From b085b870c9562d213a7bd2325e2fa11b03088a41 Mon Sep 17 00:00:00 2001 From: Les Orchard Date: Sun, 23 Dec 2012 15:45:16 -0500 Subject: [PATCH] fix #10: Implement award deletion --- badger/models.py | 11 +++++ .../badger_playdoh/award_delete.html | 40 +++++++++++++++++++ badger/urls.py | 2 + badger/views.py | 21 ++++++++++ 4 files changed, 74 insertions(+) create mode 100644 badger/templates/badger_playdoh/award_delete.html diff --git a/badger/models.py b/badger/models.py index 039f746..a0737d7 100644 --- a/badger/models.py +++ b/badger/models.py @@ -676,6 +676,17 @@ class Award(models.Model): # TODO: Need some logic here, someday. return True + def allows_delete_by(self, user): + if user.is_anonymous(): + return False + if user == self.user: + return True + if user == self.creator: + return True + if user.has_perm('badger.change_award'): + return True + return False + def save(self, *args, **kwargs): # Signals and some bits of logic only happen on a new award. diff --git a/badger/templates/badger_playdoh/award_delete.html b/badger/templates/badger_playdoh/award_delete.html new file mode 100644 index 0000000..190c959 --- /dev/null +++ b/badger/templates/badger_playdoh/award_delete.html @@ -0,0 +1,40 @@ +{% extends "badger/base.html" %} + +{% set user = award.user %} +{% set award_url = request.build_absolute_uri(url('badger.views.award_detail', award.badge.slug, award.id)) %} +{% if award.image %} + {% set image_url = award.image.url %} +{% elif badge.image %} + {% set image_url = badge.image.url %} +{% else %} + {# TODO: Put the URL for default badge image in settings #} + {% set image_url = "/media/img/default-badge.png" %} +{% endif %} + +{% block pageid %}award_delete{% endblock %} + +{% block content %} +
+

{{ _("Delete Award") }}

+
+
+ +
+ {% include "badger/includes/badge_full.html" %} +
+ +
+ +
+ {{ csrf() }} +

{{ _("Delete this award, are you sure?") }}

+
    +
    • +
+
+ + {% include "badger/includes/award_full.html" %} +
+ +
+{% endblock %} diff --git a/badger/urls.py b/badger/urls.py index 148bfe6..8229a40 100644 --- a/badger/urls.py +++ b/badger/urls.py @@ -24,6 +24,8 @@ urlpatterns = patterns('badger.views', name='badger.award_detail_json'), url(r'^badge/(?P[^/]+)/awards/(?P[^/]+)/?$', 'award_detail', name='badger.award_detail'), + url(r'^badge/(?P[^/]+)/awards/(?P[^/]+)/delete$', 'award_delete', + name='badger.award_delete'), url(r'^badge/(?P[^/]+)/claims/(?P.+)\.pdf$', 'claims_list', kwargs=dict(format='pdf'), name='badger.claims_list_pdf'), diff --git a/badger/views.py b/badger/views.py index 15457d6..e43c014 100644 --- a/badger/views.py +++ b/badger/views.py @@ -284,6 +284,27 @@ def award_detail(request, slug, id, format="html"): ), context_instance=RequestContext(request)) +@require_http_methods(['GET', 'POST']) +@login_required +def award_delete(request, slug, id): + """Delete an award""" + badge = get_object_or_404(Badge, slug=slug) + award = get_object_or_404(Award, badge=badge, pk=id) + if not award.allows_delete_by(request.user): + return HttpResponseForbidden('Award delete forbidden') + + if request.method == "POST": + messages.info(request, _('Award for badge "%s" deleted.') % + badge.title) + award.delete() + url = reverse('badger.views.detail', kwargs=dict(slug=slug)) + return HttpResponseRedirect(url) + + return render_to_response('badger/award_delete.html', dict( + badge=badge, award=award + ), context_instance=RequestContext(request)) + + @login_required def _do_claim(request, deferred_award): """Perform claim of a deferred award"""