X-Git-Url: https://git.stderr.nl/gitweb?a=blobdiff_plain;ds=sidebyside;f=influences%2Fviews.py;h=ba8e280aaa0a2bf177fe4af2e062d17e65f98d5a;hb=d482d83e3ebc9c02d6942aac09f7c697aae7ad07;hp=4df518f6a2902143dd65ef22c30908555b9f90ba;hpb=f3dd167d45ba0e152ad19b1d37f4258e5a9d383f;p=matthijs%2Fprojects%2Fxerxes.git

diff --git a/influences/views.py b/influences/views.py
index 4df518f..ba8e280 100644
--- a/influences/views.py
+++ b/influences/views.py
@@ -1,10 +1,12 @@
+from django.contrib.auth.decorators import login_required
 from django.shortcuts import render_to_response
 from django.shortcuts import get_object_or_404
 from django.template import RequestContext
 from django.utils.translation import ugettext as _
 from django.contrib.auth.models import User
 from django.core.urlresolvers import reverse
-from django.http import HttpResponseRedirect
+from django.http import HttpResponseRedirect, HttpResponseForbidden
+from django.views.generic.list_detail import object_detail, object_list
 from ee.influences.models import Character
 from ee.influences.models import Influence
 from ee.tools.forms import ContextModelForm
@@ -21,6 +23,7 @@ class CharacterForm(ContextModelForm):
         model = Character
         fields = ('name')
 
+@login_required
 def add(request, character_id=None):
     initial = {}
     # Get the current user's characters
@@ -33,14 +36,20 @@ def add(request, character_id=None):
 
     f = InfluenceForm(request=request, initial=initial)
     if (f.is_valid()):
-        influence = f.save()
-        return HttpResponseRedirect(reverse('influences_influence_detail', args=[influence.id]))
+        influence = f.save(commit=False)
+        if (influence.character.player == request.user):
+                influence.save()
+                return HttpResponseRedirect(reverse('influences_influence_detail', args=[influence.id]))
+        else:
+                # TODO: Make this a bit more pretty. Perhaps throw an exception here and add some middleware to catch it?
+                return HttpResponseForbidden("Forbidden -- Trying to submit influence for somebody else's character")
      
     # Only allow characters of the current user
     f.fields['character']._set_queryset(chars)
 
     return render_to_response('influences/add.html', {'form' : f}, RequestContext(request))
 
+@login_required
 def addCharacter(request):
     f = CharacterForm(request=request)
     if (f.is_valid()):
@@ -49,9 +58,27 @@ def addCharacter(request):
         character.save()
         return HttpResponseRedirect(reverse('influences_character_detail', args=[character.id]))
 
-    return render_to_response('influences/add_character.html', {'form' : f})
+    return render_to_response('influences/add_character.html', {'form' : f}, RequestContext(request))
 
+@login_required
 def index(request):
     characters = request.user.character_set.all()
     influences = Influence.objects.filter(character__in=characters)
     return render_to_response('influences/index.html', {'characters' : characters, 'influences' : influences}, RequestContext(request))
+
+@login_required
+def character_list(request):
+    os = request.user.character_set.all()
+    return render_to_response('influences/character_list.html', {'object_list' : os}, RequestContext(request))
+
+@login_required
+def character_detail(request, object_id):
+    o = Character.objects.get(pk=object_id)
+    return render_to_response('influences/character_detail.html', {'object' : o}, RequestContext(request))
+
+@login_required
+def influence_detail(request, object_id):
+    o = Influence.objects.get(pk=object_id)
+    return render_to_response('influences/influence_detail.html', {'object' : o}, RequestContext(request))
+
+# vim: set sts=4 sw=4 expandtab: