import logging
import os
from StringIO import StringIO
+from urllib import unquote
+from urlparse import urlsplit, urlunsplit
from django.contrib import auth
from django.contrib.auth.models import User
-from django.contrib.auth.decorators import login_required
+from django.contrib.auth.decorators import login_required, permission_required
from django.core.urlresolvers import reverse
-from django.db.models import Count
+from django.db.models import Count, Q
from django import http
-from django.http import Http404
-from django.shortcuts import get_object_or_404
+from django.http import Http404, HttpResponseForbidden
+from django.shortcuts import get_object_or_404, render
+from django.utils.encoding import iri_to_uri
from django.utils.http import urlquote_plus
from django.utils.translation import ugettext_lazy as _
from django.views.decorators.http import require_POST
import librarian.html
import librarian.text
-from apiclient import api_call
+from apiclient import NotAuthorizedError
from catalogue import forms
from catalogue import helpers
from catalogue.helpers import active_tab
-from catalogue.models import Book, Chunk
-from catalogue import xml_tools
+from catalogue.models import Book, Chunk, BookPublishRecord, ChunkPublishRecord
+from catalogue.tasks import publishable_error
#
# Quick hack around caching problems, TODO: use ETags
@active_tab('all')
@never_cache
def document_list(request):
- chunks_list = helpers.ChunksList(Chunk.objects.order_by(
- 'book__title', 'book', 'number'))
-
- return direct_to_template(request, 'catalogue/document_list.html', extra_context={
- 'books': chunks_list,
- #'books': [helpers.BookChunks(b) for b in Book.objects.all().select_related()],
- 'last_books': sorted(request.session.get("wiki_last_books", {}).items(),
- key=lambda x: x[1]['time'], reverse=True),
- })
+ return render(request, 'catalogue/document_list.html')
-@active_tab('unassigned')
@never_cache
-def unassigned(request):
- chunks_list = helpers.ChunksList(Chunk.objects.filter(
- user=None).order_by('book__title', 'book__id', 'number'))
-
- return direct_to_template(request, 'catalogue/document_list.html', extra_context={
- 'books': chunks_list,
- 'last_books': sorted(request.session.get("wiki_last_books", {}).items(),
- key=lambda x: x[1]['time'], reverse=True),
- })
+def user(request, username):
+ user = get_object_or_404(User, username=username)
+ return render(request, 'catalogue/user_page.html', {"viewed_user": user})
+@login_required
+@active_tab('my')
@never_cache
-def user(request, username=None):
- if username is None:
- if request.user.is_authenticated():
- user = request.user
- else:
- raise Http404
- else:
- user = get_object_or_404(User, username=username)
-
- chunks_list = helpers.ChunksList(Chunk.objects.filter(
- user=user).order_by('book__title', 'book', 'number'))
-
- return direct_to_template(request, 'catalogue/document_list.html', extra_context={
- 'books': chunks_list,
+def my(request):
+ return render(request, 'catalogue/my_page.html', {
'last_books': sorted(request.session.get("wiki_last_books", {}).items(),
key=lambda x: x[1]['time'], reverse=True),
- })
-my = login_required(active_tab('my')(user))
+
+ "logout_to": '/',
+ })
@active_tab('users')
})
+@active_tab('activity')
+def activity(request):
+ return render(request, 'catalogue/activity.html')
+
+
@never_cache
def logout_then_redirect(request):
auth.logout(request)
return http.HttpResponseRedirect(urlquote_plus(request.GET.get('next', '/'), safe='/?='))
+@permission_required('catalogue.add_book')
@active_tab('create')
def create_missing(request, slug=None):
if slug is None:
creator = request.user
else:
creator = None
- book = Book.create(creator=creator,
+ book = Book.create(
+ text=form.cleaned_data['text'],
+ creator=creator,
slug=form.cleaned_data['slug'],
title=form.cleaned_data['title'],
- text=form.cleaned_data['text'],
+ gallery=form.cleaned_data['gallery'],
)
- return http.HttpResponseRedirect(reverse("wiki_editor", args=[book.slug]))
+ return http.HttpResponseRedirect(reverse("catalogue_book", args=[book.slug]))
else:
form = forms.DocumentCreateForm(initial={
"slug": slug,
"title": slug.replace('-', ' ').title(),
+ "gallery": slug,
})
return direct_to_template(request, "catalogue/document_create_missing.html", extra_context={
"slug": slug,
"form": form,
+
+ "logout_to": '/',
})
+@permission_required('catalogue.add_book')
@active_tab('upload')
def upload(request):
if request.method == "POST":
if not error_list:
for filename, slug, title in ok_list:
- Book.create(creator=creator,
+ book = Book.create(
+ text=zip.read(filename).decode('utf-8'),
+ creator=creator,
slug=slug,
title=title,
- text=zip.read(filename).decode('utf-8'),
)
return direct_to_template(request, "catalogue/document_upload.html", extra_context={
"ok_list": ok_list,
"skipped_list": skipped_list,
"error_list": error_list,
+
+ "logout_to": '/',
})
else:
form = forms.DocumentsUploadForm()
return direct_to_template(request, "catalogue/document_upload.html", extra_context={
"form": form,
+
+ "logout_to": '/',
})
@never_cache
def book_xml(request, slug):
- xml = get_object_or_404(Book, slug=slug).materialize()
+ book = get_object_or_404(Book, slug=slug)
+ if not book.accessible(request):
+ return HttpResponseForbidden("Not authorized.")
+ xml = book.materialize()
response = http.HttpResponse(xml, content_type='application/xml', mimetype='application/wl+xml')
response['Content-Disposition'] = 'attachment; filename=%s.xml' % slug
@never_cache
def book_txt(request, slug):
- xml = get_object_or_404(Book, slug=slug).materialize()
+ book = get_object_or_404(Book, slug=slug)
+ if not book.accessible(request):
+ return HttpResponseForbidden("Not authorized.")
+ xml = book.materialize()
output = StringIO()
# errors?
librarian.text.transform(StringIO(xml), output)
@never_cache
def book_html(request, slug):
- xml = get_object_or_404(Book, slug=slug).materialize()
+ book = get_object_or_404(Book, slug=slug)
+ if not book.accessible(request):
+ return HttpResponseForbidden("Not authorized.")
+ xml = book.materialize()
output = StringIO()
# errors?
librarian.html.transform(StringIO(xml), output, parse_dublincore=False,
response = http.HttpResponse(html, content_type='text/html', mimetype='text/html')
return response
-
@never_cache
def revision(request, slug, chunk=None):
try:
doc = Chunk.get(slug, chunk)
except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist):
raise Http404
+ if not doc.book.accessible(request):
+ return HttpResponseForbidden("Not authorized.")
return http.HttpResponse(str(doc.revision()))
def book(request, slug):
book = get_object_or_404(Book, slug=slug)
-
- # TODO: most of this should go somewhere else
-
- # do we need some automation?
- first_master = None
- chunks = []
- need_fixing = False
- choose_master = False
-
- length = book.chunk_set.count()
- for i, chunk in enumerate(book):
- chunk_dict = {
- "chunk": chunk,
- "fix": [],
- "grade": ""
- }
- graded = xml_tools.GradedText(chunk.materialize())
- if graded.is_wl():
- master = graded.master()
- if first_master is None:
- first_master = master
- elif master != first_master:
- chunk_dict['fix'].append('bad-master')
-
- if i > 0 and not graded.has_trim_begin():
- chunk_dict['fix'].append('trim-begin')
- if i < length - 1 and not graded.has_trim_end():
- chunk_dict['fix'].append('trim-end')
-
- if chunk_dict['fix']:
- chunk_dict['grade'] = 'wl-fix'
- else:
- chunk_dict['grade'] = 'wl'
-
- elif graded.is_broken_wl():
- chunk_dict['grade'] = 'wl-broken'
- elif graded.is_xml():
- chunk_dict['grade'] = 'xml'
+ if not book.accessible(request):
+ return HttpResponseForbidden("Not authorized.")
+
+ if request.user.has_perm('catalogue.change_book'):
+ if request.method == "POST":
+ form = forms.BookForm(request.POST, instance=book)
+ if form.is_valid():
+ form.save()
+ return http.HttpResponseRedirect(book.get_absolute_url())
else:
- chunk_dict['grade'] = 'plain'
- chunk_dict['fix'].append('wl')
- choose_master = True
-
- if chunk_dict['fix']:
- need_fixing = True
- chunks.append(chunk_dict)
-
- if first_master or not need_fixing:
- choose_master = False
-
- if request.method == "POST":
- form = forms.ChooseMasterForm(request.POST)
- if not choose_master or form.is_valid():
- if choose_master:
- first_master = form.cleaned_data['master']
-
- # do the actual fixing
- for c in chunks:
- if not c['fix']:
- continue
-
- text = c['chunk'].materialize()
- for fix in c['fix']:
- if fix == 'bad-master':
- text = xml_tools.change_master(text, first_master)
- elif fix == 'trim-begin':
- text = xml_tools.add_trim_begin(text)
- elif fix == 'trim-end':
- text = xml_tools.add_trim_end(text)
- elif fix == 'wl':
- text = xml_tools.basic_structure(text, first_master)
- author = request.user if request.user.is_authenticated() else None
- description = "auto-fix: " + ", ".join(c['fix'])
- c['chunk'].commit(text=text, author=author,
- description=description)
-
- return http.HttpResponseRedirect(book.get_absolute_url())
- elif choose_master:
- form = forms.ChooseMasterForm()
+ form = forms.BookForm(instance=book)
+ editable = True
else:
- form = None
+ form = forms.ReadonlyBookForm(instance=book)
+ editable = False
+
+ publish_error = publishable_error(book)
+ publishable = publish_error is None
return direct_to_template(request, "catalogue/book_detail.html", extra_context={
"book": book,
- "chunks": chunks,
- "need_fixing": need_fixing,
- "choose_master": choose_master,
- "first_master": first_master,
+ "publishable": publishable,
+ "publishable_error": publish_error,
"form": form,
+ "editable": editable,
})
+@permission_required('catalogue.add_chunk')
def chunk_add(request, slug, chunk):
try:
doc = Chunk.get(slug, chunk)
except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist):
raise Http404
+ if not doc.book.accessible(request):
+ return HttpResponseForbidden("Not authorized.")
