Commit ef49d5c99acbf02356cbbe4995748d86b95804eb
1 parent
e027c6ed
Exists in
master
and in
2 other branches
Adjusting subject mural access error
Showing
1 changed file
with
63 additions
and
31 deletions
Show diff stats
mural/views.py
| ... | ... | @@ -559,25 +559,25 @@ class CategoryDelete(LoginRequiredMixin, LogMixin, generic.DeleteView): |
| 559 | 559 | |
| 560 | 560 | @log_decorator_ajax('mural', 'view', 'category') |
| 561 | 561 | def mural_category_log(request, category): |
| 562 | - action = request.GET.get('action') | |
| 562 | + action = request.GET.get('action') | |
| 563 | 563 | |
| 564 | - if action == 'open': | |
| 565 | - category = get_object_or_404(Category, id = category) | |
| 564 | + if action == 'open': | |
| 565 | + category = get_object_or_404(Category, id = category) | |
| 566 | 566 | |
| 567 | - log_context = {} | |
| 568 | - log_context['category_id'] = category.id | |
| 569 | - log_context['category_name'] = category.name | |
| 570 | - log_context['category_slug'] = category.slug | |
| 571 | - log_context['timestamp_start'] = str(int(time.time())) | |
| 572 | - log_context['timestamp_end'] = '-1' | |
| 567 | + log_context = {} | |
| 568 | + log_context['category_id'] = category.id | |
| 569 | + log_context['category_name'] = category.name | |
| 570 | + log_context['category_slug'] = category.slug | |
| 571 | + log_context['timestamp_start'] = str(int(time.time())) | |
| 572 | + log_context['timestamp_end'] = '-1' | |
| 573 | 573 | |
| 574 | - request.log_context = log_context | |
| 574 | + request.log_context = log_context | |
| 575 | 575 | |
| 576 | - log_id = Log.objects.latest('id').id | |
| 576 | + log_id = Log.objects.latest('id').id | |
| 577 | 577 | |
| 578 | - return JsonResponse({'message': 'ok', 'log_id': log_id}) | |
| 578 | + return JsonResponse({'message': 'ok', 'log_id': log_id}) | |
| 579 | 579 | |
| 580 | - return JsonResponse({'message': 'ok'}) | |
| 580 | + return JsonResponse({'message': 'ok'}) | |
| 581 | 581 | |
| 582 | 582 | """ |
| 583 | 583 | Section for SubjectPost classes |
| ... | ... | @@ -928,7 +928,7 @@ class SubjectView(LoginRequiredMixin, LogMixin, generic.ListView): |
| 928 | 928 | slug = self.kwargs.get('slug') |
| 929 | 929 | subject = get_object_or_404(Subject, slug = slug) |
| 930 | 930 | |
| 931 | - posts = getSubjectPosts(subject, user, favorites, mines) | |
| 931 | + posts = getSubjectPosts(subject.id, user, favorites, mines) | |
| 932 | 932 | |
| 933 | 933 | if showing: #Exclude ajax creation posts results |
| 934 | 934 | showing = showing.split(',') |
| ... | ... | @@ -978,25 +978,25 @@ class SubjectView(LoginRequiredMixin, LogMixin, generic.ListView): |
| 978 | 978 | |
| 979 | 979 | @log_decorator_ajax('mural', 'view', 'subject') |
| 980 | 980 | def mural_subject_log(request, subject): |
| 981 | - action = request.GET.get('action') | |
| 981 | + action = request.GET.get('action') | |
| 982 | 982 | |
| 983 | - if action == 'open': | |
| 984 | - subject = get_object_or_404(Subject, id = subject) | |
| 983 | + if action == 'open': | |
| 984 | + subject = get_object_or_404(Subject, id = subject) | |
| 985 | 985 | |
| 986 | - log_context = {} | |
| 987 | - log_context['subject_id'] = subject.id | |
| 988 | - log_context['subject_name'] = subject.name | |
| 989 | - log_context['subject_slug'] = subject.slug | |
| 990 | - log_context['timestamp_start'] = str(int(time.time())) | |
| 991 | - log_context['timestamp_end'] = '-1' | |
| 986 | + log_context = {} | |
| 987 | + log_context['subject_id'] = subject.id | |
| 988 | + log_context['subject_name'] = subject.name | |
| 989 | + log_context['subject_slug'] = subject.slug | |
| 990 | + log_context['timestamp_start'] = str(int(time.time())) | |
| 991 | + log_context['timestamp_end'] = '-1' | |
| 992 | 992 | |
| 993 | - request.log_context = log_context | |
| 993 | + request.log_context = log_context | |
| 994 | 994 | |
| 995 | - log_id = Log.objects.latest('id').id | |
| 995 | + log_id = Log.objects.latest('id').id | |
| 996 | 996 | |
| 997 | - return JsonResponse({'message': 'ok', 'log_id': log_id}) | |
| 997 | + return JsonResponse({'message': 'ok', 'log_id': log_id}) | |
| 998 | 998 | |
| 999 | - return JsonResponse({'message': 'ok'}) | |
| 999 | + return JsonResponse({'message': 'ok'}) | |
| 1000 | 1000 | |
| 1001 | 1001 | """ |
| 1002 | 1002 | Section for specific resource post classes |
| ... | ... | @@ -1034,14 +1034,46 @@ class ResourceView(LoginRequiredMixin, LogMixin, generic.ListView): |
| 1034 | 1034 | |
| 1035 | 1035 | if not favorites: |
| 1036 | 1036 | if mines: |
| 1037 | - posts = SubjectPost.objects.extra(select = {"most_recent": "greatest(last_update, (select max(mural_comment.last_update) from mural_comment where mural_comment.post_id = mural_subjectpost.mural_ptr_id))"}).filter(mural_ptr__user = user, resource = resource) | |
| 1037 | + if not user.is_staff: | |
| 1038 | + posts = SubjectPost.objects.extra(select = {"most_recent": "greatest(mural_mural.last_update, (select max(mural_comment.last_update) from mural_comment where mural_comment.post_id = mural_subjectpost.mural_ptr_id))"}).filter( | |
| 1039 | + Q(resource = resource) & Q(mural_ptr__user = user) & ( | |
| 1040 | + Q(space__category__coordinators = user) | | |
| 1041 | + Q(space__professor = user) | | |
| 1042 | + Q(resource__isnull = True) | | |
| 1043 | + (Q(resource__isnull = False) & (Q(resource__all_students = True) | Q(resource__students = user) | Q(resource__groups__participants = user))))).distinct() | |
| 1044 | + else: | |
| 1045 | + posts = SubjectPost.objects.extra(select = {"most_recent": "greatest(mural_mural.last_update, (select max(mural_comment.last_update) from mural_comment where mural_comment.post_id = mural_subjectpost.mural_ptr_id))"}).filter(resource = resource, mural_ptr__user = user) | |
| 1038 | 1046 | else: |
| 1039 | - posts = SubjectPost.objects.extra(select = {"most_recent": "greatest(last_update, (select max(mural_comment.last_update) from mural_comment where mural_comment.post_id = mural_subjectpost.mural_ptr_id))"}).filter(resource = resource) | |
| 1047 | + if not user.is_staff: | |
| 1048 | + posts = SubjectPost.objects.extra(select = {"most_recent": "greatest(mural_mural.last_update, (select max(mural_comment.last_update) from mural_comment where mural_comment.post_id = mural_subjectpost.mural_ptr_id))"}).filter( | |
| 1049 | + Q(resource = resource) & ( | |
| 1050 | + Q(space__category__coordinators = user) | | |
| 1051 | + Q(space__professor = user) | | |
| 1052 | + Q(resource__isnull = True) | | |
| 1053 | + (Q(resource__isnull = False) & (Q(resource__all_students = True) | Q(resource__students = user) | Q(resource__groups__participants = user))))).distinct() | |
| 1054 | + else: | |
| 1055 | + posts = SubjectPost.objects.extra(select = {"most_recent": "greatest(mural_mural.last_update, (select max(mural_comment.last_update) from mural_comment where mural_comment.post_id = mural_subjectpost.mural_ptr_id))"}).filter(resource = resource) | |
| 1040 | 1056 | else: |
| 1041 | 1057 | if mines: |
| 1042 | - posts = SubjectPost.objects.extra(select = {"most_recent": "greatest(last_update, (select max(mural_comment.last_update) from mural_comment where mural_comment.post_id = mural_subjectpost.mural_ptr_id))"}).filter(favorites_post__isnull = False, favorites_post__user = user, mural_ptr__user = user, resource = resource) | |
| 1058 | + if not user.is_staff: | |
| 1059 | + posts = SubjectPost.objects.extra(select = {"most_recent": "greatest(mural_mural.last_update, (select max(mural_comment.last_update) from mural_comment where mural_comment.post_id = mural_subjectpost.mural_ptr_id))"}).filter( | |
| 1060 | + Q(resource = resource) & Q(favorites_post__isnull = False) & Q(favorites_post__user = user) & Q(mural_ptr__user = user) & ( | |
| 1061 | + Q(space__category__coordinators = user) | | |
| 1062 | + Q(space__professor = user) | | |
| 1063 | + Q(resource__isnull = True) | | |
| 1064 | + (Q(resource__isnull = False) & (Q(resource__all_students = True) | Q(resource__students = user) | Q(resource__groups__participants = user))))).distinct() | |
| 1065 | + else: | |
| 1066 | + posts = SubjectPost.objects.extra(select = {"most_recent": "greatest(mural_mural.last_update, (select max(mural_comment.last_update) from mural_comment where mural_comment.post_id = mural_subjectpost.mural_ptr_id))"}).filter(resource = resource, favorites_post__isnull = False, favorites_post__user = user, mural_ptr__user = user) | |
| 1043 | 1067 | else: |
| 1044 | - posts = SubjectPost.objects.extra(select = {"most_recent": "greatest(last_update, (select max(mural_comment.last_update) from mural_comment where mural_comment.post_id = mural_subjectpost.mural_ptr_id))"}).filter(favorites_post__isnull = False, favorites_post__user = user, resource = resource) | |
| 1068 | + if not user.is_staff: | |
| 1069 | + posts = SubjectPost.objects.extra(select = {"most_recent": "greatest(mural_mural.last_update, (select max(mural_comment.last_update) from mural_comment where mural_comment.post_id = mural_subjectpost.mural_ptr_id))"}).filter( | |
| 1070 | + Q(resource = resource) & Q(favorites_post__isnull = False) & Q(favorites_post__user = user) & ( | |
| 1071 | + Q(space__category__coordinators = user) | | |
| 1072 | + Q(space__professor = user) | | |
| 1073 | + Q(resource__isnull = True) | | |
| 1074 | + (Q(resource__isnull = False) & (Q(resource__all_students = True) | Q(resource__students = user) | Q(resource__groups__participants = user))))).distinct() | |
| 1075 | + else: | |
| 1076 | + posts = SubjectPost.objects.extra(select = {"most_recent": "greatest(mural_mural.last_update, (select max(mural_comment.last_update) from mural_comment where mural_comment.post_id = mural_subjectpost.mural_ptr_id))"}).filter(resource = resource, favorites_post__isnull = False, favorites_post__user = user) | |
| 1045 | 1077 | |
| 1046 | 1078 | if showing: #Exclude ajax creation posts results |
| 1047 | 1079 | showing = showing.split(',') | ... | ... |