matthias/mayan-edms
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Files
c6ec9fbc33c89e43b260a07ca0a33e26745722c0
mayan-edms/mayan/apps/folders/views.py
Roberto Rosario c6ec9fbc33 Rebalance permissions.
2015-07-01 20:58:16 -04:00

292 lines
11 KiB
Python
Raw Blame History

from __future__ import absolute_import, unicode_literals
import logging
from django.conf import settings
from django.contrib import messages
from django.core.exceptions import PermissionDenied
from django.core.urlresolvers import reverse
from django.http import HttpResponseRedirect
from django.shortcuts import get_object_or_404, render_to_response
from django.template import RequestContext
from django.utils.translation import ugettext_lazy as _, ungettext
from acls.models import AccessControlList
from common.views import SingleObjectListView
from documents.permissions import permission_document_view
from documents.models import Document
from documents.views import DocumentListView
from permissions import Permission
from .forms import FolderForm, FolderListForm
from .models import Folder
from .permissions import (
permission_folder_add_document, permission_folder_create,
permission_folder_delete, permission_folder_edit, permission_folder_view,
permission_folder_remove_document
)
logger = logging.getLogger(__name__)
class FolderListView(SingleObjectListView):
object_permission = permission_folder_view
def get_queryset(self):
self.queryset = self.get_folder_queryset()
return super(FolderListView, self).get_queryset()
def get_folder_queryset(self):
return Folder.objects.all()
def get_extra_context(self):
return {
'title': _('Folders'),
'hide_link': True,
}
def folder_create(request):
Permission.check_permissions(request.user, [permission_folder_create])
if request.method == 'POST':
form = FolderForm(request.POST)
if form.is_valid():
folder, created = Folder.objects.get_or_create(user=request.user, title=form.cleaned_data['title'])
if created:
messages.success(request, _('Folder created successfully'))
return HttpResponseRedirect(reverse('folders:folder_list'))
else:
messages.error(request, _('A folder named: %s, already exists.') % form.cleaned_data['title'])
else:
form = FolderForm()
return render_to_response('appearance/generic_form.html', {
'title': _('Create folder'),
'form': form,
}, context_instance=RequestContext(request))
def folder_edit(request, folder_id):
folder = get_object_or_404(Folder, pk=folder_id)
try:
Permission.check_permissions(request.user, [permission_folder_edit])
except PermissionDenied:
AccessControlList.objects.check_access(permission_folder_edit, request.user, folder)
if request.method == 'POST':
form = FolderForm(data=request.POST, instance=folder)
if form.is_valid():
try:
form.save()
messages.success(request, _('Folder edited successfully'))
return HttpResponseRedirect(reverse('folders:folder_list'))
except Exception as exception:
messages.error(request, _('Error editing folder; %s') % exception)
else:
form = FolderForm(instance=folder)
return render_to_response('appearance/generic_form.html', {
'title': _('Edit folder: %s') % folder,
'form': form,
'object': folder,
}, context_instance=RequestContext(request))
def folder_delete(request, folder_id):
folder = get_object_or_404(Folder, pk=folder_id)
try:
Permission.check_permissions(request.user, [permission_folder_delete])
except PermissionDenied:
AccessControlList.objects.check_access(permission_folder_delete, request.user, folder)
post_action_redirect = reverse('folders:folder_list')
previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
next = request.POST.get('next', request.GET.get('next', post_action_redirect if post_action_redirect else request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
if request.method == 'POST':
try:
folder.delete()
messages.success(request, _('Folder: %s deleted successfully.') % folder)
except Exception as exception:
messages.error(request, _('Folder: %(folder)s delete error: %(error)s') % {
'folder': folder, 'error': exception})
return HttpResponseRedirect(next)
context = {
'delete_view': True,
'previous': previous,
'next': next,
'object': folder,
'title': _('Are you sure you with to delete the folder: %s?') % folder,
}
return render_to_response('appearance/generic_confirm.html', context,
context_instance=RequestContext(request))
class FolderDetailView(DocumentListView):
def get_folder(self):
folder = get_object_or_404(Folder, pk=self.kwargs['pk'])
try:
Permission.check_permissions(self.request.user, [permission_folder_view])
except PermissionDenied:
AccessControlList.objects.check_access(permission_folder_view, self.request.user, folder)
return folder
def get_document_queryset(self):
return self.get_folder().documents.all()
def get_extra_context(self):
return {
'title': _('Documents in folder: %s') % self.get_folder(),
'hide_links': True,
'object': self.get_folder(),
}
def folder_add_document(request, document_id=None, document_id_list=None):
if document_id:
documents = [get_object_or_404(Document, pk=document_id)]
elif document_id_list:
documents = [get_object_or_404(Document, pk=document_id) for document_id in document_id_list.split(',')]
else:
messages.error(request, _('Must provide at least one document.'))
return HttpResponseRedirect(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))
try:
Permission.check_permissions(request.user, [permission_folder_add_document])
except PermissionDenied:
documents = AccessControlList.objects.filter_by_access(permission_folder_add_document, request.user, documents)
post_action_redirect = None
previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
next = request.POST.get('next', request.GET.get('next', post_action_redirect if post_action_redirect else request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
if request.method == 'POST':
form = FolderListForm(request.POST, user=request.user)
if form.is_valid():
folder = form.cleaned_data['folder']
for document in documents:
if document.pk not in folder.documents.values_list('pk', flat=True):
folder.documents.add(document)
messages.success(request, _('Document: %(document)s added to folder: %(folder)s successfully.') % {
'document': document, 'folder': folder})
else:
messages.warning(request, _('Document: %(document)s is already in folder: %(folder)s.') % {
'document': document, 'folder': folder})
return HttpResponseRedirect(next)
else:
form = FolderListForm(user=request.user)
context = {
'form': form,
'previous': previous,
'next': next,
}
if len(documents) == 1:
context['object'] = documents[0]
context['title'] = ungettext(
'Add document to folder',
'Add documents to folder',
len(documents)
)
return render_to_response('appearance/generic_form.html', context,
context_instance=RequestContext(request))
class DocumentFolderListView(FolderListView):
def dispatch(self, request, *args, **kwargs):
self.document = get_object_or_404(Document, pk=self.kwargs['pk'])
try:
Permission.check_permissions(request.user, [permission_document_view])
except PermissionDenied:
AccessControlList.objects.check_access(permission_document_view, request.user, self.document)
return super(DocumentFolderListView, self).dispatch(request, *args, **kwargs)
def get_folder_queryset(self):
return self.document.folders.all()
def get_extra_context(self):
return {
'hide_link': True,
'object': self.document,
'title': _('Folders containing document: %s') % self.document,
}
def folder_document_remove(request, folder_id, document_id=None, document_id_list=None):
post_action_redirect = None
folder = get_object_or_404(Folder, pk=folder_id)
if document_id:
folder_documents = [get_object_or_404(Document, pk=document_id)]
elif document_id_list:
folder_documents = [get_object_or_404(Document, pk=document_id) for document_id in document_id_list.split(',')]
else:
messages.error(request, _('Must provide at least one folder document.'))
return HttpResponseRedirect(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))
logger.debug('folder_documents (pre permission check): %s', folder_documents)
try:
Permission.check_permissions(request.user, [permission_folder_remove_document])
except PermissionDenied:
folder_documents = AccessControlList.objects.filter_by_access(permission_folder_remove_document, request.user, folder_documents, exception_on_empty=True)
logger.debug('folder_documents (post permission check): %s', folder_documents)
previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
next = request.POST.get('next', request.GET.get('next', post_action_redirect if post_action_redirect else request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
if request.method == 'POST':
for folder_document in folder_documents:
try:
folder.documents.remove(folder_document)
messages.success(request, _('Document: %s removed successfully.') % folder_document)
except Exception as exception:
messages.error(request, _('Document: %(document)s delete error: %(error)s') % {
'document': folder_document, 'error': exception})
return HttpResponseRedirect(next)
context = {
'next': next,
'object': folder,
'previous': previous,
'title': ungettext(
'Are you sure you wish to remove the selected document from the folder: %(folder)s?',
'Are you sure you wish to remove the selected documents from the folder: %(folder)s?',
len(folder_documents)
) % {'folder': folder}
}
if len(folder_documents) == 1:
context['object'] = folder_documents[0]
return render_to_response('appearance/generic_confirm.html', context,
context_instance=RequestContext(request))
def folder_document_multiple_remove(request, folder_id):
return folder_document_remove(request, folder_id, document_id_list=request.GET.get('id_list', []))
def folder_add_multiple_documents(request):
return folder_add_document(
request, document_id_list=request.GET.get('id_list', [])
)
Reference in New Issue View Git Blame Copy Permalink