# HG changeset patch
# User verrierj
# Date 1321353624 -3600
# Node ID b738eb0717de5aa6d0617d32abdbb41762d48954
# Parent  2c37496369dbf02971d5e253d970abe743dc0066
Improved forms about group management

diff -r 2c37496369db -r b738eb0717de src/ldt/ldt/ldt_utils/forms.py
--- a/src/ldt/ldt/ldt_utils/forms.py	Thu Nov 10 14:47:16 2011 +0100
+++ b/src/ldt/ldt/ldt_utils/forms.py	Tue Nov 15 11:40:24 2011 +0100
@@ -23,7 +23,7 @@
 
 class PermissionForm(forms.Form):
     share = forms.BooleanField(required=False, widget=forms.CheckboxInput(attrs={'class':'checkbox_group'}))
-    perms = forms.CharField(widget=forms.HiddenInput(attrs={'class':'perm_field'})) 
+    perms = forms.CharField(required=False, widget=forms.HiddenInput(attrs={'class':'perm_field'})) 
     group = forms.IntegerField(required=False, widget=forms.HiddenInput())
 
 class ReindexForm(forms.Form):
@@ -76,8 +76,7 @@
             'all' : ('admin/css/forms.css', 'admin/css/base.css', 'admin/css/widgets.css')
                }
         
-class MediaForm(forms.ModelForm):
-    
+class MediaForm(forms.ModelForm):    
     media_creation_date = forms.SplitDateTimeField(widget=ldt_widgets.LdtSplitDateTime, required=False)
     media_file = forms.FileField(required=False);
     src = forms.CharField(required=False, max_length=1024)
diff -r 2c37496369db -r b738eb0717de src/ldt/ldt/ldt_utils/middleware/security.py
--- a/src/ldt/ldt/ldt_utils/middleware/security.py	Thu Nov 10 14:47:16 2011 +0100
+++ b/src/ldt/ldt/ldt_utils/middleware/security.py	Tue Nov 15 11:40:24 2011 +0100
@@ -10,9 +10,9 @@
 
     # !! Will not work with concurrent requests
     def process_request(self, request):    
-        protect_models(request.user)        
+        protect_models(request)      
     
     def process_response(self, request, response):
-        unprotect_models() 
+        unprotect_models(request)
         
         return response
\ No newline at end of file
diff -r 2c37496369db -r b738eb0717de src/ldt/ldt/ldt_utils/templates/ldt/ldt_utils/create_group.html
--- a/src/ldt/ldt/ldt_utils/templates/ldt/ldt_utils/create_group.html	Thu Nov 10 14:47:16 2011 +0100
+++ b/src/ldt/ldt/ldt_utils/templates/ldt/ldt_utils/create_group.html	Tue Nov 15 11:40:24 2011 +0100
@@ -1,3 +1,4 @@
+
 {% extends "ldt/ldt_raw_base.html" %}
 
 {% load i18n %}
@@ -70,7 +71,7 @@
 {% block body %}
 	<div id="add_contribution" class="span-12 last">
 	<div class="projectscontentstitle span-12 last">{% if group_id %}{% trans "Update a group" %}{% else %}{% trans "Create a group" %}{% endif %}</div>
-	<form action="{% if group_id %}{% url ldt.ldt_utils.views.update_group group_id=group_id %} {% else %}{% url ldt.ldt_utils.views.create_group %}{% endif %}" method="POST" {% if target_parent %}target="_parent"{% endif %}>
+	<form action="{% if group_id %}{% url ldt.ldt_utils.views.update_group group_id %} {% else %}{% url ldt.ldt_utils.views.create_group %}{% endif %}" method="POST" {% if target_parent %}target="_parent"{% endif %}>
 	{% csrf_token %} 
 	<input type="hidden" name="form_status" value="{{form_status}}" id="project_form_status" />
 	<label for="name">{% trans "Name" %}:</label>
diff -r 2c37496369db -r b738eb0717de src/ldt/ldt/ldt_utils/templates/ldt/ldt_utils/create_ldt.html
--- a/src/ldt/ldt/ldt_utils/templates/ldt/ldt_utils/create_ldt.html	Thu Nov 10 14:47:16 2011 +0100
+++ b/src/ldt/ldt/ldt_utils/templates/ldt/ldt_utils/create_ldt.html	Tue Nov 15 11:40:24 2011 +0100
@@ -68,12 +68,20 @@
 		});		
 	}
 	
-	function check_initial_groups() {
-		$(".checkbox_group").each(function (elem) {
-			if ( $(".choice", $(this).closest('tr')).length ) {
-				$(this).prop('checked', true);				
-			}		
-		});			
+	function activate_initial_permissions() {		
+		$("#grouplist tr").each(function (e) {
+			if ($("input[type=checkbox]", $(this)).is(":checked")) {
+				var perm = $(".perm_field", $(this)).val();
+				if (perm) {
+					$(".perm_read, .perm_write", $(this)).addClass("permission");
+				}				
+				if (perm == 'read') {
+					$(".perm_read", $(this)).addClass("choice");
+				} else if (perm == 'write') {
+					$(".perm_write", $(this)).addClass("choice");
+				} 				
+			}
+		});
 	}
 	
