X-Git-Url: https://git.stderr.nl/gitweb?a=blobdiff_plain;f=influences%2Fviews.py;h=e5391128abf1a37f57dbfa4925e257ced66c9aa9;hb=426cb2ff0508dfecbff4b5b55e752449df9c31d0;hp=41a1ecbe08cbd3db595a3e9b69344a47f80136ab;hpb=fdc7a4ff73dbee6b9bb721bb7e36597a12ae418b;p=matthijs%2Fprojects%2Fxerxes.git

diff --git a/influences/views.py b/influences/views.py
index 41a1ecb..e539112 100644
--- a/influences/views.py
+++ b/influences/views.py
@@ -1,58 +1,108 @@
+from django.contrib.auth.decorators import login_required
 from django.shortcuts import render_to_response
 from django.shortcuts import get_object_or_404
+from django.template import RequestContext
 from django.utils.translation import ugettext as _
 from django.contrib.auth.models import User
-from ee.influences.models import Character
-from ee.influences.models import Influence
-from ee.tools.forms import ContextModelForm
+from django.core.urlresolvers import reverse
+from django.http import HttpResponseRedirect, HttpResponseForbidden
+from django.views.generic.list_detail import object_detail, object_list
+from xerxes.influences.models import Character
+from xerxes.influences.models import Influence
+from xerxes.tools.forms import ContextModelForm
+
+
 
 class InfluenceForm(ContextModelForm):
     class Meta:
         model = Influence
-        fields = ('character', 'contact', 'description')
+        fields = ('character', 'contact', 'summary', 'description')
 
 class CharacterForm(ContextModelForm):
     class Meta:
         model = Character
         fields = ('name')
 
-def add(request, character_id):
-    message = None
-
+@login_required
+def add_influence(request, character_id=None):
     initial = {}
     # Get the current user's characters
     chars = request.user.character_set.all()
 
+    # If a character_id was specified in the url, or there is only one
+    # character, preselect it.
     if (character_id):
         initial['character'] = character_id
     elif (chars.count() == 1):
         initial['character'] = chars[0].id
 
+
     f = InfluenceForm(request=request, initial=initial)
+
+    # Only allow characters of the current user. Putting this here also
+    # ensures that a form will not validate when any other choice was
+    # selected (perhaps through URL crafting).
+    f.fields['character']._set_queryset(chars)
+
     if (f.is_valid()):
-        f.save()
-        message = _("Influence added.")
-        f = None
-     
-    # Only allow characters of the current user
-    if f:
-        f.fields['character']._set_queryset(chars)
-
-    return render_to_response('influences/add.html', {'message' : message, 'form' : f})
-
-def addCharacter(request):
-    message = None
+        # The form was submitted, let's save it.
+        influence = f.save()
+        # Redirect to the just saved influence
+        return HttpResponseRedirect(reverse('influences_influence_detail', args=[influence.id]))
+
+    return render_to_response('influences/add.html', {'form' : f}, RequestContext(request))
+
+@login_required
+def add_character(request):
     f = CharacterForm(request=request)
     if (f.is_valid()):
-        c = f.save(commit=False)
-        c.player = request.user
-        c.save()
-        message = _("Character added.")
-        f = None
+        character = f.save(commit=False)
+        character.player = request.user
+        character.save()
+        return HttpResponseRedirect(reverse('influences_character_detail', args=[character.id]))
 
-    return render_to_response('influences/add_character.html', {'message' : message, 'form' : f})
+    return render_to_response('influences/add_character.html', {'form' : f}, RequestContext(request))
 
+@login_required
 def index(request):
+    # Only show this player's characters and influences
     characters = request.user.character_set.all()
-    influences = Influence.objects.filter(character__in=characters)
-    return render_to_response('influences/index.html', {'characters' : characters, 'influences' : influences})
+    influences = Influence.objects.filter(character__player=request.user)
+    return render_to_response('influences/index.html', {'characters' : characters, 'influences' : influences}, RequestContext(request))
+
+#
+# The views below are very similar to django's generic views (in fact,
+# they used to be generic views before). However, since they all depend
+# on the currently logged in user (for limiting the show list or
+# performing access control), we won't actually use the generic views
+# here.
+
+@login_required
+def character_list(request):
+    # Only show this player's characters
+    os = request.user.character_set.all()
+    return render_to_response('influences/character_list.html', {'object_list' : os}, RequestContext(request))
+
+@login_required
+def character_detail(request, object_id):
+    o = Character.objects.get(pk=object_id)
+    # Don't show other player's characters
+    if (o.player != request.user):
+        return HttpResponseForbidden("Forbidden -- Trying to view somebody else's character")
+    return render_to_response('influences/character_detail.html', {'object' : o}, RequestContext(request))
+
+@login_required
+def influence_list(request):
+    # Only show this player's influences
+    os = Influence.objects.filter(character__player=request.user)
+    return render_to_response('influences/influence_list.html', {'object_list' : os}, RequestContext(request))
+
+@login_required
+def influence_detail(request, object_id):
+    o = Influence.objects.get(pk=object_id)
+    # Don't show other player's influences
+    if (o.character.player != request.user):
+        return HttpResponseForbidden("Forbidden -- Trying to view influences of somebody else's character")
+    return render_to_response('influences/influence_detail.html', {'object' : o}, RequestContext(request))
+
+# vim: set sts=4 sw=4 expandtab: