X-Git-Url: https://git.openstreetmap.org./osqa.git/blobdiff_plain/c6c168511f18d8984901b2c828a47310a2d54d64..9162dea1adb758b31ab40323d28ca585ed667eaf:/forum/views/admin.py

diff --git a/forum/views/admin.py b/forum/views/admin.py
index 4b07915..a834b71 100644
--- a/forum/views/admin.py
+++ b/forum/views/admin.py
@@ -1,20 +1,23 @@
 from datetime import datetime, timedelta
-import os, time, csv, random
+import json
+import time
 
+from django.views.decorators.csrf import csrf_exempt
 from django.shortcuts import render_to_response, get_object_or_404
 from django.core.urlresolvers import reverse
 from django.http import HttpResponseRedirect, HttpResponse, Http404
-from forum.http_responses import HttpResponseUnauthorized
 from django.template import RequestContext
 from django.utils.translation import ugettext as _
-from django.utils import simplejson
 from django.db import models
+
+from django.contrib import messages
+
+from forum.http_responses import HttpResponseUnauthorized
 from forum.settings.base import Setting
 from forum.forms import MaintenanceModeForm, PageForm, CreateUserForm
 from forum.settings.forms import SettingsSetForm
 from forum.utils import pagination, html
 from forum.utils.mail import send_template_email
-
 from forum.models import Question, Answer, User, Node, Action, Page, NodeState, Tag
 from forum.models.node import NodeMetaClass
 from forum.actions import NewPageAction, EditPageAction, PublishAction, DeleteAction, UserJoinsAction, CloseAction
@@ -31,28 +34,51 @@ def super_user_required(fn):
 
     return wrapper
 
-def admin_page(fn):
-    @super_user_required
+def staff_user_required(fn):
     def wrapper(request, *args, **kwargs):
-        res = fn(request, *args, **kwargs)
-        if isinstance(res, HttpResponse):
-            return res
+        if request.user.is_authenticated() and (request.user.is_staff or request.user.is_superuser):
+            return fn(request, *args, **kwargs)
+        else:
+            return HttpResponseUnauthorized(request)
+
+    return wrapper
+
+def admin_page_wrapper(fn, request, *args, **kwargs):
+    res = fn(request, *args, **kwargs)
+    if isinstance(res, HttpResponse):
+        return res
 
-        template, context = res
-        context['basetemplate'] = settings.DJSTYLE_ADMIN_INTERFACE and "osqaadmin/djstyle_base.html" or "osqaadmin/base.html"
-        context['allsets'] = Setting.sets
-        context['othersets'] = sorted(
-                [s for s in Setting.sets.values() if not s.name in
-                ('basic', 'users', 'email', 'paths', 'extkeys', 'repgain', 'minrep', 'voting', 'accept', 'badges', 'about', 'faq', 'sidebar',
-                'form', 'moderation', 'css', 'headandfoot', 'head', 'view', 'urls')]
-                , lambda s1, s2: s1.weight - s2.weight)
+    template, context = res
+    context['basetemplate'] = settings.DJSTYLE_ADMIN_INTERFACE and "osqaadmin/djstyle_base.html" or "osqaadmin/base.html"
+    context['allsets'] = Setting.sets
+    context['othersets'] = sorted(
+            [s for s in Setting.sets.values() if not s.name in
+            ('basic', 'users', 'email', 'paths', 'extkeys', 'repgain', 'minrep', 'voting', 'accept', 'badges', 'about', 'faq', 'sidebar',
+            'form', 'moderation', 'css', 'headandfoot', 'head', 'view', 'urls')]
+            , lambda s1, s2: s1.weight - s2.weight)
 
-        context['tools'] = TOOLS
+    context['tools'] = [(name, fn.label) for name, fn in TOOLS.items()]
 
-        unsaved = request.session.get('previewing_settings', {})
-        context['unsaved'] = set([getattr(settings, s).set.name for s in unsaved.keys() if hasattr(settings, s)])
+    # Show the navigation only to moderators and super users
+    if not context.has_key("hide_navigation"):
+        context['hide_navigation'] = not request.user.is_superuser
 
-        return render_to_response(template, context, context_instance=RequestContext(request))
+    unsaved = request.session.get('previewing_settings', {})
+    context['unsaved'] = set([getattr(settings, s).set.name for s in unsaved.keys() if hasattr(settings, s)])
+
+    return render_to_response(template, context, context_instance=RequestContext(request))
+
+def admin_page(fn):
+    @super_user_required
+    def wrapper(request, *args, **kwargs):
+        return admin_page_wrapper(fn, request, *args, **kwargs)
+
+    return wrapper
+
+def moderation_page(fn):
+    @staff_user_required
+    def wrapper(request, *args, **kwargs):
+        return admin_page_wrapper(fn, request, *args, **kwargs)
 
     return wrapper
 
@@ -95,7 +121,7 @@ def statistics(request):
             'added_at', flat=True)
 
     last_month_n_questions = Question.objects.filter_state(deleted=False).filter(added_at__lt=last_month).count()
-    qgraph_data = simplejson.dumps([
+    qgraph_data = json.dumps([
     (time.mktime(d.timetuple()) * 1000, i + last_month_n_questions)
     for i, d in enumerate(last_month_questions)
     ])
@@ -105,7 +131,7 @@ def statistics(request):
 
     last_month_n_users = User.objects.filter(date_joined__lt=last_month).count()
 
-    ugraph_data = simplejson.dumps([
+    ugraph_data = json.dumps([
     (time.mktime(d.timetuple()) * 1000, i + last_month_n_users)
     for i, d in enumerate(last_month_users)
     ])
@@ -157,7 +183,7 @@ def settings_set(request, set_name):
 
                 if not 'reset' in request.POST:
                     form.save()
-                    request.user.message_set.create(message=_("'%s' settings saved succesfully") % set_name)
+                    messages.info(request, _("'%s' settings saved succesfully") % set_name)
 
                     if set_name in ('minrep', 'badges', 'repgain'):
                         settings.SETTINGS_PACK.set_value("custom")
@@ -264,7 +290,7 @@ def go_bootstrap(request):
 
     settings.SETTINGS_PACK.set_value("bootstrap")
 
-    request.user.message_set.create(message=_('Bootstrap mode enabled'))
+    messages.info(request, _('Bootstrap mode enabled'))
     return HttpResponseRedirect(reverse('admin_index'))
 
 @super_user_required
@@ -278,7 +304,7 @@ def go_defaults(request):
 
     settings.SETTINGS_PACK.set_value("default")
 
-    request.user.message_set.create(message=_('All values reverted to defaults'))
+    messages.info(request, ('All values reverted to defaults'))
     return HttpResponseRedirect(reverse('admin_index'))
 
 
@@ -294,7 +320,7 @@ def recalculate_denormalized(request):
         u.reputation = u.reputes.aggregate(reputation=models.Sum('value'))['reputation']
         u.save()
 
-    request.user.message_set.create(message=_('All values recalculated'))
+    messages.info(request, _('All values recalculated'))
     return HttpResponseRedirect(reverse('admin_index'))
 
 @admin_page
@@ -313,12 +339,12 @@ def maintenance(request):
                 else:
                     message = _('Settings adjusted')
 
-                request.user.message_set.create(message=message)
+                messages.info(request, message)
 
                 return HttpResponseRedirect(reverse('admin_maintenance'))
         elif 'open' in request.POST:
             settings.MAINTAINANCE_MODE.set_value(None)
-            request.user.message_set.create(message=_("Your site is now running normally"))
+            messages.info(request, _("Your site is now running normally"))
             return HttpResponseRedirect(reverse('admin_maintenance'))
     else:
         form = MaintenanceModeForm(initial={'ips': request.META['REMOTE_ADDR'],
@@ -328,7 +354,7 @@ def maintenance(request):
                                            })
 
 
-@admin_page
+@moderation_page
 def flagged_posts(request):
     return ('osqaadmin/flagged_posts.html', {
     'flagged_posts': get_flagged_posts(),
@@ -382,6 +408,12 @@ def edit_page(request, id=None):
     'published': published
     })
 
+@admin_page
+def delete_page(request, id=None):
+    page = get_object_or_404(Page, id=id)
+    page.delete()
+    return HttpResponseRedirect(reverse('admin_static_pages'))
+
 @admin_tools_page(_('createuser'), _("Create new user"))
 def create_user(request):
     if request.POST:
@@ -397,7 +429,7 @@ def create_user(request):
             user_.save()
             UserJoinsAction(user=user_).save()
 
-            request.user.message_set.create(message=_("New user created sucessfully. %s.") % html.hyperlink(
+            messages.info(request, _("New user created sucessfully. %s.") % html.hyperlink(
                     user_.get_profile_url(), _("See %s profile") % user_.username, target="_blank"))
 
             return HttpResponseRedirect(reverse("admin_tools", kwargs={'name': 'createuser'}))
@@ -439,7 +471,7 @@ def node_management(request):
             selected_nodes = request.POST.getlist('_selected_node')
 
             if selected_nodes and request.POST.get('action', None):
-                action = request.POST['action']
+                action = str(request.POST['action'])
                 selected_nodes = Node.objects.filter(id__in=selected_nodes)
 
                 message = _("No action performed")
@@ -477,7 +509,7 @@ def node_management(request):
 
                     message = _("All selected nodes deleted")
 
-                request.user.message_set.create(message=message)
+                messages.info(request, message)
 
                 params = pagination.generate_uri(request.GET, ('page',))
                 
@@ -546,9 +578,10 @@ def node_management(request):
     'state_types': state_types,
     'authors': authors,
     'tags': tags,
-    'hide_menu': True
+    'hide_navigation': True
     }))
 
+@csrf_exempt
 @super_user_required
 def test_email_settings(request):
     user = request.user
@@ -559,4 +592,4 @@ def test_email_settings(request):
         'osqaadmin/test_email_settings.html',
         { 'user': user, },
         RequestContext(request)
-    )
\ No newline at end of file
+    )