Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
7 changed files
with
302 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| {% load i18n %} | ||
| <script lang="JavaScript"> | ||
| $(function() { | ||
|
|
||
| $('.event-form').each(function() { | ||
| var $form = $(this); | ||
| var $list = $form.parents('.post-events'); | ||
| var $li = $form.parent(); | ||
| var $divider = $li.prev(); | ||
| var action = $form.attr('action'); | ||
|
|
||
| $form.find('.event-toggle').click(function() { | ||
| var $btn = $(this); | ||
| var data = $form.serialize() + "&action=toggle"; | ||
| $.post(action, data, function(data) { | ||
| if (data.is_hidden) { | ||
| $btn.text("{% trans "Show" %}"); | ||
| $label = $('<span class="text-warning">{% trans "Hidden" %}</span>'); | ||
| $label.hide(); | ||
| $divider.find('div').append($label) | ||
| $label.fadeIn(); | ||
| } else { | ||
| $btn.text("{% trans "Hide" %}"); | ||
| $divider.find('.text-warning').fadeOut(function() {$(this).remove()}); | ||
| } | ||
| }); | ||
| return false; | ||
| }); | ||
|
|
||
| $form.find('.event-delete').click(function() { | ||
| var $btn = $(this); | ||
| var data = $form.serialize() + "&action=delete"; | ||
|
|
||
| var decision = confirm("{% trans "Are you sure you want to delete this event?" %}"); | ||
| if (decision) { | ||
| $.post(action, data, function(data) { | ||
| if (data.is_deleted) { | ||
| if ($list.find('.event:visible').length == 1) { | ||
| $list.slideUp(); | ||
| } else { | ||
| $li.slideUp(); | ||
| $divider.slideUp(); | ||
| } | ||
| } | ||
| }); | ||
| } | ||
| return false; | ||
| }); | ||
| }) | ||
|
|
||
| }); | ||
| </script> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,138 @@ | ||
| from django.core.urlresolvers import reverse | ||
|
|
||
| from misago.acl.testutils import override_acl | ||
| from misago.forums.models import Forum | ||
| from misago.users.testutils import AuthenticatedUserTestCase | ||
|
|
||
| from misago.threads.models import Thread, Event | ||
| from misago.threads.testutils import post_thread, reply_thread | ||
|
|
||
|
|
||
| class EventsViewTestCase(AuthenticatedUserTestCase): | ||
| ajax_header = {'HTTP_X_REQUESTED_WITH': 'XMLHttpRequest'} | ||
|
|
||
| def setUp(self): | ||
| super(EventsViewTestCase, self).setUp() | ||
|
|
||
| self.forum = Forum.objects.all_forums().filter(role="forum")[:1][0] | ||
| self.forum.labels = [] | ||
|
|
||
| self.thread = post_thread(self.forum) | ||
|
|
||
| def override_acl(self, new_acl): | ||
| new_acl.update({ | ||
| 'can_see': True, | ||
| 'can_browse': True, | ||
| 'can_see_all_threads': True, | ||
| 'can_see_own_threads': False, | ||
| 'can_pin_threads': True | ||
| }) | ||
|
|
||
| forums_acl = self.user.acl | ||
| forums_acl['visible_forums'].append(self.forum.pk) | ||
| forums_acl['forums'][self.forum.pk] = new_acl | ||
| override_acl(self.user, forums_acl) | ||
|
|
||
| def test_hide_event(self): | ||
| """its possible to hide event""" | ||
| self.override_acl({'can_hide_events': 0}) | ||
| response = self.client.post(self.thread.get_absolute_url(), | ||
| data={'thread_action': 'pin'}) | ||
| self.assertEqual(response.status_code, 302) | ||
|
|
||
| event = self.thread.event_set.all()[0] | ||
| self.override_acl({'can_hide_events': 0}) | ||
| response = self.client.post( | ||
| reverse('misago:edit_event', kwargs={'event_id': event.id}), | ||
| data={'action': 'toggle'}, | ||
| **self.ajax_header) | ||
| self.assertEqual(response.status_code, 403) | ||
|
|
||
| self.override_acl({'can_hide_events': 1}) | ||
| response = self.client.post( | ||
| reverse('misago:edit_event', kwargs={'event_id': event.id}), | ||
| data={'action': 'toggle'}, | ||
| **self.ajax_header) | ||
| self.assertEqual(response.status_code, 200) | ||
|
|
||
| event = Event.objects.get(id=event.id) | ||
| self.assertTrue(event.is_hidden) | ||
|
|
||
| def test_show_event(self): | ||
| """its possible to unhide event""" | ||
| self.override_acl({'can_hide_events': 0}) | ||
| response = self.client.post(self.thread.get_absolute_url(), | ||
| data={'thread_action': 'pin'}) | ||
| self.assertEqual(response.status_code, 302) | ||
|
|
||
| event = self.thread.event_set.all()[0] | ||
| event.is_hidden = True | ||
| event.save() | ||
|
|
||
| self.override_acl({'can_hide_events': 0}) | ||
| response = self.client.post( | ||
| reverse('misago:edit_event', kwargs={'event_id': event.id}), | ||
| data={'action': 'toggle'}, | ||
| **self.ajax_header) | ||
| self.assertEqual(response.status_code, 403) | ||
|
|
||
| self.override_acl({'can_hide_events': 1}) | ||
| response = self.client.post( | ||
| reverse('misago:edit_event', kwargs={'event_id': event.id}), | ||
| data={'action': 'toggle'}, | ||
| **self.ajax_header) | ||
| self.assertEqual(response.status_code, 200) | ||
|
|
||
| event = Event.objects.get(id=event.id) | ||
| self.assertFalse(event.is_hidden) | ||
|
|
||
| def test_delete_event(self): | ||
| """its possible to delete event""" | ||
| self.override_acl({'can_hide_events': 0}) | ||
| response = self.client.post(self.thread.get_absolute_url(), | ||
| data={'thread_action': 'pin'}) | ||
| self.assertEqual(response.status_code, 302) | ||
|
|
||
| self.override_acl({'can_hide_events': 0}) | ||
| response = self.client.post(self.thread.get_absolute_url(), | ||
| data={'thread_action': 'unpin'}) | ||
| self.assertEqual(response.status_code, 302) | ||
|
|
||
| event = self.thread.event_set.all()[0] | ||
|
|
||
| self.override_acl({'can_hide_events': 0}) | ||
| response = self.client.post( | ||
| reverse('misago:edit_event', kwargs={'event_id': event.id}), | ||
| data={'action': 'delete'}, | ||
| **self.ajax_header) | ||
| self.assertEqual(response.status_code, 403) | ||
|
|
||
| self.override_acl({'can_hide_events': 1}) | ||
| response = self.client.post( | ||
| reverse('misago:edit_event', kwargs={'event_id': event.id}), | ||
| data={'action': 'delete'}, | ||
| **self.ajax_header) | ||
| self.assertEqual(response.status_code, 403) | ||
|
|
||
| self.override_acl({'can_hide_events': 2}) | ||
| response = self.client.post( | ||
| reverse('misago:edit_event', kwargs={'event_id': event.id}), | ||
| data={'action': 'delete'}, | ||
| **self.ajax_header) | ||
| self.assertEqual(response.status_code, 200) | ||
|
|
||
| thread = Thread.objects.get(id=self.thread.id) | ||
| self.assertTrue(thread.has_events) | ||
| self.assertTrue(thread.event_set.exists()) | ||
|
|
||
| event = self.thread.event_set.all()[0] | ||
| self.override_acl({'can_hide_events': 2}) | ||
| response = self.client.post( | ||
| reverse('misago:edit_event', kwargs={'event_id': event.id}), | ||
| data={'action': 'delete'}, | ||
| **self.ajax_header) | ||
| self.assertEqual(response.status_code, 200) | ||
|
|
||
| thread = Thread.objects.get(id=self.thread.id) | ||
| self.assertFalse(thread.has_events) | ||
| self.assertFalse(thread.event_set.exists()) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,54 @@ | ||
| from django.core.exceptions import PermissionDenied | ||
| from django.db.transaction import atomic | ||
| from django.http import JsonResponse | ||
| from django.shortcuts import get_object_or_404 | ||
| from django.utils.translation import ugettext as _ | ||
|
|
||
| from misago.core.decorators import ajax_only, require_POST | ||
| from misago.users.decorators import deny_guests | ||
|
|
||
| from misago.threads.models import Event | ||
| from misago.threads.views.generic.base import ViewBase | ||
|
|
||
|
|
||
| class EventsView(ViewBase): | ||
| def dispatch(self, request, event_id): | ||
| def toggle_event(request, event): | ||
| event.is_hidden = not event.is_hidden | ||
| event.save(update_fields=['is_hidden']) | ||
| return JsonResponse({'is_hidden': event.is_hidden}) | ||
|
|
||
| def delete_event(request, event): | ||
| event.delete(); | ||
|
|
||
| event.thread.has_events = event.thread.event_set.exists() | ||
| event.thread.save(update_fields=['has_events']) | ||
|
|
||
| return JsonResponse({'is_deleted': True}) | ||
|
|
||
| @ajax_only | ||
| @require_POST | ||
| @deny_guests | ||
| @atomic | ||
| def real_view(request, event_id): | ||
| queryset = Event.objects.select_for_update() | ||
| queryset = queryset.select_related('forum', 'thread') | ||
| event = get_object_or_404(queryset, id=event_id) | ||
|
|
||
| forum = event.forum | ||
| thread = event.thread | ||
|
|
||
| self.check_forum_permissions(request, forum) | ||
| self.check_thread_permissions(request, thread) | ||
|
|
||
| if request.POST.get('action') == 'toggle': | ||
| if not forum.acl.get('can_hide_events'): | ||
| raise PermissionDenied(_("You can't hide events.")) | ||
| return toggle_event(request, event) | ||
| elif request.POST.get('action') == 'delete': | ||
| if forum.acl.get('can_hide_events') != 2: | ||
| raise PermissionDenied(_("You can't delete events.")) | ||
| return delete_event(request, event) | ||
| else: | ||
| raise PermissionDenied(_("Invalid action requested.")) | ||
| return real_view(request, event_id) |