society-self-service/sspromotions/views.py

#    Society Self-Service
#    Copyright © 2018  Yingtong Li (RunasSudo)
#
#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU Affero General Public License as published by
#    the Free Software Foundation, either version 3 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU Affero General Public License for more details.
#
#    You should have received a copy of the GNU Affero General Public License
#    along with this program.  If not, see <https://www.gnu.org/licenses/>.

from django.contrib.auth.decorators import login_required

from django.http import HttpResponse
from django.shortcuts import render, redirect
from django.urls import reverse
from django.utils import timezone

from . import models

@login_required
def index(request):
	return render(request, 'sspromotions/index.html')

@login_required
def bulletin_list(request):
	items_past = []
	items_upcoming = []
	items_future = []
	
	for item in models.BulletinItem.objects.all():
		if not item.group.can_user_access(request.user):
			continue
		
		# TODO
		items_upcoming.append(item)
	
	return render(request, 'sspromotions/bulletin_list.html', {
		'items_past': items_past,
		'items_upcoming': items_upcoming,
		'items_future': items_future
	})

@login_required
def bulletin_preview(request):
	return render(request, 'sspromotions/email/bulletin.html', {
		'groups': [group for group in models.Group.objects.all() if group.bulletinitem_set.count() > 0],
		'more': []
	})

@login_required
def bulletin_new(request):
	if request.method == 'POST':
		item = models.BulletinItem()
		item.group = models.Group.objects.get(id=int(request.POST['group']))
		if not item.group.can_user_access(request.user):
			return HttpResponse('Unauthorized', status=401)
		item.title = request.POST['title']
		item.date = request.POST['date']
		item.content = request.POST['content']
		item.link = request.POST['link']
		if request.FILES:
			item.image = request.FILES['image']
		item.also_limit = [int(k[11:]) for k, v in request.POST.items() if k.startswith('also_limit_') and v]
		item.save()
		
		if request.POST['submit'] == 'Save':
			return redirect(reverse('bulletin_list'))
		else:
			return redirect(reverse('bulletin_edit', kwargs={'id': item.id}))
	else:
		item = models.BulletinItem()
		item.date = timezone.now()
		return render(request, 'sspromotions/bulletin_edit.html', {
			'item': item,
			'groups': [group for group in models.Group.objects.all() if group.can_user_access(request.user)],
			'all_groups': models.Group.objects.all()
		})

@login_required
def bulletin_edit(request, id):
	if request.method == 'POST':
		item = models.BulletinItem.objects.get(id=id)
		item.group = models.Group.objects.get(id=int(request.POST['group']))
		if not item.group.can_user_access(request.user):
			return HttpResponse('Unauthorized', status=401)
		item.title = request.POST['title']
		item.date = request.POST['date']
		item.content = request.POST['content']
		item.link = request.POST['link']
		if request.FILES:
			item.image = request.FILES['image']
		item.also_limit = [int(k[11:]) for k, v in request.POST.items() if k.startswith('also_limit_') and v]
		item.save()
		
		if request.POST['submit'] == 'Save':
			return redirect(reverse('bulletin_list'))
		else:
			return redirect(reverse('bulletin_edit', kwargs={'id': item.id}))
	else:
		item = models.BulletinItem.objects.get(id=id)
		if not item.group.can_user_access(request.user):
			return HttpResponse('Unauthorized', status=401)
		return render(request, 'sspromotions/bulletin_edit.html', {
			'item': item,
			'groups': [group for group in models.Group.objects.all() if group.can_user_access(request.user)],
			'all_groups': models.Group.objects.all()
		})

@login_required
def bulletin_delete(request, id):
	item = models.BulletinItem.objects.get(id=id)
	if not item.group.can_user_access(request.user):
		return HttpResponse('Unauthorized', status=401)
	item.delete()
	
	return redirect(reverse('bulletin_list'))