def bulk_add(request, template_name="files/bulk-add.html"): if not has_perm(request.user, "files.add_file"): raise Http403 FileFormSet = modelformset_factory( File, form=FileForm, can_delete=True, fields=("name", "allow_anonymous_view", "user_perms", "member_perms", "group_perms", "status"), extra=0, ) if request.method == "POST": # Setup formset html for json response file_list = [] file_formset = FileFormSet(request.POST) if file_formset.is_valid(): file_formset.save() else: # Handle formset errors return render_to_response( template_name, {"file_formset": file_formset}, context_instance=RequestContext(request) ) formset_edit = True # Handle existing files. Instance returned by file_formset.save() is not enough for num in xrange(file_formset.total_form_count()): key = "form-" + str(num) + "-id" if request.POST.get(key): file_list.append(request.POST.get(key)) # Handle new file uploads for file in request.FILES.getlist("files"): newFile = File(file=file) # set up the user information newFile.creator = request.user newFile.creator_username = request.user.username newFile.owner = request.user newFile.owner_username = request.user.username newFile.save() file_list.append(newFile.id) formset_edit = False # Redirect if form_set is edited i.e. not a file select or drag event if formset_edit: return HttpResponseRedirect(reverse("file.search")) # Handle json response file_qs = File.objects.filter(id__in=file_list) file_formset = FileFormSet(queryset=file_qs) html = render_to_response( "files/file-formset.html", {"file_formset": file_formset}, context_instance=RequestContext(request) ).content data = {"form_set": html} response = JSONResponse(data, {}, "application/json") response["Content-Disposition"] = "inline; filename=files.json" return response else: file_formset = FileFormSet({"form-TOTAL_FORMS": u"0", "form-INITIAL_FORMS": u"0", "form-MAX_NUM_FORMS": u""}) return render_to_response(template_name, {"file_formset": file_formset}, context_instance=RequestContext(request))
def locations_import_preview(request, id, template_name='locations/import-map-fields.html'): """ This will generate a form based on the uploaded CSV for field mapping. A preview will be generated based on the mapping given. """ locport = get_object_or_404(LocationImport, pk=id) if request.method == 'POST': form = ImportMapForm(request.POST, locport=locport) if form.is_valid(): # Show the user a preview based on the mapping cleaned_data = form.cleaned_data #file_path = os.path.join(settings.MEDIA_ROOT, locport.get_file().file.name) file_path = locport.get_file().file.name locations, stats = parse_locs_from_csv(file_path, cleaned_data) # return the form to use it for the confirm view template_name = 'locations/import-preview.html' return render_to_response(template_name, { 'locations': locations, 'stats': stats, 'locport': locport, 'form': form, 'now': datetime.now(), }, context_instance=RequestContext(request)) else: form = ImportMapForm(locport=locport) return render_to_response(template_name, { 'form': form, 'locport': locport, 'now': datetime.now(), }, context_instance=RequestContext(request))
def edit(request, id, form_class=DirectoryForm, template_name="directories/edit.html"): directory = get_object_or_404(Directory, pk=id) if not has_perm(request.user,'directories.change_directory', directory): raise Http403 form = form_class(request.POST or None, request.FILES or None, instance=directory, user=request.user) del form.fields['payment_method'] if not request.user.profile.is_superuser: del form.fields['pricing'] del form.fields['list_type'] if request.method == "POST": if form.is_valid(): directory = form.save(commit=False) if directory.logo: try: directory.logo.file.seek(0) except IOError: directory.logo = None # update all permissions and save the model directory = update_perms_and_save(request, form, directory) # resize the image that has been uploaded if directory.logo: if settings.USE_S3_STORAGE: resize_s3_image(directory.logo.name) else: try: logo = Image.open(directory.logo.path) logo.thumbnail((200,200),Image.ANTIALIAS) logo.save(directory.logo.path) except: pass messages.add_message(request, messages.SUCCESS, 'Successfully updated %s' % directory) return HttpResponseRedirect(reverse('directory', args=[directory.slug])) else: form = form_class(instance=directory, user=request.user) return render_to_response(template_name, {'directory': directory, 'form':form}, context_instance=RequestContext(request)) return render_to_response(template_name, {'directory': directory, 'form':form}, context_instance=RequestContext(request))
def search(request, template_name="articles/search.html"): get = dict(request.GET) query = get.pop('q', []) get.pop('page', None) # pop page query string out; page ruins pagination query_extra = ['%s:%s' % (k, v[0]) for k, v in get.items() if v[0].strip()] query = ' '.join(query) if query_extra: query = '%s %s' % (query, ' '.join(query_extra)) if get_setting('site', 'global', 'searchindex') and query: articles = Article.objects.search(query, user=request.user) else: filters = get_query_filters(request.user, 'articles.view_article') articles = Article.objects.filter(filters).distinct() if not request.user.is_anonymous(): articles = articles.select_related() if not has_perm(request.user, 'articles.view_article'): articles = articles.filter(release_dt__lte=datetime.now()) articles = articles.order_by('-release_dt') EventLog.objects.log() # Query list of category and subcategory for dropdown filters category = request.GET.get('category') try: category = int(category) except: category = 0 categories, sub_categories = Article.objects.get_categories(category=category) return render_to_response(template_name, {'articles': articles, 'categories': categories, 'sub_categories': sub_categories}, context_instance=RequestContext(request))
def edit_meta(request, id, form_class=MetaForm, template_name="articles/edit-meta.html"): # check permission article = get_object_or_404(Article, pk=id) if not has_perm(request.user, 'articles.change_article', article): raise Http403 defaults = { 'title': article.get_title(), 'description': article.get_description(), 'keywords': article.get_keywords(), 'canonical_url': article.get_canonical_url(), } article.meta = MetaTags(**defaults) if request.method == "POST": form = form_class(request.POST, instance=article.meta) if form.is_valid(): article.meta = form.save() # save meta article.save() # save relationship messages.add_message(request, messages.SUCCESS, 'Successfully updated meta for %s' % article) return HttpResponseRedirect(reverse('article', args=[article.slug])) else: form = form_class(instance=article.meta) return render_to_response(template_name, {'article': article, 'form': form}, context_instance=RequestContext(request))
def add(request, form_class=ArticleForm, template_name="articles/add.html"): if has_perm(request.user, 'articles.add_article'): if request.method == "POST": form = form_class(request.POST, user=request.user) if form.is_valid(): article = form.save(commit=False) # add all permissions and save the model update_perms_and_save(request, form, article) messages.add_message(request, messages.SUCCESS, 'Successfully added %s' % article) # send notification to administrator(s) and module recipient(s) recipients = get_notice_recipients('module', 'articles', 'articlerecipients') if recipients and notification: notification.send_emails(recipients, 'article_added', { 'object': article, 'request': request, }) return HttpResponseRedirect(reverse('article', args=[article.slug])) else: form = form_class(user=request.user) return render_to_response(template_name, {'form': form}, context_instance=RequestContext(request)) else: raise Http403
def nearest(request, template_name="locations/nearest.html"): locations = [] lat, lng = None, None query = request.GET.get('q') filters = get_query_filters(request.user, 'locations.view_location') if query: lat, lng = get_coordinates(address=query) all_locations = Location.objects.filter(filters).distinct() if not request.user.is_anonymous(): all_locations = all_locations.select_related() if all((lat,lng)): for location in all_locations: location.distance = location.get_distance2(lat, lng) if location.distance != None: locations.append(location) locations.sort(key=lambda x: x.distance) EventLog.objects.log() return render_to_response(template_name, { 'locations':locations, 'origin': {'lat':lat,'lng':lng}, }, context_instance=RequestContext(request))
def delete(request, id, template_name="articles/delete.html"): article = get_object_or_404(Article, pk=id) if has_perm(request.user, 'articles.delete_article'): if request.method == "POST": messages.add_message(request, messages.SUCCESS, 'Successfully deleted %s' % article) # send notification to administrators recipients = get_notice_recipients('module', 'articles', 'articlerecipients') if recipients: if notification: extra_context = { 'object': article, 'request': request, } notification.send_emails(recipients, 'article_deleted', extra_context) article.delete() return HttpResponseRedirect(reverse('article.search')) return render_to_response(template_name, {'article': article}, context_instance=RequestContext(request)) else: raise Http403
def memberphotos(request, username, template_name="photos/memberphotos.html", group_slug=None, bridge=None): """ Get the members photos and display them """ if bridge: try: group = bridge.get_group(group_slug) except ObjectDoesNotExist: raise Http404 else: group = None user = get_object_or_404(User, username=username) photos = Image.objects.filter( member__username = username, is_public = True ) if group: photos = group.content_objects(photos, join="pool") else: photos = photos.filter(pool__object_id=None) photos = photos.order_by("-date_added") return render_to_response(template_name, { "group": group, "photos": photos, }, context_instance=RequestContext(request))
def edit(request, id, form_class=NewsForm, template_name="news/edit.html"): news = get_object_or_404(News, pk=id) # check permission if not has_perm(request.user, 'news.change_news', news): raise Http403 form = form_class(instance=news, user=request.user) if request.method == "POST": form = form_class(request.POST, request.FILES, instance=news, user=request.user) if form.is_valid(): news = form.save(commit=False) # update all permissions and save the model news = update_perms_and_save(request, form, news) # save photo photo = form.cleaned_data['photo_upload'] if photo: news.save(photo=photo) assign_files_perms(news, files=[news.thumbnail]) messages.add_message(request, messages.SUCCESS, 'Successfully updated %s' % news) return HttpResponseRedirect(reverse('news.detail', args=[news.slug])) return render_to_response(template_name, {'news': news, 'form': form}, context_instance=RequestContext(request))
def export(request, template_name="locations/export.html"): """Export Locations""" if not request.user.is_superuser: raise Http403 if request.method == 'POST': # initilize initial values fields = [ 'guid', 'location_name', 'description', 'contact', 'address', 'address2', 'city', 'state', 'zipcode', 'country', 'phone', 'fax', 'email', 'website', 'latitude', 'longitude', 'hq', 'entity', ] export_id = run_export_task('locations', 'location', fields) EventLog.objects.log() return redirect('export.status', export_id) return render_to_response(template_name, { }, context_instance=RequestContext(request))
def pricing_add(request, form_class=JobPricingForm, template_name="jobs/pricing-add.html"): if has_perm(request.user, 'jobs.add_jobpricing'): if request.method == "POST": form = form_class(request.POST) if form.is_valid(): job_pricing = form.save(commit=False) job_pricing.status = 1 job_pricing.save(request.user) EventLog.objects.log(instance=job_pricing) if "_popup" in request.REQUEST: return HttpResponse('<script type="text/javascript">opener.dismissAddAnotherPopup(window, "%s", "%s");</script>' % (escape(job_pricing.pk), escape(job_pricing))) return HttpResponseRedirect( reverse('job_pricing.view', args=[job_pricing.id])) else: form = form_class() if "_popup" in request.REQUEST: template_name="jobs/pricing-add-popup.html" return render_to_response(template_name, {'form': form}, context_instance=RequestContext(request)) else: raise Http403
