fix refresh covers (facepalm)
[redakcja.git] / apps / catalogue / views.py
index 9a795a3..b30297c 100644 (file)
@@ -1,30 +1,33 @@
-from datetime import datetime
+from collections import defaultdict
+from datetime import datetime, date, timedelta
 import logging
 import os
 from StringIO import StringIO
 import logging
 import os
 from StringIO import StringIO
+from urllib import unquote
+from urlparse import urlsplit, urlunsplit
 
 
+from django.conf import settings
 from django.contrib import auth
 from django.contrib.auth.models import User
 from django.contrib import auth
 from django.contrib.auth.models import User
-from django.contrib.auth.decorators import login_required
+from django.contrib.auth.decorators import login_required, permission_required
 from django.core.urlresolvers import reverse
 from django.core.urlresolvers import reverse
-from django.db.models import Count
+from django.db.models import Count, Q
+from django.db import transaction
 from django import http
 from django import http
-from django.http import Http404
-from django.shortcuts import get_object_or_404
+from django.http import Http404, HttpResponse, HttpResponseForbidden
+from django.shortcuts import get_object_or_404, render
+from django.utils.encoding import iri_to_uri
 from django.utils.http import urlquote_plus
 from django.utils.translation import ugettext_lazy as _
 from django.views.decorators.http import require_POST
 from django.utils.http import urlquote_plus
 from django.utils.translation import ugettext_lazy as _
 from django.views.decorators.http import require_POST
-from django.views.generic.simple import direct_to_template
 
 
-import librarian.html
-import librarian.text
-
-from apiclient import api_call
+from apiclient import NotAuthorizedError
 from catalogue import forms
 from catalogue import helpers
 from catalogue.helpers import active_tab
 from catalogue import forms
 from catalogue import helpers
 from catalogue.helpers import active_tab
-from catalogue.models import Book, Chunk
-from catalogue import xml_tools
+from catalogue.models import (Book, Chunk, Image, BookPublishRecord, 
+        ChunkPublishRecord, ImagePublishRecord, Project)
+from fileupload.views import UploadView
 
 #
 # Quick hack around caching problems, TODO: use ETags
 
 #
 # Quick hack around caching problems, TODO: use ETags
@@ -34,86 +37,70 @@ from django.views.decorators.cache import never_cache
 logger = logging.getLogger("fnp.catalogue")
 
 
 logger = logging.getLogger("fnp.catalogue")
 
 
-def slug_filter(qs, value, filter_field, model, model_field='slug', unset=''):
-    if value == unset:
-        return qs.filter(**{filter_field: None})
-    if value is None:
-        return qs
-    try:
-        obj = model._default_manager.get(**{model_field: value})
-    except model.DoesNotExist:
-        return qs.none()
-    else:
-        return qs.filter(**{filter_field: obj})
-
-
 @active_tab('all')
 @never_cache
 @active_tab('all')
 @never_cache
-def document_list(request, filters=None):
-    chunks = Chunk.objects.order_by('book__title', 'book', 'number')
-
-    chunks = slug_filter(chunks, request.GET.get('user', None), 'user', User, 'username')
-    chunks = slug_filter(chunks, request.GET.get('stage', None), 'stage', Chunk.tag_model, 'slug')
+def document_list(request):
+    return render(request, 'catalogue/document_list.html')
 
 
-    chunks_list = helpers.ChunksList(chunks)
-
-    return direct_to_template(request, 'catalogue/document_list.html', extra_context={
-        'books': chunks_list,
-        'last_books': sorted(request.session.get("wiki_last_books", {}).items(),
-                        key=lambda x: x[1]['time'], reverse=True),
-        'stages': Chunk.tag_model.objects.all(),
-        'users': User.objects.annotate(count=Count('chunk')).order_by('-count', 'last_name', 'first_name'),
-    })
 
