# HG changeset patch # User verrierj # Date 1323254172 -3600 # Node ID 4b8042fc3d33f92a6bdce774cf2d41457857c843 # Parent c0c1617367941214e548658b3e5c6120d7a76008 Moved Share to form to security module diff -r c0c161736794 -r 4b8042fc3d33 src/ldt/ldt/ldt_utils/forms.py --- a/src/ldt/ldt/ldt_utils/forms.py Tue Dec 06 17:45:35 2011 +0100 +++ b/src/ldt/ldt/ldt_utils/forms.py Wed Dec 07 11:36:12 2011 +0100 @@ -3,49 +3,10 @@ from django.contrib.auth.models import User, Group from django.forms.widgets import MultipleHiddenInput from ldt.forms import widgets as ldt_widgets +from ldt.security.forms import ShareForm from models import Project, Content, Media from utils import generate_uuid -# This class should be moved somewhere else -class LazyMultipleChoiceField(forms.MultipleChoiceField): - - # Should do some checking here - def validate(self, value): - pass - -class ShareForm(forms.ModelForm): - read_list = LazyMultipleChoiceField(required=False, widget=MultipleHiddenInput()) - write_list = LazyMultipleChoiceField(required=False, widget=MultipleHiddenInput()) - - def clean(self): - read_list = self.data.getlist("read_list") - write_list = self.data.getlist("write_list") - - elems = read_list + write_list - users = [e.split('-')[0] for e in elems if e.split('-')[1] == 'user' ] - groups = [e.split('-')[0] for e in elems if e.split('-')[1] == 'group' ] - - users = User.objects.filter(id__in=users) - groups = Group.objects.filter(id__in=groups) - - def create_real_lists(list, users, groups): - new_list = [] - for e in list: - id, cls_name = e.split('-') - if cls_name == 'user': - new_list.append(users.get(id=id)) - elif cls_name == 'group': - new_list.append(groups.get(id=id)) - return new_list - - new_read_list = create_real_lists(read_list, users, groups) - new_write_list = create_real_lists(write_list, users, groups) - - self.cleaned_data["read_list"] = new_read_list - self.cleaned_data["write_list"] = new_write_list - return self.cleaned_data - - class LdtImportForm(forms.Form): importFile = forms.FileField() videoPath = forms.CharField(required=False) @@ -53,13 +14,12 @@ class LdtAddForm(ShareForm): title = forms.CharField(required=True) - #contents = forms.ModelMultipleChoiceField(Content.objects.all()) + contents = forms.ModelMultipleChoiceField(Content.objects.all()) description = forms.CharField(widget=forms.Textarea, required=False) - # remove contents from exclude list class Meta: model = Project - exclude = ("ldt_id", "ldt", "created_by", "changed_by", "creation_date", "modification_date", "state", "owner", "contents") + exclude = ("ldt_id", "ldt", "created_by", "changed_by", "creation_date", "modification_date", "state", "owner") class PermissionForm(forms.Form): share = forms.BooleanField(required=False, widget=forms.CheckboxInput(attrs={'class':'checkbox_group'})) @@ -67,7 +27,7 @@ group = forms.IntegerField(required=False, widget=forms.HiddenInput()) class ReindexForm(forms.Form): - contents = forms.ModelMultipleChoiceField(Content.objects.all()) #@UndefinedVariable + contents = forms.ModelMultipleChoiceField(Content.objects.all()) index_projects = forms.BooleanField(required=False, initial=False) class SearchForm(forms.ModelForm): @@ -87,8 +47,7 @@ title = forms.CharField() group = forms.IntegerField() -class ContentForm(forms.ModelForm): - #iri_id = forms.CharField(max_length=1024, widget=forms.HiddenInput, initial=generate_uuid) +class ContentForm(ShareForm): iriurl = forms.CharField(max_length=1024, widget=forms.HiddenInput, required=False) content_creation_date = forms.SplitDateTimeField(widget=ldt_widgets.LdtSplitDateTime, required=False, label=_("content.content_creation_date")) media_input_type = forms.ChoiceField(required=False, label=_("content.media_input_type"), choices=(("upload", _("file_upload")), ("url", _("url")), ("link", _("existing_media")), ("create", _("create_media")), ("none", _("none_media")))) @@ -102,6 +61,7 @@ return data def clean(self): + super(ContentForm, self).clean() cleaned_data = self.cleaned_data iriurl_data = cleaned_data.get('iriurl') iri_id_data = cleaned_data['iri_id'] diff -r c0c161736794 -r 4b8042fc3d33 src/ldt/ldt/ldt_utils/views.py --- a/src/ldt/ldt/ldt_utils/views.py Tue Dec 06 17:45:35 2011 +0100 +++ b/src/ldt/ldt/ldt_utils/views.py Wed Dec 07 11:36:12 2011 +0100 @@ -6,7 +6,6 @@ from django.db.models import Q from django.forms.models import model_to_dict from django.forms.util import ErrorList -from django.forms.formsets import formset_factory from django.http import (HttpResponse, HttpResponseRedirect, HttpResponseForbidden, HttpResponseServerError) from ldt.indexation import get_results_with_context, highlight_documents @@ -18,13 +17,13 @@ from django.utils.html import escape from django.utils.translation import ugettext as _, ungettext from forms import (LdtAddForm, SearchForm, AddProjectForm, CopyProjectForm, - ContentForm, MediaForm, GroupAddForm, PermissionForm) + ContentForm, MediaForm, GroupAddForm) from guardian.core import ObjectPermissionChecker -from guardian.shortcuts import assign, remove_perm, get_perms, get_objects_for_group, get_objects_for_user +from guardian.shortcuts import assign, remove_perm, get_objects_for_group from ldt.ldt_utils.models import Content from ldt.ldt_utils.utils import boolean_convert, LdtUtils, LdtSearch -from ldt.security.utils import (assign_object_to_groups, set_forbidden_stream, - add_change_attr, get_perm_form) +from ldt.security.utils import (assign_perm_to_obj, set_forbidden_stream, + add_change_attr, get_allowed_elem_list) from lxml.html import fragment_fromstring from models import Media, Project from projectserializer import ProjectSerializer @@ -456,14 +455,13 @@ form_status = "none" contents = Content.safe_objects.all() - if form.is_valid(): + if form.is_valid(): user = request.user project = Project.create_project(title=form.cleaned_data['title'], user=user, - #contents=form.cleaned_data['contents'], - contents=[], + contents=form.cleaned_data['contents'], description=form.cleaned_data['description']) - assign_object_to_groups(project, form.cleaned_data["read_list"], form.cleaned_data["write_list"], user) + assign_perm_to_obj(project, form.cleaned_data["read_list"], form.cleaned_data["write_list"], user) form_status = "saved" is_gecko = ((request.META['HTTP_USER_AGENT'].lower().find("firefox")) > -1); if is_gecko : @@ -845,15 +843,14 @@ redirect_to = '' form_status = "none" - if request.method == "POST" : - + if request.method == "POST" : form = AddProjectForm(request.POST) if form.is_valid(): user = request.user project = Project.create_project(title=form.cleaned_data['title'], user=user, contents=contents, description=form.cleaned_data['description']) form_status = "saved" - assign_object_to_groups(project, form.cleaned_data["read_list"], form.cleaned_data["write_list"], user) + assign_perm_to_obj(project, form.cleaned_data["read_list"], form.cleaned_data["write_list"], user) # Modal window is not used with firefox is_gecko = ((request.META['HTTP_USER_AGENT'].lower().find("firefox")) > -1); @@ -861,8 +858,6 @@ redirect_to = reverse('index_project_full', args=[project.ldt_id]) else: return HttpResponseRedirect(reverse('index_project', args=[project.ldt_id])) - - else: form = AddProjectForm() @@ -875,8 +870,9 @@ contents = project.contents.all() groups = request.user.groups.exclude(name=settings.PUBLIC_GROUP_NAME) elem_list = User.objects.all()[0:20] - elem_list = [{'name': e.username, 'id': e.id, 'type': e.type} for e in elem_list] - + elem_list = [{'name': e.username, 'id': e.id, 'type': 'user'} for e in elem_list] + member_list = get_allowed_elem_list(project, request.user) + if request.method == "POST" : submit_action = request.REQUEST.get("submit_button", False) if submit_action == "prepare_delete": @@ -909,7 +905,7 @@ project.ldt = lxml.etree.tostring(ldt, pretty_print=True) project.save() - assign_object_to_groups(project, form.cleaned_data["read_list"], form.cleaned_data["write_list"], request.user) + assign_perm_to_obj(project, form.cleaned_data["read_list"], form.cleaned_data["write_list"], request.user) form_status = "saved" else: form = AddProjectForm({'title':unicode(project.title), 'description':unicode(project.get_description())}) @@ -917,7 +913,8 @@ form_status = 'none' return render_to_response('ldt/ldt_utils/create_ldt.html', {'form':form, 'form_status':form_status, 'groups': groups, - 'elem_list': elem_list, 'ldt_id': ldt_id, 'contents':contents, 'create_project_action':reverse("ldt.ldt_utils.views.update_project", args=[ldt_id])}, context_instance=RequestContext(request)) + 'elem_list': elem_list, 'ldt_id': ldt_id, 'contents':contents, + 'member_list': member_list, 'create_project_action':reverse("ldt.ldt_utils.views.update_project", args=[ldt_id])}, context_instance=RequestContext(request)) @login_required def copy_project(request, ldt_id, group_id=None): @@ -980,18 +977,15 @@ content_instance_val[k] = value media_instance_val[k] = value - permission_formset = formset_factory(PermissionForm, extra=0) content_form = ContentForm(content_instance_val, prefix="content", instance=instance_content) media_form = MediaForm(media_instance_val, request.FILES, prefix="media", instance=instance_media) - group_form = permission_formset(request.POST) - + media_valid = media_form.is_valid() content_valid = content_form.is_valid() - group_valid = group_form.is_valid() logging.debug("write_content_base : valid form: for instance : " + repr(instance_media) + " -> media " + str(media_valid) + " content : for instance : " + repr(instance_content) + " : " + str(content_valid)) #@UndefinedVariable - if media_valid and content_valid and group_valid: + if media_valid and content_valid: # see if media must be created cleaned_data = {} @@ -1125,7 +1119,7 @@ assign('view_content', everyone, content) else: remove_perm('view_content', everyone, content) - assign_object_to_groups(content, group_form.cleaned_data) + assign_perm_to_obj(content, content_form.cleaned_data["read_list"], content_form.cleaned_data["write_list"], request.user) if not created: for attribute in ('iriurl', 'title', 'description', 'duration', 'content_creation_date', 'tags', 'media_obj'): setattr(content, attribute, content_defaults[attribute]) @@ -1150,11 +1144,10 @@ return content_form, media_form, form_status @login_required -def write_content(request, iri_id=None): - +def write_content(request, iri_id=None): submit_action = request.REQUEST.get("submit_button", False) groups = request.user.groups.exclude(name=settings.PUBLIC_GROUP_NAME) - permission_formset = formset_factory(PermissionForm, extra=0) + if submit_action == "prepare_delete": errors, titles = prepare_delete_content(request, iri_id) @@ -1170,26 +1163,8 @@ form_status = "deleted" content_form = ContentForm() media_form = MediaForm() - management_form = group_form = None else: content_form, media_form, form_status = write_content_base(request, iri_id) - perm_list = [] - content = Content.safe_objects.get(iri_id=iri_id) if iri_id else None - - for group in groups: - group_perms = get_perms(group, content) if content else [] - share = False - perm = None - if 'view_content' in group_perms: - share = True - perm = 'read' - if 'change_content' in group_perms: - perm = 'write' - - perm_list.append({'share': share, 'perms': perm, 'group': group.id }) - permission = permission_formset(initial=perm_list) - management_form = permission.management_form - group_form = zip(permission, groups) if iri_id: create_content_action = reverse('ldt.ldt_utils.views.write_content', kwargs={'iri_id':iri_id}) @@ -1197,13 +1172,12 @@ create_content_action = reverse('ldt.ldt_utils.views.write_content') session_key = request.COOKIES[settings.SESSION_COOKIE_NAME] - cookie_name = settings.SESSION_COOKIE_NAME - + cookie_name = settings.SESSION_COOKIE_NAME content_form.fields["media_obj"].queryset = Media.safe_objects.all() return render_to_response('ldt/ldt_utils/create_content.html', {'content_form': content_form, 'media_form': media_form, 'form_status': form_status, 'create_content_action': create_content_action, - 'management_form': management_form, 'group_form': group_form, 'iri_id': iri_id, 'session_key':session_key, 'cookie_name':cookie_name}, context_instance=RequestContext(request)) + 'iri_id': iri_id, 'session_key':session_key, 'cookie_name':cookie_name}, context_instance=RequestContext(request)) @login_required def prepare_delete_content(request, iri_id=None): diff -r c0c161736794 -r 4b8042fc3d33 src/ldt/ldt/security/forms.py --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/ldt/ldt/security/forms.py Wed Dec 07 11:36:12 2011 +0100 @@ -0,0 +1,42 @@ +from django import forms +from django.contrib.auth.models import User, Group +from django.forms.widgets import MultipleHiddenInput + + +class LazyMultipleChoiceField(forms.MultipleChoiceField): + + # Should do some checking here + def validate(self, value): + pass + +class ShareForm(forms.ModelForm): + read_list = LazyMultipleChoiceField(required=False, widget=MultipleHiddenInput()) + write_list = LazyMultipleChoiceField(required=False, widget=MultipleHiddenInput()) + + def clean(self): + read_list = self.data.getlist("read_list") + write_list = self.data.getlist("write_list") + + elems = read_list + write_list + users = [e.split('-')[0] for e in elems if e.split('-')[1] == 'user' ] + groups = [e.split('-')[0] for e in elems if e.split('-')[1] == 'group' ] + + users = User.objects.filter(id__in=users) + groups = Group.objects.filter(id__in=groups) + + def create_real_lists(list, users, groups): + new_list = [] + for e in list: + id, cls_name = e.split('-') + if cls_name == 'user': + new_list.append(users.get(id=id)) + elif cls_name == 'group': + new_list.append(groups.get(id=id)) + return new_list + + new_read_list = create_real_lists(read_list, users, groups) + new_write_list = create_real_lists(write_list, users, groups) + + self.cleaned_data["read_list"] = new_read_list + self.cleaned_data["write_list"] = new_write_list + return self.cleaned_data \ No newline at end of file diff -r c0c161736794 -r 4b8042fc3d33 src/ldt/ldt/security/utils.py --- a/src/ldt/ldt/security/utils.py Tue Dec 06 17:45:35 2011 +0100 +++ b/src/ldt/ldt/security/utils.py Wed Dec 07 11:36:12 2011 +0100 @@ -103,7 +103,8 @@ return obj_list -def assign_object_to_groups(object, read_list, write_list, owner): + +def assign_perm_to_obj(object, read_list, write_list, owner): name = object.__class__.__name__.lower() old_users = get_users_with_perms(object).exclude(id=owner.id) @@ -124,16 +125,21 @@ remove_perms(read_list, old_users, object, name) remove_perms(read_list, old_groups, object, name) - - -def get_perm_form(groups, formset): - perm_list = [] - for group in groups: - perm_list.append({'share': False, 'perms': 'read', 'group': group.id }) - permission = formset(initial=perm_list) - - management_form = permission.management_form - group_form = zip(permission, groups) + + +def get_allowed_elem_list(object, owner): + users = get_users_with_perms(object).exclude(id=owner.id) + groups = get_groups_with_perms(object) - return (management_form, group_form) - \ No newline at end of file + member_list = [] + for u in users: + member_list.append({'name': u.username, 'id': u.id, 'type': 'user'}) + + for g in groups: + member_list.append({'name': g.name, 'id': g.id, 'type': 'group'}) + + return member_list + + + +