def photoset_details(request, id, template_name="photos/photo-set/details.html"): """ View photos in photo set """ photo_set = get_object_or_404(PhotoSet, id=id) if not has_view_perm(request.user, 'photos.view_photoset', photo_set): raise Http403 order = get_setting('module', 'photos', 'photoordering') #if order == 'descending': # photos = photo_set.get_images(user=request.user).order_by('-pk') #else: # photos = photo_set.get_images(user=request.user).order_by('pk') photos = photo_set.get_images(user=request.user).order_by("position") EventLog.objects.log(**{ 'event_id': 991500, 'event_data': '%s (%d) viewed by %s' % (photo_set._meta.object_name, photo_set.pk, request.user), 'description': '%s viewed' % photo_set._meta.object_name, 'user': request.user, 'request': request, 'instance': photo_set, }) return render_to_response(template_name, { "photos": photos, "photo_set": photo_set, }, context_instance=RequestContext(request))
def detail(request, slug=None, hash=None, template_name="articles/view.html"): if not slug and not hash: return HttpResponseRedirect(reverse('articles')) if hash: version = get_object_or_404(Version, hash=hash) current_article = get_object_or_404(Article, pk=version.object_id) article = version.get_version_object() msg_string = 'You are viewing a previous version of this article. View the <a href="%s%s">Current Version</a>.' % (get_setting('site', 'global', 'siteurl'), current_article.get_absolute_url()) messages.add_message(request, messages.WARNING, _(msg_string)) else: article = get_object_or_404(Article, slug=slug) # non-admin can not view the non-active content # status=0 has been taken care of in the has_perm function if (article.status_detail).lower() != 'active' and (not request.user.profile.is_superuser): raise Http403 if not article.release_dt_local and article.release_dt: article.assign_release_dt_local() if not article.release_dt_local or article.release_dt_local >= datetime.now(): if not any([ has_perm(request.user, 'articles.view_article'), request.user == article.owner, request.user == article.creator ]): raise Http403 if has_view_perm(request.user, 'articles.view_article', article): EventLog.objects.log(instance=article) return render_to_resp(request=request, template_name=template_name, context={'article': article}) else: raise Http403
def group_membership_self_add(request, slug, user_id): group = get_object_or_404(Group, slug=slug) user = get_object_or_404(User, pk=user_id) if not has_view_perm(request.user,'user_groups.view_group', group) and not group.allow_self_add: raise Http403 group_membership = GroupMembership.objects.filter(member=user, group=group) if not group_membership: group_membership = GroupMembership() group_membership.group = group group_membership.member = user group_membership.creator_id = user.id group_membership.creator_username = user.username group_membership.owner_id = user.id group_membership.owner_username = user.username group_membership.save() EventLog.objects.log(instance=group_membership) if group_membership.is_newsletter_subscribed: group_membership.subscribe_to_newsletter() messages.add_message(request, messages.SUCCESS, _('Successfully added yourself to group %(grp)s' % {'grp':group})) else: messages.add_message(request, messages.INFO, _('You are already in the group %(grp)s' % {'grp': group})) return HttpResponseRedirect(reverse('group.search'))
def group_detail(request, group_slug, template_name="user_groups/detail.html"): group = get_object_or_404(Group, slug=group_slug) membership_view_perms = get_setting('module', 'memberships', 'memberprotection') if not has_view_perm(request.user,'user_groups.view_group',group): raise Http403 if group in request.user.profile.get_groups(): is_group_member = True gm = GroupMembership.objects.get(group=group, member=request.user) else: is_group_member = False gm = None EventLog.objects.log(instance=group) if request.user.profile.is_superuser or membership_view_perms <> 'private': groupmemberships = GroupMembership.objects.filter( group=group, status=True, status_detail='active').order_by('member__last_name') else: groupmemberships = GroupMembership.objects.none() count_members = len(groupmemberships) return render_to_response( template_name, locals(), context_instance=RequestContext(request))
def group_membership_self_remove(request, slug, user_id): group = get_object_or_404(Group, slug=slug) if not has_view_perm(request.user, 'user_groups.view_group', group) and not group.allow_self_remove: raise Http403 user = get_object_or_404(User, pk=user_id) group_membership = GroupMembership.objects.filter(member=user, group=group) if group_membership: group_membership = group_membership[0] if group_membership.member == user: EventLog.objects.log(instance=group_membership) group_membership.delete() messages.add_message( request, messages.SUCCESS, _('Successfully removed yourself from group %(grp)s' % {'grp': group})) else: messages.add_message( request, messages.INFO, _('You are not in the group %(grp)s' % {'grp': group})) return HttpResponseRedirect(reverse('group.search'))
def display_header_image(request, id): page = get_object_or_404(Page, pk=id) if not has_view_perm(request.user, '[pages.view_page', page): raise Http403 return file_display(request, page.header_image.file.name)
def group_detail(request, group_slug, template_name="user_groups/detail.html"): group = get_object_or_404(Group, slug=group_slug) membership_view_perms = get_setting('module', 'memberships', 'memberprotection') if not has_view_perm(request.user, 'user_groups.view_group', group): raise Http403 if group in request.user.profile.get_groups(): is_group_member = True gm = GroupMembership.objects.get(group=group, member=request.user) else: is_group_member = False gm = None EventLog.objects.log(instance=group) if request.user.profile.is_superuser or membership_view_perms <> 'private': groupmemberships = GroupMembership.objects.filter( group=group, status=True, status_detail='active').order_by('member__last_name') else: groupmemberships = GroupMembership.objects.none() count_members = len(groupmemberships) return render_to_response(template_name, locals(), context_instance=RequestContext(request))
def display_header_image(request, id): page = get_object_or_404(Page, pk=id) if not has_view_perm(request.user, "[pages.view_page", page): raise Http403 return file_display(request, page.header_image.file.name)
def details(request, slug=None, template_name="directories/view.html"): if not slug: return HttpResponseRedirect(reverse('directories')) directory = get_object_or_404(Directory, slug=slug) if has_view_perm(request.user, 'directories.view_directory', directory) \ or directory.has_membership_with(request.user): EventLog.objects.log(instance=directory) if get_setting('module', 'directories', 'affiliates_enabled'): affiliates_list = directory.get_list_affiliates() parents_list = directory.get_list_parent_directories() # list of affiliate requests affiliate_requests = directory.from_directory.all() else: affiliates_list = None parents_list = None affiliate_requests = None return render_to_resp(request=request, template_name=template_name, context={ 'directory': directory, 'affiliates_list': affiliates_list, 'parents_list': parents_list, 'affiliate_requests': affiliate_requests }) raise Http403
def print_view(request, id, template_name="contacts/print-view.html"): contact = get_object_or_404(Contact, pk=id) if has_view_perm(request.user,'contacts.view_contact',contact): return render_to_response(template_name, {'contact': contact}, context_instance=RequestContext(request)) else: raise Http403
def print_view(request, id, template_name="contacts/print-view.html"): contact = get_object_or_404(Contact, pk=id) if has_view_perm(request.user,'contacts.view_contact',contact): return render_to_resp(request=request, template_name=template_name, context={'contact': contact}) else: raise Http403
def logo_display(request, id): directory = get_object_or_404(Directory, pk=id) if not has_view_perm(request.user, 'directories.view_directory', directory): raise Http403 return file_display(request, directory.logo.name)
def print_view(request, id, template_name="contacts/print-view.html"): contact = get_object_or_404(Contact, pk=id) if has_view_perm(request.user, 'contacts.view_contact', contact): return render_to_response(template_name, {'contact': contact}, context_instance=RequestContext(request)) else: raise Http403
def details(request, id=None, template_name="contacts/view.html"): if not id: return HttpResponseRedirect(reverse('contacts')) contact = get_object_or_404(Contact, pk=id) if has_view_perm(request.user, 'contacts.view_contact', contact): return render_to_response(template_name, {'contact': contact}, context_instance=RequestContext(request)) else: raise Http403
