Merge branch 'master' of git.nordu.net:coip

5 files changed, 61 insertions, 16 deletions

diff --git a/coip/apps/membership/views.py b/coip/apps/membership/views.py
index fd7036e..7c4c4e1 100644
--- a/coip/apps/membership/views.py
+++ b/coip/apps/membership/views.py
@@ -36,6 +36,10 @@ def join(request,id,membername=None):
         if form.is_valid():
             m = form.save()
             return HttpResponseRedirect(name.url())
+        else:
+            return respond_to(request,
+                              {'text/html': 'apps/membership/edit.html'},
+                              {'form': form,'name': name, 'formtitle': 'Add a member to %s' % name.short})
     else:
         if membername:
             try:
diff --git a/coip/apps/name/forms.py b/coip/apps/name/forms.py
index dc36ecd..549456f 100644
--- a/coip/apps/name/forms.py
+++ b/coip/apps/name/forms.py
@@ -6,7 +6,7 @@ Created on Jun 24, 2010
 from django import forms
 from coip.apps.name.models import Name, Attribute, NameLink
 from django.forms import fields
-from django.forms.widgets import HiddenInput, CheckboxSelectMultiple
+from django.forms.widgets import HiddenInput, CheckboxSelectMultiple, TextInput
 from form_utils.forms import BetterModelForm, BetterForm
     
 class NameForm(forms.ModelForm):
@@ -71,7 +71,23 @@ class NameLinkForm(forms.ModelForm):
 class NameLinkDeleteForm(forms.Form):
     confirm = fields.BooleanField(label="Confirm")
     
-class PermissionForm(forms.Form):
+class PermissionForm(BetterForm):
     dst = fields.IntegerField(widget=HiddenInput)
-    subject = fields.CharField(min_length=1024)
-    permissions = fields.MultipleChoiceField(widget=CheckboxSelectMultiple,choices=[('r','read'),('w','write'),('l','list'),('i','insert'),('d','delete')])
+    subject = fields.CharField(max_length=1024,label="Group",widget=TextInput(attrs={'size': 40}))
+    permissions = fields.MultipleChoiceField(widget=CheckboxSelectMultiple,
+                                             choices=[('r','read'),
+                                                      ('w','write'),
+                                                      ('l','list members and groups'),
+                                                      ('i','manage members'),
+                                                      ('d','delete'),
+                                                      ('a','manage access')])
+    class Meta:
+        fieldsets = [('subject',{'fields': ['dst','subject'],
+                               'legend': 'Step 1: Select a group',
+                               'classes': ['step'],
+                               'description': 'Start typing in the textfield to find the group you want.'}),
+                     ('permission',{'fields': ['permissions'],
+                                    'legend': 'Step 2: Set permissions',
+                                    'classes': ['step','submit_step'],
+                                    'description': 'Select the rights that members of the group should have.'})]
+        
\ No newline at end of file
diff --git a/coip/apps/name/models.py b/coip/apps/name/models.py
index a1384a3..d8c089e 100644
--- a/coip/apps/name/models.py
+++ b/coip/apps/name/models.py
@@ -204,6 +204,7 @@ class NameLink(models.Model):
     
     access_control = 0
     part_of = 1
+    child_access_control = 2
     
     def __unicode__(self):
         return "%s -> %s [%s %s]" % (self.src,self.dst,self.type,self.data)
diff --git a/coip/apps/name/views.py b/coip/apps/name/views.py
index 90c0773..36a0f16 100644
--- a/coip/apps/name/views.py
+++ b/coip/apps/name/views.py
@@ -9,12 +9,13 @@ from django.http import HttpResponseNotFound, HttpResponseForbidden,\
     HttpResponseRedirect, Http404
 from django.contrib.auth.decorators import login_required
 from coip.multiresponse import respond_to, json_response, render403
-from pprint import pformat
+from pprint import pformat, pprint
 import logging
 from coip.apps.name.forms import NameEditForm, NewNameForm, NameDeleteForm,\
     PermissionForm
 from django.shortcuts import get_object_or_404
 from django.contrib.auth.models import User
+from django.db.models import Q
 
 @login_required
 def delete(request,id):
@@ -89,7 +90,18 @@ def edit(request,id):
             
 
 @login_required
-def editacl(request,id,type):
+def lsacl(request,id,type=NameLink.access_control):
+    name = get_object_or_404(Name,pk=id)
+    
+    if not name.has_permission(request.user,'a'):
+        return render403("You do not have permission to list permissions on %s" % (name))
+
+    return respond_to(request,
+                      {'text/html': 'apps/name/acls.html'},
+                      {'name': name, 'acl': name.lsacl()})
+
+@login_required
+def addacl(request,id,type=NameLink.access_control):
     name = get_object_or_404(Name,pk=id)
     
     if not name.has_permission(request.user,'a'):
@@ -103,13 +115,17 @@ def editacl(request,id,type):
             p = form.cleaned_data['permissions']
             if not p:
                 p = []
-            perms = p.join('')
-            link = NameLink.objects.get_or_create(src=name,dst=dst,type=NameLink.access_control)
+            perms = "".join(p)
+            (link,created) = NameLink.objects.get_or_create(src=name,dst=dst,type=NameLink.access_control)
             link.data = perms
             link.save()
-
-    form = PermissionForm()
-    return respond_to(request,{'text/html': 'apps/name/acls.html'},{'form': form, 'name': name, 'acl': name.lsacl(),'formtitle': 'Add Permission','submitname':'Add'})
+            return HttpResponseRedirect("/name/%s/acl/%s" % (id,type))
+    else:
+        form = PermissionForm()
+    
+    return respond_to(request,
+                      {'text/html': 'apps/name/addace.html'},
+                      {'form': form, 'name': name,'formtitle': 'Add Permission','submitname':'Add'})
 
 @login_required
 def links(request,id,type=NameLink.access_control):
@@ -124,15 +140,15 @@ def links(request,id,type=NameLink.access_control):
     
 
 @login_required
-def removelink(request,id):
-    link = get_object_or_404(NameLink,pk=id)
+def rmacl(request,id,aclid):
+    link = get_object_or_404(NameLink,pk=aclid)
     name = link.src
     type = link.type
     if not name.has_permission(request.user,'w'):
         return render403("You do not have permission to remove name links from %s" % (name))
     
     link.delete()
-    return HttpResponseRedirect("/name/{{name.id}}/link/{{type}}")
+    return HttpResponseRedirect("/name/%d/acl/%s" % (name.id,type))
     
 @login_required
 def show_root(request):
@@ -207,4 +223,12 @@ def rtree(request,id=None):
 
 @login_required
 def ctree(request,id=None):
-    return _tree(request,id,False)
\ No newline at end of file
+    return _tree(request,id,False)
+
+@login_required
+def search(request):
+    list = []
+    if request.REQUEST.has_key('term'):
+        term = request.REQUEST['term']
+        list = [{'label': name.short,'value': name.id} for name in Name.objects.filter(Q(short__contains=term) | Q(value__contains=term))]
+    return json_response(list)
\ No newline at end of file
diff --git a/coip/apps/userprofile/views.py b/coip/apps/userprofile/views.py
index fd114c9..4660a52 100644
--- a/coip/apps/userprofile/views.py
+++ b/coip/apps/userprofile/views.py
@@ -48,7 +48,7 @@ def home(request):
     home.short = "%s (%s)" % (profile.display_name,profile.identifier)
     home.save()
     add_member(home,profile.user,hidden=True)
-    home.setacl(home,"rwl") #don't allow users to delete or reset acls on their home, nor invite members - that would be confusing as hell
+    home.setacl(home,"rwlda") #don't allow users to delete or reset acls on their home, nor invite members - that would be confusing as hell
     
     names = [(link.src,link.data) for link in NameLink.objects.filter(dst__memberships__user=request.user,type=NameLink.access_control,data__contains='i').all()]