From 09b252453a8f43cbd4e343746e6b3b8e393e1e92 Mon Sep 17 00:00:00 2001
From: Roberto Rosario <Roberto.Rosario.Gonzalez@gmail.com>
Date: Mon, 2 Jan 2012 06:45:56 -0400
Subject: [PATCH] Simplify document to folder inclusion view, form and logic,
 add proper acl checking for folder document inclusion, add proper folder
 permission and acl checks to folder document inclusion form

---
 apps/folders/forms.py | 32 +++++++++++++++++++++-----------
 apps/folders/views.py | 29 +++++++++--------------------
 2 files changed, 30 insertions(+), 31 deletions(-)

diff --git a/apps/folders/forms.py b/apps/folders/forms.py
index 0c3ef6a13e..a17c3a3d27 100644
--- a/apps/folders/forms.py
+++ b/apps/folders/forms.py
@@ -1,9 +1,18 @@
 from __future__ import absolute_import
 
+import logging
+
 from django import forms
 from django.utils.translation import ugettext_lazy as _
+from django.core.exceptions import PermissionDenied
+
+from acls.models import AccessEntry
+from permissions.models import Permission
 
 from .models import Folder
+from .permissions import PERMISSION_FOLDER_VIEW
+
+logger = logging.getLogger(__name__)
 
 
 class FolderForm(forms.ModelForm):
@@ -12,17 +21,18 @@ class FolderForm(forms.ModelForm):
         fields = ('title',)
 
 
-class AddDocumentForm(forms.ModelForm):
+class FolderListForm(forms.Form):
     def __init__(self, *args, **kwargs):
         user = kwargs.pop('user', None)
-        super(AddDocumentForm, self).__init__(*args, **kwargs)
-        self.fields['existing_folder'] = forms.ModelChoiceField(
-            required=False,
-            queryset=Folder.objects.filter(user=user),
-            label=_(u'Existing folders'))
-        self.fields['title'].required = False
-        self.fields['title'].label = _(u'New folder')
+        logger.debug('user: %s' % user)
+        super(FolderListForm, self).__init__(*args, **kwargs)
 
-    class Meta:
-        model = Folder
-        fields = ('title',)
+        queryset = Folder.objects.all()
+        try:
+            Permission.objects.check_permissions(user, [PERMISSION_FOLDER_VIEW])
+        except PermissionDenied:
+            queryset = AccessEntry.objects.filter_objects_by_access(PERMISSION_FOLDER_VIEW, user, queryset)
+            
+        self.fields['folder'] = forms.ModelChoiceField(
+            queryset=queryset,
+            label=_(u'Folder'))
diff --git a/apps/folders/views.py b/apps/folders/views.py
index feef2b21f1..cf217f0485 100644
--- a/apps/folders/views.py
+++ b/apps/folders/views.py
@@ -20,7 +20,7 @@ from acls.models import AccessEntry, PermissionDenied
 from acls.views import acl_list_for, acl_new_holder_for
 
 from .models import Folder, FolderDocument
-from .forms import FolderForm, AddDocumentForm
+from .forms import FolderForm, FolderListForm
 from .permissions import (PERMISSION_FOLDER_CREATE,
     PERMISSION_FOLDER_EDIT, PERMISSION_FOLDER_DELETE,
     PERMISSION_FOLDER_REMOVE_DOCUMENT, PERMISSION_FOLDER_VIEW,
@@ -36,7 +36,8 @@ def folder_list(request, queryset=None, extra_context=None):
         'extra_columns': [
             {'name': _(u'created'), 'attribute': 'datetime_created'},
             {'name': _(u'documents'), 'attribute': encapsulate(lambda x: x.folderdocument_set.count())}
-        ]
+        ],
+        'hide_link': True,
     }
     if extra_context:
         context.update(extra_context)
@@ -176,26 +177,13 @@ def folder_add_document(request, document_id):
     except PermissionDenied:
         AccessEntry.objects.check_access(PERMISSION_FOLDER_ADD_DOCUMENT, request.user, document)
 
-    next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', '/')))#reverse('document_tags', args=[document.pk]))))
+    next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', '/')))
 
     if request.method == 'POST':
-        form = AddDocumentForm(request.POST, user=request.user)
+        form = FolderListForm(request.POST, user=request.user)
         if form.is_valid():
-            if form.cleaned_data['existing_folder']:
-                folder = form.cleaned_data['existing_folder']
-            elif form.cleaned_data['title']:
-                folder, created = Folder.objects.get_or_create(user=request.user, title=form.cleaned_data['title'])
-                if created:
-                    messages.success(request, _(u'Folder "%s" created successfully') % form.cleaned_data['title'])
-                else:
-                    messages.error(request, _(u'A folder named: %s, already exists.') % form.cleaned_data['title'])
-                    return HttpResponseRedirect(next)
-            else:
-                messages.error(request, _(u'Must specify a new folder or an existing one.'))
-                return HttpResponseRedirect(next)
-
-            folder_document, created = FolderDocument.objects.get_or_create(folder=folder, document=document)
-            if created:
+            folder = form.cleaned_data['folder']
+            if folder.add_document(document):
                 messages.success(request, _(u'Document: %(document)s added to folder: %(folder)s successfully.') % {
                     'document': document, 'folder': folder})
             else:
@@ -204,7 +192,8 @@ def folder_add_document(request, document_id):
 
             return HttpResponseRedirect(next)
     else:
-        form = AddDocumentForm(user=request.user)
+        form = FolderListForm(user=request.user)
+
 
     return render_to_response('generic_form.html', {
         'title': _(u'add document "%s" to a folder') % document,