def details(request, id=None, template_name="contacts/view.html"): if not id: return HttpResponseRedirect(reverse('contacts')) contact = get_object_or_404(Contact, pk=id) if has_view_perm(request.user,'contacts.view_contact',contact): return render_to_resp(request=request, template_name=template_name, context={'contact': contact}) else: raise Http403
def print_view(request, slug, template_name="directories/print-view.html"): directory = get_object_or_404(Directory, slug=slug) if has_view_perm(request.user,'directories.view_directory',directory): EventLog.objects.log(instance=directory) return render_to_response(template_name, {'directory': directory}, context_instance=RequestContext(request)) else: raise Http403
def print_view(request, id, template_name="files/print-view.html"): file = get_object_or_404(File, pk=id) # check permission if not has_view_perm(request.user, 'files.view_file', file): raise Http403 return render_to_response(template_name, {'file': file}, context_instance=RequestContext(request))
def print_details(request, id, template_name="stories/print_details.html"): story = get_object_or_404(Story, pk=id) if not has_view_perm(request.user,'stories.view_story', story): raise Http403 EventLog.objects.log(instance=story) return render_to_response(template_name, {'story': story}, context_instance=RequestContext(request))
def detail(request, slug, template_name="locations/view.html"): location = get_object_or_404(Location, slug=slug) if has_view_perm(request.user,'locations.view_location',location): EventLog.objects.log(instance=location) return render_to_resp(request=request, template_name=template_name, context={'location': location}) else: raise Http403
def detail(request, slug, template_name="locations/view.html"): location = get_object_or_404(Location, slug=slug) if has_view_perm(request.user, 'locations.view_location', location): EventLog.objects.log(instance=location) return render_to_response(template_name, {'location': location}, context_instance=RequestContext(request)) else: raise Http403
def print_details(request, id, template_name="stories/print_details.html"): story = get_object_or_404(Story, pk=id) if not has_view_perm(request.user, 'stories.view_story', story): raise Http403 EventLog.objects.log(instance=story) return render_to_response(template_name, {'story': story}, context_instance=RequestContext(request))
def index(request, slug=None, id=None, hash=None, template_name="pages/view.html"): """ Return page object, either as an archive, active, or version. """ if not slug and not id and not hash: return HttpResponseRedirect(reverse('page.search')) if hash: version = get_object_or_404(Version, hash=hash) current_page = get_object_or_404(Page, pk=version.object_id) page = version.get_version_object() msg_string = 'You are viewing a previous version of this article. View the ' + \ '<a href="%s">Current Version</a>.' % current_page.get_absolute_url() messages.add_message(request, messages.WARNING, _(msg_string)) elif id: page = get_object_or_404(Page, pk=id) if page.status_detail != 'active': if not request.user.is_authenticated(): pages = Page.objects.filter( slug=page.slug, status_detail='active').order_by('-pk') if not pages: pages = Page.objects.filter(slug=slug).order_by('-pk') if not pages: raise Http404 return HttpResponseRedirect(reverse('page', args=[page.slug])) else: try: page = get_object_or_404(Page, slug=slug) except Page.MultipleObjectsReturned: pages = Page.objects.filter(slug=slug, status_detail='active').order_by('-pk') if not pages: pages = Page.objects.filter(slug=slug).order_by('-pk') if not pages: raise Http404 page = pages[0] if not has_view_perm(request.user, 'pages.view_page', page): raise Http403 if not page.template or not template_exists(page.template): page.template = "pages/base.html" EventLog.objects.log(instance=page) return render_to_response(template_name, { 'page': page, 'association_name': get_association_name(request) }, context_instance=RequestContext(request))
def print_view(request, slug, template_name="resumes/print-view.html"): resume = get_object_or_404(Resume, slug=slug) EventLog.objects.log(instance=resume) if has_view_perm(request.user,'resumes.view_resume',resume): return render_to_response(template_name, {'resume': resume}, context_instance=RequestContext(request)) else: raise Http403
def print_view(request, id, template_name="locations/print-view.html"): location = get_object_or_404(Location, pk=id) if has_view_perm(request.user,'locations.view_location',location): EventLog.objects.log(instance=location) return render_to_response(template_name, {'location': location}, context_instance=RequestContext(request)) else: raise Http403
def print_view(request, slug, template_name="resumes/print-view.html"): resume = get_object_or_404(Resume, slug=slug) EventLog.objects.log(instance=resume) if has_view_perm(request.user,'resumes.view_resume',resume): return render_to_resp(request=request, template_name=template_name, context={'resume': resume}) else: raise Http403
def detail(request, slug, template_name="help_files/details.html"): """Help file details""" help_file = get_object_or_404(HelpFile, slug=slug) if has_view_perm(request.user, 'help_files.view_helpfile', help_file): HelpFile.objects.filter(pk=help_file.pk).update(view_totals=help_file.view_totals+1) EventLog.objects.log(instance=help_file) return render_to_resp(request=request, template_name=template_name, context={'help_file': help_file}) else: raise Http403
def details(request, id=None, template_name="stories/view.html"): if not id: return HttpResponseRedirect(reverse('story.search')) story = get_object_or_404(Story, pk=id) if not has_view_perm(request.user,'stories.view_story', story): raise Http403 EventLog.objects.log(instance=story) return render_to_response(template_name, {'story': story}, context_instance=RequestContext(request))
def print_view(request, id, template_name="files/print-view.html"): file = get_object_or_404(File, pk=id) # check permission if not has_view_perm(request.user, 'files.view_file', file): raise Http403 return render_to_response( template_name, { 'file': file }, context_instance=RequestContext(request))
def details(request, id=None, template_name="stories/view.html"): if not id: return HttpResponseRedirect(reverse('story.search')) story = get_object_or_404(Story, pk=id) if not has_view_perm(request.user, 'stories.view_story', story): raise Http403 EventLog.objects.log(instance=story) return render_to_response(template_name, {'story': story}, context_instance=RequestContext(request))
def details(request, slug=None, template_name="directories/view.html"): if not slug: return HttpResponseRedirect(reverse('directories')) directory = get_object_or_404(Directory, slug=slug) if has_view_perm(request.user,'directories.view_directory',directory): EventLog.objects.log(instance=directory) return render_to_response(template_name, {'directory': directory}, context_instance=RequestContext(request)) else: raise Http403
def print_view(request, id, template_name="locations/print-view.html"): location = get_object_or_404(Location, pk=id) if has_view_perm(request.user, 'locations.view_location', location): EventLog.objects.log(instance=location) return render_to_resp(request=request, template_name=template_name, context={'location': location}) else: raise Http403
def print_view(request, slug, template_name="jobs/print-view.html"): job = get_object_or_404(Job, slug=slug) can_view = has_view_perm(request.user, 'jobs.view_job', job) if can_view: EventLog.objects.log(instance=job) return render_to_response(template_name, {'job': job}, context_instance=RequestContext(request)) else: raise Http403
def details(request, slug=None, template_name="directories/view.html"): if not slug: return HttpResponseRedirect(reverse('directories')) directory = get_object_or_404(Directory, slug=slug) if has_view_perm(request.user, 'directories.view_directory', directory) \ or directory.has_membership_with(request.user): EventLog.objects.log(instance=directory) return render_to_resp(request=request, template_name=template_name, context={'directory': directory}) raise Http403
def detail(request, slug, template_name="help_files/details.html"): """Help file details""" help_file = get_object_or_404(HelpFile, slug=slug) if has_view_perm(request.user, 'help_files.view_helpfile', help_file): HelpFile.objects.filter(pk=help_file.pk).update( view_totals=help_file.view_totals + 1) EventLog.objects.log(instance=help_file) return render_to_response(template_name, {'help_file': help_file}, context_instance=RequestContext(request)) else: raise Http403
def index(request, slug=None, id=None, hash=None, template_name="pages/view.html"): """ Return page object, either as an archive, active, or version. """ if not slug and not id and not hash: return HttpResponseRedirect(reverse('page.search')) if hash: version = get_object_or_404(Version, hash=hash) current_page = get_object_or_404(Page, pk=version.object_id) page = version.get_version_object() msg_string = 'You are viewing a previous version of this article. View the ' + \ '<a href="%s">Current Version</a>.' % current_page.get_absolute_url() messages.add_message(request, messages.WARNING, _(msg_string)) elif id: page = get_object_or_404(Page, pk=id) if page.status_detail != 'active': if not request.user.is_authenticated(): pages = Page.objects.filter( slug=page.slug, status_detail='active' ).order_by('-pk') if not pages: pages = Page.objects.filter(slug=slug).order_by('-pk') if not pages: raise Http404 return HttpResponseRedirect(reverse('page', args=[page.slug])) else: try: page = get_object_or_404(Page, slug=slug) except Page.MultipleObjectsReturned: pages = Page.objects.filter( slug=slug, status_detail='active' ).order_by('-pk') if not pages: pages = Page.objects.filter(slug=slug).order_by('-pk') if not pages: raise Http404 page = pages[0] if not has_view_perm(request.user, 'pages.view_page', page): raise Http403 if not page.template or not template_exists(page.template): page.template = "pages/base.html" EventLog.objects.log(instance=page) return render_to_response(template_name, {'page': page}, context_instance=RequestContext(request))
def detail(request, slug=None, template_name="jobs/view.html"): if not slug: return HttpResponseRedirect(reverse('jobs')) job = get_object_or_404(Job.objects.select_related(), slug=slug) can_view = has_view_perm(request.user, 'jobs.view_job', job) if can_view: EventLog.objects.log(instance=job) return render_to_response(template_name, {'job': job}, context_instance=RequestContext(request)) else: raise Http403
def sizes(request, id, size_name='', template_name="photos/sizes.html"): """ Show all photo sizes """ # security-check on size name if not size_name: return redirect('photo_square', id=id) photo = get_object_or_404(Image, id=id) if not has_view_perm(request.user, 'photos.view_image', photo): raise Http403 # get sizes if size_name == 'original': sizes = (photo.image.width, photo.image.height) else: # use photos size table if not photo.file_exists(): raise Http404 sizes = getattr(photo, 'get_%s_size' % size_name)() if not sizes or not all(sizes): raise Http404 # get download url if size_name == 'square': source_url = reverse('photo.size', kwargs={'id':id, 'crop':'crop', 'size':"%sx%s" % sizes}) download_url = reverse('photo_crop_download', kwargs={'id':id, 'size':"%sx%s" % sizes}) else: source_url = reverse('photo.size', kwargs={'id':id, 'size':"%sx%s" % sizes}) download_url = reverse('photo_download', kwargs={'id':id, 'size':"%sx%s" % sizes}) try: original_source_url = reverse('photo.size', kwargs={'id':id, 'size':"%sx%s" % (photo.image.width, photo.image.height)}) except TypeError: # exception happens if image is corrupted. maybe it should raise 404 here? original_source_url = '' view_original_requirments = [ request.user.profile.is_superuser, request.user == photo.creator, request.user == photo.owner, photo.get_license().name != 'All Rights Reserved', ] return render_to_resp(request=request, template_name=template_name, context={ "photo": photo, "size_name": size_name.replace("_"," "), "download_url": download_url, "source_url": source_url, "original_source_url": original_source_url, "can_view_original": any(view_original_requirments), })
def index(request, slug=None, template_name="resumes/view.html"): if not get_setting('module', 'resumes', 'enabled'): redirect = get_object_or_404(Redirect, from_app='resumes') return HttpResponseRedirect('/' + redirect.to_url) if not slug: return HttpResponseRedirect(reverse('resume.search')) resume = get_object_or_404(Resume, slug=slug) if has_view_perm(request.user,'resumes.view_resume',resume): EventLog.objects.log() return render_to_response(template_name, {'resume': resume}, context_instance=RequestContext(request)) else: raise Http403
def index(request, slug=None, template_name="resumes/view.html"): if not get_setting('module', 'resumes', 'enabled'): redirect = get_object_or_404(Redirect, from_app='resumes') return HttpResponseRedirect('/' + redirect.to_url) if not slug: return HttpResponseRedirect(reverse('resume.search')) resume = get_object_or_404(Resume, slug=slug) if has_view_perm(request.user,'resumes.view_resume',resume): EventLog.objects.log() return render_to_resp(request=request, template_name=template_name, context={'resume': resume}) else: raise Http403
