def can_edit_seminar(shortname, new):
"""
INPUT:
- ``shortname`` -- the identifier of the seminar
- ``new`` -- a boolean, whether the seminar is supposedly newly created
OUTPUT:
- ``resp`` -- a response to return to the user (indicating an error) or None (editing allowed)
- ``seminar`` -- a WebSeminar object, as returned by ``seminars_lookup(shortname)``,
or ``None`` (if error or seminar does not exist)
"""
errmsgs = []
if not allowed_shortname(
shortname) or len(shortname) < 3 or len(shortname) > 32:
errmsgs.append(
format_errmsg(
"Series identifier '%s' must be 3 to 32 characters in length and can include only letters, numbers, hyphens and underscores.",
shortname))
return show_input_errors(errmsgs), None
seminar = seminars_lookup(shortname, include_deleted=True)
# Check if seminar exists
if new != (seminar is None):
if seminar is not None and seminar.deleted:
errmsgs.append(
format_errmsg(
"Identifier %s is reserved by a series that has been deleted",
shortname))
else:
if not seminar:
flash_error("No series with identifier %s exists" % shortname)
return redirect(url_for("create.index"), 302), None
else:
errmsgs.append(
format_errmsg(
"Identifier %s is already in use by another series",
shortname))
return show_input_errors(errmsgs), None
if seminar is not None and seminar.deleted:
return redirect(url_for("create.delete_seminar", shortname=shortname),
302), None
# can happen via talks, which don't check for logged in in order to support tokens
if current_user.is_anonymous:
flash_error(
"You do not have permission to edit series %s. Please create an account and contact the seminar organizers.",
shortname)
return redirect(url_for("show_seminar", shortname=shortname),
302), None
# Make sure user has permission to edit
if not new and not seminar.user_can_edit():
flash_error(
"You do not have permission to edit series %s. Please contact the seminar organizers.",
shortname)
return redirect(url_for("show_seminar", shortname=shortname),
302), None
if seminar is None:
seminar = WebSeminar(shortname, data=None, editing=True)
return None, seminar
def set_info():
errmsgs = []
data = {}
previous_email = current_user.email
for col, val in request.form.items():
try:
typ = db.users.col_type[col]
data[col] = process_user_input(val, col, typ)
except Exception as err: # should only be ValueError's but let's be cautious
errmsgs.append(format_input_errmsg(err, val, col))
if not data.get("name"):
errmsgs.append(
format_errmsg(
'Name cannot be left blank. See the user behavior section of our <a href="'
+ url_for('policies') +
'" target="_blank">policies</a> page for details.'))
if errmsgs:
return show_input_errors(errmsgs)
for k in data.keys():
setattr(current_user, k, data[k])
if current_user.save():
flask.flash(Markup("Thank you for updating your details!"))
if previous_email != current_user.email:
if send_confirmation_email(current_user.email):
flask.flash(Markup("New confirmation email has been sent!"))
return redirect(url_for(".info"))
def set_info():
homepage = request.form.get("homepage")
if homepage and not validate_url(homepage):
return show_input_errors([format_errmsg("Homepage %s is not a valid URL, it should begin with http:// or https://", homepage)])
for k, v in request.form.items():
setattr(current_user, k, v)
previous_email = current_user.email
if current_user.save():
flask.flash(Markup("Thank you for updating your details!"))
if previous_email != current_user.email:
if send_confirmation_email(current_user.email):
flask.flash(Markup("New confirmation email has been sent!"))
return redirect(url_for(".info"))
def set_info():
errmsgs = []
data = {}
previous_email = current_user.email
external_ids = []
for col, val in request.form.items():
if col == "ids":
continue
try:
# handle external id values separately, these are not named columns, they all go in external_ids
if col.endswith("_value"):
name = col.split("_")[0]
value = val.strip()
# external id values are validated against regex by the form, but the user can still click update
if value:
if not re.match(db.author_ids.lookup(name, "regex"),
value):
errmsgs.append(
format_input_errmsg(
"Invalid %s format" %
(db.author_ids.lookup(name, "display_name")),
val, name))
else:
external_ids.append(name + ":" + value)
continue
typ = db.users.col_type[col]
data[col] = process_user_input(val, col, typ)
except Exception as err: # should only be ValueError's but let's be cautious
errmsgs.append(format_input_errmsg(err, val, col))
if not data.get("name"):
errmsgs.append(
format_errmsg(
'Name cannot be left blank. See the user behavior section of our <a href="'
+ url_for('policies') +
'" target="_blank">policies</a> page for details.'))
if errmsgs:
return show_input_errors(errmsgs)
data["external_ids"] = external_ids
for k in data.keys():
setattr(current_user, k, data[k])
if current_user.save():
flask.flash(Markup("Thank you for updating your details!"))
if previous_email != current_user.email:
if send_confirmation_email(current_user.email):
flask.flash(Markup("New confirmation email has been sent!"))
return redirect(url_for(".info"))
def edit_seminar():
if request.method == "POST":
data = request.form
else:
data = request.args
shortname = data.get("shortname", "")
new = data.get("new") == "yes"
resp, seminar = can_edit_seminar(shortname, new)
if resp is not None:
return resp
if new:
subjects = clean_subjects(data.get("subjects"))
if not subjects:
return show_input_errors(
[format_errmsg("Please select at least one subject.")])
else:
seminar.subjects = subjects
seminar.is_conference = process_user_input(data.get("is_conference"),
"is_conference", "boolean",
None)
if seminar.is_conference:
seminar.frequency = 1
seminar.per_day = 4
seminar.name = data.get("name", "")
seminar.institutions = clean_institutions(data.get("institutions"))
if seminar.institutions:
seminar.timezone = db.institutions.lookup(seminar.institutions[0],
"timezone")
lock = get_lock(shortname, data.get("lock"))
title = "Create series" if new else "Edit series"
manage = "Manage" if current_user.is_organizer else "Create"
return render_template(
"edit_seminar.html",
seminar=seminar,
title=title,
section=manage,
subsection="editsem",
institutions=institutions(),
short_weekdays=short_weekdays,
timezones=timezones,
max_slots=MAX_SLOTS,
lock=lock,
)
def save_seminar_schedule():
raw_data = request.form
shortname = raw_data["shortname"]
resp, seminar = can_edit_seminar(shortname, new=False)
if resp is not None:
return resp
frequency = raw_data.get("frequency")
try:
frequency = int(frequency)
except Exception:
pass
slots = int(raw_data["slots"])
curmax = talks_max("seminar_ctr", {"seminar_id": shortname})
if curmax is None:
curmax = 0
ctr = curmax + 1
updated = 0
warned = False
errmsgs = []
tz = seminar.tz
to_save = []
for i in list(range(slots)):
seminar_ctr = raw_data.get("seminar_ctr%s" % i)
speaker = process_user_input(raw_data.get("speaker%s" % i, ""),
"speaker", "text", tz)
if not speaker:
if not warned and any(
raw_data.get("%s%s" % (col, i), "").strip()
for col in optional_cols):
warned = True
flash_warning("Talks are only saved if you specify a speaker")
elif (not warned and seminar_ctr and not any(
raw_data.get("%s%s" % (col, i), "").strip()
for col in optional_cols)):
warned = True
flash_warning(
"To delete an existing talk, click Details and then click delete on the Edit talk page"
)
continue
date = start_time = end_time = None
dateval = raw_data.get("date%s" % i).strip()
timeval = raw_data.get("time%s" % i).strip()
if dateval and timeval:
try:
date = process_user_input(dateval, "date", "date", tz)
except Exception as err: # should only be ValueError's but let's be cautious
errmsgs.append(format_input_errmsg(err, dateval, "date"))
if date:
try:
interval = process_user_input(timeval, "time", "daytimes",
tz)
start_time, end_time = date_and_daytimes_to_times(
date, interval, tz)
except Exception as err: # should only be ValueError's but let's be cautious
errmsgs.append(format_input_errmsg(err, timeval, "time"))
if not date or not start_time or not end_time:
errmsgs.append(
format_errmsg(
"You must specify a date and time for the talk by %s",
speaker))
# we need to flag date and time errors before we go any further
if errmsgs:
return show_input_errors(errmsgs)
if daytimes_early(interval):
flash_warning(
"Talk for speaker %s includes early AM hours, please correct if this is not intended (use 24-hour time format).",
speaker,
)
elif daytimes_long(interval) > 8 * 60:
flash_warning(
"Time s %s is longer than 8 hours, please correct if this is not intended.",
speaker),
if seminar_ctr:
# existing talk
seminar_ctr = int(seminar_ctr)
