]> git.openstreetmap.org Git - osqa.git/blobdiff - forum/views/users.py
OSQA-386
[osqa.git] / forum / views / users.py
index ba9e1734bb22a49fcc7413f455386d270a764dde..2bda26368c419bf75cd5f64a66bcb257ed8ddef0 100644 (file)
@@ -115,10 +115,13 @@ def edit_user(request, id):
     }, context_instance=RequestContext(request))\r
 \r
 \r
     }, context_instance=RequestContext(request))\r
 \r
 \r
-@login_required\r
+@decorate.withfn(decorators.command)\r
 def user_powers(request, id, action, status):\r
     if not request.user.is_superuser:\r
 def user_powers(request, id, action, status):\r
     if not request.user.is_superuser:\r
-        return HttpResponseUnauthorized(request)\r
+        raise decorators.CommandException(_("Only superusers are allowed to alter other users permissions."))\r
+\r
+    if (action == 'remove' and 'status' == 'super') and not request.user.is_siteowner():\r
+        raise decorators.CommandException(_("Only the site owner can remove the super user status from other user."))\r
 \r
     user = get_object_or_404(User, id=id)\r
     new_state = action == 'grant'\r
 \r
     user = get_object_or_404(User, id=id)\r
     new_state = action == 'grant'\r
@@ -131,47 +134,53 @@ def user_powers(request, id, action, status):
         raise Http404()\r
 \r
     user.save()\r
         raise Http404()\r
 \r
     user.save()\r
-    return HttpResponseRedirect(user.get_profile_url())\r
+    return decorators.RefreshPageCommand()\r
 \r
 \r
 @decorate.withfn(decorators.command)\r
 def award_points(request, id):\r
 \r
 \r
 @decorate.withfn(decorators.command)\r
 def award_points(request, id):\r
-    if (not request.POST) and request.POST.get('points', None):\r
-        raise decorators.CommandException(_("Invalid request type"))\r
+    if not request.POST:\r
+        return render_to_response('users/karma_bonus.html')\r
 \r
     if not request.user.is_superuser:\r
         raise decorators.CommandException(_("Only superusers are allowed to award reputation points"))\r
 \r
 \r
     if not request.user.is_superuser:\r
         raise decorators.CommandException(_("Only superusers are allowed to award reputation points"))\r
 \r
+    try:\r
+        points = int(request.POST['points'])\r
+    except:\r
+        raise decorators.CommandException(_("Invalid number of points to award."))\r
+\r
     user = get_object_or_404(User, id=id)\r
     user = get_object_or_404(User, id=id)\r
-    points = int(request.POST['points'])\r
 \r
     extra = dict(message=request.POST.get('message', ''), awarding_user=request.user.id, value=points)\r
 \r
 \r
     extra = dict(message=request.POST.get('message', ''), awarding_user=request.user.id, value=points)\r
 \r
-    BonusRepAction(user=user, extra=extra).save(data=dict(value=points))\r
-\r
-    return dict(reputation=user.reputation)\r
+    BonusRepAction(user=request.user, extra=extra).save(data=dict(value=points, affected=user))\r
 \r
 \r
+    return {'commands': {\r
+            'update_profile_karma': [user.reputation]\r
+        }}\r
+    \r
 \r
 @decorate.withfn(decorators.command)\r
 def suspend(request, id):\r
     user = get_object_or_404(User, id=id)\r
 \r
 \r
 @decorate.withfn(decorators.command)\r
 def suspend(request, id):\r
     user = get_object_or_404(User, id=id)\r
 \r
-    if not request.POST:\r
+    if not request.user.is_superuser:\r
+        raise decorators.CommandException(_("Only superusers can suspend other users"))\r
+\r
+    if not request.POST.get('bantype', None):\r
         if user.is_suspended():\r
             suspension = user.suspension\r
         if user.is_suspended():\r
             suspension = user.suspension\r
-            suspension.cancel(ip=request.META['REMOTE_ADDR'])\r
+            suspension.cancel(user=request.user, ip=request.META['REMOTE_ADDR'])\r
             return decorators.RefreshPageCommand()\r
         else:\r
             return render_to_response('users/suspend_user.html')\r
 \r
             return decorators.RefreshPageCommand()\r
         else:\r
             return render_to_response('users/suspend_user.html')\r
 \r
-    if not request.user.is_superuser:\r
-        raise decorators.CommandException(_("Only superusers can ban other users"))\r
-\r
     data = {\r
     'bantype': request.POST.get('bantype', 'indefinetly').strip(),\r
     'publicmsg': request.POST.get('publicmsg', _('Bad behaviour')),\r
     'privatemsg': request.POST.get('privatemsg', None) or request.POST.get('publicmsg', ''),\r
     data = {\r
     'bantype': request.POST.get('bantype', 'indefinetly').strip(),\r
     'publicmsg': request.POST.get('publicmsg', _('Bad behaviour')),\r
     'privatemsg': request.POST.get('privatemsg', None) or request.POST.get('publicmsg', ''),\r
-    'suspender': request.user.id\r
+    'suspended': user\r
     }\r
 \r
     if data['bantype'] == 'forxdays':\r
     }\r
 \r
     if data['bantype'] == 'forxdays':\r
@@ -180,21 +189,27 @@ def suspend(request, id):
         except:\r
             raise decorators.CommandException(_('Invalid numeric argument for the number of days.'))\r
 \r
         except:\r
             raise decorators.CommandException(_('Invalid numeric argument for the number of days.'))\r
 \r
-    SuspendAction(user=user, ip=request.META['REMOTE_ADDR']).save(data=data)\r
+    SuspendAction(user=request.user, ip=request.META['REMOTE_ADDR']).save(data=data)\r
 \r
     return decorators.RefreshPageCommand()\r
 \r
 \r
     return decorators.RefreshPageCommand()\r
 \r
-def user_view(template, tab_name, tab_title, tab_description, private=False, tabbed=True, weight=500):\r
+\r
+def user_view(template, tab_name, tab_title, tab_description, private=False, tabbed=True, render_to=None, weight=500):\r
     def decorator(fn):\r
         def decorated(fn, request, id, slug=None):\r
             user = get_object_or_404(User, id=id)\r
             if private and not (user == request.user or request.user.is_superuser):\r
                 return HttpResponseUnauthorized(request)\r
     def decorator(fn):\r
         def decorated(fn, request, id, slug=None):\r
             user = get_object_or_404(User, id=id)\r
             if private and not (user == request.user or request.user.is_superuser):\r
                 return HttpResponseUnauthorized(request)\r
+\r
+            if render_to and (not render_to(user)):\r
+                return HttpResponseRedirect(user.get_profile_url())\r
+                \r
             context = fn(request, user)\r
 \r
             rev_page_title = user.username + " - " + tab_description\r
 \r
             context.update({\r
             context = fn(request, user)\r
 \r
             rev_page_title = user.username + " - " + tab_description\r
 \r
             context.update({\r
+            "tab": "users",\r
             "active_tab" : tab_name,\r
             "tab_description" : tab_description,\r
             "page_title" : rev_page_title,\r
             "active_tab" : tab_name,\r
             "tab_description" : tab_description,\r
             "page_title" : rev_page_title,\r
@@ -210,7 +225,7 @@ def user_view(template, tab_name, tab_title, tab_description, private=False, tab
                     return reverse(fn.__name__, kwargs={'id': vu.id})\r
 \r
             ui.register(ui.PROFILE_TABS, ui.ProfileTab(\r
                     return reverse(fn.__name__, kwargs={'id': vu.id})\r
 \r
             ui.register(ui.PROFILE_TABS, ui.ProfileTab(\r
-                tab_name, tab_title, tab_description,url_getter, private, weight\r
+                tab_name, tab_title, tab_description,url_getter, private, render_to, weight\r
             ))\r
 \r
         return decorate.withfn(decorated)(fn)\r
             ))\r
 \r
         return decorate.withfn(decorated)(fn)\r
@@ -286,30 +301,31 @@ def user_favorites(request, user):
 \r
 @user_view('users/subscriptions.html', 'subscriptions', _('subscription settings'), _('subscriptions'), True, tabbed=False)\r
 def user_subscriptions(request, user):\r
 \r
 @user_view('users/subscriptions.html', 'subscriptions', _('subscription settings'), _('subscriptions'), True, tabbed=False)\r
 def user_subscriptions(request, user):\r
-    if request.method == 'POST':\r
-        form = SubscriptionSettingsForm(request.POST)\r
+    enabled = user.subscription_settings.enable_notifications\r
 \r
 \r
-        if 'notswitch' in request.POST:\r
-            user.subscription_settings.enable_notifications = not user.subscription_settings.enable_notifications\r
-            user.subscription_settings.save()\r
+    if request.method == 'POST':        \r
+        form = SubscriptionSettingsForm(data=request.POST, instance=user.subscription_settings)\r
 \r
 \r
-            if user.subscription_settings.enable_notifications:\r
-                request.user.message_set.create(message=_('Notifications are now enabled'))\r
-            else:\r
-                request.user.message_set.create(message=_('Notifications are now disabled'))\r
+        if form.is_valid():\r
+            form.save()\r
+            message = _('New subscription settings are now saved')\r
 \r
 \r
-        form.is_valid()\r
-        for k, v in form.cleaned_data.items():\r
-            setattr(user.subscription_settings, k, v)\r
+            if 'notswitch' in request.POST:\r
+                enabled = not enabled\r
 \r
 \r
-        user.subscription_settings.save()\r
-        request.user.message_set.create(message=_('New subscription settings are now saved'))\r
-    else:\r
-        form = SubscriptionSettingsForm(user.subscription_settings.__dict__)\r
+                if enabled:\r
+                    message = _('Notifications are now enabled')\r
+                else:\r
+                    message = _('Notifications are now disabled')\r
 \r
 \r
-    notificatons_on = user.subscription_settings.enable_notifications\r
+            user.subscription_settings.enable_notifications = enabled\r
+            user.subscription_settings.save()\r
+\r
+            request.user.message_set.create(message=message)\r
+    else:\r
+        form = SubscriptionSettingsForm(instance=user.subscription_settings)\r
 \r
 \r
-    return {'view_user':user, 'notificatons_on': notificatons_on, 'form':form}\r
+    return {'view_user':user, 'notificatons_on': enabled, 'form':form}\r
 \r
 @login_required\r
 def account_settings(request):\r
 \r
 @login_required\r
 def account_settings(request):\r