def print_view(request, slug, template_name="articles/print-view.html"): article = get_object_or_404(Article, slug=slug) if article.release_dt >= datetime.now(): if not any([ has_perm(request.user, 'articles.view_article'), request.user == article.owner, request.user == article.creator ]): raise Http403 if has_view_perm(request.user, 'articles.view_article', article): EventLog.objects.log(instance=article) return render_to_response(template_name, {'article': article}, context_instance=RequestContext(request)) else: raise Http403
def resume_file(request, slug=None, template_name="resumes/view.html"): if not slug: return HttpResponseRedirect(reverse('resume.search')) resume = get_object_or_404(Resume, slug=slug) if has_view_perm(request.user,'resumes.view_resume',resume): if resume.resume_file: EventLog.objects.log(instance=resume) response = HttpResponse(resume.resume_file) response['Content-Disposition'] = 'attachment; filename="%s"' % (os.path.basename(unicode(resume.resume_file))) return response else: return HttpResponseRedirect(reverse('resume.search')) else: raise Http403
def resume_file(request, slug=None, template_name="resumes/view.html"): if not slug: return HttpResponseRedirect(reverse('resume.search')) resume = get_object_or_404(Resume, slug=slug) if has_view_perm(request.user,'resumes.view_resume',resume): if resume.resume_file: EventLog.objects.log(instance=resume) response = HttpResponse(resume.resume_file) response['Content-Disposition'] = 'attachment; filename="%s"' % (os.path.basename(str(resume.resume_file))) return response else: return HttpResponseRedirect(reverse('resume.search')) else: raise Http403
def sizes(request, id, size_name='', template_name="photos/sizes.html"): """ Show all photo sizes """ # security-check on size name if not size_name: return redirect('photo_square', id=id) photo = get_object_or_404(Image, id=id) if not has_view_perm(request.user, 'photos.view_image', photo): raise Http403 # get sizes if size_name == 'original': sizes = (photo.image.width, photo.image.height) else: # use photos size table if not photo.file_exists(): raise Http404 sizes = getattr(photo, 'get_%s_size' % size_name)() # get download url if size_name == 'square': source_url = reverse('photo.size', kwargs={'id':id, 'crop':'crop', 'size':"%sx%s" % sizes}) download_url = reverse('photo_crop_download', kwargs={'id':id, 'size':"%sx%s" % sizes}) else: source_url = reverse('photo.size', kwargs={'id':id, 'size':"%sx%s" % sizes}) download_url = reverse('photo_download', kwargs={'id':id, 'size':"%sx%s" % sizes}) try: original_source_url = reverse('photo.size', kwargs={'id':id, 'size':"%sx%s" % (photo.image.width, photo.image.height)}) except TypeError: # exception happens if image is corrupted. maybe it should raise 404 here? original_source_url = '' view_original_requirments = [ request.user.profile.is_superuser, request.user == photo.creator, request.user == photo.owner, photo.get_license().name != 'All Rights Reserved', ] return render_to_response(template_name, { "photo": photo, "size_name": size_name.replace("_"," "), "download_url": download_url, "source_url": source_url, "original_source_url": original_source_url, "can_view_original": any(view_original_requirments), }, context_instance=RequestContext(request))
def print_view(request, slug, template_name="articles/print-view.html"): article = get_object_or_404(Article, slug=slug) if article.release_dt >= datetime.now(): if not any([ has_perm(request.user, 'articles.view_article'), request.user == article.owner, request.user == article.creator ]): raise Http403 if has_view_perm(request.user, 'articles.view_article', article): EventLog.objects.log(instance=article) return render_to_resp(request=request, template_name=template_name, context={'article': article}) else: raise Http403
def detail(request, slug=None, template_name="case_studies/view.html"): if not slug: return HttpResponseRedirect(reverse('case_study')) case_study = get_object_or_404(CaseStudy, slug=slug) services = Service.objects.all() technologies = Technology.objects.all() # non-admin can not view the non-active content # status=0 has been taken care of in the has_perm function if (case_study.status_detail).lower() <> 'active' and (not request.user.profile.is_superuser): raise Http403 if has_view_perm(request.user, 'case_studies.view_casestudy', case_study): EventLog.objects.log(instance=case_study) return render_to_response(template_name, {'case_study': case_study, 'services': services, 'technologies': technologies}, context_instance=RequestContext(request)) else: raise Http403
def detail(request, slug=None, template_name="case_studies/view.html"): if not slug: return HttpResponseRedirect(reverse('case_study')) case_study = get_object_or_404(CaseStudy, slug=slug) services = Service.objects.all() technologies = Technology.objects.all() # non-admin can not view the non-active content # status=0 has been taken care of in the has_perm function if (case_study.status_detail).lower() != 'active' and (not request.user.profile.is_superuser): raise Http403 if has_view_perm(request.user, 'case_studies.view_casestudy', case_study): EventLog.objects.log(instance=case_study) return render_to_resp(request=request, template_name=template_name, context={'case_study': case_study, 'services': services, 'technologies': technologies}) else: raise Http403
def detail(request, id=None, template_name="locations/view.html"): if not id: return HttpResponseRedirect(reverse('locations')) try: int_id = int(id) except: int_id = 0 try: location = get_object_or_404(Location, slug=id) except Http404: location = get_object_or_404(Location, pk=int_id) return HttpResponseRedirect(location.get_absolute_url()) if has_view_perm(request.user,'locations.view_location',location): EventLog.objects.log(instance=location) return render_to_response(template_name, {'location': location}, context_instance=RequestContext(request)) else: raise Http403
def detail(request, id=None, template_name="locations/view.html"): if not id: return HttpResponseRedirect(reverse('locations')) try: int_id = int(id) except: int_id = 0 try: location = get_object_or_404(Location, slug=id) except Http404: location = get_object_or_404(Location, pk=int_id) return HttpResponseRedirect(location.get_absolute_url()) if has_view_perm(request.user, 'locations.view_location', location): EventLog.objects.log(instance=location) return render_to_response(template_name, {'location': location}, context_instance=RequestContext(request)) else: raise Http403
def detail(request, slug=None, cv=None): """Staff plugin details view""" staff = get_object_or_404(Staff, slug=slug) # non-admin can not view the non-active content # status=0 has been taken care of in the has_perm function if (staff.status_detail).lower() <> 'active' and (not request.user.profile.is_superuser): raise Http403 if cv: template_name="staff/cv.html" else: template_name="staff/view.html" if has_view_perm(request.user, 'staff.view_staff', staff): EventLog.objects.log(instance=staff) return render_to_response(template_name, {'staff': staff}, context_instance=RequestContext(request)) else: raise Http403
def group_membership_self_remove(request, slug, user_id): group = get_object_or_404(Group, slug=slug) if not has_view_perm(request.user,'user_groups.view_group', group) and not group.allow_self_remove: raise Http403 user = get_object_or_404(User, pk=user_id) group_membership = GroupMembership.objects.filter(member=user, group=group) if group_membership: group_membership = group_membership[0] if group_membership.member == user: EventLog.objects.log(instance=group_membership) group_membership.delete() messages.add_message(request, messages.SUCCESS, _('Successfully removed yourself from group %(grp)s' % {'grp':group})) else: messages.add_message(request, messages.INFO, _('You are not in the group %(grp)s' % {'grp': group})) return HttpResponseRedirect(reverse('group.search'))
def files(request, id): """ Returns file. Allows us to handle privacy. If default storage is remote: We can get data from remote location, convert to file object and return a file response. """ import os import mimetypes from django.http import Http404 from django.core.files.base import ContentFile from django.core.files.storage import default_storage from tendenci.apps.perms.utils import has_view_perm from tendenci.apps.forms_builder.forms.models import FieldEntry field = get_object_or_404(FieldEntry, pk=id) form = field.field.form base_name = os.path.basename(field.value) mime_type = mimetypes.guess_type(base_name)[0] if not has_view_perm(request.user, 'forms.view_form', form): raise Http403 if not mime_type: raise Http404 if not default_storage.exists(field.value): raise Http404 data = default_storage.open(field.value).read() f = ContentFile(data) EventLog.objects.log() response = HttpResponse(f.read(), content_type=mime_type) response['Content-Disposition'] = 'filename="%s"' % base_name return response