContentType.objects.get_for_model(model_instance), object_id = model_instance.id) events = events.filter(start__gte=datetime.today()) events = events.order_by('start', 'end') events = events[:5] # TODO: non-hard-code? return {"events": events}
def events_upcoming(user, model_instance): ''' Show upcoming events (in list format) for a given model ''' if not helpers.is_visible(user, model_instance): return render_to_response('denied.html', context_instance=RequestContext(request)) events = Event.objects.filter( content_type=ContentType.objects.get_for_model(model_instance), object_id=model_instance.id) events = events.filter(start__gte=datetime.today()) events = events.order_by('start', 'end') events = events[:5] # TODO: non-hard-code? return {"events": events}
def filter_visibility(events, user): """ TODO: efficiency gains will be needed as the number of events increase... iterating through the entire list to check for visibility in the app is *not* scalable - eventually this will need to be done on a database level. For now, though (no more than ~50 events/month total in current myewb db) it's OK. """ visible_events = [] for event in events: parent = helpers.get_obj(ct=event.content_type, id=event.object_id) if helpers.is_visible(user, parent): visible_events.append(event) return visible_events
def detail(request, id, slug): event = get_object_or_404(Event, pk=id) parent = helpers.get_obj(ct=event.content_type, id=event.object_id) if not helpers.is_visible(request.user, parent): return render_to_response('denied.html', context_instance=RequestContext(request)) can_edit = False can_send = False member = False # see if the parent object is a descendant of BaseGroup if BaseGroup in parent.__class__.__bases__: can_edit = parent.user_is_admin(request.user) can_send = True # create whiteboard if needed if event.whiteboard == None: wb = Whiteboard(title="Event%d" % (event.id), content="") event.content_object.associate(wb, commit=False) wb.save() event.whiteboard = wb event.save() # we assume if you can see the event, you can edit it. Is this intentional? member = True elif parent.__class__ == User: if parent == request.user: can_edit = True #afk edit #TODO: confirm this #see if can find an champ info for this event, if so pass to template champ_info = ChampInfo.objects.get_by_event(event) or None return render_to_response("events/event_detail.html", { 'object': event, 'member': member, 'can_edit': can_edit, 'can_send': can_send, 'champ_info':champ_info, }, context_instance=RequestContext(request), )
def add(request, app_label, model_name, id): ''' Tag an event to another model object ''' try: ct = ContentType.objects.get(\ app_label = app_label, model = model_name) obj = ct.get_object_for_this_type( id=id ) except: return HttpResponseNotFound() # visibility check if not helpers.is_visible(request.user, obj): return render_to_response('denied.html', context_instance=RequestContext(request)) if request.method == 'POST': #request.POST.update( { 'owner':request.user.id, 'object_id':id, # 'content_type':ct.id, 'content_obj': obj, } ) form = EventForm(request.POST) if form.is_valid(): ev = form.save(commit=False) ev.owner = request.user ev.object_id = obj.id ev.content_type = ct ev.save() #AFK edits #create and link ChampInfo object if one doesn't already exist if form.cleaned_data["champable"]: print "CHAMPCHAMPCHAMPCHAMPCHAMPCHAMPCHAMPCHAMPCHAMPCHAMPCHAMPable" if ChampInfo.objects.exists_by_event(event=ev) == False: ChampInfo.new(ev) #create a new ChampInfo object linked to an empty values owner print "|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||" return HttpResponseRedirect(ev.get_absolute_url()) else: form = EventForm() context = { 'form':form, 'object':obj, 'content_type':ct, } context.update(locals()) return render_to_response('events/events_add.html', context,\ context_instance = RequestContext(request))
def add(request, app_label, model_name, id): ''' Tag an event to another model object ''' try: ct = ContentType.objects.get(\ app_label = app_label, model = model_name) obj = ct.get_object_for_this_type( id=id ) except: return HttpResponseNotFound() # visibility check if not helpers.is_visible(request.user, obj): return render_to_response('denied.html', context_instance=RequestContext(request)) if request.method == 'POST': #request.POST.update( { 'owner':request.user.id, 'object_id':id, # 'content_type':ct.id, 'content_obj': obj, } ) form = EventForm(request.POST) if form.is_valid(): ev = form.save(commit=False) ev.owner = request.user ev.object_id = obj.id ev.content_type = ct ev.save() try: return HttpResponseRedirect(obj.get_absolute_url()) except: return HttpResponseRedirect(reverse('events_all')) else: form = EventForm() context = { 'form':form, 'object':obj, 'content_type':ct, } context.update(locals()) return render_to_response('events/events_add.html', context,\ context_instance = RequestContext(request))
def add(request, app_label, model_name, id): ''' Tag an event to another model object ''' try: ct = ContentType.objects.get(\ app_label = app_label, model = model_name) obj = ct.get_object_for_this_type(id=id) except: return HttpResponseNotFound() # visibility check if not helpers.is_visible(request.user, obj): return render_to_response('denied.html', context_instance=RequestContext(request)) if request.method == 'POST': #request.POST.update( { 'owner':request.user.id, 'object_id':id, # 'content_type':ct.id, 'content_obj': obj, } ) form = EventForm(request.POST) if form.is_valid(): ev = form.save(commit=False) ev.owner = request.user ev.object_id = obj.id ev.content_type = ct ev.save() return HttpResponseRedirect(ev.get_absolute_url()) else: form = EventForm() context = { 'form': form, 'object': obj, 'content_type': ct, } context.update(locals()) return render_to_response('events/events_add.html', context,\ context_instance = RequestContext(request))
def detail(request, id, slug): event = get_object_or_404(Event, pk=id) parent = helpers.get_obj(ct=event.content_type, id=event.object_id) if not helpers.is_visible(request.user, parent): return render_to_response('denied.html', context_instance=RequestContext(request)) can_edit = False can_send = False member = False # see if the parent object is a descendant of BaseGroup if BaseGroup in parent.__class__.__bases__: can_edit = parent.user_is_admin(request.user) can_send = True # create whiteboard if needed if event.whiteboard == None: wb = Whiteboard(title="Event%d" % (event.id), content="") event.content_object.associate(wb, commit=False) wb.save() event.whiteboard = wb event.save() # we assume if you can see the event, you can edit it. Is this intentional? member = True elif parent.__class__ == User: if parent == request.user: can_edit = True return render_to_response( "events/event_detail.html", { 'object': event, 'member': member, 'can_edit': can_edit, 'can_send': can_send }, context_instance=RequestContext(request), )
def feed_for_instance(request, app_label, model_name, id, year=None, month=None, day=None): """ Returns an ical feed of a group's events """ obj = helpers.get_obj(app_label=app_label, model_name=model_name, id=id) if not helpers.is_visible(request.user, obj): return render_to_response('denied.html', context_instance=RequestContext(request)) events = Event.objects.filter( content_type=ContentType.objects.get_for_model(obj), object_id=id) events = upcoming(events).order_by('start')[:30] return build_ical(events)
def change(request, id): # visibility check event = get_object_or_404(Event, pk=id) parent = helpers.get_obj(ct=event.content_type, id=event.object_id) if not helpers.is_visible(request.user, parent): return render_to_response('denied.html', context_instance=RequestContext(request)) if request.method == 'POST': #request.POST.update( { 'owner':request.user.id, 'object_id':id, # 'content_type':ct.id, 'content_obj': obj, } ) form = EventForm(request.POST, instance=event) if form.is_valid(): ev = form.save() return HttpResponseRedirect(ev.get_absolute_url()) else: form = EventForm(instance=event) context = { 'form':form, 'object':parent, 'content_type':event.content_type } context.update(locals()) return render_to_response('events/events_add.html', context,\ context_instance = RequestContext(request))
def for_instance(request, app_label, model_name, id, year=None, month=None, day=None): ''' Returns the events associated with the model instance ''' obj = helpers.get_obj(app_label=app_label, model_name=model_name, id=id) if not helpers.is_visible(request.user, obj): return render_to_response('denied.html', context_instance=RequestContext(request)) events = Event.objects.filter( content_type=ContentType.objects.get_for_model(obj), object_id=id) events = timebound(events, year, month, day) if day: templatename = "events/events_for_day.html" else: templatename = "events/event_list.html" return render_to_response( templatename, { 'events': events, 'parent': obj, 'year': year, 'month': month, 'day': day, 'app_label': app_label, 'model_name': model_name, }, context_instance=RequestContext(request), )
