annotate gpp/gcalendar/views.py @ 162:6a5bdcf93ad3

Fix #48; shoutbox was no longer escaping user input on display.
author Brian Neal <bgneal@gmail.com>
date Tue, 22 Dec 2009 03:55:37 +0000
parents dbd703f7d63a
children f7fbb404241f
rev   line source
gremmie@1 1 """
gremmie@1 2 Views for the gcalendar application.
gremmie@1 3 """
gremmie@1 4
gremmie@1 5 from django.contrib.auth.decorators import login_required
gremmie@1 6 from django.core.urlresolvers import reverse
gremmie@1 7 from django.http import HttpResponse
gremmie@1 8 from django.http import HttpResponseBadRequest
gremmie@1 9 from django.http import HttpResponseForbidden
gremmie@1 10 from django.http import HttpResponseRedirect
gremmie@1 11 from django.http import Http404
gremmie@1 12 from django.shortcuts import render_to_response
gremmie@1 13 from django.shortcuts import get_object_or_404
gremmie@1 14 from django.template import RequestContext
gremmie@1 15
gremmie@1 16 from gcalendar.forms import EventEntryForm
gremmie@1 17 from gcalendar.models import Event
gremmie@1 18
gremmie@1 19
gremmie@1 20 def index(request):
gremmie@1 21 return render_to_response('gcalendar/index.html', {
gremmie@1 22 },
gremmie@1 23 context_instance = RequestContext(request))
gremmie@1 24
gremmie@1 25
gremmie@1 26 @login_required
gremmie@1 27 def add_event(request):
gremmie@1 28 if request.method == 'POST':
gremmie@1 29 form = EventEntryForm(request.POST)
gremmie@1 30 if form.is_valid():
gremmie@1 31 event = form.save(commit=False)
gremmie@1 32 event.user = request.user
gremmie@1 33 event.repeat = 'none'
gremmie@1 34 event.save()
gremmie@1 35 return HttpResponseRedirect(reverse('gcalendar-add_thanks'))
gremmie@1 36 else:
gremmie@1 37 form = EventEntryForm()
gremmie@1 38
gremmie@1 39 return render_to_response('gcalendar/event.html', {
gremmie@1 40 'title': 'Add Calendar Event',
gremmie@1 41 'form': form,
gremmie@1 42 },
gremmie@1 43 context_instance = RequestContext(request))
gremmie@1 44
gremmie@1 45
gremmie@1 46 @login_required
gremmie@1 47 def add_thanks(request):
gremmie@1 48 return render_to_response('gcalendar/thanks_add.html', {
gremmie@1 49 },
gremmie@1 50 context_instance = RequestContext(request))
gremmie@1 51
gremmie@1 52
gremmie@1 53 @login_required
gremmie@1 54 def edit_events(request):
gremmie@1 55 events = Event.objects.filter(user=request.user, status=Event.ON_CAL).order_by('start_date')
gremmie@1 56 return render_to_response('gcalendar/edit.html', {
gremmie@1 57 'events': events,
gremmie@1 58 },
gremmie@1 59 context_instance = RequestContext(request))
gremmie@1 60
gremmie@1 61
gremmie@1 62 @login_required
gremmie@1 63 def edit_event(request, event_id):
gremmie@1 64 event = get_object_or_404(Event, pk=event_id)
gremmie@1 65 if event.user != request.user:
gremmie@1 66 raise Http404
gremmie@1 67
gremmie@1 68 if request.method == 'POST':
gremmie@1 69 form = EventEntryForm(request.POST, instance=event)
gremmie@1 70 if form.is_valid():
gremmie@1 71 event = form.save(commit=False)
gremmie@1 72 event.user = request.user
gremmie@1 73 event.repeat = 'none'
gremmie@1 74 event.status = Event.EDIT_REQ
gremmie@1 75 event.save()
gremmie@1 76 return HttpResponseRedirect(reverse('gcalendar-edit_thanks'))
gremmie@1 77 else:
gremmie@1 78 form = EventEntryForm(instance=event)
gremmie@1 79
gremmie@1 80 return render_to_response('gcalendar/event.html', {
gremmie@1 81 'title': 'Change Calendar Event',
gremmie@1 82 'form': form,
gremmie@1 83 },
gremmie@1 84 context_instance = RequestContext(request))
gremmie@1 85
gremmie@1 86
gremmie@1 87 @login_required
gremmie@1 88 def edit_thanks(request):
gremmie@1 89 return render_to_response('gcalendar/thanks_edit.html', {
gremmie@1 90 },
gremmie@1 91 context_instance = RequestContext(request))
gremmie@1 92
gremmie@1 93
gremmie@1 94 def delete_event(request):
gremmie@1 95 """This view marks an event for deletion. It is called via AJAX."""
gremmie@1 96 if request.user.is_authenticated():
gremmie@1 97 id = request.POST.get('id', None)
gremmie@1 98 if id is None or not id.isdigit():
gremmie@1 99 return HttpResponseBadRequest()
gremmie@1 100 try:
gremmie@1 101 event = Event.objects.get(pk=id)
gremmie@1 102 except Event.DoesNotExist:
gremmie@1 103 return HttpResponseBadRequest()
gremmie@1 104 if request.user != event.user:
gremmie@1 105 return HttpResponseForbidden()
gremmie@1 106
gremmie@1 107 event.status = Event.DEL_REQ
gremmie@1 108 event.save()
gremmie@1 109 return HttpResponse(id)
gremmie@1 110
gremmie@1 111 return HttpResponseForbidden()
gremmie@1 112
gremmie@1 113
gremmie@1 114 # vim: ts=4 sw=4