update email subject (key for stage 2)
[edumed.git] / contact / views.py
index 243b8fc..84578dc 100644 (file)
@@ -1,42 +1,52 @@
 # -*- coding: utf-8 -*-
 from urllib import unquote
 
+from datetime import datetime
 from django.contrib.auth.decorators import permission_required
 from django.http import Http404
 from django.shortcuts import get_object_or_404, redirect, render
+from django.utils import timezone
+from django.views.decorators.cache import never_cache
 from fnpdjango.utils.views import serve_file
+from honeypot.decorators import check_honeypot
+
+from edumed.utils import localtime_to_utc
 from .forms import contact_forms
 from .models import Attachment
 
 
+@check_honeypot
+@never_cache
 def form(request, form_tag, force_enabled=False):
     try:
         form_class = contact_forms[form_tag]
     except KeyError:
         raise Http404
-    if (getattr(form_class, 'disabled', False) and
-            not (force_enabled and request.user.is_superuser)):
-        template = getattr(form_class, 'disabled_template', None)
-        if template:
-            return render(request, template)
-        raise Http404
+    if not (force_enabled and request.user.is_superuser):
+        disabled = getattr(form_class, 'disabled', False)
+        end_tuple = getattr(form_class, 'ends_on')
+        end_time = localtime_to_utc(datetime(*end_tuple)) if end_tuple else None
+        expired = end_time and end_time < timezone.now()
+        if disabled or expired:
+            template = getattr(form_class, 'disabled_template', None)
+            if template:
+                return render(request, template, {'title': form_class.form_title})
+            raise Http404
     if request.method == 'POST':
         form = form_class(request.POST, request.FILES)
-        formsets = []
-        valid = form.is_valid()
-        for formset in getattr(form, 'form_formsets', ()):
-            fset = formset(request.POST, request.FILES)
-            if not fset.is_valid():
-                valid = False
-            formsets.append(fset)
-        if valid:
-            form.save(request, formsets)
-            return redirect('contact_thanks', form_tag)
     else:
         form = form_class(initial=request.GET)
-        formsets = []
-        for formset in getattr(form, 'form_formsets', ()):
-            formsets.append(formset())
+    formset_classes = getattr(form, 'form_formsets', {})
+    if request.method == 'POST':
+        formsets = {
+            prefix: formset_class(request.POST, request.FILES, prefix=prefix)
+            for prefix, formset_class in formset_classes.iteritems()}
+        if form.is_valid() and all(formset.is_valid() for formset in formsets.itervalues()):
+            form.save(request, formsets.values())
+            return redirect('contact_thanks', form_tag)
+    else:
+        formsets = {prefix: formset_class(prefix=prefix) for prefix, formset_class in formset_classes.iteritems()}
+
     return render(
         request, ['contact/%s/form.html' % form_tag, 'contact/form.html'],
         {'form': form, 'formsets': formsets}
@@ -57,5 +67,5 @@ def thanks(request, form_tag):
 @permission_required('contact.change_attachment')
 def attachment(request, contact_id, tag):
     attachment = get_object_or_404(Attachment, contact_id=contact_id, tag=tag)
-    attachment_url = unquote(attachment.file.url).decode('utf-8')
+    attachment_url = unquote(attachment.file.url)
     return serve_file(attachment_url)