def delete(self, id):
c.attachment = FundingAttachment.find_by_id(id)
c.funding = Funding.find_by_id(c.attachment.funding_id)
if not (h.auth.authorized(h.auth.has_organiser_role) or c.funding.person == h.signed_in_person()):
# Raise a no_auth error
h.auth.no_role()
return render('/funding_attachment/confirm_delete.mako')
def delete(self, id):
c.attachment = FundingAttachment.find_by_id(id)
c.funding = Funding.find_by_id(c.attachment.funding_id)
if not (h.auth.authorized(h.auth.has_organiser_role)
or c.funding.person == h.signed_in_person()):
# Raise a no_auth error
h.auth.no_role()
return render('/funding_attachment/confirm_delete.mako')
def _new(self):
if c.funding_status == 'closed':
return render("funding/closed.mako")
elif c.funding_status == 'not_open':
return render("funding/not_open.mako")
if self.form_result['funding']['male'] == 1:
self.form_result['funding']['male'] = True
elif self.form_result['funding']['male'] == 0:
self.form_result['funding']['male'] = False
funding_results = self.form_result['funding']
attachment_results1 = self.form_result['attachment1']
attachment_results2 = self.form_result['attachment2']
c.person = h.signed_in_person()
c.funding = Funding(**funding_results)
c.funding.status = FundingStatus.find_by_name('Pending')
c.funding.person = c.person
if not c.funding.type.available():
return render("funding/type_unavailable.mako")
meta.Session.add(c.funding)
if attachment_results1 is not None:
attachment = FundingAttachment(**attachment_results1)
c.funding.attachments.append(attachment)
meta.Session.add(attachment)
if attachment_results2 is not None:
attachment = FundingAttachment(**attachment_results2)
c.funding.attachments.append(attachment)
meta.Session.add(attachment)
meta.Session.commit()
email(c.funding.person.email_address,
render('funding/thankyou_email.mako'))
h.flash("Funding submitted!")
return redirect_to(controller='funding', action="index", id=None)
def _delete(self, id):
c.attachment = FundingAttachment.find_by_id(id)
funding = Funding.find_by_id(c.attachment.funding_id)
if not (h.auth.authorized(h.auth.has_organiser_role) or funding.person == h.signed_in_person()):
# Raise a no_auth error
h.auth.no_role()
meta.Session.delete(c.attachment)
meta.Session.commit()
h.flash("Attachment Deleted")
redirect_to(controller='funding', action='view', id=funding.id)
def _delete(self, id):
c.attachment = FundingAttachment.find_by_id(id)
funding = Funding.find_by_id(c.attachment.funding_id)
if not (h.auth.authorized(h.auth.has_organiser_role)
or funding.person == h.signed_in_person()):
# Raise a no_auth error
h.auth.no_role()
meta.Session.delete(c.attachment)
meta.Session.commit()
h.flash("Attachment Deleted")
redirect_to(controller='funding', action='view', id=funding.id)
def view(self, id):
attachment = FundingAttachment.find_by_id(id)
funding = Funding.find_by_id(attachment.funding_id)
if not h.auth.authorized(h.auth.Or(h.auth.is_same_zookeepr_funding_submitter(funding.id), h.auth.has_organiser_role, h.auth.has_funding_reviewer_role)):
# Raise a no_auth error
h.auth.no_role()
response.headers['content-type'] = attachment.content_type
response.headers.add('content-transfer-encoding', 'binary')
response.headers.add('content-length', len(attachment.content))
response.headers['content-disposition'] = 'attachment; filename="%s";' % attachment.filename
response.headers.add('Pragma', 'cache')
response.headers.add('Cache-Control', 'max-age=3600,public')
return attachment.content
def view(self, id):
attachment = FundingAttachment.find_by_id(id)
funding = Funding.find_by_id(attachment.funding_id)
if not h.auth.authorized(
h.auth.Or(
h.auth.is_same_zookeepr_funding_submitter(
funding.id), h.auth.has_organiser_role,
h.auth.has_funding_reviewer_role)):
# Raise a no_auth error
h.auth.no_role()
response.headers['content-type'] = attachment.content_type
response.headers.add('content-transfer-encoding', 'binary')
response.headers.add('content-length', len(attachment.content))
response.headers[
'content-disposition'] = 'attachment; filename="%s";' % attachment.filename
response.headers.add('Pragma', 'cache')
response.headers.add('Cache-Control', 'max-age=3600,public')
return attachment.content
def _attach(self, id):
"""Attach a file to the funding.
"""
# We need to recheck auth in here so we can pass in the id
if not h.auth.authorized(
h.auth.Or(h.auth.is_same_zookeepr_funding_submitter(id),
h.auth.has_organiser_role)):
# Raise a no_auth error
h.auth.no_role()
c.funding = Funding.find_by_id(id)
attachment_results = self.form_result['attachment']
attachment = FundingAttachment(**attachment_results)
c.funding.attachments.append(attachment)
meta.Session.commit()
h.flash("File was attached")
return redirect_to(action='view', id=id)
