X-Git-Url: https://git.openstreetmap.org./osqa.git/blobdiff_plain/cafe0a541b6349de15c0444bddf9493d8aa71df8..988c0eb318f4af28bad7d7714e7410699d7cae30:/forum/views/users.py?ds=sidebyside diff --git a/forum/views/users.py b/forum/views/users.py index dd31abb..2bda263 100644 --- a/forum/views/users.py +++ b/forum/views/users.py @@ -115,10 +115,13 @@ def edit_user(request, id): }, context_instance=RequestContext(request)) -@login_required +@decorate.withfn(decorators.command) def user_powers(request, id, action, status): if not request.user.is_superuser: - return HttpResponseUnauthorized(request) + raise decorators.CommandException(_("Only superusers are allowed to alter other users permissions.")) + + if (action == 'remove' and 'status' == 'super') and not request.user.is_siteowner(): + raise decorators.CommandException(_("Only the site owner can remove the super user status from other user.")) user = get_object_or_404(User, id=id) new_state = action == 'grant' @@ -131,47 +134,53 @@ def user_powers(request, id, action, status): raise Http404() user.save() - return HttpResponseRedirect(user.get_profile_url()) + return decorators.RefreshPageCommand() @decorate.withfn(decorators.command) def award_points(request, id): - if (not request.POST) and request.POST.get('points', None): - raise decorators.CommandException(_("Invalid request type")) + if not request.POST: + return render_to_response('users/karma_bonus.html') if not request.user.is_superuser: raise decorators.CommandException(_("Only superusers are allowed to award reputation points")) + try: + points = int(request.POST['points']) + except: + raise decorators.CommandException(_("Invalid number of points to award.")) + user = get_object_or_404(User, id=id) - points = int(request.POST['points']) extra = dict(message=request.POST.get('message', ''), awarding_user=request.user.id, value=points) - BonusRepAction(user=user, extra=extra).save(data=dict(value=points)) - - return dict(reputation=user.reputation) + BonusRepAction(user=request.user, extra=extra).save(data=dict(value=points, affected=user)) + return {'commands': { + 'update_profile_karma': [user.reputation] + }} + @decorate.withfn(decorators.command) def suspend(request, id): user = get_object_or_404(User, id=id) - if not request.POST: + if not request.user.is_superuser: + raise decorators.CommandException(_("Only superusers can suspend other users")) + + if not request.POST.get('bantype', None): if user.is_suspended(): suspension = user.suspension - suspension.cancel(ip=request.META['REMOTE_ADDR']) + suspension.cancel(user=request.user, ip=request.META['REMOTE_ADDR']) return decorators.RefreshPageCommand() else: return render_to_response('users/suspend_user.html') - if not request.user.is_superuser: - raise decorators.CommandException(_("Only superusers can ban other users")) - data = { 'bantype': request.POST.get('bantype', 'indefinetly').strip(), 'publicmsg': request.POST.get('publicmsg', _('Bad behaviour')), 'privatemsg': request.POST.get('privatemsg', None) or request.POST.get('publicmsg', ''), - 'suspender': request.user.id + 'suspended': user } if data['bantype'] == 'forxdays': @@ -180,21 +189,27 @@ def suspend(request, id): except: raise decorators.CommandException(_('Invalid numeric argument for the number of days.')) - SuspendAction(user=user, ip=request.META['REMOTE_ADDR']).save(data=data) + SuspendAction(user=request.user, ip=request.META['REMOTE_ADDR']).save(data=data) return decorators.RefreshPageCommand() -def user_view(template, tab_name, tab_title, tab_description, private=False, tabbed=True, weight=500): + +def user_view(template, tab_name, tab_title, tab_description, private=False, tabbed=True, render_to=None, weight=500): def decorator(fn): - def decorated(request, id, slug=None): + def decorated(fn, request, id, slug=None): user = get_object_or_404(User, id=id) if private and not (user == request.user or request.user.is_superuser): return HttpResponseUnauthorized(request) + + if render_to and (not render_to(user)): + return HttpResponseRedirect(user.get_profile_url()) + context = fn(request, user) rev_page_title = user.username + " - " + tab_description context.update({ + "tab": "users", "active_tab" : tab_name, "tab_description" : tab_description, "page_title" : rev_page_title, @@ -210,11 +225,10 @@ def user_view(template, tab_name, tab_title, tab_description, private=False, tab return reverse(fn.__name__, kwargs={'id': vu.id}) ui.register(ui.PROFILE_TABS, ui.ProfileTab( - tab_name, tab_title, tab_description,url_getter, private, weight + tab_name, tab_title, tab_description,url_getter, private, render_to, weight )) - return decorated - + return decorate.withfn(decorated)(fn) return decorator @@ -247,7 +261,7 @@ def user_profile(request, user): "awards": awards, "total_awards" : len(awards), } - + @user_view('users/recent.html', 'recent', _('recent activity'), _('recent user activity')) def user_recent(request, user): activities = user.actions.exclude( @@ -287,30 +301,31 @@ def user_favorites(request, user): @user_view('users/subscriptions.html', 'subscriptions', _('subscription settings'), _('subscriptions'), True, tabbed=False) def user_subscriptions(request, user): - if request.method == 'POST': - form = SubscriptionSettingsForm(request.POST) + enabled = user.subscription_settings.enable_notifications - if 'notswitch' in request.POST: - user.subscription_settings.enable_notifications = not user.subscription_settings.enable_notifications - user.subscription_settings.save() + if request.method == 'POST': + form = SubscriptionSettingsForm(data=request.POST, instance=user.subscription_settings) - if user.subscription_settings.enable_notifications: - request.user.message_set.create(message=_('Notifications are now enabled')) - else: - request.user.message_set.create(message=_('Notifications are now disabled')) + if form.is_valid(): + form.save() + message = _('New subscription settings are now saved') - form.is_valid() - for k, v in form.cleaned_data.items(): - setattr(user.subscription_settings, k, v) + if 'notswitch' in request.POST: + enabled = not enabled - user.subscription_settings.save() - request.user.message_set.create(message=_('New subscription settings are now saved')) - else: - form = SubscriptionSettingsForm(user.subscription_settings.__dict__) + if enabled: + message = _('Notifications are now enabled') + else: + message = _('Notifications are now disabled') - notificatons_on = user.subscription_settings.enable_notifications + user.subscription_settings.enable_notifications = enabled + user.subscription_settings.save() + + request.user.message_set.create(message=message) + else: + form = SubscriptionSettingsForm(instance=user.subscription_settings) - return {'view_user':user, 'notificatons_on': notificatons_on, 'form':form} + return {'view_user':user, 'notificatons_on': enabled, 'form':form} @login_required def account_settings(request):