From 8f8dd20e902e2db1d1fab7ed2649203ddb0b73d2 Mon Sep 17 00:00:00 2001 From: ashok sukumaran Date: Mon, 4 Jul 2011 17:09:47 +0530 Subject: [PATCH 1/7] front pages --- edgware/static/css/main.css | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/edgware/static/css/main.css b/edgware/static/css/main.css index e29ca3c..9b3a904 100644 --- a/edgware/static/css/main.css +++ b/edgware/static/css/main.css @@ -67,7 +67,7 @@ ul { #intro { position: absolute; - width: 350px; + width: 370px; right: 20px; top: 12px; font-size: 11px; From 916338e84c45de337c714d8494066fbdba07227c Mon Sep 17 00:00:00 2001 From: ashok sukumaran Date: Mon, 4 Jul 2011 17:56:50 +0530 Subject: [PATCH 2/7] front pages --- edgware/static/css/files/archive.css | 3 +++ 1 file changed, 3 insertions(+) diff --git a/edgware/static/css/files/archive.css b/edgware/static/css/files/archive.css index 780f09b..bbd4556 100644 --- a/edgware/static/css/files/archive.css +++ b/edgware/static/css/files/archive.css @@ -120,6 +120,9 @@ color:#555353;} .previewObject a:active {color:#000;} +.itemform +{width:400px;} + .itemForm p {padding-top:12px;} From 9b822c751f4344f4494779260e1bc7de4c65857e Mon Sep 17 00:00:00 2001 From: ashok sukumaran Date: Mon, 4 Jul 2011 18:01:23 +0530 Subject: [PATCH 3/7] front pages --- edgware/static/css/files/archive.css | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/edgware/static/css/files/archive.css b/edgware/static/css/files/archive.css index bbd4556..d47d600 100644 --- a/edgware/static/css/files/archive.css +++ b/edgware/static/css/files/archive.css @@ -120,7 +120,7 @@ color:#555353;} .previewObject a:active {color:#000;} -.itemform +.itemForm {width:400px;} .itemForm p From ebc0f77ed1f202c66ad500ec6e472cffb76e12b6 Mon Sep 17 00:00:00 2001 From: ashok sukumaran Date: Mon, 4 Jul 2011 18:05:28 +0530 Subject: [PATCH 4/7] front pages --- edgware/static/css/files/archive.css | 1 + 1 file changed, 1 insertion(+) diff --git a/edgware/static/css/files/archive.css b/edgware/static/css/files/archive.css index d47d600..b68d372 100644 --- a/edgware/static/css/files/archive.css +++ b/edgware/static/css/files/archive.css @@ -142,6 +142,7 @@ float:left;} .itemDescription {float:right; height:50px; +width: 200px; border:2px groove #efecec;} .submitItem From d5de68899b3e8d1f4388976945ba701f87e5cea1 Mon Sep 17 00:00:00 2001 From: Sanj Date: Mon, 4 Jul 2011 18:07:45 +0530 Subject: [PATCH 5/7] file permissions, make private, models have changed. --- edgware/files/models.py | 10 ++- edgware/files/urls.py | 2 + edgware/files/views.py | 86 +++++++++++++++++++++++--- edgware/static/js/files/browse.js | 36 ++++++++++- edgware/static/js/upload/edgeUpload.js | 4 +- 5 files changed, 125 insertions(+), 13 deletions(-) diff --git a/edgware/files/models.py b/edgware/files/models.py index 2b2002f..635f0fb 100755 --- a/edgware/files/models.py +++ b/edgware/files/models.py @@ -94,6 +94,7 @@ class File(models.Model): file_date = models.DateField("Date", blank=True, null=True) added = models.DateField("Date Added", auto_now_add=True) categories = models.ManyToManyField('Category', verbose_name='Studies') + private = models.BooleanField(default=False) # type = models.ForeignKey('Type', verbose_name='File Type') type = models.CharField(max_length=255, choices=TYPE_CHOICES) ext = models.CharField(max_length=100, blank=True) @@ -144,7 +145,8 @@ class File(models.Model): 'title': self.title, 'description': self.description, 'type': self.type, - 'studies': studies + 'studies': studies, + 'is_private': self.private } def save_chunk(self, chunk, name='data.bin'): @@ -215,6 +217,12 @@ class File(models.Model): self.save() return self + def can_edit(self, user): + if user.is_superuser or self.userID == user: + return True + else: + return False + class Category(models.Model): name = models.CharField(max_length=255) groups = models.ManyToManyField(Group, null=True) diff --git a/edgware/files/urls.py b/edgware/files/urls.py index f2ea8ea..91a0264 100644 --- a/edgware/files/urls.py +++ b/edgware/files/urls.py @@ -10,6 +10,8 @@ urlpatterns = patterns('', (r'^editFile/', views.editFile), (r'^deleteFiles/', views.deleteFiles), (r'^moveFiles/', views.moveFiles), + (r'makePrivate/', views.makeFilePrivate), + (r'makePublic/', views.makeFilePublic), (r'json_list', views.fileList), (r'browse', views.browse) ) diff --git a/edgware/files/views.py b/edgware/files/views.py index 12f00f8..00f5cf2 100644 --- a/edgware/files/views.py +++ b/edgware/files/views.py @@ -17,6 +17,8 @@ try: import json except: import simplejson as json +from utils.decorators import user_passes_test_json +from django.db.models import Q ''' class folder_names(object): @@ -24,6 +26,36 @@ class folder_names(object): return iter(map(lambda x: (x,x), os.listdir(UPLOAD_ROOT))) ''' + +def canEditFile(request): + id = request.POST.get("id", 0) + fil = File.objects.get(pk=id) + u = request.user + response = {} + if fil.can_edit(u): + response['status'] = 'pass' + else: + response['status'] = 'fail' + response['error'] = "you do not have permission to edit this file." + return response + + +def canEditFiles(request): + ids = request.POST.get("ids", "[]") + files = json.loads(ids) + u = request.user + response = {} + for f in files: + fil = File.objects.get(pk=f) + if not fil.can_edit(u): + response['status'] = 'fail' + if response['status'] == 'fail': + response['error'] = 'sorry, you do not have necessary permissions to edit these files' + else: + response['status'] = 'pass' + return response + + def getFolderList(): os.chdir(FTP_ROOT) dirs = filter(isdir, os.listdir(FTP_ROOT)) @@ -211,7 +243,7 @@ def add(request): @csrf_exempt -@login_required +@user_passes_test_json(canEditFile) def editFile(request): errors = [] try: @@ -226,35 +258,61 @@ def editFile(request): fil.__setattr__(k, val) fil.save() response = { - 'errors': errors + 'status': 'pass' } return render_to_json_response(response) @csrf_exempt -@login_required +@user_passes_test_json(canEditFile) def deleteFiles(request): - errors = [] files = json.loads(request.POST.get("ids", "[]")) for f in files: fil = File.objects.get(pk=f) fil.delete() response = { - 'errors': errors + 'status': 'pass' } return render_to_json_response(response) +@csrf_exempt +@user_passes_test_json(canEditFile) +def makeFilePrivate(request): +# errors = [] + id = request.POST.get("id", "0") + fil = File.objects.get(pk=id) + fil.private = True + fil.save() + response = { + 'status': 'pass' + } + return render_to_json_response(response) @csrf_exempt -@login_required -def moveFiles(request): +@user_passes_test_json(canEditFile) +def makeFilePublic(request): errors = [] + id = request.POST.get("id", "0") + fil = File.objects.get(pk=id) + fil.private = False + fil.save() + response = { + 'status': 'pass' + } + return render_to_json_response(response) + + +@csrf_exempt +@user_passes_test_json(canEditFiles) +def moveFiles(request): + response = {} files = json.loads(request.POST.get("ids", "[]")) study_id = int(request.POST.get("study", "0")) study = Category.objects.get(pk=study_id) for f in files: fil = File.objects.get(pk=f) fil.move_to(study) + response['status'] = 'pass' return render_to_json_response(errors) @@ -264,7 +322,12 @@ def fileList(request): typ = request.POST.get("fileType", '') search = request.POST.get("search", '') page = request.POST.get("page_no", 1) - qset = File.objects.all() +# private = request.POST.get("private", "0") + user = request.user + if user.is_superuser: + qset = File.objects.all() + else: + qset = File.objects.filter(Q(private=False) | (Q(private=True) & Q(userID=user.id))) if category != '': qset = File.filter_category(category, qset) if typ != '': @@ -282,6 +345,7 @@ def fileList(request): files = results.object_list d = {} + d['status'] = 'pass' d['noOfResults'] = qset.count() d['noOfPages'] = paginator.num_pages d['currentPage'] = current_page @@ -289,12 +353,16 @@ def fileList(request): # d['hasNext'] = paginator.has_next() d['files'] = [] for f in files: - d['files'].append(f.get_dict()) + fileData = f.get_dict() + fileData['can_edit'] = f.can_edit(user) + d['files'].append(fileData) return render_to_json_response(d) + def browse(request): form = FileFilterForm() return render_to_response("files/browser.html", { 'filterForm': form }) + diff --git a/edgware/static/js/files/browse.js b/edgware/static/js/files/browse.js index 93e620c..dc73b44 100644 --- a/edgware/static/js/files/browse.js +++ b/edgware/static/js/files/browse.js @@ -67,6 +67,9 @@ $(function() { var url = "/files/deleteFiles/"; var params = {'ids': JSON.stringify(ids)}; $.post(url, params, function(response) { + if (response.status == 'fail') { + alert(response.error); + } $this.removeAttr("disabled"); $('#filterForm').submit(); }); @@ -88,6 +91,9 @@ $(function() { } $.post(url, params, function(response) { + if (response.status == 'fail') { + alert(response.error); + } $this.removeAttr("disabled"); $('#filterForm').submit(); }, "json"); @@ -157,13 +163,38 @@ function getItemForm(f) { var $titleLabel = $('').addClass("itemFormLabel").addClass("titleLabel").text("Title").appendTo($labelsP); var $descriptionLabel = $('').addClass("itemFormLabel").addClass("descriptionLabel").text("Description").appendTo($labelsP); var $inputsP = $('

').appendTo($form); - var $titleInput = $('').addClass("itemTitle").val(f.title).appendTo($inputsP); + var $titleInput = $('').addClass("itemTitle").val(f.title).appendTo($inputsP); + + if (f.can_edit) { + var $privateLabel = $('').addClass("pvtLabel").text("Private ").appendTo($inputsP); + var $pvtCheckbox = $('').attr("type", "checkbox").attr("checked", f.is_private).appendTo($inputsP); + $pvtCheckbox.change(function() { + var checked = $(this).is(":checked"); + if (checked) { + var url = "/files/makePrivate/"; + } else { + var url = "/files/makePublic/"; + } + var parent = $(this).parents(".itemForm"); + var id = parent.find(".itemId").val(); + var params = {'id': id} + $.post(url, params, function(response) { + if (response.status == 'fail') { + alert(response.error); + } + }, "json"); + }); + } + var $descriptionInput = $('