def email_event(request, eventid): """ Lets you email an event reminder. Email goes to the parent group (if one exists). Later this would be great for "email all RSVPs" and such. """ event = get_object_or_404(Event, id=eventid) parent = event.content_object if not helpers.is_visible(request.user, parent): return render_to_response('denied.html', context_instance=RequestContext(request)) if BaseGroup not in parent.__class__.__bases__: request.user.message_set.create( message="You can only send emails to group-owned events.") return HttpResponseRedirect(reverse(event.get_absolute_url())) if not parent.user_is_admin(request.user): request.user.message_set.create( message="You cannot send emails to the parent group.") return HttpResponseRedirect(reverse(event.get_absolute_url())) confirm = None if request.method == 'POST': form = EventEmailForm(request.POST, user=request.user, group=parent) if form.is_valid(): if request.POST.get('confirmed', None) and request.POST.get( 'action', 'back') == "send": # extra security check that sender isn't forged. # can't hurt... # copied from group_topics.views.topics.new_topic - can we combine? sender_valid = False if parent.user_is_admin(request.user): if form.cleaned_data['sender'] == parent.from_email: sender_valid = True sender = '"%s" <%s>' % (parent.from_name, parent.from_email) elif get_object_or_none( EmailAddress, email=form.cleaned_data['sender'] ) in request.user.get_profile().email_addresses(): sender_valid = True sender = '"%s %s" <%s>' % (request.user.get_profile( ).first_name, request.user.get_profile().last_name, form.cleaned_data['sender']) elif request.user.is_staff and form.cleaned_data[ 'sender'] == "*****@*****.**": sender_valid = True sender = '"EWB-ISF Canada" <*****@*****.**>' # and this is all copied from group_topics.models.GroupTopic.send_email ... =( tmpl = loader.get_template("email_template.html") c = Context({ 'group': parent, 'title': form.cleaned_data['subject'], 'body': form.cleaned_data['body'], 'topic_id': None, 'event': event, 'attachments': None }) message = tmpl.render(c) parent.send_mail_to_members(form.cleaned_data['subject'], message, sender=sender) request.user.message_set.create(message="Email sent.") return HttpResponseRedirect(event.get_absolute_url()) if not request.POST.get('action', None): confirm = request.POST else: form = EventEmailForm(user=request.user, group=parent) return render_to_response( 'events/email.html', { 'event': event, 'form': form, 'confirm': confirm }, context_instance=RequestContext(request), )
def free_comment(request, content_type=None, object_id=None, edit_id=None, parent_id=None, add_messages=False, ajax=False, model=FreeThreadedComment, form_class=MyFreeThreadedCommentForm, attach_form_class=AttachmentForm, context_processors=[], extra_context={}): """ Receives POST data and either creates a new ``ThreadedComment`` or ``FreeThreadedComment``, or edits an old one based upon the specified parameters. If there is a 'preview' key in the POST request, a preview will be forced and the comment will not be saved until a 'preview' key is no longer in the POST request. If it is an *AJAX* request (either XML or JSON), it will return a serialized version of the last created ``ThreadedComment`` and there will be no redirect. If invalid POST data is submitted, this will go to the comment preview page where the comment may be edited until it does not contain errors. """ if not edit_id and not (content_type and object_id): raise Http404 # Must specify either content_type and object_id or edit_id if "preview" in request.POST: return _preview(request, context_processors, extra_context, model=model, form_class=form_class, attach_form_class=attach_form_class) if edit_id: instance = get_object_or_404(model, id=edit_id) else: instance = model() tcviews._adjust_max_comment_length(form_class) attach_count = -1 if "attach_count" in request.POST: attach_count = int(request.POST["attach_count"]) form = form_class(request.POST, instance=instance) attach_forms = [ attach_form_class(request.POST, request.FILES, prefix=str(x), instance=Attachment()) for x in range(0, attach_count) ] # do not take blank attachment forms into account for af in attach_forms: if not af.is_valid() and not af['attachment_file'].data: attach_forms.remove(af) attach_count = attach_count - 1 if form.is_valid() and all([af.is_valid() for af in attach_forms]): new_comment = form.save(commit=False) # visibility check! if request.user.is_anonymous(): return HttpResponseForbidden() # get parent object ctype = ContentType.objects.get(id=content_type) parentgrp = helpers.get_obj(ct=ctype, id=object_id) if not helpers.is_visible(request.user, parentgrp): return HttpResponseForbidden() # set up the comment object for saving if not edit_id: new_comment.ip_address = request.META.get('REMOTE_ADDR', None) new_comment.content_type = get_object_or_404(ContentType, id=int(content_type)) new_comment.object_id = int(object_id) if model == ThreadedComment: new_comment.user = request.user if parent_id: new_comment.parent = get_object_or_404(model, id=int(parent_id)) new_comment.save() # handle attachments for af in attach_forms: attachment = af.save(request, new_comment) # and send email # (can't do this in a post-save hook since attachments aren't saved at that point) new_comment.send_to_watchlist() # handle tags newtags = set(form.cleaned_data['tags'].split(',')) oldtags = set(new_comment.content_object.tags.split(',')) alltags = newtags | oldtags alltags.remove('') tagstring = "" for t in alltags: tagstring += t + "," new_comment.content_object.tags = tagstring new_comment.content_object.save() # and display success messages if model == ThreadedComment: if add_messages: request.user.message_set.create( message="Your message has been posted successfully.") else: request.session['successful_data'] = { 'name': form.cleaned_data['name'], 'website': form.cleaned_data['website'], 'email': form.cleaned_data['email'], } if ajax == 'json': return JSONResponse([ new_comment, ]) elif ajax == 'xml': return XMLResponse([ new_comment, ]) else: return HttpResponseRedirect(tcviews._get_next(request)) elif ajax == "json": return JSONResponse({'errors': form.errors}, is_iterable=False) elif ajax == "xml": template_str = """ <errorlist> {% for error,name in errors %} <field name="{{ name }}"> {% for suberror in error %}<error>{{ suberror }}</error>{% endfor %} </field> {% endfor %} </errorlist> """ response_str = Template(template_str).render( Context({'errors': zip(form.errors.values(), form.errors.keys())})) return XMLResponse(response_str, is_iterable=False) else: return _preview(request, context_processors, extra_context, model=model, form_class=form_class, attach_form_class=attach_form_class)
def free_comment(request, content_type=None, object_id=None, edit_id=None, parent_id=None, add_messages=False, ajax=False, model=FreeThreadedComment, form_class=MyFreeThreadedCommentForm, attach_form_class=AttachmentForm, context_processors=[], extra_context={}): """ Receives POST data and either creates a new ``ThreadedComment`` or ``FreeThreadedComment``, or edits an old one based upon the specified parameters. If there is a 'preview' key in the POST request, a preview will be forced and the comment will not be saved until a 'preview' key is no longer in the POST request. If it is an *AJAX* request (either XML or JSON), it will return a serialized version of the last created ``ThreadedComment`` and there will be no redirect. If invalid POST data is submitted, this will go to the comment preview page where the comment may be edited until it does not contain errors. """ if not edit_id and not (content_type and object_id): raise Http404 # Must specify either content_type and object_id or edit_id if "preview" in request.POST: return _preview(request, context_processors, extra_context, model=model, form_class=form_class, attach_form_class=attach_form_class) if edit_id: instance = get_object_or_404(model, id=edit_id) else: instance = model() tcviews._adjust_max_comment_length(form_class) attach_count = -1 if "attach_count" in request.POST: attach_count = int(request.POST["attach_count"]) form = form_class(request.POST, instance=instance) attach_forms = [attach_form_class(request.POST, request.FILES, prefix=str(x), instance=Attachment()) for x in range(0,attach_count)] # do not take blank attachment forms into account for af in attach_forms: if not af.is_valid() and not af['attachment_file'].data: attach_forms.remove(af) attach_count = attach_count - 1 if form.is_valid() and all([af.is_valid() for af in attach_forms]): new_comment = form.save(commit=False) # visibility check! if request.user.is_anonymous(): return HttpResponseForbidden() # get parent object ctype = ContentType.objects.get(id=content_type) parentgrp = helpers.get_obj(ct=ctype, id=object_id) if not helpers.is_visible(request.user, parentgrp): return HttpResponseForbidden() # set up the comment object for saving if not edit_id: new_comment.ip_address = request.META.get('REMOTE_ADDR', None) new_comment.content_type = get_object_or_404(ContentType, id = int(content_type)) new_comment.object_id = int(object_id) if model == ThreadedComment: new_comment.user = request.user if parent_id: new_comment.parent = get_object_or_404(model, id = int(parent_id)) new_comment.save() # handle attachments for af in attach_forms: attachment = af.save(request, new_comment) # and send email # (can't do this in a post-save hook since attachments aren't saved at that point) new_comment.send_to_watchlist() # handle tags if form.cleaned_data.get('tags', None) and hasattr(new_comment.content_object, 'tags'): newtags = set(form.cleaned_data['tags'].split(',')) oldtags = set(new_comment.content_object.tags.split(',')) alltags = newtags | oldtags alltags.remove('') tagstring = "" for t in alltags: tagstring += t + "," new_comment.content_object.tags = tagstring new_comment.content_object.save() # and display success messages if model == ThreadedComment: if add_messages: request.user.message_set.create(message="Your message has been posted successfully.") else: request.session['successful_data'] = { 'name' : form.cleaned_data['name'], 'website' : form.cleaned_data['website'], 'email' : form.cleaned_data['email'], } if ajax == 'json': return JSONResponse([new_comment,]) elif ajax == 'xml': return XMLResponse([new_comment,]) else: return HttpResponseRedirect(tcviews._get_next(request)) elif ajax=="json": return JSONResponse({'errors' : form.errors}, is_iterable=False) elif ajax=="xml": template_str = """ <errorlist> {% for error,name in errors %} <field name="{{ name }}"> {% for suberror in error %}<error>{{ suberror }}</error>{% endfor %} </field> {% endfor %} </errorlist> """ response_str = Template(template_str).render(Context({'errors' : zip(form.errors.values(), form.errors.keys())})) return XMLResponse(response_str, is_iterable=False) else: return _preview(request, context_processors, extra_context, model=model, form_class=form_class, attach_form_class=attach_form_class)
def email_event(request, eventid): """ Lets you email an event reminder. Email goes to the parent group (if one exists). Later this would be great for "email all RSVPs" and such. """ event = get_object_or_404(Event, id=eventid) parent = event.content_object if not helpers.is_visible(request.user, parent): return render_to_response('denied.html', context_instance=RequestContext(request)) if BaseGroup not in parent.__class__.__bases__: request.user.message_set.create(message="You can only send emails to group-owned events.") return HttpResponseRedirect(reverse(event.get_absolute_url())) if not parent.user_is_admin(request.user): request.user.message_set.create(message="You cannot send emails to the parent group.") return HttpResponseRedirect(reverse(event.get_absolute_url())) confirm = None if request.method == 'POST': form = EventEmailForm(request.POST, user=request.user, group=parent) if form.is_valid(): if request.POST.get('confirmed', None) and request.POST.get('action', 'back') == "send": # extra security check that sender isn't forged. # can't hurt... # copied from group_topics.views.topics.new_topic - can we combine? sender_valid = False if parent.user_is_admin(request.user): if form.cleaned_data['sender'] == parent.from_email: sender_valid = True sender = '"%s" <%s>' % (parent.from_name, parent.from_email) elif get_object_or_none(EmailAddress, email=form.cleaned_data['sender']) in request.user.get_profile().email_addresses(): sender_valid = True sender = '"%s %s" <%s>' % (request.user.get_profile().first_name, request.user.get_profile().last_name, form.cleaned_data['sender']) elif request.user.is_staff and form.cleaned_data['sender'] == "*****@*****.**": sender_valid = True sender = '"EWB-ISF Canada" <*****@*****.**>' # and this is all copied from group_topics.models.GroupTopic.send_email ... =( tmpl = loader.get_template("email_template.html") c = Context({'group': parent, 'title': form.cleaned_data['subject'], 'body': form.cleaned_data['body'], 'topic_id': None, 'event': event, 'attachments': None }) message = tmpl.render(c) parent.send_mail_to_members(form.cleaned_data['subject'], message, sender=sender) request.user.message_set.create(message="Email sent.") return HttpResponseRedirect(event.get_absolute_url()) if not request.POST.get('action', None): confirm = request.POST else: form = EventEmailForm(user=request.user, group=parent) return render_to_response('events/email.html', {'event': event, 'form': form, 'confirm': confirm }, context_instance=RequestContext(request), )