X-Git-Url: https://git.mdrn.pl/redakcja.git/blobdiff_plain/bd743f7ae0f46d0d2a68f80e3c3cf14313d61aa3..0d2710238c43e233ec76d8afa609704777807f42:/apps/catalogue/views.py?ds=sidebyside diff --git a/apps/catalogue/views.py b/apps/catalogue/views.py index ef042de2..df7c2bf3 100644 --- a/apps/catalogue/views.py +++ b/apps/catalogue/views.py @@ -5,7 +5,7 @@ from StringIO import StringIO from django.contrib import auth from django.contrib.auth.models import User -from django.contrib.auth.decorators import login_required +from django.contrib.auth.decorators import login_required, permission_required from django.core.urlresolvers import reverse from django.db.models import Count, Q from django import http @@ -19,6 +19,7 @@ from django.views.generic.simple import direct_to_template import librarian.html import librarian.text +from apiclient import NotAuthorizedError from catalogue import forms from catalogue import helpers from catalogue.helpers import active_tab @@ -74,6 +75,7 @@ def logout_then_redirect(request): return http.HttpResponseRedirect(urlquote_plus(request.GET.get('next', '/'), safe='/?=')) +@permission_required('catalogue.add_book') @active_tab('create') def create_missing(request, slug=None): if slug is None: @@ -108,6 +110,7 @@ def create_missing(request, slug=None): }) +@permission_required('catalogue.add_book') @active_tab('upload') def upload(request): if request.method == "POST": @@ -294,8 +297,19 @@ def book(request, slug): else: form = None + try: + book.assert_publishable() + except AssertionError, e: + publishable = False + publishable_error = e + else: + publishable = True + publishable_error = None + return direct_to_template(request, "catalogue/book_detail.html", extra_context={ "book": book, + "publishable": publishable, + "publishable_error": publishable_error, "chunks": chunks, "need_fixing": need_fixing, "choose_master": choose_master, @@ -304,6 +318,7 @@ def book(request, slug): }) +@permission_required('catalogue.add_chunk') def chunk_add(request, slug, chunk): try: doc = Chunk.get(slug, chunk) @@ -353,22 +368,24 @@ def chunk_edit(request, slug, chunk): }) +@permission_required('catalogue.change_book') def book_append(request, slug): book = get_object_or_404(Book, slug=slug) if request.method == "POST": - form = forms.BookAppendForm(request.POST) + form = forms.BookAppendForm(book, request.POST) if form.is_valid(): append_to = form.cleaned_data['append_to'] append_to.append(book) return http.HttpResponseRedirect(append_to.get_absolute_url()) else: - form = forms.BookAppendForm() + form = forms.BookAppendForm(book) return direct_to_template(request, "catalogue/book_append_to.html", extra_context={ "book": book, "form": form, }) +@permission_required('catalogue.change_book') def book_edit(request, slug): book = get_object_or_404(Book, slug=slug) if request.method == "POST": @@ -390,6 +407,8 @@ def publish(request, slug): book = get_object_or_404(Book, slug=slug) try: book.publish(request.user) + except NotAuthorizedError: + return http.HttpResponseRedirect(reverse('apiclient_oauth')) except BaseException, e: return http.HttpResponse(e) else: