/
views.py
46 lines (34 loc) · 1.52 KB
/
views.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
from django.http import HttpResponseForbidden, Http404
from django.shortcuts import render_to_response, get_object_or_404, redirect
from django.template import RequestContext
from django.contrib.auth.models import User
from privileges.forms import GrantForm
from privileges.models import Grant
def grant_list(request, username):
user = get_object_or_404(User, username=username)
if request.user != user and not request.user.is_superuser:
return HttpResponseForbidden()
if request.method == "POST":
form = GrantForm(request.POST, user=request.user)
if form.is_valid():
form.save()
redirect("privileges_grant_list", username=username)
else:
form = GrantForm(user=request.user)
return render_to_response("privileges/grant_list.html", {
"grants_given": Grant.objects.filter(grantor=user),
"grants_received": Grant.objects.filter(grantee=user),
"grant_user": user,
"form": form
}, context_instance=RequestContext(request))
def grant_detail(request, username, pk):
user = get_object_or_404(User, username=username)
if request.user != user and not request.user.is_superuser:
return HttpResponseForbidden()
grant = get_object_or_404(Grant, pk=pk)
if grant.grantor != user and grant.grantee != user:
return Http404()
return render_to_response("privileges/grant_detail.html", {
"grant": grant,
"grant_user": user
}, context_instance=RequestContext(request))