import shutil
import subprocess
from tempfile import NamedTemporaryFile
+from xml.sax.saxutils import escape as escape_xml
from django.conf import settings
from django.contrib import auth
from django.utils.encoding import force_str
from django.utils.http import urlquote_plus
from django.views.decorators.http import require_POST
+from unidecode import unidecode
from catalogue import forms
+from catalogue.filters import DocumentFilterSet
from catalogue.forms import TagMultipleForm, TagSingleForm
from catalogue.helpers import active_tab
from catalogue.models import Category
from librarian import BuildError
+from librarian.utils import Context
+from librarian.document import Document as SST
+from librarian.formats.html import HtmlFormat
+from librarian.formats.pdf import PdfFormat
+from librarian.formats.epub import EpubFormat
from redakcja.utlis import send_notify_email
from .constants import STAGES
from .models import Document, Plan
def create_missing(request):
if request.method == "POST":
form = forms.DocumentCreateForm(request.POST, request.FILES)
- # tag_forms = [
- # (TagMultipleForm if category.multiple else TagSingleForm)(
- # category=category, data=request.POST, prefix=category.dc_tag)
- # for category in Category.objects.all()]
- if form.is_valid(): # and all(tag_form.is_valid() for tag_form in tag_forms):
+ tag_forms = [
+ (TagMultipleForm if category.multiple else TagSingleForm)(
+ category=category, data=request.POST, prefix=category.dc_tag)
+ for category in Category.objects.all()]
+ if form.is_valid() and all(tag_form.is_valid() for tag_form in tag_forms):
if request.user.is_authenticated():
creator = request.user
doc = Document.objects.create(**kwargs)
+ for tag_form in tag_forms:
+ tag_form.save(instance=doc)
+
cover = request.FILES.get('cover')
if cover:
uppath = 'uploads/%d/' % doc.pk
path = settings.MEDIA_ROOT + uppath
if not os.path.isdir(path):
os.makedirs(path)
- dest_path = path + cover.name # UNSAFE
+ cover.name = unidecode(cover.name)
+ dest_path = path + cover.name
+ if not os.path.abspath(dest_path).startswith(os.path.abspath(path)):
+ raise Http404
with open(dest_path, 'w') as destination:
for chunk in cover.chunks():
destination.write(chunk)
else:
cover_url = ''
- doc.commit(
- text='''<section xmlns="http://nowoczesnapolska.org.pl/sst#" xmlns:dc="http://purl.org/dc/elements/1.1/">
+ text = '''<section xmlns="http://nowoczesnapolska.org.pl/sst#" xmlns:dc="http://purl.org/dc/elements/1.1/">
<metadata>
- <dc:publisher>''' + form.cleaned_data['publisher'] + '''</dc:publisher>
- <dc:description>''' + form.cleaned_data['description'] + '''</dc:description>
- <dc:language>''' + form.cleaned_data['language'] + '''</dc:language>
- <dc:rights>''' + form.cleaned_data['rights'] + '''</dc:rights>
- <dc:audience>''' + form.cleaned_data['audience'] + '''</dc:audience>
- <dc:relation.coverImage.url>''' + cover_url + '''</dc:relation.coverImage.url>
+ <dc:publisher>%s</dc:publisher>
+ <dc:description>%s</dc:description>
+ %s
+ <dc:relation.coverImage.url>%s</dc:relation.coverImage.url>
</metadata>
- <header>''' + title + '''</header>
+ <header>%s</header>
<div class="p"> </div>
- </section>''',
+ </section>''' % (
+ escape_xml(form.cleaned_data['publisher']),
+ escape_xml(form.cleaned_data['description']),
+ '\n'.join(tag_form.metadata_rows() for tag_form in tag_forms),
+ escape_xml(cover_url),
+ escape_xml(title))
+
+ doc.commit(
+ text=text,
author=creator
)
doc.assigned_to = request.user
form = forms.DocumentCreateForm(initial={'owner_organization': org})
- # tag_forms = [
- # (TagMultipleForm if category.multiple else TagSingleForm)(category=category, prefix=category.dc_tag)
- # for category in Category.objects.all()]
+ tag_forms = [
+ (TagMultipleForm if category.multiple else TagSingleForm)(
+ category=category, tutorial_no=i, prefix=category.dc_tag)
+ for i, category in enumerate(Category.objects.all(), start=2)]
return render(request, "catalogue/document_create_missing.html", {
"form": form,
- # "tag_forms": tag_forms,
+ "tag_forms": tag_forms,
"logout_to": '/',
})
@never_cache
def book_html(request, pk, rev_pk=None, preview=False):
- from librarian.document import Document as SST
- from librarian.formats.html import HtmlFormat
-
doc = get_object_or_404(Document, pk=pk, deleted=False)
try:
@never_cache
def book_pdf(request, pk, rev_pk):
- from librarian.utils import Context
- from librarian.document import Document as SST
- from librarian.formats.pdf import PdfFormat
-
doc = get_object_or_404(Document, pk=pk)
rev = get_object_or_404(Revision, pk=rev_pk)
# Test
ctx = Context(
files_path='http://%s/media/dynamic/uploads/%s/' % (request.get_host(), pk),
source_url='http://%s%s' % (request.get_host(), reverse('catalogue_html', args=[doc.pk])),
+ organization=doc.owner_organization.name if doc.owner_organization else doc.owner_user.get_full_name(),
)
if doc.owner_organization is not None and doc.owner_organization.logo:
ctx.cover_logo = 'http://%s%s' % (request.get_host(), doc.owner_organization.logo.url)
@never_cache
def book_epub(request, pk, rev_pk):
- from librarian.utils import Context
- from librarian.document import Document as SST
- from librarian.formats.epub import EpubFormat
-
doc = get_object_or_404(Document, pk=pk)
rev = get_object_or_404(Revision, pk=rev_pk)
# Test
@never_cache
def book_mobi(request, pk, rev_pk):
- from librarian.utils import Context
- from librarian.document import Document as SST
- from librarian.formats.epub import EpubFormat
-
doc = get_object_or_404(Document, pk=pk)
rev = get_object_or_404(Revision, pk=rev_pk)
def upcoming(request):
+ f = DocumentFilterSet(request.GET, queryset=Document.objects.filter(deleted=False).filter(publish_log=None))
return render(request, "catalogue/upcoming.html", {
- 'objects_list': Document.objects.filter(deleted=False).filter(publish_log=None),
+ 'filter_set': f,
+ 'link_url': 'catalogue_preview',
})
def finished(request):
+ f = DocumentFilterSet(request.GET, queryset=Document.objects.filter(deleted=False).exclude(publish_log=None))
return render(request, "catalogue/finished.html", {
- 'objects_list': Document.objects.filter(deleted=False).exclude(publish_log=None),
+ 'filter_set': f,
+ 'link_url': 'catalogue_html',
})