def add(request, form_class=LocationForm, template_name="locations/add.html"): if has_perm(request.user,'locations.add_location'): if request.method == "POST": form = form_class(request.POST, request.FILES, user=request.user) if form.is_valid(): location = form.save(commit=False) # update all permissions and save the model location = update_perms_and_save(request, form, location) if 'photo_upload' in form.cleaned_data: photo = form.cleaned_data['photo_upload'] if photo: location.save(photo=photo) messages.add_message(request, messages.SUCCESS, 'Successfully added %s' % location) return HttpResponseRedirect(reverse('location', args=[location.pk])) else: form = form_class(user=request.user) return render_to_response(template_name, {'form':form}, context_instance=RequestContext(request)) else: raise Http403
def locations_import_upload(request, template_name='locations/import-upload-file.html'): """ This is the upload view for the location imports. This will upload the location import file and then redirect the user to the import mapping/preview page of the import file """ if request.method == 'POST': form = UploadForm(request.POST, request.FILES) if form.is_valid(): cleaned_data = form.cleaned_data locport = LocationImport.objects.create(creator=request.user) csv = File.objects.save_files_for_instance(request, locport)[0] #file_path = os.path.join(settings.MEDIA_ROOT, csv.file.name) file_path = str(csv.file.name) import_valid, import_errs = is_import_valid(file_path) if not import_valid: for err in import_errs: messages.add_message(request, messages.ERROR, err) locport.delete() return redirect('locations_import_upload_file') EventLog.objects.log() # reset the password_promt session request.session['password_promt'] = False return redirect('locations_import_preview', locport.id) else: form = UploadForm() return render_to_response(template_name, { 'form': form, 'now': datetime.now(), }, context_instance=RequestContext(request))
def edit(request, id=None, form_class=HelpFileForm, template_name="help_files/edit.html"): help_file = get_object_or_404(HelpFile, pk=id) if has_perm(request.user,'help_files.change_helpfile', help_file): if request.method == "POST": form = form_class(request.POST, instance=help_file, user=request.user) if form.is_valid(): help_file = form.save(commit=False) # add all permissions and save the model help_file = update_perms_and_save(request, form, help_file) form.save_m2m() messages.add_message(request, messages.SUCCESS, 'Successfully edited %s' % help_file) # send notification to administrator(s) and module recipient(s) recipients = get_notice_recipients('module', 'help_files', 'helpfilerecipients') # if recipients and notification: # notification.send_emails(recipients,'help_file_added', { # 'object': help_file, # 'request': request, # }) return HttpResponseRedirect(reverse('help_file.details', args=[help_file.slug])) else: form = form_class(instance=help_file, user=request.user) return render_to_response(template_name, {'help_file': help_file, 'form':form}, context_instance=RequestContext(request)) else: raise Http403
def edit_meta(request, id, form_class=MetaForm, template_name="jobs/edit-meta.html"): # check permission job = get_object_or_404(Job, pk=id) if not has_perm(request.user, 'jobs.change_job', job): raise Http403 defaults = { 'title': job.get_title(), 'description': job.get_description(), 'keywords': job.get_keywords(), 'canonical_url': job.get_canonical_url(), } job.meta = MetaTags(**defaults) if request.method == "POST": form = form_class(request.POST, instance=job.meta) if form.is_valid(): job.meta = form.save() # save meta job.save() # save relationship msg_string = 'Successfully updated meta for %s' % job messages.add_message(request, messages.SUCCESS, _(msg_string)) return HttpResponseRedirect(reverse('job', args=[job.slug])) else: form = form_class(instance=job.meta) return render_to_response(template_name, {'job': job, 'form': form}, context_instance=RequestContext(request))
def photoset_add(request, form_class=PhotoSetAddForm, template_name="photos/photo-set/add.html"): """ Add a photo set """ # if no permission; permission exception if not has_perm(request.user,'photos.add_photoset'): raise Http403 if request.method == "POST": if request.POST["action"] == "add": form = form_class(request.POST, user=request.user) if form.is_valid(): photo_set = form.save(commit=False) photo_set.author = request.user # update all permissions and save the model photo_set = update_perms_and_save(request, form, photo_set) messages.add_message(request, messages.SUCCESS, 'Successfully added photo set!') return HttpResponseRedirect(reverse('photos_batch_add', kwargs={'photoset_id':photo_set.id})) else: form = form_class(user=request.user) return render_to_response(template_name, { "photoset_form": form, }, context_instance=RequestContext(request))
def photoset_details(request, id, template_name="photos/photo-set/details.html"): """ View photos in photo set """ photo_set = get_object_or_404(PhotoSet, id=id) if not has_view_perm(request.user, 'photos.view_photoset', photo_set): raise Http403 order = get_setting('module', 'photos', 'photoordering') #if order == 'descending': # photos = photo_set.get_images(user=request.user).order_by('-pk') #else: # photos = photo_set.get_images(user=request.user).order_by('pk') photos = photo_set.get_images(user=request.user).order_by("position") EventLog.objects.log(**{ 'event_id': 991500, 'event_data': '%s (%d) viewed by %s' % (photo_set._meta.object_name, photo_set.pk, request.user), 'description': '%s viewed' % photo_set._meta.object_name, 'user': request.user, 'request': request, 'instance': photo_set, }) return render_to_response(template_name, { "photos": photos, "photo_set": photo_set, }, context_instance=RequestContext(request))
def edit_meta(request, id, form_class=MetaForm, template_name="pages/edit-meta.html"): """ Return page that allows you to edit meta-html information. """ # check permission page = get_object_or_404(Page, pk=id) if not has_perm(request.user, 'pages.change_page', page): raise Http403 defaults = { 'title': page.get_title(), 'description': page.get_description(), 'keywords': page.get_keywords(), 'canonical_url': page.get_canonical_url(), } page.meta = MetaTags(**defaults) if request.method == "POST": form = form_class(request.POST, instance=page.meta) if form.is_valid(): page.meta = form.save() # save meta page.save() # save relationship messages.add_message(request, messages.SUCCESS, _('Successfully updated meta for %(p)s' % {'p': unicode(page)})) return HttpResponseRedirect(reverse('page', args=[page.slug])) else: form = form_class(instance=page.meta) return render_to_response(template_name, {'page': page, 'form': form}, context_instance=RequestContext(request))
def index(request, template_name="help_files/index.html"): """List all topics and all links""" topic_pks = [] filters = get_query_filters(request.user, 'help_files.view_helpfile') # Access the join table and iterate over a dict to avoid # n+1 queries to get all of the correct topics. byhelpfile = {} for tp in HelpFile_Topics.objects.select_related('helpfile', 'topic').all(): byhelpfile.setdefault(tp.helpfile.id, []).append(tp.topic) # Use stored lists for hf in HelpFile.objects.filter(filters).distinct(): if byhelpfile.get(hf.id, ''): for topic in byhelpfile[hf.id]: topic_pks.append(topic.pk) topic_pks = sorted(list(set(topic_pks))) topics = Topic.objects.filter(pk__in=topic_pks) m = len(topics) / 2 topics = topics[:m], topics[m:] # two columns most_viewed = HelpFile.objects.filter(filters).order_by('-view_totals').distinct()[:5] featured = HelpFile.objects.filter(filters).filter(is_featured=True).distinct()[:5] faq = HelpFile.objects.filter(filters).filter(is_faq=True).distinct()[:3] EventLog.objects.log() return render_to_response(template_name, locals(), context_instance=RequestContext(request))
def delete(request, id, template_name="news/delete.html"): news = get_object_or_404(News, pk=id) # check permission if not has_perm(request.user, 'news.delete_news'): raise Http403 if request.method == "POST": messages.add_message(request, messages.SUCCESS, 'Successfully deleted %s' % news) # send notification to administrators recipients = get_notice_recipients('module', 'news', 'newsrecipients') if recipients: if notification: extra_context = { 'object': news, 'request': request, } notification.send_emails(recipients, 'news_deleted', extra_context) news.delete() return HttpResponseRedirect(reverse('news.search')) return render_to_response(template_name, {'news': news}, context_instance=RequestContext(request))
def search(request, template_name="resumes/search.html"): """ This page lists out all resumes from newest to oldest. If a search index is available, this page will also have the option to search through resumes. """ has_index = get_setting('site', 'global', 'searchindex') query = request.GET.get('q', None) if has_index and query: resumes = Resume.objects.search(query, user=request.user) else: filters = get_query_filters(request.user, 'resumes.view_resume') resumes = Resume.objects.filter(filters).distinct() if request.user.is_authenticated(): resumes = resumes.select_related() resumes = resumes.order_by('-create_dt') EventLog.objects.log(**{ 'event_id' : 354000, 'event_data': '%s searched by %s' % ('Resume', request.user), 'description': '%s searched' % 'Resume', 'user': request.user, 'request': request, 'source': 'resumes' }) return render_to_response(template_name, {'resumes':resumes}, context_instance=RequestContext(request))
def delete(request, id, template_name="jobs/delete.html"): job = get_object_or_404(Job, pk=id) if has_perm(request.user, 'jobs.delete_job', job): if request.method == "POST": msg_string = 'Successfully deleted %s' % job messages.add_message(request, messages.SUCCESS, _(msg_string)) # send notification to administrators recipients = get_notice_recipients( 'module', 'jobs', 'jobrecipients') if recipients: if notification: extra_context = { 'object': job, 'request': request, } notification.send_emails(recipients, 'job_deleted', extra_context) job.delete() return HttpResponseRedirect(reverse('job.search')) return render_to_response(template_name, {'job': job}, context_instance=RequestContext(request)) else: raise Http403
def export(request, template_name="pages/export.html"): """Export Pages""" if not request.user.is_superuser: raise Http403 if request.method == 'POST': fields = [ 'guid', 'title', 'slug', 'header_image', 'content', 'view_contact_form', 'design_notes', 'syndicate', 'template', 'tags', 'entity', 'meta', 'categories', ] export_id = run_export_task('pages', 'page', fields) return redirect('export.status', export_id) return render_to_response(template_name, { }, context_instance=RequestContext(request))
def approve(request, id, template_name="resumes/approve.html"): if not request.user.profile.is_superuser: raise Http403 resume = get_object_or_404(Resume, pk=id) if request.method == "POST": resume.activation_dt = datetime.now() resume.allow_anonymous_view = True resume.status = True resume.status_detail = 'active' if not resume.creator: resume.creator = request.user resume.creator_username = request.user.username if not resume.owner: resume.owner = request.user resume.owner_username = request.user.username resume.save() messages.add_message(request, messages.SUCCESS, 'Successfully approved %s' % resume) return HttpResponseRedirect(reverse('resume', args=[resume.slug])) return render_to_response(template_name, {'resume': resume}, context_instance=RequestContext(request))
def photoset_zip(request, id, template_name="photos/photo-set/zip.html"): """ Generate zip file for the entire photo set for admins only. """ photo_set = get_object_or_404(PhotoSet, id=id) #admin only if not request.user.profile.is_superuser: raise Http403 file_path = "" task_id = "" if not settings.CELERY_IS_ACTIVE: task = ZipPhotoSetTask() file_path = task.run(photo_set) else: task = ZipPhotoSetTask.delay(photo_set) task_id = task.task_id return render_to_response(template_name, { "photo_set": photo_set, "task_id":task_id, "file_path":file_path, }, context_instance=RequestContext(request))
