Files
@ a5dc78cf7162
Branch filter:
Location: symposion_app/symposion/boxes/views.py - annotation
a5dc78cf7162
1.3 KiB
text/x-python
comment out breadcrumbs for now
2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 2665fd575869 | from django.http import HttpResponseForbidden
from django.shortcuts import redirect
from django.views.decorators.http import require_POST
from symposion.boxes.authorization import load_can_edit
from symposion.boxes.forms import BoxForm
from symposion.boxes.models import Box
# @@@ problem with this is that the box_edit.html and box_create.html won't have domain objects in context
def get_auth_vars(request):
auth_vars = {}
if request.method == "POST":
keys = [k for k in request.POST.keys() if k.startswith("boxes_auth_")]
for key in keys:
auth_vars[key.replace("boxes_auth_", "")] = request.POST.get(key)
auth_vars["user"] = request.user
return auth_vars
@require_POST
def box_edit(request, label):
if not load_can_edit()(request, **get_auth_vars(request)):
return HttpResponseForbidden()
next = request.GET.get("next")
try:
box = Box.objects.get(label=label)
except Box.DoesNotExist:
box = None
form = BoxForm(request.POST, instance=box, prefix=label)
if form.is_valid():
if box is None:
box = form.save(commit=False)
box.label = label
box.created_by = request.user
box.last_updated_by = request.user
box.save()
else:
form.save()
return redirect(next)
|