# HG changeset patch # User verrierj # Date 1322747350 -3600 # Node ID 491d057cbfd2091f60101180e4a4fea791afc9b7 # Parent 47c83e79e3c495a1e8b2a959662a9e4f822b8496 Fix bug when selecting media in content creation window diff -r 47c83e79e3c4 -r 491d057cbfd2 src/ldt/ldt/ldt_utils/migrations/0005_add_permissions.py --- a/src/ldt/ldt/ldt_utils/migrations/0005_add_permissions.py Wed Nov 30 17:37:42 2011 +0100 +++ b/src/ldt/ldt/ldt_utils/migrations/0005_add_permissions.py Thu Dec 01 14:49:10 2011 +0100 @@ -5,8 +5,9 @@ from django.db import models from django.conf import settings from django.contrib.auth.models import Group, User -from ldt.ldt_utils.models import Project +from ldt.ldt_utils.models import Project, Content from guardian.shortcuts import assign +from guardian.core import ObjectPermissionChecker class Migration(DataMigration): @@ -27,6 +28,11 @@ profile.is_regular = True profile.save() user.groups.add(everyone) + + checker = ObjectPermissionChecker(user) + for content in Content.objects.all(): + if checker.has_perm('view_content', content): + assign('view_media', user, content.media_obj) def add_perm(self, orm, model_name): diff -r 47c83e79e3c4 -r 491d057cbfd2 src/ldt/ldt/ldt_utils/views.py --- a/src/ldt/ldt/ldt_utils/views.py Wed Nov 30 17:37:42 2011 +0100 +++ b/src/ldt/ldt/ldt_utils/views.py Thu Dec 01 14:49:10 2011 +0100 @@ -1007,7 +1007,6 @@ content_instance_val[k] = value media_instance_val[k] = value - permission_formset = formset_factory(PermissionForm, extra=0) content_form = ContentForm(content_instance_val, prefix="content", instance=instance_content) media_form = MediaForm(media_instance_val, request.FILES, prefix="media", instance=instance_media) @@ -1122,6 +1121,7 @@ mimetype = mimetypes.guess_type(cleaned_data['src']) cleaned_data['mimetype_field'] = mimetype media, created = Media.objects.get_or_create(src=cleaned_data['src'], defaults=cleaned_data) #@UndefinedVariable + assign('view_media', request.user, media) else: media = None @@ -1132,9 +1132,9 @@ mimetype = cleaned_data.get('mimetype_field', None) if not mimetype: mimetype = mimetypes.guess_type(media.src) - media.mimetype_field = mimetype - - media.save() + media.mimetype_field = mimetype + media.save() + assign('view_media', request.user, media) if form_status != "error": content_defaults = {} @@ -1161,8 +1161,8 @@ initial = { 'media_input_type':"link"} content_form = ContentForm(prefix="content", instance=instance_content, initial=initial) - media_form = MediaForm(prefix="media", instance=instance_media) - + media_form = MediaForm(prefix="media", instance=instance_media) + if instance_content is not None: content_form.media_input_type = "link" @@ -1192,7 +1192,6 @@ management_form = group_form = None else: content_form, media_form, form_status = write_content_base(request, iri_id) - perm_list = [] content = Content.safe_objects.get(iri_id=iri_id) if iri_id else None @@ -1210,14 +1209,16 @@ permission = permission_formset(initial=perm_list) management_form = permission.management_form group_form = zip(permission, groups) - + if iri_id: create_content_action = reverse('ldt.ldt_utils.views.write_content', kwargs={'iri_id':iri_id}) else: create_content_action = reverse('ldt.ldt_utils.views.write_content') session_key = request.COOKIES[settings.SESSION_COOKIE_NAME] - cookie_name = settings.SESSION_COOKIE_NAME + cookie_name = settings.SESSION_COOKIE_NAME + + content_form.fields["media_obj"].queryset = Media.safe_objects.all() return render_to_response('ldt/ldt_utils/create_content.html', {'content_form': content_form, 'media_form': media_form, 'form_status': form_status, 'create_content_action': create_content_action, 'management_form': management_form, 'group_form': group_form, 'iri_id': iri_id, 'session_key':session_key, 'cookie_name':cookie_name}, context_instance=RequestContext(request)) @@ -1238,7 +1239,6 @@ project_titles = map(lambda p: unicode(p.title), projects) errors.append(ungettext("Content '%(title)s' is referenced by this project : %(project_titles)s. Please delete it beforehand.", "Content '%(title)s' is referenced by %(count)d projects: %(project_titles)s. Please delete them beforehand.", projects_nb) % {'title':unicode(content.title), 'count':projects_nb, 'project_titles': ",".join(project_titles)}) - return errors, titles diff -r 47c83e79e3c4 -r 491d057cbfd2 src/ldt/ldt/security/middleware.py --- a/src/ldt/ldt/security/middleware.py Wed Nov 30 17:37:42 2011 +0100 +++ b/src/ldt/ldt/security/middleware.py Thu Dec 01 14:49:10 2011 +0100 @@ -1,4 +1,3 @@ -from django.core.exceptions import MiddlewareNotUsed from ldt.security.utils import protect_models, unprotect_models, _thread_locals class SecurityMiddleware(object): @@ -9,9 +8,9 @@ protect_models() def process_response(self, request, response): - unprotect_models() - if hasattr(_thread_locals, 'user'): + if hasattr(_thread_locals, 'user'): + unprotect_models() del _thread_locals.user return response diff -r 47c83e79e3c4 -r 491d057cbfd2 src/ldt/ldt/security/models.py --- a/src/ldt/ldt/security/models.py Wed Nov 30 17:37:42 2011 +0100 +++ b/src/ldt/ldt/security/models.py Thu Dec 01 14:49:10 2011 +0100 @@ -2,8 +2,8 @@ from manager import SafeManager class SafeModel(models.Model): - objects = SafeManager() - safe_objects = SafeManager(check_perm=True) + objects = SafeManager() # By default, SafeManagers do not chek permissions. + safe_objects = SafeManager() # This setting is activated in the middleware class Meta: abstract = True \ No newline at end of file diff -r 47c83e79e3c4 -r 491d057cbfd2 src/ldt/ldt/security/utils.py --- a/src/ldt/ldt/security/utils.py Wed Nov 30 17:37:42 2011 +0100 +++ b/src/ldt/ldt/security/utils.py Thu Dec 01 14:49:10 2011 +0100 @@ -43,6 +43,7 @@ def protect_model(cls, user): cls.safe_objects.user = user + cls.safe_objects.check_perm = True cls.old_save = cls.save cls.old_delete = cls.delete @@ -111,6 +112,8 @@ assign('view_%s' % name, group, object) if elem['perms'] == 'write': assign('change_%s' % name, group, object) + else: + remove_perm('change_%s' % name, group, object) else: remove_perm('view_%s' % name, group, object) remove_perm('change_%s' % name, group, object) diff -r 47c83e79e3c4 -r 491d057cbfd2 src/ldt/ldt/static/ldt/js/projectscontents.js --- a/src/ldt/ldt/static/ldt/js/projectscontents.js Wed Nov 30 17:37:42 2011 +0100 +++ b/src/ldt/ldt/static/ldt/js/projectscontents.js Thu Dec 01 14:49:10 2011 +0100 @@ -1,4 +1,4 @@ - + $.fn.realVal = function() { var obj = $(this[0]); if(obj.val) { @@ -53,13 +53,13 @@ }); }); - $('.cellimgdiv img, .publishedproject, .unpublishedproject').qtip({ + $('.cellimgdiv img, .qtiplink, .grouplink, .publishedproject, .unpublishedproject').qtip({ style: { classes: 'ui-tooltip-dark ui-tooltip-rounded' } }); - $('.projectinfos').each( function () { + $('.infostooltip').each( function () { var desc = $(this).attr('data-desc'); if (desc == 'None') { desc = ''; @@ -115,7 +115,7 @@ data: "filename="+ $('#id_media-local_file_name',$.nmTop().store.iframe.contents()).val(), cache: false, success: function(data, status, request){ - //alert("remove success"); + alert("remove success"); } }); } @@ -192,7 +192,7 @@ }); nm.store.iframe.width(730); - nm.store.iframe.height(830); + nm.store.iframe.height(820); } } }); @@ -210,7 +210,7 @@ filters: ['iframe'], sizes: { minW: 730, - minH: 480 + minH: 840 }, closeOnClick:false, callbacks: { @@ -226,7 +226,7 @@ }); nm.store.iframe.width(730); - nm.store.iframe.height(470); + nm.store.iframe.height(820); } } }); @@ -261,9 +261,6 @@ nm.store.iframe.width(frameW); nm.store.iframe.height(frameH); }, - close: function(nm) { - // We don't do anything here, we hack the callback directly from the close function. - }, afterClose: function(nm) { // Can't do that because searchprojectfilterurl is not defined in init_events_base params searchCallback($('#searchprojectsinput'), "#projectslistcontainer", searchprojectfilterurl, 0); @@ -328,6 +325,8 @@ $('.projecttitlelink').each(function(i){ $(this).attr("target","_blank"); }); + + $('.projecttitlelink').nyroModal({ filters: ['iframe'], sizes: { @@ -349,7 +348,7 @@ }); nm.store.iframe.width(940); - nm.store.iframe.height(740); + nm.store.iframe.height(700); } } }); @@ -360,7 +359,7 @@ project.attr('src', LDT_MEDIA_PREFIX + "img/ajax-loader-transp.gif"); } -function init_events_group (base_node, embed_url, groupfilterurl) { +function init_events_groups (base_node, embed_url, groupfilterurl) { $('.create_group',base_node).each(function(i){ $(this).attr("target","_iri"); @@ -422,8 +421,8 @@ $(e.target).blur(); $(e.target).next(".searchajaxloader").hide(); } - }); - + }); + $('.searchfieldinput').each(function(i) { var sbox = $(this); if(sbox.val() !== '') { diff -r 47c83e79e3c4 -r 491d057cbfd2 web/ldtplatform/config.py.tmpl --- a/web/ldtplatform/config.py.tmpl Wed Nov 30 17:37:42 2011 +0100 +++ b/web/ldtplatform/config.py.tmpl Thu Dec 01 14:49:10 2011 +0100 @@ -83,6 +83,6 @@ AUTO_INDEX_AFTER_SAVE = True -USE_GROUP_PERMISSIONS = ['Project', 'Content'] +USE_GROUP_PERMISSIONS = ['Project', 'Content', 'Media'] FORBIDDEN_STREAM_URL = "empty-video" PUBLIC_GROUP_NAME = 'everyone'