Working on data security; private, living
svn: r19780
This commit is contained in:
parent
0d3bf6bb16
commit
9f6def272f
@ -35,9 +35,17 @@
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="ColumnAttribute">Name:</td>
|
||||
{% if user.is_authenticated or father.probably_alive %}
|
||||
<td class="ColumnValue" id="data">{% render familyform.father user action %}</td>
|
||||
{% else %}
|
||||
<td class="ColumnValue" id="data">{{family.father|render_name:user}}</td>
|
||||
{% endif %}
|
||||
<td class="ColumnAttribute">Name:</td>
|
||||
{% if user.is_authenticated or mother.probably_alive %}
|
||||
<td class="ColumnValue" id="data">{% render familyform.mother user action %}</td>
|
||||
{% else %}
|
||||
<td class="ColumnValue" id="data">{{family.mother|render_name:user}}</td>
|
||||
{% endif %}
|
||||
</tr>
|
||||
{% if user.is_authenticated or not familyform.father.probably_alive %}
|
||||
<tr>
|
||||
|
@ -40,7 +40,7 @@
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="ColumnAttribute">{{surnameform.surname.label}}:</td>
|
||||
<td class="ColumnValue" id="data">{% render surnameform.surname user action False "" "get_focus" %}</td>
|
||||
<td class="ColumnValue" id="data">{% render surnameform.surname user action "get_focus" %}</td>
|
||||
<td class="ColumnAttribute">{{surnameform.prefix.label}}:</td>
|
||||
<td class="ColumnValue" id="data">{% render surnameform.prefix user action %}</td>
|
||||
</tr>
|
||||
|
@ -39,7 +39,7 @@
|
||||
<tr><td id="rowspace"></td></tr>
|
||||
<tr>
|
||||
<td class="ColumnAttribute">{{nameform.title.label}}:</td>
|
||||
<td class="ColumnValue" id="data">{% render nameform.title user action False "" "get_focus" %}</td>
|
||||
<td class="ColumnValue" id="data">{% render nameform.title user action "get_focus" %}</td>
|
||||
<td class="ColumnAttribute">{{nameform.nick.label}}:</td>
|
||||
<td class="ColumnValue" id="data">{% render nameform.nick user action %}</td>
|
||||
<td class="ColumnAttribute">{{nameform.call.label}}:</td>
|
||||
|
@ -27,8 +27,6 @@ is loaded by the fixtures/initial_data.json, which is
|
||||
created by init.py.
|
||||
"""
|
||||
|
||||
_DEBUG = True
|
||||
|
||||
from django.db import models
|
||||
from django.contrib.contenttypes.models import ContentType
|
||||
from django.contrib.contenttypes import generic
|
||||
@ -55,8 +53,6 @@ def get_type(the_type, data, get_or_create=False):
|
||||
elif data[0] == the_type._CUSTOM or get_or_create:
|
||||
(obj, new) = the_type.objects.get_or_create(val=data[0],
|
||||
name=data[1])
|
||||
if new and _DEBUG:
|
||||
print "DEBUG: Made new type:", the_type, data
|
||||
return obj
|
||||
else:
|
||||
return the_type.objects.get(val=data[0])
|
||||
@ -690,6 +686,7 @@ class Name(DateObject, SecondaryObject):
|
||||
self._sanitized = True
|
||||
if self.person.probably_alive:
|
||||
self.first_name = "[Living]"
|
||||
self.nick = ""
|
||||
self.call = ""
|
||||
self.group_as = ""
|
||||
self.title = ""
|
||||
|
@ -266,6 +266,7 @@ def view_list(request, view):
|
||||
Q(place__title__icontains=search)) &
|
||||
private
|
||||
) \
|
||||
.distinct() \
|
||||
.order_by("gramps_id")
|
||||
else:
|
||||
object_list = Event.objects.filter(private).order_by("gramps_id")
|
||||
@ -283,6 +284,7 @@ def view_list(request, view):
|
||||
.filter((Q(father__name__surname__surname__istartswith=surname) &
|
||||
Q(mother__name__surname__surname__istartswith=surname))
|
||||
) \
|
||||
.distinct() \
|
||||
.order_by("gramps_id")
|
||||
else: # no comma
|
||||
object_list = Family.objects \
|
||||
@ -291,6 +293,7 @@ def view_list(request, view):
|
||||
Q(father__name__surname__surname__istartswith=search) |
|
||||
Q(mother__name__surname__surname__istartswith=search)
|
||||
) \
|
||||
.distinct() \
|
||||
.order_by("gramps_id")
|
||||
else: # no search
|
||||
object_list = Family.objects.all().order_by("gramps_id")
|
||||
@ -311,6 +314,7 @@ def view_list(request, view):
|
||||
Q(mother__private=False) &
|
||||
Q(father__private=False)
|
||||
) \
|
||||
.distinct() \
|
||||
.order_by("gramps_id")
|
||||
else:
|
||||
object_list = Family.objects \
|
||||
@ -318,6 +322,7 @@ def view_list(request, view):
|
||||
Q(mother__private=False) &
|
||||
Q(father__private=False)
|
||||
) \
|
||||
.distinct() \
|
||||
.order_by("gramps_id")
|
||||
view_template = 'view_families.html'
|
||||
total = Family.objects.all().count()
|
||||
@ -334,6 +339,7 @@ def view_list(request, view):
|
||||
.filter(Q(gramps_id__icontains=search) &
|
||||
private
|
||||
) \
|
||||
.distinct() \
|
||||
.order_by("gramps_id")
|
||||
else:
|
||||
object_list = Media.objects.filter(private).order_by("gramps_id")
|
||||
@ -354,6 +360,7 @@ def view_list(request, view):
|
||||
Q(text__icontains=search)) &
|
||||
private
|
||||
) \
|
||||
.distinct() \
|
||||
.order_by("gramps_id")
|
||||
else:
|
||||
object_list = Note.objects.filter(private).order_by("gramps_id")
|
||||
@ -367,6 +374,7 @@ def view_list(request, view):
|
||||
query = build_person_query(request, search, protect=False)
|
||||
object_list = Name.objects \
|
||||
.filter(query) \
|
||||
.distinct() \
|
||||
.order_by("surname__surname", "first_name")
|
||||
else:
|
||||
object_list = Name.objects.all().order_by("surname__surname", "first_name")
|
||||
@ -377,12 +385,14 @@ def view_list(request, view):
|
||||
query = build_person_query(request, search, protect=True)
|
||||
object_list = Name.objects \
|
||||
.filter(query) \
|
||||
.distinct() \
|
||||
.order_by("surname__surname", "private", "person__probably_alive", "first_name")
|
||||
else:
|
||||
object_list = Name.objects \
|
||||
.select_related() \
|
||||
.filter(Q(private=False) &
|
||||
Q(person__private=False)) \
|
||||
.distinct() \
|
||||
.order_by("surname__surname", "private", "person__probably_alive", "first_name")
|
||||
# END NON-AUTHENTICATED users
|
||||
view_template = 'view_people.html'
|
||||
@ -402,6 +412,7 @@ def view_list(request, view):
|
||||
) &
|
||||
private
|
||||
) \
|
||||
.distinct() \
|
||||
.order_by("gramps_id")
|
||||
else:
|
||||
object_list = Place.objects.filter(private).order_by("gramps_id")
|
||||
@ -423,6 +434,7 @@ def view_list(request, view):
|
||||
) &
|
||||
private
|
||||
) \
|
||||
.distinct() \
|
||||
.order_by("gramps_id")
|
||||
else:
|
||||
object_list = Repository.objects.filter(private).order_by("gramps_id")
|
||||
@ -441,6 +453,7 @@ def view_list(request, view):
|
||||
.filter(Q(gramps_id__icontains=search) &
|
||||
private
|
||||
) \
|
||||
.distinct() \
|
||||
.order_by("gramps_id")
|
||||
else:
|
||||
object_list = Citation.objects.filter(private).order_by("gramps_id")
|
||||
@ -459,6 +472,7 @@ def view_list(request, view):
|
||||
.filter(Q(gramps_id__icontains=search) &
|
||||
private
|
||||
) \
|
||||
.distinct() \
|
||||
.order_by("gramps_id")
|
||||
else:
|
||||
object_list = Source.objects.filter(private).order_by("gramps_id")
|
||||
@ -470,6 +484,7 @@ def view_list(request, view):
|
||||
search = request.GET.get("search")
|
||||
object_list = Tag.objects \
|
||||
.filter(Q(name__icontains=search)) \
|
||||
.distinct() \
|
||||
.order_by("name")
|
||||
else:
|
||||
object_list = Tag.objects.order_by("name")
|
||||
@ -482,10 +497,12 @@ def view_list(request, view):
|
||||
if request.user.is_superuser:
|
||||
object_list = Report.objects \
|
||||
.filter(Q(name__icontains=search)) \
|
||||
.distinct() \
|
||||
.order_by("name")
|
||||
else:
|
||||
object_list = Report.objects \
|
||||
.filter(Q(name__icontains=search) & ~Q(report_type="import")) \
|
||||
.distinct() \
|
||||
.order_by("name")
|
||||
else:
|
||||
if request.user.is_superuser:
|
||||
@ -682,15 +699,18 @@ def build_person_query(request, search, protect):
|
||||
query = Q()
|
||||
if protect:
|
||||
query &= (Q(private=False) & Q(person__private=False))
|
||||
terms = ["surname", "given"]
|
||||
else:
|
||||
terms = ["surname"]
|
||||
else:
|
||||
terms = ["surname", "given"]
|
||||
for term in [term.strip() for term in search.split(",")]:
|
||||
if "=" in term:
|
||||
field, value = [s.strip() for s in term.split("=")]
|
||||
else:
|
||||
if terms:
|
||||
field = terms.pop(0)
|
||||
value = term
|
||||
else:
|
||||
continue
|
||||
if "." in field and not protect:
|
||||
query &= Q(**{field.replace(".", "__"): value})
|
||||
elif field == "surname":
|
||||
|
@ -76,6 +76,7 @@ util_filters = [
|
||||
|
||||
util_tags = [
|
||||
'render',
|
||||
'render_name',
|
||||
"get_person_from_handle",
|
||||
"event_table",
|
||||
"name_table",
|
||||
@ -821,16 +822,20 @@ def children_table(obj, user, action, url=None, *args):
|
||||
date_as_text(child.birth, user),
|
||||
)
|
||||
links.append(('URL', ("/person/%s" % child.handle)))
|
||||
count += 1
|
||||
else:
|
||||
table.row(str(count),
|
||||
"[%s]" % child.gramps_id,
|
||||
render_name(child, user),
|
||||
child.gender_type,
|
||||
render_name(child, user) if not child.private else "[Private]",
|
||||
child.gender_type if not child.private else "[Private]",
|
||||
"[Private]",
|
||||
"[Private]",
|
||||
"[Private]",
|
||||
)
|
||||
if not child.private:
|
||||
links.append(('URL', ("/person/%s" % child.handle)))
|
||||
else:
|
||||
links.append((None, None))
|
||||
count += 1
|
||||
table.links(links)
|
||||
retval += table.get_html()
|
||||
@ -872,11 +877,10 @@ def display_date(obj):
|
||||
else:
|
||||
return ""
|
||||
|
||||
def render(formfield, user, action, test=False, truetext="", id=None):
|
||||
def render(formfield, user, action, id=None):
|
||||
if not user.is_authenticated():
|
||||
action = "view"
|
||||
if action == "view": # show as text
|
||||
if (not user.is_authenticated() and not test) or user.is_authenticated():
|
||||
fieldname = formfield.name # 'surname'
|
||||
try:
|
||||
item = getattr(formfield.form.model, fieldname)
|
||||
@ -884,6 +888,7 @@ def render(formfield, user, action, test=False, truetext="", id=None):
|
||||
retval = ", ".join([i.get_link() for i in item.all()])
|
||||
else:
|
||||
retval = str(item)
|
||||
#### Some cleanup:
|
||||
if retval == "True":
|
||||
retval = "Yes"
|
||||
elif retval == "False":
|
||||
@ -894,8 +899,6 @@ def render(formfield, user, action, test=False, truetext="", id=None):
|
||||
retval = str(formfield.form.data[fieldname])
|
||||
except:
|
||||
retval = "[None]"
|
||||
else:
|
||||
retval = truetext
|
||||
else: # show as widget
|
||||
if id != None:
|
||||
retval = formfield.as_widget(attrs={"id": id})
|
||||
@ -903,7 +906,7 @@ def render(formfield, user, action, test=False, truetext="", id=None):
|
||||
retval = formfield.as_widget()
|
||||
return retval
|
||||
|
||||
def render_name(name, user):
|
||||
def render_name(name, user, action=None):
|
||||
"""
|
||||
Given a Django or Gramps object, render the name and return. This
|
||||
function uses authentication, privacy and probably_alive settings.
|
||||
|
Loading…
Reference in New Issue
Block a user