From 058c95584b1e863643985e14d9b87dfb43ca2b4c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=9D=D0=B0=D0=B7=D0=B0=D1=80=20=D0=9A=D0=BE=D1=82=D1=8E?=
 =?UTF-8?q?=D0=BA?= <kotzillla@gmail.com>
Date: Tue, 6 Jan 2015 12:32:02 +0200
Subject: [PATCH] Task 30

---
 company/edit_views.py                         | 12 +++++-
 company/urls.py                               | 34 ++++++++--------
 templates/client/company/company_detail.html  |  2 +-
 .../client/includes/company/company_edit.html | 39 ++++++++++---------
 4 files changed, 49 insertions(+), 38 deletions(-)

diff --git a/company/edit_views.py b/company/edit_views.py
index 00ce6279..7c6cd1f3 100644
--- a/company/edit_views.py
+++ b/company/edit_views.py
@@ -1,13 +1,21 @@
 import json
-from django.http import HttpResponseRedirect, HttpResponse, Http404
+from django.http import HttpResponseRedirect, HttpResponse, Http404, HttpResponseForbidden
 from django.utils.translation import get_language
 from sorl.thumbnail import get_thumbnail
 from edit_forms import *
 from accounts.views import ProfileInvalidView
+from .models import Company
 
 class BaseView(ProfileInvalidView):
     def form_valid(self, form):
-        company = self.request.user.company
+        slug = self.kwargs.get('slug')
+        if not slug:
+            raise Http404
+
+        company = Company.objects.get(url=slug)
+        if company.creator_id != self.request.user.id:
+            return HttpResponseForbidden()
+
         if self.form_class.translation:
             lang = get_language()
             comp_transl = company.translations.get(language_code=lang)
diff --git a/company/urls.py b/company/urls.py
index b1d47572..88c9e07f 100644
--- a/company/urls.py
+++ b/company/urls.py
@@ -6,6 +6,10 @@ from edit_views import *
 
 
 urlpatterns = patterns('',
+    url(r'company/create-company/$', 'company.views.create_company'),
+    url(r'company/get-company/$', 'company.views.get_company'),
+    #
+
     url(r'members/search/$', CompanySearchView.as_view()),
     #url(r'members/(?P<params>.*)/(?P<page>\d+)/$', CompanyView.as_view()),
     #url(r'members/(?P<page>\d+)/$', CompanyView.as_view()),
@@ -20,21 +24,19 @@ urlpatterns = patterns('',
     url(r'members/$', MemberList.as_view()),
 
     #
-    url(r'company/create-company/$', 'company.views.create_company'),
-    url(r'company/get-company/$', 'company.views.get_company'),
-    #
-    url(r'company/update/name/$', login_required(NameView.as_view())),
-    url(r'^company/update/home/$', login_required(HomeView.as_view())),
-    url(r'^company/update/specialization/$', login_required(SpecializationView.as_view())),
-    url(r'^company/update/phone/$', login_required(PhoneView.as_view())),
-    url(r'^company/update/email/$', login_required(EmailView.as_view())),
-    url(r'^company/update/web-page/$', login_required(WebPageView.as_view())),
-    url(r'^company/update/social/$', login_required(SocialView.as_view())),
-    url(r'^company/update/tag/$', login_required(TagView.as_view())),
-    url(r'^company/update/foundation/$', login_required(FoundationView.as_view())),
-    url(r'^company/update/staff/$', login_required(StaffView.as_view())),
-    url(r'^company/update/description/$', login_required(DescriptionView.as_view())),
-    url(r'^company/update/address/$', login_required(AddressView.as_view())),
-    url(r'^company/update/logo/$', login_required(LogoView.as_view())),
+    url(r'company/update/name/(?P<slug>.*)/$', login_required(NameView.as_view())),
+    url(r'^company/update/home/(?P<slug>.*)/$', login_required(HomeView.as_view())),
+    url(r'^company/update/specialization/(?P<slug>.*)/$', login_required(SpecializationView.as_view())),
+    url(r'^company/update/phone/(?P<slug>.*)/$', login_required(PhoneView.as_view())),
+    url(r'^company/update/email/(?P<slug>.*)/$', login_required(EmailView.as_view())),
+    url(r'^company/update/web-page/(?P<slug>.*)/$', login_required(WebPageView.as_view())),
+    url(r'^company/update/social/(?P<slug>.*)/$', login_required(SocialView.as_view())),
+    url(r'^company/update/tag/(?P<slug>.*)/$', login_required(TagView.as_view())),
+    url(r'^company/update/foundation/(?P<slug>.*)/$', login_required(FoundationView.as_view())),
+    url(r'^company/update/staff/(?P<slug>.*)/$', login_required(StaffView.as_view())),
+    url(r'^company/update/description/(?P<slug>.*)/$', login_required(DescriptionView.as_view())),
+    url(r'^company/update/address/(?P<slug>.*)/$', login_required(AddressView.as_view())),
+    url(r'^company/update/logo/(?P<slug>.*)/$', login_required(LogoView.as_view())),
+
 
 )
diff --git a/templates/client/company/company_detail.html b/templates/client/company/company_detail.html
index b13977b2..5e7892bc 100644
--- a/templates/client/company/company_detail.html
+++ b/templates/client/company/company_detail.html
@@ -15,7 +15,7 @@
 {% block content_list %}
     {% if request.user == object.creator %}
 
-        {% include 'client/includes/company/company_edit.html' %}
+        {% include 'client/includes/company/company_edit.html' with company=object %}
     {% else %}
         {% include 'client/includes/company/company_object.html' with company=object %}
     {% endif %}
diff --git a/templates/client/includes/company/company_edit.html b/templates/client/includes/company/company_edit.html
index 0f033237..c3520619 100644
--- a/templates/client/includes/company/company_edit.html
+++ b/templates/client/includes/company/company_edit.html
@@ -42,7 +42,7 @@
                             <a class="e-btn" href="#" title="">Указать</a>
                             <div class="add_link_text_text">свой город <b>+5</b></div>
                         {% endif %}
-                        <form class="clearfix update-profile-form" id="home_form" action="/company/update/home/"  method="post">{% csrf_token %}
+                        <form class="clearfix update-profile-form" id="home_form" action="/company/update/home/{{ company.url }}/"  method="post">{% csrf_token %}
                         <div class="e-form">
 
 
@@ -76,8 +76,8 @@
 
                 </div>
                 <div class="site_link">
-                    <a href="{{ request.user.company.get_permanent_url }}" title="">
-                        {{ request.user.company.get_permanent_url }}
+                    <a href="{{ company.get_permanent_url }}" title="">
+                        {{ company.get_permanent_url }}
                     </a>
                 </div>
 
@@ -87,7 +87,7 @@
                     <div class="edit-wrap">
                         <a class="e-btn" href="#">редактировать</a>
                         <div class="e-form">
-                            <form class="clearfix update-profile-form" id="name_form" action="/company/update/name/"  method="post">{% csrf_token %}
+                            <form class="clearfix update-profile-form" id="name_form" action="/company/update/name/{{ company.url }}/"  method="post">{% csrf_token %}
 
                                 <div class="ef-body">
 
@@ -126,7 +126,7 @@
                     {% endif %}
 
                     <div class="e-form">
-                        <form class="clearfix update-profile-form" id="spec_form" action="/company/update/specialization/"  method="post">{% csrf_token %}
+                        <form class="clearfix update-profile-form" id="spec_form" action="/company/update/specialization/{{ company.url }}/"  method="post">{% csrf_token %}
                             <div class="ef-body">
 
                                 <div class="epf-field">
@@ -148,12 +148,13 @@
                 </div>
 
             </div>
-
-            <div class="i-area" id="theme-inf" data-theme="{% for th in request.user.company.theme.all %}{{ th.id }},{% endfor %}">
-                {% for th in request.user.company.theme.all %}
-                    <a href="/members/theme-{{ th.url }}">{{ th.name }}</a>{% ifnotequal forloop.counter request.user.company.theme.all|length %},{% endifnotequal %}
-                {% endfor %}
-            </div>
+            {% with themes=company.theme.all %}
+                <div class="i-area" id="theme-inf" data-theme="{% for th in themes %}{{ th.id }},{% endfor %}">
+                    {% for th in themes %}
+                        <a href="/members/theme/{{ th.url }}">{{ th.name }}</a>{% ifnotequal forloop.counter themes|length %},{% endifnotequal %}
+                    {% endfor %}
+                </div>
+            {% endwith %}
 
             <hr />
 
@@ -171,7 +172,7 @@
                     {% endif %}
 
                         <div class="e-form">
-                            <form class="clearfix update-profile-form" id="address_form" action="/company/update/address/"  method="post">{% csrf_token %}
+                            <form class="clearfix update-profile-form" id="address_form" action="/company/update/address/{{ company.url }}/"  method="post">{% csrf_token %}
 
                             <div class="ef-body">
 
@@ -260,7 +261,7 @@
                             <div class="add_link_text_text"><b>+5 за каждый</b></div>
                                 <div class="e-form">
 
-                                <form class="clearfix update-profile-form" id="social_form" action="/company/update/social/"  method="post">{% csrf_token %}
+                                <form class="clearfix update-profile-form" id="social_form" action="/company/update/social/{{ company.url }}/"  method="post">{% csrf_token %}
 
                                     <div class="ef-body">
 
@@ -323,7 +324,7 @@
                             {% endif %}
 
                                 <div class="e-form">
-                                    <form class="clearfix update-profile-form" id="phone_form" action="/company/update/phone/"  method="post">{% csrf_token %}
+                                    <form class="clearfix update-profile-form" id="phone_form" action="/company/update/phone/{{ company.url }}/"  method="post">{% csrf_token %}
                                     <div class="ef-body">
 
                                         <div class="epfl">
@@ -359,7 +360,7 @@
                             {% endif %}
 
                                 <div class="e-form">
-                                    <form class="clearfix update-profile-form" id="email_form" action="/company/update/email/"  method="post">{% csrf_token %}
+                                    <form class="clearfix update-profile-form" id="email_form" action="/company/update/email/{{ company.url }}/"  method="post">{% csrf_token %}
                                     <div class="ef-body">
 
                                         <div class="epfl">
@@ -398,7 +399,7 @@
                             {% endif %}
 
                                 <div class="e-form">
-                                    <form class="clearfix update-profile-form" id="web_page_form" action="/company/update/web-page/" method="post">{% csrf_token %}
+                                    <form class="clearfix update-profile-form" id="web_page_form" action="/company/update/web-page/{{ company.url }}/" method="post">{% csrf_token %}
                                     <div class="ef-body">
 
                                         <div class="epfl">
@@ -441,7 +442,7 @@
 
 
                             <div class="e-form">
-                                <form class="clearfix update-profile-form" id="found_form" action="/company/update/foundation/"  method="post">{% csrf_token %}
+                                <form class="clearfix update-profile-form" id="found_form" action="/company/update/foundation/{{ company.url }}/"  method="post">{% csrf_token %}
                                 <div class="ef-body">
 
                                     <div class="epfl">
@@ -477,7 +478,7 @@
 
 
                             <div class="e-form">
-                                <form class="clearfix update-profile-form" id="staff_form" action="/company/update/staff/"  method="post">{% csrf_token %}
+                                <form class="clearfix update-profile-form" id="staff_form" action="/company/update/staff/{{ company.url }}/"  method="post">{% csrf_token %}
                                 <div class="ef-body">
 
                                     <div class="epfl">
@@ -513,7 +514,7 @@
 
 
                             <div class="e-form">
-                                <form class="clearfix update-profile-form" id="description_form" action="/company/update/description/"  method="post">{% csrf_token %}
+                                <form class="clearfix update-profile-form" id="description_form" action="/company/update/description/{{ company.url }}/"  method="post">{% csrf_token %}
                                 <div class="ef-body">
 
                                     <div class="epfl">