From 362c4c31cd0bffb23ecba34135b552c7d0878a25 Mon Sep 17 00:00:00 2001
From: Andrew Williams <andy@tensixtyone.com>
Date: Sun, 27 Nov 2011 22:26:20 +0000
Subject: [PATCH] Added basic interface to add to the blacklist from inside
 auth

---
 app/hr/templates/hr/blacklist_add.html  | 17 ++++++
 app/hr/templates/hr/blacklist_list.html | 43 +++++++++++++++
 app/hr/templates/hr/index.html          |  9 ++++
 app/hr/urls.py                          |  4 +-
 app/hr/views.py                         | 69 ++++++++++++++++++++++++-
 5 files changed, 140 insertions(+), 2 deletions(-)
 create mode 100644 app/hr/templates/hr/blacklist_add.html
 create mode 100644 app/hr/templates/hr/blacklist_list.html

diff --git a/app/hr/templates/hr/blacklist_add.html b/app/hr/templates/hr/blacklist_add.html
new file mode 100644
index 0000000..a96ae2c
--- /dev/null
+++ b/app/hr/templates/hr/blacklist_add.html
@@ -0,0 +1,17 @@
+{% extends "base.html" %}
+{% block title %}Add Blacklist Entry{% endblock %}
+
+{% block content %}
+<h1>Add Blacklist Entry</h1>
+
+<form action="{% url hr-blacklist-add %}" method="post">
+<table>
+{{ form.as_table }}
+</table>
+{% csrf_token %}
+
+<input type="submit" value="Blacklist" />
+</form>
+{% endblock %}
+
+
diff --git a/app/hr/templates/hr/blacklist_list.html b/app/hr/templates/hr/blacklist_list.html
new file mode 100644
index 0000000..cd309a3
--- /dev/null
+++ b/app/hr/templates/hr/blacklist_list.html
@@ -0,0 +1,43 @@
+{% extends "base.html" %}
+{% load naturaltimediff %}
+{% block title %}Blacklist{% endblock %}
+
+{% block content %}
+<h1>Blacklist</h1>
+
+{% if object_list %}
+<form method="get" action="{% url hr-blacklist-list %}">
+<label for="query">Search:</label>
+<input type="text" name="q" id="query" value="{% if query %}{{ query }}{% endif %}"/>
+</form>
+<table>
+<thead>
+  <th>ID</th><th>Type</th><th>Value</th><th>Level</th><th>Reason</th><th>Expiry</th>
+</thead>
+<tbody>
+  {% for obj in object_list %}
+  <tr><td>{{ obj.id }}</td><td>{{ obj.get_type_display }}</td><td>{{ obj.value }}</td><td>{{ obj.get_level_display }}</td><td>{{ obj.reason }}</td><td>{{ obj.expiry_date }}</td></tr>
+  {% endfor %}
+</tbody>
+</table>
+
+{% if is_paginated %}
+<div class="pagination">
+  <ul>
+    <li class="prev{% if not page_obj.has_previous %} disabled{% endif %}"><a href="{% if page_obj.has_previous %}?page={{ page_obj.previous_page_number }}{% endif %}">Previous</a></li>
+    {% for i in paginator.page_range %}
+    <li{% if i == page.number %} class="active"{% endif %}><a href="?page={{ i }}">{{ i }}</a></li>
+    {% endfor %}
+    <li class="next{% if not page_obj.has_next %} disabled{% endif %}"><a href="{% if page_obj.has_next %}?page={{page_obj.next_page_number }}{% endif %}">Next</a>
+  </ul>
+</div>
+{% endif %}
+{% else %}
+<p>No blacklist entries {% if query %}containing "{{ query }}" {% endif %}were found.</p>
+{% endif %}
+
+{% if perms.hr.add_blacklist %}
+<p><a href="{% url hr-blacklist-add %}">Add a blacklist entry</a></p>
+{% endif %}
+{% endblock %}
+
diff --git a/app/hr/templates/hr/index.html b/app/hr/templates/hr/index.html
index 4a11b4b..385cfaf 100644
--- a/app/hr/templates/hr/index.html
+++ b/app/hr/templates/hr/index.html
@@ -24,4 +24,13 @@
 </p>
 {% endif %}
 
+{% if perms.add_blacklist %}
+<h3>Blacklist Management</h3>
+<p>
+  <ul>
+    <li><a href="{% url hr-blacklist-list %}">View/Search Blacklist</a></li>
+    <li><a href="{% url hr-blacklist-add %}">Add Blacklist Entry</a></li>
+</p>
+{% endif %}
+
 {% endblock %}
diff --git a/app/hr/urls.py b/app/hr/urls.py
index 2d3ffda..06f9cbd 100644
--- a/app/hr/urls.py
+++ b/app/hr/urls.py
@@ -19,5 +19,7 @@ urlpatterns = patterns('',
     url(r'^recommendation/$', login_required(views.HrViewRecommendations.as_view()), name='hr-viewrecommendations'),
     url(r'^recommendation/add/$', login_required(views.HrAddRecommendation.as_view()), name='hr-addrecommendation'),
 
-    url(r'^blacklist/user/(?P<userid>\d+)/$', login_required(views.HrBlacklistUser.as_view()), name='hr-blacklistuser'),
+    url(r'^blacklist/$', login_required(views.HrBlacklistList.as_view()), name='hr-blacklist-list'),
+    url(r'^blacklist/add/$', login_required(views.HrAddBlacklist.as_view()), name='hr-blacklist-add'),
+    url(r'^blacklist/add/user/(?P<userid>\d+)/$', login_required(views.HrBlacklistUser.as_view()), name='hr-blacklistuser'),
 )
diff --git a/app/hr/views.py b/app/hr/views.py
index 3f69e51..5bce4e5 100644
--- a/app/hr/views.py
+++ b/app/hr/views.py
@@ -1,11 +1,15 @@
 from datetime import datetime, timedelta
 
-from django.http import HttpResponseRedirect, HttpResponse, Http404
+from django.conf import settings
+from django.db.models import Q
+from django.http import HttpResponseRedirect, HttpResponse, HttpResponseNotFound, HttpResponseForbidden, Http404
 from django.shortcuts import get_object_or_404
 from django.core.urlresolvers import reverse
 from django.contrib import messages
 from django.contrib.auth.models import User
 from django.contrib.auth.decorators import login_required
+from django.forms import ModelForm
+from django.forms.extras.widgets import SelectDateWidget
 from django.views.generic import TemplateView, DetailView, FormView, CreateView, ListView
 from django.views.generic.detail import BaseDetailView
 from django.conf import settings
@@ -375,3 +379,66 @@ class HrBlacklistUser(FormView):
         update_user_access.delay(user=self.blacklist_user.id)
 
         return HttpResponseRedirect(reverse('sso.views.user_view', args=[self.blacklist_user.username]))
+
+
+class HrBlacklistList(ListView):
+
+    model = Blacklist
+    allow_empty = True
+
+    def get_queryset(self):
+
+        obj_list = self.model.objects.all()
+
+        self.query = self.request.GET.get('q', None)
+        self.order = self.request.GET.get('o', 'id')
+
+        # Filter by the query string
+        if self.query:
+            obj_list = obj_list.filter(Q(value__icontains=self.query) | Q(reason__icontains=self.query))
+
+        # If a invalid order as been passed, correct it
+        if not self.order in ['id', 'type', 'value', 'reason', 'expiry_date']:
+            self.order = 'id'
+        return obj_list.order_by(self.order)
+
+    def get_context_data(self, **kwargs):
+        context = super(HrBlacklistList, self).get_context_data(**kwargs)
+        context['query'] = self.query
+        context['order'] = self.order
+
+        return context
+
+
+
+class HrAddBlacklist(CreateView):
+
+    model = Blacklist
+    template_name = 'hr/blacklist_add.html'
+
+    def dispatch(self, request, *args, **kwargs):
+        if not request.user.has_perm('hr.add_blacklist'):
+            return HttpResponseForbidden()
+        return super(HrAddBlacklist, self).dispatch(request, *args, **kwargs)
+
+    def get_form_class(self):
+
+        class AddBlacklistForm(ModelForm):
+            class Meta:
+                model = Blacklist
+                exclude = ('source', 'created_by')
+                widgets = {'expiry_date': SelectDateWidget()}
+
+        return AddBlacklistForm
+
+    def form_valid(self, form):
+
+        obj = form.save(commit=False)
+        obj.user = self.request.user
+        obj.source, created = BlacklistSource.objects.get_or_create(id=getattr(settings, 'BLACKLIST_DEFAULT_SOURCE', 1))
+        obj.save()
+        return HttpResponseRedirect(self.get_success_url())
+
+    def get_success_url(self):
+        return reverse('hr-blacklist-list')
+