talk = WebTalk(shortname, seminar_ctr, seminar=seminar)
else:
# new talk
talk = WebTalk(shortname, seminar=seminar, editing=True)
data = dict(talk.__dict__)
data["speaker"] = speaker
data["start_time"] = start_time
data["end_time"] = end_time
for col in optional_cols:
typ = db.talks.col_type[col]
try:
val = raw_data.get("%s%s" % (col, i), "")
data[
col] = None # make sure col is present even if process_user_input fails
data[col] = process_user_input(val, col, typ, tz)
except Exception as err:
errmsgs.append(format_input_errmsg(err, val, col))
# Don't try to create new_version using invalid input
if errmsgs:
return show_input_errors(errmsgs)
if seminar_ctr:
new_version = WebTalk(talk.seminar_id, data=data)
if new_version != talk:
updated += 1
to_save.append(
new_version) # defer save in case of errors on other talks
else:
data["seminar_ctr"] = ctr
ctr += 1
new_version = WebTalk(talk.seminar_id, data=data)
to_save.append(
new_version) # defer save in case of errors on other talks
for newver in to_save:
newver.save()
if raw_data.get("detailctr"):
return redirect(
url_for(
".edit_talk",
seminar_id=shortname,
seminar_ctr=int(raw_data.get("detailctr")),
),
302,
)
else:
flash("%s talks updated, %s talks created" %
(updated, ctr - curmax - 1))
if warned:
return redirect(url_for(".edit_seminar_schedule", **raw_data), 302)
else:
return redirect(
url_for(
".edit_seminar_schedule",
shortname=shortname,
begin=raw_data.get("begin"),
end=raw_data.get("end"),
frequency=raw_data.get("frequency"),
weekday=raw_data.get("weekday"),
),
302,
)
def save_talk():
raw_data = request.form
token = raw_data.get("token", "")
resp, talk = can_edit_talk(raw_data.get("seminar_id", ""),
raw_data.get("seminar_ctr", ""), token)
if resp is not None:
return resp
errmsgs = []
data = {
"seminar_id": talk.seminar_id,
"token": talk.token,
"display": talk.display, # could be being edited by anonymous user
}
if talk.new:
curmax = talks_max("seminar_ctr", {"seminar_id": talk.seminar_id},
include_deleted=True)
if curmax is None:
curmax = 0
data["seminar_ctr"] = curmax + 1
else:
data["seminar_ctr"] = talk.seminar_ctr
default_tz = talk.seminar.timezone
if not default_tz:
default_tz = "UTC"
data["timezone"] = tz = raw_data.get("timezone", default_tz)
tz = pytz.timezone(tz)
for col in db.talks.search_cols:
if col in data:
continue
typ = db.talks.col_type[col]
try:
val = raw_data.get(col, "")
data[
col] = None # make sure col is present even if process_user_input fails
data[col] = process_user_input(val, col, typ, tz)
if col == "access" and data[col] not in [
"open", "users", "endorsed"
]:
errmsgs.append(
format_errmsg("Access type %s invalid", data[col]))
except Exception as err: # should only be ValueError's but let's be cautious
errmsgs.append(format_input_errmsg(err, val, col))
if not data["speaker"]:
errmsgs.append(
"Speaker name cannot be blank -- use TBA if speaker not chosen.")
if data["start_time"] is None or data["end_time"] is None:
errmsgs.append("Talks must have both a start and end time.")
data["topics"] = clean_topics(data.get("topics"))
data["language"] = clean_language(data.get("language"))
data["subjects"] = clean_subjects(data.get("subjects"))
if not data["subjects"]:
errmsgs.append("Please select at least one subject")
# Don't try to create new_version using invalid input
if errmsgs:
return show_input_errors(errmsgs)
else: # to make it obvious that these two statements should be together
new_version = WebTalk(talk.seminar_id, data=data)
# Warnings
sanity_check_times(new_version.start_time, new_version.end_time)
if "zoom" in data["video_link"] and not "rec" in data["video_link"]:
flash_warning(
"Recorded video link should not be used for Zoom meeting links; be sure to use Livestream link for meeting links."
)
if not data["topics"]:
flash_warning(
"This talk has no topics, and thus will only be visible to users when they disable their topics filter."
