diff --git a/company/edit_forms.py b/company/edit_forms.py index ee64574a..bb88e3f8 100644 --- a/company/edit_forms.py +++ b/company/edit_forms.py @@ -117,7 +117,7 @@ class TagForm(BaseForm): tags = self.cleaned_data.get('tag') if tags: res = [] - for id in tags.split(', '): + for id in tags.split(','): try: res.append(int(id)) except: diff --git a/company/edit_views.py b/company/edit_views.py index 7c6cd1f3..4d68879d 100644 --- a/company/edit_views.py +++ b/company/edit_views.py @@ -38,7 +38,14 @@ class LogoView(BaseView): form_class = LogoForm def form_valid(self, form): - company = self.request.user.company + #company = self.request.user.company#!!! + + slug = self.kwargs.get('slug') + if not slug: + raise Http404 + company = Company.objects.get(url=slug) + if company.creator_id != self.request.user.id: + return HttpResponseForbidden() form = self.form_class(self.request.POST, self.request.FILES, instance=company) form.save() if self.request.is_ajax(): diff --git a/company/views.py b/company/views.py index f55873d8..07691436 100644 --- a/company/views.py +++ b/company/views.py @@ -113,7 +113,7 @@ class MemberDetail(DetailView): 'logo_form': CompLogo(instance=company) } tags = [{'id': str(tag.id), 'text': tag.name } for tag in company.tag.all()] - tag_form = CompTagForm(instance=company) + tag_form = CompTagForm() tag_form.fields['tag'].widget.attrs['data-predifined'] = json.dumps(tags) tag_form.fields['tag'].widget.attrs['value'] = '' forms.update({'tag_form': tag_form}) diff --git a/templates/client/includes/company/company_edit.html b/templates/client/includes/company/company_edit.html index e349d6a2..e7016aaa 100644 --- a/templates/client/includes/company/company_edit.html +++ b/templates/client/includes/company/company_edit.html @@ -30,12 +30,12 @@
- +
{% trans 'выберите файл' %}
{% trans 'Файл не выбран' %}
-
+