def save_block(subject_id, block_name): if not g.user: abort(401) from rule import StateMachine sm = StateMachine(subject_id) if not sm.check(block_name, g.user.occupation, "save"): abort(403) from prams import db import model bClass = getattr(model, block_name) qObj = bClass.query.filter_by(subject_id=subject_id).first() from rule import fieldTitle for fn in fieldTitle[block_name].iterkeys(): # fn is for field name # TODO: check data type before put into db if request.form.has_key(fn): content = request.form[fn] if content == "None": content = None else: content = None setattr(qObj, fn, content) # set attribute by name db.session.add(qObj) db.session.commit() flash("The Form sheet has been saved") sm.update() return redirect( url_for("subject", subject_id=str(subject_id)) ) # note: end_point is the HTML for the view_func, you are redirecting the current view to a page, thus it must have a template to remnder.
def display_block(mode, subject_id, block_name): if not g.user: abort(401) # 401 means unauthorize from rule import StateMachine sm = StateMachine(subject_id) if not sm.check( block_name, g.user.occupation, mode ): # always use state machine to implement access control. mode = action abort(403) # 403 means forbidden import model bClass = getattr(model, block_name) # get block class by its name given by string block_info = bClass.query.filter_by(subject_id=subject_id).first() sort_block_info = [] # sorting field by its name and return sort_block_info.append(["subject_id", block_info.subject_id]) sort_block_info.append(["status", block_info.status]) keys = sorted(block_info.__dict__.keys()) keys = keys[1:-2] for key in keys: sort_block_info.append([key, getattr(block_info, key)]) # append the key and its value from rule import fieldTitle sm.update() return render_template( "block.html", mode=mode, subject_id=subject_id, block_name=block_name, block_info=sort_block_info, title_map=fieldTitle[block_name], )
def seal_subject(subject_id): from rule import StateMachine sm = StateMachine(subject_id) if not sm.check('final_review', g.user.occupation, 'seal'): abort(403) flash('subject has been sealed.') sm.update() return redirect(url_for('subject', subject_id = subject_id))
def allocate_establishment_reference_number(subject_id): from rule import StateMachine sm = StateMachine(subject_id) if not sm.check('wait_to_allocate', g.user.occupation, 'allocate'): abort(403) flash('Allocation operation completed.') sm.update() return redirect(url_for('subject', subject_id = subject_id))
def view_subject(subject_id): if not g.user: abort(401) # basic information subject_info = {} subject_info['subject_id'] = subject_id from model import f1b1, Subject qObj = f1b1.query.filter_by(subject_id = subject_id).first() sObj = Subject.query.filter_by(subject_id = subject_id).first() subject_info['department'] = qObj.field01 subject_info['title'] = qObj.field02 subject_info['holder'] = qObj.field03 subject_info['new'] = qObj.field04 subject_info['subject_status'] = sObj.status extra_action = None done_before = False from rule import StateMachine sm = StateMachine(subject_id) if sObj.status in ('wait_to_allocate', 'wait_to_review', 'final_review'): extra_action = sObj.status from model import PendingJob done_before = (PendingJob.query.filter_by(subject_id = subject_id, stage = extra_action, to_user_occupation = g.user.occupation).first() == None) # form A table # order by: section, block responisbility action, status from rule import FormStructure import model fm = FormStructure() tb_fA = [] for block_name in fm.get_blocks('Form A'): bClass = getattr(model, block_name) tb_fA.append([ (block_name == sObj.status), # activated fm.get_sectionName(block_name), # section name block_name, # block name fm.get_responsibility(block_name), # responsibility sm.get_view_OR_edit(block_name, g.user.occupation), # action bClass.query.filter_by(subject_id = subject_id).first().status # block status ]) # form B table tb_fB = [] # form C table tb_fC = [] return render_template('subject.html', subject_info = subject_info, table_formA = tb_fA, table_formB = tb_fB, table_formC = tb_fC, extra_action = extra_action, sm = sm, done_before = done_before )
def add_subject(): if not g.user: abort(401) from rule import StateMachine sm = StateMachine() if not sm.check('subject', g.user.occupation, 'add'): abort(403) from prams import db from model import Subject newSubject = Subject() db.session.add(newSubject) db.session.flush() db.session.refresh(newSubject) row_id = newSubject.subject_id sm.cur_subject_id = row_id from model import f1b1 newFb = f1b1(row_id) db.session.add(newFb) from model import f1b2 newFb = f1b2(row_id) db.session.add(newFb) from model import f1b3 newFb = f1b3(row_id) db.session.add(newFb) from model import f1b4 newFb = f1b4(row_id) db.session.add(newFb) from model import f1b5 newFb = f1b5(row_id) db.session.add(newFb) from model import f1b6 newFb = f1b6(row_id) db.session.add(newFb) # # To estabalish more blocks. db.session.commit() flash('A new subject has been added, subject ID is "%d"' %row_id) sm.update() return redirect(url_for('all_subjects'))
def delete_subject(subject_id): if not g.user: abort(401) from rule import StateMachine sm = StateMachine(subject_id) if not sm.check('*', g.user.occupation, 'delete'): abort(403) from rule import FormStructure fm = FormStructure() from prams import db import model for bl in fm.get_blocks(): bClass = getattr(model, bl) qObj = bClass.query.filter_by(subject_id = subject_id).first() db.session.delete(qObj) db.session.commit() sObj = model.Subject.query.filter_by(subject_id = subject_id).first() db.session.delete(sObj) db.session.commit() sm.update() flash('The Subject ' + subject_id + ' has been deleted.') return redirect(url_for('all_subjects'))
def submit_block(subject_id, block_name): if not g.user: abort(401) from rule import StateMachine sm = StateMachine(subject_id) if not sm.check(block_name, g.user.occupation, "submit"): abort(403) # check for validation and update the subject status from prams import db import model sObj = model.Subject.query.filter_by(subject_id=subject_id).first() bClass = getattr(model, block_name) qObj = bClass.query.filter_by(subject_id=subject_id).first() if qObj.status == 2: flash("THe block had been submitted and can't be submitted again.") return redirect(url_for("subject", subject_id=str(subject_id))) from rule import fieldTitle for fn in fieldTitle[block_name].iterkeys(): # fn is for field name if not request.form.has_key(fn): # some field would be None if it is not be filled. flash("The form is not completed.") return redirect(url_for("subject", subject_id=str(subject_id))) content = request.form[fn] # check data type before put into db if content == "None": flash("The form is not completed.") return redirect(url_for("subject", subject_id=str(subject_id))) setattr(qObj, fn, content) ## update the status db.session.add(qObj) db.session.commit() sm.update() flash("The form has been submitted.") return redirect(url_for("subject", subject_id=str(subject_id)))