def delete(request, id, template_name="pages/delete.html"): page = get_object_or_404(Page, pk=id) if not has_perm(request.user, 'pages.delete_page'): raise Http403 if request.method == "POST": EventLog.objects.log(instance=page) messages.add_message(request, messages.SUCCESS, _('Successfully deleted %(p)s' % { 'p': unicode(page)})) # send notification to administrators recipients = get_notice_recipients('module', 'pages', 'pagerecipients') if recipients: if notification: extra_context = { 'object': page, 'request': request, } notification.send_emails(recipients, 'page_deleted', extra_context) # Soft delete page.status = False page.status_detail = 'inactive' page.save() return HttpResponseRedirect(reverse('page.search')) return render_to_response(template_name, {'page': page}, context_instance=RequestContext(request))
def export(request, template_name="help_files/export.html"): """Export Help Files""" if not request.user.is_superuser: raise Http403 if request.method == 'POST': # initilize initial values file_name = "help_files.csv" fields = [ 'slug', 'topics', 'question', 'answer', 'level', 'is_faq', 'is_featured', 'is_video', 'syndicate', 'view_totals', ] export_id = run_export_task('help_files', 'helpfile', fields) EventLog.objects.log() return redirect('export.status', export_id) return render_to_response(template_name, { }, context_instance=RequestContext(request))
def locations_import_confirm(request, id, template_name='locations/import-confirm.html'): """ Confirm the locations import and continue with the process. This can only be accessed via a hidden post form from the preview page. That will hold the original mappings selected by the user. """ locport = get_object_or_404(LocationImport, pk=id) if request.method == "POST": form = ImportMapForm(request.POST, locport=locport) if form.is_valid(): cleaned_data = form.cleaned_data file_path = str(locport.get_file().file.name) if not settings.CELERY_IS_ACTIVE: # if celery server is not present # evaluate the result and render the results page result = ImportLocationsTask() locations, stats = result.run(request.user, file_path, cleaned_data) return render_to_response(template_name, { 'locations': locations, 'stats': stats, 'now': datetime.now(), }, context_instance=RequestContext(request)) else: result = ImportLocationsTask.delay(request.user, file_path, cleaned_data) return redirect('locations_import_status', result.task_id) else: return redirect('locations_import_preview', locport.id)
def add(request, form_class=FormForm, template_name="forms/add.html"): if not has_perm(request.user,'forms.add_form'): raise Http403 PricingFormSet = inlineformset_factory(Form, Pricing, form=PricingForm, extra=2, can_delete=False) formset = PricingFormSet() if request.method == "POST": form = form_class(request.POST, user=request.user) if form.is_valid(): form_instance = form.save(commit=False) # save form and associated pricings form_instance = update_perms_and_save(request, form, form_instance) formset = PricingFormSet(request.POST, instance=form_instance) if formset.is_valid(): # update_perms_and_save does not appear to consider ManyToManyFields for method in form.cleaned_data['payment_methods']: form_instance.payment_methods.add(method) formset.save() messages.add_message(request, messages.SUCCESS, 'Successfully added %s' % form_instance) return HttpResponseRedirect(reverse('form_field_update', args=[form_instance.pk])) else: form = form_class(user=request.user) return render_to_response(template_name, { 'form':form, 'formset':formset, }, context_instance=RequestContext(request))
def details(request, slug=None, template_name="directories/view.html"): if not slug: return HttpResponseRedirect(reverse('directories')) directory = get_object_or_404(Directory, slug=slug) if has_view_perm(request.user,'directories.view_directory',directory): EventLog.objects.log(instance=directory) return render_to_response(template_name, {'directory': directory}, context_instance=RequestContext(request)) else: raise Http403
def report_top_spenders(request, template_name="reports/top_spenders.html"): """Show dollars per user report""" if not request.user.is_superuser: raise Http403 entry_list = User.objects.order_by('-profile__total_spend')[:10] return render_to_response(template_name, { 'entry_list': entry_list, }, context_instance=RequestContext(request))
def print_view(request, id, template_name="files/print-view.html"): file = get_object_or_404(File, pk=id) # check permission if not has_view_perm(request.user, 'files.view_file', file): raise Http403 return render_to_response( template_name, { 'file': file }, context_instance=RequestContext(request))
def form_sent(request, slug, template="forms/form_sent.html"): """ Show the response message. """ published = Form.objects.published(for_user=request.user) form = get_object_or_404(published, slug=slug) # set form's template to default if no template or template doesn't exist if not form.template or not template_exists(form.template): form.template = "default.html" context = {"form": form, "form_template": form.template} return render_to_response(template, context, RequestContext(request))
def entries_export_status(request, task_id, template_name="forms/entry_export_status.html"): try: task = TaskMeta.objects.get(task_id=task_id) except TaskMeta.DoesNotExist: task = None return render_to_response(template_name, { 'task':task, 'task_id':task_id, 'user_this':None, }, context_instance=RequestContext(request))
def pending(request, template_name="jobs/pending.html"): can_view_jobs = has_perm(request.user, 'jobs.view_job') can_change_jobs = has_perm(request.user, 'jobs.change_job') if not all([can_view_jobs, can_change_jobs]): raise Http403 EventLog.objects.log() jobs = Job.objects.filter(status_detail__contains='pending') return render_to_response(template_name, {'jobs': jobs}, context_instance=RequestContext(request))
def export(request, template_name="directories/export.html"): """Export Directories""" if not request.user.is_superuser: raise Http403 if request.method == 'POST': # initilize initial values file_name = "directories.csv" fields = [ 'guid', 'slug', 'timezone', 'headline', 'summary', 'body', 'source', 'logo', 'first_name', 'last_name', 'address', 'address2', 'city', 'state', 'zip_code', 'country', 'phone', 'phone2', 'fax', 'email', 'email2', 'website', 'list_type', 'requested_duration', 'pricing', 'activation_dt', 'expiration_dt', 'invoice', 'payment_method', 'syndicate', 'design_notes', 'admin_notes', 'tags', 'enclosure_url', 'enclosure_type', 'enclosure_length', 'entity', ] export_id = run_export_task('directories', 'directory', fields) EventLog.objects.log() return redirect('export.status', export_id) return render_to_response(template_name, { }, context_instance=RequestContext(request))
def entries(request, id, template_name="forms/entries.html"): form = get_object_or_404(Form, pk=id) if not has_perm(request.user,'forms.change_form',form): raise Http403 entries = form.entries.all() EventLog.objects.log(instance=form) return render_to_response(template_name, {'form':form,'entries': entries}, context_instance=RequestContext(request))
def print_view(request, slug, template_name="jobs/print-view.html"): job = get_object_or_404(Job, slug=slug) can_view = has_view_perm(request.user, 'jobs.view_job', job) if can_view: EventLog.objects.log(instance=job) return render_to_response(template_name, {'job': job}, context_instance=RequestContext(request)) else: raise Http403
def edit(request, id, form_class=FileForm, template_name="files/edit.html"): file = get_object_or_404(File, pk=id) # check permission if not has_perm(request.user, 'files.change_file', file): raise Http403 if request.method == "POST": form = form_class(request.POST, request.FILES, instance=file, user=request.user) if form.is_valid(): file = form.save(commit=False) # update all permissions and save the model file = update_perms_and_save(request, form, file) #setup categories category = Category.objects.get_for_object(file, 'category') sub_category = Category.objects.get_for_object( file, 'sub_category') ## update the category of the file category_removed = False category = file.file_cat.name if file.file_cat else None if category: Category.objects.update(file, category, 'category') else: # remove category_removed = True Category.objects.remove(file, 'category') Category.objects.remove(file, 'sub_category') if not category_removed: # update the sub category of the article sub_category = file.file_sub_cat.name if file.file_sub_cat else None if sub_category: Category.objects.update(file, sub_category, 'sub_category') else: # remove Category.objects.remove(file, 'sub_category') file.save() return HttpResponseRedirect(reverse('file.search')) else: form = form_class(instance=file, user=request.user) return render_to_response(template_name, { 'file': file, 'form': form, }, context_instance=RequestContext(request))
def export(request, template_name="forms/export.html"): """Export forms""" if not request.user.is_superuser: raise Http403 if request.method == 'POST': export_id = run_export_task('forms_builder.forms', 'form', []) EventLog.objects.log() return redirect('export.status', export_id) return render_to_response(template_name, { }, context_instance=RequestContext(request))
def detail(request, slug, template_name="help_files/details.html"): """Help file details""" help_file = get_object_or_404(HelpFile, slug=slug) if has_view_perm(request.user, 'help_files.view_helpfile', help_file): HelpFile.objects.filter(pk=help_file.pk).update( view_totals=help_file.view_totals + 1) EventLog.objects.log(instance=help_file) return render_to_response(template_name, {'help_file': help_file}, context_instance=RequestContext(request)) else: raise Http403
def search_report(request, template_name="invoices/search.html"): from django.db.models import Q def is_number(num): try: float(num) return True except ValueError: return False #query query = request.GET.get('q', None) invoices = Invoice.objects.all() if query: if is_number(query): invoices = invoices.filter( Q(pk=query) | Q(total=query) | Q(balance=query) | Q(title__icontains=query)) else: invoices = invoices.filter(Q(title__icontains=query)) #permissions if request.user.profile.is_superuser or has_perm(request.user, 'invoices.view_invoice'): invoices = invoices.order_by('object_type', '-create_dt') for i in invoices: #[0:2]: print i.title, i.object_id, i.object_type ct = ContentType.objects.get_for_model(Invoice) print ct, ct.__module__, ct.pk, i.pk # invoice_ids = invoices_objects.value_list('object_id', flat=True).filter(content_type = ct) # events = Invoice.objects.filter(pk__in=event_ids) # if i.object_type == 'registration': # print 'hello' # else: print 'not' print dir(ct) else: if request.user.is_authenticated(): invoices = invoices.filter( Q(creator=request.user) | Q(owner=request.user)).order_by('-create_dt') else: raise Http403 EventLog.objects.log() return render_to_response(template_name, { 'invoices': invoices, 'query': query }, context_instance=RequestContext(request))
def pending(request, template_name="directories/pending.html"): can_view_directories = has_perm(request.user, 'directories.view_directory') can_change_directories = has_perm(request.user, 'directories.change_directory') if not all([can_view_directories, can_change_directories]): raise Http403 directories = Directory.objects.filter(status_detail__contains='pending') EventLog.objects.log() return render_to_response(template_name, {'directories': directories}, context_instance=RequestContext(request))
def index(request, slug=None, id=None, hash=None, template_name="pages/view.html"): """ Return page object, either as an archive, active, or version. """ if not slug and not id and not hash: return HttpResponseRedirect(reverse('page.search')) if hash: version = get_object_or_404(Version, hash=hash) current_page = get_object_or_404(Page, pk=version.object_id) page = version.get_version_object() msg_string = 'You are viewing a previous version of this article. View the ' + \ '<a href="%s">Current Version</a>.' % current_page.get_absolute_url() messages.add_message(request, messages.WARNING, _(msg_string)) elif id: page = get_object_or_404(Page, pk=id) if page.status_detail != 'active': if not request.user.is_authenticated(): pages = Page.objects.filter( slug=page.slug, status_detail='active').order_by('-pk') if not pages: pages = Page.objects.filter(slug=slug).order_by('-pk') if not pages: raise Http404 return HttpResponseRedirect(reverse('page', args=[page.slug])) else: try: page = get_object_or_404(Page, slug=slug) except Page.MultipleObjectsReturned: pages = Page.objects.filter(slug=slug, status_detail='active').order_by('-pk') if not pages: pages = Page.objects.filter(slug=slug).order_by('-pk') if not pages: raise Http404 page = pages[0] if not has_view_perm(request.user, 'pages.view_page', page): raise Http403 if not page.template or not template_exists(page.template): page.template = "pages/base.html" EventLog.objects.log(instance=page) return render_to_response(template_name, {'page': page}, context_instance=RequestContext(request))
def pricing_view(request, id, template_name="directories/pricing-view.html"): directory_pricing = get_object_or_404(DirectoryPricing, id=id) if has_perm(request.user, 'directories.view_directorypricing', directory_pricing): EventLog.objects.log(instance=directory_pricing) return render_to_response(template_name, {'directory_pricing': directory_pricing}, context_instance=RequestContext(request)) else: raise Http403
def add(request, form_class=ResumeForm, template_name="resumes/add.html"): can_add_active = has_perm(request.user, 'resumes.add_resume') if request.method == "POST": form = form_class(request.POST or None, user=request.user) if form.is_valid(): resume = form.save(commit=False) # set it to pending if the user does not have add permission if not can_add_active: resume.status_detail = 'pending' # set up the expiration time based on requested duration now = datetime.now() resume.expiration_dt = now + timedelta( days=resume.requested_duration) resume = update_perms_and_save(request, form, resume) # we need to save instance first since we need the id for the file path if request.FILES: resume.resume_file = request.FILES['resume_file'] resume.resume_file.file.seek(0) resume.save() EventLog.objects.log(instance=resume) if request.user.is_authenticated(): messages.add_message( request, messages.SUCCESS, _('Successfully added %(r)s' % {'r': resume})) # send notification to administrators recipients = get_notice_recipients('module', 'resumes', 'resumerecipients') if recipients: if notification: extra_context = { 'object': resume, 'request': request, } notification.send_emails(recipients, 'resume_added', extra_context) if not request.user.is_authenticated(): return HttpResponseRedirect(reverse('resume.thank_you')) else: return HttpResponseRedirect( reverse('resume', args=[resume.slug])) else: form = form_class(user=request.user) return render_to_response(template_name, {'form': form}, context_instance=RequestContext(request))
def robots_txt(request): options = [ 'base/robots_private.txt', 'base/robots_public.txt', 'robots.txt' ] template_name = "robots.txt" robots_setting = get_setting('site', 'global', 'robotstxt') if robots_setting in options: template_name = robots_setting return render_to_response(template_name, {}, context_instance=RequestContext(request), mimetype="text/plain")
def edit(request, id, form_class=DirectoryForm, template_name="directories/edit.html"): directory = get_object_or_404(Directory, pk=id) if not has_perm(request.user,'directories.change_directory', directory): raise Http403 form = form_class(request.POST or None, request.FILES or None, instance=directory, user=request.user) del form.fields['payment_method'] if not request.user.profile.is_superuser: del form.fields['pricing'] del form.fields['list_type'] if request.method == "POST": if form.is_valid(): directory = form.save(commit=False) if directory.logo: try: directory.logo.file.seek(0) except IOError: directory.logo = None # update all permissions and save the model directory = update_perms_and_save(request, form, directory) messages.add_message(request, messages.SUCCESS, 'Successfully updated %s' % directory) return HttpResponseRedirect(reverse('directory', args=[directory.slug])) else: form = form_class(instance=directory, user=request.user) return render_to_response(template_name, {'directory': directory, 'form':form}, context_instance=RequestContext(request)) return render_to_response(template_name, {'directory': directory, 'form':form}, context_instance=RequestContext(request))
def detail(request, slug=None, template_name="jobs/view.html"): if not slug: return HttpResponseRedirect(reverse('jobs')) job = get_object_or_404(Job.objects.select_related(), slug=slug) can_view = has_view_perm(request.user, 'jobs.view_job', job) if can_view: EventLog.objects.log(instance=job) return render_to_response(template_name, {'job': job}, context_instance=RequestContext(request)) else: raise Http403
def detail(request, id, template_name="navs/detail.html"): nav = get_object_or_404(Nav, id=id) if not has_view_perm(request.user, 'navs.view_nav', nav): raise Http403 EventLog.objects.log(instance=nav) return render_to_response( template_name, {'current_nav': nav}, context_instance=RequestContext(request), )
def search(request, template_name="navs/search.html"): query = request.GET.get('q', None) filters = get_query_filters(request.user, 'navs.view_nav') navs = Nav.objects.filter(filters).distinct() if query: navs = navs.filter( Q(title__icontains=query) | Q(description__icontains=query)) EventLog.objects.log() return render_to_response(template_name, {'navs': navs}, context_instance=RequestContext(request))
def requests(request, template_name="help_files/request_list.html"): """ Display a list of help file requests """ if not has_perm(request.user, 'help_files.change_request'): raise Http403 requests = Request.objects.all() EventLog.objects.log() return render_to_response(template_name, { 'requests': requests, }, context_instance=RequestContext(request))
def addon_upload_process(request, sid, template_name="base/addon_upload_process.html"): if not sid in request.session: raise Http404 path = request.session[sid] if not default_storage.exists(path): messages.add_message(request, messages.SUCCESS, _('Addon upload complete.')) del request.session[sid] return redirect('dashboard') return render_to_response(template_name, {'sid': sid }, context_instance=RequestContext(request))
def search(request, template_name="directories/search.html"): filters = get_query_filters(request.user, 'directories.view_directory') directories = Directory.objects.filter(filters).distinct() cat = None category = None sub_category = None if not request.user.is_anonymous(): directories = directories.select_related() query = request.GET.get('q', None) # Handle legacy tag links if query and "tag:" in query: return HttpResponseRedirect( "%s?q=%s&search_category=tags__icontains" % (reverse('directories'), query.replace('tag:', ''))) form = DirectorySearchForm(request.GET, is_superuser=request.user.is_superuser) if form.is_valid(): cat = form.cleaned_data['search_category'] category = form.cleaned_data['category'] sub_category = form.cleaned_data['sub_category'] if query and cat: directories = directories.filter(**{cat: query}) if category: directories = directories.filter(categories__category__id=category) if sub_category: directories = directories.filter(categories__parent__id=sub_category) directories = directories.order_by('headline') EventLog.objects.log() try: category = int(category) except: category = 0 categories, sub_categories = Directory.objects.get_categories( category=category) return render_to_response(template_name, { 'directories': directories, 'categories': categories, 'form': form, 'sub_categories': sub_categories }, context_instance=RequestContext(request))
def photoset_edit(request, id, form_class=PhotoSetEditForm, template_name="photos/photo-set/edit.html"): from tendenci.core.perms.object_perms import ObjectPermission photo_set = get_object_or_404(PhotoSet, id=id) # if no permission; permission exception if not has_perm(request.user, 'photos.change_photoset', photo_set): raise Http403 if request.method == "POST": if request.POST["action"] == "edit": form = form_class(request.POST, instance=photo_set, user=request.user) if form.is_valid(): photo_set = form.save(commit=False) # update all permissions and save the model photo_set = update_perms_and_save(request, form, photo_set) # copy all privacy settings from photo set to photos Image.objects.filter(photoset=photo_set).update( **get_privacy_settings(photo_set)) # photo set group permissions group_perms = photo_set.perms.filter( group__isnull=False).values_list('group', 'codename') group_perms = tuple([(unicode(g), c.split('_')[0]) for g, c in group_perms]) photos = Image.objects.filter(photoset=photo_set) for photo in photos: ObjectPermission.objects.remove_all(photo) ObjectPermission.objects.assign_group(group_perms, photo) messages.add_message(request, messages.SUCCESS, _("Successfully updated photo set! ")) return HttpResponseRedirect( reverse('photoset_details', args=[photo_set.id])) else: form = form_class(instance=photo_set, user=request.user) return render_to_response(template_name, { 'photo_set': photo_set, "photoset_form": form, }, context_instance=RequestContext(request))
def add(request, form_class=ArticleForm, category_form_class=CategoryForm, template_name="articles/add.html"): content_type = get_object_or_404(ContentType, app_label='articles', model='article') if has_perm(request.user, 'articles.add_article'): if request.method == "POST": form = form_class(request.POST, user=request.user) categoryform = category_form_class(content_type, request.POST, prefix='category') if form.is_valid() and categoryform.is_valid(): article = form.save() article.update_category_subcategory( categoryform.cleaned_data['category'], categoryform.cleaned_data['sub_category'] ) # add all permissions and save the model update_perms_and_save(request, form, article) msg_string = 'Successfully added %s' % article messages.add_message(request, messages.SUCCESS, _(msg_string)) # send notification to administrator(s) and module recipient(s) recipients = get_notice_recipients('module', 'articles', 'articlerecipients') if recipients and notification: notification.send_emails(recipients, 'article_added', { 'object': article, 'request': request, }) return HttpResponseRedirect(reverse('article', args=[article.slug])) else: form = form_class(user=request.user) initial_category_form_data = { 'app_label': 'articles', 'model': 'article', 'pk': 0, } categoryform = category_form_class(content_type, initial=initial_category_form_data, prefix='category') return render_to_response(template_name, {'form': form, 'categoryform': categoryform,}, context_instance=RequestContext(request)) else: raise Http403
def search(request, template_name="discounts/search.html"): if not has_perm(request.user, 'discounts.view_discount'): raise Http403 filters = get_query_filters(request.user, 'discounts.view_discount') discounts = Discount.objects.filter(filters).distinct() query = request.GET.get('q', None) if query: discounts = discounts.filter(discount_code__icontains=query) EventLog.objects.log() return render_to_response(template_name, {'discounts': discounts}, context_instance=RequestContext(request))
def entry_delete(request, id, template_name="forms/entry_delete.html"): entry = get_object_or_404(FormEntry, pk=id) # check permission if not has_perm(request.user,'forms.delete_form',entry.form): raise Http403 if request.method == "POST": messages.add_message(request, messages.SUCCESS, 'Successfully deleted entry %s' % entry) entry.delete() return HttpResponseRedirect(reverse('forms')) return render_to_response(template_name, {'entry': entry}, context_instance=RequestContext(request))