diff --git a/pandora/user/models.py b/pandora/user/models.py index 09550eedc..e1caf575b 100644 --- a/pandora/user/models.py +++ b/pandora/user/models.py @@ -92,10 +92,12 @@ def get_user_json(user): result = {} for key in ('username', ): result[key] = getattr(user, key) - if user.is_staff: + if user.is_superuser: result['level'] = 'admin' + elif user.is_staff: + result['level'] = 'staff' else: - result['level'] = 'user' + result['level'] = 'member' result['groups'] = [g.name for g in user.groups.all()] result['preferences'] = profile.get_preferences() result['ui'] = profile.get_ui() diff --git a/pandora/user/views.py b/pandora/user/views.py index bc9bf3c03..be69622a3 100644 --- a/pandora/user/views.py +++ b/pandora/user/views.py @@ -19,6 +19,7 @@ import models from api.actions import actions from app.models import site_config +from item.models import Access, Item class SigninForm(forms.Form): username = forms.TextInput() @@ -419,7 +420,6 @@ def resetUI(request): return render_to_json_response(response) actions.register(resetUI, cache=False) -@login_required_json def setUI(request): ''' param data { @@ -433,20 +433,31 @@ def setUI(request): } ''' data = json.loads(request.POST['data']) - keys = data.keys()[0].split('|') - value = data.values()[0] - profile = request.user.get_profile() - p = profile.ui - while len(keys)>1: - key = keys.pop(0) - if isinstance(p, list): - p = p[getPositionById(p, key)] + if request.user.is_authenticated(): + for key in data: + keys = key.split('|') + value = data[key] + profile = request.user.get_profile() + p = profile.ui + while len(keys)>1: + key = keys.pop(0) + if isinstance(p, list): + p = p[getPositionById(p, key)] + else: + if key not in p: + p[key] = {} + p = p[key] + p[keys[0]] = value + profile.save() + + if data.get('item', False): + item = Item.objects.get(itemId=data['item']) + if request.user.is_authenticated(): + access, created = Access.objects.get_or_create(item=item, user=request.user) else: - if key not in p: - p[key] = {} - p = p[key] - p[keys[0]] = value - profile.save() + access, created = Access.objects.get_or_create(item=item, user=None) + access.save() + response = json_response() return render_to_json_response(response) actions.register(setUI, cache=False)