diff options
author | Leif Johansson <leifj@sunet.se> | 2010-07-10 01:25:36 +0200 |
---|---|---|
committer | Leif Johansson <leifj@sunet.se> | 2010-07-10 01:25:36 +0200 |
commit | e5c38904d1d7e01781c6622ae5ec3d902494deff (patch) | |
tree | d7939ed27c0754e79ee62b4dda0afddcc45c2b60 /coip/apps/name/views.py | |
parent | 54563defc38d0075bfc448720e4f5805998a824a (diff) |
edit+delete+create for names along with linking and an acl mechanism
Diffstat (limited to 'coip/apps/name/views.py')
-rw-r--r-- | coip/apps/name/views.py | 72 |
1 files changed, 66 insertions, 6 deletions
diff --git a/coip/apps/name/views.py b/coip/apps/name/views.py index 6e0132f..a59190b 100644 --- a/coip/apps/name/views.py +++ b/coip/apps/name/views.py @@ -10,9 +10,69 @@ from django.http import HttpResponseNotFound, HttpResponseForbidden,\ from django.contrib.auth.decorators import login_required from coip.multiresponse import respond_to, json_response from pprint import pprint -from coip.apps.name.forms import NameEditForm +from coip.apps.name.forms import NameEditForm, NewNameForm, NameDeleteForm from twisted.python.reflect import ObjectNotFound +def delete(request,id): + name = None + try: + name = Name.objects.get(id=id) + except ObjectNotFound: + return HttpResponseNotFound() + + if not name.has_permission(request.user,'d'): + return HttpResponseForbidden() + + if request.method == 'POST': + form = NameDeleteForm(request.POST) + if form.is_valid(): + if not form.cleaned_data['confirm']: + return HttpResponseRedirect("/name/id/%d" % name.id) + + parent = name.parent + if not form.cleaned_data['recursive'] and name.children.count() > 0: + return HttpResponseForbidden("Will not delete non-empty node") + + if form.cleaned_data['recursive']: + name.remove(True) + else: + name.remove(False) + + if parent: + return HttpResponseRedirect("/name/id/%d" % parent.id) + else: + return HttpResponseRedirect("/name"); + else: + form = NameDeleteForm() + + return respond_to(request,{'text/html': 'apps/name/edit.html'},{'form': form,'name': name,'formtitle': 'Remove name confirmation' ,'submitname': 'Delete'}) + +def add(request,id): + parent = None + if id: + try: + parent = Name.objects.get(id=id) + except ObjectNotFound: + return HttpResponseNotFound() + + if id: + if not parent.has_permission(request.user,'i'): + return HttpResponseForbidden('You are not allowed to create names under '+parent) + else: + if not request.user.admin: + return HttpResponseForbidden('You are not allowed to create names') + + if request.method == 'POST': + name = Name(parent=parent,creator=request.user,acl=parent.copy_acl()) + form = NewNameForm(request.POST,instance=name) + if form.is_valid(): + form.save() + return HttpResponseRedirect("/name/id/%d" % name.id) + else: + form = NewNameForm() + + return respond_to(request,{'text/html': 'apps/name/edit.html'},{'form': form,'name': parent,'formtitle': 'Create new name','submitname': 'Create'}) + def edit(request,id): name = None try: @@ -20,7 +80,7 @@ def edit(request,id): except ObjectNotFound: return HttpResponseNotFound() - if not name.has_permission(request.user,'#w'): + if not name.has_permission(request.user,'w'): return HttpResponseForbidden() if request.method == 'POST': @@ -31,7 +91,7 @@ def edit(request,id): else: form = NameEditForm(instance=name) - return respond_to(request,{'text/html': 'apps/name/edit.html'},{'form': form,'name': name}) + return respond_to(request,{'text/html': 'apps/name/edit.html'},{'form': form,'name': name,'formtitle': 'Change name','submitname': 'Update'}) def show_root(request): @@ -48,9 +108,9 @@ def show(request,name): {'text/html': 'apps/name/name.html'}, {'name': name, 'memberships': name.memberships, - 'delete': name.has_permission(request.user,'#d'), - 'insert': name.has_permission(request.user,'#i'), - 'edit': name.has_permission(request.user,'#w')}) + 'delete': name.has_permission(request.user,'d'), + 'insert': name.has_permission(request.user,'i'), + 'edit': name.has_permission(request.user,'w')}) else: return HttpResponseForbidden() |