# HG changeset patch # User verrierj # Date 1323783989 -3600 # Node ID 832c5049b358d1667bf46ac22cc2259f829ef732 # Parent 7cd0ae3c4aeff41be22b101dd8ac9e2a92c30b60 Factor code to display userlist in project/content edition diff -r 7cd0ae3c4aef -r 832c5049b358 src/ldt/ldt/ldt_utils/views.py --- a/src/ldt/ldt/ldt_utils/views.py Tue Dec 13 10:28:42 2011 +0100 +++ b/src/ldt/ldt/ldt_utils/views.py Tue Dec 13 14:46:29 2011 +0100 @@ -23,7 +23,7 @@ from ldt.ldt_utils.models import Content from ldt.ldt_utils.utils import boolean_convert, LdtUtils, LdtSearch from ldt.security.utils import (assign_perm_to_obj, set_forbidden_stream, - add_change_attr, get_userlist_model, get_userlist_group) + add_change_attr, get_userlist, get_userlist_model, get_userlist_group) from ldt.security.cache import get_checker_for, assign from lxml.html import fragment_fromstring from models import Media, Project @@ -188,12 +188,8 @@ raise AttributeError("filter should be a string") filter = filter[1:] - users = User.objects.filter(username__icontains=filter)[0:20] - - resp = [] - for u in users: - resp.append({'name':u.username, 'id':u.id, 'type': 'user'}) - + resp = get_userlist(request.user, filter=filter) + if use_groups: groups = Group.objects.filter(name__icontains=filter).exclude(name=settings.PUBLIC_GROUP_NAME)[0:20] @@ -472,11 +468,9 @@ contents = Content.safe_objects.all() form_status = "none" - user_list = User.objects.all()[0:20] - elem_list = [{'name': u.username, 'id': u.id, 'type': 'user'} for u in user_list] return render_to_response('ldt/ldt_utils/create_ldt.html', {'contents': contents, 'form': form, 'form_status':form_status, 'redirect_to': redirect_to, 'create_project_action':reverse(create_ldt_view), 'language_code' : settings.LANGUAGE_CODE[2:], - 'elem_list': elem_list}, context_instance=RequestContext(request)) + 'elem_list': get_userlist(request.user)}, context_instance=RequestContext(request)) def created_ldt(request): return render_to_response('ldt/ldt_utils/save_done.html', context_instance=RequestContext(request)) @@ -858,17 +852,15 @@ return HttpResponseRedirect(reverse('index_project', args=[project.ldt_id])) else: form = AddProjectForm() - + return render_to_response('ldt/ldt_utils/create_ldt.html', {'form':form, 'form_status': form_status, 'contents':contents,'groups' : groups, - 'redirect_to': redirect_to, 'create_project_action':reverse("ldt.ldt_utils.views.create_project", args=[iri_id])}, context_instance=RequestContext(request)) + 'redirect_to': redirect_to, 'elem_list': get_userlist(request.user), 'create_project_action':reverse("ldt.ldt_utils.views.create_project", args=[iri_id])}, context_instance=RequestContext(request)) @login_required def update_project(request, ldt_id): project = get_object_or_404(Project.safe_objects, ldt_id=ldt_id) contents = project.contents.all() groups = request.user.groups.exclude(name=settings.PUBLIC_GROUP_NAME) - elem_list = User.objects.all()[0:20] - elem_list = [{'name': e.username, 'id': e.id, 'type': 'user'} for e in elem_list] member_list, admin_list = get_userlist_model(project, request.user) if request.method == "POST" : @@ -910,7 +902,7 @@ form_status = 'none' - return render_to_response('ldt/ldt_utils/create_ldt.html', {'form':form, 'form_status':form_status, 'groups': groups, 'elem_list': elem_list, + return render_to_response('ldt/ldt_utils/create_ldt.html', {'form':form, 'form_status':form_status, 'groups': groups, 'elem_list': get_userlist(request.user), 'ldt_id': ldt_id, 'contents':contents, 'member_list': member_list, 'admin_list': admin_list, 'create_project_action':reverse("ldt.ldt_utils.views.update_project", args=[ldt_id])}, context_instance=RequestContext(request)) @@ -1156,7 +1148,6 @@ def write_content(request, iri_id=None): submit_action = request.REQUEST.get("submit_button", False) groups = request.user.groups.exclude(name=settings.PUBLIC_GROUP_NAME) - elem_list = [{'name': u.username, 'id': u.id, 'type': 'user'} for u in User.objects.all()[0:20]] if submit_action == "prepare_delete": errors, titles = prepare_delete_content(request, iri_id) @@ -1187,7 +1178,7 @@ content_form.fields["media_obj"].queryset = Media.safe_objects.all() return render_to_response('ldt/ldt_utils/create_content.html', {'content_form': content_form, 'media_form': media_form, 'form_status': form_status, 'create_content_action': create_content_action, - 'elem_list': elem_list, 'member_list': member_list, 'admin_list': admin_list, 'iri_id': iri_id, 'session_key':session_key, 'cookie_name':cookie_name}, context_instance=RequestContext(request)) + 'elem_list': get_userlist(request.user), 'member_list': member_list, 'admin_list': admin_list, 'iri_id': iri_id, 'session_key':session_key, 'cookie_name':cookie_name}, context_instance=RequestContext(request)) @login_required def prepare_delete_content(request, iri_id=None): @@ -1275,7 +1266,7 @@ grp = Group.objects.get(id=request.POST["id_group"]) everyone = Group.objects.get(name=settings.PUBLIC_GROUP_NAME) project_list = get_objects_for_group(grp, 'ldt_utils.view_project') | get_objects_for_group(everyone, 'ldt_utils.view_project').filter(owner__in=[grp]) - project_list = add_change_attr(request.user, project_list) + #project_list = add_change_attr(request.user, project_list) is_gecko = ((request.META['HTTP_USER_AGENT'].lower().find("firefox")) > -1); @@ -1288,10 +1279,7 @@ def create_group(request): if not request.user.has_perm('auth.add_group'): return HttpResponseServerError('

User %s can not create a group.

