def view(folder_id=None):
form = QueryTagForm()
folder = None
if folder_id:
folder = Folder.query.filter_by(id=folder_id).first()
if folder.user_id != current_user.get_user().id:
return abort(404)
photos = None
folders = get_folders()
if form.validate_on_submit():
tags = form.query.data.split(",")
photos = []
photo_ids = set()
for tag in tags:
for photo in get_tagged_photos(tag):
if not photo[0].id in photo_ids:
if not folder or FolderPhoto.query.filter_by(folder_id=folder_id, photo_id=photo[0].id).first():
photos.append(photo[0])
photo_ids.add(photo[0].id)
else:
if folder:
photos = get_photos(folder)
else:
photos = Photo.query.filter_by(user_id=current_user.get_user().id).all()
return render_template("photo/view.html", photos=photos, form=form, folders=folders, folder=folder)
def post(self, task, database, table, job, ended_at):
"""
add new records from task
"""
if job['type'] != TaskType.POPULATING:
abort(406, message='Task type is invalid')
if not current_user.role_is(
(UserRole.ADMIN, UserRole.DATA_MANAGER, UserRole.DATA_FILLER)):
abort(403,
message=
'User access deny. You do not have permission to database')
entity = Loader.get_database(database)[table == 'REACTION']
res = []
for s in job['structures']:
if s['status'] != StructureStatus.CLEAR or s[
'type'] != StructureType[table]:
continue
data = marshal(s, RecordStructureFields.resource_fields)
structure = data.pop('data')
in_db = entity.find_structure(structure)
if not in_db:
in_db = entity(structure, current_user.get_user())
res.append(in_db.add_metadata(data, current_user.get_user()))
flush()
return res, 201
def perform_delete(photo_id):
photo = Photo.query.filter_by(id=photo_id).first()
if photo.user_id != current_user.get_user().id:
return abort(404)
else:
delete_photo(photo)
return redirect(url_for("photos.view"))
def post(self, task, job, ended_at):
"""
Store in database modeled task
only modeled tasks can be saved.
failed models in structures skipped.
"""
if job['type'] != TaskType.MODELING:
abort(
406,
message='task type is invalid. only modeling tasks acceptable')
if Task.exists(task=task):
abort(409, message='task already exists in db')
data = marshal(job['structures'],
TaskStructureResponseFields.resource_fields)
Task(data,
type=job['type'],
date=ended_at,
user=current_user.get_user(),
task=task)
return dict(task=task,
status=TaskStatus.PROCESSED,
date=ended_at,
type=job['type'],
user=current_user), 201
def get(self, profile_id):
if profile_id == 'me':
return g.Profile.objects.filter(user=current_user.get_user()).first()
else:
if not current_user.is_admin():
return abort(401)
return g.Profile.objects.with_id(profile_id)
def put(self, profile_id):
if profile_id != 'me' and not current_user.is_admin():
return abort(401)
if profile_id == 'me':
profile = g.Profile.objects.filter(user=current_user.get_user()).first()
else:
profile = g.Profile.objects.with_id(profile_id)
parser = reqparse.RequestParser()
parser.add_argument('facebook_id', type=unicode, store_missing=False)
parser.add_argument('twitter_id', type=unicode, store_missing=False)
parser.add_argument('biography', type=unicode, store_missing=False)
parser.add_argument('birthday', type=unicode, store_missing=False)
args = parser.parse_args()
for field in ['facebook_id', 'twitter_id']:
if field in args.keys():
setattr(profile, field, args[field])
if 'biography' in args.keys():
profile.biography = bleach.clean(args['biography'], tags=ALLOWED_TAGS, styles=ALLOWED_STYLES, attributes=ALLOWED_ATTRIBUTES)
if 'birthday' in args.keys():
profile.birthday = arrow.get(args['birthday']).naive
profile.save()
return profile
def confirm_delete(folder_id):
folder = Folder.query.filter_by(id=folder_id).first()
if folder.user_id != current_user.get_user().id:
return abort(404)
else:
return render_template("folder/confirm_delete.html", folder=folder)
def get(self, page=None):
"""
Get current user's saved tasks
"""
q = Task.select(lambda x: x.user == current_user.get_user())
if page is not None:
q = q.page(page, pagesize=RESULTS_PER_PAGE)
return list(q)
def perform_delete(folder_id):
folder = Folder.query.filter_by(id=folder_id).first()
if folder.user_id != current_user.get_user().id:
return abort(404)
else:
delete_folder(folder)
return redirect(url_for("photos.view"))
def add_post():
banner_name, file_name = combo_save(active_form.banner_field, active_form.attachment)
p = Email(from_name=active_form.from_name.data, reply_name=active_form.reply_name.data,
reply_mail=active_form.reply_mail.data, meeting=active_form.meeting_id.data,
type=active_form.type, author=current_user.get_user(),
title=active_form.title.data, slug=active_form.slug.data,
body=active_form.body.data, banner=banner_name, attachments=file_name)
commit()
return p.id
def post(self, task, database, table, metadata, job, ended_at):
"""
update record from task.
