def approve(request, id, template_name="directories/approve.html"): can_view_directories = has_perm(request.user, 'directories.view_directory') can_change_directories = has_perm(request.user, 'directories.change_directory') if not all([can_view_directories, can_change_directories]): raise Http403 directory = get_object_or_404(Directory, pk=id) if request.method == "POST": directory.activation_dt = datetime.now() directory.expiration_dt = directory.activation_dt + timedelta( days=directory.requested_duration) directory.allow_anonymous_view = True directory.status = True directory.status_detail = 'active' if not directory.creator: directory.creator = request.user directory.creator_username = request.user.username if not directory.owner: directory.owner = request.user directory.owner_username = request.user.username directory.save() # assign files permissions assign_files_perms(directory) # send email notification to user recipients = directory.get_owner_emails_list() if recipients: notification.send_emails(recipients, 'directory_approved_user_notice', { 'object': directory, 'request': request, }) msg_string = 'Successfully approved %s' % directory messages.add_message(request, messages.SUCCESS, _(msg_string)) return HttpResponseRedirect(reverse('directory', args=[directory.slug])) return render_to_resp(request=request, template_name=template_name, context={'directory': directory})
def edit(request, id, form_class=NewsForm, template_name="news/edit.html"): news = get_object_or_404(News, pk=id) # check permission if not has_perm(request.user, 'news.change_news', news): raise Http403 form = form_class(instance=news, user=request.user) if request.method == "POST": form = form_class(request.POST, request.FILES, instance=news, user=request.user) if form.is_valid(): news = form.save(commit=False) # update all permissions and save the model news = update_perms_and_save(request, form, news) form.save_m2m() # save photo photo = form.cleaned_data['photo_upload'] if photo: news.save(photo=photo) assign_files_perms(news, files=[news.thumbnail]) # update thumbnail status when news status is updated # this will fix the error wherein a thumbnail image # can be viewed only when logged in. thumbnail = news.thumbnail if thumbnail: thumbnail.status_detail = news.status_detail thumbnail.save() msg_string = 'Successfully updated %s' % str(news) messages.add_message(request, messages.SUCCESS, _(msg_string)) return HttpResponseRedirect( reverse('news.detail', args=[news.slug])) return render_to_resp(request=request, template_name=template_name, context={ 'news': news, 'form': form })
def save_header_image(self, request, job): if self.is_valid(): f = self.cleaned_data['header_image'] if f: header_image = File() header_image.content_type = ContentType.objects.get_for_model(Job) header_image.object_id = job.id header_image.creator = request.user header_image.creator_username = request.user.username header_image.owner = request.user header_image.owner_username = request.user.username filename = "%s-%s" % (job.slug, f.name) f.file.seek(0) header_image.file.save(filename, f) job.header_image = header_image job.save() assign_files_perms(job, files=[job.header_image])
def add(request, form_class=NewsForm, template_name="news/add.html"): # check permission if not has_perm(request.user, 'news.add_news'): raise Http403 if request.method == "POST": form = form_class(request.POST, request.FILES, user=request.user) if form.is_valid(): news = form.save(commit=False) # update all permissions and save the model news = update_perms_and_save(request, form, news) form.save_m2m() # save photo photo = form.cleaned_data['photo_upload'] if photo: news.save(photo=photo) assign_files_perms(news, files=[news.thumbnail]) msg_string = 'Successfully added %s' % str(news) messages.add_message(request, messages.SUCCESS, _(msg_string)) # send notification to administrators recipients = get_notice_recipients('module', 'news', 'newsrecipients') if recipients: if notification: extra_context = { 'object': news, 'request': request, } notification.send_emails(recipients, 'news_added', extra_context) return HttpResponseRedirect( reverse('news.detail', args=[news.slug])) else: form = form_class(user=request.user) return render_to_resp(request=request, template_name=template_name, context={'form': form})
def add(request, form_class=NewsForm, template_name="news/add.html"): # check permission if not has_perm(request.user, 'news.add_news'): raise Http403 if request.method == "POST": form = form_class(request.POST, request.FILES, user=request.user) if form.is_valid(): news = form.save(commit=False) # update all permissions and save the model news = update_perms_and_save(request, form, news) form.save_m2m() # save photo photo = form.cleaned_data['photo_upload'] if photo: news.save(photo=photo) assign_files_perms(news, files=[news.thumbnail]) msg_string = 'Successfully added %s' % unicode(news) messages.add_message(request, messages.SUCCESS, _(msg_string)) # send notification to administrators recipients = get_notice_recipients('module', 'news', 'newsrecipients') if recipients: if notification: extra_context = { 'object': news, 'request': request, } notification.send_emails(recipients, 'news_added', extra_context) return HttpResponseRedirect(reverse('news.detail', args=[news.slug])) else: form = form_class(user=request.user) return render_to_response(template_name, {'form': form}, context_instance=RequestContext(request))
def add(request, form_class=StoryForm, template_name="stories/add.html"): if has_perm(request.user, 'stories.add_story'): if request.method == "POST": form = form_class(request.POST, request.FILES, user=request.user) if form.is_valid(): story = form.save(commit=False) story = update_perms_and_save(request, form, story) # save photo photo = form.cleaned_data['photo_upload'] if photo: story.save(photo=photo) assign_files_perms(story, files=[story.image]) if 'rotator' in story.tags: checklist_update('add-story') messages.add_message( request, messages.SUCCESS, _('Successfully added %(str)s' % {'str': str(story)})) return HttpResponseRedirect(reverse('story', args=[story.pk])) else: from pprint import pprint pprint(list(form.errors.items())) else: form = form_class(user=request.user) tags = request.GET.get('tags', '') if tags: form.fields['tags'].initial = tags else: raise Http403 return render_to_resp(request=request, template_name=template_name, context={'form': form})
def edit(request, id, form_class=NewsForm, template_name="news/edit.html"): news = get_object_or_404(News, pk=id) # check permission if not has_perm(request.user, 'news.change_news', news): raise Http403 form = form_class(instance=news, user=request.user) if request.method == "POST": form = form_class(request.POST, request.FILES, instance=news, user=request.user) if form.is_valid(): news = form.save(commit=False) # update all permissions and save the model news = update_perms_and_save(request, form, news) form.save_m2m() # save photo photo = form.cleaned_data['photo_upload'] if photo: news.save(photo=photo) assign_files_perms(news, files=[news.thumbnail]) # update thumbnail status when news status is updated # this will fix the error wherein a thumbnail image # can be viewed only when logged in. thumbnail = news.thumbnail if thumbnail: thumbnail.status_detail = news.status_detail thumbnail.save() msg_string = 'Successfully updated %s' % unicode(news) messages.add_message(request, messages.SUCCESS, _(msg_string)) return HttpResponseRedirect(reverse('news.detail', args=[news.slug])) return render_to_response(template_name, {'news': news, 'form': form}, context_instance=RequestContext(request))
def add(request, form_class=StoryForm, template_name="stories/add.html"): if has_perm(request.user,'stories.add_story'): if request.method == "POST": form = form_class(request.POST, request.FILES, user=request.user) if form.is_valid(): story = form.save(commit=False) story = update_perms_and_save(request, form, story) # save photo photo = form.cleaned_data['photo_upload'] if photo: story.save(photo=photo) assign_files_perms(story, files=[story.image]) if 'rotator' in story.tags: checklist_update('add-story') messages.add_message(request, messages.SUCCESS, _('Successfully added %(str)s' % {'str': unicode(story)})) return HttpResponseRedirect(reverse('story', args=[story.pk])) else: from pprint import pprint pprint(form.errors.items()) else: form = form_class(user=request.user) tags = request.GET.get('tags', '') if tags: form.fields['tags'].initial = tags else: raise Http403 return render_to_response(template_name, {'form':form}, context_instance=RequestContext(request))
def handle_uploaded_photo(request, photoset_id, file_path): import uuid from django.core.files import File from django.db.models import Max from tendenci.apps.perms.object_perms import ObjectPermission photo = Image() # use file name to create title; remove extension filename, extension = os.path.splitext(os.path.basename(file_path)) photo.title = filename # clean filename; alphanumeric with dashes filename = re.sub(r'[^a-zA-Z0-9._]+', '-', filename) # truncate; make unique; append extension filename = filename[:70] + '-' + str(uuid.uuid4())[:5] + extension photo.image.save(filename, File(open(file_path, 'rb'))) position_max = Image.objects.filter(photoset=photoset_id).aggregate( Max('position'))['position__max'] or 0 photo.position = position_max + 1 photo.status = True photo.status_detail = 'active' photo.member = request.user photo.safetylevel = 3 photo.is_public = True photo.allow_anonymous_view = True # Can't use update_perms_and_save() here since we don't have a form #photo = update_perms_and_save(request, photo_form, photo) photo.creator = request.user photo.creator_username = request.user.username photo.owner = request.user photo.owner_username = request.user.username photo.allow_user_view = False photo.allow_user_edit = False photo.allow_member_view = False photo.allow_member_edit = False photo.save() assign_files_perms(photo) EventLog.objects.log( **{ 'event_id': 990100, 'event_data': '%s (%d) added by %s' % (photo._meta.object_name, photo.pk, request.user), 'description': '%s added' % photo._meta.object_name, 'user': request.user, 'request': request, 'instance': photo, }) # add to photo set if photo set is specified if photoset_id: photo_set = get_object_or_404(PhotoSet, id=photoset_id) photo_set.image_set.add(photo) privacy = get_privacy_settings(photo_set) # photo privacy = album privacy for k, v in privacy.items(): setattr(photo, k, v) photo.save() # photo group perms = album group perms group_perms = photo_set.perms.filter(group__isnull=False).values_list( 'group', 'codename') group_perms = tuple([(str(g), c.split('_')[0]) for g, c in group_perms]) ObjectPermission.objects.assign_group(group_perms, photo) # serialize queryset #data = serializers.serialize("json", Image.objects.filter(id=photo.id)) Popen([python_executable(), "manage.py", "precache_photo", str(photo.pk)])
def handle_uploaded_photo(request, photoset_id, file_path): import uuid from django.core.files import File from django.db.models import Max from tendenci.apps.perms.object_perms import ObjectPermission photo = Image() # use file name to create title; remove extension filename, extension = os.path.splitext(os.path.basename(file_path)) photo.title = filename # clean filename; alphanumeric with dashes filename = re.sub(r'[^a-zA-Z0-9._]+', '-', filename) # truncate; make unique; append extension filename = filename[:70] + '-' + unicode(uuid.uuid1())[:5] + extension photo.image.save(filename, File(open(file_path, 'rb'))) position_max = Image.objects.filter( photoset=photoset_id).aggregate(Max('position'))['position__max'] or 0 photo.position = position_max + 1 photo.status = True photo.status_detail = 'active' photo.member = request.user photo.safetylevel = 3 photo.is_public = True photo.allow_anonymous_view = True # Can't use update_perms_and_save() here since we don't have a form #photo = update_perms_and_save(request, photo_form, photo) photo.creator = request.user photo.creator_username = request.user.username photo.owner = request.user photo.owner_username = request.user.username photo.allow_user_view = False photo.allow_user_edit = False photo.allow_member_view = False photo.allow_member_edit = False photo.save() assign_files_perms(photo) EventLog.objects.log(**{ 'event_id': 990100, 'event_data': '%s (%d) added by %s' % (photo._meta.object_name, photo.pk, request.user), 'description': '%s added' % photo._meta.object_name, 'user': request.user, 'request': request, 'instance': photo, }) # add to photo set if photo set is specified if photoset_id: photo_set = get_object_or_404(PhotoSet, id=photoset_id) photo_set.image_set.add(photo) privacy = get_privacy_settings(photo_set) # photo privacy = album privacy for k, v in privacy.items(): setattr(photo, k, v) photo.save() # photo group perms = album group perms group_perms = photo_set.perms.filter(group__isnull=False).values_list('group', 'codename') group_perms = tuple([(unicode(g), c.split('_')[0]) for g, c in group_perms]) ObjectPermission.objects.assign_group(group_perms, photo) # serialize queryset data = serializers.serialize("json", Image.objects.filter(id=photo.id)) cache_image = Popen([python_executable(), "manage.py", "precache_photo", str(photo.pk)])
def add(request, form_class=PageForm, meta_form_class=MetaForm, category_form_class=CategoryForm, template_name="pages/add.html"): if not has_perm(request.user, 'pages.add_page'): raise Http403 content_type = get_object_or_404(ContentType, app_label='pages', model='page') if request.method == "POST": form = form_class(request.POST, request.FILES, user=request.user) metaform = meta_form_class(request.POST, prefix='meta') categoryform = category_form_class(content_type, request.POST,) if form.is_valid() and metaform.is_valid() and categoryform.is_valid(): page = form.save(commit=False) # add all permissions and save the model page = update_perms_and_save(request, form, page) # handle header image f = form.cleaned_data['header_image'] if f: header = HeaderImage() header.content_type = ContentType.objects.get_for_model(Page) header.object_id = page.id header.creator = request.user header.creator_username = request.user.username header.owner = request.user header.owner_username = request.user.username filename = "%s-%s" % (page.slug, f.name) f.file.seek(0) header.file.save(filename, f) page.header_image = header page.save() assign_files_perms(page, files=[page.header_image]) #save meta meta = metaform.save() page.meta = meta ## update the category and subcategory page.update_category_subcategory( categoryform.cleaned_data['category'], categoryform.cleaned_data['sub_category'] ) messages.add_message(request, messages.SUCCESS, _('Successfully added %(p)s' % {'p': str(page)})) checklist_update('add-page') if not request.user.profile.is_superuser: # send notification to administrators recipients = get_notice_recipients('module', 'pages', 'pagerecipients') if recipients: if notification: extra_context = { 'object': page, 'request': request, } notification.send_emails(recipients, 'page_added', extra_context) if page.status and page.status_detail == 'active': return HttpResponseRedirect(reverse('page', args=[page.slug])) return HttpResponseRedirect(reverse('page.search')) else: initial_category_form_data = { 'app_label': 'pages', 'model': 'page', 'pk': 0, } form = form_class(user=request.user) metaform = meta_form_class(prefix='meta') categoryform = category_form_class(content_type, initial=initial_category_form_data,) return render_to_resp(request=request, template_name=template_name, context={ 'form': form, 'metaform': metaform, 'categoryform': categoryform, })