 
-
-@active_tab('unassigned')
+@active_tab('images')
 @never_cache
 @never_cache
-def unassigned(request):
-    chunks_list = helpers.ChunksList(Chunk.objects.filter(
-        user=None).order_by('book__title', 'book__id', 'number'))
-
-    return direct_to_template(request, 'catalogue/document_list.html', extra_context={
-        'books': chunks_list,
-        'last_books': sorted(request.session.get("wiki_last_books", {}).items(),
-                        key=lambda x: x[1]['time'], reverse=True),
-    })
+def image_list(request, user=None):
+    return render(request, 'catalogue/image_list.html')
 
 
 @never_cache
 
 
 @never_cache
-def user(request, username=None):
-    if username is None:
-        if request.user.is_authenticated():
-            user = request.user
-        else:
-            raise Http404
-    else:
-        user = get_object_or_404(User, username=username)
+def user(request, username):
+    user = get_object_or_404(User, username=username)
+    return render(request, 'catalogue/user_page.html', {"viewed_user": user})
 
 
-    chunks_list = helpers.ChunksList(Chunk.objects.filter(
-        user=user).order_by('book__title', 'book', 'number'))
 
 
-    return direct_to_template(request, 'catalogue/document_list.html', extra_context={
-        'books': chunks_list,
-        'last_books': sorted(request.session.get("wiki_last_books", {}).items(),
-                        key=lambda x: x[1]['time'], reverse=True),
-    })
-my = login_required(active_tab('my')(user))
+@login_required
+@active_tab('my')
+@never_cache
+def my(request):
+    last_books = sorted(request.session.get("wiki_last_books", {}).items(),
+        key=lambda x: x[1]['time'], reverse=True)
+    for k, v in last_books:
+        v['time'] = datetime.fromtimestamp(v['time'])
+    return render(request, 'catalogue/my_page.html', {
+        'last_books': last_books,
+        "logout_to": '/',
+        })
 
 
 @active_tab('users')
 def users(request):
 
 
 @active_tab('users')
 def users(request):
-    return direct_to_template(request, 'catalogue/user_list.html', extra_context={
+    return render(request, 'catalogue/user_list.html', {
         'users': User.objects.all().annotate(count=Count('chunk')).order_by(
             '-count', 'last_name', 'first_name'),
     })
 
 
         'users': User.objects.all().annotate(count=Count('chunk')).order_by(
             '-count', 'last_name', 'first_name'),
     })
 
 
+@active_tab('activity')
+def activity(request, isodate=None):
+    today = date.today()
+    try:
+        day = helpers.parse_isodate(isodate)
+    except ValueError:
+        day = today
+
+    if day > today:
+        raise Http404
+    if day != today:
+        next_day = day + timedelta(1)
+    prev_day = day - timedelta(1)
+
+    return render(request, 'catalogue/activity.html', locals())
+
+
 @never_cache
 def logout_then_redirect(request):
     auth.logout(request)
     return http.HttpResponseRedirect(urlquote_plus(request.GET.get('next', '/'), safe='/?='))
 
 
 @never_cache
 def logout_then_redirect(request):
     auth.logout(request)
     return http.HttpResponseRedirect(urlquote_plus(request.GET.get('next', '/'), safe='/?='))
 
 
+@permission_required('catalogue.add_book')
 @active_tab('create')
 def create_missing(request, slug=None):
     if slug is None:
 @active_tab('create')
 def create_missing(request, slug=None):
     if slug is None:
@@ -128,31 +115,37 @@ def create_missing(request, slug=None):
                 creator = request.user
             else:
                 creator = None
                 creator = request.user
             else:
                 creator = None
-            book = Book.create(creator=creator,
+            book = Book.create(
+                text=form.cleaned_data['text'],
+                creator=creator,
                 slug=form.cleaned_data['slug'],
                 title=form.cleaned_data['title'],
                 slug=form.cleaned_data['slug'],
                 title=form.cleaned_data['title'],
-                text=form.cleaned_data['text'],
+                gallery=form.cleaned_data['gallery'],
             )
 
             )
 
-            return http.HttpResponseRedirect(reverse("wiki_editor", args=[book.slug]))
+            return http.HttpResponseRedirect(reverse("catalogue_book", args=[book.slug]))
     else:
         form = forms.DocumentCreateForm(initial={
                 "slug": slug,
                 "title": slug.replace('-', ' ').title(),
     else:
         form = forms.DocumentCreateForm(initial={
                 "slug": slug,
                 "title": slug.replace('-', ' ').title(),
+                "gallery": slug,
         })
 
         })
 
-    return direct_to_template(request, "catalogue/document_create_missing.html", extra_context={
+    return render(request, "catalogue/document_create_missing.html", {
         "slug": slug,
         "form": form,
         "slug": slug,
         "form": form,
+
+        "logout_to": '/',
     })
 
 
     })
 
 
+@permission_required('catalogue.add_book')
 @active_tab('upload')
 def upload(request):
     if request.method == "POST":
         form = forms.DocumentsUploadForm(request.POST, request.FILES)
         if form.is_valid():
 @active_tab('upload')
 def upload(request):
     if request.method == "POST":
         form = forms.DocumentsUploadForm(request.POST, request.FILES)
         if form.is_valid():
-            import slughifi
+            from slugify import slugify
 
             if request.user.is_authenticated():
                 creator = request.user
 
             if request.user.is_authenticated():
                 creator = request.user
@@ -169,7 +162,7 @@ def upload(request):
                 if filename[-1] == '/':
                     continue
                 title = os.path.basename(filename)[:-4]
                 if filename[-1] == '/':
                     continue
                 title = os.path.basename(filename)[:-4]
-                slug = slughifi(title)
+                slug = slugify(title)
                 if not (slug and filename.endswith('.xml')):
                     skipped_list.append(filename)
                 elif slug in slugs:
                 if not (slug and filename.endswith('.xml')):
                     skipped_list.append(filename)
                 elif slug in slugs:
@@ -186,56 +179,122 @@ def upload(request):
 
             if not error_list:
                 for filename, slug, title in ok_list:
 
             if not error_list:
                 for filename, slug, title in ok_list:
-                    Book.create(creator=creator,
+                    book = Book.create(
+                        text=zip.read(filename).decode('utf-8'),
+                        creator=creator,
                         slug=slug,
                         title=title,
                         slug=slug,
                         title=title,
-                        text=zip.read(filename).decode('utf-8'),
                     )
 
                     )
 
-            return direct_to_template(request, "catalogue/document_upload.html", extra_context={
+            return render(request, "catalogue/document_upload.html", {
                 "form": form,
                 "ok_list": ok_list,
                 "skipped_list": skipped_list,
                 "error_list": error_list,
                 "form": form,
                 "ok_list": ok_list,
                 "skipped_list": skipped_list,
                 "error_list": error_list,
+
+                "logout_to": '/',
             })
     else:
         form = forms.DocumentsUploadForm()
 
             })
     else:
         form = forms.DocumentsUploadForm()
 
-    return direct_to_template(request, "catalogue/document_upload.html", extra_context={
+    return render(request, "catalogue/document_upload.html", {
         "form": form,
         "form": form,
+
+        "logout_to": '/',
     })
 
 
 @never_cache
 def book_xml(request, slug):
     })
 
 
 @never_cache
 def book_xml(request, slug):
-    xml = get_object_or_404(Book, slug=slug).materialize()
+    book = get_object_or_404(Book, slug=slug)
+    if not book.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
+    xml = book.materialize()
 
 
-    response = http.HttpResponse(xml, content_type='application/xml', mimetype='application/wl+xml')
+    response = http.HttpResponse(xml, content_type='application/xml')
     response['Content-Disposition'] = 'attachment; filename=%s.xml' % slug
     return response
 
 
 @never_cache
 def book_txt(request, slug):
     response['Content-Disposition'] = 'attachment; filename=%s.xml' % slug
     return response
 
 
 @never_cache
 def book_txt(request, slug):
-    xml = get_object_or_404(Book, slug=slug).materialize()
-    output = StringIO()
-    # errors?
-    librarian.text.transform(StringIO(xml), output)
-    text = output.getvalue()
-    response = http.HttpResponse(text, content_type='text/plain', mimetype='text/plain')
+    book = get_object_or_404(Book, slug=slug)
+    if not book.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
+
+    doc = book.wldocument()
+    text = doc.as_text().get_string()
+    response = http.HttpResponse(text, content_type='text/plain')
     response['Content-Disposition'] = 'attachment; filename=%s.txt' % slug
     return response
 
 
 @never_cache
 def book_html(request, slug):
     response['Content-Disposition'] = 'attachment; filename=%s.txt' % slug
     return response
 
 
 @never_cache
 def book_html(request, slug):
-    xml = get_object_or_404(Book, slug=slug).materialize()
-    output = StringIO()
-    # errors?
-    librarian.html.transform(StringIO(xml), output, parse_dublincore=False,
-                             flags=['full-page'])
-    html = output.getvalue()
-    response = http.HttpResponse(html, content_type='text/html', mimetype='text/html')
+    book = get_object_or_404(Book, slug=slug)
+    if not book.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
+
+    doc = book.wldocument(parse_dublincore=False)
+    html = doc.as_html(options={'gallery': "'%s'" % book.gallery_url()})
+
+    html = html.get_string() if html is not None else ''
+    # response = http.HttpResponse(html, content_type='text/html')
+    # return response
+    # book_themes = {}
+    # for fragment in book.fragments.all().iterator():
+    #     for theme in fragment.tags.filter(category='theme').iterator():
+    #         book_themes.setdefault(theme, []).append(fragment)
+
+    # book_themes = book_themes.items()
+    # book_themes.sort(key=lambda s: s[0].sort_key)
+    return render(request, 'catalogue/book_text.html', locals())
+
+
+@never_cache
+def book_pdf(request, slug):
+    book = get_object_or_404(Book, slug=slug)
+    if not book.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
+
+    # TODO: move to celery
+    doc = book.wldocument()
+    # TODO: error handling
+    pdf_file = doc.as_pdf(cover=True, ilustr_path=book.gallery_path())
+    from catalogue.ebook_utils import serve_file
+    return serve_file(pdf_file.get_filename(),
+                book.slug + '.pdf', 'application/pdf')
+
+
+@never_cache
+def book_epub(request, slug):
+    book = get_object_or_404(Book, slug=slug)
+    if not book.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
+
+    # TODO: move to celery
+    doc = book.wldocument()
+    # TODO: error handling
+    epub = doc.as_epub(ilustr_path=book.gallery_path()).get_string()
+    response = HttpResponse(content_type='application/epub+zip')
+    response['Content-Disposition'] = 'attachment; filename=%s' % book.slug + '.epub'
+    response.write(epub)
+    return response
+
+
+@never_cache
+def book_mobi(request, slug):
+    book = get_object_or_404(Book, slug=slug)
+    if not book.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
+
+    # TODO: move to celery
+    doc = book.wldocument()
+    # TODO: error handling
+    mobi = doc.as_mobi(ilustr_path=book.gallery_path()).get_string()
+    response = HttpResponse(content_type='application/x-mobipocket-ebook')
+    response['Content-Disposition'] = 'attachment; filename=%s' % book.slug + '.mobi'
+    response.write(mobi)
     return response
 
 
     return response
 
 
@@ -245,108 +304,79 @@ def revision(request, slug, chunk=None):
         doc = Chunk.get(slug, chunk)
     except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist):
         raise Http404
         doc = Chunk.get(slug, chunk)
     except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist):
         raise Http404
+    if not doc.book.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
     return http.HttpResponse(str(doc.revision()))
 
 
 def book(request, slug):
     book = get_object_or_404(Book, slug=slug)
     return http.HttpResponse(str(doc.revision()))
 
 
 def book(request, slug):
     book = get_object_or_404(Book, slug=slug)
-
-    # TODO: most of this should go somewhere else
-
-    # do we need some automation?
-    first_master = None
-    chunks = []
-    need_fixing = False
-    choose_master = False
-
-    length = book.chunk_set.count()
-    for i, chunk in enumerate(book):
-        chunk_dict = {
-            "chunk": chunk,
-            "fix": [],
-            "grade": ""
-            }
-        graded = xml_tools.GradedText(chunk.materialize())
-        if graded.is_wl():
-            master = graded.master()
-            if first_master is None:
-                first_master = master
-            elif master != first_master:
-                chunk_dict['fix'].append('bad-master')
-
-            if i > 0 and not graded.has_trim_begin():
-                chunk_dict['fix'].append('trim-begin')
-            if i < length - 1 and not graded.has_trim_end():
-                chunk_dict['fix'].append('trim-end')
-
-            if chunk_dict['fix']:
-                chunk_dict['grade'] = 'wl-fix'
-            else:
-                chunk_dict['grade'] = 'wl'
-
-        elif graded.is_broken_wl():
-            chunk_dict['grade'] = 'wl-broken'
-        elif graded.is_xml():
-            chunk_dict['grade'] = 'xml'
+    if not book.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
+
+    if request.user.has_perm('catalogue.change_book'):
+        if request.method == "POST":
+            form = forms.BookForm(request.POST, instance=book)
+            if form.is_valid():
+                form.save()
+                return http.HttpResponseRedirect(book.get_absolute_url())
         else:
         else:
-            chunk_dict['grade'] = 'plain'
-            chunk_dict['fix'].append('wl')
-            choose_master = True
+            form = forms.BookForm(instance=book)
+        editable = True
+    else:
+        form = forms.ReadonlyBookForm(instance=book)
+        editable = False
 
 
-        if chunk_dict['fix']:
-            need_fixing = True
-        chunks.append(chunk_dict)
+    publish_error = book.publishable_error()
+    publishable = publish_error is None
 
 
-    if first_master or not need_fixing:
-        choose_master = False
+    return render(request, "catalogue/book_detail.html", {
+        "book": book,
+        "publishable": publishable,
+        "publishable_error": publish_error,
+        "form": form,
+        "editable": editable,
+    })
 
 
-    if request.method == "POST":
-        form = forms.ChooseMasterForm(request.POST)
-        if not choose_master or form.is_valid():
-            if choose_master:
-                first_master = form.cleaned_data['master']
-
-            # do the actual fixing
-            for c in chunks:
-                if not c['fix']:
-                    continue
 
 
-                text = c['chunk'].materialize()
-                for fix in c['fix']:
-                    if fix == 'bad-master':
-                        text = xml_tools.change_master(text, first_master)
-                    elif fix == 'trim-begin':
-                        text = xml_tools.add_trim_begin(text)
-                    elif fix == 'trim-end':
-                        text = xml_tools.add_trim_end(text)
-                    elif fix == 'wl':
-                        text = xml_tools.basic_structure(text, first_master)
-                author = request.user if request.user.is_authenticated() else None
-                description = "auto-fix: " + ", ".join(c['fix'])
-                c['chunk'].commit(text=text, author=author, 
-                    description=description)
-
-            return http.HttpResponseRedirect(book.get_absolute_url())
-    elif choose_master:
-        form = forms.ChooseMasterForm()
+def image(request, slug):
+    image = get_object_or_404(Image, slug=slug)
+    if not image.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
+
+    if request.user.has_perm('catalogue.change_image'):
+        if request.method == "POST":
+            form = forms.ImageForm(request.POST, instance=image)
+            if form.is_valid():
+                form.save()
+                return http.HttpResponseRedirect(image.get_absolute_url())
+        else:
+            form = forms.ImageForm(instance=image)
+        editable = True
     else:
     else:
-        form = None
+        form = forms.ReadonlyImageForm(instance=image)
+        editable = False
 
 
-    return direct_to_template(request, "catalogue/book_detail.html", extra_context={
-        "book": book,
-        "chunks": chunks,
-        "need_fixing": need_fixing,
-        "choose_master": choose_master,
-        "first_master": first_master,
+    publish_error = image.publishable_error()
+    publishable = publish_error is None
+
+    return render(request, "catalogue/image_detail.html", {
+        "object": image,
+        "publishable": publishable,
+        "publishable_error": publish_error,
         "form": form,
         "form": form,
+        "editable": editable,
     })
 
 
     })
 
 
+@permission_required('catalogue.add_chunk')
 def chunk_add(request, slug, chunk):
     try:
         doc = Chunk.get(slug, chunk)
     except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist):
         raise Http404
 def chunk_add(request, slug, chunk):
     try:
         doc = Chunk.get(slug, chunk)
     except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist):
         raise Http404
+    if not doc.book.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
 
     if request.method == "POST":
         form = forms.ChunkAddForm(request.POST, instance=doc)
 
     if request.method == "POST":
         form = forms.ChunkAddForm(request.POST, instance=doc)
@@ -357,68 +387,165 @@ def chunk_add(request, slug, chunk):
                 creator = None
             doc.split(creator=creator,
                 slug=form.cleaned_data['slug'],
                 creator = None
             doc.split(creator=creator,
                 slug=form.cleaned_data['slug'],
-                comment=form.cleaned_data['comment'],
+                title=form.cleaned_data['title'],
+                gallery_start=form.cleaned_data['gallery_start'],
+                user=form.cleaned_data['user'],
+                stage=form.cleaned_data['stage']
             )
 
             return http.HttpResponseRedirect(doc.book.get_absolute_url())
     else:
         form = forms.ChunkAddForm(initial={
                 "slug": str(doc.number + 1),
             )
 
             return http.HttpResponseRedirect(doc.book.get_absolute_url())
     else:
         form = forms.ChunkAddForm(initial={
                 "slug": str(doc.number + 1),
-                "comment": "cz. %d" % (doc.number + 1, ),
+                "title": "cz. %d" % (doc.number + 1, ),
         })
 
         })
 
-    return direct_to_template(request, "catalogue/chunk_add.html", extra_context={
+    return render(request, "catalogue/chunk_add.html", {
         "chunk": doc,
         "form": form,
     })
 
 
         "chunk": doc,
         "form": form,
     })
 
 
+@login_required
 def chunk_edit(request, slug, chunk):
     try:
         doc = Chunk.get(slug, chunk)
     except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist):
         raise Http404
 def chunk_edit(request, slug, chunk):
     try:
         doc = Chunk.get(slug, chunk)
     except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist):
         raise Http404
+    if not doc.book.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
+
     if request.method == "POST":
         form = forms.ChunkForm(request.POST, instance=doc)
         if form.is_valid():
             form.save()
     if request.method == "POST":
         form = forms.ChunkForm(request.POST, instance=doc)
         if form.is_valid():
             form.save()
-            return http.HttpResponseRedirect(doc.book.get_absolute_url())
+            go_next = request.GET.get('next', None)
+            if go_next:
+                go_next = urlquote_plus(unquote(iri_to_uri(go_next)), safe='/?=&')
+            else:
+                go_next = doc.book.get_absolute_url()
+            return http.HttpResponseRedirect(go_next)
     else:
         form = forms.ChunkForm(instance=doc)
     else:
         form = forms.ChunkForm(instance=doc)
-    return direct_to_template(request, "catalogue/chunk_edit.html", extra_context={
+
+    referer = request.META.get('HTTP_REFERER')
+    if referer:
+        parts = urlsplit(referer)
+        parts = ['', ''] + list(parts[2:])
+        go_next = urlquote_plus(urlunsplit(parts))
+    else:
+        go_next = ''
+
+    return render(request, "catalogue/chunk_edit.html", {
         "chunk": doc,
         "form": form,
         "chunk": doc,
         "form": form,
+        "go_next": go_next,
     })
 
