--- a/src/ldt/ldt/ldt_utils/forms.py Tue Dec 06 17:45:35 2011 +0100
+++ b/src/ldt/ldt/ldt_utils/forms.py Wed Dec 07 11:36:12 2011 +0100
@@ -3,49 +3,10 @@
from django.contrib.auth.models import User, Group
from django.forms.widgets import MultipleHiddenInput
from ldt.forms import widgets as ldt_widgets
+from ldt.security.forms import ShareForm
from models import Project, Content, Media
from utils import generate_uuid
-# This class should be moved somewhere else
-class LazyMultipleChoiceField(forms.MultipleChoiceField):
-
- # Should do some checking here
- def validate(self, value):
- pass
-
-class ShareForm(forms.ModelForm):
- read_list = LazyMultipleChoiceField(required=False, widget=MultipleHiddenInput())
- write_list = LazyMultipleChoiceField(required=False, widget=MultipleHiddenInput())
-
- def clean(self):
- read_list = self.data.getlist("read_list")
- write_list = self.data.getlist("write_list")
-
- elems = read_list + write_list
- users = [e.split('-')[0] for e in elems if e.split('-')[1] == 'user' ]
- groups = [e.split('-')[0] for e in elems if e.split('-')[1] == 'group' ]
-
- users = User.objects.filter(id__in=users)
- groups = Group.objects.filter(id__in=groups)
-
- def create_real_lists(list, users, groups):
- new_list = []
- for e in list:
- id, cls_name = e.split('-')
- if cls_name == 'user':
- new_list.append(users.get(id=id))
- elif cls_name == 'group':
- new_list.append(groups.get(id=id))
- return new_list
-
- new_read_list = create_real_lists(read_list, users, groups)
- new_write_list = create_real_lists(write_list, users, groups)
-
- self.cleaned_data["read_list"] = new_read_list
- self.cleaned_data["write_list"] = new_write_list
- return self.cleaned_data
-
-
class LdtImportForm(forms.Form):
importFile = forms.FileField()
videoPath = forms.CharField(required=False)
@@ -53,13 +14,12 @@
class LdtAddForm(ShareForm):
title = forms.CharField(required=True)
- #contents = forms.ModelMultipleChoiceField(Content.objects.all())
+ contents = forms.ModelMultipleChoiceField(Content.objects.all())
description = forms.CharField(widget=forms.Textarea, required=False)
- # remove contents from exclude list
class Meta:
model = Project
- exclude = ("ldt_id", "ldt", "created_by", "changed_by", "creation_date", "modification_date", "state", "owner", "contents")
+ exclude = ("ldt_id", "ldt", "created_by", "changed_by", "creation_date", "modification_date", "state", "owner")
class PermissionForm(forms.Form):
share = forms.BooleanField(required=False, widget=forms.CheckboxInput(attrs={'class':'checkbox_group'}))
@@ -67,7 +27,7 @@
group = forms.IntegerField(required=False, widget=forms.HiddenInput())
class ReindexForm(forms.Form):
- contents = forms.ModelMultipleChoiceField(Content.objects.all()) #@UndefinedVariable
+ contents = forms.ModelMultipleChoiceField(Content.objects.all())
index_projects = forms.BooleanField(required=False, initial=False)
class SearchForm(forms.ModelForm):
@@ -87,8 +47,7 @@
title = forms.CharField()
group = forms.IntegerField()
-class ContentForm(forms.ModelForm):
- #iri_id = forms.CharField(max_length=1024, widget=forms.HiddenInput, initial=generate_uuid)
+class ContentForm(ShareForm):
iriurl = forms.CharField(max_length=1024, widget=forms.HiddenInput, required=False)
content_creation_date = forms.SplitDateTimeField(widget=ldt_widgets.LdtSplitDateTime, required=False, label=_("content.content_creation_date"))
media_input_type = forms.ChoiceField(required=False, label=_("content.media_input_type"), choices=(("upload", _("file_upload")), ("url", _("url")), ("link", _("existing_media")), ("create", _("create_media")), ("none", _("none_media"))))
@@ -102,6 +61,7 @@
return data
def clean(self):
+ super(ContentForm, self).clean()
cleaned_data = self.cleaned_data
iriurl_data = cleaned_data.get('iriurl')
iri_id_data = cleaned_data['iri_id']
--- a/src/ldt/ldt/ldt_utils/views.py Tue Dec 06 17:45:35 2011 +0100
+++ b/src/ldt/ldt/ldt_utils/views.py Wed Dec 07 11:36:12 2011 +0100
@@ -6,7 +6,6 @@
from django.db.models import Q
from django.forms.models import model_to_dict
from django.forms.util import ErrorList
-from django.forms.formsets import formset_factory
from django.http import (HttpResponse, HttpResponseRedirect,
HttpResponseForbidden, HttpResponseServerError)
from ldt.indexation import get_results_with_context, highlight_documents
@@ -18,13 +17,13 @@
from django.utils.html import escape
from django.utils.translation import ugettext as _, ungettext
from forms import (LdtAddForm, SearchForm, AddProjectForm, CopyProjectForm,
- ContentForm, MediaForm, GroupAddForm, PermissionForm)
+ ContentForm, MediaForm, GroupAddForm)
from guardian.core import ObjectPermissionChecker
-from guardian.shortcuts import assign, remove_perm, get_perms, get_objects_for_group, get_objects_for_user
+from guardian.shortcuts import assign, remove_perm, get_objects_for_group
from ldt.ldt_utils.models import Content
from ldt.ldt_utils.utils import boolean_convert, LdtUtils, LdtSearch
-from ldt.security.utils import (assign_object_to_groups, set_forbidden_stream,
- add_change_attr, get_perm_form)
+from ldt.security.utils import (assign_perm_to_obj, set_forbidden_stream,
+ add_change_attr, get_allowed_elem_list)
from lxml.html import fragment_fromstring
from models import Media, Project
from projectserializer import ProjectSerializer
@@ -456,14 +455,13 @@
form_status = "none"
contents = Content.safe_objects.all()
- if form.is_valid():
+ if form.is_valid():
user = request.user
project = Project.create_project(title=form.cleaned_data['title'], user=user,
- #contents=form.cleaned_data['contents'],
- contents=[],
+ contents=form.cleaned_data['contents'],
description=form.cleaned_data['description'])
- assign_object_to_groups(project, form.cleaned_data["read_list"], form.cleaned_data["write_list"], user)
+ assign_perm_to_obj(project, form.cleaned_data["read_list"], form.cleaned_data["write_list"], user)
form_status = "saved"
is_gecko = ((request.META['HTTP_USER_AGENT'].lower().find("firefox")) > -1);
if is_gecko :
@@ -845,15 +843,14 @@
redirect_to = ''
form_status = "none"
- if request.method == "POST" :
-
+ if request.method == "POST" :
form = AddProjectForm(request.POST)
if form.is_valid():
user = request.user
project = Project.create_project(title=form.cleaned_data['title'], user=user, contents=contents, description=form.cleaned_data['description'])
form_status = "saved"
- assign_object_to_groups(project, form.cleaned_data["read_list"], form.cleaned_data["write_list"], user)
+ assign_perm_to_obj(project, form.cleaned_data["read_list"], form.cleaned_data["write_list"], user)
# Modal window is not used with firefox
is_gecko = ((request.META['HTTP_USER_AGENT'].lower().find("firefox")) > -1);
@@ -861,8 +858,6 @@
redirect_to = reverse('index_project_full', args=[project.ldt_id])
else:
return HttpResponseRedirect(reverse('index_project', args=[project.ldt_id]))
-
-
else:
form = AddProjectForm()
@@ -875,8 +870,9 @@
contents = project.contents.all()
groups = request.user.groups.exclude(name=settings.PUBLIC_GROUP_NAME)
elem_list = User.objects.all()[0:20]
- elem_list = [{'name': e.username, 'id': e.id, 'type': e.type} for e in elem_list]
-
+ elem_list = [{'name': e.username, 'id': e.id, 'type': 'user'} for e in elem_list]
+ member_list = get_allowed_elem_list(project, request.user)
+
if request.method == "POST" :
submit_action = request.REQUEST.get("submit_button", False)
if submit_action == "prepare_delete":
@@ -909,7 +905,7 @@
project.ldt = lxml.etree.tostring(ldt, pretty_print=True)
project.save()
- assign_object_to_groups(project, form.cleaned_data["read_list"], form.cleaned_data["write_list"], request.user)
+ assign_perm_to_obj(project, form.cleaned_data["read_list"], form.cleaned_data["write_list"], request.user)
form_status = "saved"
else:
form = AddProjectForm({'title':unicode(project.title), 'description':unicode(project.get_description())})
@@ -917,7 +913,8 @@
form_status = 'none'
return render_to_response('ldt/ldt_utils/create_ldt.html', {'form':form, 'form_status':form_status, 'groups': groups,
- 'elem_list': elem_list, 'ldt_id': ldt_id, 'contents':contents, 'create_project_action':reverse("ldt.ldt_utils.views.update_project", args=[ldt_id])}, context_instance=RequestContext(request))
+ 'elem_list': elem_list, 'ldt_id': ldt_id, 'contents':contents,
+ 'member_list': member_list, 'create_project_action':reverse("ldt.ldt_utils.views.update_project", args=[ldt_id])}, context_instance=RequestContext(request))
@login_required
def copy_project(request, ldt_id, group_id=None):
@@ -980,18 +977,15 @@
content_instance_val[k] = value
media_instance_val[k] = value
- permission_formset = formset_factory(PermissionForm, extra=0)
content_form = ContentForm(content_instance_val, prefix="content", instance=instance_content)
media_form = MediaForm(media_instance_val, request.FILES, prefix="media", instance=instance_media)
- group_form = permission_formset(request.POST)
-
+
media_valid = media_form.is_valid()
content_valid = content_form.is_valid()
- group_valid = group_form.is_valid()
logging.debug("write_content_base : valid form: for instance : " + repr(instance_media) + " -> media " + str(media_valid) + " content : for instance : " + repr(instance_content) + " : " + str(content_valid)) #@UndefinedVariable
- if media_valid and content_valid and group_valid:
+ if media_valid and content_valid:
# see if media must be created
cleaned_data = {}
@@ -1125,7 +1119,7 @@
assign('view_content', everyone, content)
else:
remove_perm('view_content', everyone, content)
- assign_object_to_groups(content, group_form.cleaned_data)
+ assign_perm_to_obj(content, content_form.cleaned_data["read_list"], content_form.cleaned_data["write_list"], request.user)
if not created:
for attribute in ('iriurl', 'title', 'description', 'duration', 'content_creation_date', 'tags', 'media_obj'):
setattr(content, attribute, content_defaults[attribute])
@@ -1150,11 +1144,10 @@
return content_form, media_form, form_status
@login_required
-def write_content(request, iri_id=None):
-
+def write_content(request, iri_id=None):
submit_action = request.REQUEST.get("submit_button", False)
groups = request.user.groups.exclude(name=settings.PUBLIC_GROUP_NAME)
- permission_formset = formset_factory(PermissionForm, extra=0)
+
if submit_action == "prepare_delete":
errors, titles = prepare_delete_content(request, iri_id)
@@ -1170,26 +1163,8 @@
form_status = "deleted"
content_form = ContentForm()
media_form = MediaForm()
- management_form = group_form = None
else:
content_form, media_form, form_status = write_content_base(request, iri_id)
- perm_list = []
- content = Content.safe_objects.get(iri_id=iri_id) if iri_id else None
-
- for group in groups:
- group_perms = get_perms(group, content) if content else []
- share = False
- perm = None
- if 'view_content' in group_perms:
- share = True
- perm = 'read'
- if 'change_content' in group_perms:
- perm = 'write'
-
- perm_list.append({'share': share, 'perms': perm, 'group': group.id })
- permission = permission_formset(initial=perm_list)
- management_form = permission.management_form
- group_form = zip(permission, groups)
if iri_id:
create_content_action = reverse('ldt.ldt_utils.views.write_content', kwargs={'iri_id':iri_id})
@@ -1197,13 +1172,12 @@
create_content_action = reverse('ldt.ldt_utils.views.write_content')
session_key = request.COOKIES[settings.SESSION_COOKIE_NAME]
- cookie_name = settings.SESSION_COOKIE_NAME
-
+ cookie_name = settings.SESSION_COOKIE_NAME
content_form.fields["media_obj"].queryset = Media.safe_objects.all()
return render_to_response('ldt/ldt_utils/create_content.html', {'content_form': content_form, 'media_form': media_form, 'form_status': form_status, 'create_content_action': create_content_action,
- 'management_form': management_form, 'group_form': group_form, 'iri_id': iri_id, 'session_key':session_key, 'cookie_name':cookie_name}, context_instance=RequestContext(request))
+ 'iri_id': iri_id, 'session_key':session_key, 'cookie_name':cookie_name}, context_instance=RequestContext(request))
@login_required
def prepare_delete_content(request, iri_id=None):
--- a/src/ldt/ldt/security/utils.py Tue Dec 06 17:45:35 2011 +0100
+++ b/src/ldt/ldt/security/utils.py Wed Dec 07 11:36:12 2011 +0100
@@ -103,7 +103,8 @@
return obj_list
-def assign_object_to_groups(object, read_list, write_list, owner):
+
+def assign_perm_to_obj(object, read_list, write_list, owner):
name = object.__class__.__name__.lower()
old_users = get_users_with_perms(object).exclude(id=owner.id)
@@ -124,16 +125,21 @@
remove_perms(read_list, old_users, object, name)
remove_perms(read_list, old_groups, object, name)
-
-
-def get_perm_form(groups, formset):
- perm_list = []
- for group in groups:
- perm_list.append({'share': False, 'perms': 'read', 'group': group.id })
- permission = formset(initial=perm_list)
-
- management_form = permission.management_form
- group_form = zip(permission, groups)
+
+
+def get_allowed_elem_list(object, owner):
+ users = get_users_with_perms(object).exclude(id=owner.id)
+ groups = get_groups_with_perms(object)
- return (management_form, group_form)
-
\ No newline at end of file
+ member_list = []
+ for u in users:
+ member_list.append({'name': u.username, 'id': u.id, 'type': 'user'})
+
+ for g in groups:
+ member_list.append({'name': g.name, 'id': g.id, 'type': 'group'})
+
+ return member_list
+
+
+
+