' % request.user.username) - - query = Q(id=settings.ANONYMOUS_USER_ID) | Q(id=request.user.id) | Q(is_superuser=True) - user_list = User.objects.exclude(query)[0:20] - user_list = [{'name': x.username, 'id': x.id, 'type': 'user'} for x in user_list] + form_status = '' if request.method == 'POST': @@ -1314,12 +1302,12 @@ if elem in admin_list: assign('change_group', elem, group) - form_status = 'saved' + form_status = 'saved' else: - form = GroupAddForm() - - return render_to_response("ldt/ldt_utils/create_group.html", {'form' : form, 'form_status' : form_status, 'elem_list' : user_list}, context_instance=RequestContext(request)) + form = GroupAddForm() + + return render_to_response("ldt/ldt_utils/create_group.html", {'form' : form, 'form_status' : form_status, 'elem_list' : get_userlist(request.user)}, context_instance=RequestContext(request)) @login_required def update_group(request, group_id): @@ -1330,9 +1318,6 @@ form_status = 'none' return render_to_response("ldt/ldt_utils/create_group.html", {'form_status' : form_status}, context_instance=RequestContext(request)) - query = Q(id=settings.ANONYMOUS_USER_ID) | Q(id=request.user.id) | Q(is_superuser=True) - user_list = User.objects.exclude(query)[0:20] - user_list = [{'name': x.username, 'id': x.id, 'type': 'user'} for x in user_list] form_status = '' is_owner_group = checker.has_perm('is_owner_group', group) @@ -1375,5 +1360,5 @@ member_list, admin_list = get_userlist_group(group, request.user) return render_to_response("ldt/ldt_utils/create_group.html", {'group_id' : group_id, 'form' : form, 'form_status' : form_status, - 'elem_list' : user_list, 'member_list': member_list, 'admin_list': admin_list, + 'elem_list' : get_userlist(request.user), 'member_list': member_list, 'admin_list': admin_list, 'is_owner_group': is_owner_group}, context_instance=RequestContext(request)) diff -r 7cd0ae3c4aef -r 832c5049b358 src/ldt/ldt/security/utils.py --- a/src/ldt/ldt/security/utils.py Tue Dec 13 10:28:42 2011 +0100 +++ b/src/ldt/ldt/security/utils.py Tue Dec 13 14:46:29 2011 +0100 @@ -1,5 +1,7 @@ from django.conf import settings from django.contrib.contenttypes.models import ContentType +from django.contrib.auth.models import User +from django.db.models import Q from guardian.shortcuts import assign, remove_perm, get_users_with_perms, get_groups_with_perms from cache import get_checker_for @@ -110,7 +112,7 @@ perm_name = "%s.change_%s" % (cls._meta.app_label, model_name) for obj in obj_list: - if checker and checker.has_perm(perm_name, obj): + if not checker or checker.has_perm(perm_name, obj): obj.change = True else: obj.change = False @@ -139,6 +141,14 @@ remove_perms(read_list, old_users, object, name) remove_perms(read_list, old_groups, object, name) +def get_userlist(user, filter=None): + query = Q(id=settings.ANONYMOUS_USER_ID) | Q(id=user.id) | Q(is_superuser=True) + user_list = User.objects.exclude(query) + if filter: + user_list = user_list.filter(username__icontains=filter) + elem_list = [{'name': u.username, 'id': u.id, 'type': 'user'} for u in user_list[0:settings.MAX_USERS_SEARCH]] + return elem_list + def get_userlist_model(object, owner): if hasattr(object, 'is_public') and object.is_public: return [None, None] diff -r 7cd0ae3c4aef -r 832c5049b358 web/ldtplatform/config.py.tmpl --- a/web/ldtplatform/config.py.tmpl Tue Dec 13 10:28:42 2011 +0100 +++ b/web/ldtplatform/config.py.tmpl Tue Dec 13 14:46:29 2011 +0100 @@ -93,3 +93,4 @@ USE_GROUP_PERMISSIONS = ['Project', 'Content', 'Media'] FORBIDDEN_STREAM_URL = "empty-video" PUBLIC_GROUP_NAME = 'everyone' +MAX_USERS_SEARCH = 20 \ No newline at end of file