redeem access permission tokens

2017-12-10 14:13:20 +01:00 · 2017-12-10 14:13:20 +01:00 · 101a4c6bf2
commit 101a4c6bf2
parent 003bfbe389
12 changed files with 133 additions and 19 deletions
--- a/src/c3nav/control/forms.py
+++ b/src/c3nav/control/forms.py
@ -8,7 +8,7 @@ from django.utils.translation import ugettext_lazy as _
 from django.utils.translation import ungettext_lazy

 from c3nav.control.models import UserPermissions
-from c3nav.mapdata.models.access import AccessPermissionToken, AccessRestriction
+from c3nav.mapdata.models.access import AccessPermissionToken, AccessPermissionTokenItem, AccessRestriction


 class UserPermissionsForm(ModelForm):
@ -99,11 +99,12 @@ class AccessPermissionForm(Form):
    def get_token(self):
        restrictions = []
        for restriction in self.cleaned_data['access_restrictions']:
-            expires = self.cleaned_data['expires']
-            author_expires = self.author_access_permissions.get(restriction.pk)
-            if author_expires is not None:
-                expires = author_expires if expires is None else min(expires, author_expires)
-            restrictions.append((restriction.pk, expires))
+            expire_date = self.cleaned_data['expires']
+            author_expire_date = self.author_access_permissions.get(restriction.pk)
+            if author_expire_date is not None:
+                expire_date = author_expire_date if expire_date is None else min(expire_date, author_expire_date)
+            restrictions.append(AccessPermissionTokenItem(pk=restriction.pk, expire_date=expire_date,
+                                                          title=restriction.title))
        return AccessPermissionToken(author=self.author,
                                     can_grant=self.cleaned_data.get('can_grant', '0') == '1',
                                     restrictions=tuple(restrictions))
--- a/src/c3nav/control/templates/control/access_qr.html
+++ b/src/c3nav/control/templates/control/access_qr.html
@ -11,10 +11,10 @@
        {% trans 'Scan this QR code to get access permissions:' %}
    </p>
    <p>
-        <img src="/qr/access/{{ token }}">
+        <img src="{{ url_qr }}">
    </p>
    <p>
-        {{ absolute_url }}
+        {{ url_absolute }}
    </p>
    <p>
        <a href="{% url 'control.access' %}">« {% trans 'back' %}</a>
--- a/src/c3nav/control/urls.py
+++ b/src/c3nav/control/urls.py
@ -6,6 +6,6 @@ urlpatterns = [
    url(r'^users/$', user_list, name='control.users'),
    url(r'^users/(?P<user>\d+)/$', user_detail, name='control.users.detail'),
    url(r'^access/$', grant_access, name='control.access'),
-    url(r'^access/qr/(?P<token>[^/]+)', grant_access_qr, name='control.access.qr'),
+    url(r'^access/(?P<token>[^/]+)$', grant_access_qr, name='control.access.qr'),
    url(r'^$', main_index, name='control.index'),
 ]
--- a/src/c3nav/control/views.py
+++ b/src/c3nav/control/views.py
@ -155,12 +155,14 @@ def grant_access_qr(request, token):
                messages.error(request, _('You can only display your most recently created token.'))

        if token is None:
-            redirect('control.access')
+            return redirect('control.access')

        token.bump()
        token.save()

+    url = reverse('site.access.redeem', kwargs={'token': str(token.id)})
    return render(request, 'control/access_qr.html', {
-        'token': token.id,
-        'absolute_url': request.build_absolute_uri('/access/qr/%s' % token.id)
+        'url': url,
+        'url_qr': reverse('site.qr', kwargs={'path': url}),
+        'url_absolute': request.build_absolute_uri(url),
    })