muddle_users/views/group.py

   1 import json
   2
   3 from django import forms
   4 from django.contrib.auth.decorators import login_required
   5 from django.contrib.auth.models import User, Group
   6 from django.core.urlresolvers import reverse
   7 from django.http import HttpResponse, HttpResponseForbidden, \
   8     HttpResponseNotAllowed, HttpResponseRedirect
   9 from django.shortcuts import get_object_or_404, render_to_response
  10 from django.template import RequestContext
  11
  12 from object_permissions.signals import view_add_user, view_remove_user
  13
  14 from muddle_users.signals import (view_group_edited, view_group_created,
  15                                   view_group_deleted)
  16
  17
  18 class GroupForm(forms.ModelForm):
  19     """
  20     Form for editing Groups
  21     """
  22     class Meta:
  23         model = Group
  24
  25
  26 class UserForm(forms.Form):
  27     """
  28     Base form for dealing with users
  29     """
  30     group = None
  31     user = forms.ModelChoiceField(queryset=User.objects.all())
  32
  33     def __init__(self, group=None, *args, **kwargs):
  34         self.group=group
  35         super(UserForm, self).__init__(*args, **kwargs)
  36
  37
  38 class AddUserForm(UserForm):
  39     def clean_user(self):
  40         """ Validate that user is not in group already """
  41         user = self.cleaned_data['user']
  42         if self.group.user_set.filter(id=user.id).exists():
  43             raise forms.ValidationError("User is already a member of this group")
  44         return user
  45
  46
  47 class RemoveUserForm(UserForm):
  48     def clean_user(self):
  49         """ Validate that user is in group """
  50         user = self.cleaned_data['user']
  51         if not self.group.user_set.filter(id=user.id).exists():
  52             raise forms.ValidationError("User is not a member of this group")
  53         return user
  54
  55
  56 @login_required
  57 def list(request, template='group/list.html'):
  58     """
  59     List all user groups.
  60     """
  61     user = request.user
  62     if request.user.is_superuser:
  63         groups = Group.objects.all()
  64     else:
  65         groups = user.get_objects_any_perms(Group, ['admin'])
  66         if not groups:
  67             return HttpResponseForbidden()
  68
  69     return render_to_response(template,
  70                               {'groups':groups},
  71                               context_instance=RequestContext(request))
  72
  73
  74 @login_required
  75 def detail(request, id=None, template='group/detail.html'):
  76     """
  77     Display group details
  78
  79     @param id: id of Group
  80     """
  81     group = get_object_or_404(Group, id=id) if id else None
  82     user = request.user
  83
  84     if not (user.is_superuser or user.has_perm('admin', group)):
  85         return HttpResponseForbidden()
  86
  87     return render_to_response(template,
  88                         {'object':group,
  89                          'group':group,
  90                          'users':group.user_set.all(),
  91                          'url':reverse('group-permissions', args=[id])
  92                          },
  93                           context_instance=RequestContext(request))
  94
  95
  96 @login_required
  97 def edit(request, id=None, template="group/edit.html"):
  98     """
  99     Edit a group
 100
 101     @param id: id of group to edit, or None for a new group
 102     @param template: template used for rendering a form
 103     """
 104     group = get_object_or_404(Group, id=id) if id else None
 105     user = request.user
 106
 107     if not (user.is_superuser or user.has_perm('admin', group)):
 108         return HttpResponseForbidden()
 109
 110     method = request.method
 111     if method == 'POST':
 112             # form data, this was a submission
 113             form = GroupForm(request.POST, instance=group)
 114             if form.is_valid():
 115                 group = form.save()
 116                 if not id:
 117                     view_group_created.send(sender=group, editor=user)
 118                 else:
 119                     view_group_edited.send(sender=group, editor=user)
 120
 121                 return HttpResponseRedirect(group.get_absolute_url())
 122
 123     elif method == 'DELETE':
 124         group.delete()
 125         view_group_deleted.send(sender=group, editor=user)
 126         return HttpResponse('1', mimetype='application/json')
 127
 128     else:
 129         form = GroupForm(instance=group)
 130
 131     return render_to_response(template, {
 132             'form':form,
 133             'group':group,
 134         },
 135         context_instance=RequestContext(request),
 136     )
 137
 138
 139 @login_required
 140 def add_user(request, id, user_row_template='group/user_row.html'):
 141     """
 142     ajax call to add a user to a Group
 143
 144     @param id: id of Group
 145     """
 146     editor = request.user
 147     group = get_object_or_404(Group, id=id)
 148
 149     if not (editor.is_superuser or editor.has_perm('admin', group)):
 150         return HttpResponseForbidden('You do not have sufficient privileges')
 151
 152     if request.method == 'POST':
 153         form = AddUserForm(group, request.POST)
 154         if form.is_valid():
 155             user = form.cleaned_data['user']
 156             group.user_set.add(user)
 157
 158             # signal
 159             view_add_user.send(sender=editor, user=user, obj=group)
 160
 161             # return html for new user row
 162             url = reverse('group-permissions', args=[id])
 163             return render_to_response(
 164                 user_row_template,
 165                         {'user_detail':user, 'object':group, 'url':url},
 166                         context_instance=RequestContext(request))
 167
 168         # error in form return ajax response
 169         content = json.dumps(form.errors)
 170         return HttpResponse(content, mimetype='application/json')
 171
 172     form = AddUserForm()
 173     return render_to_response("group/add_user.html",
 174                               {'form':form, 'group':group},
 175                               context_instance=RequestContext(request))
 176
 177
 178 @login_required
 179 def remove_user(request, id):
 180     """
 181     Ajax call to remove a user from an Group
 182
 183     @param id: id of Group
 184     """
 185     editor = request.user
 186     group = get_object_or_404(Group, id=id)
 187
 188     if not (editor.is_superuser or editor.has_perm('admin', group)):
 189         return HttpResponseForbidden('You do not have sufficient privileges')
 190
 191     if request.method != 'POST':
 192         return HttpResponseNotAllowed('GET')
 193
 194     form = RemoveUserForm(group, request.POST)
 195     if form.is_valid():
 196         user = form.cleaned_data['user']
 197         group.user_set.remove(user)
 198         user.revoke_all(group)
 199
 200         # signal
 201         view_remove_user.send(sender=editor, user=user, obj=group)
 202
 203         # return success
 204         return HttpResponse('1', mimetype='application/json')
 205
 206     # error in form return ajax response
 207     content = json.dumps(form.errors)
 208     return HttpResponse(content, mimetype='application/json')