X-Git-Url: http://git.cascardo.info/?p=cascardo%2Fema.git;a=blobdiff_plain;f=eventos%2Fviews.py;h=de4dbc0f9d55bc5c731e36091e9460a0e0f4e3ed;hp=bd771c195ca0bab375bb66d6a991a80b1eb726d4;hb=ed3994ccb1acf88c350acf1b9b2c5cd5dafe5fcd;hpb=be76dcaec479d0de8ec9d575bc2ffdc7ab8ca035 diff --git a/eventos/views.py b/eventos/views.py index bd771c1..de4dbc0 100644 --- a/eventos/views.py +++ b/eventos/views.py @@ -17,18 +17,32 @@ # Boston, MA 02111-1307, USA. from django.conf import settings from django.http import HttpResponseRedirect, HttpResponseForbidden -from django.contrib import auth -from django.contrib.auth.forms import AuthenticationForm +from django.contrib.auth import authenticate, login as login_django, \ + logout as logout_django from django.contrib.auth.models import User, Group -from django.newforms import form_for_instance, form_for_model, HiddenInput +from django.forms import HiddenInput, ModelForm from django.shortcuts import render_to_response, get_object_or_404 from django.template import RequestContext, Context, loader -from eventos.models import Palestrante, Trabalho, TipoTrabalho, Trilha, Evento +from eventos.models import Palestrante, Trabalho, TipoTrabalho, Trilha, Evento, Improve from eventos.forms import RegisterSpeaker +from django.db.models import Q forbidden = \ HttpResponseForbidden('

You are not allowed to do this action.

') +class SpeakerForm(ModelForm): + class Meta: + model = Palestrante + exclude = ('usuario',) + +class TalkForm(ModelForm): + class Meta: + model = Trabalho + +class ImproveForm(ModelForm): + class Meta: + model = Improve + def login(request): """This is a function that will be used as a front-end to the django's login system. It receives username and password fields @@ -37,13 +51,13 @@ def login(request): If login is successful, user will be redirected to the referer address, otherwise will be redirected to /?login_failed. """ - errors = {} - manipulator = AuthenticationForm(request) - if request.POST: - errors = manipulator.get_validation_errors(request.POST) - got_user = manipulator.get_user() - if got_user: - auth.login(request, got_user) + username = request.POST['username'] + password = request.POST['password'] + user = authenticate(username=username, password=password) + + if user is not None: + if user.is_active: + login_django(request, user) try: request.session.delete_test_cookie() except KeyError: @@ -51,6 +65,8 @@ def login(request): return HttpResponseRedirect('/') else: return HttpResponseRedirect('/?login_failed') + else: + return HttpResponseRedirect('/?login_failed') request.session.set_test_cookie() return HttpResponseRedirect(request.META.get('HTTP_REFERER', '/')) @@ -59,7 +75,7 @@ def logout(request): """Simple front-end to django's logout stuff. This function should be mapped to an url and simply called without any parameter. """ - auth.logout(request) + logout_django(request) return HttpResponseRedirect('/') def speaker_add(request): @@ -67,9 +83,7 @@ def speaker_add(request): """ uform = RegisterSpeaker(request.POST or None) - FormKlass = form_for_model(Palestrante) - form = FormKlass(request.POST or None) - del form.fields['usuario'] + form = SpeakerForm(request.POST or None) if request.POST and form.is_valid() and uform.is_valid(): cd = uform.cleaned_data @@ -106,10 +120,8 @@ def speaker_details(request, lid): if entity.id != int(lid): return forbidden - FormKlass = form_for_instance(entity) - del FormKlass.base_fields['usuario'] + form = SpeakerForm(request.POST or None, instance=entity) - form = FormKlass(request.POST or None) if request.POST and form.is_valid(): form.save() @@ -128,7 +140,9 @@ def speaker_talks(request, lid): if entity.id != int(lid): return forbidden - talks = Trabalho.objects.filter(palestrante=entity) + talks = Trabalho.objects.filter( + Q(palestrante=entity) | Q(outros_palestrantes=entity) ) + c = {'speaker': entity, 'talks': talks} return render_to_response('eventos/talk-list.html', Context(c), context_instance=RequestContext(request)) @@ -136,14 +150,17 @@ def speaker_talks(request, lid): def talk_details(request, tid): """Shows a form to edit a talk """ + # If the user is not a speaker we should not try to show anything. + if not hasattr(request.user, 'palestrante_set'): + return forbidden + # Selected in settings.py (SITE_ID) variable, because an event can # be linked with only one site. event = Evento.objects.get(site__id__exact=settings.SITE_ID) # building the form entity = get_object_or_404(Trabalho, pk=tid) - FormKlass = form_for_instance(entity) - form = FormKlass(request.POST or None) + form = TalkForm(request.POST or None, instance=entity) # These fields should not be shown to the user. form.fields['palestrante'].widget = HiddenInput() @@ -165,6 +182,12 @@ def talk_details(request, tid): form.fields['outros_palestrantes'].initial = '' form.fields['outros_palestrantes'].widget = HiddenInput() + # avoiding smart people trying to se talks of other speakers. + speaker = request.user.palestrante_set.get() + if speaker.id != entity.palestrante.id \ + and speaker not in entity.outros_palestrantes.all(): + return forbidden + if request.POST and form.is_valid(): form.save() @@ -192,19 +215,18 @@ def talk_add(request): if not hasattr(request.user, 'palestrante_set'): return forbidden + # building the form + form = TalkForm(request.POST or None) + + # These fields should not be shown to the user. + # Selected in settings.py (SITE_ID) variable, because an event can # be linked with only one site. - event = Evento.objects.get(site__id__exact=settings.SITE_ID) - - # building the form entity = request.user.palestrante_set.get() - FormKlass = form_for_model(Trabalho) - form = FormKlass(request.POST or None, - initial={'palestrante': entity.id, 'evento': event.id}) + form.fields['palestrante'].widget = HiddenInput(attrs={'value' : entity.id}) - # These fields should not be shown to the user. - form.fields['palestrante'].widget = HiddenInput() - form.fields['evento'].widget = HiddenInput() + event = Evento.objects.get(site__id__exact=settings.SITE_ID) + form.fields['evento'].widget = HiddenInput(attrs={'value' : event.id}) # These fields are event specific trilhas = Trilha.objects.filter(evento=event) @@ -234,3 +256,43 @@ def talk_add(request): c = {'form': form} return render_to_response('eventos/talk-add.html', Context(c), context_instance=RequestContext(request)) + +def list_all_talks(request): + event = Evento.objects.get(site__id__exact=settings.SITE_ID) + trilhas = Trilha.objects.filter(evento=event) + + improve = [] + for t in trilhas: + talks = Trabalho.objects.filter(trilha=t) + aux = {'trilha':t.nome, 'talks':talks} + improve.append(aux) + + c = {'improve': improve,} + return render_to_response('eventos/improve.html', Context(c), + context_instance=RequestContext(request)) + +def talk_improve(request, tid): + if not request.user: + return forbidden + + talk = get_object_or_404(Trabalho, pk=tid) + improve = Improve.objects.filter(trabalho=talk) + + # building the form + form = ImproveForm(request.POST or None) + form.fields['trabalho'].widget = HiddenInput(attrs={'value':talk.id}) + form.fields['usuario'].widget = HiddenInput(attrs={'value':request.user.id}) + + if request.POST and form.is_valid(): + event = Evento.objects.get(site__id__exact=settings.SITE_ID) + # validation + cleaned = form.cleaned_data + if cleaned['trabalho'].evento.id != event.id: + return forbidden + + instance = form.save() + return HttpResponseRedirect('/improve/%d/' % talk.id) + + c = {'talk': talk, 'form': form, 'improve': improve} + return render_to_response('eventos/talk_improve.html', Context(c), + context_instance=RequestContext(request))