mirror of
https://github.com/nottinghamtec/PyRIGS.git
synced 2026-01-17 21:42:14 +00:00
Made embed page, with clickjacking protection turned off
This commit is contained in:
David Taylor
@@ -12,6 +12,7 @@ from django.conf import settings
|
||||
from django.http import HttpResponse
|
||||
from django.db.models import Q
|
||||
from django.contrib import messages
|
||||
from django.views.decorators.clickjacking import xframe_options_exempt
|
||||
from z3c.rml import rml2pdf
|
||||
from PyPDF2 import PdfFileMerger, PdfFileReader
|
||||
import simplejson
|
||||
@@ -66,6 +67,13 @@ class EventOembed(generic.View):
|
||||
json = simplejson.JSONEncoderForHTML().encode(data)
|
||||
return HttpResponse(json, content_type="application/json")
|
||||
|
||||
class EventEmbed(EventDetail):
|
||||
template_name = 'RIGS/event_embed.html'
|
||||
|
||||
@xframe_options_exempt
|
||||
def get(self, request, *args, **kwargs):
|
||||
return super(EventEmbed, self).get(request, *args, **kwargs)
|
||||
|
||||
|
||||
class EventCreate(generic.CreateView):
|
||||
model = models.Event
|
||||
|
||||
122
RIGS/templates/RIGS/event_embed.html
Normal file
122
RIGS/templates/RIGS/event_embed.html
Normal file
@@ -0,0 +1,122 @@
|
||||
{% load static from staticfiles %}
|
||||
{% load raven %}
|
||||
|
||||
|
||||
<!DOCTYPE html>
|
||||
<html
|
||||
dir="{% if LANGUAGE_BIDI %}rtl{% else %}ltr{% endif %}"
|
||||
xml:lang="{% firstof LANGUAGE_CODE 'en' %}"
|
||||
lang="{% firstof LANGUAGE_CODE 'en' %}">
|
||||
<head>
|
||||
<link href='https://fonts.googleapis.com/css?family=Open+Sans:400italic,700,300,400' rel='stylesheet'
|
||||
type='text/css'>
|
||||
|
||||
|
||||
<link rel="stylesheet" type="text/css" href="{% static "css/screen.css" %}">
|
||||
|
||||
<script src="https://code.jquery.com/jquery-1.8.3.min.js"
|
||||
integrity="sha256-YcbK69I5IXQftf/mYD8WY0/KmEDCv1asggHpJk1trM8=" crossorigin="anonymous"></script>
|
||||
<script src="https://cdn.ravenjs.com/1.3.0/jquery,native/raven.min.js"></script>
|
||||
<script>Raven.config('{% sentry_public_dsn %}').install()</script>
|
||||
|
||||
<style>
|
||||
body, html{
|
||||
padding:0;
|
||||
height:100%;
|
||||
}
|
||||
.embed_container{
|
||||
border:5px solid #e9e9e9;
|
||||
height:100%;
|
||||
width:100%;
|
||||
}
|
||||
</style>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
{% include "analytics.html" %}
|
||||
|
||||
<div class="embed_container" style="border: 5px solid #e9e9e9;">
|
||||
<div class="container-fluid">
|
||||
<div class="row">
|
||||
<div class="col-sm-12 col-md-6">
|
||||
<h2>
|
||||
<small>
|
||||
<span class="pull-right">
|
||||
|
||||
{% if object.mic %}
|
||||
{{ object.mic.initials }}
|
||||
<div>
|
||||
<img src="{{ object.mic.profile_picture }}" class="event-mic-photo"/>
|
||||
</div>
|
||||
|
||||
{% elif object.is_rig %}
|
||||
<span class="glyphicon glyphicon-exclamation-sign"></span>
|
||||
{% endif %}
|
||||
</span>
|
||||
</small>
|
||||
<img src="{% static "imgs/pyrigs-avatar.png" %}" style="height:30px; float:left; padding-right:10px;"> </img>
|
||||
<a {% if perms.RIGS.view_event %}href="{% url 'event_detail' object.pk %}" target="_top"{% endif %}>
|
||||
{% if object.is_rig %}N{{ object.pk|stringformat:"05d" }}{% else %}{{ object.pk }}{% endif %}
|
||||
| {{ object.name }} </a>
|
||||
{% if object.venue %}
|
||||
<small>at {{ object.venue }}</small>
|
||||
{% endif %}
|
||||
|
||||
|
||||
|
||||
</h2>
|
||||
|
||||
{% if object.is_rig %}
|
||||
<h5>
|
||||
{{ object.person.name }}
|
||||
{% if object.organisation %}
|
||||
for {{ object.organisation.name }}
|
||||
{% endif %}
|
||||
{% if object.dry_hire %}</a><span class="badge">Dry Hire</span>{% endif %}
|
||||
</h5>
|
||||
{% endif %}
|
||||
|
||||
<p>
|
||||
<strong>{{ event.start_date|date:"D d/m/Y" }}</strong>
|
||||
{% if event.end_date and event.end_date != event.start_date %}
|
||||
<strong>{{ event.end_date|date:"D d/m/Y" }}</strong>
|
||||
{% endif %}
|
||||
<span class="text-muted">({{ event.get_status_display }})</span>
|
||||
</p>
|
||||
<p>
|
||||
{{ event.description|linebreaksbr }}
|
||||
</p>
|
||||
</div>
|
||||
<div class="col-sm-12 col-md-6" style="margin-top:30px;">
|
||||
{% if not object.cancelled %}
|
||||
<dl class="dl-horizontal">
|
||||
{% if object.meet_at %}
|
||||
<dt>Crew meet</dt>
|
||||
<dd>{{ object.meet_at|date:"H:i" }} {{ object.meet_at|date:"(Y-m-d)" }}</dd>
|
||||
{% endif %}
|
||||
{% if object.has_start_time %}
|
||||
<dt>Event starts</dt>
|
||||
<dd>
|
||||
{{ object.start_time|date:"H:i" }}
|
||||
{{ object.start_date|date:"(Y-m-d)" }}<br/>
|
||||
</dd>
|
||||
{% endif %}
|
||||
{% if object.has_end_time%}{% if object.start_date != object.end_date or object.start_time != object.end_time %}
|
||||
<dt>Event ends</dt>
|
||||
<dd>
|
||||
{{ object.end_time|date:"H:i" }}
|
||||
{{ object.end_date|date:"(Y-m-d)" }}
|
||||
</dd>
|
||||
{% endif %}{% endif %}
|
||||
</dl>
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
{% block js %}
|
||||
{% endblock %}
|
||||
</body>
|
||||
</html>
|
||||
@@ -82,7 +82,10 @@ urlpatterns = patterns('',
|
||||
url(r'^event/(?P<pk>\d+)/$',
|
||||
permission_required_with_403('RIGS.view_event', oembed_view="event_oembed")(rigboard.EventDetail.as_view()),
|
||||
name='event_detail'),
|
||||
url(r'^event/(?P<pk>\d+)/oembed/$',
|
||||
url(r'^event/(?P<pk>\d+)/embed/$',
|
||||
permission_required_with_403('RIGS.view_event')(rigboard.EventEmbed.as_view()),
|
||||
name='event_oembed'),
|
||||
url(r'^event/(?P<pk>\d+)/oembed_json/$',
|
||||
rigboard.EventOembed.as_view(),
|
||||
name='event_oembed'),
|
||||
url(r'^event/(?P<pk>\d+)/print/$',
|
||||
|
||||
Reference in New Issue
Block a user