implemented some editor permissions; added theme for article; DB CHANGE

2011-07-06 03:08:08 +05:30 · 2011-07-06 03:08:08 +05:30 · f8ad92902a
commit f8ad92902a
parent fcda64ca05
2 changed files with 58 additions and 6 deletions
--- a/edgware/editor/models.py
+++ b/edgware/editor/models.py
@ -170,6 +170,21 @@ def saveRevision(r):
  rev.save()
  return rev.id

+
+class ArticleTheme(models.Model):
+  name = models.CharField(max_length=255)
+  description = models.TextField(blank=True, null=True)
+
+  def __unicode__(self):
+    return self.name
+
+  def get_dict(self):
+    return {
+      'id': self.id,
+      'name': self.name
+    }
+
+
 class Article(models.Model):
  '''
  Each page references an article. A single page cannot reference more than one article. The article is what people comment on (and potentially what audio & video are attached to). 
@ -187,29 +202,59 @@ class Article(models.Model):
  published = models.BooleanField(default=False)
  users = models.ManyToManyField(User, related_name='article_user', blank=True)
  groups = models.ManyToManyField(Group, blank=True)
-  
+  theme = models.ForeignKey(ArticleTheme, blank=True, null=True)
  
  '''
-  Return boolean for whether user can access article or not - must be passed a valid User object.
+  Return boolean for whether user can edit article on tool or not - must be passed a valid User object.
  '''
  def can_edit(self, user):
    if user.is_anonymous():
      return False
+    if self.locked:
+      return False
    if user.is_superuser:
      return True
    if self.owner == user:
      return True
-    if self.locked:
-      return False
    for u in self.users.iterator():  
      if u == User:
        return True
    for g in self.groups.iterator():
      for u in g.users.iterator():
-        if u == User:
+        if u == user:
          return True
    return False
  
+  def is_owner(self, user):
+    if self.owner == user or user.is_superuser:
+      return True
+    else:
+      return False
+
+  def can_view(self, user):
+    if self.published == True or self.owner == user or user.is_superuser or user in self.users.iterator():
+      return True
+    for g in self.groups.iterator():
+      for u in g.users.iterator():
+        if u == user:
+          return True
+    return False
+
+
+  @classmethod
+  def get_published_list(kls, user, qset=False):
+    if not qset:
+      qset = kls.objects.all()
+    return qset.objects.filter(published=True)
+
+  
+  @classmethod
+  def fts(kls, search, qset=False):
+    if not qset:
+      qset = kls.objects.all()
+    return qset.objects.filter(name__icontains=search)
+    
+

  def get_copy(self):
    a = Article()
--- a/edgware/editor/views.py
+++ b/edgware/editor/views.py
@ -1,4 +1,4 @@
-# Create your s here.
+
 from models import *
 from files.models import *
 from django.http import HttpResponse, HttpResponseRedirect
@ -18,6 +18,8 @@ from PIL import Image
 import os
 from print_pdf import print_url_list
 import math
+from utils.decorators import user_passes_test_json
+

@login_required
 def editor(request):
@ -87,6 +89,9 @@ def add_srt(request):
 def edit_article(request, id):
  c = Category.objects.all()
  a = Article.objects.get(pk=id)
+  user = request.user
+  if not a.can_edit(user):
+    return HttpResponse("sorry, you cannot edit this article. you either do not have permissions, or it is locked.")
  p = a.product
  if p is not None:
    frontend_url = "/edit/article_frontend/%d/%d/" % (p.id, a.order)
@ -111,6 +116,8 @@ def image_rotate(request, id):
  else:
    degrees = 0
  image_obj = File.objects.get(pk=image_id)
+
+  
  if ImageBox.objects.filter(file=image_obj).filter(is_displayed=True).count() > 0:
    return HttpResponse("This image is being used on a page. Cannot rotate")
  else: