symposion_app/symposion/boxes/views.py

47 lines
1.3 KiB
Python
Raw Normal View History

2012-07-10 22:18:48 +00:00
from django.http import HttpResponseForbidden
from django.shortcuts import redirect
from django.views.decorators.http import require_POST
from symposion.boxes.authorization import load_can_edit
from symposion.boxes.forms import BoxForm
from symposion.boxes.models import Box
2014-07-30 18:19:26 +00:00
# @@@ problem with this is that the box_edit.html and box_create.html won't have domain objects in
# context
2012-07-10 22:18:48 +00:00
def get_auth_vars(request):
auth_vars = {}
if request.method == "POST":
keys = [k for k in request.POST.keys() if k.startswith("boxes_auth_")]
for key in keys:
auth_vars[key.replace("boxes_auth_", "")] = request.POST.get(key)
auth_vars["user"] = request.user
return auth_vars
@require_POST
def box_edit(request, label):
2014-07-30 18:19:26 +00:00
2012-07-10 22:18:48 +00:00
if not load_can_edit()(request, **get_auth_vars(request)):
return HttpResponseForbidden()
2014-07-30 18:19:26 +00:00
2012-07-10 22:18:48 +00:00
next = request.GET.get("next")
2014-07-30 18:19:26 +00:00
2012-07-10 22:18:48 +00:00
try:
box = Box.objects.get(label=label)
except Box.DoesNotExist:
box = None
2014-07-30 18:19:26 +00:00
2012-07-10 22:18:48 +00:00
form = BoxForm(request.POST, instance=box, prefix=label)
if form.is_valid():
if box is None:
box = form.save(commit=False)
box.label = label
box.created_by = request.user
box.last_updated_by = request.user
box.save()
else:
form.save()
return redirect(next)