X-Git-Url: https://git.mdrn.pl/redakcja.git/blobdiff_plain/f73ecfb6b870b18ed88303ff71a06da55001274b..e59fb224da39822620eefe8171d8ecad2c69cda6:/apps/catalogue/views.py?ds=inline diff --git a/apps/catalogue/views.py b/apps/catalogue/views.py index 72cf63d3..bc54c3ea 100644 --- a/apps/catalogue/views.py +++ b/apps/catalogue/views.py @@ -1,4 +1,4 @@ -from datetime import datetime +from datetime import datetime, date, timedelta import logging import os from StringIO import StringIO @@ -11,7 +11,7 @@ from django.contrib.auth.decorators import login_required, permission_required from django.core.urlresolvers import reverse from django.db.models import Count, Q from django import http -from django.http import Http404 +from django.http import Http404, HttpResponse, HttpResponseForbidden from django.shortcuts import get_object_or_404, render from django.utils.encoding import iri_to_uri from django.utils.http import urlquote_plus @@ -19,15 +19,13 @@ from django.utils.translation import ugettext_lazy as _ from django.views.decorators.http import require_POST from django.views.generic.simple import direct_to_template -import librarian.html -import librarian.text - from apiclient import NotAuthorizedError from catalogue import forms from catalogue import helpers from catalogue.helpers import active_tab -from catalogue.models import Book, Chunk, BookPublishRecord, ChunkPublishRecord -from catalogue import xml_tools +from catalogue.models import (Book, Chunk, Image, BookPublishRecord, + ChunkPublishRecord, ImagePublishRecord) +from catalogue.tasks import publishable_error # # Quick hack around caching problems, TODO: use ETags @@ -43,6 +41,12 @@ def document_list(request): return render(request, 'catalogue/document_list.html') +@active_tab('images') +@never_cache +def image_list(request, user=None): + return render(request, 'catalogue/image_list.html') + + @never_cache def user(request, username): user = get_object_or_404(User, username=username) @@ -70,8 +74,20 @@ def users(request): @active_tab('activity') -def activity(request): - return render(request, 'catalogue/activity.html') +def activity(request, isodate=None): + today = date.today() + try: + day = helpers.parse_isodate(isodate) + except ValueError: + day = today + + if day > today: + raise Http404 + if day != today: + next_day = day + timedelta(1) + prev_day = day - timedelta(1) + + return render(request, 'catalogue/activity.html', locals()) @never_cache @@ -100,13 +116,15 @@ def create_missing(request, slug=None): creator=creator, slug=form.cleaned_data['slug'], title=form.cleaned_data['title'], + gallery=form.cleaned_data['gallery'], ) - return http.HttpResponseRedirect(reverse("wiki_editor", args=[book.slug])) + return http.HttpResponseRedirect(reverse("catalogue_book", args=[book.slug])) else: form = forms.DocumentCreateForm(initial={ "slug": slug, "title": slug.replace('-', ' ').title(), + "gallery": slug, }) return direct_to_template(request, "catalogue/document_create_missing.html", extra_context={ @@ -184,7 +202,10 @@ def upload(request): @never_cache def book_xml(request, slug): - xml = get_object_or_404(Book, slug=slug).materialize() + book = get_object_or_404(Book, slug=slug) + if not book.accessible(request): + return HttpResponseForbidden("Not authorized.") + xml = book.materialize() response = http.HttpResponse(xml, content_type='application/xml', mimetype='application/wl+xml') response['Content-Disposition'] = 'attachment; filename=%s.xml' % slug @@ -193,9 +214,14 @@ def book_xml(request, slug): @never_cache def book_txt(request, slug): - xml = get_object_or_404(Book, slug=slug).materialize() + book = get_object_or_404(Book, slug=slug) + if not book.accessible(request): + return HttpResponseForbidden("Not authorized.") + xml = book.materialize() output = StringIO() # errors? + + import librarian.text librarian.text.transform(StringIO(xml), output) text = output.getvalue() response = http.HttpResponse(text, content_type='text/plain', mimetype='text/plain') @@ -205,9 +231,14 @@ def book_txt(request, slug): @never_cache def book_html(request, slug): - xml = get_object_or_404(Book, slug=slug).materialize() + book = get_object_or_404(Book, slug=slug) + if not book.accessible(request): + return HttpResponseForbidden("Not authorized.") + xml = book.materialize() output = StringIO() # errors? + + import librarian.html librarian.html.transform(StringIO(xml), output, parse_dublincore=False, flags=['full-page']) html = output.getvalue() @@ -215,17 +246,74 @@ def book_html(request, slug): return response +@never_cache +def book_pdf(request, slug): + book = get_object_or_404(Book, slug=slug) + if not book.accessible(request): + return HttpResponseForbidden("Not authorized.") + + from tempfile import NamedTemporaryFile + from os import unlink + from librarian import pdf + from catalogue.ebook_utils import RedakcjaDocProvider, serve_file + + xml = book.materialize() + xml_file = NamedTemporaryFile() + xml_file.write(xml.encode('utf-8')) + xml_file.flush() + + try: + pdf_file = NamedTemporaryFile(delete=False) + pdf.transform(RedakcjaDocProvider(publishable=True), + file_path=xml_file.name, + output_file=pdf_file, + ) + return serve_file(pdf_file.name, book.slug + '.pdf', 'application/pdf') + finally: + unlink(pdf_file.name) + + +@never_cache +def book_epub(request, slug): + book = get_object_or_404(Book, slug=slug) + if not book.accessible(request): + return HttpResponseForbidden("Not authorized.") + + from StringIO import StringIO + from tempfile import NamedTemporaryFile + from librarian import epub + from catalogue.ebook_utils import RedakcjaDocProvider + + xml = book.materialize() + xml_file = NamedTemporaryFile() + xml_file.write(xml.encode('utf-8')) + xml_file.flush() + + epub_file = StringIO() + epub.transform(RedakcjaDocProvider(publishable=True), + file_path=xml_file.name, + output_file=epub_file) + response = HttpResponse(mimetype='application/epub+zip') + response['Content-Disposition'] = 'attachment; filename=%s' % book.slug + '.epub' + response.write(epub_file.getvalue()) + return response + + @never_cache def revision(request, slug, chunk=None): try: doc = Chunk.get(slug, chunk) except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist): raise Http404 + if not doc.book.accessible(request): + return HttpResponseForbidden("Not authorized.") return http.HttpResponse(str(doc.revision())) def book(request, slug): book = get_object_or_404(Book, slug=slug) + if not book.accessible(request): + return HttpResponseForbidden("Not authorized.") if request.user.has_perm('catalogue.change_book'): if request.method == "POST": @@ -240,20 +328,43 @@ def book(request, slug): form = forms.ReadonlyBookForm(instance=book) editable = False - - try: - book.assert_publishable() - except AssertionError, e: - publishable = False - publishable_error = e - else: - publishable = True - publishable_error = None + publish_error = publishable_error(book) + publishable = publish_error is None return direct_to_template(request, "catalogue/book_detail.html", extra_context={ "book": book, "publishable": publishable, - "publishable_error": publishable_error, + "publishable_error": publish_error, + "form": form, + "editable": editable, + }) + + +def image(request, slug): + image = get_object_or_404(Image, slug=slug) + if not image.accessible(request): + return HttpResponseForbidden("Not authorized.") + + if request.user.has_perm('catalogue.change_image'): + if request.method == "POST": + form = forms.ImageForm(request.POST, instance=image) + if form.is_valid(): + form.save() + return http.HttpResponseRedirect(image.get_absolute_url()) + else: + form = forms.ImageForm(instance=image) + editable = True + else: + form = forms.ReadonlyImageForm(instance=image) + editable = False + + publish_error = publishable_error(image) + publishable = publish_error is None + + return direct_to_template(request, "catalogue/image_detail.html", extra_context={ + "object": image, + "publishable": publishable, + "publishable_error": publish_error, "form": form, "editable": editable, }) @@ -265,6 +376,8 @@ def chunk_add(request, slug, chunk): doc = Chunk.get(slug, chunk) except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist): raise Http404 + if not doc.book.accessible(request): + return HttpResponseForbidden("Not authorized.") if request.method == "POST": form = forms.ChunkAddForm(request.POST, instance=doc) @@ -276,6 +389,9 @@ def chunk_add(request, slug, chunk): doc.split(creator=creator, slug=form.cleaned_data['slug'], title=form.cleaned_data['title'], + gallery_start=form.cleaned_data['gallery_start'], + user=form.cleaned_data['user'], + stage=form.cleaned_data['stage'] ) return http.HttpResponseRedirect(doc.book.get_absolute_url()) @@ -296,6 +412,9 @@ def chunk_edit(request, slug, chunk): doc = Chunk.get(slug, chunk) except (Chunk.MultipleObjectsReturned, Chunk.DoesNotExist): raise Http404 + if not doc.book.accessible(request): + return HttpResponseForbidden("Not authorized.") + if request.method == "POST": form = forms.ChunkForm(request.POST, instance=doc) if form.is_valid(): @@ -309,9 +428,13 @@ def chunk_edit(request, slug, chunk): else: form = forms.ChunkForm(instance=doc) - parts = urlsplit(request.META['HTTP_REFERER']) - parts = ['', ''] + list(parts[2:]) - go_next = urlquote_plus(urlunsplit(parts)) + referer = request.META.get('HTTP_REFERER') + if referer: + parts = urlsplit(referer) + parts = ['', ''] + list(parts[2:]) + go_next = urlquote_plus(urlunsplit(parts)) + else: + go_next = '' return direct_to_template(request, "catalogue/chunk_edit.html", extra_context={ "chunk": doc, @@ -323,6 +446,9 @@ def chunk_edit(request, slug, chunk): @permission_required('catalogue.change_book') def book_append(request, slug): book = get_object_or_404(Book, slug=slug) + if not book.accessible(request): + return HttpResponseForbidden("Not authorized.") + if request.method == "POST": form = forms.BookAppendForm(book, request.POST) if form.is_valid(): @@ -343,6 +469,9 @@ def book_append(request, slug): @login_required def publish(request, slug): book = get_object_or_404(Book, slug=slug) + if not book.accessible(request): + return HttpResponseForbidden("Not authorized.") + try: book.publish(request.user) except NotAuthorizedError: @@ -351,3 +480,20 @@ def publish(request, slug): return http.HttpResponse(e) else: return http.HttpResponseRedirect(book.get_absolute_url()) + + +@require_POST +@login_required +def publish_image(request, slug): + image = get_object_or_404(Image, slug=slug) + if not image.accessible(request): + return HttpResponseForbidden("Not authorized.") + + try: + image.publish(request.user) + except NotAuthorizedError: + return http.HttpResponseRedirect(reverse('apiclient_oauth')) + except BaseException, e: + return http.HttpResponse(e) + else: + return http.HttpResponseRedirect(image.get_absolute_url())