f

files/context_processors.py

@@ -65,47 +65,18 @@ def stuff(request):
     if request.user.is_superuser:
         ret["DJANGO_ADMIN_URL"] = settings.DJANGO_ADMIN_URL
 
-    # LTI Integration: Add category UID for LTI-authenticated users
     if getattr(settings, 'USE_LTI', False):
-        # Check if user has an active LTI session
         lti_session = request.session.get('lti_session')
-        print("=" * 80)
-        print("CONTEXT PROCESSOR - LTI CATEGORY LOOKUP")
-        print("USE_LTI: True")
-        print(f"User authenticated: {request.user.is_authenticated}")
-        print(f"LTI session exists: {lti_session is not None}")
 
         if lti_session and request.user.is_authenticated:
             ret['lti_session'] = lti_session
-            print(f"LTI session data: {lti_session}")
-
-            # Get the category for this LTI context via lti_platform and lti_context_id
             platform_id = lti_session.get('platform_id')
             context_id = lti_session.get('context_id')
-            print(f"Platform ID: {platform_id}, Context ID: {context_id}")
 
             if platform_id and context_id:
-                try:
+                category = Category.objects.filter(lti_platform_id=platform_id, lti_context_id=context_id).first()
-                    # Look up category by LTI platform and context
+                if category:
-                    category = Category.objects.get(lti_platform_id=platform_id, lti_context_id=context_id)
+                    has_access = request.user.has_contributor_access_to_category(category)
-                    print(f"Category found: {category.title} (uid={category.uid})")
-
-                    # Check if user has permission to upload to this category
-                    has_access = request.user.has_member_access_to_category(category)
-                    print(f"User has member access: {has_access}")
-
                     if has_access:
                         ret['lti_category_uid'] = category.uid
-                        print(f"SUCCESS: Set lti_category_uid = {category.uid}")
-                    else:
-                        print("SKIPPED: User does not have member access to category")
-                except Category.DoesNotExist:
-                    print(f"ERROR: No category found with lti_platform_id={platform_id}, lti_context_id={context_id}")
-                    pass
-            else:
-                print("SKIPPED: Missing platform_id or context_id")
-        else:
-            print("SKIPPED: No LTI session or user not authenticated")
-        print("=" * 80)
-
     return ret

uploader/views.py

@@ -10,7 +10,7 @@ from django.views import generic
 
 from files.helpers import rm_file
 from files.methods import user_allowed_to_upload
-from files.models import Media
+from files.models import Category, Media
 
 from .fineuploader import ChunkedFineUploader
 from .forms import FineUploaderUploadForm, FineUploaderUploadSuccessForm
@@ -61,51 +61,20 @@ class FineUploaderView(generic.FormView):
         else:
             self.upload.save()
             return self.make_response({"success": True})
-        # create media!
+
         media_file = os.path.join(settings.MEDIA_ROOT, self.upload.real_path)
         with open(media_file, "rb") as f:
             myfile = File(f)
             new = Media.objects.create(media_file=myfile, user=self.request.user, title=self.upload.original_filename)
 
-        # Handle LTI category assignment if publish_to_category parameter is provided
         publish_to_category = self.request.GET.get('publish_to_category', '').strip()
-        print("=" * 80)
-        print("FINE UPLOADER - CATEGORY ASSIGNMENT")
-        print(f"publish_to_category parameter: '{publish_to_category}'")
-        print(f"User: {self.request.user.username}")
-        print(f"Media created: {new.title} (friendly_token={new.friendly_token})")
 
         if publish_to_category:
-            from files.models import Category
+            category = Category.objects.filter(uid=publish_to_category).first()
-
+            if category:
-            try:
+                has_access = self.request.user.has_contributor_access_to_category(category)
-                category = Category.objects.get(uid=publish_to_category)
-                print(f"Category found: {category.title} (uid={category.uid})")
-
-                # Check if user has upload access to this category
-                has_access = self.request.user.has_member_access_to_category(category)
-                print(f"User has member access to category: {has_access}")
-
                 if has_access:
-                    print(f"Attempting to add category '{category.title}' (id={category.id}) to media...")
                     new.category.add(category)
-                    print("media.category.add() completed")
-                    # Verify it was added
-                    new.refresh_from_db()
-                    current_categories = list(new.category.all())
-                    print(f"Media categories after add: {[c.title for c in current_categories]}")
-                    if category in current_categories:
-                        print(f"SUCCESS: Added media '{new.title}' to category '{category.title}'")
-                    else:
-                        print("WARNING: Category add was called but category not in media.category.all()")
-                else:
-                    print(f"SKIPPED: User does not have member access to category '{category.title}'")
-            except Category.DoesNotExist:
-                # Category doesn't exist, silently ignore
-                print(f"ERROR: Category with uid='{publish_to_category}' does not exist")
-        else:
-            print("No publish_to_category parameter provided")
-        print("=" * 80)
 
         rm_file(media_file)
         shutil.rmtree(os.path.join(settings.MEDIA_ROOT, self.upload.file_path))

users/models.py

@@ -131,6 +131,10 @@ class User(AbstractUser):
         rbac_groups = RBACGroup.objects.filter(memberships__user=self, memberships__role__in=["member", "contributor", "manager"], categories=category)
         return rbac_groups.exists()
 
+    def has_contributor_access_to_category(self, category):
+        rbac_groups = RBACGroup.objects.filter(memberships__user=self, memberships__role__in=["contributor", "manager"], categories=category)
+        return rbac_groups.exists()
+
     def has_member_access_to_media(self, media):
         # First check if user is the owner
         if media.user == self: