+from django.contrib.auth.decorators import login_required
from django.shortcuts import render_to_response
from django.shortcuts import get_object_or_404
from django.template import RequestContext
from django.utils.translation import ugettext as _
from django.contrib.auth.models import User
from django.core.urlresolvers import reverse
-from django.http import HttpResponseRedirect
+from django.http import HttpResponseRedirect, HttpResponseForbidden
+from django.views.generic.list_detail import object_detail, object_list
from ee.influences.models import Character
from ee.influences.models import Influence
from ee.tools.forms import ContextModelForm
model = Character
fields = ('name')
+@login_required
def add(request, character_id=None):
initial = {}
# Get the current user's characters
f = InfluenceForm(request=request, initial=initial)
if (f.is_valid()):
- influence = f.save()
- return HttpResponseRedirect(reverse('influences_influence_detail', args=[influence.id]))
+ influence = f.save(commit=False)
+ if (influence.character.player == request.user):
+ influence.save()
+ return HttpResponseRedirect(reverse('influences_influence_detail', args=[influence.id]))
+ else:
+ # TODO: Make this a bit more pretty. Perhaps throw an exception here and add some middleware to catch it?
+ return HttpResponseForbidden("Forbidden -- Trying to submit influence for somebody else's character")
# Only allow characters of the current user
f.fields['character']._set_queryset(chars)
return render_to_response('influences/add.html', {'form' : f}, RequestContext(request))
+@login_required
def addCharacter(request):
f = CharacterForm(request=request)
if (f.is_valid()):
return render_to_response('influences/add_character.html', {'form' : f}, RequestContext(request))
+@login_required
def index(request):
+ # Only show this player's characters and influences
characters = request.user.character_set.all()
- influences = Influence.objects.filter(character__in=characters)
+ influences = Influence.objects.filter(character__player=request.user)
return render_to_response('influences/index.html', {'characters' : characters, 'influences' : influences}, RequestContext(request))
+
+@login_required
+def character_list(request):
+ os = request.user.character_set.all()
+ return render_to_response('influences/character_list.html', {'object_list' : os}, RequestContext(request))
+
+@login_required
+def character_detail(request, object_id):
+ o = Character.objects.get(pk=object_id)
+ if (o.player != request.user):
+ return HttpResponseForbidden("Forbidden -- Trying to view somebody else's character")
+ return render_to_response('influences/character_detail.html', {'object' : o}, RequestContext(request))
+
+@login_required
+def influence_list(request):
+ os = Influence.objects.filter(character__player=request.user)
+ return render_to_response('influences/influence_list.html', {'object_list' : os}, RequestContext(request))
+
+@login_required
+def influence_detail(request, object_id):
+ o = Influence.objects.get(pk=object_id)
+ if (o.character.player != request.user):
+ return HttpResponseForbidden("Forbidden -- Trying to view influences of somebody else's character")
+ return render_to_response('influences/influence_detail.html', {'object' : o}, RequestContext(request))
+
+# vim: set sts=4 sw=4 expandtab:
projects / matthijs / projects / xerxes.git / blobdiff