implemented some editor permissions; added theme for article; DB CHANGE

edgware/editor/models.py

@@ -170,6 +170,21 @@ def saveRevision(r):
   rev.save()
   return rev.id
 
+
+class ArticleTheme(models.Model):
+  name = models.CharField(max_length=255)
+  description = models.TextField(blank=True, null=True)
+
+  def __unicode__(self):
+    return self.name
+
+  def get_dict(self):
+    return {
+      'id': self.id,
+      'name': self.name
+    }
+
+
 class Article(models.Model):
   '''
   Each page references an article. A single page cannot reference more than one article. The article is what people comment on (and potentially what audio & video are attached to). 
@@ -187,29 +202,59 @@ class Article(models.Model):
   published = models.BooleanField(default=False)
   users = models.ManyToManyField(User, related_name='article_user', blank=True)
   groups = models.ManyToManyField(Group, blank=True)
-  
+  theme = models.ForeignKey(ArticleTheme, blank=True, null=True)
   
   '''
-  Return boolean for whether user can access article or not - must be passed a valid User object.
+  Return boolean for whether user can edit article on tool or not - must be passed a valid User object.
   '''
   def can_edit(self, user):
     if user.is_anonymous():
       return False
+    if self.locked:
+      return False
     if user.is_superuser:
       return True
     if self.owner == user:
       return True
-    if self.locked:
-      return False
     for u in self.users.iterator():  
       if u == User:
         return True
     for g in self.groups.iterator():
       for u in g.users.iterator():
-        if u == User:
+        if u == user:
           return True
     return False
   
+  def is_owner(self, user):
+    if self.owner == user or user.is_superuser:
+      return True
+    else:
+      return False
+
+  def can_view(self, user):
+    if self.published == True or self.owner == user or user.is_superuser or user in self.users.iterator():
+      return True
+    for g in self.groups.iterator():
+      for u in g.users.iterator():
+        if u == user:
+          return True
+    return False
+
+
+  @classmethod
+  def get_published_list(kls, user, qset=False):
+    if not qset:
+      qset = kls.objects.all()
+    return qset.objects.filter(published=True)
+
+  
+  @classmethod
+  def fts(kls, search, qset=False):
+    if not qset:
+      qset = kls.objects.all()
+    return qset.objects.filter(name__icontains=search)
+    
+
 
   def get_copy(self):
     a = Article()

edgware/editor/views.py

@@ -1,4 +1,4 @@
-# Create your s here.
+
 from models import *
 from files.models import *
 from django.http import HttpResponse, HttpResponseRedirect
@@ -18,6 +18,8 @@ from PIL import Image
 import os
 from print_pdf import print_url_list
 import math
+from utils.decorators import user_passes_test_json
+
 
 @login_required
 def editor(request):
@@ -87,6 +89,9 @@ def add_srt(request):
 def edit_article(request, id):
   c = Category.objects.all()
   a = Article.objects.get(pk=id)
+  user = request.user
+  if not a.can_edit(user):
+    return HttpResponse("sorry, you cannot edit this article. you either do not have permissions, or it is locked.")
   p = a.product
   if p is not None:
     frontend_url = "/edit/article_frontend/%d/%d/" % (p.id, a.order)
@@ -111,6 +116,8 @@ def image_rotate(request, id):
   else:
     degrees = 0
   image_obj = File.objects.get(pk=image_id)
+
+  
   if ImageBox.objects.filter(file=image_obj).filter(is_displayed=True).count() > 0:
     return HttpResponse("This image is being used on a page. Cannot rotate")
   else: