Commits

Luke Plant committed 48a5fee Merge

Merged from default

Comments (0)

Files changed (10)

cciw/officers/urls.py

 from django.conf.urls.defaults import patterns, url
-from django.views.generic.base import TemplateView
 
 urlpatterns = patterns('cciw.officers.views',
     (r'^$', 'index'),
     (r'^ref/thanks/$', 'create_reference_thanks'),
     (r'^add-officer/$', 'create_officer'),
     (r'^files/(.*)$', 'officer_files'),
-    url(r'^info/$', TemplateView.as_view(template_name='cciw/officers/info.html'), name="cciw.officers.views.info"),
+    url(r'^info/$', 'officer_info', name="cciw.officers.views.info"),
 )

cciw/officers/views.py

 import datetime
 import operator
+import urlparse
 
 from django import forms
 from django.conf import settings
 from django.contrib.admin.views.decorators import staff_member_required
+from django.contrib.auth import REDIRECT_FIELD_NAME
 from django.contrib.auth.decorators import user_passes_test
 from django.contrib.auth.models import User
 from django.contrib import messages
 from django.template.loader import render_to_string
 from django.template.defaultfilters import wordwrap
 from django.views.decorators.cache import never_cache
+from django.views.generic.base import TemplateView
 
 from cciw.cciwmain import common
 from cciw.cciwmain.decorators import json_response
 @never_cache
 def index(request):
     """Displays a list of links/buttons for various actions."""
+
+    # Handle redirects, since this page is LOGIN_URL
+    redirect_to = request.REQUEST.get(REDIRECT_FIELD_NAME, '')
+    if redirect_to:
+        netloc = urlparse.urlparse(redirect_to)[1]
+        # Heavier security check -- don't allow redirection to a different
+        # host.
+        if netloc == '' or netloc == request.get_host():
+            return HttpResponseRedirect(redirect_to)
+
     user = request.user
     c = {}
     c['thisyear'] = common.get_thisyear()
     c['officer'] = officer
     c['is_popup'] = True
     return render(request, 'cciw/officers/crb_consent_problem.html', c)
+
+
+officer_info = staff_member_required(TemplateView.as_view(template_name='cciw/officers/info.html'))
 
 MEDIA_URL = '/usermedia/'
 STATIC_URL = '/static/'
-ADMIN_MEDIA_PREFIX = '/static/admin/'
 
 FILE_UPLOAD_MAX_MEMORY_SIZE = 262144
 

securedownload/views.py

 import os
 import posixpath
 import urllib
+
 from django.conf import settings
+from django.contrib.auth.views import redirect_to_login
 from django.http import Http404, HttpResponseRedirect, HttpResponseForbidden
 from django.utils.crypto import salted_hmac
 
                 raise Http404()
             return serve_secure_file(os.path.join(folder, fname))
         else:
+            user = getattr(request, 'user', None)
+            if user is not None and not user.is_authenticated():
+                # redirect to login
+                return redirect_to_login(request.get_full_path())
             return HttpResponseForbidden("<h1>Access denied</h1>")
     return view

templates/500.html

-{% load adminmedia %}<!DOCTYPE html>
+{% load static %}<!DOCTYPE html>
 <html lang="en-gb">
 <head>
 <title>500 Internal Server Error</title>
-<link rel="stylesheet" type="text/css" href="{% admin_media_prefix %}css/base.css" />
-<link rel="stylesheet" type="text/css" href="/static/css/adminextra.css" />
-<!--[if lte IE 7]><link rel="stylesheet" type="text/css" href="{% admin_media_prefix %}css/ie.css" /><![endif]-->
+<link rel="stylesheet" type="text/css" href="{% static "css/base.css" %}" />
+<link rel="stylesheet" type="text/css" href="{% static "css/adminextra.css" %}" />
+<!--[if lte IE 7]><link rel="stylesheet" type="text/css" href="{% static "css/ie.css" %}" /><![endif]-->
 <meta name="robots" content="NONE,NOARCHIVE" />
 </head>
 <body>

templates/admin/login.html

 {% extends "admin/base_site.html" %}
-{% load i18n %}
+{% load i18n static %}
 
-{% block extrastyle %}{% load adminmedia %}{{ block.super }}<link rel="stylesheet" type="text/css" href="{% admin_media_prefix %}css/login.css" />{% endblock %}
+{% block extrastyle %}{{ block.super }}<link rel="stylesheet" type="text/css" href="{% static "admin/css/login.css" %}" />{% endblock %}
 
 {% block bodyclass %}login{% endblock %}
 

templates/cciw/officers/base.html

 {% extends "admin/base_site.html" %}
-{% load adminmedia admin_modify %}
-{% block stylesheet %}{% admin_media_prefix %}css/base.css{% endblock %}
+{% load adminmedia static %}
+{% block stylesheet %}{% static "admin/css/base.css" %}{% endblock %}
 {% block breadcrumbs %}{% endblock %}
 {% block title %}
 CCIW Officers
 {% endblock %}
 {% block extrastyle %}{{ block.super }}
 <script type="text/javascript" src="/admin/jsi18n/"></script>
-<script type="text/javascript" src="/static/admin/js/core.js"></script>
+<script type="text/javascript" src="{% static "admin/js/core.js" %}"></script>
 {% if form %}
   {{ form.media }}
 {% endif %}

templates/cciw/officers/officer_list.html

 {% extends "cciw/officers/base.html" %}
 {% load url from future %}
-{% load adminmedia %}
+{% load static %}
 {% block title %}Officer list {{ camp.year }}-{{ camp.number }} | CCIW Officers{% endblock %}
 
 {% block extrastyle %}{{ block.super }}
-<script type="text/javascript" src="{{ STATIC_URL }}js/jquery.tablesorter.min.js"></script>
-<link rel="stylesheet" type="text/css" href="{% admin_media_prefix %}css/forms.css" />
+<script type="text/javascript" src="{% static "js/jquery.tablesorter.min.js" %}"></script>
+<link rel="stylesheet" type="text/css" href="{% static "css/forms.css" %}" />
 <style type="text/css">
 
 .innerleft {
  alt="Add" src="{{ STATIC_URL }}images/officer-list-add.gif" /></a>
  &nbsp;&nbsp;&nbsp;
  <input type="text" id="id_available_officers_filter" />
- <img style="vertical-align: middle" alt="search" src="{% admin_media_prefix %}img/admin/selector-search.gif" />
+ <img style="vertical-align: middle" alt="search" src="{% static "admin/img/selector-search.gif" %}" />
 </div>
 <div>
 <select multiple="multiple" id="id_available_officers" style="min-width:30em;height: 30em;" name="officers">

templates/cciw/officers/officer_list_table_editable.html

-{% load adminmedia %}
+{% load static %}
 <div  id="id_officer_list_table">
 <p>Total: {{ invitations|length }}</p>
 <table class="tablesorter">
     <td>{{ invite.notes }}</a></td>
     <td>
       <nobr>
-      <img class="editbtn" id="id_edit_{{ invite.officer.id }}" src="{% admin_media_prefix %}img/admin/icon_changelink.gif" alt="Edit" title="Edit" style="margin-right: 4px;"/>
-      <img class="removebtn" id="id_remove_{{ invite.officer.id }}" src="{{ STATIC_URL }}images/officer-list-remove.gif" alt="Remove" title="Remove" style="margin-right: 4px;"/>
-      <img class="emailbtn" id="id_email_{{ invite.officer.id }}" src="{{ STATIC_URL }}images/sendemail.gif" alt="Re-send initial e-mail" title="Re-send initial e-mail" />
+      <img class="editbtn" id="id_edit_{{ invite.officer.id }}" src="{% static "admin/img/icon_changelink.gif" %}" alt="Edit" title="Edit" style="margin-right: 4px;"/>
+      <img class="removebtn" id="id_remove_{{ invite.officer.id }}" src="{% static "images/officer-list-remove.gif" %}" alt="Remove" title="Remove" style="margin-right: 4px;"/>
+      <img class="emailbtn" id="id_email_{{ invite.officer.id }}" src="{% static "images/sendemail.gif" %}" alt="Re-send initial e-mail" title="Re-send initial e-mail" />
       </nobr>
    </td>
   </tr>

templates/cciw/officers/stats.html

 {% extends "cciw/officers/base.html" %}
 {% load url from future %}
-{% load adminmedia %}
+{% load static %}
 {% load json_filters %}
 {% block title %}Officer stats | CCIW Officers{% endblock %}
 
 {% block extrastyle %}{{ block.super }}
-<link rel="stylesheet" type="text/css" href="{% admin_media_prefix %}css/forms.css" />
-<script type="text/javascript" src="{{ STATIC_URL }}js/jquery.flot.min.js"></script>
+<link rel="stylesheet" type="text/css" href="{% static "css/forms.css" %}" />
+<script type="text/javascript" src="{% static "js/jquery.flot.min.js" %}"></script>
 
 {% endblock %}
 {% block bodyclass%}change-form{% endblock %}
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.