save changeset pk in session instead of session id in changeset
This commit is contained in:
Laura Klünder
parent
b8be4a8105
commit
755421706c
4 changed files with 48 additions and 43 deletions
|
|
@ -0,0 +1,19 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
# Generated by Django 1.11.2 on 2017-07-04 20:11
|
||||||
|
from __future__ import unicode_literals
|
||||||
|
|
||||||
|
from django.db import migrations
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
('editor', '0011_auto_20170704_1640'),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.RemoveField(
|
||||||
|
model_name='changeset',
|
||||||
|
name='session_id',
|
||||||
|
),
|
||||||
|
]
|
||||||
|
|
@ -5,7 +5,6 @@ from itertools import chain
|
||||||
from django.apps import apps
|
from django.apps import apps
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from django.db import models, transaction
|
from django.db import models, transaction
|
||||||
from django.db.models import Q
|
|
||||||
from django.urls import reverse
|
from django.urls import reverse
|
||||||
from django.utils.translation import ugettext_lazy as _
|
from django.utils.translation import ugettext_lazy as _
|
||||||
from django.utils.translation import ungettext_lazy
|
from django.utils.translation import ungettext_lazy
|
||||||
|
|
@ -35,7 +34,6 @@ class ChangeSet(models.Model):
|
||||||
author = models.ForeignKey(settings.AUTH_USER_MODEL, null=True, on_delete=models.PROTECT, verbose_name=_('Author'))
|
author = models.ForeignKey(settings.AUTH_USER_MODEL, null=True, on_delete=models.PROTECT, verbose_name=_('Author'))
|
||||||
title = models.CharField(max_length=100, default='', verbose_name=_('Title'))
|
title = models.CharField(max_length=100, default='', verbose_name=_('Title'))
|
||||||
description = models.TextField(max_length=1000, default='', verbose_name=_('Description'))
|
description = models.TextField(max_length=1000, default='', verbose_name=_('Description'))
|
||||||
session_id = models.CharField(unique=True, db_index=True, null=True, max_length=32)
|
|
||||||
assigned_to = models.ForeignKey(settings.AUTH_USER_MODEL, null=True, on_delete=models.PROTECT,
|
assigned_to = models.ForeignKey(settings.AUTH_USER_MODEL, null=True, on_delete=models.PROTECT,
|
||||||
related_name='assigned_changesets', verbose_name=_('assigned to'))
|
related_name='assigned_changesets', verbose_name=_('assigned to'))
|
||||||
|
|
||||||
|
|
@ -55,28 +53,19 @@ class ChangeSet(models.Model):
|
||||||
self.m2m_removed = {}
|
self.m2m_removed = {}
|
||||||
|
|
||||||
self._object_changed = False
|
self._object_changed = False
|
||||||
|
self._request = None
|
||||||
|
|
||||||
"""
|
"""
|
||||||
Get Changesets for Request/Session/User
|
Get Changesets for Request/Session/User
|
||||||
"""
|
"""
|
||||||
@classmethod
|
|
||||||
def qs_base(cls, hide_applied=True):
|
|
||||||
qs = cls.objects.select_related('author')
|
|
||||||
if hide_applied:
|
|
||||||
qs = qs.exclude(state='applied')
|
|
||||||
return qs
|
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def qs_for_request(cls, request):
|
def qs_for_request(cls, request):
|
||||||
"""
|
"""
|
||||||
Returns a base QuerySet to get only changesets the current user is allowed to see
|
Returns a base QuerySet to get only changesets the current user is allowed to see
|
||||||
"""
|
"""
|
||||||
qs = cls.qs_base()
|
|
||||||
if request.user.is_authenticated:
|
if request.user.is_authenticated:
|
||||||
qs = qs.filter(author=request.user)
|
return ChangeSet.objects.filter(author=request.user)
|
||||||
else:
|
return ChangeSet.objects.none()
|
||||||
qs = qs.filter(author__isnull=True, session_id=request.session.session_key)
|
|
||||||
return qs
|
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def get_for_request(cls, request):
|
def get_for_request(cls, request):
|
||||||
|
|
@ -90,30 +79,25 @@ class ChangeSet(models.Model):
|
||||||
In any case, the default autor for changes added to the queryset during
|
In any case, the default autor for changes added to the queryset during
|
||||||
this request will be set to the current user.
|
this request will be set to the current user.
|
||||||
"""
|
"""
|
||||||
qs = cls.qs_for_request(request)
|
changeset_pk = request.session.get('changeset')
|
||||||
|
if changeset_pk is not None:
|
||||||
|
qs = ChangeSet.objects.exclude(state='applied')
|
||||||
|
if request.user.is_authenticated:
|
||||||
|
qs = qs.filter(author=request.user)
|
||||||
|
else:
|
||||||
|
qs = qs.filter(author__isnull=True)
|
||||||
|
try:
|
||||||
|
return qs.get(pk=changeset_pk)
|
||||||
|
except ChangeSet.DoesNotExist:
|
||||||
|
pass
|
||||||
|
|
||||||
if request.session.session_key is not None:
|
changeset = ChangeSet()
|
||||||
changeset = qs.filter(session_id=request.session.session_key).first()
|
changeset._request = request
|
||||||
if changeset is not None:
|
|
||||||
return changeset
|
|
||||||
|
|
||||||
new_changeset = cls()
|
|
||||||
new_changeset.request = request
|
|
||||||
|
|
||||||
if request.session.session_key is None:
|
|
||||||
request.session.save()
|
|
||||||
|
|
||||||
if request.user.is_authenticated:
|
if request.user.is_authenticated:
|
||||||
changeset = qs.filter(Q(author=request.user)).order_by('-created').first()
|
changeset.author = request.user
|
||||||
if changeset is not None:
|
|
||||||
changeset.session_id = request.session.session_key
|
|
||||||
changeset.save()
|
|
||||||
return changeset
|
|
||||||
|
|
||||||
new_changeset.author = request.user
|
return changeset
|
||||||
|
|
||||||
new_changeset.session_id = request.session.session_key
|
|
||||||
return new_changeset
|
|
||||||
|
|
||||||
"""
|
"""
|
||||||
Wrap Objects
|
Wrap Objects
|
||||||
|
|
@ -282,16 +266,13 @@ class ChangeSet(models.Model):
|
||||||
else:
|
else:
|
||||||
yield
|
yield
|
||||||
|
|
||||||
def could_edit(self, request):
|
def can_edit(self, request):
|
||||||
if self.state == 'unproposed':
|
if not self.proposed:
|
||||||
return self.author == request.user or (self.author is None and not request.user.is_authenticated)
|
return self.author == request.user or (self.author is None and not request.user.is_authenticated)
|
||||||
elif self.state == 'review':
|
elif self.state == 'review':
|
||||||
return self.assigned_to == request.user
|
return self.assigned_to == request.user
|
||||||
return False
|
return False
|
||||||
|
|
||||||
def can_edit(self, request):
|
|
||||||
return self.session_id == request.session.session_key and self.could_edit(request)
|
|
||||||
|
|
||||||
def can_delete(self, request):
|
def can_delete(self, request):
|
||||||
return self.can_edit(request) and self.state == 'unproposed'
|
return self.can_edit(request) and self.state == 'unproposed'
|
||||||
|
|
||||||
|
|
@ -367,3 +348,8 @@ class ChangeSet(models.Model):
|
||||||
('author', self.author_id),
|
('author', self.author_id),
|
||||||
('created', None if self.created is None else self.created.isoformat()),
|
('created', None if self.created is None else self.created.isoformat()),
|
||||||
))
|
))
|
||||||
|
|
||||||
|
def save(self, *args, **kwargs):
|
||||||
|
super().save(*args, **kwargs)
|
||||||
|
if self._request is not None:
|
||||||
|
self._request.session['changeset'] = self.pk
|
||||||
|
|
|
||||||
|
|
@ -19,7 +19,9 @@ from c3nav.mapdata.models.locations import LocationRedirect, LocationSlug
|
||||||
@sidebar_view
|
@sidebar_view
|
||||||
def changeset_detail(request, pk):
|
def changeset_detail(request, pk):
|
||||||
changeset = request.changeset
|
changeset = request.changeset
|
||||||
|
editing = True
|
||||||
if str(pk) != str(request.changeset.pk):
|
if str(pk) != str(request.changeset.pk):
|
||||||
|
editing = False
|
||||||
changeset = get_object_or_404(ChangeSet.qs_for_request(request), pk=pk)
|
changeset = get_object_or_404(ChangeSet.qs_for_request(request), pk=pk)
|
||||||
|
|
||||||
if not changeset.can_see(request):
|
if not changeset.can_see(request):
|
||||||
|
|
@ -27,6 +29,7 @@ def changeset_detail(request, pk):
|
||||||
|
|
||||||
can_edit = changeset.can_edit(request)
|
can_edit = changeset.can_edit(request)
|
||||||
can_delete = changeset.can_delete(request)
|
can_delete = changeset.can_delete(request)
|
||||||
|
editing = editing and can_edit
|
||||||
|
|
||||||
if request.method == 'POST':
|
if request.method == 'POST':
|
||||||
restore = request.POST.get('restore')
|
restore = request.POST.get('restore')
|
||||||
|
|
@ -123,7 +126,7 @@ def changeset_detail(request, pk):
|
||||||
obj_still_exists = pk not in changeset.deleted_existing.get(obj.__class__, ())
|
obj_still_exists = pk not in changeset.deleted_existing.get(obj.__class__, ())
|
||||||
|
|
||||||
edit_url = None
|
edit_url = None
|
||||||
if obj_still_exists and can_edit and not isinstance(obj, LocationRedirect):
|
if obj_still_exists and editing and not isinstance(obj, LocationRedirect):
|
||||||
reverse_kwargs = {'pk': obj.pk}
|
reverse_kwargs = {'pk': obj.pk}
|
||||||
if hasattr(obj, 'level_id'):
|
if hasattr(obj, 'level_id'):
|
||||||
reverse_kwargs['level'] = obj.level_id
|
reverse_kwargs['level'] = obj.level_id
|
||||||
|
|
|
||||||
|
|
@ -18,10 +18,7 @@ def login_view(request):
|
||||||
login(request, form.user_cache)
|
login(request, form.user_cache)
|
||||||
|
|
||||||
if request.changeset.pk is not None:
|
if request.changeset.pk is not None:
|
||||||
if request.session.session_key is None:
|
|
||||||
request.session.save()
|
|
||||||
request.changeset.author = form.user_cache
|
request.changeset.author = form.user_cache
|
||||||
request.changeset.session_key = request.session.session_key
|
|
||||||
request.changeset.save()
|
request.changeset.save()
|
||||||
return redirect(redirect_path)
|
return redirect(redirect_path)
|
||||||
else:
|
else:
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue