X-Git-Url: https://git.mdrn.pl/redakcja.git/blobdiff_plain/ce8d791a5298e0cb2569034aec4c8b57afac97b2..e2efa3c922eb796cf57f22fa4e2780defd8b7a20:/apps/catalogue/views.py

diff --git a/apps/catalogue/views.py b/apps/catalogue/views.py
index ef042de2..cac1bd2b 100644
--- a/apps/catalogue/views.py
+++ b/apps/catalogue/views.py
@@ -2,15 +2,18 @@ from datetime import datetime
 import logging
 import os
 from StringIO import StringIO
+from urllib import unquote
+from urlparse import urlsplit, urlunsplit
 
 from django.contrib import auth
 from django.contrib.auth.models import User
-from django.contrib.auth.decorators import login_required
+from django.contrib.auth.decorators import login_required, permission_required
 from django.core.urlresolvers import reverse
 from django.db.models import Count, Q
 from django import http
 from django.http import Http404
 from django.shortcuts import get_object_or_404, render
+from django.utils.encoding import iri_to_uri
 from django.utils.http import urlquote_plus
 from django.utils.translation import ugettext_lazy as _
 from django.views.decorators.http import require_POST
@@ -19,6 +22,7 @@ from django.views.generic.simple import direct_to_template
 import librarian.html
 import librarian.text
 
+from apiclient import NotAuthorizedError
 from catalogue import forms
 from catalogue import helpers
 from catalogue.helpers import active_tab
@@ -74,6 +78,7 @@ def logout_then_redirect(request):
     return http.HttpResponseRedirect(urlquote_plus(request.GET.get('next', '/'), safe='/?='))
 
 
+@permission_required('catalogue.add_book')
 @active_tab('create')
 def create_missing(request, slug=None):
     if slug is None:
@@ -108,6 +113,7 @@ def create_missing(request, slug=None):
     })
 
 
+@permission_required('catalogue.add_book')
 @active_tab('upload')
 def upload(request):
     if request.method == "POST":
@@ -294,8 +300,19 @@ def book(request, slug):
     else:
         form = None
 
+    try:
+        book.assert_publishable()
+    except AssertionError, e:
+        publishable = False
+        publishable_error = e
+    else:
+        publishable = True
+        publishable_error = None
+
     return direct_to_template(request, "catalogue/book_detail.html", extra_context={
         "book": book,
+        "publishable": publishable,
+        "publishable_error": publishable_error,
         "chunks": chunks,
         "need_fixing": need_fixing,
         "choose_master": choose_master,
@@ -304,6 +321,7 @@ def book(request, slug):
     })
 
 
+@permission_required('catalogue.add_chunk')
 def chunk_add(request, slug, chunk):
     try:
         doc = Chunk.get(slug, chunk)
@@ -344,31 +362,44 @@ def chunk_edit(request, slug, chunk):
         form = forms.ChunkForm(request.POST, instance=doc)
         if form.is_valid():
             form.save()
-            return http.HttpResponseRedirect(doc.book.get_absolute_url())
+            go_next = request.GET.get('next', None)
+            if go_next:
+                go_next = urlquote_plus(unquote(iri_to_uri(go_next)), safe='/?=&')
+            else:
+                go_next = doc.book.get_absolute_url()
+            return http.HttpResponseRedirect(go_next)
     else:
         form = forms.ChunkForm(instance=doc)
+
+    parts = urlsplit(request.META['HTTP_REFERER'])
+    parts = ['', ''] + list(parts[2:])
+    go_next = urlquote_plus(urlunsplit(parts))
+
     return direct_to_template(request, "catalogue/chunk_edit.html", extra_context={
         "chunk": doc,
         "form": form,
+        "go_next": go_next,
     })
 
 
+@permission_required('catalogue.change_book')
 def book_append(request, slug):
     book = get_object_or_404(Book, slug=slug)
     if request.method == "POST":
-        form = forms.BookAppendForm(request.POST)
+        form = forms.BookAppendForm(book, request.POST)
         if form.is_valid():
             append_to = form.cleaned_data['append_to']
             append_to.append(book)
             return http.HttpResponseRedirect(append_to.get_absolute_url())
     else:
-        form = forms.BookAppendForm()
+        form = forms.BookAppendForm(book)
     return direct_to_template(request, "catalogue/book_append_to.html", extra_context={
         "book": book,
         "form": form,
     })
 
 
+@permission_required('catalogue.change_book')
 def book_edit(request, slug):
     book = get_object_or_404(Book, slug=slug)
     if request.method == "POST":
@@ -390,6 +421,8 @@ def publish(request, slug):
     book = get_object_or_404(Book, slug=slug)
     try:
         book.publish(request.user)
+    except NotAuthorizedError:
+        return http.HttpResponseRedirect(reverse('apiclient_oauth'))
     except BaseException, e:
         return http.HttpResponse(e)
     else: