from django.template import RequestContext, Context, loader
from eventos.models import Palestrante, Trabalho
+forbidden = \
+ HttpResponseForbidden('<h2>You are not allowed to do this action.<h2>')
+
def login(request):
"""This is a function that will be used as a front-end to the
django's login system. It receives username and password fields
"""Shows a simple form containing all editable fields of a
lecturer and gives the lecturer the possibility to save them =)
"""
+ if not hasattr(request.user, 'palestrante_set'):
+ return forbidden
+
entity = request.user.palestrante_set.get()
- # avoiding problems if some other user tries to edit the lecturer
- # info.
if entity.id != int(lid):
- return HttpResponseForbidden('<h2>You are not '
- 'allowed to edit '
- 'this info.<h2>')
+ return forbidden
FormKlass = form_for_instance(entity)
del FormKlass.base_fields['usuario']
"""Lists all talks of a lecturer (based on lecturer id -- lid
parameter).
"""
- lecturer = get_object_or_404(Palestrante, pk=lid)
- talks = Trabalho.objects.filter(palestrante=lecturer)
- c = {'lecturer': lecturer, 'talks': talks}
+ if not hasattr(request.user, 'palestrante_set'):
+ return forbidden
+
+ entity = request.user.palestrante_set.get()
+ if entity.id != int(lid):
+ return forbidden
+
+ talks = Trabalho.objects.filter(palestrante=entity)
+ c = {'lecturer': entity, 'talks': talks}
return render_to_response('eventos/talk-list.html', Context(c),
context_instance=RequestContext(request))
def talk_delete(request, tid):
"""Drops a talk but only if the logged in user is its owner.
"""
- entity = get_object_or_404(Trabalho, pk=tid)
- palestrante = request.user.palestrante_set.get()
- owner = Trabalho.objects.filter(pk=tid, palestrante=palestrante)
+ if not hasattr(request.user, 'palestrante_set'):
+ return forbidden
+
+ entity = request.user.palestrante_set.get()
+ if entity.id != int(lid):
+ return forbidden
+
+ owner = Trabalho.objects.filter(pk=tid, palestrante=entity)
if not owner:
- return HttpResponseForbidden('<h2>You are not '
- 'allowed to edit '
- 'this info.<h2>')
+ return forbidden
+
entity.delete()
- return HttpResponseRedirect('/lecturer/%d/talks/' % palestrante.id)
+ return HttpResponseRedirect('/lecturer/%d/talks/' % entity.id)
def talk_add(request):
"""Shows a form to the lecturer send a talk
"""
- palestrante = request.user.palestrante_set.get()
+ if not hasattr(request.user, 'palestrante_set'):
+ return forbidden
+
+ entity = request.user.palestrante_set.get()
+ if entity.id != int(lid):
+ return forbidden
+
FormKlass = form_for_model(Trabalho)
form = FormKlass(request.POST or None)
- other = Palestrante.objects.exclude(pk=palestrante.id)
+ other = Palestrante.objects.exclude(pk=entity.id)
form.fields['palestrante'].label = u'Outros Palestrantes'
form.fields['palestrante'].required = False
form.fields['palestrante']._set_queryset(other)
if request.POST and form.is_valid():
instance = form.save()
- instance.palestrante.add(palestrante)
- return HttpResponseRedirect('/lecturer/%d/talks/' % palestrante.id)
+ instance.palestrante.add(entity)
+ return HttpResponseRedirect('/lecturer/%d/talks/' % entity.id)
c = {'form': form}
return render_to_response('eventos/talk-add.html', Context(c),