if request.method == "POST":
form = forms.ChunkAddForm(request.POST, instance=doc)
creator = None
doc.split(creator=creator,
slug=form.cleaned_data['slug'],
- comment=form.cleaned_data['comment'],
+ title=form.cleaned_data['title'],
)
return http.HttpResponseRedirect(doc.book.get_absolute_url())
else:
form = forms.ChunkAddForm(initial={
"slug": str(doc.number + 1),
- "comment": "cz. %d" % (doc.number + 1, ),
+ "title": "cz. %d" % (doc.number + 1, ),
})
return direct_to_template(request, "catalogue/chunk_add.html", extra_context={
doc = Chunk.get(slug, chunk)
except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist):
raise Http404
+ if not doc.book.accessible(request):
+ return HttpResponseForbidden("Not authorized.")
+
if request.method == "POST":
form = forms.ChunkForm(request.POST, instance=doc)
if form.is_valid():
form.save()
- return http.HttpResponseRedirect(doc.book.get_absolute_url())
+ go_next = request.GET.get('next', None)
+ if go_next:
+ go_next = urlquote_plus(unquote(iri_to_uri(go_next)), safe='/?=&')
+ else:
+ go_next = doc.book.get_absolute_url()
+ return http.HttpResponseRedirect(go_next)
else:
form = forms.ChunkForm(instance=doc)
+
+ parts = urlsplit(request.META['HTTP_REFERER'])
+ parts = ['', ''] + list(parts[2:])
+ go_next = urlquote_plus(urlunsplit(parts))
+
return direct_to_template(request, "catalogue/chunk_edit.html", extra_context={
"chunk": doc,
"form": form,
+ "go_next": go_next,
})
+@permission_required('catalogue.change_book')
def book_append(request, slug):
book = get_object_or_404(Book, slug=slug)
+ if not book.accessible(request):
+ return HttpResponseForbidden("Not authorized.")
+
if request.method == "POST":
- form = forms.BookAppendForm(request.POST)
+ form = forms.BookAppendForm(book, request.POST)
if form.is_valid():
append_to = form.cleaned_data['append_to']
append_to.append(book)
return http.HttpResponseRedirect(append_to.get_absolute_url())
else:
- form = forms.BookAppendForm()
+ form = forms.BookAppendForm(book)
return direct_to_template(request, "catalogue/book_append_to.html", extra_context={
"book": book,
"form": form,
- })
-
-def book_edit(request, slug):
- book = get_object_or_404(Book, slug=slug)
- if request.method == "POST":
- form = forms.BookForm(request.POST, instance=book)
- if form.is_valid():
- form.save()
- return http.HttpResponseRedirect(book.get_absolute_url())
- else:
- form = forms.BookForm(instance=book)
- return direct_to_template(request, "catalogue/book_edit.html", extra_context={
- "book": book,
- "form": form,
+ "logout_to": '/',
})
@login_required
def publish(request, slug):
book = get_object_or_404(Book, slug=slug)
+ if not book.accessible(request):
+ return HttpResponseForbidden("Not authorized.")
+
try:
- ret = api_call(request.user, "books", {"book_xml": book.materialize()})
+ book.publish(request.user)
+ except NotAuthorizedError:
+ return http.HttpResponseRedirect(reverse('apiclient_oauth'))
except BaseException, e:
return http.HttpResponse(e)
else:
- book.last_published = datetime.now()
- book.save()
return http.HttpResponseRedirect(book.get_absolute_url())
fnp / redakcja.git / blobdiff