"""
if job['type'] != TaskType.POPULATING:
abort(406, message='Task type is invalid')
s = job['structures'][0]
if s['status'] != StructureStatus.CLEAR or s['type'] != StructureType[
table]:
abort(400, message='task structure has errors or invalid type')
data = marshal(s, RecordStructureFields.resource_fields)
structure = data.pop('data')
meta = self.__get_record(database, table, metadata)
in_db = Loader.get_database(database)[
table == 'REACTION'].find_structure(structure)
if in_db:
if in_db != meta.structure:
abort(
400,
message=
'record structure conflict. db already has this structure. use add_record method'
)
else:
if table == 'MOLECULE':
try:
meta.structure.new_structure(structure,
current_user.get_user())
except AssertionError as e:
abort(400,
message='task structure has errors: {}'.format(e))
else:
meta.structure.update_structure(structure,
current_user.get_user())
flush()
# update metadata
meta.data = data
meta.user_id = current_user.id
return meta, 201
def Account():
# Display all of the current user's playlists from both public and private on their account page
username = current_user.get_user()
cur = conn.cursor()
cur.execute("SELECT * FROM PublicPlaylist WHERE userid=%s", current_user.get_id())
public=cur.fetchall()
cur.execute("SELECT * FROM PrivatePlaylist WHERE userid=%s", current_user.get_id())
private=cur.fetchall()
cur.close()
return render_template('account.html', title='Account', username=username, public=public, private=private)
def get_tagged_photos(tag_name, user_id=None):
db = get_database()
if user_id == None:
user_id = current_user.get_user().id
tag_name = tag_name.strip().lower()
return (db.session.query(Photo, PhotoTag, Tag).filter(
Tag.tag == tag_name).filter(PhotoTag.tag_id == Tag.id).filter(
PhotoTag.photo_id == Photo.id).all())
def get_photo(photo_id, user_id=None):
"""
Gets an existing photo.
Returns None if the photo_id does not belong to user_id.
If user_is not provided, defaults to the currently logged
in user.
"""
if user_id == None:
user_id = current_user.get_user().id
return Photo.query.filter_by(id=photo_id, user_id=user_id).first()
def download(file, name):
a = Attachment.get(file=file)
if a and a.post.classtype != 'Thesis' or current_user.is_authenticated and \
(current_user.role_is(UserRole.ADMIN) or
current_user.role_is(UserRole.SECRETARY) or
a.post.author == current_user.get_user()):
resp = make_response()
resp.headers['X-Accel-Redirect'] = '/file/%s' % file
resp.headers['Content-Description'] = 'File Transfer'
resp.headers['Content-Transfer-Encoding'] = 'binary'
resp.headers['Content-Disposition'] = 'attachment; filename=%s' % name
resp.headers['Content-Type'] = 'application/octet-stream'
return resp
abort(404)
def update():
session.close()
email = request.form.get('email')
name = request.form.get('name')
password = request.form.get('password')
about = request.form.get('about')
password_hash = generate_password_hash(password)
print(password_hash)
account = Table('users', metadata, autoload=True)
user = current_user.get_user()
engine.execute(account.update().where(account.c.userid == user.userid),
email=email,
fullname=name,
password=password_hash,
about=about)
return redirect(url_for('profile'))
def password():
form = ChangePasswordForm()
if form.validate_on_submit():
user = current_user.get_user()
if user and check_password_hash(user.password_hash,
form.current_password.data):
user.password_hash = generate_password_hash(form.new_password.data)
db = get_database()
db.session.add(user)
db.session.commit()
flash("You password was updated.")
else:
flash("Current password wrong.")
return render_template("admin/home/password.html", form=form)
def create_photo(name, user_id=None):
"""
Create a photo without any file data with the given name.
The photo is assigned to the currently logged in user
if user_id is not specified.
"""
if user_id == None:
user_id = current_user.get_user().id
db = get_database()
photo = Photo(name=name, user_id=user_id)
db.session.add(photo)
db.session.flush()
return photo
def get_photo_path(photo_id, user_id=None):
"""
Gets the path (filename) of an existing photo.
Returns None if the photo_id does not belong to user_id.
If user_is not provided, defaults to the currently logged
in user.
"""
if user_id == None:
user_id = current_user.get_user().id
photo = Photo.query.filter_by(id=photo_id, user_id=user_id).first()
if photo:
path = os.path.join(current_app.instance_path, photo.url)
return path
return None
def change_password():
data = request.get_json()
email = data.get('email')
current_pass = data.get('current_pass')
new_pass = data.get('new_pass')
error_message = ""
if email != current_user.email:
error_message += "<p>User <b>{}</b> does not have permissions to change password for <b>{}</b></p>".format(
email, email)
user = current_user.get_user(email, current_pass)
if user is None:
error_message += "<p>Incorrect password</p>"
if error_message != "":
return make_response({'status': 'error', 'error_message': error_message}, 500)
user.change_password(new_pass)
return make_response({'status': 'success'}, 200)
def delete(self, profile_id):
if profile_id != 'me' and not current_user.is_admin():
return abort(401)
if profile_id == 'me':
profile = g.Profile.objects.filter(user=current_user.get_user()).first()
else:
profile = g.Profile.objects.with_id(profile_id)
photo_url = profile.photo
profile.photo = 'https://secure.gravatar.com/avatar/' + md5(profile.user.email).hexdigest() + '?d=identicon&s=200'
profile.save()
if 'https://' + current_app.config['AWS_S3_BUCKET'] + '.s3.amazonaws.com/profiles/' in photo_url:
bucket = s3conn.get_bucket(current_app.config['AWS_S3_BUCKET'])
key = bucket.get_key(g.tenant + '/profiles/' + str(profile.id))
key.delete()
return '', 204
def add_post():
banner_name, file_name = combo_save(active_form.banner_field,
active_form.attachment)
p = Meeting(
meeting=active_form.meeting_id.data,
deadline=active_form.deadline.data,
poster_deadline=active_form.poster_deadline.data,
participation_types=active_form.participation_types,
thesis_types=active_form.thesis_types,
order=active_form.order.data,
type=active_form.type,
author=current_user.get_user(),
title=active_form.title.data,
slug=active_form.slug.data,
body_name=active_form.body_name.data,
body=active_form.body.data,
banner=banner_name,
attachments=file_name)
commit()
return p.id
def single_view(photo_id):
tagForm = AddTagForm(prefix="tag")
folderForm = SetFolderForm(prefix="folder")
photo = Photo.query.filter_by(id=photo_id).first()
folders = get_folders()
folderForm.folder.choices = [(str(f.id), f.name) for f in folders]
if photo.user_id != current_user.get_user().id:
abort(404)
else:
if tagForm.add_button.data and tagForm.validate_on_submit():
tag_photo(photo_id, tagForm.tag.data)
flash("Added Tag")
if folderForm.add_button.data and folderForm.validate_on_submit():
folder = Folder.query.filter_by(id=int(folderForm.folder.data)).first()
add_photo_to_folder(photo, folder)
flash("Added Folder")
return render_template("photo/view_single.html", photo=photo, tagForm=tagForm, folderForm=folderForm, folders=folders)
def post(self, profile_id):
if profile_id != 'me' and not current_user.is_admin():
return abort(401)
if profile_id == 'me':
profile = g.Profile.objects.filter(user=current_user.get_user()).first()
else:
profile = g.Profile.objects.with_id(profile_id)
parser = reqparse.RequestParser()
parser.add_argument('photo', type=werkzeug.datastructures.FileStorage, location='files')
args = parser.parse_args()
bucket = s3conn.get_bucket(current_app.config['AWS_S3_BUCKET'])
key = Key(bucket)
key.key = g.tenant + '/profiles/' + str(profile.id)
key.content_type = args['photo'].mimetype
key.set_contents_from_file(args['photo'].stream)
key.make_public()
profile.photo = 'https://' + current_app.config['AWS_S3_BUCKET'] + '.s3.amazonaws.com/ ' + g.tenant + '/profiles/' + str(profile.id)
profile.save()
return profile
def dispatch_request(self, page=1):
q = select(x.meeting for x in Subscription
if x.user == current_user.get_user()).order_by(
Meeting.id.desc())
return blog_viewer(page, q, '.events', 'Events', 'Participation')
def profile():
user = current_user.get_user()
return render_template("profile.html", current_user=user)
def dispatch_request(self, page=1):
q = select(x for x in Thesis
if x.author == current_user.get_user()).order_by(
Thesis.id.desc())
return blog_viewer(page, q, '.theses', 'Events', 'Abstracts')
def dispatch_request(self, post):
admin = current_user.is_authenticated and current_user.role_is(
UserRole.ADMIN)
edit_post = None
remove_post_form = None
special_form = None
special_field = None
children = []
title = None
info = None
p = Post.get(id=post)
if not p:
return redirect(url_for('.blog'))
opened_by_author = current_user.is_authenticated and p.author.id == current_user.id
downloadable = admin or p.classtype != 'Thesis' or opened_by_author
deletable = admin or p.classtype == 'Thesis' and opened_by_author and p.meeting.deadline > datetime.utcnow(
)
""" admin page
"""
if admin:
remove_post_form = DeleteButtonForm(prefix='delete')
if p.classtype == 'BlogPost':
edit_post = PostForm(obj=p)
elif p.classtype == 'Meeting':
edit_post = MeetingForm(obj=p)
elif p.classtype == 'Thesis':
edit_post = ThesisForm(obj=p)
elif p.classtype == 'Email':
edit_post = EmailForm(obj=p)
elif p.classtype == 'TeamPost':
edit_post = TeamForm(obj=p)
else: # BAD POST
return redirect(url_for('.blog'))
if remove_post_form.validate_on_submit():
p.delete()
return remove_post_form.redirect('.blog')
elif edit_post.validate_on_submit():
p.body = edit_post.body.data
p.title = edit_post.title.data
p.date = datetime.utcnow()
if hasattr(edit_post, 'slug') and edit_post.slug.data:
p.slug = edit_post.slug.data
if edit_post.banner_field.data:
p.banner = save_upload(edit_post.banner_field.data,
images=True)
if edit_post.attachment.data:
p.add_attachment(*save_upload(edit_post.attachment.data))
if hasattr(p, 'update_type'):
try:
p.update_type(edit_post.type)
if p.classtype == 'Thesis':
sub = Subscription.get(user=p.author,
meeting=p.meeting)
sub.update_type(edit_post.type.participation_type)
except Exception as e:
edit_post.post_type.errors = [str(e)]
if hasattr(p, 'update_meeting') and p.can_update_meeting(
) and edit_post.meeting_id.data:
p.update_meeting(edit_post.meeting_id.data)
if hasattr(p, 'update_order') and edit_post.order.data:
p.update_order(edit_post.order.data)
if hasattr(p, 'update_role'):
p.update_role(edit_post.role.data)
if hasattr(p, 'update_scopus'):
p.update_scopus(edit_post.scopus.data)
if hasattr(p, 'update_from_name'):
p.update_from_name(edit_post.from_name.data)
if hasattr(p, 'update_reply_name'):
p.update_reply_name(edit_post.reply_name.data)
if hasattr(p, 'update_reply_mail'):
p.update_reply_mail(edit_post.reply_mail.data)
if hasattr(p, 'update_body_name'):
p.update_body_name(edit_post.body_name.data)
if hasattr(p, 'update_deadline') and edit_post.deadline.data:
p.update_deadline(edit_post.deadline.data)
if hasattr(p, 'update_poster_deadline'
) and edit_post.poster_deadline.data:
p.update_poster_deadline(edit_post.poster_deadline.data)
if hasattr(p, 'update_participation_types'
) and edit_post.participation_types:
p.update_participation_types(edit_post.participation_types)
if hasattr(p,
'update_thesis_types') and edit_post.thesis_types:
p.update_thesis_types(edit_post.thesis_types)
""" Meetings sidebar and title
"""
if p.classtype == 'Meeting':
title = p.meeting.title
children.append(
dict(title='Event main page',
url=url_for('.blog_post', post=p.meeting_id)))
children.extend(
dict(title=x.title, url=url_for('.blog_post', post=x.id))
for x in p.meeting.children.filter(
lambda x: x.classtype == 'Meeting').order_by(
lambda x: x.special['order']))
children.append(
dict(title='Participants',
url=url_for('.participants', event=p.meeting_id)))
children.append(
dict(title='Abstracts',
url=url_for('.abstracts', event=p.meeting_id)))
if p.type != MeetingPostType.MEETING:
crumb = dict(url=url_for('.blog_post', post=p.meeting_id),
title=p.title,
parent='Event main page')
if current_user.is_authenticated and p.type == MeetingPostType.REGISTRATION \
and p.deadline > datetime.utcnow():
sub = Subscription.get(user=current_user.get_user(),
meeting=p.meeting)
special_form = MeetForm(
prefix='special',
obj=sub,
types=p.meeting.participation_types)
if special_form.validate_on_submit():
thesis = Thesis.get(post_parent=p.meeting,
author=current_user.get_user())
if sub:
if special_form.type == MeetingPartType.LISTENER and thesis:
special_form.part_type.errors = [
'Listener participation type unavailable. '
'You sent thesis earlier.'
]
flash('Participation type change error',
'error')
else:
sub.update_type(special_form.type)
thesis_type = ThesisPostType.thesis_types(
special_form.type)[-1]
if thesis and thesis.type != thesis_type:
thesis.update_type(thesis_type)
flash('Thesis type changed! Check it.')
flash('Participation type changed!')
else:
Subscription(current_user.get_user(), p.meeting,
special_form.type)
flash('Welcome to meeting!')
m = Email.get(
post_parent=p.meeting,
post_type=EmailPostType.MEETING_THESIS.value)
send_mail((m and m.body
or '%s\n\nYou registered to meeting') %
current_user.full_name,
current_user.email,
to_name=current_user.full_name,
title=m and m.title,
subject=m and m.title
or 'Welcome to meeting',
banner=m and m.banner,
from_name=m and m.from_name,
reply_mail=m and m.reply_mail,
reply_name=m and m.reply_name)
elif current_user.is_authenticated and p.type == MeetingPostType.SUBMISSION \
and p.poster_deadline > datetime.utcnow():
sub = Subscription.get(user=current_user.get_user(),
meeting=p.meeting)
if sub and sub.type != MeetingPartType.LISTENER and \
not Thesis.exists(post_parent=p.meeting, author=current_user.get_user()):
thesis_types = p.meeting.thesis_types
special_form = ThesisForm(
prefix='special',
body_name=p.body_name,
types=[
x
for x in ThesisPostType.thesis_types(sub.type)
if x in thesis_types
])
if special_form.validate_on_submit():
banner_name, file_name = combo_save(
special_form.banner_field,
special_form.attachment)
t = Thesis(p.meeting_id,
type=special_form.type,
title=special_form.title.data,
body=special_form.body.data,
banner=banner_name,
attachments=file_name,
author=current_user.get_user())
commit()
return redirect(url_for('.blog_post', post=t.id))
else:
crumb = dict(url=url_for('.blog'), title='Post', parent='News')
elif p.classtype == 'Thesis':
if current_user.is_authenticated and opened_by_author and p.meeting.poster_deadline > datetime.utcnow(
):
sub = Subscription.get(user=current_user.get_user(),
meeting=p.meeting)
thesis_types = p.meeting.thesis_types
special_form = ThesisForm(
prefix='special',
obj=p,
body_name=p.body_name,
types=[
x for x in ThesisPostType.thesis_types(sub.type)
if x in thesis_types
])
if special_form.validate_on_submit():
p.title = special_form.title.data
p.body = special_form.body.data
p.update_type(special_form.type)
if special_form.banner_field.data:
p.banner = save_upload(special_form.banner_field.data,
images=True)
if special_form.attachment.data:
p.add_attachment(
*save_upload(special_form.attachment.data))
crumb = dict(url=url_for('.abstracts', event=p.meeting_id),
title='Abstract',
parent='Event participants')
special_field = '**Presentation Type**: *%s*' % p.type.fancy
elif p.classtype == 'TeamPost':
crumb = dict(url=url_for('.students'), title='Student', parent='Laboratory') \
if p.type == TeamPostType.STUDENT else dict(url=url_for('.about'), title='Member', parent='Laboratory')
if p.scopus:
special_field = get_articles(p.scopus)
elif p.type == BlogPostType.ABOUT:
crumb = dict(url=url_for('.about'),
title='Description',
parent='Laboratory')
else:
crumb = dict(url=url_for('.blog'), title='Post', parent='News')
""" collect sidebar news
"""
info = select(x for x in Post if x.id != post and x.post_type in (
BlogPostType.IMPORTANT.value,
MeetingPostType.MEETING.value)).order_by(
Post.date.desc()).limit(3)
return render_template("post.html",
title=title or p.title,
post=p,
info=info,
downloadable=downloadable,
children=children,
deletable=deletable,
edit_form=edit_post,
remove_form=remove_post_form,
crumb=crumb,
special_form=special_form,
special_field=special_field)
def dispatch_request(self, action=4):
form = FormRoute.get(action)
if not form or not form.is_profile():
return redirect(url_for('.profile'))
tabs = [
dict(title='Edit Profile',
glyph='pencil',
active=False,
url=url_for('.profile', action=FormRoute.EDIT_PROFILE.value)),
dict(title='Log out on all devices',
glyph='remove',
active=False,
url=url_for('.profile', action=FormRoute.LOGOUT_ALL.value)),
dict(title='Change Password',
glyph='qrcode',
active=False,
url=url_for('.profile',
action=FormRoute.CHANGE_PASSWORD.value))
]
admin = current_user.role_is(UserRole.ADMIN)
if admin:
tabs.extend([
dict(title='New Blog Post',
glyph='font',
active=False,
url=url_for('.profile',
action=FormRoute.NEW_BLOG_POST.value)),
dict(title='New Meeting Page',
glyph='resize-small',
active=False,
url=url_for('.profile',
action=FormRoute.NEW_MEETING_PAGE.value)),
dict(title='New Email Template',
glyph='envelope',
active=False,
url=url_for('.profile',
action=FormRoute.NEW_EMAIL_TEMPLATE.value)),
dict(title='New Team Member',
glyph='knight',
active=False,
url=url_for('.profile',
action=FormRoute.NEW_MEMBER_PAGE.value)),
dict(title='Ban User',
glyph='remove-circle',
active=False,
url=url_for('.profile', action=FormRoute.BAN_USER.value)),
dict(title='Change Role',
glyph='arrow-up',
active=False,
url=url_for('.profile',
action=FormRoute.CHANGE_USER_ROLE.value))
])
if form == FormRoute.EDIT_PROFILE:
message = 'Edit Profile'
tabs[0]['active'] = True
active_form = ProfileForm(obj=current_user.get_user())
if active_form.validate_on_submit():
u = User.get(id=current_user.id)
u.name = active_form.name.data
u.surname = active_form.surname.data
u.country = active_form.country.data
u.degree = active_form.degree.data
u.status = active_form.status.data
if active_form.banner_field.data:
u.banner = save_upload(active_form.banner_field.data,
images=True)
if active_form.affiliation.data:
u.affiliation = active_form.affiliation.data
elif u.affiliation:
u.affiliation = ''
if active_form.position.data:
u.position = active_form.position.data
elif u.position:
u.position = ''
if active_form.town.data:
u.town = active_form.town.data
elif u.town:
u.town = ''
flash('Profile updated')
elif form == FormRoute.LOGOUT_ALL:
message = 'Log out on all devices'
tabs[1]['active'] = True
active_form = ReLoginForm()
if active_form.validate_on_submit():
u = User.get(id=current_user.id)
u.change_token()
logout_user()
flash('Successfully logged out from all devices')
return redirect(url_for('.login'))
elif form == FormRoute.CHANGE_PASSWORD:
message = 'Change Password'
tabs[2]['active'] = True
active_form = ChangePasswordForm()
if active_form.validate_on_submit():
u = User.get(id=current_user.id)
u.change_password(active_form.password.data)
logout_user()
flash('Successfully changed password')
return redirect(url_for('.login'))
elif admin and form == FormRoute.NEW_BLOG_POST:
message = 'New Blog Post'
tabs[3]['active'] = True
active_form = PostForm()
if active_form.validate_on_submit():
banner_name, file_name = combo_save(active_form.banner_field,
active_form.attachment)
p = BlogPost(type=active_form.type,
title=active_form.title.data,
slug=active_form.slug.data,
body=active_form.body.data,
banner=banner_name,
attachments=file_name,
author=current_user.get_user())
commit()
return redirect(url_for('.blog_post', post=p.id))
elif admin and form == FormRoute.NEW_MEETING_PAGE:
message = 'New Meeting Page'
tabs[4]['active'] = True
active_form = MeetingForm()
def add_post():
banner_name, file_name = combo_save(active_form.banner_field,
active_form.attachment)
p = Meeting(
meeting=active_form.meeting_id.data,
deadline=active_form.deadline.data,
poster_deadline=active_form.poster_deadline.data,
participation_types=active_form.participation_types,
thesis_types=active_form.thesis_types,
order=active_form.order.data,
type=active_form.type,
author=current_user.get_user(),
title=active_form.title.data,
slug=active_form.slug.data,
body_name=active_form.body_name.data,
body=active_form.body.data,
banner=banner_name,
attachments=file_name)
commit()
return p.id
if active_form.validate_on_submit():
if active_form.type != MeetingPostType.MEETING:
if active_form.meeting_id.data and Meeting.exists(
id=active_form.meeting_id.data,
post_type=MeetingPostType.MEETING.value):
return redirect(url_for('.blog_post', post=add_post()))
active_form.meeting_id.errors = ['Bad parent']
else:
if active_form.deadline.data and active_form.poster_deadline.data:
return redirect(url_for('.blog_post', post=add_post()))
active_form.deadline.errors = ["Need deadline"]
active_form.poster_deadline.errors = ["Need deadline"]
elif admin and form == FormRoute.NEW_EMAIL_TEMPLATE:
message = 'New Email Template'
tabs[5]['active'] = True
active_form = EmailForm()
def add_post():
banner_name, file_name = combo_save(active_form.banner_field,
active_form.attachment)
p = Email(from_name=active_form.from_name.data,
reply_name=active_form.reply_name.data,
reply_mail=active_form.reply_mail.data,
meeting=active_form.meeting_id.data,
type=active_form.type,
author=current_user.get_user(),
title=active_form.title.data,
slug=active_form.slug.data,
body=active_form.body.data,
banner=banner_name,
attachments=file_name)
commit()
return p.id
if active_form.validate_on_submit():
if active_form.type.is_meeting:
if active_form.meeting_id.data and Meeting.exists(
id=active_form.meeting_id.data,
post_type=MeetingPostType.MEETING.value):
return redirect(url_for('.blog_post', post=add_post()))
active_form.meeting_id.errors = ['Bad parent']
else:
return redirect(url_for('.blog_post', post=add_post()))
elif admin and form == FormRoute.NEW_MEMBER_PAGE:
message = 'New Member'
tabs[6]['active'] = True
active_form = TeamForm()
if active_form.validate_on_submit():
banner_name, file_name = combo_save(active_form.banner_field,
active_form.attachment)
p = TeamPost(type=active_form.type,
title=active_form.title.data,
slug=active_form.slug.data,
body=active_form.body.data,
banner=banner_name,
attachments=file_name,
author=current_user.get_user(),
role=active_form.role.data,
scopus=active_form.scopus.data,
order=active_form.order.data)
commit()
return redirect(url_for('.blog_post', post=p.id))
elif admin and form == FormRoute.BAN_USER:
message = 'Ban User'
tabs[7]['active'] = True
active_form = BanUserForm()
if active_form.validate_on_submit():
u = User.get(email=active_form.email.data.lower())
u.active = False
flash('Successfully banned %s %s (%s)' %
(u.name, u.surname, u.email))
elif admin and form == FormRoute.CHANGE_USER_ROLE:
message = 'Change Role'
tabs[8]['active'] = True
active_form = ChangeRoleForm()
if active_form.validate_on_submit():
u = User.get(email=active_form.email.data.lower())
u.user_role = active_form.type.value
flash('Successfully changed %s %s (%s) role' %
(u.name, u.surname, u.email))
else: # admin or GTFO
return redirect(url_for('.profile'))
return render_template("forms.html",
subtitle='Profile',
title=current_user.full_name,
tabs=tabs,
form=active_form,
message=message)
def enroll(token):
token = jwt.decode(token, app.config['SECRET_KEY'])
user = current_user.get_user()
user.update(add_to_set__permissions=token['permission'])
return redirect(url_for('editor'))
def meeting_page(post):
special_form = None
if post.type != MeetingPostType.MEETING:
if current_user.is_authenticated and post.type == MeetingPostType.REGISTRATION \
and post.deadline > datetime.utcnow():
sub = Subscription.get(user=current_user.get_user(), meeting=post.meeting)
special_form = MeetForm(prefix='special', obj=sub, types=post.meeting.participation_types)
if special_form.validate_on_submit():
theses = list(Thesis.select(lambda x: x._parent == post.meeting and
x.author == current_user.get_user()))
if sub:
if special_form.type == MeetingPartType.LISTENER and theses:
special_form.part_type.errors = ['Listener participation type unavailable. '
'You sent thesis earlier.']
flash('Participation type change error', 'error')
else:
sub.update_type(special_form.type)
thesis_types = post.meeting.thesis_types
thesis_type = next(x for x in ThesisPostType.thesis_types(sub.type)[::-1]
if x in thesis_types)
for thesis in theses:
if thesis.type != thesis_type:
thesis.update_type(thesis_type)
flash('Thesis type changed! Check it.')
flash('Participation type changed!')
else:
Subscription(current_user.get_user(), post.meeting, special_form.type)
flash('Welcome to meeting!')
m = Email.get(_parent=post.meeting, _type=EmailPostType.MEETING_THESIS.value)
attach_files, attach_names = attach_mixin(m)
send_mail((m and m.body or '%s\n\nYou registered to meeting') % current_user.full_name,
current_user.email, to_name=current_user.full_name, title=m and m.title,
subject=m and m.title or 'Welcome to meeting', banner=m and m.banner,
from_name=m and m.from_name, reply_mail=m and m.reply_mail,
reply_name=m and m.reply_name,
attach_files=attach_files, attach_names=attach_names)
rid = select(x.id for x in Post if x._parent == post.meeting and
x._type == MeetingPostType.SUBMISSION.value).first()
return redirect(url_for('.blog_post', post=rid))
elif current_user.is_authenticated and post.type == MeetingPostType.SUBMISSION \
and post.thesis_deadline > datetime.utcnow():
sub = Subscription.get(user=current_user.get_user(), meeting=post.meeting)
if sub and sub.type != MeetingPartType.LISTENER:
thesis_count = Thesis.select(lambda x: x._parent == post.meeting and
x.author == current_user.get_user()).count()
if thesis_count < post.meeting.thesis_count:
thesis_types = post.meeting.thesis_types
special_form = ThesisForm(prefix='special', body_name=post.body_name,
types=[x for x in
ThesisPostType.thesis_types(sub.type, dante=thesis_count > 0)
if x in thesis_types])
if special_form.validate_on_submit():
banner_name, file_name = combo_save(special_form.banner_field, special_form.attachment)
t = Thesis(post.meeting_id, type=special_form.type,
title=special_form.title.data, body=special_form.body.data,
banner=banner_name, attachments=file_name, author=current_user.get_user())
flush()
return redirect(url_for('.blog_post', post=t.id))
crumb = dict(url=url_for('.blog_post', post=post.meeting_id), title=post.title, parent='Event main page')
else:
crumb = dict(url=url_for('.blog'), title='Post', parent='News')
children = [dict(title='Event main page', url=url_for('.blog_post', post=post.meeting_id))]
children.extend(dict(title=x.title, url=url_for('.blog_post', post=x.id)) for x in post.meeting.children.
filter(lambda x: x.classtype == 'Meeting').order_by(lambda x: x.special['order']))
children.append(dict(title='Participants', url=url_for('.participants', event=post.meeting_id)))
children.append(dict(title='Abstracts', url=url_for('.abstracts', event=post.meeting_id)))
return crumb, post.meeting.title, children, special_form
def confirm_delete(photo_id):
photo = Photo.query.filter_by(id=photo_id).first()
if photo.user_id != current_user.get_user().id:
return abort(404)
else:
return render_template("photo/confirm_delete.html", photo=photo)
