X-Git-Url: https://git.openstreetmap.org./osqa.git/blobdiff_plain/f23e8f623a0670883682399799d40abda730ff16..ece2ce09e485f83207994f83cac03ef9f36da5b2:/forum/views/users.py?ds=sidebyside

diff --git a/forum/views/users.py b/forum/views/users.py
index 6cc079b..43464d8 100644
--- a/forum/views/users.py
+++ b/forum/views/users.py
@@ -16,6 +16,7 @@ from django.utils import simplejson
 from django.core.urlresolvers import reverse, NoReverseMatch
 from forum.forms import *
 from forum.utils.html import sanitize_html
+from forum.modules import decorate
 from datetime import datetime, date
 import decorators
 from forum.actions import EditProfileAction, FavoriteAction, BonusRepAction, SuspendAction
@@ -75,13 +76,6 @@ def users(request):
         }
     }
 
-def set_new_email(user, new_email, nomessage=False):
-    if new_email != user.email:
-        user.email = new_email
-        user.email_isvalid = False
-        user.save()
-    #if settings.EMAIL_VALIDATION == 'on':
-    #    send_new_email_key(user,nomessage=nomessage)
 
 @login_required
 def edit_user(request, id):
@@ -93,7 +87,9 @@ def edit_user(request, id):
         if form.is_valid():
             new_email = sanitize_html(form.cleaned_data['email'])
 
-            set_new_email(user, new_email)
+            if new_email != user.email:
+                user.email = new_email
+                user.email_isvalid = False
 
             if settings.EDITABLE_SCREEN_NAME:
                 user.username = sanitize_html(form.cleaned_data['username'])
@@ -108,6 +104,7 @@ def edit_user(request, id):
             user.save()
             EditProfileAction(user=user, ip=request.META['REMOTE_ADDR']).save()
 
+            request.user.message_set.create(message=_("Profile updated."))
             return HttpResponseRedirect(user.get_profile_url())
     else:
         form = EditUserForm(user)
@@ -137,7 +134,7 @@ def user_powers(request, id, action, status):
     return HttpResponseRedirect(user.get_profile_url())
 
 
-@decorators.command
+@decorate.withfn(decorators.command)
 def award_points(request, id):
     if (not request.POST) and request.POST.get('points', None):
         raise decorators.CommandException(_("Invalid request type"))
@@ -150,31 +147,31 @@ def award_points(request, id):
 
     extra = dict(message=request.POST.get('message', ''), awarding_user=request.user.id, value=points)
 
-    BonusRepAction(user=user, extra=extra).save(data=dict(value=points))
+    BonusRepAction(user=request.user, extra=extra).save(data=dict(value=points, affected=user))
 
     return dict(reputation=user.reputation)
 
 
-@decorators.command
+@decorate.withfn(decorators.command)
 def suspend(request, id):
     user = get_object_or_404(User, id=id)
 
+    if not request.user.is_superuser:
+        raise decorators.CommandException(_("Only superusers can suspend other users"))
+
     if not request.POST:
         if user.is_suspended():
             suspension = user.suspension
-            suspension.cancel(ip=request.META['REMOTE_ADDR'])
+            suspension.cancel(user=request.user, ip=request.META['REMOTE_ADDR'])
             return decorators.RefreshPageCommand()
         else:
             return render_to_response('users/suspend_user.html')
 
-    if not request.user.is_superuser:
-        raise decorators.CommandException(_("Only superusers can ban other users"))
-
     data = {
     'bantype': request.POST.get('bantype', 'indefinetly').strip(),
     'publicmsg': request.POST.get('publicmsg', _('Bad behaviour')),
     'privatemsg': request.POST.get('privatemsg', None) or request.POST.get('publicmsg', ''),
-    'suspender': request.user.id
+    'suspended': user
     }
 
     if data['bantype'] == 'forxdays':
@@ -183,13 +180,14 @@ def suspend(request, id):
         except:
             raise decorators.CommandException(_('Invalid numeric argument for the number of days.'))
 
-    SuspendAction(user=user, ip=request.META['REMOTE_ADDR']).save(data=data)
+    SuspendAction(user=request.user, ip=request.META['REMOTE_ADDR']).save(data=data)
 
     return decorators.RefreshPageCommand()
 
-def user_view(template, tab_name, tab_title, tab_description, private=False, tabbed=True, weight=500):
+
+def user_view(template, tab_name, tab_title, tab_description, private=False, tabbed=True, render_to=None, weight=500):
     def decorator(fn):
-        def decorated(request, id, slug=None):
+        def decorated(fn, request, id, slug=None):
             user = get_object_or_404(User, id=id)
             if private and not (user == request.user or request.user.is_superuser):
                 return HttpResponseUnauthorized(request)
@@ -213,11 +211,10 @@ def user_view(template, tab_name, tab_title, tab_description, private=False, tab
                     return reverse(fn.__name__, kwargs={'id': vu.id})
 
             ui.register(ui.PROFILE_TABS, ui.ProfileTab(
-                tab_name, tab_title, tab_description,url_getter, private, weight
+                tab_name, tab_title, tab_description,url_getter, private, render_to, weight
             ))
 
-        return decorated
-
+        return decorate.withfn(decorated)(fn)
     return decorator
 
 
@@ -250,7 +247,7 @@ def user_profile(request, user):
     "awards": awards,
     "total_awards" : len(awards),
     }
-
+    
 @user_view('users/recent.html', 'recent', _('recent activity'), _('recent user activity'))
 def user_recent(request, user):
     activities = user.actions.exclude(
@@ -290,26 +287,26 @@ def user_favorites(request, user):
 
 @user_view('users/subscriptions.html', 'subscriptions', _('subscription settings'), _('subscriptions'), True, tabbed=False)
 def user_subscriptions(request, user):
-    if request.method == 'POST':
-        form = SubscriptionSettingsForm(request.POST)
+    if request.method == 'POST':        
+        form = SubscriptionSettingsForm(data=request.POST, instance=user.subscription_settings)
 
-        if 'notswitch' in request.POST:
-            user.subscription_settings.enable_notifications = not user.subscription_settings.enable_notifications
-            user.subscription_settings.save()
+        if form.is_valid():
+            if form.cleaned_data['user'] != user.id:
+                return HttpResponseUnauthorized(request)
 
-            if user.subscription_settings.enable_notifications:
-                request.user.message_set.create(message=_('Notifications are now enabled'))
-            else:
-                request.user.message_set.create(message=_('Notifications are now disabled'))
+            if 'notswitch' in request.POST:
+                user.subscription_settings.enable_notifications = not user.subscription_settings.enable_notifications
+                user.subscription_settings.save()
 
-        form.is_valid()
-        for k, v in form.cleaned_data.items():
-            setattr(user.subscription_settings, k, v)
+                if user.subscription_settings.enable_notifications:
+                    request.user.message_set.create(message=_('Notifications are now enabled'))
+                else:
+                    request.user.message_set.create(message=_('Notifications are now disabled'))
 
-        user.subscription_settings.save()
-        request.user.message_set.create(message=_('New subscription settings are now saved'))
+            form.save()
+            request.user.message_set.create(message=_('New subscription settings are now saved'))
     else:
-        form = SubscriptionSettingsForm(user.subscription_settings.__dict__)
+        form = SubscriptionSettingsForm(instance=user.subscription_settings)
 
     notificatons_on = user.subscription_settings.enable_notifications