 	$(document).ready(function() {	
@@ -83,11 +91,7 @@
 			parent.$.nmTop().close();
 		});
 		
-		check_uncheck_all("content");
-		check_uncheck_all("group");
-		check_initial_groups();		
-
-        $(".permission").bind("click", function () {
+		$(".permission").live("click", function () {
             var group_name = $(this).attr('value');
         	var group_id = group_name.split('_').pop();
             
@@ -113,7 +117,11 @@
                 $(".perm_read", line).addClass('choice');
                 $(".perm_read, .perm_write", line).addClass('permission');
             }
-        });
+        });        
+
+		check_uncheck_all("content");
+		check_uncheck_all("group");
+		activate_initial_permissions();	
 				
 	});
 	</script>
@@ -147,6 +155,7 @@
 	<input type="hidden" name="form_status" value="{{form_status}}" id="project_form_status" />
 	<label for="title">{% trans "Title" %}:</label>
 	{{form.title}}
+	{{ form.title.errors }}
 	<label for="description" class="projectdesc">{% trans "Description :" %}</label>
 	{{form.description}}
 	
@@ -181,8 +190,6 @@
 		</div>
 	</div>	
      
-     {{ form.errors }}
-     {{group_form.errors}}
    <div id="righttable" class="span-11">
 	    <label>{% trans "group list"%}</label>
 	
@@ -201,15 +208,15 @@
                         <td class="projectcontentsheadertitle permcol" >{% trans "Permissions" %}</td>
                     </tr>
                 
-                    <tbody class="projectscontentsbody">
+                    <tbody class="projectscontentsbody" id="grouplist">
                 
 				    {% for form, group in group_form %}			    			    
 				    <tr class="imageline projectscontentsoddline">
 				    	<td class="cellcheckbox">{{ form.share }}</td>
 				    	<td class="projecttitle">{{ group.name }}</td>
 				    	<td>
-				    	<a value="group_{{group.id}}" class="perm_read permission {% if group.member and not group.change%}choice{% endif %}" title="{% trans "This group can read the project" %}">{% trans "perm.read" %}</a>
-				        <a value="group_{{group.id}}" class="perm_write permission {% if group.member and group.change %}choice{% endif %}" title="{% trans "This group can change the project" %}">{% trans "perm.write" %}</a>
+				    	<a value="group_{{group.id}}" class="perm_read" title="{% trans "This group can read the project" %}">{% trans "perm.read" %}</a>
+				        <a value="group_{{group.id}}" class="perm_write" title="{% trans "This group can change the project" %}">{% trans "perm.write" %}</a>
 				       	</td>
 				       	{{ form.perms }}
 				       	{{ form.group }}
diff -r 2c37496369db -r b738eb0717de src/ldt/ldt/ldt_utils/templates/ldt/ldt_utils/groups.html
--- a/src/ldt/ldt/ldt_utils/templates/ldt/ldt_utils/groups.html	Thu Nov 10 14:47:16 2011 +0100
+++ b/src/ldt/ldt/ldt_utils/templates/ldt/ldt_utils/groups.html	Tue Nov 15 11:40:24 2011 +0100
@@ -1,6 +1,5 @@
 {% extends "ldt/ldt_utils/workspace.html" %}
 {% load i18n %}
-{% load guardian_tags %}
 
 {% block js_declaration %}
 {{block.super}}
@@ -71,15 +70,14 @@
 		<input type='hidden' name='id_group' id='id_group' value='' />
 		<table class="projectscontentstable">
 	    <tbody class="projectscontentsbody">
-		{% for group in groups.all %}
+		{% for group in groups %}
 			<tr class="imageline {% cycle 'projectscontentsoddline' 'projectscontentsevenline'%} update_group_projects" id="{{ group.id }}">
-			{% get_obj_perms request.user for group as "group_perms" %}
-			
-			{% if "change_group" in group_perms %}
-			    <td class="cellimg"><a class="grouplink create_group" title="{% trans "Change this group"%}" href="{% url ldt.ldt_utils.views.update_group group_id=group.id%}">c</a></td>
+				
+			{% if group.can_change %}
+			   <td class="cellimg"><a class="grouplink create_group" title="{% trans "Change this group"%}" href="{% url ldt.ldt_utils.views.update_group group.id %}">c</a></td>
 			   <td><b>{{ group.name }}</b></td>
 			{% else %}
-			    <td class="cellimg"><a class="grouplink" title="{% trans "Leave this group" %}" href="{% url ldt.ldt_utils.views.leave_group group.id%}">l</a></td>
+			    <td class="cellimg"><a class="grouplink" title="{% trans "Leave this group" %}" href="{% url ldt.ldt_utils.views.leave_group group.id %}">l</a></td>
 			    <td>{{ group.name }}</td>
 			{% endif %}
 			<td class="align_right"><img src="{{LDT_MEDIA_PREFIX}}/img/control_play.png" class="next_icon"/></td>
diff -r 2c37496369db -r b738eb0717de src/ldt/ldt/ldt_utils/views.py
--- a/src/ldt/ldt/ldt_utils/views.py	Thu Nov 10 14:47:16 2011 +0100
+++ b/src/ldt/ldt/ldt_utils/views.py	Tue Nov 15 11:40:24 2011 +0100
@@ -20,6 +20,7 @@
 from forms import (LdtAddForm, SearchForm, AddProjectForm, CopyProjectForm,
     ContentForm, MediaForm, GroupAddForm, PermissionForm)
 from guardian.shortcuts import assign, remove_perm, get_perms, get_objects_for_group
+from guardian.core import ObjectPermissionChecker
 from ldt.ldt_utils.models import Content
 from ldt.ldt_utils.utils import boolean_convert, LdtUtils, LdtSearch
 from ldt.ldt_utils.security import assign_project_to_groups
@@ -60,12 +61,17 @@
                                'is_gecko': is_gecko},
                               context_instance=RequestContext(request))
 
-
 @login_required
 def groups(request):
 
     # get list of all published projects
     group_list = request.user.groups #@UndefinedVariable
+    checker = ObjectPermissionChecker(request.user)
+    
+    group_list = list(group_list.all())
+    for group in group_list:
+        if checker.has_perm('change_group', group):
+            group.can_change = True
 
     is_gecko = ((request.META['HTTP_USER_AGENT'].lower().find("firefox")) > -1);
     
@@ -789,15 +795,10 @@
     permission_formset = formset_factory(PermissionForm, extra=0)
     project = get_object_or_404(Project, ldt_id=ldt_id)
     contents = project.contents.all()
-    groups = request.user.groups.all()    
+    groups = request.user.groups.all()
     
-    for g in groups:
-        list_perms = get_perms(g, project)
-        if 'view_project' in list_perms:
-            g.member = True
-        if 'change_project' in list_perms:
-            g.change = True
-    
+    management_form = None    
+        
     if request.method == "POST" :
         submit_action = request.REQUEST.get("submit_button", False)
         if submit_action == "prepare_delete":
@@ -817,11 +818,12 @@
             form = AddProjectForm()
             group_form = permission_formset()
         else:
-            form_status = 'saved'
+            form_status = 'saved' 
             form = AddProjectForm(request.POST)
             group_form = permission_formset(request.POST)
             
             if form.is_valid() and group_form.is_valid():
+                
                 if project.title != form.cleaned_data['title'] or project.description != form.cleaned_data['description']:
                     project.title = form.cleaned_data['title']
                     project.description = form.cleaned_data['description']
@@ -830,7 +832,7 @@
                     res[0].set("title", project.title)
                     res[0].set("abstract", project.description)
                     project.ldt = lxml.etree.tostring(ldt, pretty_print=True)
-                    project.save()
+                    project.save()                    
                     
                 assign_project_to_groups(project, group_form.cleaned_data)
     else:
@@ -838,18 +840,22 @@
         
         perm_list = [] 
         for group in groups:
-            perm_list.append({'share': False, 'perms': 'read', 'group': group.id })
+            group_perms = get_perms(group, project)
+            share = False
+            perm = None
+            if 'view_project' in group_perms:
+                share = True
+                perm = 'read'
+            if 'change_project' in group_perms:
+                perm = 'write'
+                
+            perm_list.append({'share': share, 'perms': perm, 'group': group.id })
         permission = permission_formset(initial=perm_list)    
         management_form = permission.management_form
+        group_form = zip(permission, groups)
 
         form_status = 'none'
-  
-    if form_status == 'none':
-        group_form = zip(permission, groups)
-    else:
-        management_form = None
-    
-        
+       
     return render_to_response('ldt/ldt_utils/create_ldt.html', {'form':form, 'form_status':form_status, 'groups': groups,
                               'ldt_id': ldt_id, 'contents':contents, 'group_form': group_form, 'management_form': management_form, 
                               'create_project_action':reverse("ldt.ldt_utils.views.update_project", args=[ldt_id])}, context_instance=RequestContext(request))
@@ -1259,23 +1265,23 @@
                 admin_list = form.cleaned_data['admin_list']
                 group.name = name
                 
-                for user in User.objects.all():
+                for user in User.objects.all().exclude(username=request.user.username):
                     if user in members_list:                        
                         group.user_set.add(user)
                         if user in admin_list:
-                            assign('change_group', request.user, group)
+                            assign('change_group', user, group)
                         else:
-                            remove_perm('change_group', request.user, group)
+                            remove_perm('change_group', user, group)
                     else:
                         group.user_set.remove(user)
-                group.user_set.add(user)
+                        remove_perm('change_group', user, group)
+                        
                 group.save()
                 form_status = 'saved'       
                     
     else:
         form = GroupAddForm(initial={'name':unicode(group.name), 'members_list':members_list})    
     
-    
     return render_to_response("ldt/ldt_utils/create_group.html", {'group_id' : group_id, 'form' : form, 'form_status' : form_status, 'user_list' : user_list}, context_instance=RequestContext(request))
 
 @login_required