def add_user(request):
if not request.user.is_admin:
raise HTTPForbidden()
form = AddUserForm(request.POST)
if not form.validate():
return add_user_form(request, form)
data = form.data
data.pop('password_confirm')
user = User(**data)
session = DBSession()
session.add(user)
request.session.flash(_(u'User has been added.'), 'success')
location = request.route_url('users')
return HTTPSeeOther(location)
def configure_statuses(request):
project_name = request.matchdict['project_name']
session = DBSession()
try:
project = session.query(Project).filter_by(name=project_name).one()
except NoResultFound:
raise HTTPNotFound()
if not has_permission(request, PERM_MANAGE_PROJECT, project):
raise HTTPForbidden()
posted_statuses = map(int, request.POST.getall('statuses'))
# The UI should not allow to remove default statuses, but let's
# enforce it here.
for default_status in DEFAULT_STATUSES:
if default_status['id'] not in posted_statuses:
msg = _('You cannot remove this status.')
request.session.flash(msg, 'error')
return configure_statuses_form(request)
# The UI should not allow to remove statuses that are being used,
# but let's enforce it here.
# FIXME: to do
current_statuses = {}
for status in project.statuses:
current_statuses[status.id] = status
statuses = zip(posted_statuses, request.POST.getall('labels'))
# Change existing statuses and add new ones
new_id = session.execute(
'SELECT MAX(id) FROM statuses '
'WHERE project_id=%d' % project.id).fetchone()[0]
for position, (status_id, label) in enumerate(statuses, 1):
if not status_id:
new_id += 1
status = Status(id=new_id, project_id=project.id,
label=label, position=position)
session.add(status)
else:
status = current_statuses[status_id]
if label != status.label:
status.label = label
if position != status.position:
status.position = position
# Remove statuses
for status in project.statuses:
if status.id not in posted_statuses:
session.delete(status)
msg = _('Your changes have been saved.')
request.session.flash(msg, 'success')
url = request.route_url('project_configure_statuses',
project_name=project.name)
return HTTPSeeOther(location=url)
def add(request):
session = DBSession()
project_name = request.matchdict['project_name']
try:
project = session.query(Project).filter_by(name=project_name).one()
except NoResultFound:
raise HTTPNotFound()
if not has_permission(request, PERM_PARTICIPATE_IN_PROJECT, project):
raise HTTPForbidden()
form = make_add_issue_form(project, session, request.POST)
if not form.validate():
return add_form(request, form)
last_ref = session.execute(
'SELECT MAX(ref) FROM issues '
'WHERE project_id=%d' % project.id).fetchone()[0]
if last_ref is None:
last_ref = 0
ref = last_ref + 1
reporter = request.user.id
now = datetime.utcnow()
issue = Issue(project_id=project.id,
date_created=now,
date_edited=now,
reporter=reporter,
ref=ref)
form.populate_obj(issue)
session.add(issue)
session.flush()
change = Change(project_id=project.id,
issue_id=issue.id,
type=CHANGE_TYPE_OPENING,
author=reporter,
date=now,
changes={})
form.populate_obj(change)
session.add(change)
route_args = {'project_name': project_name, 'issue_ref': issue.ref}
url = request.route_url('issue_view', **route_args)
return HTTPSeeOther(location=url)
def update(request):
project_name = request.matchdict['project_name']
issue_ref = int(request.matchdict['issue_ref'])
session = DBSession()
try:
project = session.query(Project).filter_by(name=project_name).one()
except NoResultFound:
raise HTTPNotFound()
if not has_permission(request, PERM_PARTICIPATE_IN_PROJECT, project):
raise HTTPForbidden()
try:
issue = session.query(Issue).filter_by(
project_id=project.id, ref=issue_ref).one()
except NoResultFound:
raise HTTPNotFound()
# FIXME: move logic outside so that it can be more easily tested.
form = make_add_change_form(project, session, request.POST)
if not form.validate():
return view(request, form)
now = datetime.utcnow()
userid = request.user.id
changes = {}
for attr in (
'title', 'status', 'assignee', 'deadline', 'priority', 'kind',
'time_estimated', 'time_billed'):
old_v = getattr(issue, attr)
new_v = getattr(form, attr).data
if old_v != new_v:
changes[attr] = (old_v, new_v)
setattr(issue, attr, new_v)
if form.time_spent_real.data and \
has_permission(request, PERM_SEE_PRIVATE_TIMING_INFO, project):
changes['time_spent_real'] = (None, form.time_spent_real.data)
if form.time_spent_public.data:
changes['time_spent_public'] = (None, form.time_spent_public.data)
if not changes and not form.text.data:
error = _(u'You did not provide any comment or update.')
form.errors['form'] = [error]
return view(request, form)
if form.status.data == ISSUE_STATUS_OPEN and \
issue.status != ISSUE_STATUS_OPEN:
change_type = CHANGE_TYPE_REOPENING
elif form.status.data == ISSUE_STATUS_CLOSED:
change_type = CHANGE_TYPE_CLOSING
else:
change_type = CHANGE_TYPE_UPDATE
change = Change(project_id=project.id,
issue_id=issue.id,
type=change_type,
author=userid,
date=now,
text=form.text.data,
text_renderer=form.text_renderer.data,
changes=changes)
if 'time_spent_real' in changes:
change.time_spent_real = form.time_spent_real.data
if 'time_spent_public' in changes:
change.time_spent_public = form.time_spent_public.data
session.add(change)
route_args = {'project_name': project_name,
'issue_ref': issue.ref,
'_query': {'issue_updated': 1},
'_anchor': 'issue_updated'}
url = request.route_url('issue_view', **route_args)
return HTTPSeeOther(location=url)
