fnp / redakcja.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
stupid bug
[redakcja.git] / apps / wiki / views.py
diff --git a/apps/wiki/views.py b/apps/wiki/views.py
index 0455bdd..f9a253c 100644 (file)
--- a/apps/wiki/views.py
+++ b/apps/wiki/views.py
@@ -1,23 +1,26 @@
+# -*- coding: utf-8 -*-
 from datetime import datetime
 import os
 import logging
 from datetime import datetime
 import os
 import logging
+import urllib
+import json
 
 from django.conf import settings
 from django.core.urlresolvers import reverse
 from django import http
 
 from django.conf import settings
 from django.core.urlresolvers import reverse
 from django import http
-from django.http import Http404
+from django.http import Http404, HttpResponseForbidden
 from django.middleware.gzip import GZipMiddleware
 from django.utils.decorators import decorator_from_middleware
 from django.utils.encoding import smart_unicode
 from django.middleware.gzip import GZipMiddleware
 from django.utils.decorators import decorator_from_middleware
 from django.utils.encoding import smart_unicode
-from django.utils.translation import ugettext_lazy as _
+from django.utils.formats import localize
+from django.utils.translation import ugettext as _
 from django.views.decorators.http import require_POST, require_GET
 from django.views.decorators.http import require_POST, require_GET
-from django.views.generic.simple import direct_to_template
+from django.shortcuts import get_object_or_404, render
 
 
-from catalogue.models import Book, Chunk
+from catalogue.models import Book, Chunk, Template
 import nice_diff
 from wiki import forms
 import nice_diff
 from wiki import forms
-from wiki.helpers import (JSONResponse, JSONFormInvalid, JSONServerError,
-                ajax_require_permission)
+from wiki.helpers import JSONResponse, JSONFormInvalid, ajax_require_permission
 from wiki.models import Theme
 
 #
 from wiki.models import Theme
 
 #
@@ -30,42 +33,89 @@ logger = logging.getLogger("fnp.wiki")
 MAX_LAST_DOCS = 10
 
 
 MAX_LAST_DOCS = 10
 
 
+def get_history(chunk):
+    changes = []
+    for change in chunk.history():
+        changes.append({
+                "version": change.revision,
+                "description": change.description,
+                "author": change.author_str(),
+                "date": localize(change.created_at),
+                "publishable": _("Publishable") + "\n" if change.publishable else "",
+                "tag": ',\n'.join(unicode(tag) for tag in change.tags.all()),
+                "published": (
+                    _("Published") + ": " +
+                    localize(change.publish_log.order_by('-book_record__timestamp')[0].book_record.timestamp)
+                    if change.publish_log.exists() else ""),
+            })
+    return changes
+
+
 @never_cache
 @never_cache
-def editor(request, slug, chunk=None, template_name='wiki/document_details.html'):
+def editor(request, slug, chunk=None, template_name='wiki/bootstrap.html'):
     try:
         chunk = Chunk.get(slug, chunk)
     except Chunk.MultipleObjectsReturned:
     try:
         chunk = Chunk.get(slug, chunk)
     except Chunk.MultipleObjectsReturned:
-        # TODO: choice page
         raise Http404
     except Chunk.DoesNotExist:
         if chunk is None:
             try:
         raise Http404
     except Chunk.DoesNotExist:
         if chunk is None:
             try:
-                book = Book.objects.get(slug=slug)
+                Book.objects.get(slug=slug)
             except Book.DoesNotExist:
                 return http.HttpResponseRedirect(reverse("catalogue_create_missing", args=[slug]))
             except Book.DoesNotExist:
                 return http.HttpResponseRedirect(reverse("catalogue_create_missing", args=[slug]))
+            else:
+                raise Http404
         else:
             raise Http404
         else:
             raise Http404
+    if not chunk.book.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
 
     access_time = datetime.now()
     last_books = request.session.get("wiki_last_books", {})
     last_books[slug, chunk.slug] = {
         'time': access_time,
         'title': chunk.pretty_name(),
 
     access_time = datetime.now()
     last_books = request.session.get("wiki_last_books", {})
     last_books[slug, chunk.slug] = {
         'time': access_time,
         'title': chunk.pretty_name(),
-        }
+    }
 
     if len(last_books) > MAX_LAST_DOCS:
         oldest_key = min(last_books, key=lambda x: last_books[x]['time'])
         del last_books[oldest_key]
     request.session['wiki_last_books'] = last_books
 
 
     if len(last_books) > MAX_LAST_DOCS:
         oldest_key = min(last_books, key=lambda x: last_books[x]['time'])
         del last_books[oldest_key]
     request.session['wiki_last_books'] = last_books
 
-    return direct_to_template(request, template_name, extra_context={
-        'chunk': chunk,
+    save_form = forms.DocumentTextSaveForm(user=request.user, chunk=chunk, prefix="textsave")
+    try:
+        version = int(request.GET.get('version', ''))
+    except ValueError:
+        version = None
+    if version:
+        text = chunk.at_revision(version).materialize()
+    else:
+        text = chunk.materialize()
+    gallery_dir = os.path.join(settings.MEDIA_ROOT, settings.IMAGE_DIR, chunk.book.gallery)
+    materials = set(os.listdir(gallery_dir)) if os.path.isdir(gallery_dir) else set()
+    materials.update([n.rsplit('.', 1)[0] for n in materials])
+    return render(request, template_name, {
+        'serialized_document_data': json.dumps({
+            'document': text,
+            'document_id': chunk.id,
+            'title': chunk.book.title,
+            'history': get_history(chunk),
+            'version': version or chunk.revision(),
+            'stage': chunk.stage.name if chunk.stage else None,
+            'assignment': chunk.user.username if chunk.user else None
+        }),
+        'serialized_templates': json.dumps([
+            {'id': t.id, 'name': t.name, 'content': t.content} for t in Template.objects.filter(is_partial=True)
+        ]),
         'forms': {
         'forms': {
-            "text_save": forms.DocumentTextSaveForm(prefix="textsave"),
-            "text_revert": forms.DocumentTextRevertForm(prefix="textrevert"),
-            "pubmark": forms.DocumentPubmarkForm(prefix="pubmark"),
+            "text_save": save_form,
+            "text_revert": forms.DocumentTextRevertForm(prefix="textrevert")
         },
         },
-        'REDMINE_URL': settings.REDMINE_URL,
+        'tags': list(save_form.fields['stage_completed'].choices),
+        'can_pubmark': request.user.has_perm('catalogue.can_pubmark'),
+        'slug': chunk.book.slug,
+        'gallery': chunk.book.gallery,
+        'materials': json.dumps(list(materials)),
     })
 
 
     })
 
 
@@ -76,6 +126,8 @@ def editor_readonly(request, slug, chunk=None, template_name='wiki/document_deta
         revision = request.GET['revision']
     except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist, KeyError):
         raise Http404
         revision = request.GET['revision']
     except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist, KeyError):
         raise Http404
+    if not chunk.book.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
 
     access_time = datetime.now()
     last_books = request.session.get("wiki_last_books", {})
 
     access_time = datetime.now()
     last_books = request.session.get("wiki_last_books", {})
@@ -89,7 +141,7 @@ def editor_readonly(request, slug, chunk=None, template_name='wiki/document_deta
         del last_books[oldest_key]
     request.session['wiki_last_books'] = last_books
 
         del last_books[oldest_key]
     request.session['wiki_last_books'] = last_books
 
-    return direct_to_template(request, template_name, extra_context={
+    return render(request, template_name, {
         'chunk': chunk,
         'revision': revision,
         'readonly': True,
         'chunk': chunk,
         'revision': revision,
         'readonly': True,
@@ -99,44 +151,28 @@ def editor_readonly(request, slug, chunk=None, template_name='wiki/document_deta
 
 @never_cache
 @decorator_from_middleware(GZipMiddleware)
 
 @never_cache
 @decorator_from_middleware(GZipMiddleware)
-def text(request, slug, chunk=None):
-    try:
-        doc = Chunk.get(slug, chunk)
-    except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist):
-        raise Http404
+def text(request, chunk_id):
+    doc = get_object_or_404(Chunk, pk=chunk_id)
+    if not doc.book.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
 
     if request.method == 'POST':
 
     if request.method == 'POST':
-        form = forms.DocumentTextSaveForm(request.POST, prefix="textsave")
+        form = forms.DocumentTextSaveForm(request.POST, user=request.user, chunk=doc, prefix="textsave")
         if form.is_valid():
         if form.is_valid():
-            if request.user.is_authenticated():
-                author = request.user
-            else:
-                author = None
-            text = form.cleaned_data['text']
+            form.save()
             parent_revision = form.cleaned_data['parent_revision']
             parent_revision = form.cleaned_data['parent_revision']
-            if parent_revision is not None:
-                parent = doc.at_revision(parent_revision)
-            else:
-                parent = None
-            stage = form.cleaned_data['stage_completed']
-            tags = [stage] if stage else []
-            doc.commit(author=author,
-                       text=text,
-                       parent=parent,
-                       description=form.cleaned_data['comment'],
-                       tags=tags,
-                       )
             revision = doc.revision()
             return JSONResponse({
                 'text': doc.materialize() if parent_revision != revision else None,
             revision = doc.revision()
             return JSONResponse({
                 'text': doc.materialize() if parent_revision != revision else None,
-                'meta': {},
-                'revision': revision,
+                'version': revision,
+                'stage': doc.stage.name if doc.stage else None,
+                'assignment': doc.user.username if doc.user else None
             })
         else:
             return JSONFormInvalid(form)
     else:
         revision = request.GET.get("revision", None)
             })
         else:
             return JSONFormInvalid(form)
     else:
         revision = request.GET.get("revision", None)
-        
+
         try:
             revision = int(revision)
         except (ValueError, TypeError):
         try:
             revision = int(revision)
         except (ValueError, TypeError):
@@ -156,13 +192,12 @@ def text(request, slug, chunk=None):
 
 @never_cache
 @require_POST
 
 @never_cache
 @require_POST
-def revert(request, slug, chunk=None):
+def revert(request, chunk_id):
     form = forms.DocumentTextRevertForm(request.POST, prefix="textrevert")
     if form.is_valid():
     form = forms.DocumentTextRevertForm(request.POST, prefix="textrevert")
     if form.is_valid():
-        try:
-            doc = Chunk.get(slug, chunk)
-        except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist):
-            raise Http404
+        doc = get_object_or_404(Chunk, pk=chunk_id)
+        if not doc.book.accessible(request):
+            return HttpResponseForbidden("Not authorized.")
 
         revision = form.cleaned_data['revision']
 
 
         revision = form.cleaned_data['revision']
 
@@ -175,13 +210,12 @@ def revert(request, slug, chunk=None):
             author = None
 
         before = doc.revision()
             author = None
 
         before = doc.revision()
-        logger.info("Reverting %s to %s", slug, revision)
+        logger.info("Reverting %s to %s", chunk_id, revision)
         doc.at_revision(revision).revert(author=author, description=comment)
 
         return JSONResponse({
         doc.at_revision(revision).revert(author=author, description=comment)
 
         return JSONResponse({
-            'text': doc.materialize() if before != doc.revision() else None,
-            'meta': {},
-            'revision': doc.revision(),
+            'document': doc.materialize() if before != doc.revision() else None,
+            'version': doc.revision(),
         })
     else:
         return JSONFormInvalid(form)
         })
     else:
         return JSONFormInvalid(form)
@@ -192,22 +226,26 @@ def gallery(request, directory):
     try:
         base_url = ''.join((
                         smart_unicode(settings.MEDIA_URL),
     try:
         base_url = ''.join((
                         smart_unicode(settings.MEDIA_URL),
-                        smart_unicode(settings.FILEBROWSER_DIRECTORY),
+                        smart_unicode(settings.IMAGE_DIR),
                         smart_unicode(directory)))
 
         base_dir = os.path.join(
                     smart_unicode(settings.MEDIA_ROOT),
                         smart_unicode(directory)))
 
         base_dir = os.path.join(
                     smart_unicode(settings.MEDIA_ROOT),
-                    smart_unicode(settings.FILEBROWSER_DIRECTORY),
+                    smart_unicode(settings.IMAGE_DIR),
                     smart_unicode(directory))
 
         def map_to_url(filename):
                     smart_unicode(directory))
 
         def map_to_url(filename):
-            return "%s/%s" % (base_url, smart_unicode(filename))
+            return urllib.quote("%s/%s" % (base_url, smart_unicode(filename)))
 
         def is_image(filename):
 
         def is_image(filename):
-            return os.path.splitext(f)[1].lower() in (u'.jpg', u'.jpeg', u'.png')
+            return os.path.splitext(filename)[1].lower() in (u'.jpg', u'.jpeg', u'.png')
 
         images = [map_to_url(f) for f in map(smart_unicode, os.listdir(base_dir)) if is_image(f)]
         images.sort()
 
         images = [map_to_url(f) for f in map(smart_unicode, os.listdir(base_dir)) if is_image(f)]
         images.sort()
+
+        if not request.user.is_authenticated():
+            return HttpResponseForbidden("Not authorized.")
+
         return JSONResponse(images)
     except (IndexError, OSError):
         logger.exception("Unable to fetch gallery")
         return JSONResponse(images)
     except (IndexError, OSError):
         logger.exception("Unable to fetch gallery")
@@ -215,7 +253,7 @@ def gallery(request, directory):
 
 
 @never_cache
 
 
 @never_cache
-def diff(request, slug, chunk=None):
+def diff(request, chunk_id):
     revA = int(request.GET.get('from', 0))
     revB = int(request.GET.get('to', 0))
 
     revA = int(request.GET.get('from', 0))
     revB = int(request.GET.get('to', 0))
 
@@ -225,56 +263,46 @@ def diff(request, slug, chunk=None):
     if revB == 0:
         revB = None
 
     if revB == 0:
         revB = None
 
-    try:
-        doc = Chunk.get(slug, chunk)
-    except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist):
-        raise Http404
-    docA = doc.at_revision(revA).materialize()
+    doc = get_object_or_404(Chunk, pk=chunk_id)
+    if not doc.book.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
+
+    # allow diff from the beginning
+    if revA:
+        docA = doc.at_revision(revA).materialize()
+    else:
+        docA = ""
     docB = doc.at_revision(revB).materialize()
 
     docB = doc.at_revision(revB).materialize()
 
-    return http.HttpResponse(nice_diff.html_diff_table(docA.splitlines(),
-                                         docB.splitlines(), context=3))
+    return http.HttpResponse(nice_diff.html_diff_table(docA.splitlines(), docB.splitlines(), context=3))
 
 
 @never_cache
 
 
 @never_cache
-def revision(request, slug, chunk=None):
-    try:
-        doc = Chunk.get(slug, chunk)
-    except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist):
-        raise Http404
+def revision(request, chunk_id):
+    doc = get_object_or_404(Chunk, pk=chunk_id)
+    if not doc.book.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
     return http.HttpResponse(str(doc.revision()))
 
 
 @never_cache
     return http.HttpResponse(str(doc.revision()))
 
 
 @never_cache
-def history(request, slug, chunk=None):
+def history(request, chunk_id):
     # TODO: pagination
     # TODO: pagination
-    try:
-        doc = Chunk.get(slug, chunk)
-    except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist):
-        raise Http404
+    doc = get_object_or_404(Chunk, pk=chunk_id)
+    if not doc.book.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
 
 
-    changes = []
-    for change in doc.history().order_by('-created_at'):
-        changes.append({
-                "version": change.revision,
-                "description": change.description,
-                "author": change.author_str(),
-                "date": change.created_at,
-                "publishable": "Publishable\n" if change.publishable else "",
-                "tag": ',\n'.join(unicode(tag) for tag in change.tags.all()),
-            })
-    return JSONResponse(changes)
+    return JSONResponse(get_history(doc))
 
 
 @require_POST
 
 
 @require_POST
-@ajax_require_permission('wiki.can_pubmark')
-def pubmark(request, slug, chunk=None):
+@ajax_require_permission('catalogue.can_pubmark')
+def pubmark(request, chunk_id):
     form = forms.DocumentPubmarkForm(request.POST, prefix="pubmark")
     if form.is_valid():
     form = forms.DocumentPubmarkForm(request.POST, prefix="pubmark")
     if form.is_valid():
-        try:
-            doc = Chunk.get(slug, chunk)
-        except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist):
-            raise Http404
+        doc = get_object_or_404(Chunk, pk=chunk_id)
+        if not doc.book.accessible(request):
+            return HttpResponseForbidden("Not authorized.")
 
         revision = form.cleaned_data['revision']
         publishable = form.cleaned_data['publishable']
 
         revision = form.cleaned_data['revision']
         publishable = form.cleaned_data['publishable']