 
     })
 
 
+@transaction.atomic
+@login_required
+@require_POST
+def chunk_mass_edit(request):
+    ids = map(int, filter(lambda i: i.strip()!='', request.POST.get('ids').split(',')))
+    chunks = map(lambda i: Chunk.objects.get(id=i), ids)
+    
+    stage = request.POST.get('stage')
+    if stage:
+        try:
+            stage = Chunk.tag_model.objects.get(slug=stage)
+        except Chunk.DoesNotExist, e:
+            stage = None
+       
+        for c in chunks: c.stage = stage
+
+    username = request.POST.get('user')
+    logger.info("username: %s" % username)
+    logger.info(request.POST)
+    if username:
+        try:
+            user = User.objects.get(username=username)
+        except User.DoesNotExist, e:
+            user = None
+            
+        for c in chunks: c.user = user
+
+    project_id = request.POST.get('project')
+    if project_id:
+        try:
+            project = Project.objects.get(pk=int(project_id))
+        except (Project.DoesNotExist, ValueError), e:
+            project = None
+        for c in chunks:
+            book = c.book
+            book.project = project
+            book.save()
+
+    for c in chunks: c.save()
+
+    return HttpResponse("", content_type="text/plain")
+
+
+@transaction.atomic
+@login_required
+@require_POST
+def image_mass_edit(request):
+    ids = map(int, filter(lambda i: i.strip()!='', request.POST.get('ids').split(',')))
+    images = map(lambda i: Image.objects.get(id=i), ids)
+    
+    stage = request.POST.get('stage')
+    if stage:
+        try:
+            stage = Image.tag_model.objects.get(slug=stage)
+        except Image.DoesNotExist, e:
+            stage = None
+       
+        for c in images: c.stage = stage
+
+    username = request.POST.get('user')
+    logger.info("username: %s" % username)
+    logger.info(request.POST)
+    if username:
+        try:
+            user = User.objects.get(username=username)
+        except User.DoesNotExist, e:
+            user = None
+            
+        for c in images: c.user = user
+
+    project_id = request.POST.get('project')
+    if project_id:
+        try:
+            project = Project.objects.get(pk=int(project_id))
+        except (Project.DoesNotExist, ValueError), e:
+            project = None
+        for c in images:
+            c.project = project
+
+    for c in images: c.save()
+
+    return HttpResponse("", content_type="text/plain")
+
+
+@permission_required('catalogue.change_book')
 def book_append(request, slug):
     book = get_object_or_404(Book, slug=slug)
 def book_append(request, slug):
     book = get_object_or_404(Book, slug=slug)
+    if not book.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
+
     if request.method == "POST":
     if request.method == "POST":
-        form = forms.BookAppendForm(request.POST)
+        form = forms.BookAppendForm(book, request.POST)
         if form.is_valid():
             append_to = form.cleaned_data['append_to']
             append_to.append(book)
             return http.HttpResponseRedirect(append_to.get_absolute_url())
     else:
         if form.is_valid():
             append_to = form.cleaned_data['append_to']
             append_to.append(book)
             return http.HttpResponseRedirect(append_to.get_absolute_url())
     else:
-        form = forms.BookAppendForm()
-    return direct_to_template(request, "catalogue/book_append_to.html", extra_context={
+        form = forms.BookAppendForm(book)
+    return render(request, "catalogue/book_append_to.html", {
         "book": book,
         "form": form,
         "book": book,
         "form": form,
-    })
-
 
 
-def book_edit(request, slug):
-    book = get_object_or_404(Book, slug=slug)
-    if request.method == "POST":
-        form = forms.BookForm(request.POST, instance=book)
-        if form.is_valid():
-            form.save()
-            return http.HttpResponseRedirect(book.get_absolute_url())
-    else:
-        form = forms.BookForm(instance=book)
-    return direct_to_template(request, "catalogue/book_edit.html", extra_context={
-        "book": book,
-        "form": form,
+        "logout_to": '/',
     })
 
 
     })
 
 
@@ -426,11 +553,83 @@ def book_edit(request, slug):
 @login_required
 def publish(request, slug):
     book = get_object_or_404(Book, slug=slug)
 @login_required
 def publish(request, slug):
     book = get_object_or_404(Book, slug=slug)
+    if not book.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
+
     try:
     try:
-        ret = api_call(request.user, "books", {"book_xml": book.materialize()})
+        protocol = 'https://' if request.is_secure() else 'http://'
+        book.publish(request.user, host=protocol + request.get_host())
+    except NotAuthorizedError:
+        return http.HttpResponseRedirect(reverse('apiclient_oauth'))
     except BaseException, e:
         return http.HttpResponse(e)
     else:
     except BaseException, e:
         return http.HttpResponse(e)
     else:
-        book.last_published = datetime.now()
-        book.save()
         return http.HttpResponseRedirect(book.get_absolute_url())
         return http.HttpResponseRedirect(book.get_absolute_url())
+
+
+@require_POST
+@login_required
+def publish_image(request, slug):
+    image = get_object_or_404(Image, slug=slug)
+    if not image.accessible(request):
+        return HttpResponseForbidden("Not authorized.")
+
+    try:
+        image.publish(request.user)
+    except NotAuthorizedError:
+        return http.HttpResponseRedirect(reverse('apiclient_oauth'))
+    except BaseException, e:
+        return http.HttpResponse(e)
+    else:
+        return http.HttpResponseRedirect(image.get_absolute_url())
+
+
+class GalleryView(UploadView):
+    def get_object(self, request, slug):
+        book = get_object_or_404(Book, slug=slug)
+        if not book.gallery:
+            raise Http404
+        return book
+
+    def breadcrumbs(self):
+        return [
+            (_('books'), reverse('catalogue_document_list')),
+            (self.object.title, self.object.get_absolute_url()),
+            (_('scan gallery'),),
+        ]
+
+    def get_directory(self):
+        return "%s%s/" % (settings.IMAGE_DIR, self.object.gallery)
+
+
+def active_users_list(request):
+    since = date(date.today().year, 1, 1)
+    by_user = defaultdict(lambda: 0)
+    by_email = defaultdict(lambda: 0)
+    names_by_email = defaultdict(set)
+    for change_model in (Chunk.change_model, Image.change_model):
+        for c in change_model.objects.filter(
+                created_at__gte=since).order_by(
+                'author', 'author_email', 'author_name').values(
+                'author', 'author_name', 'author_email').annotate(
+                c=Count('author'), ce=Count('author_email')).distinct():
+            if c['author']:
+                by_user[c['author']] += c['c']
+            else:
+                by_email[c['author_email']] += c['ce']
+                if c['author_name'].strip():
+                    names_by_email[c['author_email']].add(c['author_name'])
+    for user in User.objects.filter(pk__in=by_user):
+        by_email[user.email] += by_user[user.pk]
+        names_by_email[user.email].add("%s %s" % (user.first_name, user.last_name))
+
+    active_users = []
+    for email, count in by_email.items():
+        active_users.append((email, names_by_email[email], count))
+    active_users.sort(key=lambda x: -x[2])
+    return render(request, 'catalogue/active_users_list.html', {
+        'users': active_users,
+        'since': since,
+    })
+
+