)
if new_version == talk:
flash("No changes made to talk.")
else:
new_version.save()
edittype = "created" if talk.new else "edited"
flash("Talk successfully %s!" % edittype)
edit_kwds = dict(seminar_id=new_version.seminar_id,
seminar_ctr=new_version.seminar_ctr)
if token:
edit_kwds["token"] = token
else:
edit_kwds.pop("token", None)
return redirect(url_for(".edit_talk", **edit_kwds), 302)
def save_institution():
raw_data = request.form
shortname = raw_data["shortname"]
new = raw_data.get("new") == "yes"
resp, institution = can_edit_institution(shortname, new)
if resp is not None:
return resp
data = {}
data["timezone"] = tz = raw_data.get("timezone", "UTC")
tz = pytz.timezone(tz)
errmsgs = []
for col in db.institutions.search_cols:
if col in data:
continue
typ = db.institutions.col_type[col]
try:
val = raw_data.get(col, "")
data[
col] = None # make sure col is present even if process_user_input fails
data[col] = process_user_input(val, col, typ, tz)
if col == "admin":
userdata = userdb.lookup(data[col])
if userdata is None:
if not data[col]:
errmsgs.append(
"You must specify the email address of the maintainer."
)
continue
else:
errmsgs.append(
format_errmsg(
"User %s does not have an account on this site",
data[col]))
continue
elif not userdata["creator"]:
errmsgs.append(
format_errmsg("User %s has not been endorsed",
data[col]))
continue
if not userdata["homepage"]:
if current_user.email == userdata["email"]:
flash_warning(
"Your email address will become public if you do not set your homepage in your user profile."
)
else:
flash_warning(
"The email address %s of maintainer %s will be publicly visible.<br>%s",
userdata["email"],
userdata["name"],
"The homepage on the maintainer's user account should be set prevent this.",
)
except Exception as err: # should only be ValueError's but let's be cautious
errmsgs.append(format_input_errmsg(err, val, col))
if not data["name"]:
errmsgs.append("Institution name cannot be blank.")
if not errmsgs and not data["homepage"]:
errmsgs.append("Institution homepage cannot be blank.")
# Don't try to create new_version using invalid input
if errmsgs:
return show_input_errors(errmsgs)
new_version = WebInstitution(shortname, data=data)
if new_version == institution:
flash("No changes made to institution.")
else:
new_version.save()
edittype = "created" if new else "edited"
flash("Institution %s successfully!" % edittype)
return redirect(url_for(".edit_institution", shortname=shortname), 302)
def save_seminar():
raw_data = request.form
shortname = raw_data["shortname"]
new = raw_data.get("new") == "yes"
resp, seminar = can_edit_seminar(shortname, new)
if resp is not None:
return resp
errmsgs = []
if seminar.new:
data = {
"shortname": shortname,
"display": current_user.is_creator,
"owner": current_user.email,
}
else:
data = {
"shortname": shortname,
"display": seminar.display,
"owner": seminar.owner,
}
# Have to get time zone first
data["timezone"] = tz = raw_data.get("timezone")
tz = pytz.timezone(tz)
for col in db.seminars.search_cols:
if col in data:
continue
typ = db.seminars.col_type[col]
### Hack to be removed ###
if col.endswith("time") and typ == "timestamp with time zone":
typ = "time"
try:
val = raw_data.get(col, "")
data[
col] = None # make sure col is present even if process_user_input fails
data[col] = process_user_input(val, col, typ, tz)
except Exception as err: # should only be ValueError's but let's be cautious
errmsgs.append(format_input_errmsg(err, val, col))
if not data["name"]:
errmsgs.append("The name cannot be blank")
if data["is_conference"] and data["start_date"] and data[
"end_date"] and data["end_date"] < data["start_date"]:
errmsgs.append("End date cannot precede start date")
if data["per_day"] is not None and data["per_day"] < 1:
errmsgs.append(
format_input_errmsg("integer must be positive", data["per_day"],
"per_day"))
if data["is_conference"] and (not data["start_date"]
or not data["end_date"]):
errmsgs.append(
"Please specify the start and end dates of your conference (you can change these later if needed)."
)
if data["is_conference"] and not data["per_day"]:
flash_warning(
"It will be easier to edit the conference schedule if you specify talks per day (an upper bound is fine)."
)
data["institutions"] = clean_institutions(data.get("institutions"))
data["topics"] = clean_topics(data.get("topics"))
data["language"] = clean_language(data.get("language"))
data["subjects"] = clean_subjects(data.get("subjects"))
if not data["subjects"]:
errmsgs.append(format_errmsg("Please select at least one subject."))
if not data["timezone"] and data["institutions"]:
# Set time zone from institution
data["timezone"] = WebInstitution(data["institutions"][0]).timezone
data["weekdays"] = []
data["time_slots"] = []
for i in range(MAX_SLOTS):
weekday = daytimes = None
try:
col = "weekday" + str(i)
val = raw_data.get(col, "")
weekday = process_user_input(val, col, "weekday_number", tz)
col = "time_slot" + str(i)
val = raw_data.get(col, "")
daytimes = process_user_input(val, col, "daytimes", tz)
except Exception as err: # should only be ValueError's but let's be cautious
errmsgs.append(format_input_errmsg(err, val, col))
if weekday is not None and daytimes is not None:
data["weekdays"].append(weekday)
data["time_slots"].append(daytimes)
if daytimes_early(daytimes):
flash_warning(
"Time slot %s includes early AM hours, please correct if this is not intended (use 24-hour time format).",
daytimes,
)
elif daytimes_long(daytimes):
flash_warning(
"Time slot %s is longer than 8 hours, please correct if this is not intended.",
daytimes,
)
if data["frequency"] and not data["weekdays"]:
errmsgs.append(
'You must specify at least one time slot (or set periodicty to "no fixed schedule").'
)
if len(data["weekdays"]) > 1:
x = sorted(
list(zip(data["weekdays"], data["time_slots"])),
key=lambda t: t[0] * 24 * 60 + daytime_minutes(t[1].split("-")[0]),
)
data["weekdays"], data["time_slots"] = [t[0]
for t in x], [t[1] for t in x]
organizer_data = []
contact_count = 0
for i in range(10):
D = {"seminar_id": seminar.shortname}
for col in db.seminar_organizers.search_cols:
if col in D:
continue
name = "org_%s%s" % (col, i)
typ = db.seminar_organizers.col_type[col]
try:
val = raw_data.get(name, "")
D[col] = None # make sure col is present even if process_user_input fails
D[col] = process_user_input(val, col, typ, tz)
except Exception as err: # should only be ValueError's but let's be cautious
errmsgs.append(format_input_errmsg(err, val, col))
if D["homepage"] or D["email"] or D["full_name"]:
if not D["full_name"]:
errmsgs.append(
format_errmsg("Organizer name cannot be left blank"))
D["order"] = len(organizer_data)
# WARNING the header on the template says organizer
# but it sets the database column curator, so the
# boolean needs to be inverted
D["curator"] = not D["curator"]
if not errmsgs and D["display"] and D[
"email"] and not D["homepage"]:
flash_warning(
"The email address %s of organizer %s will be publicly visible.<br>%s",
D["email"],
D["full_name"],
"Set homepage or disable display to prevent this.",
),
if D["email"]:
r = db.users.lookup(D["email"])
if r and r["email_confirmed"]:
if D["full_name"] != r["name"]:
errmsgs.append(
format_errmsg(
"Organizer name %s does not match the name %s of the account with email address %s",
D["full_name"],
r["name"],
D["email"],
))
else:
if D["homepage"] and r[
"homepage"] and D["homepage"] != r["homepage"]:
flash_warning(
"The homepage %s does not match the homepage %s of the account with email address %s, please correct if unintended.",
D["homepage"],
r["homepage"],
D["email"],
)
if D["display"]:
contact_count += 1
organizer_data.append(D)
if contact_count == 0:
errmsgs.append(
format_errmsg(
"There must be at least one displayed organizer or curator with a %s so that there is a contact for this listing.<br>%s<br>%s",
"confirmed email",
"This email will not be visible if homepage is set or display is not checked, it is used only to identify the organizer's account.",
"If none of the organizers has a confirmed account, add yourself and leave the organizer box unchecked.",
))
# Don't try to create new_version using invalid input
if errmsgs:
return show_input_errors(errmsgs)
else: # to make it obvious that these two statements should be together
new_version = WebSeminar(shortname,
data=data,
organizer_data=organizer_data)
# Warnings
sanity_check_times(new_version.start_time, new_version.end_time)
if not data["topics"]:
flash_warning(
"This series has no topics selected; don't forget to set the topics for each new talk individually."
)
if seminar.new or new_version != seminar:
new_version.save()
edittype = "created" if new else "edited"
flash("Series %s successfully!" % edittype)
elif seminar.organizer_data == new_version.organizer_data:
flash("No changes made to series.")
if seminar.new or seminar.organizer_data != new_version.organizer_data:
new_version.save_organizers()
if not seminar.new:
flash("Series organizers updated!")
return redirect(url_for(".edit_seminar", shortname=shortname), 302)
